Forthcoming articles

International Journal of Security and Networks

International Journal of Security and Networks (IJSN)

These articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Register for our alerting service, which notifies you by email when new issues are published online.

Open AccessArticles marked with this Open Access icon are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.
We also offer which provide timely updates of tables of contents, newly published articles and calls for papers.

International Journal of Security and Networks (21 papers in press)

Regular Issues

  • Characterizing Spatial Dependence on Epidemic Thresholds in Networks   Order a copy of this article
    by Zesheng Chen 
    Abstract: Epidemic processes are an important security research topic for both the Internet and social networks. The epidemic threshold is a fundamental metric used to evaluate epidemic spread in networks. Previous work has shown that the epidemic threshold of a network is $1/lambda_{max}(A)$, i.e., the inverse of the largest eigenvalue of its adjacency matrix. In this work, however, we indicate that such a theoretical threshold ignores spatial dependence among nodes and hence underestimates the actual epidemic threshold. Moreover, inspired by the Markov Random Field, we analytically derive a more accurate epidemic threshold based on a spatial Markov dependence assumption. Our model shows that the epidemic threshold is indeed $1/lambda_{max}(A)(1-rho)$, where $rho$ is the average spatial correlation coefficient between neighboring nodes. We then apply simulations to compare the performance of these two theoretical epidemic thresholds in different networks, including regular graphs, synthesized irregular graphs, and a real topology. We find that our proposed epidemic threshold incorporates a certain spatial dependence and thus achieves greater accuracy in characterizing the actual epidemic threshold in networks.
    Keywords: Epidemic thresholds; susceptible-infected-susceptible (SIS) model; spatial dependence; Markov Random Field; Markov model; mean-field approach.

  • Location big data differential privacy dynamic partition release method   Order a copy of this article
    by Yan Yan, Lianxiu Zhang, Bingqian Wang, Xin Gao 
    Abstract: Aiming at the privacy protection requirements in real-time statistical publishing process of location big data, a dynamic partition method is proposed based on differential privacy mechanism. The temporal redundancy between adjacent data snapshots has been eliminated by sampling and differential processing of dynamic location big data, and the spatial redundancy of location big data has been reduced by adaptive density meshing and uniformity heuristic quadruple partitioning. Differential privacy protection has been realized by adjusting partition structures of the current data set on the spatial structure of previous moment and adding Laplace noise. Experiments carried out on the cloud computing platform and real location big data sets show that the proposed algorithm can meet the dynamic partition release requirements of real-time location big data, and the query precision of single-released location big data is better than other similar methods.
    Keywords: location big data; dynamic partition release; differential privacy; temporal redundancy; spatial redundancy.

  • Data Integrity Attack Detection in Smart Grid: A Deep Learning Approach   Order a copy of this article
    by Sunitha Basodi, Song Tan, WenZhan Song, Yi Pan 
    Abstract: Cybersecurity in smart grids plays a crucial role in determining reliable functioning and availability. Data integrity attacks at the physical layer of smart grids are mainly addressed in this paper. State Vector Estimation(SVE) methods are widely used to detect such attacks, but such methods fail to identify attacks that comply with physical properties of the grid, known as unobservable attacks. In this paper, we formulate a distance measure to be employed as the cost function in deep-learning models using feedforward neural network architectures to classify malicious and secured measurements. Efficiency and performance of these models are compared with existing state-of-the-art detection algorithms and supervised machine learning models. Our analysis shows better performance for deep learning models in detecting centralized data attacks.
    Keywords: smart grids; bad data detection; state vector estimation; deep learning; IEEE test bus systems; matpower; keras with tensorflow.

  • A real-time botnet detection model based on an efficient wrapper feature selection method   Order a copy of this article
    by Akram Farahmand-Nejad, Samira Noferesti 
    Abstract: Botnets are one of the most widespread and serious threats of cybersecurity that have infected millions of computers around the world over the past few years. Previous research has shown that machine learning methods can accurately detect botnet attacks. However, these methods often do not address the problem of real-time botnet detection, which is one of the main challenges in this area and is essential to prevent the damage caused by botnet attacks. This paper aims to present an efficient real-time model for botnet detection. In the proposed method, a subset of the effective features in detecting the bot traffic is initially selected using the World Competitive Contests Algorithm. Then, based on the selected features, a support vector machine model is created offline to detect real-time bot traffic from the normal one. The test results show that the proposed method can detect botnets with 95% accuracy and outperforms other methods.
    Keywords: network security; botnets; real time; machine learning; support vector machine; SVM; feature selection; world competitive contests algorithm; WCC; wrapper methods; botnet attacks.

  • AudioKey: A Usable Device Pairing System Using Audio Signals on Smartwatches   Order a copy of this article
    by Jiacheng Shang, Jie Wu 
    Abstract: Smartwatches are expected to replace smartphones in some applications with better user experience because of a greater range of features and new innovations such as audio recording, activity recognition, and data transmission. In this paper, we develop a system called AudioKey, aiming to pair two smartwatches by generating a unique secret key between them. Compared with existing works, our system does not need extra infrastructure to synchronize devices and trigger the key generation process, and only uses the existing sensors (gyroscope and microphone) that are deployed on most smartwatches. AudioKey triggers the key generation process on two devices at the same time by detecting the handshake between two normal users. A secret key is extracted from both the frequency domain and the time domain of audio signals and used to authenticate each other or encrypt the sensitive data. Evaluation results collected on 9 volunteers in three different scenarios show that our system can achieve a bit generation rate of 13.4 bits/s with the mean key agreement rate of $96.7\\%$ for a 128-bit secret key, while a strong attacker can only achieve a mean key agreement of $10.8\\%$.
    Keywords: Human activity recognition; Secret key generation.

  • Text Similarity Semantic Calculation Based On Deep Reinforcement Learning   Order a copy of this article
    by Guanlin Chen, Xiaolong Shi, Moke Chen, Liang Zhou 
    Abstract: Semantic analysis is a fundamental technology in natural language processing. Semantic similarity calculations are involved in many applications of natural language processing, such as QA system, machine translation, text similarity calculation, text classification, information extraction and even speed recognition, etc. This paper proposes a new framework for computing semantic similarity: Deep Reinforcement Learning For Siamese Attention Structure Model(DRSASM). The model learns word segmentation automatically and word distillation automatically through reinforcement learning. The overall architecture LSTM network to extract semantic features, and then introduces a new Attention mechanism model to enhance semantics. The experiment show that this new model on the SNLI data set and Chinese business data set can improve the accuracy compared to current base line structure models.
    Keywords: Big Data; Machine learning; Deep learning; Natural language processing; Semantic similarity; Semantic computing; Reinforcement learning; Attention model; LSTM model.

  • Optimal Network Defense Strategy Selection Based on Bayesian Game   Order a copy of this article
    by Zengguang Wang, Yu Lu, Xi Li 
    Abstract: Existing passive defense methods cannot effectively guarantee network security; to solve this problem, a novel method is proposed that selects the optimal defense strategy. The network attack-defense process is modeled based on the Bayesian game. The payoff is quantified from the impact value of the attack-defense actions. The optimal defense strategy is selected that takes defense effectiveness as the criterion. The rationality and feasibility of the method are verified through a representative example, and the general rules of network defense are summarized. Compared to the classic strategy selection methods based on game theory, the proposed method can select the optimal strategy in the form of pure strategy by quantifying defense effectiveness, which was proven to perform better.
    Keywords: network security; network attack-defense process; Bayesian game; incomplete information; attack-defense payoffs; Nash equilibrium; strategy selection; defense effectiveness; pure strategy; optimal defense strategy.

  • Designing a Secure Positioning System Using Blockchain Technology   Order a copy of this article
    by Rajrupa Singh, Selvakumar R 
    Abstract: Achieving a secure positioning system is one of the most prominent issues in the field of wireless security. The central task of this paper is introducing a system that is provably secure for sharing the most sensitive data among the users in a peer-to-peer network. In such systems, the geographical position of the users or the nodes in the network plays a vital role in maintaining the security of the entire network especially for defense purpose. Apart from the existing Bounded Storage Models, the system gives a positive result for "Secure Positioning Problem". The designing of the proposed system is based on the network, where the public ledger is maintained by all the nodes independently without any central authority. This zero knowledge protocol proposed in this paper makes the search space size to grow exponentially, which is a major challenge for the intruder to prove their position.
    Keywords: Blockchain; Position-Based Access; Peer-to-Peer Networks; Zero-knowledge Proof; Low Storage Nodes; Authentication and Authorization.

  • Secure Outsourcing of Modular Inverses and Scalar Multiplications on Elliptic Curves   Order a copy of this article
    by Yuan Ping, Xuyang Guo, Baocang Wang, Jingxian Zhou 
    Abstract: In the big data era, we can collect more data than ever before yet to analyze them remains a challenge of pricey analysis to normal users. As the core of the widely-used elliptic curve cryptosystems, modular inverse and point multiplication are worthy of being outsourced as services for their fundamental and pricey computation. However, this raises security concerns, especially on the untrusted cloud. Towards these issues, in this paper, we propose two outsourcing protocols to do these two operations, respectively. For efficiency aspects, in the first protocol, only three modular multiplications required by the client to outsource a modular inverse operation to the cloud. In the second protocol, a point multiplication operation can be carried out just by doing two addition operations on elliptic curves. For security aspects, in both protocols, the input is randomly split into two parts to meet the input privacy and output privacy. The security of both protocols is theoretically proved under a single server and the non-colluding two servers models, respectively. Furthermore, the cheating behaviors of the servers can be detected by probabilities of 100% and 75%, respectively. Besides the proposed two secure outsourcing protocols achieve the highest security goal, namely, perfect privacy (or unconditional security), simulation experiments confirm the significant improvement on efficiency in comparison of the corresponding traditional ones.
    Keywords: Cloud Computing; Secure Outsourcing; Modular Inverse; Point Multiplication; Elliptic Curve; Public Key Cryptography.

  • Fog Computing: Survey on Decoy Information Technology   Order a copy of this article
    by Muhyidean Altarawneh, Wesam Almobaideen 
    Abstract: Fog computing extends the cloud paradigm to the edge of the network, thus covering deficiencies that are in cloud computing infrastructure. Security concerns are reduced, but this does not provide a secured platform, since data could be simply compromised in constrained environments. This survey emphasizes on possible security mechanisms that uses technologies like user behavior profiling and decoy technology to mitigate security threats. It mainly focuses on reviewing papers that have used decoy technology on fields of fog computing and other environments that fall under the same umbrella. After comparing papers, based on the results, classifications were provided in different perspectives such as detecting unauthorized access and decoy technology deployment. These classifications could support in selecting the best practice based on the required function and environment of deployment.
    Keywords: decoy technology; honeypots; security; fog computing; constrained networks.

  • Packing Resistant Solution to Group Malware Binaries   Order a copy of this article
    by Ahmad Azab 
    Abstract: Malware is still identified as a serious threat on the Internet and considered the main tool utilized by cybercriminals to conduct their malicious actions against corporations, government agencies and individuals. Malware authors embed numerous techniques, such as obfuscation and morphing, to avoid detection by anti-virus engines and facing hardened zero-day detection. To address this problem, we propose a solution that groups malware binaries belonging to the same variant, regardless of whether they are packed or not. Our approach deploys similarity measures between the malware binaries of the same variant by applying data mining concepts in conjunction with hashing algorithms. In this paper, we assess Trend Locality Sensitive Hashing (TLSH) and SSDEEP hashing algorithms to group packed and unpacked binaries of the same variants, deploying K-NN learning algorithm. Two Zeus variants are used - Mal_ZBOT and TSPY_ZBOT - to address the effectiveness of the proposed approach. The experimental results reflect our method's effectiveness in grouping binaries of the same variant, its resilience to common obfuscations used by cybercriminals and a poor performance with regard to applying the hashing algorithm without the data mining concept. The best result attained over both packed and unpacked binaries is 0.982 F-Measure.
    Keywords: Malware; Hashing; Datamining; Zeus.

  • Evaluating the behavior of stream learning algorithms for detecting invasion on wireless networks   Order a copy of this article
    by Cláudio Alves, Flávia Bernardini, Leandro Sousa, Edwin Mitaac 
    Abstract: Ensuring protection in computer networks is an increasingly difficult task because of the sheer number and variability of threats currently encountered. Intrusion Detection Systems (IDS) is usually used to improve the security of information in computers networks, including any content that has value to a person or company. IDS monitor computers or networks to identify malicious activity or unauthorized access. An open issue is how much data is necessary for constructing models for predicting invasion in wireless networks, specially considering that are some scenarios that dataset is not promptly available. Our approach should consider constructing classifiers given a dataset and, as the dataset grows, new classifiers are constructed. Other strategy is explore stream learning algorithms that adapt models along the time. In addition to studying the applicability of stream learning algorithms. This work aims to investigate whether in terms of processing time, stream algorithms are more efficient than batch ones.
    Keywords: Stream Learning; Intrusion Detection Systems (IDS); Wireless Networks.

  • Multi-Party Computation Review for Secure Data Processing in IoT-Fog Computing Environment   Order a copy of this article
    by Bhabendu Kumar Mohanta, Debasish Jena, Srichandan Sobhanayak 
    Abstract: In the last decade Internet of Things (IoT) technology becomes useful in almost every application fields. IoT-Cloud based architecture is insufficient to handle the requirement of IoT like latency, bandwidth, and volume of data. Fog computing can address those problems by providing processing and services to end-users at the edge network. In centralized system computation and processing was done in a centralized way. Some of the issues in that centralized system are malicious behavior, node capture, and failure. The solution for this would be if multiple parties do the computation then the decision can be reliable, trustworthy. In this paper, authors first used IoT-Fog-Cloud architecture to explain the need to multi-party computation in IoT applications. Secondly, authors review existing work in term of the basic working principle of multi-party computation and already used applications area. Lastly paper described the solution approach to perform the secure multi-party computation in term of Blockchain Technology.
    Keywords: IoT; Fog Computing; Cloud computing; Multi-Party Computation; Security; Blockchain; Distributed.

  • A Framework for Security Enhancement in Multitenant SDN-based Datacenters   Order a copy of this article
    by Mostafa Ammar, Ayman Abdel-hamid, Mohamed Rizk, Magdy Abdelazim 
    Abstract: Nowadays, there is a rising demand for enterprises to migrate datacenter into public cloud. This transfer has several drivers such as decreasing datacenter operational cost and increasing scalability. Moreover, it motivated cloud providers to construct more multitenant datacenters. On the other hand, cyber attacks against IT infrastructures are becoming sophisticated. Protection against datacenter adversaries requires integration between security middleboxes such as (Intrusion detection system (IDS), firewall (FW)) and network layer. In this paper, a framework is proposed to enhance security for software defined network (SDN) based multitenant datacenters. A novel mechanism is introduced to only forward suspicious traffic for deep packet inspection(DPI) without affecting any other traffic. Attack graphs are used to specify all possible attack scenarios against datacenter network. Framework proof of concept prototype is implemented using a mixed emulation and simulation environment. A typical multitenant data center network topology is used to test and evaluate framework performance. Moreover, different types of traffic (TCP, UDP) and typical middleboxes are used in experiments. Performance evaluation Results show framework feasibility and performance against attacks while not affecting delay sensitive traffic.
    Keywords: SDN; datacenter; multitenancy; security; attack graph; deep packet inspection.

  • A Game Theoretic Approach Based on Intrusion Tolerant Systems   Order a copy of this article
    by Nouhad Sanoussi, Ghizlane Orhanou, Said El Hajji 
    Abstract: Despite the enormous efforts made to guarantee a great level of security in the network, this is still far from being completely solved. Hence, to continue providing proper services in threatening environments there is a need for intrusion tolerance. The purpose of an Intrusion Tolerant System (ITS) is to survive against every intrusion, rather than to prevent them. Unfortunately, these mechanisms of defense require a huge investment andrnan accurate study of the network to effectively secure the infrastructure. The weakness of the traditional network security solutions is that they lack a quantitative decision framework. Game theory approaches proved their efficiency in this issue. Therefore, in this paper, we propose a game theoretic approach to model the attack-defense interaction in taking into account both internal and external attacks and analyze the effect of intrusion tolerant system on the payoff of both the internal and external attacker and the defender.rnA MATLAB simulation is used to illustrate the game model and calculate the frequency of attack strategy and invest in tolerance strategy.
    Keywords: Network security; ITS; Game Theory; Attacker; Bayesian Game.

  • An improved weighted centroid localization algorithm for wireless sensor networks in coal mine underground   Order a copy of this article
    by Haibo Liu, Yujie Dong, Fuzhong Wang 
    Abstract: In view of the practical characteristics of coal mine underground working environment and the low positioning accuracy of existing algorithm, an improved weighted centroid localization algorithm based on received signal strength indicator (RSSI) is proposed. Firstly, the environmental parameters of RSSI ranging are modified by the least square method to eliminate the influence of various interferences on the measured data. The exponential factor and the modified RSSI value are directly calculated to determine the coordinates of the unknown node. The exponential factor is optimized by an improved quantum particle swarm optimization algorithm based on the criterion of minimum root mean square error. The simulation results show that the proposed algorithm can reduce the influence of complex environment factors in the positioning process and has the better positioning accuracy than the traditional method, which meets requirements of personnel location precision in underground long-distance roadway.In view of the practical characteristics of coal mine underground working environment and the low positioning accuracy of existing algorithm, an improved weighted centroid localization algorithm based on received signal strength indicator (RSSI) is proposed. Firstly, the environmental parameters of RSSI ranging are modified by the least square method to eliminate the influence of various interferences on the measured data. The exponential factor and the modified RSSI value are directly calculated to determine the coordinates of the unknown node. The exponential factor is optimized by an improved quantum particle swarm optimization algorithm based on the criterion of minimum root mean square error. The simulation results show that the proposed algorithm can reduce the influence of complex environment factors in the positioning process and has the better positioning accuracy than the traditional method, which meets requirements of personnel location precision in underground long-distance roadway.
    Keywords: wireless sensor networks; localization; least square algorithm; quantum-behaved particle swarm optimization; RSSI.

  • Hidden Markov models for advanced persistent threats   Order a copy of this article
    by Guillaume Brogi, Elena Di Bernardino 
    Abstract: Advanced persistent threats (APT) are a serious security risk and tools suited to their detection are needed. These attack campaigns do leave traces in the system, and it is possible to reconstruct part of the attack campaign from these traces. In this article, we describe a hidden Markov model for the evolution of an APT. The aim of this model is to validate whether the evolution of the partially reconstructed attack campaigns are indeed consistent with the evolution of an APT. Since APTs are hard to detect, we also introduce a score to take into account potentially undetected attacks. In addition, the score also allows comparing the fit of APTs of different lengths. We validate and illustrate both the model and the score using data obtained from experts.
    Keywords: intrusion detection; advanced persistent threats; APT; attack campaign; machine learning; hidden Markov models; HMM; score; missing observations; undetected attacks; expert knowledge.
    DOI: 10.1504/IJSN.2019.10024503
  • Non-malleable encryption with proofs of plaintext knowledge and applications to voting   Order a copy of this article
    by Ben Smyth, Yoshikazu Hanatani 
    Abstract: Non-malleable asymmetric encryption schemes which prove plaintext knowledge are sufficient for secrecy in some domains. For example, ballot secrecy in voting. In these domains, some applications derive encryption schemes by coupling malleable ciphertexts with proofs of plaintext knowledge, without evidence that the sufficient condition (for secrecy) is satisfied nor an independent security proof (of secrecy). Consequently, it is unknown whether these applications satisfy desirable secrecy properties. In this article, we propose a generic construction for such a coupling and show that our construction produces non-malleable encryption schemes which prove plaintext knowledge. Furthermore, we show how our results can be used to prove ballot secrecy of voting systems. Accordingly, we facilitate the development of applications satisfying their security objectives.
    Keywords: asymmetric encryption; ballot secrecy; homomorphic encryption; indistinguishability; non-malleability; privacy; secrecy; voting.
    DOI: 10.1504/IJSN.2019.10024505
  • OAP-WMN: optimised and secure authentication protocol for wireless mesh networks   Order a copy of this article
    by Malek Rekik, Amel Meddeb-Makhlouf, Faouzi Zarai, Petros Nicopolitidis 
    Abstract: Wireless mesh networks (WMN) proposes many attractive features to mobile networking area such as: self-reconfiguration and self-organisation which make it more flexible, easy deployed and not expensive. But, these features make it constantly overwhelmed with different types of security threats. In this article, we propose an optimised and secure authentication and re-authentication schemes based on the extensible authentication protocol (EAP) mechanism. The proposed solution ensures security of WMN handoff and with a better QoS. It achieves this by reducing the number of exchanging messages and computations in the proposed authentication and re-authentication processes. Besides, we choose to secure the link layer that makes the authentication process more efficient and optimised. For performance evaluation, we use the OPENSSL tool to compare our work with some related work and the result is good. Moreover, the security of our authentication scheme has been affirmed with the AVISPA tool.
    Keywords: wireless mesh network; WMN; IEEE 802.11s; extensible authentication protocol; EAP; authentication; handoff; QoS; AVISPA.
    DOI: 10.1504/IJSN.2019.10024506
  • A novel cryptographic solution to secure mobile wireless sensors networks   Order a copy of this article
    by Imen Bouabidi, Pr. Mahmoud Abdellaoui 
    Abstract: Due to the constraints of sensors networks, implementing a secure network requires the development of new approaches dedicated and adapted to these networks. In this context, we proposed in this paper a new cryptographic solution based on grouping a modified AES in CTR mode and a new key management protocol. The originality of our solution is to obtain a high security level with regard to a minimal resources use (storage only three keys whatever the network density). Our goal is to secure communications between nodes. Simulations are executed by OMNet++ and Visual C++ Studio. Compared to existing protocols, our cryptographic solution presents better results in WSN metrics: it achieves lower energy consumption (the energy cost does not exceed 0.512 µj), loss of packets and control overhead and higher average throughput (it achieves 45,177 bps), data freshness and better packets send ratio. Also, it resists against several attacks: jamming, node capture, etc.
    Keywords: AES; CTR mode; efficient and scalable key management scheme; ESKMS; integrity; mobile WSN; OMNet++; privacy; resistance to attacks; symmetric cryptography.
    DOI: 10.1504/IJSN.2019.10024508
  • Medical image protection using diffusion, substitution and reversible data hiding based on prediction   Order a copy of this article
    by L. Mancy, S. Maria Celestin Vigila 
    Abstract: Owing to the expanding benefit for tele-health amenities have developed awareness in the practice of medicinal image protection expertise. It mostly condensed with patient report that are cautious and must only offered to allowable personality. So the medicinal image safety becomes a very great complexity when victim data are fetched through the open system. At first, the secret key of 128 bit size is generated by image histogram and the medical image is encrypted by diffusion and substitution process. Then the secret key is embedded within the cipher image by the process of steganography to obtain key embedded cipher image. At last, the patient details are embedded into the key embedded cipher image and later on, the patient details and the key is extracted. Finally, using the extracted key, decryption operation is performed to get the original image.
    Keywords: histogram; encryption; decryption; steganography; reversible data hiding; diffusion; substitution.
    DOI: 10.1504/IJSN.2019.10024509