GENERATING REPRESENTATIVE ATTACK TEST CASES FOR EVALUATING AND TESTING WIRELESS INTRUSION DETECTION SYSTEMS

GENERATING REPRESENTATIVE ATTACK TEST CASES FOR EVALUATING AND TESTING WIRELESS INTRUSION DETECTION SYSTEMS

Khalid Nasr, Anas Abou El Kalam, and Christian Fraboul

IRIT-ENSEEIHT, INPT, Université de Toulouse Toulouse, France

ABSTRACT

Openness of wireless communication medium and flexibility in dealing with wireless communication protocols and their vulnerabilities create a problem of poor security. Due to deficiencies in the security mechanisms of the first line of defense such as firewall and encryption, there are growing interests in detecting wireless attacks through a second line of defense in the form of Wireless Intrusion Detection System (WIDS). WIDS monitors the radio spectrum and system activities and detects attacks leaked from the first line of defense. Selecting a reliable WIDS system depends significantly on its functionality and performance evaluation. Comprehensive and credible evaluation of WIDSs necessitates taking into account all possible attacks. While this is operationally impossible, it is necessary to select representative attack test cases that are extracted mainly from a comprehensive classification of wireless attacks.Dealing with this challenge, this paper proposes a holistic taxonomy of wireless security attacks from the perspective of the WIDS evaluator. This proposed taxonomy includes all relevant necessary and sufficient dimensions for wireless attacks classification and it helps in generating and extracting the representative attack test cases.

KEYWORDS

Attack Taxonomy, Attack Test Cases, Wireless Intrusion Detection System, Wireless Attacks 

ORIGINAL SOURCE URL : http://airccse.org/journal/nsa/0512nsa01.pdf

http://airccse.org/journal/jnsa12_current.html

Passblot: A Highly Scalable Graphical One Time Password System

Passblot: A Highly Scalable Graphical One Time Password System

Sainath Gupta, Shashank Sahni, Pruthvi Sabbu, Siddhartha Varma,Suryakanth V Gangashetty

IIIT – Hyderabad, Gachibowli, Hyderabad, India 500032

ABSTRACT

User authentication is necessary to secure the data and process on Internet and in digital devices. Static text based authentication are most widely employed  authentication systems for being inexpensive and highly scalable. But they are prone to various types of active and passive attacks. The constant need of extending them to increase security is making them less usable. One promising alternative is Graphical authentication systems, which if implemented properly are more secure but have their own drawbacks. In this paper, we discuss in detail the extension of our previous work Passblot [18], a unique graphical authentication system. It generates pseudo random one time passwords using a set of inkblots, unique to each user. Properties of one time passwords ensure the resistance towards various common attacks and the uniqueness of human perception makes it usable. We demonstrate how our system effectively mitigates various attacks and analyse the results from various experiments conducted.

KEYWORDS

Usable security, Authentication, one-time passwords, Interfaces, Security, Cueing.

ORIGINAL SOURCE URL : http://airccse.org/journal/nsa/0312nsa15.pdf

http://airccse.org/journal/jnsa12_current.html

EFFICIENT CONDITIONAL PROXY RE ENCRYPTION WITH CHOSEN CIPHER TEXT SECURITY

Article:

EFFICIENT CONDITIONAL PROXY RE ENCRYPTION WITH CHOSEN CIPHER TEXT SECURITY

Abstract:

In a proxy re-encryption (PRE) scheme, Alice gives a special information to a proxy that allows it to transform messages encrypted under Alice's public key into a encryption under Bob's public key such that the message is not revealed to the proxy. In [14], Jian Weng and others introduced the notion of conditional proxy re-encryption (C-PRE) with bilinear pairings. Later, a break for the same was published in [17] and a new C-PRE scheme with bilinear pairings was introduced. In C-PRE,  the proxy also needs to have the right condition key to transform the ciphertext (associated with a condition set by Alice) under Alice's public key into ciphertext  under Bob's public key, so that Bob can decrypt it. In this paper, we propose an efficient C-PRE scheme which uses substantially less number of bilinear pairings when compared to the existing one [17]. We then prove its chosen-ciphertext security under modified Computational Diffie-Hellman (mCDH) and modified Computational Bilinear Diffie-Hellman (mCBDH) assumptions in the random oracle model. 

Keywords:

Random Oracle Model, Proxy Re-Cryptography, Conditional Proxy Re-encryption, Chosen Ciphertext Security.

Original Source URL: http://airccse.org/journal/nsa/0312nsa14.pdf

http://airccse.org/journal/jnsa12_current.html 

IDENTIFICATION OF IMAGE SPAM BY USING LOW LEVEL & METADATA FEATURES

IDENTIFICATION OF IMAGE SPAM BY USING LOW LEVEL & METADATA FEATURES

Anand Gupta1, Chhavi Singhal2 and Somya Aggarwal1

1Department of Computer Engineering,

2Department of Electronic and Communication Engineering Netaji Subhas Institute of Technology, New Delhi, India

ABSTRACT

Spammers are constantly evolving new spam technologies, the latest of which is image spam. Till now research in spam image identification has been addressed by considering properties like colour, size, compressibility, entropy, content etc. However, we feel the methods of identification so evolved have certain limitations due to embedded obfuscation like complex backgrounds, compression artifacts and wide variety of fonts and formats .To overcome these limitations, we have proposed 2 methodologies(however there can be more). Each methodology has 4 stages. Both the methodologies are almost similar except in the second stage where methodology I extracts low level features while the other extracts metadata features. Also a comparison between both the methodologies is shown. The method works on images with and without noise separately. Colour properties of the images are altered so that OCR (Optical Character Recognition) can easily read the text embedded in the image. The proposed methods are tested on a dataset of 1984 spam images and are found to be effective in identifying all types of spam images having (1) only text, (2) only images or (3) both text and images. The encouraging experimental results show that the methodology I achieves an accuracy of 92% while the other achieves

an accuracy of 93.3%.

KEYWORDS

Low level feature, anti obfuscation technique, noise & entropy

ORIGINAL SOURCE URL :http://airccse.org/journal/nsa/0312nsa13.pdf

http://airccse.org/journal/jnsa12_current.html

LATTICE BASED TOOLS IN CRYPTANALYSIS FOR PUBLIC KEY CRYPTOGRAPHY

LATTICE BASED TOOLS IN CRYPTANALYSIS FOR PUBLIC KEY CRYPTOGRAPHY

 R. Santosh Kumar, C. Narasimham and S. Pallam Setty

1Department of Information Technology ,MVGR College of Engg., Vizianagaram,India.

2Department of Information Technology,VR Siddhartha Engineering College,Vijayawada-7, India.

3Dept. of Computer Science & Systems Engineering, Andhra University,Vishakapatnam, India

Abstract

Lattice reduction is a powerful concept for solving diverse problems involving point lattices. Lattice reduction has been successfully utilizing in Number Theory, Linear algebra and Cryptology. Not only the existence of lattice based cryptosystems of hard in nature, but also has vulnerabilities by lattice reduction techniques. In this survey paper, we are focusing on point lattices and then describing an introduction to the theoretical and practical aspects of lattice reduction. Finally, we describe the applications of lattice reduction in Number theory, Linear algebra.

Keywords

Lattices, Lattice Reduction, RSA, Coppersmith, Subset Sum, Simultaneous Diophantine, Merkle-Hellman.  

Open source URL : http://airccse.org/journal/nsa/0312nsa12.pdf

http://airccse.org/journal/jnsa12_current.html

Co-operative Wireless Intrusion Detection System Using MIBs From SNMP

Co-operative Wireless Intrusion Detection System Using MIBs From SNMP

Ashvini Vyavhare, Varsharani Bhosale, Mrunal Sawant, Fazila Girkar

B .Tech Information Technology

Department of Computer and Information Technology

College of Engineering, Pune-5, MS, India.

Abstract

In emerging technology of Internet, security issues are becoming more challenging. In case of wired LAN it is somewhat in control, but in case of wireless networks due to exponential growth in attacks, it has made difficult to detect such security loopholes. Wireless network security is being addressed using firewalls, encryption techniques and wired IDS (Intrusion Detection System) methods. But the approaches which were used in wired network were not successful in producing effective results for wireless networks. It is so because of features of wireless network such as open medium, dynamic changing topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense etc. So, there is need for new approach which will efficiently detect intrusion in wireless network. Efficiency can be achieved by implementing distributive, co-operative based, multi-agent IDS. The proposed system supports all these three features. It includes mobile agents for intrusion detection which uses SNMP (Simple network Management Protocol) and MIB (Management Information Base) variables for mobile wireless networks.

Keywords

Multi- agent, MIB, SNMP, Security 

Original Source URL : http://airccse.org/journal/nsa/0312nsa11.pdf

http://airccse.org/journal/jnsa12_current.html

LPM: A DISTRIBUTED ARCHITECTURE AND ALOGORITHMS FOR LOCATION PRIVACY IN LBS

International Journal of Network Security & Its Applications (IJNSA)

**UGC Listed, ERA Indexed**

ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)

http://airccse.org/journal/ijnsa.html

Article

LPM: A DISTRIBUTED ARCHITECTURE AND ALOGORITHMS FOR LOCATION PRIVACY IN LBS

Authors

Muhamed Ilyas¹,Dr. R. Vijayakumar²

¹Research Scholar, School of Computer Science, Mahatma Gandhi University Kottayam, Kerala, India

² School of Computer Science, Mahatma Gandhi University Kottayam, Kerala, India 

Abstract

Recent advances in mobile communication and development of sophisticated equipments lead to the wide spread use of Location Based Services (LBS). A major concern for large-scale deployment of LBSs is the potential abuse of their client location data, which may imply sensitive personal information. Protecting location information of the mobile user is challenging because a location itself may reveal user identity. Several schemes have been proposed for location cloaking. In our paper, we propose a generic Enhanced Location Privacy Model (LPM), which describes the concept, the architecture, algorithms and the functionalities for location privacy in LBS. As per the architecture, the system ensures location privacy, without trusting anybody including the peers or LBS servers. The system is fully distributed and evaluation shows its efficiency and high level of privacy with QoS.

Keywords

Location privacy, Location Based Services, Location Cloaking, Distributed Query Processing

Original Source URL

http://airccse.org/journal/nsa/0312nsa10.pdf

http://airccse.org/journal/jnsa12_current.html

BIG DATA SECURITY AND PRIVACY ISSUES IN THE CLOUD

International Journal of Network Security & Its Applications (IJNSA)

**UGC Listed, ERA Indexed**

ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)

http://airccse.org/journal/ijnsa.html

Article

BIG DATA SECURITY AND PRIVACY ISSUES IN THE CLOUD

Authors

Ali Gholami and Erwin Laure
High Performance Computing and Visualization Department, KTH- Royal Institute of Technology, Stockholm, Sweden

Abstract

Many organizations demand efficient solutions to store and analyze huge amount of information. Cloud computing as an enabler provides scalable resources and significant economic benefits in the form of reduced operational costs. This paradigm raises a broad range of security and privacy issues that must be taken into consideration. Multi-tenancy, loss of control, and trust are key challenges in cloud computing environments. This paper reviews the existing technologies and a wide array of both earlier and state-ofthe-art projects on cloud security and privacy. We categorize the existing research according to the cloud reference architecture orchestration, resource control, physical resource, and cloud service management layers, in addition to reviewing the recent developments for enhancing the Apache Hadoop security as one of the most deployed big data infrastructures. We also outline the frontier research on privacy-preserving data-intensive applications in cloud computing such as privacy threat modeling and privacy enhancing solutions.

Keywords

Cloud Security, Privacy, Trust, Big Data, Virtualization, Data Protection

Original Source URL

http://aircconline.com/ijnsa/V8N1/8116ijnsa04.pdf

http://airccse.org/journal/jnsa16_current.html

A SECURITY STRATEGY AGAINST STEAL-AND-PASS CREDENTIAL ATTACKS

A SECURITY STRATEGY AGAINST STEAL-AND-PASS CREDENTIAL ATTACKS

Juan Ceballos

Security Consulting & Engineering, T-Systems International, Munich, Germany

ABSTRACT

Stealing and passing credentials is currently one of the preferred cyberattack techniques within the hacking community as shown by the increasing number of related incidents over the last years. Instead of targeting passwords, attackers focus on obtaining derived credentials like hashes and session tickets. This type of credentials facilitates taking advantage of omnipresent background mechanisms like Single Sign-On. A combination of malware and penetration tools is used in order to exploit architecture vulnerabilities and steal the credentials. Vulnerabilities also allow the attacker to get access to other systems and covertly take the control of central infrastructure like Active Directory. The ultimate goal is not creating damage that can be noticed but covertly and constantly leaking confidential information for profit or cyber spionage. This paper proposes a comprehensive strategy of six points against steal-and-pass credential attacks and is intended to mitigate the risk significantly. Even if some points of the strategy can be considered security best-practices, other points require the establishment of technical and process controls that are not part of typical security management programs. Controls have to be regularly reviewed as part of security audits, since administrators and other privileged users have often the means to remove or bypass technical controls.

KEYWORDS

Security, Cyberattack, Hacking, Malware, Security Threats & Countermeasures

ORIGINAL SOURCE URL : http://aircconline.com/ijnsa/V8N1/8116ijnsa03.pdf

http://airccse.org/journal/jnsa16_current.html

EMPLOYEE TRUST BASED INDUSTRIAL DEVICE DEPLOYMENT AND INITIAL KEY ESTABLISHMENT

International Journal of Network Security & Its Applications (IJNSA)

**UGC Listed, ERA Indexed**

ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)

http://airccse.org/journal/ijnsa.html

Article

EMPLOYEE TRUST BASED INDUSTRIAL DEVICE DEPLOYMENT AND INITIAL KEY ESTABLISHMENT

Authors

 Apala Ray¹, ² and Johan Akerberg², ³ and Mats Bjorkman³ and Mikael Gidlund⁴

¹ ABB Corporate Research, Bangalore, India

² Malardalen University, Vasteras, Sweden

 ³ ABB Corporate Research, Vasteras, Sweden

 ⁴ Mid Sweden University, Sundsvall, Sweden

Abstract

An efficient key management system is required to support cryptography. Most key management systems use either pre-installed shared keys or install initial security parameters using out-of-band channels. These methods create an additional burden for engineers who manage the devices in industrial plants. Hence, device deployment in industrial plants becomes a challenging task in order to achieve security. In this work, we present a device deployment framework that can support key management using the existing trust towards employees in a plant. This approach reduces the access to initial security parameters by employees; rather it helps to bind the trust of the employee with device commissioning. Thus, this approach presents a unique solution to the device deployment problem. Further, through a proof-of-concept implementation and security analysis using the AVISPA tool, we present that our framework is feasible to implement and satisfies our security objectives

Keywords

Key Distribution, Industrial Communication Security, Device deployment, Initial Trust, Device Authentication, AVISPA.

Original Source URL

http://aircconline.com/ijnsa/V8N1/8116ijnsa02.pdf

http://airccse.org/journal/jnsa16_current.html

DESIGN AND IMPLEMENTATION OF THE ADVANCED CLOUD PRIVACY THREAT MODELING

DESIGN AND IMPLEMENTATION OF THE ADVANCED CLOUD PRIVACY THREAT MODELING

Ali Gholami1, Anna-Sara Lind2, Jane Reichel2, Jan-Eric Litton3, Ake Edlund1,Erwin Laure1

1 High Performance Computing and Visualization Department,KTH Royal Institute of Technology, Stockholm, Sweden

2 Faculty of Law and Centre for Research Ethics and Bioethics,Uppsala University, Sweden

3 Department of Medical Epidemiology and Biostatistics,Karolinska Institutet, Sweden

ABSTRACT

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured approach for identifying attacks and proposing countermeasures against the exploitation of vulnerabilities in a system. This paper describes an extension of Cloud Privacy Threat Modeling (CPTM) methodology for privacy threat modeling in relation to processing sensitive data in cloud computing environments. It describes the modeling methodology that involved applying Method Engineering to specify characteristics of a cloud privacy threat modeling methodology, different steps in the proposed methodology and corresponding products. In addition, a case study has been implemented as a proof of concept to demonstrate the usability of the proposed methodology. We believe that the extended methodology facilitates the application of a privacy-preserving cloud software development approach from requirements engineering to design.

KEYWORDS

Threat Modeling, Privacy, Method Engineering, Cloud Software Development 

ORIGINAL SOURCE URL : http://aircconline.com/ijnsa/V8N2/8216ijnsa07.pdf

http://airccse.org/journal/jnsa16_current.html

THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES

International Journal of Network Security & Its Applications (IJNSA)
**UGC Listed, ERA Indexed**
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html

Article

THE INTERNET OF THINGS: NEW INTEROPERABILITY, MANAGEMENT AND SECURITY CHALLENGES

Authors

Mahmoud Elkhodr, Seyed Shahrestani and Hon Cheung School of Computing, Engineering and Mathematics, Western Sydney University, Sydney, Australia 

Abstract

The Internet of Things (IoT) brings connectivity to about every objects found in the physical space. It extends connectivity to everyday objects. From connected fridges, cars and cities, the IoT creates opportunities in numerous domains. However, this increase in connectivity creates many prominent challenges. This paper provides a survey of some of the major issues challenging the widespread adoption of the IoT. Particularly, it focuses on the interoperability, management, security and privacy issues in the IoT. It is concluded that there is a need to develop a multifaceted technology approach to IoT security, management, and privacy.  

KEYWORDS 

Internet of Things, Wireless Network, Security, Privacy, Management & Interoperability  

Original Source URL

http://aircconline.com/ijnsa/V8N2/8216ijnsa06.pdf

http://airccse.org/journal/jnsa16_current.html

CASCADE BLOCK CIPHER USING BRAIDING/ENTANGLEMENT OF SPIN MATRICES AND BIT ROTATION

CASCADE BLOCK CIPHER USING BRAIDING/ENTANGLEMENT OF SPIN MATRICES AND BIT ROTATION

D. Sravana Kumar1, P. Sirisha2 and CH. Suneetha3

1Reader in Physics, Dr. V.S. Krishna Government Degree College, Visakhapatnam

2Faculty in Mathematics, Indian Maritime University, Visakhapatnam

3Assistant Professor in Mathematics, GITAM University, Visakhapatnam

ABSTRACT

Secure communication of the sensitive information in disguised form to the genuine recipient so that an intended recipient alone can remove the disguise and recover the original message is the essence of Cryptography. Encrypting the message two or more times with different encryption techniques and with different keys increases the security levels than the single encryption. A cascade cipher is stronger than the first component. This paper presents multiple encryption schemes using different encryption techniques Braiding/Entanglement of Pauli Spin 3/2 matrices and Rotation of the bits with independent secret keys.

KEYWORDS

Multiple Encryption, Braiding/Entanglement, Rotation of the bits, Encryption and Decryption. 

ORIGINAL SOURCE URL : http://aircconline.com/ijnsa/V8N2/8216ijnsa05.pdf

http://airccse.org/journal/jnsa16_current.html

A SECURITY EVALUATION FRAMEWORK FOR U.K. E-GOVERNMENT SERVICES AGILE SOFTWARE DEVELOPMENT

A SECURITY EVALUATION FRAMEWORK FOR U.K. E-GOVERNMENT SERVICES AGILE SOFTWARE DEVELOPMENT

Steve Harrison1,Antonis Tzounis2, Leandros Maglaras1, Francois Siewe1, Richard Smith1 and Helge Janicke1

1De Montfort University, The Gateway, Leicester LE1 9BH, United Kingdom

2Department of Agriculture, Crop Production & Rural Environment , University of Thessaly, Volos, Greece

ABSTRACT

This study examines the traditional approach to software development within the United Kingdom Government and the accreditation process. Initially we look at the Waterfall methodology that has been used for several years. We discuss the pros and cons of Waterfall before moving onto the Agile Scrum methodology. Agile has been adopted by the majority of Government digital departments including the Government Digital Services. Agile, despite its ability to achieve high rates of productivity organized in short, flexible, iterations, has faced security professionals’ disbelief when working within the U.K. Government. One of the major issues is that we develop in Agile but the accreditation process is conducted using Waterfall resulting in delays to go live dates. Taking a brief look into the accreditation process that is used within Government for I.T. systems and applications, we focus on giving the accreditor the assurance they need when developing new applications and systems. A framework has been produced by utilising the Open Web Application Security Project’s (OWASP) Application Security Verification Standard (ASVS). This framework will allow security and Agile to work side by side and produce secure code.

KEYWORDS

Agile programming, OWASP, Waterfall Methodology 

ORIGINAL SOURCE URL : http://aircconline.com/ijnsa/V8N2/8216ijnsa04.pdf

http://airccse.org/journal/jnsa16_current.html

A NOVEL CHARGING AND ACCOUNTING SCHEME IN MOBILE AD-HOC NETWORKS

A NOVEL CHARGING AND ACCOUNTING SCHEME IN MOBILE AD-HOC NETWORKS

Inna Kofman1 and Nurul Huda2

1University of Duesseldorf, Department of Computer Science,Duesseldorf, Germany

2Ted Rogers School of Information Technology Management,Ryerson University, Toronto

ABSTRACT

Because of the lack of infrastructure in mobile ad hoc networks (MANETs), their proper functioning must rely on co-operations among mobile nodes. However, mobile nodes tend to save their own resources and may be reluctant to forward packets for other nodes. One approach to encourage co-operations among nodes is to reward nodes that forward data for others. Such an incentive-based scheme requires a charging and accounting framework to control and manage rewards and fines (collected from users committing infractions). In this paper, we propose a novel charging and accounting scheme for MANETs. We present a detailed description of the proposed scheme and demonstrate its effectiveness via formal proofs and simulation results [15]. We develop a theoretical game model that offers advice to network administrators about the allocation of resources for monitoring mobile nodes. The solution provides the optimal monitoring probability, which discourages nodes from cheating because the gain would be compensated by the penalty.

KEYWORDS

Mobile Ad-hoc Networks, Cooperation, Security, Game Theory, Inspection Game. 

ORIGINAL SOURCE URL : http://aircconline.com/ijnsa/V8N2/8216ijnsa01.pdf

http://airccse.org/journal/jnsa16_current.html

INTRUSION DETECTION SYSTEM USING DISCRETE FOURIER TRANSFORM WITH WINDOW FUNCTION

International Journal of Network Security & Its Applications (IJNSA)

--- UGC Listed, ERA Indexed----

ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)

http://airccse.org/journal/ijnsa.html

Article

INTRUSION DETECTION SYSTEM USING DISCRETE FOURIER TRANSFORM WITH WINDOW FUNCTION

 Authors

Yusuke Tsuge and HidemaTanaka
National Defense Academy of Japan Hashirimizu 1-10-20 Yokosuka, Kanagawa Japan 239-8686,  

Abstract

An Intrusion Detection System (IDS) is counter measure against network attack. There are mainly two types of detections; signature-based and anomaly-based. And there are two kinds of error; false negative and false positive. In development of IDS, establishment of a method to reduce such false is a major issue. In this paper, we propose a new anomaly-based detection method using Discrete Fourier Transform (DFT)with window function. In our method, we assume fluctuation of pay load in ordinary sessions as random. On the other hand, we can see fluctuation in attack sessions have bias. From the view point of spectrum analysis based on such assumption, we can find out different characteristic in spectrum of attack sessions. Using the characteristic, we can detect attack sessions. Example detection against Ky o to 2006+ data set shows 12.0% of false positive at most,and 0.0% of false negative

Keywords

Intrusion Detection System, Discrete Fourier Transform, window function, Kyoto2006+ dataset

Original Source URL: http://aircconline.com/ijnsa/V8N2/8216ijnsa02.pdf

http://airccse.org/journal/jnsa16_current.html

TRENDS TOWARD REAL-TIME NETWORK DATA STEGANOGRAPHY

International Journal of Network Security & Its Applications (IJNSA)

--- UGC Listed, ERA Indexed----

ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)

http://airccse.org/journal/ijnsa.html

Article

TRENDS TOWARD REAL-TIME NETWORK DATA STEGANOGRAPHY

 Authors

James Collins, Sos Agaian 

Department of Electrical and Computer Engineering The University of Texas at San Antonio, San Antonio, Texas, USA

Abstract

Network steganography has been a well-known covert data channeling method for over three decades. The basic set of techniques and implementation tools have not changed significantly since their introduction in the early 1980’s. In this paper, we review the predominant methods of classical network steganography, describing the detailed operations and resultant challenges involved in embedding data in the network transport domain. We also consider the various cyber threat vectors of network steganography and point out the major differences between classical network steganographyand the widely known end-point multimedia embedding techniques, which focus exclusively on static data modification for data hiding. We then challenge the security community by introducing an entirely new network data hiding methodology, whichwe refer to as real-time network data steganography. Finally, we provide the groundwork for this fundamental change of covert network data embedding by introducing a system-level implementation for real-time network data operations that will open the path for even further advances in computer network security.

Keywords

Network Steganography, Real-time Networking, TCP/IP Communications, Network Protocols

Original Source URL: http://aircconline.com/ijnsa/V8N2/8216ijnsa01.pdf

http://airccse.org/journal/jnsa16_current.html

AUTHENTICATION USING TRUST TO DETECT MISBEHAVING NODES IN MOBILE AD HOC NETWORKS USING Q-LEARNING

AUTHENTICATION USING TRUST TO DETECT MISBEHAVING NODES IN MOBILE AD HOC NETWORKS USING Q-LEARNING

S.Sivagurunathan1, K.Prathapchandran2 and A.Thirumavalavan3

1, 2 Department of Computer Science and Applications Gandhigram Rural Institute-Deemed University, Gandhigram-624 302 Tamilnadu, India

3Department of Computer Science Arignar Anna Government Arts College, Attur Tamilnadu, India

ABSTRACT

Providing security in Mobile Ad Hoc Network is crucial problem due to its open shared wireless medium, multi-hop and dynamic nature, constrained resources, lack of administration and cooperation. Traditionally routing protocols are designed to cope with routing operation but in practice they may be affected by misbehaving nodes so that they try to disturb the normal routing operations by launching different attacks with the intention to minimize or collapse the overall network performance. Therefore detecting a trusted node means ensuring authentication and securing routing can be expected. In this article we have proposed a Trust and Q-learning based Security (TQS) model to detect the misbehaving nodes over Ad Hoc On Demand Distance-Vector (AODV) routing protocol. Here we avoid the misbehaving nodes by calculating an aggregated reward, based on the Q-learning mechanism by using their historical forwarding and responding behaviour by the way misbehaving nodes can be isolated.

KEYWORDS

Mobile Ad hoc Networks Security, Routing, AODV, Historical, Response, Trust, Authentication & Q-Learning 

ORIGINAL SOURCE URL : http://aircconline.com/ijnsa/V8N3/8316ijnsa04.pdf

http://airccse.org/journal/jnsa16_current.html