Thursday, December 27, 2018

INFORMATION SECURITY SYNTHESIS IN ONLINE UNIVERSITIES

INFORMATION SECURITY SYNTHESIS IN ONLINE UNIVERSITIES 
MARIA SCHUETT, CRISC1 AND SYED (SHAWON) M. RAHMAN, PHD2
1Information Assurance and Security, Capella University, Minneapolis, MN, USA
2Assistant Professor, University of Hawaii-Hilo, HI, USA and Adjunct Faculty, Capella University, Minneapolis, MN, USA

ABSTRACT

Information assurance is at the core of every initiative that an organization executes. For online universities, a common and complex initiative is maintaining user lifecycle and providing seamless access using one identity in a large virtual infrastructure. To achieve information assurance the management of user privileges affected by events in the user’s identity lifecycle needs to be the determining factor for access control. While the implementation of identity and access management systems makes this initiative feasible, it is the construction and maintenance of the infrastructure that makes it complex and challenging. The objective of this paper1  is to describe the complexities, propose a practical approach to building a foundation for consistent user experience and realizing security synthesis in online universities.

KEYWORDS

IT Security, Security Synthesis, Access control, Provisioning, Workflows, User Lifecycle









at No comments:

Thursday, December 20, 2018

ENSEMBLE OF BLOWFISH WITH CHAOS BASED S BOX DESIGN FOR TEXT AND IMAGE ENCRYPTION

ENSEMBLE OF BLOWFISH WITH CHAOS BASED S BOX DESIGN FOR TEXT AND IMAGE ENCRYPTION
Jeyamala Chandrasekaran1 Subramanyan B1 and Raman G.S2
1Department of Information Technology, Thiagarajar College of Engineering, Madurai
2Department of Information Technology, KLN College of Information Technology,Madurai

ABSTRACT

The rapid and extensive usage of Internet in the present decade has put forth information security as an utmost concern. Most of the commercial transactions taking place over the Internet involves a wide variety of data including text, images, audio and video. With the increasing use of digital techniques for transmitting and storing Multimedia data, the fundamental issue of protecting the confidentiality, integrity and authenticity of the information poses a major challenge for security professionals and hassled to the major developments in Cryptography . In cryptography, an S-Box (Substitution-box) is a basic component of symmetric key algorithms, which performs substitution and is typically used to make the relationship between the key and the cipher text non linear and most of the symmetric key algorithms like DES, Blowfish makes use of S boxes. This paper proposes a new method for design of S boxes based on chaos theory. Chaotic equations are popularly known for its randomness, extreme sensitivity to initial conditions and ergodicity. The modified design has been tested with blowfish algorithm which has no effective crypt analysis reported against its design till date because of its salient design features including the key dependant s boxes and complex key generation process. However every new key requires pre-processing equivalent to encrypting about 4 kilobytes of text, which is very slow compared to other block ciphers and it prevents its usage in memory limited applications and embedded systems. The modified design of S boxes maintains the non linearity [3] [5] and key dependency factors of S boxes with a major reduction in time complexity of generation of S boxes and P arrays. The algorithm has been implemented and the proposed design has been analyzed for size of key space, key sensitivity and Avalanche effect. Experimental results on text and Image Encryption show that the modified design of key generation continues to offer the same level of security as the original Blowfish cipher with a less computational overhead in key generation. 

KEYWORDS

S Box, Chaos, Non Linearity, Symmetric Cryptosystems, Blowfish, Image Encryption

at No comments:

Wednesday, December 19, 2018

An Ancient Indian Board Game as a Tool for Authentication

An Ancient Indian Board Game as a Tool for Authentication
Sreelatha Malempati1 and Shashi Mogalla2
1 Department of Computer Science and Engineering RVR & JC College of Engineering, Guntur, A.P.
2 Department of Computer Science and System Engineering Andhra University College of Engineering, Visakhapatnam, A.P

Abstract: 

User authentication is the first phase of information security. Users should remember their passwords and recall them for authentication. Text based passwords is the traditional method for authentication. Short and simple passwords are memorable and usable but not secure. Random and lengthy passwords are secure but not memorable and usable. Graphical password schemes are introduced as alternatives to text based schemes. Few grid based authentication techniques are also proposed. The purpose of this paper is to introduce a tool to enhance the memorability and security of passwords which also provides usability. The most popular ancient Indian board game “Snakes and Ladders” is used as a tool for authentication.

Keywords: 

Intrusion prevention, Graphical passwords, Snakes & Ladders game, memorability of passwords . 




at No comments:

Thursday, December 13, 2018

AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE OF ENCRYPTION ON MAC LAYER

AN APPROACH TO PROVIDE SECURITY IN MOBILE AD-HOC NETWORKS USING COUNTER MODE OF ENCRYPTION ON MAC LAYER
Gulshan Kumar and Mritunjay Rai
Department of Computer Science, Lovely Professional University, Jalandhar, India.

ABSTRACT

Security in any of the networks became an important issue in this paper we have implemented a security mechanism on Medium Access Control layer by Assured Neighbor based Security Protocol to provide authentication and confidentiality of packets along with High speed transmission for Ad hoc networks. Here we have divided the protocol into two different parts. The first part deals with Routing layer information; in this part we have tried to implement a possible strategy for detecting and isolating the malicious nodes. A trust counter for each node is determined which can be actively increased and decreased depending upon the trust value for the purpose of forwarding the packets from source node to destination node with the help of intermediate nodes. A threshold level is also predetermined to detect the malicious nodes. If the value of the node in trust counter is less than the threshold value then the node is denoted ‘malicious’. The second part of our protocol deals with the security in the link layer. For this security reason we have used CTR (Counter) approach for authentication and encryption. We have simulated all our strategies and schemes in NS-2, the result of which gives a conclusion that our proposed protocol i.e. Assured Neighbor based Security Protocol can perform high packet delivery against various intruders and also packet delivery ratio against mobility with low delays and low overheads.

KEYWORDS 

Security, Threshold level, Encryption, MAC-Layer, Attackers . 





at No comments:

Tuesday, December 11, 2018

RTOS BASED SECURE SHORTEST PATH ROUTING ALGORITHM IN MOBILE AD- HOC NETWORKS

RTOS BASED SECURE SHORTEST PATH ROUTING ALGORITHM IN MOBILE AD- HOC NETWORKS
R. Ramesh and S. Gayathri
Department of Electrical and Electronics Engineering, Anna University, India

ABSTRACT

Increase of number of the nodes in the wireless computing environment leads to different issues like power, data rate, QoS, simulators and security. Among these the security is the peak issue faced by most of the wireless networks. Especially networks without having a centralized system (MANETS) is facing severe security issues. One of the major security issues is the wormhole attack while finding the shortest path. The aim of this paper is to propose an algorithm to find a secure shortest path against wormhole attack. Existing algorithms are mainly concentrated on detecting the malicious node but they are hardware specific like directional antennas and synchronized clocks. But the proposed algorithm is both software and hardware specific. RTOS is included to make the ad hoc network a real time application.

KEYWORDS

Mobile ad hoc networking, routing, security, wormhole, shortest path, RTOS, Real time application 



at No comments:

Thursday, December 6, 2018

BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING

BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
Kashif Munir and Lawan A. Mohammed
University of Hafr Al Batin, KSA

ABSTRACT:

In the IoT scenario, things at the edge can create significantly large amounts of data. Fog Computing has recently emerged as the paradigm to address the needs of edge computing in the Internet of Things (IoT) and Industrial Internet of Things (IIoT) applications. In a Fog Computing environment, much of the processing would take place closer to the edge in a router device, rather than having to be transmitted to the Fog. Authentication is an important issue for the security of fog computing since services are offered to massive-scale end users by front fog nodes.Fog computing faces new security and privacy challenges besides those inherited from cloud computing. Authentication helps to ensure and confirms a user's identity. The existing traditional password authentication does not provide enough security for the data and there have been instances when the password-based authentication has been manipulated to gain access into the data. Since the conventional methods such as passwords do not serve the purpose of data security, research worksare focused on biometric user authentication in fog computing environment. In this paper, we present biometric smartcard authentication to protect the fog computing environment.

KEYWORDS:

Biometric Authentication, Fog Computing, Security



at No comments:

Wednesday, December 5, 2018

IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY

IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY
Moussa WITTI and Dimitri KONSTANTAS
Information Science Institute University of Geneva Route de Drize 7, 1227 Carouge, Switzerland

ABSTRACT

The increase of smart devices has accelerated sensitive data exchange on the Internet using most of the time unsecured channels. Since a massive use of RFID (Radio-frequency Identification) tags in the transportation and construction industries from 1980 to 1990, with the expanded use of the Internet with 2G/3G or 4G since 2000, we are witnessing a new era of connected objects. A huge number of heterogeneous sensors may collect and dispatch sensitive data from an endpoint to worldwide network on the Internet. Privacy concerns in IOT remain important issues in the research. In this paper, we aim to evaluate current research state related to privacy and security in IOT by identifying existing approaches and publications trends. Therefore, we have conducted a systematic mapping study using automated searches from selected relevant academics databases. The result of this mapping highlights research type and contribution in different facets and research activities trends in the topic of “security and privacy” in IoT edge, cloud and fog environment.

KEYWORDS

Internet of Thing, privacy, security, the mapping study




at No comments:

Monday, December 3, 2018

SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING

SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
Kashif Munir and Lawan A. Mohammed
University of Hafr Al Batin, KSA

ABSTRACT:

Fog computing is an extended version of Cloud computing. It minimizes the latency by incorporating Fog servers as intermediates between Cloud Server and users. It also provides services similar to Cloud like Storage, Computation and resources utilization and security.Fog systems are capable of processing large amounts of data locally, operate on-premise, are fully portable, and can be installed on the heterogeneous hardware. These features make the Fog platform highly suitable for time and location-sensitive applications. For example, the Internet of Things (IoT) devices isrequired to quickly process a large amount of data. The Significance of enterprise data and increased access rates from low-resource terminal devices demands for reliable and low- cost authentication protocols. Lots of researchers have proposed authentication protocols with varied efficiencies.As a part of our contribution, we propose a protocol to ensure data integrity which is best suited for fog computing environment.

KEYWORDS:

Protocol, Authentication,Fog Computing, Security Threats, IoT





at No comments:

Saturday, December 1, 2018

A MULTI-LAYER HYBRID TEXT STEGANOGRAPHY FOR SECRET COMMUNICATION USING WORD TAGGING AND RGB COLOR CODING

A MULTI-LAYER HYBRID TEXT STEGANOGRAPHY FOR SECRET COMMUNICATION USING WORD TAGGING AND RGB COLOR CODING
Ali F. Al-Azzawi1
1Department of Software Engineering, IT Faculty, Philadelphia University, Amman,Jordan

ABSTRACT

This paper introduces a multi-layer hybrid text steganography approach by utilizing word tagging and recoloring. Existing approaches are planned to be either progressive in getting imperceptibility, or high hiding limit, or robustness. The proposed approach does not use the ordinary sequential inserting process and overcome issues of the current approaches by taking a careful of getting imperceptibility, high hiding limit, and robustness through its hybrid work by using a linguistic technique and a format-based technique. The linguistic technique is used to divide the cover text into embedding layers where each layer consists of a sequence of words that has a single part of speech detected by POS tagger, while the format-based technique is used to recolor the letters of a cover text with a near RGB color coding to embed 12 bits from the secret message in each letter which leads to high hidden capacity and blinds the embedding, moreover, the robustness is accomplished through a multi-layer embedding process, and the generated stego key significantly assists the security of the embedding messages and its size. The experimental results comparison shows that the purpose approach is better than currently developed approaches in providing an ideal balance between imperceptibility, high hiding limit, and robustness criteria.

KEYWORDS

Text Stenography, Python Programming language, Multi-layer encoding, Natural Language Prepossessing, Color space


at No comments:

Table of Contents ---Current issue-- November 2018, Volume 10, Number 6


The International Journal of Network Security & Its Applications (IJNSA) 
ERA, UGC Listed Journal
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)

Current Issue

November 2018, Volume 10, Number 6

A Multi-Layer Hybrid Text Steganography for Secret Communication Using Word Tagging and RGB Color Coding
Ali F. Al-Azzawi1, Philadelphia University, Jordan

Secure Third Party Auditor(TPA) for Ensuring Data Integrity in Fog Computing
KashifMunir and Lawan A. Mohammed, University of Hafr Al Batin, KSA

IOT and Security-Privacy Concerns: A Systematic Mapping Study
Moussa WITTI and Dimitri KONSTANTAS, Information Science Institute University of Geneva, Switzerland

Biometric Smartcard Authentication for Fog Computing
Kashif Munir and Lawan A. Mohammed, University of Hafr Al Batin, KSA

at No comments:

Thursday, November 29, 2018

AN EVALUATION OF FINGERPRINT SECURITY USING NONINVERTIBLE BIOHASH

AN EVALUATION OF FINGERPRINT SECURITY USING NONINVERTIBLE BIOHASH
N.Radha1 and S.Karthikeyan2
1Department of Computer Science, Karpagam University,Tamil Nadu
2Department of Information Technology,College of Applied Sciences,Sohar, Sultanate of Oman

ABSTRACT

Biometric analysis for identifying verification is becoming a widespread reality. It is a very challenging and tedious task to develop a biometric template protection scheme which is anonymous, revocable and noninvertible while maintaining decent performance. Cancellable biometrics is one of the best methods used to resolve this problem. In this paper, a new method called as BioHashing which follows the technique of cancellable biometrics in the fingerprint domain is proposed. This proposed method does not require the re-alignment of fingerprints as all the minutiae are translated into a pre-defined two dimensional space based on a reference minutia. After that, the proposed Biohashing method is used to enforce the one-way property (non-invertibility) of the biometric template. The proposed approach is very much resistant to minor translation error and rotation distortion. An Equal Error Rates (EER) of less than 1% is achieved in this approach and performance of the approach is also significant.

KEYWORDS

Biohashing, Fingerprint Biometrics, Cancellable Biometrics, Non-Invertible Transformation



at No comments:

Sunday, November 25, 2018

GOVERNING INFORMATION SECURITY IN CONJUNCTION WITH COBIT AND ISO 27001

GOVERNING INFORMATION SECURITY IN CONJUNCTION WITH COBIT AND ISO 27001
Tolga MATARACIOGLU1 and Sevgi OZKAN2
1TUBITAK National Research Institute of Electronics and Cryptology (UEKAE),Department of Information Systems Security, 06700, Ankara, TURKEY
2Middle East Technical University, Informatics Institute,Department of Information Systems, 06531, Ankara, TURKEY

ABSTRACT

In this paper, after giving a brief definition of Information Security Management Systems (ISMS), ISO 27001, IT governance and COBIT, pros and cons of implementing only COBIT, implementing only IS0 27001 and implementing both COBIT and ISO 27001 together when governing information security in enterprises will be issued.

KEYWORDS

COBIT, ISO 27001, Information Security Management Systems (ISMS), PDCA, mapping, IT governance, framework, best practice, standard

at No comments:

Friday, November 23, 2018

OPTIMIZING AND ANALYSING THE EFFECTIVENESS OF SECURITY HARDENING MEASURES USING VARIOUS OPTIMIZATION TECHNIQUES AS WELL AS NETWORK MANAGEMENT MODELS GIVINGSPECIAL EMPHASIS TO ATTACK TREE MODEL

OPTIMIZING AND ANALYSING THE EFFECTIVENESS OF SECURITY HARDENING MEASURES USING VARIOUS OPTIMIZATION TECHNIQUES AS WELL AS NETWORK MANAGEMENT MODELS GIVINGSPECIAL EMPHASIS TO ATTACK TREE MODEL
Dr. Prabhat Kumar Vishwakarma
Department of Computer Science, University of Gondar, Ethiopia

ABSTRACT

To cope up the network security measures with the financial restrictions in the corporate world is still a challenge. At global scenario the tradeoff between the protection of IT infrastructure and the financial boundation for any organization using IT as valuable resource is quite essential. Every organization has different security needs and different budgets for coping with that therefore whether it has to look as single objective or as multiple objectives with fault tolerant feature is a critical issue. In the present paper an attempt has been taken to optimize and analyze the effectiveness of security hardening measures considering attack tree model as base. In short we can say that the main attention in the paper is-to rectify, to describe the notations of the attack tree model and to suggest a model which may be able to quantitatively specify the possible threats as well as cost of the security control while implementing the security hardening measures.

KEYWORDS

Security Management, Attack Tree, Objective Functions, Network Security, NSGAII. 


at No comments:

Tuesday, November 20, 2018

E-VOTING PROTOCOL BASED ON PUBLIC-KEY CRYPTOGRAPHY

E-VOTING PROTOCOL BASED ON PUBLIC-KEY CRYPTOGRAPHY
Hayam K. Al-Anie, Mohammad A. Alia and Adnan A. Hnaif
Faculty of Science and Information Technology – Al Zaytoonah University of Jordan, P.O.Box: 130 Amman (11733) Jordan

ABSTRACT

In this paper we propose a new secure E-Voting protocol based on public-key encryption cryptosystem. This protocol is summarized in three processes: firstly, access control process which involves the identification and authentication phases for the applied citizens. Secondly, the voting process which will be done by ciphering the voter information using public-key encryption cryptosystem (RSA), to be submitted over an insecure network to the specified government election server. Finally, the election server administrator will sort the final result by deciphering the received encrypted information using RSA private key. Actually, this E-Voting protocol is more efficient than others E-Voting protocols since the voter can vote from his/her own personal computer (PC) without any extra cost and effort. The RSA public-key encryption system ensures the security of the proposed protocol. However, to prevent a brute force attack, the choice of the key size becomes crucial.

KEYWORDS

E-Voting, Cryptography, RSA, System Access Control, and Public-Key.






at No comments:

Thursday, November 15, 2018

A NOVEL SCHEME FOR DEVIATION DETECTION IN ASYNCHRONOUS DISTRIBUTED PRICING

A NOVEL SCHEME FOR DEVIATION DETECTION IN ASYNCHRONOUS DISTRIBUTED PRICING
S.S. Prasad1, Rithika Baruah2 and Siddharth.A3
Department of Electronics & Communication Engineering, National Institute of Technology, Jamshedpur, India

ABSTRACT

Modelling resource allocation problems in the form of non-cooperative pricing games takes into account the difference between how much a given performance metric is valued and how much is paid for it. For the convergence of the sum of all users’ payoff to a global maximum, the determination of the utility function is essential. Although supermodularity conditions have been previously defined and determined to obtain suitable utility functions, different utilities have significantly varying performance characteristics under similar network parameters. In an ad-hoc framework, absence of a central authority leads to uncontrollability of unfairness. Users could misbehave by broadcasting high price coefficients to force other users to transmit at a lower power. This paper proposes an adaptation of the Asynchronous Distributed Pricing Algorithm with a Deviation Detection Block that re-aligns the deviated system back into the algorithm.

KEYWORDS

Game theory, asynchronous distributed pricing, distributed resource allocation, deviation detection





at No comments:

Wednesday, November 14, 2018

A NOVEL HEADER MATCHING ALGORITHM FOR INTRUSION DETECTION SYSTEMS

A NOVEL HEADER MATCHING ALGORITHM FOR INTRUSION DETECTION SYSTEMS
Mohammad A. Alia1, Adnan A. Hnaif1, Hayam K. Al-Anie1, Khulood AbuMaria1, Ahmed M. Manasrah2, M. Imran Sarwar3
1 Faculty of Science and Information Technology – Al Zaytoonah University of Jordan, P.O.Box: 130 Amman (11733) Jordan
2 Al Yarmouk University , Irbed( 21163) – Jordan
3National Advanced IPv6 - Universiti Sains Malaysia, 11800 Penang, Malaysia

ABSTRACT

The evolving necessity of the Internet increases the demand on the bandwidth. Therefore, this demand opens the doors for the hackers’ community to develop new methods and techniques to gain control over networking systems. Hence, the intrusion detection systems (IDS) are insufficient to prevent/detect unauthorized access the network. Network Intrusion Detection System (NIDS) is one example that still suffers from performance degradation due the increase of the link speed in today’s networks. In This paper we proposed a novel algorithm to detect the intruders, who’s trying to gain access to the network using the packets header parameters such as; source/destination address, source/destination port, and protocol without the need to inspect each packet content looking for signatures/patterns. However, the “Packet Header Matching” algorithm enhances the overall speed of the matching process between the incoming packet headers against the rule set. We ran the proposed algorithm to proof the proposed concept in coping with the traffic arrival speeds and the various bandwidth demands. The achieved results were of significant enhancement of the overall performance in terms of detection speed. 

KEYWORDS

Intrusion Detection System (IDS), Network Intrusion Detection System (NIDS), SNORT, Packet Detection and Packet Header Matching (PHM) 





at No comments:

Saturday, November 10, 2018

SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS

SECURITY APPREHENSIONS IN DIFFERENT REGIONS OF CLOUD CAPTIOUS GROUNDS
Gurdev Singh1 Amit Sharma2 Manpreet Singh Lehal3
1Department of Computer Science and Engineering, Eternal University, Baru Sahib, Sirmour, HP (India)
2Department of Computer Science and Engineering, Eternal University, Baru Sahib, Sirmour, HP (India)
3Department of Computer Science and Engineering, Lyallpur Khalsa College, Jalandhar, Punjab (India)

ABSTRACT

Cloud computing is a new innovative model for enterprise in which information is permanently stored on the servers and also manage how and when different resources are allocate to the requested users. It provides distributed approach through which resources are allocated dynamically to the users without investing in the infrastructure or licensing the software’s on the client side. Using the cloud makes processing of information is more commodious but it also present them with new security problems about reliability.This phenomenon introduces serious problems regarding access mechanism to any information stored in the database and resources in the cloud. For the successful implementation of cloud computing it is necessary that we must know different areas where the security is needed. For this there should also governess strategy needed for secure communication between multi-clouds located in different geographical areas or in different countries. In this paper we discuss how to safely utilizing the benefit of cloud computing through the network where data security, provide authentication, integration, recovery, IP spoofing and Virtual Servers are the most captiousfields in the cloud. 

KEYWORDS

Cloud Computing, Data Security, Secure Servers, Secure Network





at No comments:

Friday, November 9, 2018

Cryptovirology: Virus Approach

Cryptovirology: Virus Approach
Shivale Saurabh Anandrao
Dept. of Computer Engineering, Vishwakarma Institute Of Information Technology, Pune-48, India

Abstract

Traditionally, "Cryptography" is a benediction to information processing and communications, it helps people to store information securely and the private communications over long distances. Cryptovirology is the study of applications of cryptography to build the malicious software. It is an investigation, how modern cryptographic tools and paradigms can be used to strengthen, develop and improve new malicious software attacks. Cryptovirology attacks have been categorized as : give malware enhanced privacy and be more robust against reverse-engineering, secondly give the attacker enhanced anonymity while communicating with deployed malware. This paper presents the idea of ``Cryptovirology'' which introduce a twist on how cryptography can also be used offensively. Being offensive means, it can be used to mount extortion based attacks that cause loss of access to information, loss of confidentiality, and information leakage, tasks which cryptography usually prevents. Also analyze threats and attacks that misuse of cryptography can cause when combined with fraudulent software (viruses, Trojans). Public-key cryptography is very essential for the attacks that based on cryptovirology. This paper also suggest some of the countermeasures, mechanisms to cope with and prevent such attacks. Even if the attackers actions on the host machine are being monitored, it still cannot be proven beyond reasonable doubt that he or she is the attacker; and it is an “originator-concealing attack”. Evidence should be collected from the “author’s own system which was used for the attack”. These attacks have implications on how the use of cryptographic tools and techniques should be audited and managed in general purpose computing environments, and imply that access to the cryptographic tools should be in well control of the system(such as API routines). The experimental virus would demonstrate how cryptographic packages can be packed into a small space, which may have independent existence. These are many powerful attacks, where the attacker can encrypt the victim’s data for ransom and release it after hostage. 

Keywords:

Malware, cryptovirology ,cryptovirus, cryptotrojan, electronic warfare threats, electronic espionage threats, evasive/ deniable/ untraceable attacks, password (information) snatching, public-key cryptography, kleptography, cryptanalysis,Gpcode.ak, Conficker, cryptoviral extortion. 

at No comments:

Wednesday, November 7, 2018

ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM

ARCHITECTURE OF A IDENTITY BASED FIREWALL SYSTEM
Nenad Stojanovski1 and Marjan Gušev2
1 Makedonski Telekom AD, Orce Nikolov BB, 1000 Skopje, Macedonia
2 Faculty of Natural Sciences and Mathematics, Ss. Cyril and Methodius University, Arhimedova b.b., PO Box 162, 1000 Skopje, Macedonia

ABSTRACT

Classic firewall systems are built to filter traffic based on IP addresses, source and destination ports and protocol types. The modern networks have grown to a level where the possibility for users’ mobility is a must. In such networks, modern firewalls may introduce such complexity where administration can become very frustrating since it needs the intervention of a firewall administrator. The solution for this problem is an identity based firewall system. In this paper we will present a new
design of a firewall system that uses the user’s identity to filter the traffic. In the design phase we will define key points which have to be satisfied as a crucial milestone for the functioning of the whole Identity based firewall system.

KEYWORDS

Identity based firewalls, user identity, firewalls, network security, computer networks, firewall systems design




at No comments:

Friday, November 2, 2018

WAVELET THRESHOLDING APPROACH FOR IMAGE DENOISING

WAVELET THRESHOLDING APPROACH FOR IMAGE DENOISING
Pankaj Hedaoo1 and Swati S Godbole2
1Department of Electronics & Telecommunication Engineering, G. H. Raisoni College of Engineering, Nagpur, India.
2Department of Electronics & Telecommunication Engineering, G. H. Raisoni College of Engineering, Nagpur, India

ABSTRACT

The original image corrupted by Gaussian noise is a long established problem in signal or image processing .This noise is removed by using wavelet thresholding by focused on statistical modelling of wavelet coefficients and the optimal choice of thresholds called as image denoising . For the first part, threshold is driven in a Bayesian technique to use probabilistic model of the image wavelet coefficients that are dependent on the higher order moments of generalized Gaussian distribution (GGD) in image processing applications. The proposed threshold is very simple. Experimental results show that the proposed method is called BayesShrink, is typically within 5% of the MSE of the best soft-thresholding benchmark with the image. It outperforms Donoho and Johnston Sure Shrink.  The second part of the paper is attempt to claim on lossy compression can be used for image denoising .thus achieving the image compression & image denoising simultaneously. The parameter is choosing based on a criterion derived from Rissanen’s minimum description length (MDL) principle. Experiments show that this compression & denoise method does indeed remove noise significantly, especially for large noise power.

KEYWORDS

Image denoising, Wavelet Thresholding, Noise categories, Proposed Method.




at No comments:

Thursday, November 1, 2018

NOVEL HYBRID INTRUSION DETECTION SYSTEM FOR CLUSTERED WIRELESS SENSOR NETWORK

NOVEL HYBRID INTRUSION DETECTION SYSTEM FOR CLUSTERED WIRELESS SENSOR NETWORK
Hichem Sedjelmaci1 and Mohamed Feham1
STIC Lab, Department of telecommunications, Abou Bakr Belkaid University, Tlemcen, Algeria

ABSTRACT

Wireless sensor network (WSN) is regularly deployed in unattended and hostile environments. The WSN is vulnerable to security threats and susceptible to physical capture. Thus, it is necessary to use effective mechanisms to protect the network. It is widely known, that the intrusion detection is one of the most efficient security mechanisms to protect the network against malicious attacks or unauthorized access. In this paper, we propose a hybrid intrusion detection system for clustered WSN. Our intrusion framework uses a combination between the Anomaly Detection based on support vector machine (SVM) and the Misuse Detection. Experiments results show that most of routing attacks can be detected with low false alarm.

KEYWORDS

Wireless Sensor Network, Hybrid Intrusion Detection System, Support Vector Machine (SVM), Classification Accuracy, False alarm




at No comments:

Wednesday, October 31, 2018

TRIDNT: THE TRUST-BASED ROUTING PROTOCOL WITH CONTROLLED DEGREE OF NODE SELFISHNESS FOR MANET

International Journal of Network Security & Its Applications (IJNSA)

Ahmed M. Abd El-Haleem1 and Ihab A. Ali2
1 Assistant Lecture, Communication Department, Faculty of Engineering, Helwan University, Helwan
2Associate Professor, Communication Department, Faculty of Engineering, Helwan University, Helwan

ABSTRACT


In Mobile ad-hoc network, nodes must cooperate to achieve the routing purposes. Node misbehaviour due to selfish or malicious intention could significantly degrade the performance of MANET because most existing routing protocols in MANET are aiming at finding most efficiency path. In this paper, we propose a Two node-disjoint Routes protocol for Isolating Dropper Node in MANET (TRIDNT) to deal with misbehaviour in MANET. TRIDNT allows some degree of selfishness to give an incentive to the selfish nodes to declare itself to its neighbours, which reduce the misbehaving nodes searching time. In TRIDNT two node-disjoint routes between the source and destination are selected based on their trust values. We use both DLL-ACK and end-to-end TCP-ACK to monitor the behaviour of routing path nodes: if a malicious behaviour is detected then the path searching tool starts to identify the malicious nodes and isolate them. Finally by using a mathematical analysis we find that our proposed protocol reduces the searching time of malicious nodes comparing to the route expected life time, and avoids the isolated misbehaving node from sharing in all future routes, which improve the overall network throughput. 

KEYWORDS

Ad Hoc Network, Trust-Based routing, Secure Routing Protocol, network security.








at No comments:

Monday, October 29, 2018

DDoS Attack and Defense Scheme in Wireless Ad hoc Networks

DDoS Attack and Defense Scheme in Wireless Ad hoc Networks
S.A.Arunmozhi1, Y.Venkataramani2
1. Associate Professor,Dept. of ECE, Saranathan College of Engineering,India
2 Principal, Saranathan College of Engineering, India

Abstract

The wireless ad hoc networks are highly vulnerable to distributed denial of service(DDoS) attacks because of its unique characteristics such as open network architecture, shared wireless medium and stringent resource constraints. These attacks throttle the tcp throughput heavily and reduce the quality of service(QoS) to end systems gradually rather than refusing the clients from the services completely. In this paper, we discussed the DDoS attacks and proposed a defense scheme to improve the performance of the ad hoc networks. Our proposed defense mechanism uses the medium access control (MAC) layer information to detect the attackers. The status values from MAC layer that can be used for detection are Frequency of receiving RTS/CTS packets, Frequency of sensing a busy channel and the number of RTS/DATA retransmissions. Once the attackers are identified, all the packets from those nodes will be blocked. The network resources are made available to the legitimate users. We perform the simulation with Network Simulator NS2 and we proved that our proposed system improves the network performance.

Key words: 

distributed denial-of-service (DDoS), wireless ad hoc networks, medium accesscontrol, bandwidth reservation, distributed rate control.


at No comments:

Thursday, October 25, 2018

AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND ITS VERIFICATION

AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND ITS VERIFICATION
Ferdous A Barbhuiya, Santosh Biswas and Sukumar Nandi
Department of Computer Science and Engineering Indian Institute of Technology Guwahati, India - 781039

ABSTRACT

Spoofing with falsified IP-MAC pair is the first step in most of the LAN based-attacks. Address Resolution Protocol (ARP) is stateless, which is the main cause that makes spoofing possible. Several network level and host level mechanisms have been proposed to detect and mitigate ARP spoofing but each of them has their own drawback. In this paper we propose a Host-based Intrusion Detection system for LAN attacks, which works without any extra constraint like static IP-MAC, modifying ARP etc. The proposed scheme is verified under all possible attack scenarios. The scheme is successfully validated in a test bed with various attack scenarios and the results show the effectiveness of the proposed technique.

KEYWORDS

Active Detection, ARP spoofing, host based ids, LAN attack, Verification

at No comments:

Tuesday, October 23, 2018

Enterprise Delegation for Service Based Systems

Enterprise Delegation for Service Based Systems 
Coimbatore Chandersekaran1, William R. Simpson2
1 The Secretary of the Air Force (SAF/A6) 1500 Wilson Blvd., Rosslyn, VA 22209, US
2 The Institute for Defense Analyses, 4850 Mark Center Drive, Alexandria, VA 22311, USA

Abstract. 

Sharing information and maintaining privacy and security is a requirement in distributed environments. Mitigating threats in a distributed environment requires constant vigilance and defense-indepth. Most systems lack a secure model that guarantees an end-to-end security. We devise a model that mitigates a number of threats to the distributed computing pervasive in enterprises. This authentication process is part of a larger information assurance systemic approach that requires that all active entities (users, machines and services) be named, and credentialed. Authentication is bi-lateral using PKI credentialing, and authorization is based upon Security Assertion Markup Language (SAML) attribution statements. Communication across domains is handled as a federation activity using WS-* protocols. We present the architectural model, elements of which are currently being tested in an operational environment. Elements of this architecture include real time computing, edge based distributed mashups, and dependable, reliable computing. The architecture is also applicable to a private cloud. 

Keywords: 

Credentialing, Authentication, Authorization, Delegation, Attribution, Least Privilege, Public Key Infrastructure, Security Assertion Markup Language (SAML)

at No comments:

Monday, October 22, 2018

Transformation from Identity Stone Age to Digital Identity

Transformation from Identity Stone Age to Digital Identity
Mohit Kohli,
Security Practices-Rolta Technology Limited (RIL), India

ABSTRACT

Technological conversion, political interests and Business drivers has triggered a means, to establish individual characterization and personalization. People started raising concerns on multiple identities managed across various zones and hence various solutions were designed. Technological advancement has brought various issues and concerns around Identity assurance, privacy and policy enabled common Authentication framework. A compression framework is needed to established common identity model to address national needs like standards, regulation and laws, minimum risk, interoperability and to provide user with a consistent context or user experience. This document focuses on Transformation path of identity stone age to Identity as in state. It defines a digital identity zone model (DIZM) to showcase the Global Identity defined across the ecosystem. Also, provide insight of emerging Technology trend to enable Identity assurance, privacy and policy enabled common Authentication framework.

KEYWORDS

Digital Identity, OpenId, OIX, Cloud Computing, oAuth

at No comments:
Subscribe to: Posts (Atom)

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)...