Tuesday, September 24, 2019

A HYBRID APPROACH COMBINING RULE-BASED AND ANOMALY-BASED DETECTION AGAINST DDOS ATTACKS

A HYBRID APPROACH COMBINING RULE-BASED AND ANOMALY-BASED DETECTION AGAINST DDOS ATTACKS

Chin-Ling Chen1 and Hsin-Chiao Chen2

1Department of Information Management, National Pingtung University, Pingtung,Taiwan, 900
2Department of Information Management, National Pingtung Institute of Commerce,Pingtung, Taiwan, 900

ABSTRACT

We have designed a hybrid approach combining rule-based and anomaly-based detection against DDoS attacks. In the approach, the rule-based detection has established a set of rules and the anomaly-based detection use one-way ANOVA test to detect possible attacks. We adopt TFN2K (Tribe Flood, the Net 2K) as an attack traffic generator and monitor the system resource of the victim like throughput, memory utilization, CPU utilization consumed by attack traffic. Target users of the proposed scheme are data center administrators. The types of attack traffic have been analysed and by that we develop a defense scheme. The experiment has demonstrated that the proposed scheme can effectively detect the attack traffic.

KEYWORDS

Distributed denial of service, firewall, detection





at No comments:
Labels: , ,

Monday, September 23, 2019

A BASTION MOBILEID-BASED AUTHENTICATION TECHNIQUE (BMBAT)

A BASTION MOBILEID-BASED AUTHENTICATION TECHNIQUE (BMBAT)
Abdelmunem Abuhasan1and Adwan Yasin2
1,2Department of Computer Science, Arab American University, Jenin, Palestine

ABSTRACT

Despite their proven security breaches, text passwords have been dominating all other methods of human authentication over the web for tens of years, however, the frequent successful attacks that exploit the passwords vulnerable model raises the need to enhance web authentication security. This paper proposes BMBAT; a new authentication technique to replace passwords, that leverages the pervasive user mobile devices, QR codes and the strength of symmetric and asymmetric cryptography. In BMBAT, the user’s mobile device acts as a user identity prover and a verifier for the server; it employs a challenge-response model with a dual mode of encryption using AES and RSA keys to mutually authenticate the client to the server and vice-versa. BMBAT combats a set of attack vectors including phishing attacks, man in the middle attacks, eavesdropping and session hijacking. A prototype of BMBAT has been developed and evaluated; the evaluation results show that BMBAT is a feasible and competitive alternative to passwords.

KEYWORDS

Web Authentication, Mobile Authentication, phishing, User Identity, Password.







at No comments:
Labels: , , , ,

Friday, September 20, 2019

A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE

A MECHANISM FOR EARLY DETECTING DDOS ATTACKS BASED ON M/G/R PS QUEUE 
Nguyen Hong Son
Department of Information and Communication Technology, Post and Telecommunication Institute of Technology, Ho Chi Minh City, Viet Nam

ABSTRACT

When service system is under DDoS attacks, it is important to detect anomaly signature at starting time of attack for timely applying prevention solutions. However, early DDoS detection is difficult task because the velocity of DDoS attacks is very high. This paper proposes a DDoS attack detection method by modeling service system as M/G/R PS queue and calculating monitoring parameters based on the model in odder to early detect symptom of DDoS attacks. The proposed method is validated by experimental system and it gives good results.

KEYWORDS

DDoS, Detection, M/G/R Processor Sharing queue





at No comments:
Labels: , ,

Thursday, September 19, 2019

STEGANALYSIS ALGORITHM FOR PNG IMAGES BASED ON FUZZY LOGIC TECHNIQUE

STEGANALYSIS ALGORITHM FOR PNG IMAGES BASED ON FUZZY LOGIC TECHNIQUE
Jawaher alqahtani, Daniyal Alghazzawi1 and Li Cheng2
1Department of Information Systems, King Abdulaziz University, Jeddah, Saudi Arabia
2Xinjiang Technical Institute of Physics & Chemistry, Chinese Academy of Sciences, China

ABSTRACT

Embedding a message in media files, also known as steganography, is a common approach to hide secret information. It has been exploited by some criminals to  confidentially exchange messages. As a countermeasure, tools have been developed in order to detect hidden information form digital media such as text, image, audio or video files. However the efficiency and performance of previous approaches still have room for improvement. In this research, we focus on algorithm design for better efficiency of hidden message detection from PNG files. We employ three classic AI approaches including neural network, fuzzy logic, and genetic algorithm and evaluate their efficiency and performance in controlled experiments. Finally we introduce our message detection system for PNG files based on LSB approach and present its
usability in different case scenarios.

KEYWORDS

Steganography, Steganalysis, Artificial Intelligence, fuzzy logic. 




at No comments:
Labels: , , ,

Wednesday, September 18, 2019

A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to Enhance the Information Security

A Universal Session Based Bit Level Symmetric Key Cryptographic Technique to Enhance the Information Security
Manas Paul1 and Jyotsna Kumar Mandal2
1 Dept. of Comp. Application, JIS College of Engineering, Kalyani, West Bengal, India
2Dept. of C.S.E., Kalyani University, Kalyani, West Bengal, India

ABSTRACT

In this technical paper a session based symmetric key cryptographic technique, termed as SBSKCT, has been proposed. This proposed technique is very secure and suitable for encryption of large files of any type. SBSKCT considers the plain text as a string with finite no. of binary bits. This input binary string is broken down into blocks of various sizes (of 2k  order where k = 3, 4, 5, ….). The encrypted binary string is formed by shifting the bit position of each block by a certain values for a certain number of times and from this string cipher text is formed. Combination of values of block length, no. of blocks and no. of iterations generates the session based key for SBSKCT. For decryption the cipher text is considered as binary string. Using the session key information, this binary string is broken down into blocks. The decrypted binary string is formed by shifting the bit position of each block by a certain values for a certain number of times and from this string plain text is reformed. A comparison of SBSKCT with existing and industrially accepted TDES and AES has been done.

Keywords

SBSKCT, Cryptography, Symmetric Key, Plain text, Cipher text, Session Based Key, TDES, AES. 







at No comments:
Labels: , , , , , , ,

Monday, September 16, 2019

International Journal of Network Security & Its Applications (IJNSA)

International Journal of Network Security & Its Applications (IJNSA)

ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
              
Submission Deadline  : September 21, 2019

Contact Us

Here's where you can reach us : ijnsa@airccse.org or ijnsa@aircconline.com

Submission System





at No comments:
Labels:

Call for Papers - International Journal of Network Security & Its Applications (IJNSA)


International Journal of Network Security & Its Applications (IJNSA)
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html
                
Scope & Topics

The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.

Topics of Interest include, but are not limited to, the following:

  • Network and Wireless Network Security
  • Mobile, Ad Hoc and Sensor Network Security
  • Peer-to-Peer Network Security
  • Database and System Security
  • Intrusion Detection and Prevention
  • Internet Security & Applications
  • Security & Network Management
  • E-mail security, Spam, Phishing, E-mail fraud
  • Virus, worms, Trojan Protection
  • Security threats & countermeasures (DDoS, MiM, Session Hijacking, Replay attack etc,)
  • Ubiquitous Computing Security
  • Web 2.0 security
  • Cryptographic protocols
  • Performance Evaluations of Protocols & Security Application

Paper submission

Authors are invited to submit papers for this journal through e-mail ijnsa@airccse.org or Submission System.  Submissions must be original and should not have been published previously or be under consideration for publication while being evaluated for this Journal.

Important Dates

  • Submission Deadline  : September 21, 2019
  • Notification                    :  October 21, 2019
  • Final Manuscript Due    :  October 28, 2019
  • Publication Date            :  Determined by the Editor-in-Chief

Contact Us

Here's where you can reach us : ijnsa@airccse.org or ijnsa@aircconline.com

Submission System

http://coneco2009.com/submissions/imagination/home.html

Current issue URL : http://airccse.org/journal/jnsa19_current.html

Here you can reach us in social Medias

Facebook : https://www.facebook.com/profile.php?id=100009698498932
Twitter : https://twitter.com/CapeIjnsa
Academia : https://independent.academia.edu/BrendonClarke




at No comments:
Labels: ,

HOW TO AVOID THE N-1 ATTACK WITHOUT COSTLY IMPLEMENTATIONS

HOW TO AVOID THE N-1 ATTACK WITHOUT COSTLY IMPLEMENTATIONS
David Tinoco Varela
Computational Science Graduate Program, Facultad de Estudios Superiores Cuautitlán,Universidad Nacional Autónoma de México, Edo. de Mex. 54740, México

ABSTRACT

Simple Power Analysis (SPA) attacks are widely used against several cryptosystems, principally against cryptosystems based on modular exponentiation. Many types of SPA have been reported in the literature, Yen et al. introduced the N-1 attack, which uses chosen input messages to obtain relevant information from the attacked cryptosystem. Their attack was implemented on the square-and-multiply always and on the BRIP algorithm, both algorithms in left-to-right form. There are possible countermeasures against this attack, but all of them are costly and time consuming. In this paper, a computationally efficient and effective method to avoid the N-1 attack is investigated.

KEYWORDS

Simple Power Analysis, N-1 Attack, Modular Exponentiation, Embedded Devices. 




at No comments:
Labels: , , ,

Thursday, September 12, 2019

DOMINANT FEATURES IDENTIFICATION FOR COVERT NODES IN 9/11 ATTACK USING THEIR PROFILE

DOMINANT FEATURES IDENTIFICATION FOR COVERT NODES IN 9/11 ATTACK USING THEIR PROFILE
S.KARTHIKA, A.KIRUTHIGA AND S.BOSE
ANNA UNIVERSITY

ABSTRACT

In recent days terrorism poses a threat to homeland security. The major problem faced in network analysis is to automatically identify the key player who can maximally influence other nodes in a large relational covert network. The existing centrality based and graph theoretic approach are more concerned about the network structure rather than the node attributes. In this paper an unsupervised framework SoNMine has been developed to identify the key players in 9/11 network using their behavioral profile. The behaviors of nodes are analyzed based on the behavioral profile generated. The key players are identified using the outlier analysis based on the profile and the highly communicating node is concluded to be the most influential person of the covert network. Further, in order to improve the classification of a normal and outlier node, intermediate reference class R is generated. Based on these three classes the most dominating feature set is determined which further helps to accurately justify the outlier nodes.

KEYWORDS

Social Network Analysis (SNA), Terrorism, Behavioral profile, Outlier Analysis, Dominant feature set.








at No comments:
Labels: , , , ,

Tuesday, September 10, 2019

A Novel Energy Efficient and Administrator Based Secured Routing in MANET

A Novel Energy Efficient and Administrator Based Secured Routing in MANET

Himadri Nath Saha #1, Dr. Debika Bhattacharyya #2, Dr. P. K.Banerjee*3
Assistant Professor #1, Professor #2, Professor *3
Department of Computer Science and Engineering, Institute of Engineering and Management, West Bengal, India #1, #2
Department of Electronics and Telecommunication Engineering, Jadavpur university,West Bengal, India*3

Abstract:

The lack of static infrastructure causes several issues in mobile Ad Hoc network , such as energy utilization, node authentication and secure routing. In this paper we propose a new scheme for energy efficient secure routing of data packets in MANET. This approach will reduce the computational overhead to make it more energy efficient than existing schemes. As there is no stationary infrastructure,each node in MANET acts a router that forwards data packets to other nodes. Therefore selection of effective, suitable, adaptive and robust routing scheme is of utmost importance. We have reduced the amount of network activity for each node required to route a data packet. This leads to lesser wastage of energy and increases security.Our simulation results will show how this is energy efficient and secure. Finally we have discussed how this scheme prevents various attacks which may jeopardize any wireless network.

Keywords:

Administrator; associative node; traversed Administrator field; watch nodes; backtracking bit,MANET.











at No comments:
Labels: ,

Sunday, September 8, 2019

NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT CONTRACTING

NON-PROFIT ORGANIZATIONS’ NEED TO ADDRESS SECURITY FOR EFFECTIVE GOVERNMENT CONTRACTING

Lee E. Rice1 and Syed (Shawon) M. Rahman, Ph.D.2
1 School of Business and IT, Capella University, Minneapolis, MN, USA

2Assistant Professor, Dept. of Computer Science, University of Hawaii-Hilo, HI USA and Adjunct Faculty, School of Business and IT, Capella University, Minneapolis, MN

ABSTRACT

The need for information security within small to mid-size companies is increasing. The risks of information security breach, data loss, and disaster are growing. The impact of IT outages and issues on the company are unacceptable to any size business and their clients. There are many ways to address the security for IT departments. The need to address risks of attacks as well as disasters is important to the IT security policies and procedures. The IT departments of small to medium companies have to address these security concerns within their budgets and other limited resources.Security planning, design, and employee training that is needed requires input and agreement from all levels of the company and management. This paper will discuss security needs and methods to implement them into a corporate infrastructure.

KEYWORDS

Information security, security breach, data loss, disaster recovery,corporate infrastructure

















at No comments:
Labels: , , , ,

Friday, September 6, 2019

EVALUATION OF SECURITY ATTACKS ON UMTS AUTHENTICATION MECHANISM

EVALUATION OF SECURITY ATTACKS ON UMTS AUTHENTICATION MECHANISM
Mojtaba Ayoubi Mobarhan, Mostafa Ayoubi Mobarhan and Asadollah Shahbahrami
Department of Computer Engineering, Faculty of Engineering,
University of Guilan, Rasht, Iran

ABSTRACT

In this study security of internet access over the Third Generation (3G) telecommunication systems is considered and Universal Mobile Telecommunications System (UMTS) is selected as the most popular system among 3G systems. The study then focuses on network access security mechanism of UMTS, called Authentication and Key Agreement (AKA). In addition, twenty types of important attacks and threats in UMTS system are presented and classified based on three major security factors; authentication, confidentiality, and data integrity. The evaluations finally show that the authentication factor is more interesting than other factors for hackers. Then, we describe four attacks named; man-inthe-middle, denial of service, identity catching, and redirection as the most significant attacks against authentication mechanism. Furthermore, we provide some solutions and methods to improve AKA mechanism and prevent these attacks in UMTS system.

KEYWORDS

GSM System, Telecommunications System, UMTS Security, Denial of Service Attack, Authentication and Key Agreement. 













at No comments:
Labels: , , , ,

Wednesday, September 4, 2019

Multi Stage Filter Using Enhanced Adaboost for Network Intrusion Detection

Multi Stage Filter Using Enhanced Adaboost for Network Intrusion Detection
P.Natesan1, P.Balasubramanie2
Department of Computer Science and Engineering, Kongu Engineering College, Perundurai, Erode 638 052, Tamilnadu, India

Abstract

Based on the analysis and distribution of network attacks in KDDCup99 dataset and real time traffic, this paper proposes a design of multi stage filter which is an efficient and effective approach in dealing with various categories of attacks in networks. The first stage of the filter is designed using Enhanced Adaboost with Decision tree algorithm to detect the frequent attacks occurs in the network and the second stage of the filter is designed using enhanced Adaboost with Naïve Byes algorithm to detect the moderate attacks occurs in the network. The final stage of the filter is used to detect the infrequent attack which is designed using the enhanced Adaboost algorithm with Naïve Bayes as a base learner. Performance of this design is tested with the KDDCup99 dataset and is shown to have high detection rate with low false alarm rates.

Keywords

Enhanced Adaboost, multi stage filter, decision tree, Naive Bayes classification, detection rate, false alarm rate.





at No comments:
Labels: , , , , ,

Tuesday, September 3, 2019

8th International Conference on Software Engineering and Applications (JSE-2019)

8th International Conference on Software Engineering and Applications (JSE-2019)
September 28 ~ 29, 2019, Copenhagen, Denmark
Important Dates:

Submission Deadline : September 07, 2019 (Final Call)
Notification                    : September 10, 2019
Registration & Camera-Ready Paper Due : September 18, 2019

Here's where you can reach us: jse@cst2019.org or jseconf@yahoo.com


at No comments:
Labels:

Monday, September 2, 2019

Top Cited Papers - International Journal of Network Security & Its Applications (IJNSA)


International Journal of Network Security & Its Applications (IJNSA)
ISSN 0974 - 9330 (Online); 0975 - 2307 (Print)

Submission Deadline  : September 07, 2019

Submission System

Contact Us
Here's where you can reach us : ijnsa@airccse.org or ijnsa@aircconline.com

at No comments:
Labels:

Sunday, September 1, 2019

LOSSLESS RECONSTRUCTION OF SECRET IMAGE USING THRESHOLD SECRET SHARING AND TRANSFORMATION

LOSSLESS RECONSTRUCTION OF SECRET IMAGE USING THRESHOLD SECRET SHARING AND TRANSFORMATION 

P. Devaki1 , Dr. G. Raghavendra Rao2

1Department of Information Science & Engineering, NIE, Mysore
 2Department of Computer Science & Engineering, NIE, Mysore
ABSTRACT

This paper is proposed to provide confidentiality of the secret image which can be used by multiple users or to store on multiple servers. A secret sharing is a technique to protect the secret information which will be used by multiple users. The threshold secret sharing is more efficient as it is possible to reconstruct the secret with the threshold number of shares. Along with Shamir’s secret sharing method we propose to use the radon transformation before dividing the image in to shares. This transformation is used so that the shares will not have the original pixel intensity. The run length code is used to compress the image after the transformation. Then apply secret sharing technique. The reconstruction of the image results in original image by applying the operations in the reverse order.

KEYWORDS

Threshold secret sharing, Confidentiality, Transformation, Compression.


at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)...