Thursday, May 31, 2018

THE (IN)SECURITY OF TOPOLOGY DISCOVERY IN OPENFLOW-BASED SOFTWARE DEFINED NETWORK

THE (IN)SECURITY OF TOPOLOGY DISCOVERY IN OPENFLOW-BASED SOFTWARE DEFINED NETWORK
Talal Alharbi, Marius Portmann and Farzaneh Pakzad 
School of ITEE, The University of Queensland, Brisbane, Australia 

ABSTRACT

Networking (SDN) is a new paradigm for configuring, controlling and managing computer networks. In SDN's logically centralized approach to network control, a reliable and accurate view of the network topology is absolutely essential. Most SDN controllers use a de-facto standard topology discovery mechanism based on OpenFlow to identify active links in the network. This paper evaluates the security, or rather lack thereof, of the current SDN topology discovery mechanism. We discuss and demonstrate its vulnerability to a simple link spoofing attack, which allows an attacker to poison the topology view of the controller. The feasibility of the attack is verified and demonstrated via experiments, and its impact on higher layer services is evaluated, via the example of shortest path routing. The paper finally discusses countermeasures, and implements and evaluates the most promising one.

KEYWORDS

Software Defined Network, Topology discovery, Security, POX 

at No comments:

Wednesday, May 30, 2018

Advanced Security Management in Metro Ethernet Networks

Advanced Security Management in Metro Ethernet Networks
Ammar Rayes
Cisco Systems, San Jose, CA 95134, U.S.A.

Abstract

With the rapid increase in bandwidth and the introduction of advanced IP services including voice, high-speed internet access, and video/IPTV, consumers are more vulnerable to malicious users than ever. In recent years,  roviding safe and sound networks and services have been the zenith priority for service providers and network carriers alike. Users are hesitant to subscribe to new services unless service providers guarantee secure connections. More importantly, government agencies of many countries have introduced legislations requiring service providers to keep track and records of owners of IP and MAC addresses at all time.  In this paper, we first present an overview of Metro Ethernet (or Ethernet-To-The-Home/Business (ETTx)) and compare with various IP broadband access technologies including DSL, wireless and cable. We then outline major security concerns for Metro Ethernet networks including network and subscriber/end user security. Next we introduce state-of-the-art algorithms to prevent attackers from stealing any IP or MAC addresses. Our proposal is to use network management in conjunction with hardware features for security management to provide a secure and spoofing-free ETTx network. The key idea behind our proposal is to utilize network management to enforce strict (port, MAC, IP) binding in the access network to provide subscriber security. The paper then proposes an adaptive policy-based security controller to quickly identify suspected malicious users, temporarily isolate them without disconnecting them from the network or validating their contracts, and then carry the required analysis. The proposed controller identifies malicious users without compromising between accurate but lengthy traffic analysis and premature decision. It also provides the ability to make granular corrective actions that are adaptive to any defined network condition.

Keywords: 

Internet Security, Network Management, Network Security Management

at No comments:

Tuesday, May 29, 2018

WEAKNESS ON CRYPTOGRAPHIC SCHEMES BASED ON REGULAR LDPC CODES

WEAKNESS ON CRYPTOGRAPHIC SCHEMES BASED ON REGULAR LDPC CODES
Omessaad Hamdi1 , Manel abdelhedi2, Ammar Bouallegue2, Sami Harari3
1 SYSTEL, SUPCOM, Tunisia
2 SYSCOM, ENIT, Tunisia 
3 SIS, USTV, France 

ABSTRACT

We propose a method to recover the structure of a randomly permuted chained code and how to cryptanalyse cryptographic schemes based on these kinds of error coding. As application of these methods is a cryptographic schema using regular Low Density Parity Check (LDPC) Codes. This result prohibits the use of chained code and particularly regular LDPC codes on cryptography

KEYWORDS:

Cryptography, Chained Codes, LDPC Codes, Attack, Complexity.


at No comments:

Sunday, May 27, 2018

STEGANALYSIS ALGORITHMS FOR DETECTING THE HIDDEN INFORMATION IN IMAGE, AUDIO AND VIDEO COVER MEDIA

Natarajan Meghanathan and Lopamudra Nayak 
Jackson State University, 1400 Lynch St, Jackson, MS, USA 

ABSTRACT

Recently, there has been a lot of interest in the fields of Steganography and Steganalysis. Steganographyn involves hiding information in a cover (carrier) media to obtain the stego media, in such a way that the cover media is perceived not to have any embedded message for its unintended recipients. Steganalysis is the mechanism of detecting the presence of hidden information in the stego media and it can lead to the prevention of disastrous security incidents. In this paper, we provide a critical review of the steganalysis algorithms available to analyze the characteristics of an image, audio or video stego media vis-à-vis the corresponding cover media (without the hidden information) and understand the process of embedding the information and its detection. It is noteworthy that each of these cover media has different special attributes that are altered by a steganography algorithm in such a way that the changes are not perceivable for the unintended recipients; but, the changes are identifiable using appropriate steganlysis algorithms. We anticipate that this paper can also give a clear picture of the current trends in
steganography so that we can develop and improvise appropriate steganlysis algorithms.

KEYWORDS

 Steganography, Steganalysis, Image, Audio, Video, Cover Media








at No comments:

Thursday, May 24, 2018

WORKLOAD CHARACTERIZATION OF SPAM EMAIL FILTERING SYSTEMS

WORKLOAD CHARACTERIZATION OF SPAM EMAIL FILTERING SYSTEMS
Yan Luo

Department of Electrical and Computer Engineering, University of Massachusetts Lowell, Massachusetts, USA 

ABSTRACT

Email systems have suffered from degraded quality of service due to rampant spam, phishing and fraudulent emails. This is partly because the classification speed of email filtering systems falls far behind the requirements of email service providers. We are motivated to address this issue from the perspective of computer architecture support. In this paper, as the first step towards novel architecture designs, we present extensive performance data collected from measurement and profiling experiments using representative email filtering systems including CRM114, DSPAM, SpamAssassin and TREC Bogofilter. We provide detailed analysis of the time consuming functions in the systems under study. We also show how the processor architecture parameters affect the performance of these email filters through simulation experiments. 

KEYWORDS

Workload Characterization, Email Filtering, Anti-Spam

at No comments:

Tuesday, May 22, 2018

A Frame Work for Ontological Privacy Preserved Mining

A Frame Work for Ontological Privacy Preserved Mining
Geetha Mary. A and Sriman Narayana Iyengar. N.Ch.
School of Computing Science and Engineering, VIT University,Vellore-632014,Tamilnadu, INDIA

Abstract

Data Mining analyses the stocked data and helps in foretelling the future trends. There are different techniques by which data can be mined. These different techniques reveal different types of hidden knowledge. Using the right procedure of technique result specific patterns emerge. Ontology is a specification of conceptualization. It is a description of concepts and relationships that can exist for an agent or a community of agents. To make software more user-friendly, ontology could be used to explain both the technical and domain details. In the process of analyzing a data certain important details cannot be revealed, therefore security is the most important feature dealt in all technologies and work places.  Data mining and Ontology techniques when integrated would capitulate an efficient system capable of selecting the appropriate algorithm for a data mining technique and privacy preserving techniques also by exploring the domain knowledge using ontology.

Keywords:

Ontology, Data mining, Knowledge Discovery in Databases and Privacy Preserving Data Mining

at No comments:

Monday, May 21, 2018

DYNAMIC NEURAL NETWORKS IN THE DETECTION OF DISTRIBUTED ATTACKS IN MOBILE AD-HOC NETWORKS

DYNAMIC NEURAL NETWORKS IN THE DETECTION OF DISTRIBUTED ATTACKS IN MOBILE AD-HOC NETWORKS
James Cannady
Graduate School of Computer and Information Sciences, Nova Southeastern University, Fort Lauderdale, FL, USA 

ABSTRACT

This paper describes the latest results of a research program that is designed to enhance the security of wireless mobile ad hoc networks (MANET) by developing a distributed intrusion detection capability. The current approach uses learning vector quantization neural networks that have the ability to identify patterns of network attacks in a distributed manner. This capability enables this approach to demonstrate a distributed analysis functionality that facilitates the detection of complex attacks against MANETs. The results of the evaluation of the approach and a discussion of additional areas of research is presented. 

KEYWORDS

Mobile ad-hoc networks, intrusion detection, neural networks

at No comments:

Friday, May 18, 2018

APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION

APPLICATION SPECIFIC USAGE CONTROL IMPLEMENTATION VERIFICATION
 Rajkumar P.V.1 , S.K.Ghosh2  and Pallab Dasgupta3
1School of IT, Indian Institute of Technology-Kharagpur, India 
2 School of IT, Indian Institute of Technology-Kharagpur, India
3Department of CSE, Indian Institute of Technology-Kharagpur, India 

ABSTRACT

Usage control is a comprehensive access control model developed to cater the security needs of the wide range of applications. Formal specification of the core usage control models and their expressivity, decidability of safety properties are explored recently. They help us to understand the usability and safety of the model. However, security of the usage control in the practical applications depends on the safety of the model as well as its correct implementation in the application. This paper presents an approach to verify the correctness of the usage control implementation using a semi- formal property verification tool. We also provide an illustrative case study. 

KEYWORDS

Usage Control, Software Implementation, Integrated Verification. 


at No comments:

Thursday, May 17, 2018

Securing AODV for MANETs using Message Digest with Secret Key

Securing AODV for MANETs using Message Digest with Secret Key
Mr. Kamaljit Lakhtaria1 ,Prof. Bhaskar N. Patel2, Mr. Satish G. Prajapati3, Dr. N. N. Jani4
1 (Ph.D. Research Scholar), Lecturer, MCA Department, Atmiya Institute of Technology & Science, India, 
2Head of Department, Computer & Information Technology Department, B.S.Patel Polyetchnic, Gujarat, India
3Lecturer, Computer Department, B.S.Patel Polyetchnic, Ganpat Vidyanagar, Gujarat, India
4Director, Kadi Vishvadiva Vidyalaya (Deemed University), S K Patel Institute of Management & Computer Science, Gandhinagar, India

Abstract

Due to lack of the infrastructure, open peer-to-peer architecture, shared wireless medium, limited resource constraints and highly dynamic topology, MANETs (Mobile Adhoc Networks) are frequently established in insecure environments, which make them more vulnerable to attacks. These attacks are initiated by sharing malicious nodes against different services of network. The binding force in these networks is routing protocol, which is a common target of malicious nodes. MANETs routing protocols are being developed without having security in mind. Ad-hoc On-Demand Distance Vector (AODV) is one such widely used routing protocol that is at present undergo extensive research and development. AODVis based on distance vector routing, but here the updates are shared not on a periodic basis but on an as per demand basis. The control packets contain a hop-count and sequence number field which recognizes the freshness of routing. These fields are editable, so it creates a possible susceptibility that is frequently abused by malicious nodes to advertise false better routes. As well as, transmission of routing updates in form of clear text also reveals crucial information about the network topology, which is again a probable security danger. In this paper we are presenting a novel and practical security mechanism for securing the AODV routing protocol that protects against a number of attacks carried out in MANETs. We will present message digest with secret key mechanism to secure AODV messages, which is very effective, and less power consuming security solution for MANETs. 

Keywords

Security, Routing Protocol, Message Digest, Mechanism, Malicious, Secret Key




at No comments:

Tuesday, May 15, 2018

A SECURITY FRAMEWORK FOR SOA APPLICATIONS IN MOBILE ENVIRONMENT

A SECURITY FRAMEWORK FOR SOA APPLICATIONS IN MOBILE ENVIRONMENT
Johnneth Fonseca, Zair Abdelouahab, Denivaldo Lopes and Sofiane Labidi

Federal University of Maranhão, CCET/DEEE Av. Dos portugueses, Campus do Bacanga, São Luis – MA 65080-040

ABSTRACT

A Rapid evolution of mobile technologies has led to the development of more sophisticated mobile devices with better storage, processing and transmission power. These factors enable support to many types of application but also give rise to a necessity to find a model of service development. Actually, SOA (Service Oriented Architecture) is a good option to support application development. This paper presents a framework that allows the development of SOA based application in mobile environment. The objective of the framework is to give developers with tools for provision of services in this environment with the necessary security characteristics.

KEYWORDS

SOA, Security, Framework, Mobile devices 

at No comments:

Sunday, May 13, 2018

SECURITY PROPERTIES IN AN OPEN PEER-TO-PEER NETWORK
Jean-François Lalande, David Rodriguez, Christian Toinard
Laboratoire d’Informatique Fondamentale d’Orléans
Université d’Orléans – Ensi de Bourges, 88 Bd Lahitolle, 18000 Bourges, France

Abstract

This paper proposes to address new requirements of confidentiality, integrity and availability properties fitting to peer-to-peer domains of resources. The enforcement of security properties in an open peer-topeer network remains an open problem as the literature have mainly proposed contribution on availability of resources and anonymity of users. That paper proposes a novel architecture that eases the administration of a peer-to-peer network. It considers a network of safe peer-to-peer clients in the sense that it is a commune client software that is shared by all the participants to cope with the sharing of various resources associated with different security requirements. However, our proposal deals with possible malicious peers that attempt to compromise the requested security properties. Despite the safety of an open peer-to-peer network cannot be formally guaranteed, since a end user has privileges on the target host, our solution provides several advanced security enforcement. First, it enables to formally define the requested security properties of the various shared resources. Second, it evaluates the trust and the reputation of the requesting peer by sending challenges that test the fairness of its peer-to-peer security policy. Moreover, it proposes an advanced Mandatory Access Control that enforces the required peer-to-peer security properties through an automatic projection of the requested properties onto SELinux policies. Thus, the SELinux system of the requesting peer is automatically configured with respect to the required peer-to-peer security properties. That solution prevents from a malicious peer that could use ordinary applications such as a video reader to access confidential files such as a video requesting fee paying. Since the malicious peer could try to abuse the system, SELinux challenges and traces are also used to evaluate the fairness of the requester. That paper ends with different research perspectives such as a dedicated MAC system for the peer-to-peer client and honeypots for testing the security of the proposed peer-to-peer infrastructure.

KEYWORDS

Peer-to-peer, security properties, SELinux


at No comments:

Wednesday, May 9, 2018

PERFORMANCE EVALUATION OF A NEW ROUTE OPTIMIZATION TECHNIQUE FOR MOBILE IP

PERFORMANCE EVALUATION OF A NEW ROUTE OPTIMIZATION TECHNIQUE FOR MOBILE IP
Moheb r. Girgis1, Tarek m. Mahmoud1, Youssef s. Takroni1 and hassan s. Hassan1
1Computer Science Department, Minia University, El- Minia,61519, Egypt.

ABSTRACT

Mobile ip (mip) is an internet protocol that allows mobile nodes to have continuous network connectivity to the internet without changing their ip addresses while moving to other networks. The packets sent from correspondent node (cn) to a mobile node (mn) go first through the mobile node’s home agent (ha), then the ha tunnels them to the mn’s foreign network. One of the main problems in the original mip is the triangle routing problem. Triangle routing problem appears when the indirect path between cn and mn through the ha is longer than the direct path. This paper proposes a new technique to improve the performance of the original mip during the handoff. The proposed technique reduces the delay, the packet loss and the registration time for all the packets transferred between the cn and the mn. In this technique, tunneling occurs at two levels above the ha in a hierarchical network. To show the effectiveness of the proposed technique, it is compared with the original mip and another technique for solving the same problem in which tunneling occurs at one level above the ha. Simulation results presented in this paper are based on the ns2 mobility software on linux platform. The simulations results show that our proposed technique achieves better performance than the others, considering the packet delay, the packet losses during handoffs and the registration time, in different scenarios for the location of the mn with respect to the ha and fas.

KEYWORDS

Mobile IP; Tunneling, Route Optimization; Triangle Routing; Handoff Delay; Packet Loss; Registration Time.


at No comments:
DATA SECURITY IN MOBILE DEVICES BY GEO LOCKING
M Prabu Kumar1 and K Praneesh Kumar Yadav2
1Asst.Professor, School of Computing Sciences, VIT University, India
2Graduate Student, School of Computing Sciences, VIT University, India

ABSTRACT

In this paper we present a way of hiding the data in mobile devices from being compromised. We use two level data hiding technique, where in its first level data is encrypted and stored in special records and the second level being a typical password protection scheme. The second level is for secure access of information from the device. In the first level, encryption of the data is done using the location coordinates as key. Location Coordinates are rounded up figures of longitude and latitude information. In the second phase the password entry differs from conventional schemes. Here we have used the patterns of traditional Rangoli for specifying the password and gaining access, thus minimising the chances of data leak in hostile situations. The proposed structure would be a better trade off in comparison with the previous models which use Bio Metric authentication – a relatively costly way of
authentication.

KEYWORDS

Rangoli, Encryption, Decryption, Transposition Cipher, Location Coordinates, Latitudes, Longitudes

at No comments:

Tuesday, May 8, 2018

PSIM: A TOOL FOR ANALYSIS OF DEVICE PAIRING METHODS

PSIM: A TOOL FOR ANALYSIS OF DEVICE PAIRING METHODS
Yasir Arfat Malkani and Lachhman Das Dhomeja
Department of Informatics, University of Sussex, Brighton, UK

ABSTRACT

Wireless networks are a common place nowadays and almost all of the modern devices support wireless communication in some form. These networks differ from more traditional computing systems due to the ad-hoc and spontaneous nature of interactions among devices. These systems are prone to security risks, such as eavesdropping and require different techniques as compared to traditional security mechanisms. Recently, secure device pairing in wireless environments has got substantial attention from many researchers. As a result, a significant set of techniques and protocols have been proposed to deal with this issue. Some of these techniques consider devices equipped with infrared, laser, ultrasound transceivers or 802.11 network interface cards; while others require embedded accelerometers, cameras and/or LEDs, displays, microphones and/or speakers. However, many of the proposed techniques or protocols have not been implemented at all; while others are implemented and evaluated in a stand-alone manner without being compared with other related work [1]. We believe that it is because of the lack of specialized tools that provide a common platform to test the pairing methods. As a consequence, we designed such a tool. In this paper, we are presenting design and development of the Pairing Simulator (PSim) that can be used to perform the analysis of device pairing methods.

KEYWORDS

Security, Usability, Device Association, Simulation, Standard

at No comments:

Monday, May 7, 2018

CRYPTANALYSIS OF A MORE EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUTHENTICATION SCHEME

CRYPTANALYSIS OF A MORE EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUTHENTICATION SCHEME
Mohammed Aijaz Ahmed1, D. Rajya Lakshmi2 and Sayed Abdul Sattar3
1Department of Computer Science and Engineering, GITAM University, Vishakapatnam
2Department of Information Technology, GITAM University, Vishakapatnam
3Department of Computer Science and Engineering, J.N.T. University, Hyderabad

ABSTRACT

In 2004, Das, Saxena and Gulati proposed a dynamic ID-based remote user authentication scheme which has many advantage such as no verifier table, user freedom to choose and change password and so on. However the subsequent papers have shown that this scheme is completely insecure and vulnerable to many attacks. Since then many schemes with improvements to Das et al’s scheme has been proposed but each has its pros and cons. Recently Yan-yan Wang et al. have proposed a scheme to overcome security weaknesses of Das et al.’s scheme. However this scheme too is vulnerable to various security attacks such as password guessing attack, masquerading attack, denial of service attack.

KEYWORDS

Password, Authentication, Smartcard, Remote User, Masquerade Attack


at No comments:

Friday, May 4, 2018

Agent Based Trust Management Model Based on Weight Value Model for Online Auctions

Agent Based Trust Management Model Based on Weight Value Model for Online Auctions
E.Sathiyamoorthy, N.Ch.Sriman Narayana Iyenger & V.Ramachandran
School of Computing Sciences, VIT University,Vellore-632014 (Tamilnadu), INDIA
Vice-Chancellor, Anna University , Trichy-620 024 (Tamil Nadu), , INDIA

Abstract

This paper is aimed at the stipulations which arise in the traditional online auctions as a result of various anomalies in the reputation and trust calculation mechanism. We try to improve the scalability and efficiency of the online auctions by providing efficient trust management methodology considering several factors into consideration. A comparison between the performance of the auctions system with and without the agent methodology is done with good results.

Keywords

Agent Technology, JADE, Optimal Price, Trust Management 



at No comments:

Thursday, May 3, 2018

INTEGRATING IDENTITY-BASED CRYPTOGRAPHY IN IMS SERVICE AUTHENTICATION

INTEGRATING IDENTITY-BASED CRYPTOGRAPHY IN IMS SERVICE AUTHENTICATION
Mohamed Abid1, Songbo Song2, Hassnaa Moustafa2 and Hossam Afifi1
1Telecom & Management SudParis ,Evry, France
2Telecom R&D (Orange Labs), Issy Les Moulineaux, France

ABSTRACT

Nowadays, the IP Multimedia Subsystem (IMS) is a promising research field. Many ongoing works related to the security and the performances of its employment are presented to the research community. Although, the security and data privacy aspects are very important in the IMS global objectives, they observe little attention so far. Secure access to multimedia services is based on SIP and HTTP digest on top of IMS architecture. The standard deploys AKA-MD5 for the terminal authentication. The third Generation Partnership Project (3GPP) provided Generic Bootstrapping Architecture (GBA) to authenticate the subscriber before accessing multimedia services over HTTP. In this paper, we propose a new IMS Service Authentication scheme using Identity Based cryptography (IBC). This new scheme will lead to better performances when there are simultaneous authentication requests using Identity-based Batch Verification. We analyzed the security of our new protocol and we presented a performance evaluation of its cryptographic operations.

KEYWORDS

IP Multimedia Subsystem (IMS), Identity Based Cryptography (IBC), Service Authentication, Batch Verification


at No comments:

Wednesday, May 2, 2018

Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction and Integration

Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction and Integration
Alan Mink, Sheila Frankel and Ray Perlner 
National Institute of Standards and Technology (NIST)

ABSTRACT

We present an overview of quantum key distribution (QKD), a secure key exchange method based on the quantum laws of physics rather than computational complexity. We also provide an overview of the two most widely used commodity security protocols, IPsec and TLS. Pursuing a key exchange model, we propose how QKD could be integrated into these security applications. For such a QKD integration we propose a support layer that provides a set of common QKD services between the QKD protocol and the security applications.

KEYWORDS

Quantum Key Distribution, Quantum Networks, IPsec, TLS, Network Security Protocols

Original Source Link : http://airccse.org/journal/nsa/0709s9.pdf
http://airccse.org/journal/current.html
at No comments:
Subscribe to: Posts (Atom)

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)...