On Generation of Firewall Log Status Reporter (SRr) Using Perl

On Generation of Firewall Log Status Reporter (SRr) Using Perl
Sugam Sharma1, Hari Cohly2, and Tzusheng Pei2
1Department of Computer Science, Iowa State University, USA
2Center for Bioinformatics, Jackson State University, USA


ABSTRACT

Computer System Administration and Network Administration are few such areas where Practical Extraction Reporting Language (Perl) has robust utilization these days apart from Bioinformatics. The key role of a System/Network Administrator is to monitor log files. Log file are updated every day. To scan the summary of large log files and to quickly determine if there is anything wrong with the server or network we develop a Firewall Log Status Reporter (SRr). SRr helps to generate the reports based on the parameters of interest. SRr provides the facility to admin to generate the individual firewall report or all reports in one go. By scrutinizing the results of the reports admin can trace how many times a particular request has been made from which source to which destination and can track the errors easily. Perl scripts can be seen as the UNIX script replacement in future arena and SRr is one development with the same hope that we can believe in. SRr is a generalized and customizable utility completely written in Perl and may be used for text mining and data mining application in Bioinformatics research and development too.

KEYWORDS

Perl, Sub, Html, Regexpr, File handler

Original Source Link : http://airccse.org/journal/nsa/0709s8.pdf
http://airccse.org/journal/current.html

QUANTUM THREE-PASS PROTOCOL: KEY DISTRIBUTION USING QUANTUM SUPERPOSITION STATES

QUANTUM THREE-PASS PROTOCOL: KEY DISTRIBUTION USING QUANTUM SUPERPOSITION STATES
Yoshito Kanamori1 and Seong-Moo Yoo2
1Department of Computer Information Systems, University of Alaska Anchorage, USA
2Electrical and Computer Engineering Department, The University of Alabama in Huntsville, USA

ABSTRACT

This letter proposes a novel key distribution protocol with no key exchange in advance, which is secure as the BB84 quantum key distribution protocol. Our protocol utilizes a photon in superposition state for single-bit data transmission instead of a classical electrical/optical signal. The security of this protocol relies on the fact, that the arbitrary quantum state cannot be cloned, known as the no-cloning theorem. This protocol can be implemented with current technologies.

KEYWORDS

Cryptography, Key Distribution, No Key-Exchange, Quantum Superposition State

Original Source Link : http://airccse.org/journal/nsa/0709s6.pdf
http://airccse.org/journal/current.html

Clustered Hierarchy in Sensor Networks: Performance and Security

Clustered Hierarchy in Sensor Networks: Performance and Security

Mohammed Abuhelaleh, Khaled Elleithy and Thabet Mismar

School of Engineering, University of Bridgeport Bridgeport, CT 06604

ABSTRACT

Many papers have been proposed in order to increase the wireless sensor networks performance; This kind of network has limited resources, where the energy in each sensor came from a small battery that sometime is hard to be replaced or recharged. Transmission energy is the most concern part where the higher energy consumption takes place. Clustered hierarchy has been proposed in many papers; in most cases, it provides the network with better performance than other protocols. In our paper, first we discuss some of techniques, relates to this protocol, that have been proposed for energy efficiency; some of them were proposed to provide the network with more security level. Our proposal then suggests some modifications to some of these techniques to provide the network with more energy saving that should lead to high performance; also we apply our technique on an existing one that proposed to increase the security level of cluster sensor networks.

KEYWORDS

LEACH (Low Energy Adaptive Clustering Hierarchy), Sensor Networks, Network Performance, Routing, SecLEACH (Secure LEACH), Network security, Random KD (Key Distribution)

Original Source Link : http://airccse.org/journal/nsa/0709s5.pdf

http://airccse.org/journal/current.html

EFFECT OF INTER PACKET DELAY IN PERFORMANCE ANALYSIS OF COEXISTENCE HETEROGENEOUS WIRELESS PACKET NETWORKS

EFFECT OF INTER PACKET DELAY IN PERFORMANCE ANALYSIS OF COEXISTENCE HETEROGENEOUS WIRELESS PACKET NETWORKS
G.M.Tamilselvan1 and Dr.A.Shanmugam2
1Department of Electronics and Communication Engineering, Bannariamman Institute of Technology, India
2 Principal, Bannariamman Institute of Technology, Sathyamangalam, Tamilnadu, India

ABSTRACT

As the explosive growth of the ISM band usage continues, there are many scenarios where different systems operate in the same place at the same time. One of growing concerns is the coexistence of heterogeneous wireless network systems. For the successful deployment of mission-critical systems such as wireless sensor networks, it is required to provide a solution for the coexistence. In this paper, we propose a new scheme using inter packet delay for the coexistence of IEEE 802.15.4 LRWPAN and IEEE 802.11b WLAN. To evaluate the effectiveness of the proposed scheme, measurement and simulation study are conducted using Qualnet 4.5 simulation software. The simulation results show that the proposed scheme is effective in performance improvement for coexistence network of IEEE 802.15.4 for varioustopologies.
.
KEYWORDS

Coexistence, Heterogeneous wireless network, IEEE 802.15.4, IEEE 802.11b, Inter packet delay

Original Source Link : http://airccse.org/journal/nsa/0709s4.pdf
http://airccse.org/journal/current.html

DYNAMIC IDP SIGNATURE PROCESSING BY FAST ELIMINATION USING DFA

DYNAMIC IDP SIGNATURE PROCESSING BY FAST ELIMINATION USING DFA
Mohammed Misbahuddin, Sachin Narayanan and Bishwa Ranjan Ghosh
Computer Networks & Internet Engineering Division, Centre for Development of Advanced Computing, India

ABSTRACT

Intrusion Detection & Prevention Systems generally aims at detecting / preventing attacks against Information systems and networks. The basic task of IDPS is to monitor network & system traffic for any malicious packets/patterns and hence to prevent any unwarranted incidents which leads the systems to insecure state. The monitoring is done by checking each packet for its validity against the signatures formulated for identified vulnerabilities. Since, signatures are the heart & soul of an Intrusion Detection and Prevention System (IDPS), we, in this paper, discuss two methodologies we adapted in our research effort to improve the current Intrusion Detection and Prevention (IDP) systems. The first methodology RUDRAA is for formulating, verifying & validating the potential signatures to be used with IDPS. The second methodology DSP-FED is aimed at processing the signatures in less time with our proposed fast elimination method using DFA. The research objectives of this project are 1) To formulate & process potential IPS signatures to be used with Intrusion prevention system. 2) To propose a DFA based approach for signature processing which, upon a pattern match, could process the signatures faster else could eliminate it efficiently if not matched

KEYWORDS

Intrusion Detection / Prevention Systems, Signature Formulation, signature processing, Vulnerability, DFA

Original Source Link : http://airccse.org/journal/nsa/0709s3.pdf
http://airccse.org/journal/current.html

A NEW KEY ESTABLISHMENT SCHEME FOR WIRELESS SENSOR NETWORKS

A NEW KEY ESTABLISHMENT SCHEME FOR WIRELESS SENSOR NETWORKS
Eric Ke Wang, Lucas C.K.Hui and S.M.Yiu
Department of Computer Science, the University of Hong Kong, Hong Kong

ABSTRACT

Traditional key management techniques, such as public key cryptography or key distribution center (e.g., Kerberos), are often not effective for wireless sensor networks for the serious limitations in terms of computational power, energy supply, network bandwidth. In order to balance the security and efficiency, we propose a new scheme by employing LU Composition techniques for mutual authenticated pairwise key establishment and integrating LU Matrix with Elliptic Curve Diffie-Hellman for anonymous pathkey establishment. At the meantime, it is able to achieve efficient group key agreement and management. Analysis shows that the new scheme has better performance and provides authenticity and anonymity for sensor to establish multiple kinds of keys, compared with previous related works.

KEYWORDS

LU matrix composition, Key management, Key establishment, Wireless sensor networks

Original Source Link : http://airccse.org/journal/nsa/0709s2.pdf
http://airccse.org/journal/ijnsa.html

ITERATIVE METHOD FOR IMPROVEMENT OF CODING AND DECRYPTION

ITERATIVE METHOD FOR IMPROVEMENT OF CODING AND DECRYPTION
Natasa Zivic

Institute for Data Communication Systems, University of Siegen, Siegen, Germany

ABSTRACT

Cryptographic check values (digital signatures, MACs and H-MACs) are useful only if they are free of errors. For that reason all of errors in cryptographic check values should be corrected after the transmission over a noisy channel before their verification is performed. Soft Input Decryption is a method of combining SISO convolutional decoding and decrypting of cryptographic check values to improve the correction of errors in themselves. If Soft Input Decryption is successful, i.e. all wrong bit of a cryptographic check value are corrected, these bit are sent as feedback information to the channel decoder for a next iteration. The bit of the next iteration are corrected by channel decoding followed by another Soft Input Decryption. Iterative Soft Input Decryption uses interleaved blocks. If one block can be corrected by Soft Input Decryption, the decoding of the interleaved block is improved (serial scheme). If Soft Input Decryption is applied on both blocks and one of the blocks can be corrected, the corrected block is used for an improved decoding of the other block (parallel scheme). Both schemes show significant coding gains compared to convolutional decoding without iterative Soft Input Decryption.

.
KEYWORDS

Iterations, Decryption, Soft Input, Convolutional Coding, Feedback

Original Source Link : http://airccse.org/journal/nsa/0709s1.pdf

http://airccse.org/journal/current.html

A NEW CLUSTER-BASED WORMHOLE INTRUSION DETECTION ALGORITHM FOR MOBILE AD-HOC NETWORKS

A NEW CLUSTER-BASED WORMHOLE INTRUSION DETECTION ALGORITHM FOR MOBILE AD-HOC NETWORKS

Debdutta Barman Roy, 2Rituparna Chaki, 3Nabendu Chaki
1Calcutta Institute of Engineering and Management, India
2West Bengal University of Technology, Kolkata , India

3University of Calcutta, Kolkata, India

ABSTRACT

In multi-hop wireless systems, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is the wormhole attack, where a malicious node records control traffic at one location and tunnels it to another compromised node, possibly far away, which replays it locally. Routing security in ad hoc networks is often equated with strong and feasible node authentication and lightweight cryptography. Unfortunately, the wormhole attack can hardly be defeated by crypto graphical measures, as wormhole attackers do not create separate packets. They simply replay packets already existing on the network, which pass the cryptographic checks. Existing works on wormhole detection have often focused on detection using specialized hardware, such as directional antennas, etc. In this paper, we present a cluster basedcounter-measure for the wormhole attack, that alleviates these drawbacks and efficiently mitigates the wormhole attack in MANET. Simulation results on MATLab exhibit the effectiveness of the proposed algorithm in detecting wormhole attacks.

KEY WORDS

MANET, Wormhole, Cluster, Guard Node, routing

Original Source Link : http://airccse.org/journal/nsa/0409s5.pdf

http://airccse.org/journal/current.html

A Comparison between Memetic algorithm and Genetic algorithm for the cryptanalysis of Simplified Data Encryption Standard algorithm

A Comparison between Memetic algorithm and Genetic algorithm for the cryptanalysis of Simplified Data Encryption Standard algorithm

Poonam Garg 
Institute of Management Technology, India

Abstract

Genetic algorithms are a population-based Meta heuristics. They have been successfully applied to many optimization problems. However, premature convergence is an inherent characteristic of such classical genetic algorithms that makes them incapable of searching numerous solutions of the problem domain. A memetic algorithm is an extension of the traditional genetic algorithm. It uses a local search technique to reduce the likelihood of the premature convergence. The cryptanalysis of simplified data encryption standard can be formulated as NP-Hard combinatorial problem. In this paper, a comparison between memetic algorithm and genetic algorithm were made in order to investigate the performance for the cryptanalysis on simplified data encryption standard problems(SDES). The methods were tested and various experimental results show that memetic algorithm performs better than the genetic algorithms for such type of NP-Hard combinatorial problem. This paper represents our first effort toward efficient memetic algorithm for the cryptanalysis of SDES.

Keywords 

Simplified data encryption standard, Memetic algorithm, genetic algorithm, Key search space 

Original Source Link : http://airccse.org/journal/nsa/0409s4.pdf

http://airccse.org/journal/current.html

Encryption Quality Analysis and Security Evaluation of CAST-128 Algorithm and its Modified Version using Digital Images

Encryption Quality Analysis and Security Evaluation of CAST-128 Algorithm and its Modified Version using Digital Images 

Krishnamurthy G N,  Dr. V Ramaswamy

Abstract

This paper demonstrates analysis of well known block cipher CAST-128 and its modified version using avalanche criterion and other tests namely encryption quality, correlation coefficient, histogram analysis and key sensitivity tests.

KeyWord

Encryption, Decryption, Avalanche, key sensitivity

Original Source Link : http://airccse.org/journal/nsa/0409s3.pdf

http://airccse.org/journal/current.html

VANET Security and Privacy - An Overview

Marvy B. Mansour1 , Cherif Salama2 , Hoda K. Mohamed3 , Sherif A. Hammad4 1British University in Egypt, Cairo, Egypt 2,3Computer and Systems Engineering Department, Ain Shams University, Cairo, Egypt 4Avelabs, Cairo, Egypt – Munich, Germany 

ABSTRACT 

Even though vehicular ad-hoc networks (VANETs) bring tremendous benefits to society, yet they raise many challenges where the security and privacy concerns are the most critical ones. In this paper, we provide a detailed overview of the state-of-the-art security and privacy requirements in VANET. Also, a brief of the approaches that are proposed in the literature to fulfil these requirements is given in this paper. Besides that, a classification of the various VANET attacks based on the communication system layers is provided in this paper. In addition, the different types of VANET adversaries and attackers are presented here. In general, this paper aims to provide a good piece of information about VANET security and privacy, in order to be used as a tool to help researchers in this field in developing secure privacypreserving approaches for VANET. 

KEYWORDS

Security and Privacy Requirements in VANET, VANET Adversaries and Attackers, VANET Attacks, VANET Security and Privacy Approaches 

For More Details:http://aircconline.com/ijnsa/V10N2/10218ijnsa02.pdf

Unconstrained Endpoint Security System : UEPTSS

Fatema Bannat Wala1,2 and Chase Cotton1 

1Department of Electrical & Computer Engineering, University of Delaware, Newark 

2University of Delaware, Newark, USA 

ABSTRACT

Modern information security management best practices dictate that an enterprise assumes full configuration control of end user computer systems (laptops, deskside computers, etc.). The benefit of this explicit control yields lower support costs since there are less variation of machines, operating systems, and applications to provide support on, but more importantly today, dictating specifically what software, hardware, and security configurations exist on an end user's machine can help reduce the occurrence of infection by malicious software significantly. If the data pertaining to end user systems is organized and catalogued as part of normal information security logging activities, an extended picture of what the end system actually is may be available to the investigator at a moment's notice to enhance incident response and mitigation. The purpose of this research is to provide a way of cataloguing this data by using and augmenting existing tools and open source software deployed in an enterprise network. 

KEYWORDS 

Endpoint security, device fingerprinting, scanning, inventory, BRO IDS, exploit.

For More Details:http://aircconline.com/ijnsa/V10N2/10218ijnsa01.pdf