Tuesday, July 31, 2018

MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWARE

MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWARE
Abdurrahman Pektaş1, Elif Nurdan Pektaş2 and Tankut Acarman1
1Department of Computer Engineering, Galatasaray University, İstanbul, Turkey
2Siemens Turkey, Yakack Caddesi No: 111, 34870 Kartal, Istanbul, Turkey

ABSTRACT

In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152 malware samples belonging to 16 families and 523 benign samples.

KEYWORDS

Android, Malware, Frequent Sequence Mining, Behavioural Pattern, API Calls, Dynamic Analysis

at No comments:

Current Issue

July 2018, Volume 10, Number 4

Mining Patterns of Sequential Malicious APIs to Detect Malware
Abdurrahman Pektas1, Elif Nurdan Pektas2 and Tankut Acarman1, 1Galatasaray University, Turkey and 2Siemens - Turkey, Turkey
http://aircconline.com/ijnsa/V10N4/10418ijnsa01.pdf

A Method for Encrypting and Decrypting Wave Files
Mohamad M. Al-laham, Mohamad a. Mai'iteh, Hasan Rashaideh and Ziad Al-Qadi, Al-Balqa Applied University, Jordan
http://aircconline.com/ijnsa/V10N4/10418ijnsa02.pdf

http://airccse.org/journal/jnsa18_current.html
at No comments:

Monday, July 30, 2018

A (2, N) VISUAL CRYPTOGRAPHIC TECHNIQUE FOR BANKING APPLICATIONS

A (2, N) VISUAL CRYPTOGRAPHIC TECHNIQUE FOR BANKING APPLICATIONS
Jayanta Kumar Pal1, J. K. Mandal2 and Kousik Dasgupta3
1Department of Computer Science and Engineering, Kalyani Government Engineering College, Kalyani-741235, West Bengal, India
2 Department of Computer Science and Engineering, University of Kalyani,Kalyani-741235, West Bengal, India
3 Department of Computer Science and Engineering, Kalyani Government Engineering College, Kalyani-741235, West Bengal, India

ABSTRACT

In this paper a novel (2, n) visual cryptographic scheme has been proposed which may be useful in banking operations in the “either or survivor” mode where n is the number of generated shares, from which n-1 is the number of account holders in an account and one share should be kept to the bank authority. In this technique one account holder should stack his/her share with the share of the bank authority and the secret image for user authentication will be revealed. In this technique two consecutive pixels are taken as the one time input for the share generation process. This technique generates shares with less space overhead compared to existing techniques and may provide better security. It is also easy to implement like other techniques of visual cryptography.

KEYWORDS

(2, n) Visual cryptography, Share 

at No comments:
EFFICIENT AND SECURE DYNAMIC ID-BASED REMOTE USER AUTHENTICATION SCHEME WITH SESSION KEY AGREEMENT FOR MULTI-SERVER ENVIRONMENT

Rafael Martínez-Peláez1, 2, Francisco Rico-Novella1, Cristina Satizábal3 and Jacek Pomykała4 
1Telematic Engineering Department, Technical University of Catalonia 
2Licenciatura en Informatica, Universidad de la Sierra Sur
3Division de Estudios de Postgrado, Universidad de la Sierra Sur
4Faculty of Mathematics, Informatics and Mechanics, Warsaw University

ABSTRACT

In 2007, Liao-Wang proposed a dynamic ID-based remote user authentication scheme for multi-server environment using smart cards. However, Hsiang-Shih demonstrated that Liao-Wang’s scheme has security flaws. Moreover, Hsiang-Shih proposed an improvement scheme which resolves the securityflaws of Liao-Wang scheme. In this paper, we propose an enhanced remote user authentication scheme  which maintains the merits of Hsiang-Shih’s scheme. Performance evaluation demonstrated the efficiency of the proposed scheme over related works. Security analysis proved that the proposed scheme is secure against known attacks.

KEYWORDS

Low-cost Cryptography, Multi-server, Mutual Authentication, Secure Communication, Smart-card

Original Source Link : http://airccse.org/journal/nsa/1010ijnsa09.pdf
http://airccse.org/journal/jnsa10_current.html
at No comments:

Friday, July 27, 2018

A DISTRIBUTED TRUST MANAGEMENT FRAMEWORK FOR DETECTING MALICIOUS PACKET DROPPING NODES IN A MOBILE AD HOC NETWORK

A DISTRIBUTED TRUST MANAGEMENT FRAMEWORK FOR DETECTING MALICIOUS PACKET DROPPING NODES IN A MOBILE AD HOC NETWORK
Jaydip Sen
Innovation Lab, Tata Consultancy Services Ltd.,
Bengal Intelligent Park, Salt Lake Electronic Complex, Kolkata India

ABSTRACT

In a multi-hop mobile ad hoc network (MANET) mobile nodes communicate with each other forming a cooperative radio network. Security remains a major challenge for these networks due to their features of open medium, dynamically changing topologies, reliance on cooperative algorithms, absence of centralized monitoring points, and lack of any clear lines of defense. Most of the currently existingsecurity algorithms designed for these networks are insecure, in efficient, and have low detection accuracy for nodes’ misbehaviour. In this paper, a new approach has been proposed to bring out the complementary relationship between key distribution and misbehaviour detection for developing an integrated security solution for MANETs. The redundancy of routing inform ation in ad hoc networks is utilized to develop a highly reliable protocol that works even in presence of transient network partitioning and Byzantine failure of nodes. The proposed mechanism is fully co-operative, and thus it is more robust as the vulnerabilities of the election algorithms used for choosing the subset of nodes for cooperation are absent. Simulation results show the effectiveness of the proposed protocol. 

KEYWORDS

Mobile ad hoc network (MANET), Trust, Reputation, Controlled flooding, Malicious packet dropping,Node misbehaviour. 

at No comments:

Thursday, July 26, 2018

EFFECT OF HASH FUNCTION ON PERFORMANCE OF LOW POWER WAKE UP RECEIVER FOR WIRELESS SENSOR NETWORK

EFFECT OF HASH FUNCTION ON PERFORMANCE OF LOW POWER WAKE UP RECEIVER FOR WIRELESS SENSOR NETWORK
Vikas Kumar1 and Rajender Kumar2 
Member IEEE Electronics & Communication Engineering Department, NIT kurukshetra

ABSTRACT

Next generation network will consist of different types of wireless networks like WSN, Wi-Fi, WiMAX, UMTS, LTE and etc. Wireless Sensor Network (WSN) finds unique and special application as compared to the said networks because sensors are deployed in a very secret, awkward and hostile environment like battle field etc. Various wireless sensor nodes are interconnected and form a Wireless Sensor Network. Sensor nodes once deployed in a region, can’t be repaired thus the power system deployed in the nodes becomes a major key issue i.e. how long its battery life can be utilised. Another major issue of WSN is to have a more secured network which is a function of hash keys. Increase usage of hash key means enhanced security but at the cost of power and area. Sensor systems must utilize the minimal possible energy while operating over secured and wide range of operating scenarios. In this paper, we have proposed a novel ID matching mechanism that uses a Bloom filter to realize wake-up wireless communication. Paper uses hash function for uniquely recognizing particular sensor- node- cluster among all clusters. Paper also shows the effect of number of hash functions on performance of wireless sensor node. The design and implementation of a wireless wake-up receiver module simulation reveals that proposed model consume 724nW dynamic power and with bloom filter, the proposed model consumes dynamic power 85% less than the consumption cited in “Takiguchi” model[1]. Dynamic power is further reduced by 10% when parallel processing is implemented. Finally paper provides a novel approach to save the dynamic power and subsequently increases the battery life of wireless sensor node and network as a whole.

KEYWORDS

Wireless sensor network (WSN), Low power, VLSI, Wake up receiver, Bloom filter 

at No comments:

Wednesday, July 25, 2018

Security in Wireless Sensor Networks: Key Management Module in SOOAWSN

Security in Wireless Sensor Networks: Key Management Module in SOOAWSN 
Mohammed A. Abuhelaleh and Khaled M. Elleithy
School of Engineering University Of Bridgeport, Bridgeport, USA

ABSTRACT

Due to high restrictions in wireless sensor networks, where the resources are limited, clustering protocols for routing organization have been proposed in much research for increasing system throughput, decreasing system delay and saving energy. Even these algorithms have proposed some levels of security, but because of their dynamic nature of communication, most of their security solutions are not suitable. In this paper we focus on how to achieve the highest possible level of security by applying new keymanagement technique that can be used during wireless sensor networks communications. For our  proposal to be more effective and applicable to a large number of wireless sensor networks applications, we work on a special kind of architecture that have been proposed to cluster hierarchy of wireless sensor networks and we pick one of the most interesting protocols that have been proposed for this kind of architecture, which is LEACH. This proposal is a module of a complete solution that we are developing to cover all the aspects of wireless sensor networks communication which is labeled Secure Object Oriented Architecture for Wireless Sensor Networks (SOOAWSN) .

KEYWORDS

LEACH (Low Energy Adaptive Clustering Hierarchy), Sensor Networks, Network Performance, Routing, Sec-LEACH (Secure LEACH), Network security, Random KD (Key Distribution), MultiGeneration Keys. 

at No comments:

Tuesday, July 24, 2018

EVALUATING GALOIS COUNTER MODE IN LINK LAYER SECURITY ARCHITECTURE FOR WIRELESS SENSOR NETWORKS

EVALUATING GALOIS COUNTER MODE IN LINK LAYER SECURITY ARCHITECTURE FOR WIRELESS SENSOR NETWORKS
Vivaksha Jariwala1 and Dr. D. C. Jinwala2
1Department of Computer Engineering, C. K. Pithawalla College of Engineering and Technology, Surat, India
2Department of Computer Engineering, S. V. National Institute of Technology, Surat, India

ABSTRACT

Due to the severe resource constraints in the Wireless Sensor Networks (WSNs), the security protocols therein, should be designed to optimize the performance maximally. On the other hand a block cipher and the mode of operation in which it operates, play a vital role in determining the overall efficiency of a security protocol. In addition, when an application demands confidentiality and message integrity, the overall efficiency of a security protocol can be improved by using the Authenticated Encryption (AE) block cipher mode of operation as compared to the conventional sequential encryption and authentication. Amongst the AE block cipher modes, the Galois Counter mode (GCM) is the latest recommended AE mode by the NIST. In this paper, we attempt at evaluating the performance of the GCM mode in the link layer security protocol for a WSN viz. TinySec and compare it with the default conventional block cipher modes of operation used therein. To the best of our knowledge ours is the first experimental evaluation of Galois Counter Mode with Advanced Encryption Standard Cipher at the link layer security architecture for WSNs. 

KEYWORDS

Wireless Sensor Networks, Link Layer Security, Block Cipher, Encryption, Authentication, Galois Counter Mode.


at No comments:

Monday, July 23, 2018

Call for Paper - International Journal of Network Security & Its Applications (IJNSA)

International Journal of Network Security & Its Applications (IJNSA)
--- UGC Listed, ERA Indexed----
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
                 
Scope & Topics
  
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.

Topics of Interest include, but are not limited to, the following:

Network and Wireless Network Security
Mobile, Ad Hoc and Sensor Network Security
Peer-to-Peer Network Security
Database and System Security
Intrusion Detection and Prevention
Internet Security & Applications
Security & Network Management
E-mail security, Spam, Phishing, E-mail fraud
Virus, worms, Trojan Protection
Security threats & countermeasures (DDoS, MiM, Session Hijacking, Replay attack etc,)
Ubiquitous Computing Security
Web 2.0 security
Cryptographic protocols
Performance Evaluations of Protocols & Security Application

 Paper submission

Authors are invited to submit papers for this journal through e-mail ijnsa@airccse.org  Submissions must be original and should not have been published previously or be under consideration for publication while being evaluated for this Journal.

Important Dates

Submission Deadline :August 04, 2018
Notification : September 04, 2018
Final Manuscript Due : September 12, 2018
Publication Date : Determined by the Editor-in-Chief


For other details please visit http://airccse.org/journal/ijnsa.html

at No comments:

Thursday, July 19, 2018

VERIFICATION OF QUANTUM CRYPTOGRAPHY PROTOCOLS BY MODEL CHECKING 

Mohamed Elboukhari1 , Mostafa Azizi2 and Abdelmalek Azizi1,3 
1 dept. Mathematics & Computer Science, FSO, University Mohamed Ist, Morocco 
2 dept. Applied Engineering, ESTO, University Mohamed Ist, Oujda, Morocco  
3Academy Hassan II of Sciences & Technology, Rabat, Morocco 

ABSTRACT 

Unlike classical cryptography which is based on mathematical functions, Quantum Cryptography or Quantum Key Distribution (QKD) exploits the laws of quantum physics to offer unconditionally secure communication. The progress of research in this field allows the anticipation of QKD to be available outside of laboratories within the next few years and efforts are made to improve the performance and reliability of the implemented technologies. But despite this big progress, several challenges remain. For example the task of how to test the devices of QKD did not yet receive enough attention. These apparatuses become heterogeneous, complex and so demand a big verification effort. In this paper we propose to study quantum cryptography protocols by applying the technique of probabilistic model checking. Using PRISM tool, we analyze the security of BB84 protocol and we are focused on the specific security property of eavesdropper's information gain on the key derived from the implementation of this protocol. We show that this property is affected by the parameters of the eavesdropper’s power and the quantum channel.

KEYWORDS 

Quantum Cryptography, Model Checking, BB84 Protocol, Verification

Original Source URL:  http://airccse.org/journal/nsa/1010ijnsa04.pdf
http://airccse.org/journal/jnsa10_current.html





at No comments:

Wednesday, July 18, 2018

EFFICIENT DIGITAL ENCRYPTION ALGORITHM BASED ON MATRIX SCRAMBLING TECHNIQUE

EFFICIENT DIGITAL ENCRYPTION ALGORITHM BASED ON MATRIX SCRAMBLING TECHNIQUE
M. Kiran Kumar1, S. Mukthyar Azam1, Shaik Rasool2
1Dept. of Computer Science & Engg, R.V.R & J.C College of Engg, Guntur, India
1Dept. of Research & Development, Synfosys, Hyderabad, India
2Dept. of Computer Science & Engg, S.C.E.T., Hyderabad, India

ABSTRACT

This paper puts forward a safe mechanism of data transmission to tackle the security problem of information which is transmitted in Internet. We propose a new technique on matrix scrambling which is based on random function, shifting and reversing techniques of circular queue. We give statistical analysis, sequence random analysis, and sensitivity analysis to plaintext and key on the proposed scheme. The experimental results show that the new scheme has a very fast encryption speed and the key space is expanded and it can resist all kinds of cryptanalytic, statistical attacks, and especially, our new method can be also used to solve the problem that is easily exposed to chosen plaintext attack. We give our detailed report to this algorithm, and reveal the characteristic of this algorithm by utilizing an example.

KEYWORDS

Cipher text, Encryption, Decryption, Random Number Generator, Circular queue. 


at No comments:

Tuesday, July 17, 2018

SECURING DATA TRANSFER IN THE CLOUD THROUGH INTRODUCING IDENTIFICATION PACKET AND UDT -AUTHENTICATION OPTION FIELD: A CHARACTERIZATION

SECURING DATA TRANSFER IN THE CLOUD THROUGH INTRODUCING IDENTIFICATION PACKET AND UDT -AUTHENTICATION OPTION FIELD: A CHARACTERIZATION
Danilo Valeros Bernardo1 and Doan B Hoang2
1i-NEXT, Faculty of Engineering and Information Technology,The University of Technology- Sydney
2 i-NEXT, Faculty of Engineering and Information Technology,The University of Technology- Sydney

ABSTRACT

The emergence of various technologies has since pushed researchers to develop new protocols that support high density data transmissions in Wide Area Networks. Many of these protocols are TCP protocol variants, which have demonstrated better performance in simulation and several limited network experiments but have limited practical applications because of implementation and installation difficulties. On the other hand, users who need to transfer bulk data (e.g., in grid/cloud computing) usually turn to application level solutions where these variants do not fair well. Among protocols considered in the application level solutions are UDP-based protocols, such as UDT (UDP-based Data Transport Protocol) for cloud /grid computing. Despite the promising development of protocols like UDT, what remains to be a major challenge that current and future network designers face is to achieve survivability and security of data and networks. Our previous research surveyed various security methodologies which led to the development of a framework for UDT. In this paper we present lowerlevel security by introducing an Identity Packet (IP) and Authentication Option (AO) for UDT. 

KEYWORDS

Next Generation Network Protocol, High Speed Bandwidth, UDT, AO, IP, SHA-1, SHA-256, MD5,Cloud, GRID 

at No comments:

Monday, July 16, 2018

A MULTI-CRITERIA EVALUATION OF INFORMATION SECURITY CONTROLS USING BOOLEAN FEATURES

A MULTI-CRITERIA EVALUATION OF INFORMATION SECURITY CONTROLS USING BOOLEAN FEATURES
Angel R. Otero1, Carlos E. Otero2 and Abrar Qureshi2
1Graduate School of Computer and Information Sciences, Nova Southeastern University, Fort Lauderdale, FL, USA
2Department of Mathematics & Computer Science, University of Virginia’s College atWise, Wise, VA, USA

ABSTRACT

For organizations, the protection of information is of utmost importance. Throughout the years, organizations have experienced numerous system losses which have had a direct impact on their most valuable asset, information. Organizations must therefore find ways to make sure that the appropriate and most effective information security controls are implemented in order to protect their critical or most sensitive classified information. Existing information security control selection methods have been employed in the past, including risk analysis and management, baseline manuals, or random approaches. However, these methods do not take into consideration organization specific constraints such as costs of implementation, scheduling, and availability of resources when determining the best set of controls. In addition, these existing methods may not ensure the inclusion of required/necessary controls or the exclusion of unnecessary controls. This paper proposes a novel approach for evaluating information  security controls to help decision-makers select the most effective ones in resource-constrained environments. The proposed approach uses Desirability Functions to quantify the desirability of each information security control taking into account benefits and penalties (restrictions) associated with implementing the control. This provides Management with a measurement that is representative of the overall quality of each information security control based on organizational goals. Through a case study, the approach is proven successful in providing a way for measuring the quality of information security controls (based on multiple application-specific criteria) for specific organizations.

KEYWORDS

Information security; information security controls; risk analysis and management; baseline manuals; best practice frameworks; desirability functions 

at No comments:

Friday, July 13, 2018

Pattern Analysis and Signature Extraction for Intrusion Attacks on Web Services

Pattern Analysis and Signature Extraction for Intrusion Attacks on Web Services
Urjita Thakar1, Nirmal Dagdee2, Sudarshan Varma3
1 Reader, Computer Engineering Department, Shri G.S. Institute of Technology and Science, 23, Visweswaraiya Road, Indore,MP, 452 003 India
2Director and Professor, Computer Science and Information Technology,S.D. Bansal College of Technology,A.B. Road, Umaria, Indore, MP, India
3 Project Manager, Ideavate Solutions,2101 Highway 516, Suite F Old Bridge, NJ 08857, USA

ABSTRACT

The increasing popularity of web service technology is attracting hackers and attackers to hack the web services and the servers on which they run. Organizations are therefore facing the challenge of implementing adequate security for Web Services. A major threat is that of intruders which may maliciously try to access the data or services. The automated methods of signature extraction extract the binary pattern blindly resulting in more false positives. In this paper a semi automated approach is proposed to analyze the attacks and generate signatures for web services. For data collection, apart from the conventional SOAP data loggers, honeypots are also used that collect small data which is of high value. To filter out the most suspicious part of the data, SVM based classifier is employed to aid the system administrator. By applying an attack signature algorithm on the filtered data, a more balanced attack signature is extracted that results in fewer false positives and negatives. It helps the Security Administrator to identify the web services that are vulnerable or are attacked more frequently.

KEYWORDS

Web services, Intruders, Signatures, Honeypots, Classifier

at No comments:

Thursday, July 12, 2018

AN EFFICIENT M-ARY QIM DATA HIDING ALGORITHM FOR THE APPLICATION TO IMAGE ERROR CONCEALMENT

AN EFFICIENT M-ARY QIM DATA HIDING ALGORITHM FOR THE APPLICATION TO IMAGE ERROR CONCEALMENT
Amit Phadikar1, Santi P. Maity 2
1Department of Information Technology, MCKV Institute of Engineering, Liluah,Howrah 711204, India.
2Department of Information Technology, Bengal Engineering and Science University,Shibpur, Howrah 711 103, India.

ABSTRACT

Methods like edge directed interpolation and projection onto convex sets (POCS) that are widely used for image error concealment to produce better image quality are complex in nature and also time consuming. Moreover, those methods are not suitable for real time error concealment where the decoder may not have sufficient computation power or done in online. In this paper, we propose a data-hiding scheme for error concealment of digital image. Edge direction information of a block is extracted in the encoder and is embedded imperceptibly into the host media using quantization index modulation (QIM), thus reduces work load of the decoder. The system performance in term of fidelity and computational load is improved using M-ary data modulation based on near-orthogonal QIM. The decoder extracts the embedded features (edge information) and those features are then used for recovery of lost data. Experimental results duly support the effectiveness of the proposed scheme.

KEY WORDS

Error Concealment, Data Hiding, M-ary modulation, QIM, Interpolation.

at No comments:

Wednesday, July 11, 2018

WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX

WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
Reza Amirpoor1 and Ajay Kumar2 and Satish R. Deavne3
1Research Student, IMED, Department of Computer Management, Bharati Vidyapeeth University, INDIA
2Director, JSPM’s JAYAWANT Institute of Computer Applications, Tathawade, INDIA
3Principal, Dr. D. Y. Patil Ramrao Adik Institute of Technology, Nerul, Navi Mumbai,INDIA

ABSTRACT

Nowadays, use of wireless technology in organizations is a regular act, and we can see this technology erupted in all possible different areas. Related to employing wireless technology those organizations need to apply properly security level, depend on security policy which already defined. If security system applied but not required, or security system required but not provided, leads to improper security system. In this paper we have shown the way to evaluate the data significant and their appropriate security level. Here a model to evaluate the cost of data on security point of view by consideration of some parameters like sensitivity, volume, life, frequency, etc…, this research makes organizations to predict and implement or understand the cost involved for security of their data by measuring the data value. We used questionnaire and survey methodologies to collect the data; and then used SPSS and SAS program to calculate and design a model. In this way regression and BOOTSTARP help us to find accurate result.

KEYWORDS

Data Value, Security Policy, Wireless 

at No comments:

Tuesday, July 10, 2018

Elliptic Curve based Authenticated Session Key Establishment Protocol for High Security Applications in Constrained NetworkEnvironment

Elliptic Curve based Authenticated Session Key Establishment Protocol for High Security Applications in Constrained NetworkEnvironment
K R Chandrasekhara Pillai1 and M P Sebastian2
1Dept.of Computer Science and Engineering, N S S College of Engineering, India.
2Indian Institute of Management Kozhikode,Calicut - 673570, Kerala, India

ABSTRACT

The existing authenticated session key establishment protocols are either vulnerable to dictionary attack on identity privacy of a client or the methods adopted to resist this attack are found to be computationally inefficient. This paper proposes a new authenticated key establishment protocol which uses elliptic curve based DDH problem. The protocol provides identity privacy of the client in addition to the other security properties needed for a session key establishment protocol. In comparison with the existing protocols, the proposed protocol offers equivalent security with less parameters resulting in lower computational load, communication bandwidth cost, power consumption and memory requirement.

KEYWORDS

Elliptic Curve Cryptography, Authentication, Session Key Establishment, Network Security & Identity Privacy

at No comments:

Monday, July 9, 2018

AN EFFICIENT IP TRACEBACK THROUGH PACKET MARKING ALGORITHM

AN EFFICIENT IP TRACEBACK THROUGH PACKET MARKING ALGORITHM
Y.Bhavani and P.Niranjan Reddy 
Department of Computer Science and Engineering, Kakatiya Institute of Technology and Science, India

ABSTRACT

Denial-of-service (DoS) attacks pose an increasing threat to today’s Internet. One major difficulty to defend against Distributed Denial-of-service attack is that attackers often use fake, or spoofed IP addresses as the IP source address. Probabilistic packet marking algorithm (PPM), allows the victim to trace back the appropriate origin of spoofed IP source address to disguise the true origin. In this paper we propose a technique that efficiently encodes the packets than the Savage probabilistic packet marking algorithm and reconstruction of the attack graph. This enhances the reliability of the probabilistic packet marking algorithm.

KEYWORDS

Denial-of-service, Probabilistic Packet Marking Algorithm, Efficient Probabilistic Packet Marking algorithm, attack graph. 

at No comments:

Friday, July 6, 2018

BYZANTINE BEHAVIOUR (B2) – MITIGATING MIDWAY MULTICAST MISBEHAVIOUR (M4) IN ADHOC NETWORK

BYZANTINE BEHAVIOUR (B2) – MITIGATING MIDWAY MULTICAST MISBEHAVIOUR (M4) IN ADHOC NETWORK
S. Albert Raebra1 and S.Vijayalakshmi2
1Department of Computer Science, St.Joseph’s College, Bharathidasan University,Trichy, India
2Department of Banking Technology, Pondicherry University, India

ABSTRACT

Ad-hoc networks are an emerging area of mobile computing and an efficient paradigm for multicast communication. The security challenges faced by the network due to their inherent unique characteristics are exacerbated in case of multicast communication. Group communication in ad hoc network is susceptible to a host of outsider and insider attacks. The security solutions proposed for the outsider attack cannot be directly applied to the insider attack due to their disparate behavior. The compromise and subversion of the authenticated, trusted and participating node in the network leads to Byzantine  attack or behavior. Attacks where adversaries have full control of a number of authenticated devices and behave arbitrarily to disrupt the multicast routing are referred to as Byzantine attacks. Online auction network inherently embracing multicast technology has been taken as the case study. The implications of the Byzantine attack in the online auction Network have been studied. Besides the existing network performance parameters like delay, jitter, throughput, Packet Delivery Ratio (PDR) another parameter by name Immediate Neighbor Aware Vouch Count ( INAVC) is included to proactively select a fault free multicast route. This proactive parameter is dynamic and reflects the true multicast architecture in adhoc network thereby enabling to instantly prune the Byzantine adversary. Providing robust and resilient defense solutions to subvert this attack in auction Network becomes the focus of this paper.

KEYWORDS

Ad-hoc networks, Multicast Communication, Byzantine Behavior, Online Auction Network

at No comments:

Thursday, July 5, 2018

HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENSOR NETWORK

HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENSOR NETWORK
1Mohammad Saiful Islam Mamun and 2A.F.M. Sultanul Kabir 
1Department of Computer Science, Stamford University Bangladesh, 51, Siddeshwari, Dhaka
2Department of Computer Science and Engineering, American International University Bangladesh, Dhaka.

ABSTRACT

In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.

KEYWORD

WSN, IDS, Hierarchical Design, Security


at No comments:

Wednesday, July 4, 2018

IMPROVING TLS SECURITY BY QUANTUM CRYPTOGRAPHY

IMPROVING TLS SECURITY BY QUANTUM CRYPTOGRAPHY
Mohamed Elboukhari1, Mostafa Azizi2 and Abdelmalek Azizi1,3
1dept. Mathematics & Computer Science, FSO, University Mohamed Ist, Morocco
2 dept. Applied Engineering, ESTO, University Mohamed Ist, Oujda, Morocco
3Academy Hassan II of Sciences & Technology, Rabat, Morocco

ABSTRACT

Quantum Cryptography or Quantum Key Distribution (QKD) solves the key distribution problem by allowing the exchange of a cryptographic key between two remote parties with absolute security, guaranteed by the laws of quantum physics. Extensive studies have been undertaken on QKD since it was noted that quantum computers could break public key cryptosystems based on number theory. Actually, the progress of research in this field allows the implementation of QKD outside of laboratories. Efforts are made to exploit this technology in the existing communication networks and to improve the performance and reliability of the implemented technologies. Some research is in progress for the integration of QKD with the protocols in different layers of OSI model. The examples of such research effort are the integration of QKD in point-to-point protocol (PPP) OSI layer 2 and the integration of  QKD with IPSEC at OSI layer-3. All these works are moving towards the utilization of QKD technology for enhancing the security of modern computing applications on the internet. In this paper, we present a novel extension of the TLS protocol based on QKD. We introduce a scheme for integrating Quantum Cryptography in this protocol. Our approach improves the security of the process of authentication and data encryption. Also, we describe an example to illustrate the feasibility of our scheme’s implementation.

KEYWORDS

BB84 Protocol, Cryptography, Quantum Cryptography, Quantum Key Distribution, TLS Protocol 

at No comments:

Tuesday, July 3, 2018

INVESTIGATING & IMPROVING THE RELIABILITY AND REPEATABILITY OF KEYSTROKE DYNAMICS TIMERS

INVESTIGATING & IMPROVING THE RELIABILITY AND REPEATABILITY OF KEYSTROKE DYNAMICS TIMERS
Mr Pavaday Narainsamy 1, Dr Soyjaudah Sunjiv2 & Mr Nugessur Shrikaant3
1Department of Computer Science and Engineering, University of Mauritius.
2Professor in Communication and Signal processing, University of Mauritius.
3Student, Computer Science Department, University of Mauritius.

ABSTRACT

One of the most challenging tasks facing the security expert remains the correct authentication of human being which has been crucial to the fabric of our society. The emphasis is now on reliable person identification for computerized devices as the latter forms an integral part of our daily activities. Moreover with increasing geographical mobility of individuals, the identification problem has become more acute. One alternative, to curb down the increasing number of computer related crimes, is through the use of keystroke biometric technology which represents an enhancement to password mechanisms by incorporating typing rhythms in it. Time captured being critical to the performance of the identifier, it is primordial that it satisfies certain requirements at a suitable degree of acceptability This paper presents an evaluation of timing options for keystroke dynamics paying attention to their repeatability and reliability as well as their portability on different systems. In actual passwords schemes users enroll using one computer and access resources using other configurations at different locations without bothering about the different underlying operating systems.

KEYWORDS

Security, Authentication, Passwords, Biometrics, Keystroke, Typing rhythms, Timers

Original Source Link : http://airccse.org/journal/nsa/0710ijnsa05.pdf
http://airccse.org/journal/jnsa10_current.html
at No comments:

Monday, July 2, 2018

DESIGN AND IMPLEMENTATION OF A TRUST-AWARE ROUTING PROTOCOL FOR LARGE WSNS

DESIGN AND IMPLEMENTATION OF A TRUST-AWARE ROUTING PROTOCOL FOR LARGE WSNS
Theodore Zahariadis1, Helen Leligou1, Panagiotis Karkazis5,Panagiotis Trakadas2, Ioannis Papaefstathiou5,Charalambos Vangelatos3, Lionel Besson4,
1 Technological Educational Institute of Chalkis, Greece
2 Hellenic Authority for Communications Security and Privacy (ADAE), Greece
3 Hellenic Aerospace Industry S.A., Greece
4 Thales Communications, France
5Technical University of Crete, Greece

ABSTRACT

The domain of Wireless Sensor Networks (WSNs) applications is increasing widely over the last few years. As this new type of networking is characterized by severely constrained node resources, limited network resources and the requirement to operate in an ad hoc manner, implementing security functionality to protect against adversary nodes becomes a challenging task. In this paper, we present a trust-aware, location-based routing protocol which protects the WSN against routing attacks, and also supports large-scale WSNs deployments. The proposed solution has been shown to efficiently detect and avoid malicious nodes and has been implemented in state-of-the-art sensor nodes for a real-life test-bed. This work focuses on the assessment of the implementation cost and on the lessons learned through the design, implementation and validation process.

KEYWORDS

Wireless sensor networks, trust management, secure routing, implementation cost 

at No comments:
Subscribe to: Posts (Atom)

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)...