Forthcoming articles

International Journal of Security and Networks

International Journal of Security and Networks (IJSN)

These articles have been peer-reviewed and accepted for publication but are pending final changes, are not yet published and may not appear here in their final order of publication until they are assigned to issues. Therefore, the content conforms to our standards but the presentation (e.g. typesetting and proof-reading) is not necessarily up to the Inderscience standard. Additionally, titles, authors, abstracts and keywords may change before publication. Articles will not be published until the final proofs are validated by their authors.

Forthcoming articles must be purchased for the purposes of research, teaching and private study only. These articles can be cited using the expression "in press". For example: Smith, J. (in press). Article Title. Journal Title.

Articles marked with this shopping trolley icon are available for purchase - click on the icon to send an email request to purchase.

Register for our alerting service, which notifies you by email when new issues are published online.

Open AccessArticles marked with this Open Access icon are freely available and openly accessible to all without any restriction except the ones stated in their respective CC licenses.
We also offer which provide timely updates of tables of contents, newly published articles and calls for papers.

International Journal of Security and Networks (19 papers in press)

Regular Issues

  • Packing Resistant Solution to Group Malware Binaries   Order a copy of this article
    by Ahmad Azab 
    Abstract: Malware is still identified as a serious threat on the Internet and considered the main tool utilized by cybercriminals to conduct their malicious actions against corporations, government agencies and individuals. Malware authors embed numerous techniques, such as obfuscation and morphing, to avoid detection by anti-virus engines and facing hardened zero-day detection. To address this problem, we propose a solution that groups malware binaries belonging to the same variant, regardless of whether they are packed or not. Our approach deploys similarity measures between the malware binaries of the same variant by applying data mining concepts in conjunction with hashing algorithms. In this paper, we assess Trend Locality Sensitive Hashing (TLSH) and SSDEEP hashing algorithms to group packed and unpacked binaries of the same variants, deploying K-NN learning algorithm. Two Zeus variants are used - Mal_ZBOT and TSPY_ZBOT - to address the effectiveness of the proposed approach. The experimental results reflect our method's effectiveness in grouping binaries of the same variant, its resilience to common obfuscations used by cybercriminals and a poor performance with regard to applying the hashing algorithm without the data mining concept. The best result attained over both packed and unpacked binaries is 0.982 F-Measure.
    Keywords: Malware; Hashing; Datamining; Zeus.

  • Evaluating the behavior of stream learning algorithms for detecting invasion on wireless networks   Order a copy of this article
    by Cláudio Alves, Flávia Bernardini, Leandro Sousa, Edwin Mitaac 
    Abstract: Ensuring protection in computer networks is an increasingly difficult task because of the sheer number and variability of threats currently encountered. Intrusion Detection Systems (IDS) is usually used to improve the security of information in computers networks, including any content that has value to a person or company. IDS monitor computers or networks to identify malicious activity or unauthorized access. An open issue is how much data is necessary for constructing models for predicting invasion in wireless networks, specially considering that are some scenarios that dataset is not promptly available. Our approach should consider constructing classifiers given a dataset and, as the dataset grows, new classifiers are constructed. Other strategy is explore stream learning algorithms that adapt models along the time. In addition to studying the applicability of stream learning algorithms. This work aims to investigate whether in terms of processing time, stream algorithms are more efficient than batch ones.
    Keywords: Stream Learning; Intrusion Detection Systems (IDS); Wireless Networks.

  • Multi-Party Computation Review for Secure Data Processing in IoT-Fog Computing Environment   Order a copy of this article
    by Bhabendu Kumar Mohanta, Debasish Jena, Srichandan Sobhanayak 
    Abstract: In the last decade Internet of Things (IoT) technology becomes useful in almost every application fields. IoT-Cloud based architecture is insufficient to handle the requirement of IoT like latency, bandwidth, and volume of data. Fog computing can address those problems by providing processing and services to end-users at the edge network. In centralized system computation and processing was done in a centralized way. Some of the issues in that centralized system are malicious behavior, node capture, and failure. The solution for this would be if multiple parties do the computation then the decision can be reliable, trustworthy. In this paper, authors first used IoT-Fog-Cloud architecture to explain the need to multi-party computation in IoT applications. Secondly, authors review existing work in term of the basic working principle of multi-party computation and already used applications area. Lastly paper described the solution approach to perform the secure multi-party computation in term of Blockchain Technology.
    Keywords: IoT; Fog Computing; Cloud computing; Multi-Party Computation; Security; Blockchain; Distributed.

  • A Framework for Security Enhancement in Multitenant SDN-based Datacenters   Order a copy of this article
    by Mostafa Ammar, Ayman Abdel-hamid, Mohamed Rizk, Magdy Abdelazim 
    Abstract: Nowadays, there is a rising demand for enterprises to migrate datacenter into public cloud. This transfer has several drivers such as decreasing datacenter operational cost and increasing scalability. Moreover, it motivated cloud providers to construct more multitenant datacenters. On the other hand, cyber attacks against IT infrastructures are becoming sophisticated. Protection against datacenter adversaries requires integration between security middleboxes such as (Intrusion detection system (IDS), firewall (FW)) and network layer. In this paper, a framework is proposed to enhance security for software defined network (SDN) based multitenant datacenters. A novel mechanism is introduced to only forward suspicious traffic for deep packet inspection(DPI) without affecting any other traffic. Attack graphs are used to specify all possible attack scenarios against datacenter network. Framework proof of concept prototype is implemented using a mixed emulation and simulation environment. A typical multitenant data center network topology is used to test and evaluate framework performance. Moreover, different types of traffic (TCP, UDP) and typical middleboxes are used in experiments. Performance evaluation Results show framework feasibility and performance against attacks while not affecting delay sensitive traffic.
    Keywords: SDN; datacenter; multitenancy; security; attack graph; deep packet inspection.

  • A Game Theoretic Approach Based on Intrusion Tolerant Systems   Order a copy of this article
    by Nouhad Sanoussi, Ghizlane Orhanou, Said El Hajji 
    Abstract: Despite the enormous efforts made to guarantee a great level of security in the network, this is still far from being completely solved. Hence, to continue providing proper services in threatening environments there is a need for intrusion tolerance. The purpose of an Intrusion Tolerant System (ITS) is to survive against every intrusion, rather than to prevent them. Unfortunately, these mechanisms of defense require a huge investment andrnan accurate study of the network to effectively secure the infrastructure. The weakness of the traditional network security solutions is that they lack a quantitative decision framework. Game theory approaches proved their efficiency in this issue. Therefore, in this paper, we propose a game theoretic approach to model the attack-defense interaction in taking into account both internal and external attacks and analyze the effect of intrusion tolerant system on the payoff of both the internal and external attacker and the defender.rnA MATLAB simulation is used to illustrate the game model and calculate the frequency of attack strategy and invest in tolerance strategy.
    Keywords: Network security; ITS; Game Theory; Attacker; Bayesian Game.

  • Malicious Behaviour Identification for Android Based on an RBF Neural Network   Order a copy of this article
    by Tianwei Chen, Yongjun Qiang, Chunming Tang, Zairong Wang, Ping Luo, Lingxi Peng 
    Abstract: Traditional methods for the identification of malicious behaviour on Android cannot cope with the dynamic fluctuation of malicious behaviour characteristics. Therefore, a malicious behaviour identification approach for Android that is inspired by radial basis function neural networks is proposed. This method takes samples of the malicious behaviour on Android, extracts behaviour features, and integrates data, enabling the use of a radial basis function neural network for identification. Second, the characteristics of the radial basis function neural network's local approximation are used to improve the learning speed, which enhances the quality of the output result. Next, the minimum value of the distance is used to calculate the weights of the hidden layer node to the output layer node with the least squares recursive method. The experimental results fully demonstrate that our method improves the accuracy and efficiency of malicious behaviour recognition for Android.
    Keywords: RBF neural network; Android malicious behavior identification; feature sets; local approximation.

  • Bilinear Pairing Oriented User Privacy-Preserving Scheme Towards Secure Bitcoin Transaction   Order a copy of this article
    by Albert Kofi Kwansah Ansah, Daniel Adu-Gyamfi 
    Abstract: Despite the existing advances in research and education in cybersecurity and its applications, the field is still under discovery and new technologies are evolving. In recent years, Bitcoin as a cryptocurrency cyber application that records all financial transactions present on a blockchain where users can reach a secure and robust consensus on transactions emerges as the most popular peer-to-peer electronic payment system. Cryptocurrencies mostly rely on blockchain, as a secure decentralised append-only ledger to exchange digital currencies, and thereby attracting a billion-dollar economy. Bitcoin allows the inputs and outputs of cryptocurrencies to link to Bitcoin public address systems vulnerable to possible linkability and traceability of users identity. This obviously attracts privacy issues such as users information and identity leakage. Several existing techniques are found not satisfactory to fulfil practical and compatible anonymity requirements for users to transact with cryptocurrencies securely. In this paper, we focus on unlinkability and untraceability of users in bitcoin cryptocurrency transactions and present a secure privacy-preserving scheme based on bilinear pairing and other cryptographic primitives to curb users privacy breaches. Our proposed scheme has been theoretically analysed and evaluated. Simulation result indicated the average and total times as converged with appreciable times of 9?s at Type A internal. The overall evaluation has proven the correctness of our proposed scheme using pairing-based cryptography (PBC) Type A, A1 and E pairings internals, and suggesting it as secure and robust to implement for preserving users privacy in a bitcoin transaction.
    Keywords: user privacy-preservation; bitcoin transaction; bilinear pairing; cryptocurrency; blockchain.

  • A Hybrid Approach for Intrusion Detection Based on Machine Learning   Order a copy of this article
    by Rohit Singh, Mala Kalra, Shano Solanki 
    Abstract: With the evolution of Internet, network security has emerged as one of the key areas of research. Network security is to safeguard the privacy, availability and integrity of the system. Identification of intrusion is core component to attain overall network security success. Therefore, Intrusion Detection (ID) is broadly explored by researchers and idea of identification of intrusion has developed into a system, known as Intrusion Detection System (IDS). IDS focuses on investigation of attacks and offers desirable support for defense management along with information about the intrusion. Several intrusion detection approaches are already proposed to mitigate the impact of intrusion. In this paper, these techniques are discussed to highlight the state-of-the-art and a multilevel hybrid approach based on SVM-Na
    Keywords: Intrusion Detection; Intrusion Detection System; Network Security; Malicious traffic; Hybrid Classification; Multilevel Classifiers; Imbalanced Dataset.

  • Verification-Based Data Integrity Mechanism in Smart Grid Network   Order a copy of this article
    Abstract: The integration of open communication infrastructures and bidirectional communication between smart meters and utilities in smart grids is very important to support vast amounts of data exchange. It also increases the openness and opportunity of resource sharing across smart grid users, which makes the network vulnerable to several cyber-attacks. These cyber-attacks target smart meters data integrity through several known threats. The most known threats are false data injection (FDI) attacks that manipulate, modify or destroy data by some malicious users. Therefore, these attacks make the smart meters behave maliciously to return false data and to sabotage the system functions. In this paper, we propose a new approach to improve the integrity of data generated by smart meters in a smart grid, namely, Verification-Based Data Integrity Mechanism (VBDIM). The performance of our approach is evaluated through simulation to investigate the effects of collusive smart meters on the correctness of their generated data. The obtained results show that our approach achieves a lower blacklisting error and error-rate, and better performance in terms of overhead and slowdown.
    Keywords: Smart Grid; Smart Meters; Cyber-security; Vulnerability; data-integrity.

  • A Model-based Approach for Multi-level Privacy Policies Derivation for Cloud Services   Order a copy of this article
    by Amal Ghorbel, Mahmoud Ghorbel, Mohamed Jmaiel 
    Abstract: To benefit from the advantages offered by the cloud services, a data owner must move his private data to external servers to be accessed and handled by unknown parties. This brings about several concerns such as lack of user control, data leakage, improper access, and use, unauthorized data storage location and retention, etc. Although extensive research efforts have been carried out to address data privacy issues in the cloud, this still requires many more efforts. Particularly, the privacy policy specification which presents the first step to ensure fine-grained data protection in such an untrusted environment. In this paper, we introduce a model-based approach that couples access, usage and storage policies specification in the context of cloud services. The approach stands on a high-level abstract model and a low-level concrete model to design the policies. Models refinement from top to bottom and automatic derivation of the final policies are introduced. The approach is demonstrated and evaluated through a case study.
    Keywords: Privacy policy specification; Cloud services; PIM; PSM.

  • A Survey on Access Control in IoT: Models, Architectures and Research Opportunities   Order a copy of this article
    by Seham Alnefaie, Suhair Alshehri, Asma Cherif 
    Abstract: The rapid growth of smart devices and sensors industry has revolutionized many fields such as smart cities, healthare, etc. These technological advances are nowaday part of the Internet of Things (IoT) where devices are interconnected to exchange data to improve the delivery of various services. Although IoT is considered a promising paradigm in almost all fields, the security of users\' data is still a significant issue that should be thoroughly addressed. This is mainly required where sensitive information is being used such as in Healthcare or military sectors. Access control is one of the main security mechanisms that should be applied to IoT-based applications in order to limit access to users data to only authorized individuals. However, due to the high mobility and huge number of devices, controlling access is challenging. In particular, using cloud data centers inevitably leads to high delays and network overhead. This research examines the growing literature on access control for IoT with respect to security requirements.
    Keywords: Access Control; Fog Computing; Internet of Things.

  • An Improved Genetic Algorithm in Shared Bicycle Parking Point Allocation   Order a copy of this article
    by Guanlin Chen, Jiawei Shi, Huang Xu, Tian Li, Wujian Yang 
    Abstract: Aiming to solve the problem of inadequate parking places for shared bicycles especially during peak hours, an improved genetic algorithm for parking point allocation is proposed in this paper. We integrate linear regression algorithm with the genetic algorithm to increase the directs of individual mutation, which leads to avoiding falling into local optimum. Meanwhile, we use linear regression to haste the convergence speed of genetic algorithm which ensures the new method can improve efficiency while allocating parking point. For the sake of carrying out the experiment accurately and conveniently, we use Geohash to encode the locations of parking points and bicycles into short letters and numbers. According to the analysis of experimental results, it proves the improved algorithm is superior to the conventional method for parking point allocation.
    Keywords: Genetic algorithm; Linear regression; Shared bicycle; Parking point allocation; Geohash.

  • Space-time Adaptive Processing Anti-Jamming Algorithm for Navigation Receiver   Order a copy of this article
    by Yufeng Li 
    Abstract: For the problem that the satellite navigation signal is easily interfered, the anti-jamming technology of the traditional navigation receiver usually needs the direction of arrival (DOA) of the navigation signal. This paper proposes an anti-jamming method combining spatial projection and beamforming techniques. The method first constructs the orthogonal complement space of the interference subspace, and then projects the space-time signal vector receives by the antenna array onto it, and then uses the algorithm with strictly constrained minimum power sampling matrix gradient (CSMG) to project the output signal after beamforming in a fixed direction, and finally capture, locate, and solve the interference-free data obtained after beamforming. In this paper, the method is deduced theoretically and the relevant simulation experiments are completed. It shows that the anti-jamming algorithm not only can effectively suppress the interference signal, but also can better retain the desired signal.
    Keywords: Navigation signal;anti-jamming;subspace projection;beamforming.

  • Public-key cryptosystem based on quantum BCH codes and its quantum digital signature   Order a copy of this article
    by Han Haiqing, Siru Zhu, Qin Li, Xiao Wang, Yutian Lei, Yuwei Zhang 
    Abstract: There is a security threat to the traditional cryptography because of the emergence of quantum computation. Quantum computers can break through many cryptosystems based on mathematical puzzles. The post-cryptography has been established for the sake of the security. It has been proved that McEliece public-key cryptosystem based on error-correcting codes can resist quantum attacks. In this paper, several new generating algorithms of the quantum BCH (Bose-Chaudhuri-Hocquenghem ) codes have been proposed, and the quantum BCH codes can correct the errors including bit-flip and phase-flip. At the same time, the quantum McEliece public-key cryptosystem and quantum Niederreiter public key cryptosystem have been designed by us on the basis of quantum BCH codes in this paper, and their encryption and decryption procedures are created in detail. Our cryptosystem not only retains the advantages of post-quantum computation, but also can encrypt or decrypt in quantum state. From the perspective of computational complexity theory, both cryptosystems can resist the attacks of Shor algorithm and Grover algorithm very well. The Niederreiter classical digital signature is designed by us according to the structure characteristics of quantum BCH codes.
    Keywords: CSS construction; quantum BCH codes; public key cryptosystem on error correcting codes; post-quantum attacks; quantum digital signatures.

  • A Cluster Collaborative Synchronization Dynamic Model of the Dissipative Coupling Supply Chain Network   Order a copy of this article
    by Bing Yang, Gang Zhao, Ming-hua Hu, Chang-ping Liu, Ying-bao Yang 
    Abstract: The supply chain network is regarded as a dynamic system consisting of member companies with dynamic behaviors. In this paper an attempt is made to describe the dynamic behaviors of each member company with an autonomous dynamic system to establish the cluster collaborative synchronization dynamic model for dissipative coupling supply chain networks. Considering the materials flow, transaction amount and substitutability among the member companies of the supply chain network, a collaborative closeness matrix of the supply chain network was set. Based on the proposed model, the cluster collaborative synchronization interval of the supply chain network was calculated and the simulation results were obtained. This model is not proved to be suitable for the general scale supply networks, but also suitable for the large scale complex supply chain networks. Based on the proposed model and the cluster collaborative synchronization interval, we can optimize strategy for the collaborative synchronization operation among the member companies of the supply chain network.
    Keywords: dynamic model; supply chain network; synchronization interval; cluster collaboration; dissipative coupling.

  • Gas leakage acoustic source localization with compressed sensing method in sensor networks   Order a copy of this article
    by Zhang Yong 
    Abstract: Aiming at solving the problem of the concentration signal hardly being compressive sensed directly in nonlinear gas diffusion environment, a compressed sensing Direction of Arrival (DOA) estimation method according to the acoustic characteristics of the gas leakage was proposed for source localization. Firstly, the corresponding compressed sensing matrix and the DOA estimation model was established. Then, the sparse Bayesian recovery algorithm was designed for the DOA estimation of gas leakage acoustic source. Finally, the simulation results show that the proposed method could achieve an accurate DOA estimation of one or more gas leakage acoustic sources, and the sparse Bayesian recovery algorithm could effectively improve the estimation accuracy and robust performance with fewer amounts of samples compared to the orthogonal matching pursuit (OMP) algorithm.
    Keywords: compressed sensing; DOA estimation; gas leakage acoustic source localization.

  • A face recognition algorithm based on multiple convolution kernels and double layer sparse automatic encoder   Order a copy of this article
    by Hao Wang, Xiuyou Wang, Huaming Liu, Dongqing Xu, Zhengyan Liu 
    Abstract: The prevailing face recognition algorithms adopt the manual design feature or the automatic extraction feature of deep learning in the process of characteristic extraction. In order to extract the distinguishing characteristics of the target more accurately, a face recognition algorithm based on the multiple convolution kernels and double-layer sparse automatic encoder was proposed. Initially, the proposed algorithm pretreated the image with zero-phase component analysis (ZCA) whitening to decrease the correlation of the characteristic and reduced the complexity of the network training. Subsequently, a deep network characteristic extractor was designed, based on the convolution, pooling and multi-layer sparse automatic encoder. The convolution kernel was obtained by an independent unsupervised learning, and an automatic deep characteristic extractor was obtained by pre-training and fine-tuning. Finally, the extracted characteristics were classified using the Softmax regression model. The experiment results manifest that the presented algorithm was superior to the existing algorithms and conventional deep learning algorithms.
    Keywords: face recognition; deep networks; multiple convolution kernels; double layer sparse automatic encoder.

  • An effective congestion control scheme based on early offload for space delay/disruption tolerant network   Order a copy of this article
    by Sanhua Song 
    Abstract: The storage resources and communication resources of spatial network nodes are generally very limited, and they have the characteristics of large time delay and can not guarantee the existence of end-to-end path all the time. Messages may reside in the intermediate nodes for a long time, which makes the congestion of spatial network inevitable and leads to the decline of network performance. In order to solve this problem, an effective congestion control scheme for space delay/disruption networks based on early unloading is proposed. In this scheme, the change rate of node cache is monitored at all times, and measures are taken in advance when congestion is about to occur, so that messages are transmitted through the non-optimal path prior to the optimal path, so as to alleviate the node storage pressure. Simulation results indicate that the presented scheme can achieve higher success rate of message delivery and more uniform network traffic distribution.
    Keywords: space delay/disruption tolerant network; congestion control; early offload; contact graph routing; congestion avoidance.

  • An Efficient Range-free Multi-hop Localization Algorithm for Irregular Wireless Sensor Networks   Order a copy of this article
    by Rulin Dou 
    Abstract: In the range-free multi-hop localization algorithm, the physical distance between nodes is estimated based on hops, and complex ranging equipment is not required during this process.In this paper, an improved method for range-free multi-hop localization is proposed which could improve the precision without increasing the cost and reducing the performance of the algorithm. First, we obtain the optimal weighting function for location estimation according to the error between the estimated locations of non-beacon nodes and their actual locations. Then, we correct the inaccurate estimated locations of non-beacon nodes through geometric constraints. Lastly, we demonstrate via simulation that our proposed localization method outperforms the basic range-free multi-hop algorithms as well as their improved methods in irregular wireless sensor networks.
    Keywords: range-free multi-hop localization algorithm; optimal weighting function; geometric constraint; irregular wireless sensor networks;.