Forthcoming and Online First Articles

International Journal of Security and Networks

International Journal of Security and Networks (IJSN)

Forthcoming articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Online First articles are published online here, before they appear in a journal issue. Online First articles are fully citeable, complete with a DOI. They can be cited, read, and downloaded. Online First articles are published as Open Access (OA) articles to make the latest research available as early as possible.

Open AccessArticles marked with this Open Access icon are Online First articles. They are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.

Register for our alerting service, which notifies you by email when new issues are published online.

We also offer which provide timely updates of tables of contents, newly published articles and calls for papers.

International Journal of Security and Networks (19 papers in press)

Regular Issues

  • VoIP security auditing model based on COBIT 4.1   Order a copy of this article
    by Oscar Danilo Gavilanez Alvarez, Glen Dario Rodriguez Rafael 
    Abstract: The article justifies the need for a specific model of VoIP security auditing that evaluates the incidence of security problems and addresses the challenges in terms of protecting IT resources. The current VoIP security problems are determined based on the analysis of auditing frameworks, and a model based on COBIT 4.1 is proposed to address these problems. As an innovation, the model includes the security culture plan and social engineering from the approach of the user as an IT service customer. In this work, we present the validation of the surveys using Cronbachs alpha and the results of the statistical average of the surveys applied to experts in social engineering and security auditing in VoIP. The proposed VoIP Security Auditing Model, called VoIPSAM, considers four domainsPlan and Organize, Monitor and Evaluate, Acquire and Implement, and Delivery and Supportwhich consider specific security policies for its application.
    Keywords: model of security auditing; social engineering; security culture plan; VoIP; COBIT.

  • Using Blockchains to protect Critical Infrastructures: a comparison between Ethereum and Hyperledger Fabric   Order a copy of this article
    by Wilson Melo, Lucas S. Dos Santos, Lucila M. S. Bento, Paulo R. Nascimento, Carlos A. R. Oliveira, Ramon R. Rezende 
    Abstract: The monitoring and protection of critical infrastructures, especially the ones involving physical assets (e.g., dams, nuclear energy facilities, governmental buildings), constitute a challenging problem. The failure and collapse of these infrastructures can cause untold consequences. Recent works have proposed blockchains as a tool to improve monitoring systems in different critical infrastructures. However, most previous works lack on presenting a more in-depth discussion about how to implement these solutions. In this paper, we develop a practical approach. We propose a comprehensive framework that describes how to implement a blockchain-based system to monitor and protect critical infrastructures. We implement our framework in two distinct blockchain platforms: Ethereum and Hyperledger Fabric. We compare both implementations and discuss their differences in terms of performance, easiness of development, security, privacy, complexity, and costs. We believe that our results can be valuable for professionals interested in applying blockchain-based solutions to protect critical infrastructures.
    Keywords: blockchain; critical infrastructures; cyber-physical systems; security.

  • Simulated Study of the Influence of Node Density on the Performance of Wireless Sensor Networks   Order a copy of this article
    by Aaron Rababaah 
    Abstract: This paper investigates the impact of local and global node density in cluster-based structured Wireless Sensor Networks (WSNs). The local density represents sensor node density (SND) in a cluster whereas, global node density relates to head node density (HND) in the entire WSN. The literature rarely addresses the impact of density on WSNs performance as the focus is typically on protocols, routing, scheduling, clustering and network longevity. Often, the density of nodes is assumed heuristically, but not based on empirical experiments. In this work, we address this issue by measuring the impact of node density on four performance metrics: isolated sensor nodes, isolated head nodes, network detection effectiveness and network tracking accuracy. Using an in-house simulator, a total of 5200 experiments were conducted and performance-metrics were collected and analyzed. The results revealed interesting relationships among the studied variables and identified best performing node densities locally and globally.
    Keywords: wireless sensor networks; clustered networks; tracking accuracy; detection effectiveness; local node density; global node density.

  • Network tolerance optimization to random and target attacks based on percolation theory   Order a copy of this article
    by Xiaoteng Yang, Zhenqiang Wu, Jun Yan, Mubarak Umar 
    Abstract: A social network system has a failure characteristics for random attacks of components or target attacks. This paper constructs related models for complex network defense systems to support the integrity of the social network system. First, we discuss the impact of component failure on complex systems and determine the risk scope. Second, based on the attack tolerance of the percolation theory, we verify the robustness of the network system through the percolation threshold fc to determine its optimal distribution. Third, we build a bimodal-distributed network model based on the network optimality to resist network failure.The model simulation results show that when the degree node is Kmin and Kmax in the complex networks, these nodes themselves form a largest cluster to guarantee the integrity of the network system, and to ensure that the network is still robust to subsequent attacks after the removal of the central hub nodes.
    Keywords: Network defense system;percolation theory;attack tolerance;bimodal-distributed network model.
    DOI: 10.1504/IJSN.2021.10040383
  • Security Enhanced Android for an Enterprise   Order a copy of this article
    by Rameez Rehman, Syed, Mudassar Waheed, Ammar Masood 
    Abstract: Mobile devices have emerged as one of the most common means of communication in current times. Mobile devices are commonly used to either access or store private information of the users, which make them a treasure trove for malicious intent attackers. Additionally, enterprises also encourage users to use their own mobile devices which not only leads to users convenience but at the same time also serve to decrease costs and higher employee productivity for an enterprise. In this scenario, an attack on employee's mobile device will not only uncover personal information of the employee but also the enterprise's secrets and protected data. Thus highlighting the requirement for strong protection of data stored on these devices and also the need for hardening the mobile devices against malicious attacks. One such approach for an enterprise would be to reinforce the underlying Android operating system (OS) which is the one most widely used in current mobile devices due to its open source nature. With this focus we first carried out a security feature comparison of Android Open Source Project (AOSP) based OS with iOS (iPhone's Operating System) to identify potential enhancements for a secure Android OS for the enterprise. Subsequently an analysis of custom Android ROMs was performed to further refine security enhancements in an enterprise scenario. Present work follows a risk assessment approach through a comprehensive security comparison of stock Android with iOS and custom ROMs to establish security requirements for Android in an enterprise scenario.
    Keywords: Android Security; Android custom ROMs; Enterprise Security Requirement; Security Enhancements in Android; Mobile OS security; iOS security.

  • A new Wrapper Feature Selection model for Anomaly based Intrusion Detection Systems   Order a copy of this article
    by Meriem Kherbache, Kamal Amroun, David Espes 
    Abstract: Feature selection is a fundamental phase of Anomaly-based intrusion detection. It is a method that selects the near-optimal subset of features to improve the effectiveness of an anomaly-based Intrusion Detection System (IDS). A near-optimal subset of features is one of the main factors to reduce the number of false positives and the classifier execution time. To select this subset of features, this paper introduces a new method that combines the Agglomerative Hierarchical Clustering (AHC) algorithm with the Support Vector Machine (SVM) classifier. An intelligent process classifies the features according to their variances for each attack category. The features are selected based on their variance and grouped by their variance similarities. An iterative algorithm is used to combine the obtained attack clusters with normal traffic to form subsets of candidate combinations. The SVM classifier is applied to find the best combination of features. The NSL-KDD and CICIDS2017 datasets are used to estimate the effectiveness of the proposed method. The evaluation results show that our algorithm increases significantly the detection accuracy and improves the detection time. The results show that the proposed approach significantly reduced the number of features for each attack (about 80% for the NSL-KDD dataset and 90% for the CICIDS2017 dataset). Moreover, it performs very well on any type of attack (whether stealthy or not) and outperforms other existing approaches. Perfect accuracy of 100% is achieved for some stealthy and complex attacks such as Heartbleed, SQL Injection and Botnet attacks.
    Keywords: Intrusion Detection System; Feature Selection; Agglomerative Hierarchical Clustering; Support Vector Machine.
    DOI: 10.1504/IJSN.2022.10045635
  • Implementation of Quasi-Newton Algorithm on FPGA for IoT Endpoint Devices   Order a copy of this article
    by Shizhen Huang, Anhua Guo, Kaikai Su, Siyu Chen, Ruiqi Chen 
    Abstract: With the recent developments in the Internet of Things (IoT), there has been a significant rapid generation of data. Theoretically, machine learning can help edge devices by providing a better analysis and processing of data near the data source. However, solving the nonlinear optimization problem is time-consuming for IoT edge devices. A standard method for solving the nonlinear optimization problems in machine learning models is the Broyden-Fletcher-Goldfarb-Shanno (BFGS-QN) method. Since the field-programmable gate arrays (FPGAs) are customizable, reconfigurable, highly parallel, and cost-effective, the present study envisaged the implementation of the BFGS-QN algorithm on an FPGA platform. Using half-precision floating-point numbers and single-precision floating-point numbers to save the FPGA resources were adopted to implement the BFGS-QN algorithm on an FPGA platform. The results indicate that compared to the single-precision floating-point numbers, the implementation of the mixed-precision BFGS-QN algorithm reduced 27.1% look-up tables, 18.2% flip-flops, and 17.9% distributed random memory.
    Keywords: IoT; edge computing; machine learning; nonlinear optimization; BFGS-QN; FPGA.

  • Heterogeneous Big Data Fusion in Distributed Networking Systems for Anomaly Detection and Localization   Order a copy of this article
    by Yuan Zuo, Xiaozhou Zhu, Jiangyi Qin, Wen Yao 
    Abstract: An efficient anomaly detection and localization mechanism is crucial for achieving high-quality network services. In particular, learning-based methods have recently been developed to achieve this goal by discovering helpful information from a massive amount of heterogeneous network data. However, heterogeneous data from various network components lead to significant challenges and an unexpected burden for analysis. The distributed scale of networking systems challenges data integrity and knowledge retrieval due to the separation of coupled functions over the distributed system. In this article, an insightful survey is performed by thoroughly reviewing recent academic and industrial contributions regarding anomaly detection and localization. To tackle the issues, we propose a new framework to effectively learn informative representations of heterogeneous data and fuse this information for efficient anomaly detection and localization. Furthermore, a case study is presented for anomaly detection and localization through learning data representations and performing heterogeneous data fusion.
    Keywords: Data heterogeneity; Distributed networking systems; Anomaly detection; Anomaly localization; Machine learning.

  • Entropy and likelihood based detection of DGA generated domain names and their families   Order a copy of this article
    by Ashutosh Bhatia, Deepak Vishvakarma, Rekha Kaushik, Ankit Agrawal 
    Abstract: Botnet is a network of hosts (bots) infected by a common malware and controlled by command and control (C&C) servers. Once the malware is found in an infected host, it is easy to get the domain of its C&C server and block it. To counter such detection, many malware families use probabilistic algorithms, known as domain generation algorithms (DGAs), to generate domain names for the C&C servers. In this paper, we propose a probabilistic approach to identify the domain names that are likely to be generated by malware using DGAs. The proposed solution is based on the hypothesis that the entropy of human-generated domain names should be lesser than the entropy of DGA generated domain names. Results show that the percentage of false negatives in the detection of DGA generated domain names using the proposed method is less than 29% across 39 DGA families considered by us in our experimentation.
    Keywords: Domain Name System;ยท Domain Generations Algorithms; Botnets; Command and Control Servers.

  • A survey on SQL injection attacks, detection and prevention techniques - A tertiary study   Order a copy of this article
    by María Hallo, Gabriela Suntaxi 
    Abstract: This paper presents a tertiary systematic literature review of SQL Injection Attacks based on previous secondary systematic literature reviews and systematic mappings. We identify the main observations (what we know) and challenges (what we do not know) on SQL injection attacks. We perform this tertiary review using six scientific databases. Based on a rigorous search process, we consider in our study eleven secondary studies published in the last decade. We define six research questions that help us determine the current state of the art in SQL injection attacks. We organize the main observations and challenges into definitions, most common research topics related to SQL injection attacks, detection and prevention techniques, and limitations of the studies. Finally, we identify open issues that could guide future research work.
    Keywords: SQL injection attacks; SQLIA; SQL injection detection techniques; SQL injection prevention techniques.

  • Threat Led Advanced Persistent Threat Penetration Test   Order a copy of this article
    by Ala’ Masarweh, Ja’afer ALSaraireh 
    Abstract: Cyber security attacks have been on the rise in recent years. One of the most destructive attacks are known as Advanced Persistent Threat (APT) attacks which can inflict massive damages to a network. A common approach of testing the security of an IT infrastructure is a Penetration Test (PT), which identifies security flaws in a system. However, this approach covers only the present vulnerabilities in a system without minding any new potential ones that could harm such systems. The goal in this research paper is to implement an enhanced PT approach called Threat Led APT PT to test the security of a target network against present vulnerabilities. The enhanced PT approach presented in this research work resulted in significantly enhancing the security of a network up to 28.5%. The proposed PT approach is compared to other custom PT approaches, which failed to achieve the same results as the proposed approach.
    Keywords: Penetration Testing; Cyber Threat Intelligence; Advanced Persistent Threat.

  • A Provably Secure Signcryption with Proxy Re-encryption for Smart Water Grid Network   Order a copy of this article
    by Rachana Patil, Yogesh Patil 
    Abstract: Smart water grid (SWG) uses smart water metering systems that regularly gathers consumers water consumption records and sends to water supply department. The communication of such information is the cause of concern for data privacy. In this work, we proposed an Identity based Signcryption with proxy re-encryption for Smart Water Grid (IDSC-PRE-SWG). A proxy located at cloud is responsible for re-encrypting the signcrypted ciphertext message. Our approach permits the authorized user to decode the ciphertext along with validating the message's source and authenticity. We also demonstrated that our system can be used to safeguard the security of data stored in cloud. The comparison of computational costs in terms of time in milliseconds for each phase of the IDSC-PRE schemes shows that, the proposed approach outperforms the alternative schemes. The simulation study performed with AVISPA tool indicates that IDSC-PRE-SWG is safe in OFMC and CL-Atse backends.
    Keywords: Smart water Grid; Signcryption; proxy re-encryption; Identity based Cryptography; AVISPA.
    DOI: 10.1504/IJSN.2022.10045294
  • An Efficient Scalar Multiplication Algorithm on Koblitz curves using tau^3-NAF   Order a copy of this article
    by Surya Ganesh Ponnuru, Padmavathy R, Anil Pinapati 
    Abstract: Elliptic Curve Cryptography (ECC) is an efficient and widely used public-key cryptosystem. It uses relatively shorter keys compared to conventional cryptosystems hence offering faster computation. The efficiency of ECC relies heavily on the efficiency of scalar multiplication which internally depends on the representation of the scalar value. Based on the representation, the number of point additions and point doublings varies. Koblitz curves are binary elliptic curves defined over F2 and also known as Anomalous binary curves. Scalar multiplication algorithms on these curves can be designed without any point doublings. In tau-NAF representation, we need 0.333m point additions whereas in tau^2-NAF it is 0.215m. This paper proposes a method to improve the efficiency of scalar multiplication on Koblitz curves using tau^3-NAF representation that further reduces the point additions to 0.143m.
    Keywords: Koblitz curves; Scalar multiplication; Frobenius endomorphism; tau- NAF; tau^2- NAF representation.

  • A literature review on security-aware design space exploration approaches for embedded systems   Order a copy of this article
    by Fateh Boutekkouk 
    Abstract: Design space exploration (DSE) is a key activity in any embedded system design flow during which, decisions on architectural choices are made and their impacts on the overall performance are analyzed and judged. As security emerges as a major design concern, DSE should be aware of the security aspect. By this literature review, we hope to study, analyze and add new knowledge on the topic. Our review showed that there is a lack of standard security metrics and expressive models to represent attackers capabilities, security requirements and mechanisms. The review also revealed a big pitfall regarding the application of formal techniques, security standards adoption and adaptivity support. The presented review ends by proposing some potential promising future trends that can be investigated by researchers to pursue the research in related topics.
    Keywords: embedded systems; security; design space exploration; optimization; Artificial intelligence.

  • Network event based model using finite state machine to detect and predict insider intrusion on enterprise networks.   Order a copy of this article
    by Nisha TN, Dhanya Pramod 
    Abstract: Network infrastructure being the backbone of organizations has become the preferred target for attackers. Hackers pose threat to the network and target the data in storage and transit. In addition, malicious insiders also try to exploit the access and organizations need to detect and deal with such attempts. We propose FSA based attack probability detection model to detect insider attacks on the enterprise network. The model consists of a knowledge-based FSA and a probability-based IPAM algorithm that gives high detection rates and fewer false positives. The approach uses a novel composition wherein the event sequences are generated for each pair of connections using the FSA and then fed to probability component for further analysis to ascertain the network safety level. The model defends the DoS attacks and scanning probes and works in the lower network layers. Therefore, the detection characteristics can be easily extended to protect against new attacks.
    Keywords: Network security; Insider attacks; Dos and DDoS attacks; knowledge based anomaly detection; finite state machine; IPAM; probabilistic attack prediction.

  • Security in Smart Home Environment: Issues, Challenges, and Countermeasures - A Survey   Order a copy of this article
    by Redhwan Saad, Khaled Al Soufy, Samir Shaheen 
    Abstract: The accelerated spread of the IoT and rapid development of modern communication networks and technologies have connected the physical world with computational elements in the Smart Home environment. The smart home is based on IoT technology which facilitates device observing in order to increase the availability of various tools for securing home automation. Thus, it has been used as a feature of the future wireless sensor network to be able to operate without human intervention. However, it's vulnerable to vulnerabilities and security threats. Due to interconnected, heterogeneous, and dynamic nature of the smart home, challenges related to security, authentication, and confidentiality are created. In this paper attacks on the security of smart homes are investigated to assess their impact on the security of the system as a whole. The technologies and security solutions in such environment are also identified. Therefore, current security measures are discussed to counter such security attacks.
    Keywords: Internet of Things; malware; Security attacks; and Smart Home.

  • Research on system safety in the case of component failure based on degree correlation   Order a copy of this article
    by Wuchao Shi 
    Abstract: Nowadays, complex systems play an irreplaceable role in life, network security reflects a series of network controllability problems. In this paper, we focus on the topological characteristics of the network, starting from the degree correlation of the network, and studying the controllability of the network for different network types. For different network data sets, we adopt different security strategies to protect the network. Experiments show that the network controllability of different data sets under different security strategies is very different. Neutral networks and networks with the same configuration have little difference in the performance of each node in the face of network attacks; in the face of network attacks with heterogeneous networks, the security protection strategy of the central node can maintain network security to the greatest extent. Through different security strategies to achieve network controllability, the greatest possible realization of system security.
    Keywords: Network controllability; topological characteristics; degree correlation; security strategies.

  • MB-CIM: A Multi-round Budgeted Competitive Influence Maximization   Order a copy of this article
    by Nadia Niknami, Jie Wu 
    Abstract: Maximizing influence spread through a social network has attracted significant research interest recently Influence maximization is trying to select a small set of seed users in the social network to maximize the spread of influence CIM addresses the competition where multiple competing sources propagate in the same network. Competitors need to decide which nodes in the given social network would be an influential one and how many resources should be allocated to the potential social network member so that identifying the best algorithm for the influence maximization under budget constraint has become a demanding task. We are interested in multi-round CIM where each competitor needs to decide the location and the amount of budget to invest in the most influential members simultaneously and repeatedly under a given total budget. This paper proposes a tree-approximate game-theoretical framework and introduces the new measurement as a dynamic node weight.
    Keywords: budget allocation; game theory; reinforcement learning; social networks; multi-round influence maximization.
    DOI: 10.1504/IJSN.2022.10046054
  • A Slice-Based Encryption Scheme for IPFS   Order a copy of this article
    by Changsong Zhou, Guozi Sun, Xuan You, Yu Gu 
    Abstract: The interplanetary file system (IPFS) has been used more and more widely because of its advantages of smooth integration with the current blockchain platform and its advantages as a distributed file system. However, the authors found that IPFS has some privacy issues that it cannot completely avoid unauthorised access to data by malicious nodes. In response to this problem, the authors propose a lightweight encryption scheme based on the characteristics of IPFS file slicing combined with AES256 and SHA256, which can be smoothly integrated into IPFS. During the upload process, this scheme encrypts some sliced file blocks according to the strategy formulated by the user. During the download process, the encrypted block is identified and decrypted according to a special encryption method. Through this scheme, the system can increase file security without affecting the performance of IPFS itself and retain the deduplication effect of IPFS to the utmost extent.
    Keywords: advanced encryption standard; AES; SHA256; blockchain; distributed storage; security; Merkle DAG; interplanetary file system; IPFS; slice.
    DOI: 10.1504/IJSN.2022.10047182