Wednesday, October 31, 2018

TRIDNT: THE TRUST-BASED ROUTING PROTOCOL WITH CONTROLLED DEGREE OF NODE SELFISHNESS FOR MANET

International Journal of Network Security & Its Applications (IJNSA)

Ahmed M. Abd El-Haleem1 and Ihab A. Ali2
1 Assistant Lecture, Communication Department, Faculty of Engineering, Helwan University, Helwan
2Associate Professor, Communication Department, Faculty of Engineering, Helwan University, Helwan

ABSTRACT


In Mobile ad-hoc network, nodes must cooperate to achieve the routing purposes. Node misbehaviour due to selfish or malicious intention could significantly degrade the performance of MANET because most existing routing protocols in MANET are aiming at finding most efficiency path. In this paper, we propose a Two node-disjoint Routes protocol for Isolating Dropper Node in MANET (TRIDNT) to deal with misbehaviour in MANET. TRIDNT allows some degree of selfishness to give an incentive to the selfish nodes to declare itself to its neighbours, which reduce the misbehaving nodes searching time. In TRIDNT two node-disjoint routes between the source and destination are selected based on their trust values. We use both DLL-ACK and end-to-end TCP-ACK to monitor the behaviour of routing path nodes: if a malicious behaviour is detected then the path searching tool starts to identify the malicious nodes and isolate them. Finally by using a mathematical analysis we find that our proposed protocol reduces the searching time of malicious nodes comparing to the route expected life time, and avoids the isolated misbehaving node from sharing in all future routes, which improve the overall network throughput. 

KEYWORDS

Ad Hoc Network, Trust-Based routing, Secure Routing Protocol, network security.








at No comments:

Monday, October 29, 2018

DDoS Attack and Defense Scheme in Wireless Ad hoc Networks

DDoS Attack and Defense Scheme in Wireless Ad hoc Networks
S.A.Arunmozhi1, Y.Venkataramani2
1. Associate Professor,Dept. of ECE, Saranathan College of Engineering,India
2 Principal, Saranathan College of Engineering, India

Abstract

The wireless ad hoc networks are highly vulnerable to distributed denial of service(DDoS) attacks because of its unique characteristics such as open network architecture, shared wireless medium and stringent resource constraints. These attacks throttle the tcp throughput heavily and reduce the quality of service(QoS) to end systems gradually rather than refusing the clients from the services completely. In this paper, we discussed the DDoS attacks and proposed a defense scheme to improve the performance of the ad hoc networks. Our proposed defense mechanism uses the medium access control (MAC) layer information to detect the attackers. The status values from MAC layer that can be used for detection are Frequency of receiving RTS/CTS packets, Frequency of sensing a busy channel and the number of RTS/DATA retransmissions. Once the attackers are identified, all the packets from those nodes will be blocked. The network resources are made available to the legitimate users. We perform the simulation with Network Simulator NS2 and we proved that our proposed system improves the network performance.

Key words: 

distributed denial-of-service (DDoS), wireless ad hoc networks, medium accesscontrol, bandwidth reservation, distributed rate control.


at No comments:

Thursday, October 25, 2018

AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND ITS VERIFICATION

AN ACTIVE HOST-BASED INTRUSION DETECTION SYSTEM FOR ARP-RELATED ATTACKS AND ITS VERIFICATION
Ferdous A Barbhuiya, Santosh Biswas and Sukumar Nandi
Department of Computer Science and Engineering Indian Institute of Technology Guwahati, India - 781039

ABSTRACT

Spoofing with falsified IP-MAC pair is the first step in most of the LAN based-attacks. Address Resolution Protocol (ARP) is stateless, which is the main cause that makes spoofing possible. Several network level and host level mechanisms have been proposed to detect and mitigate ARP spoofing but each of them has their own drawback. In this paper we propose a Host-based Intrusion Detection system for LAN attacks, which works without any extra constraint like static IP-MAC, modifying ARP etc. The proposed scheme is verified under all possible attack scenarios. The scheme is successfully validated in a test bed with various attack scenarios and the results show the effectiveness of the proposed technique.

KEYWORDS

Active Detection, ARP spoofing, host based ids, LAN attack, Verification

at No comments:

Tuesday, October 23, 2018

Enterprise Delegation for Service Based Systems

Enterprise Delegation for Service Based Systems 
Coimbatore Chandersekaran1, William R. Simpson2
1 The Secretary of the Air Force (SAF/A6) 1500 Wilson Blvd., Rosslyn, VA 22209, US
2 The Institute for Defense Analyses, 4850 Mark Center Drive, Alexandria, VA 22311, USA

Abstract. 

Sharing information and maintaining privacy and security is a requirement in distributed environments. Mitigating threats in a distributed environment requires constant vigilance and defense-indepth. Most systems lack a secure model that guarantees an end-to-end security. We devise a model that mitigates a number of threats to the distributed computing pervasive in enterprises. This authentication process is part of a larger information assurance systemic approach that requires that all active entities (users, machines and services) be named, and credentialed. Authentication is bi-lateral using PKI credentialing, and authorization is based upon Security Assertion Markup Language (SAML) attribution statements. Communication across domains is handled as a federation activity using WS-* protocols. We present the architectural model, elements of which are currently being tested in an operational environment. Elements of this architecture include real time computing, edge based distributed mashups, and dependable, reliable computing. The architecture is also applicable to a private cloud. 

Keywords: 

Credentialing, Authentication, Authorization, Delegation, Attribution, Least Privilege, Public Key Infrastructure, Security Assertion Markup Language (SAML)

at No comments:

Monday, October 22, 2018

Transformation from Identity Stone Age to Digital Identity

Transformation from Identity Stone Age to Digital Identity
Mohit Kohli,
Security Practices-Rolta Technology Limited (RIL), India

ABSTRACT

Technological conversion, political interests and Business drivers has triggered a means, to establish individual characterization and personalization. People started raising concerns on multiple identities managed across various zones and hence various solutions were designed. Technological advancement has brought various issues and concerns around Identity assurance, privacy and policy enabled common Authentication framework. A compression framework is needed to established common identity model to address national needs like standards, regulation and laws, minimum risk, interoperability and to provide user with a consistent context or user experience. This document focuses on Transformation path of identity stone age to Identity as in state. It defines a digital identity zone model (DIZM) to showcase the Global Identity defined across the ecosystem. Also, provide insight of emerging Technology trend to enable Identity assurance, privacy and policy enabled common Authentication framework.

KEYWORDS

Digital Identity, OpenId, OIX, Cloud Computing, oAuth

at No comments:

Thursday, October 18, 2018

Authentication Schemes for Session Passwords using Color and Images

Authentication Schemes for Session Passwords using Color and Images
M SREELATHA1, M SHASHI2, M ANIRUDH1,MD SULTAN AHAMER1, V MANOJ KUMAR1
1Department of Computer Science and Engineering, R.V.R. & J.C. College of Engineering, Guntur, A.P.
2Department of Computer Science and System Engineering, Andhra University College of Engineering, Visakhapatnam, A.P

Abstract: 

Textual passwords are the most common method used for authentication. But textual passwords are vulnerable to eves dropping, dictionary attacks, social engineering and shoulder surfing. Graphical passwords are introduced as alternative techniques to textual passwords. Most of the graphical schemes are vulnerable to shoulder surfing. To address this problem, text can be combined with images or colors to generate session passwords for authentication. Session passwords can be used only once and every time a new password is generated. In this paper, two techniques are proposed to generate session passwords using text and colors which are resistant to shoulder surfing. These methods are suitable for Personal Digital Assistants.

Index Terms: 

Authentication, session passwords, shoulder surfing

at No comments:

Wednesday, October 17, 2018

MAINTAINING UNIFORM DENSITY AND MINIMIZING THE CHANCE OF ERROR IN A LARGE SCALE WSN

MAINTAINING UNIFORM DENSITY AND MINIMIZING THE CHANCE OF ERROR IN A LARGE SCALE WSN
Asis Kumar Tripathy1,Shradhananda Beura2,Muralidhar Behera3 and Gunanidhi Pradhan4
1,2,3Department of Computer Science and Engineering, NM Institute of Engineering and Technology, Bhubaneswar,Odisha,India
4Govt. college of Engineering, Kalahandi, Odisha,India

ABSTRACT

In a real application area, the WSN is not a homogeneous network where the nodes are maintained in respective coordinate position relatively same to each other. But rather homogeneous it should be heterogeneous, where the relative positional difference for different nodes are different. In this paper a better scheme is being proposed which will take care of the life time and density of a WSN. Sun et. al. proposed uniform density in WSN by assuming the network as a homogeneous network ,but in this paper without taking a homogeneous network the same problem is being solved by using the Gaussian probability density function. And also the chance of error in receiving the message from the WSN to the base station is minimized by using priori probability algorithm.

KEYWORDS

WSN, Network density, life time, priori probability

at No comments:

Monday, October 15, 2018

DATA SECURITY USING PRIVATE KEY ENCRYPTION SYSTEM BASED ON ARITHMETIC CODING

DATA SECURITY USING PRIVATE KEY ENCRYPTION SYSTEM BASED ON ARITHMETIC CODING
Ajit Singh1 and Rimple Gilhotra2
1Department of Computer Science & Engineering and Information Technology
2BPS Mahila Vishwavidyalaya, Khanpur Kalan, Sonepat-131305 Haryana (India).

ABSTRACT

Problem faced by today’s communicators is not only security but also the speed of communication and size of content.In the present paper, a scheme has been proposed which uses the concept of compression and data encryption. In first phase the focus has been made on data compression and cryptography. In the next phase we have emphasized on compression cryptosystem. Finally, proposed technique has been discussed which used the concept of data compression and encryption. In this first data is compressed to reduce the size of the data and increase the data transfer rate. Thereafter compress data is encrypted to provide security. Hence our proposed technique is effective that can reduce data size, increase data transfer rate and provide the security during communication.

KEYWORDS

Arithmetic coding, cryptography, floating point number, one time pad, compression-crypto

at No comments:

Friday, October 12, 2018

CREDENTIAL BASED MEDIATOR ARCHITECTURE FOR ACCESS CONTROL AND DATA INTEGRATION IN MULTIPLE DATA SOURCES ENVIRONMENT

CREDENTIAL BASED MEDIATOR ARCHITECTURE FOR ACCESS CONTROL AND DATA INTEGRATION IN MULTIPLE DATA SOURCES ENVIRONMENT
Dr. Nirmal Dagdee1, Ruchi Vijaywargiya2
Department of Computer Science and Engineering, S. D. Bansal College Of Technology, Indore, India

ABSTRACT

In multiple data sources environment where open access is to be provided to the users not known to the system, the credential based access control has emerged as a suitable approach for achieving security on shared data [22,23,28,29,31]. Mediation techniques have been developed for data integration that provide a single unified view of the multiple data sources to the user[1,2,3,4,5,6,7,18]. For enforcing common access policy across the available data sources and enabling controlled access on data at local levels, appropriate multilevel access control policy is also required. In this paper, we propose a credential based mediator architecture to achieve multilevel access control and data integration in open access environment. To realize the multilevel access policy a credential transfer protocol has been proposed to accomplish the transfer of credentials and extracting attribute values associated with them.

KEYWORDS

Credential, mediator, access control, data integration

at No comments:

Wednesday, October 10, 2018

ON DESIGN OF PUF-BASED RANDOM NUMBER GENERATORS

ON DESIGN OF PUF-BASED RANDOM NUMBER GENERATORS
Mehdi Ayat1, Reza Ebrahimi Atani2, Sattar Mirzakuchaki1
1Department of Electrical Engineering, Iran University of Science and Technology,Tehran, Iran
2Department of Computer Engineering, The University of Guilan, P.O. Box 3756, Rasht, Iran

ABSTRACT

In this paper we propose a new architecture Physical Random Functions (or Physical Unclonable Functions, PUFs) to create a candidate hardware random number generator. So far several random number generators based on ring oscillators were introduced but all of them have either security or stability problems. This paper presents a novel architecture which has solved both of these problems. This idea have a higher data complexity and also nonlinearity which secures the circuit against modeling attacks. The final architecture has also lower hardware complexity which make it suitable for lightweight random number generators.

KEYWORDS

Physical Unclonable Functions, Physical Cryptography, Random Number Generator

at No comments:

Tuesday, October 9, 2018

A TIERED BLOCKCHAIN FRAMEWORK FOR VEHICULAR FORENSICS

A TIERED BLOCKCHAIN FRAMEWORK FOR VEHICULAR FORENSICS
Marcel C. Ugwu1, Izunna U. Okpala2 Collins I. Oham3, and Cosmas I.Nwakanma3
1Seamfix Nigeria Limited, Lagos, Nigeria
2Department of Communication Arts,National Institute for Nigerian Languages, Aba, Abia, Nigeria
3Department of Information Management Technology,Federal University of Technology, Owerri. Nigeria

ABSTRACT

In this paper, we present a tiered vehicular forensics framework based on permission BlockChain. We integrate all entities involved in the forensics process and record their interactions in the BlockChain to generate comprehensive evidence for settling disputes and appropriating blame. We incorporate a watchdog entity in our tiered framework to prevent collusive tendencies of potentiality liable entities and to prevent exploitation of evidence. Also, we incorporate a state mechanism to prove the state of a smart vehicle when an accident occurs. Furthermore, we conduct a security analysis to demonstrate the resilience of our framework against identified attacks and describe security mechanisms used to achieve key requirements for vehicular forensics. Finally, we comparatively evaluate our framework against existing proposals.

KEYWORDS

BlockChain, Smart Vehicles, Dispute settlement, Vehicular forensics

at No comments:

Friday, October 5, 2018

THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT

THE EFFECT OF INFORMATION TECHNOLOGY USING ENTERPRISE SECURITY RISK MANAGEMENT
Michael O. Adekanye1 and Shawon S. M. Rahman, Ph.D.
1Address: P.O Box 9201, Trenton NJ 08650, USA
2Associate Professor, Dept. of Computer Science & Engineering, University of HawaiiHilo,200 W. Kawili Street, Hilo, HI 96720, USA

ABSTRACT

The philosophy of Enterprise Security Risk Management (ESRM) drives a risk-based approach to managing any security risks, physical or logical and holistically applies to every security process. There are globally established risk principles that are common among any developed risk management standard. This model associates the relationship of risk principles to the practice of managing security risks. The ESRM processes, when successfully and consistently adapted to a security program, will define what a progressive security program looks like, drive strategic through initiatives, build the business understanding of security’s role to develop a budgeting strategy, and initiate board-level, risk-based reporting. The management security leader's role in ESRM is to manage risks and unthinkable harm to enterprise assets and stockholder in partnership with the business leaders whose assets are exposed to those risks management. ESRM is part of educating business leaders on the realistic of impacts. These identified risks, presenting any potential strategies to mitigate those impacts, and enacting the option chosen by the business in line with acceptable levels of business risk tolerance. The present data should be used to showcase how our service helps identify, evaluate, and mitigate risks at face value that would be detrimental to a company’s long-term prosperity. We need to show how using our security risk management will ultimately benefit the company's work by improving policies and procedures and reducing other expenses through the use of risk principles management.

KEYWORDS

Enterprises Security Risk Management, ESRM, Maturation of a Profession, Unfettered Rules, Risk Mitigation, Risk Mechanism, Enterprise Risk Management, Risk Principles Management, Manage Security Programs

at No comments:

Wednesday, October 3, 2018

Benchmarks for Evaluating Anomaly Based Intrusion Detection Solutions

Benchmarks for Evaluating Anomaly Based Intrusion Detection Solutions
Nicholas J. Miller and Mehrdad Aliasgari
Department of Computer Engineering and Computer Science, California State University, Long Beach, Long Beach 90840, USA.

ABSTRACT

Anomaly-based Intrusion Detection Systems (IDS) have gained increased popularity over time. There are many proposed anomaly-based systems using different Machine Learning (ML) algorithms and techniques, however there is no standard benchmark to compare them based on quantifiable measures. In this paper, we propose a benchmark that measures both accuracy and performance to produce objective metrics that can be used in the evaluation of each algorithm implementation. We then use this benchmark to compare accuracy as well as the performance of four different Anomaly-based IDS solutions based on various ML algorithms. The algorithms include Naive Bayes, Support Vector Machines, Neural Networks, and K-means Clustering. The benchmark evaluation is performed on the popular NSL-KDD dataset. The experimental results show the differences in accuracy and performance between these Anomaly-based IDS solutions on the dataset. The results also demonstrate how this benchmark can be used to create useful metrics for such comparisons. 

KEYWORDS

Anomaly-based Detection, Intrusion Detection, Benchmarks


at No comments:
Subscribe to: Posts (Atom)

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)...