International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1157
An Efficient Approach for Detection of Compromised SDN Switches and Restoration of Network Flow
Статья научная
In Software Defined Networking (SDN) the data plane is separated from the controller plane to achieve better functionality than the traditional networking. Although this approach poses a lot of security vulnerabilities due to its centralized approach. One significant issue is compromised SDN switches because the switches are dumb in SDN architecture and in absence of any intelligence it can be a easy target to the attackers. If one or more switches are attacked and compromised by the attackers, then the whole network might be down or defunct. Therefore, in this work we have devised a strategy to successfully detect the compromised SDN switches, isolate them and then reconstruct the whole network flow again by bypassing the compromised switches. In our proposed approach of detection, we have used two controllers, one as primary and another as secondary which is used to run and validate our algorithm in the detection process. Flow reconstruction is the next job of the secondary controller which after execution is conveyed to the primary controller. A two-controller strategy has been used to balance the additional load of detection and reconstruction activity from the master controller and thus achieved a balanced outcome in terms of running time and CPU utilization. All the propositions are validated by experimental analysis of the results and compared with existing state of the art to satisfy our claim.
Бесплатно
An Efficient Chaos-based Image Encryption Scheme Using Affine Modular Maps
Статья научная
Linear congruential generator has been widely applied to generate pseudo-random numbers successfully. This paper proposes a novel chaos-based image encryption scheme using affine modular maps, which are extensions of linear congruential generators, acting on the unit interval. A permutation process utilizes two affine modular maps to get two index order sequences for the shuffling of image pixel positions, while a diffusion process employs another two affine modular maps to yield two pseudo-random gray value sequences for a two-way diffusion of gray values. Experimental results are carried out with detailed analysis to demonstrate that the proposed image encryption scheme possesses large key space to frustrate brute-force attack efficiently and can resist statistical attack, differential attack, known-plaintext attack as well as chosen-plaintext attack thanks to the yielded gray value sequences in the diffusion process not only being sensitive to the control parameters and initial conditions of the considered chaotic maps, but also strongly depending on the plain-image processed.
Бесплатно
Статья научная
Information security is indispensable in the transmission of multimedia data. While accumulating and distributing such multimedia data, the access of data from a third person is the real security challenging issue. Information hiding plays an important role. Scramble the data before hiding it in carrier media gives enhanced security level for the data. In this paper, bit plane slicing is used to represent an input image with eight planes at bit-level instead of pixel-level. As the least significant bit contains noisy information, only the most significant bit plane can be used to represent an image. At the first level, an input image is processed through the spatial domain. Transform domain techniques are used to process the image at the middle level. Elliptic curve cryptography is used to scramble and descramble the MSB plane image. A logistic chaotic sequence of the input image is added to the most significant bit plane image to generate the final scrambled image. The discrete wavelet transform is used to embed the scrambled image in its high-frequency sub-bands. At the last level, a least significant bit technique, a spatial domain is used to embed the scrambled image in the carrier image. Message integrity is also verified by finding the hash of an input image. The performance of the proposed method is evaluated through various security measures. It gives good results as number of pixel change rate is closer to 100% and unified average changing intensity is 33.46.
Бесплатно
An Efficient IoT Based Intrusion Detection System Using Optimization Kernel Extreme Learning Machine
Статья научная
The Internet of Things (IoT) is an ever-expanding network that links all objects to the web so that they can communicate with one another using standardized protocols. Recently, IoT networks have been extensively used in advanced applications like smart factories, smart homes, smart grids, smart cities, etc. They can be used in conjunction with artificial intelligence (AI) and machine learning to facilitate a data collection procedure that is both simplified and more dynamic. Along with the services provided by IoT applications, various security issues are also raised. The accessing of IoT devices is mainly through an untrusted network like the Internet which makes them unprotected against a wide range of malicious attacks. The detection performance of current IDSs is hindered by issues including false alarms, low detection rate, an unbalanced dataset, and slow response time. This study proposes a new intrusion detection system (IDS) for the IoT that utilizes the chaotic improved Black Widow Optimization Kernel Extreme Learning Machine (CIBWO-KELM) algorithm to address these problems. Initially, the pre-processing of the dataset is carried out using min-max normalization, changing string values to numerical values and changing IP address to numerical values. The selection of the highest performing feature set is achieved through the information gain method (IGM), and finally, the intrusion detection is performed by the CIBWO-KELM algorithm. Python is the tool utilized for testing, while the BoT-IoT dataset is used for simulation analysis. The suggested model achieves an accuracy level of 99.7% when applied to the BoT-IoT dataset. In addition, the results of the studies demonstrate that the proposed model outperforms other current techniques.
Бесплатно
Статья научная
Steganography is the art of amalgamating the secret message into another public message which may be text, audio or video file in a way that no one can know or imperceptible the existence of message. So, the secret message can send in a secret and obscure way using steganography techniques. In this paper, we use the audio steganography where the secret message conceal in audio file. We use audio rather than image because the human auditory system (HAS) is more sensitive than human visual system (HVS). We propose an audio steganography algorithm, for embedding text, audio or image based on Lifting Wavelet Transform (LWT) transform with modification of Least Significant Bit (LSB) technique and three random keys where these key is used to increase the robustness of the LSB technique and without it no one can know the sort of secret message type, the length of the secret message and the initial position of the embedded secret message in LSB. The performance of our algorithm is calculated using SNR and we compare the values of our proposed method with some known algorithms.
Бесплатно
An Efficient Multi-keyword Symmetric Searchable Encryption Scheme for Secure Data Outsourcing
Статья научная
Symmetric searchable encryption (SSE) schemes allow a data owner to encrypt its data in such a way that it could be searched in encrypted form. When searching over encrypted data the retrieved data, search query, and search query outcome everything must be protected. A series of SSE schemes have been proposed in the past decade. In this paper, we are going to propose our an efficient multi-keyword symmetric searchable encryption scheme for secure data outsourcing and evaluate the performance of our proposed scheme on a real data set.
Бесплатно
An Efficient Novel Key Management Scheme for Enhancing User Authentication in A WSN
Статья научная
The Wireless Sensor Networks are energy constrained and are normally low cost and low power devices. These nodes are deployed over a specific area for specific goals. Due to energy and memory constraints, secure communication among these sensors is challenging management issue. In order to ensure security, proper connectivity among nodes and resilience against node capture, we propose a scheme called as Random Pre-Key distribution scheme which takes advantage of the binomial key pattern while creating and distributing keys. The value of keys would develop the number of patterns, which is given by the binomial distribution, which would be helpful in maintaining a key pool which is all though random in nature and following a pattern leads to more probability of network connection links. This paper provides a secured communication in WSNs environment and pairing user authentication has been proposed. We employ the idea of dividing the sensor network field into scattered nodes. Inside the scenario, one of the sensor nodes is selected as a server sensor node which is responsible for delivering the key. The novelty of the proposed scenario lies behind the idea of incorporating the sensor nodes along with the proper user authentications. We calculate the throughput involving a periodic traffic and obtained results from the xgraph utility with the use of Network Simulator. The results of this key scheme are obtained and show that improvement in terms of connectivity.
Бесплатно
An Efficient Optimized Neural Network System for Intrusion Detection in Wireless Sensor Networks
Статья научная
In the realm of wireless network security, the role of intrusion detection cannot be overstated in identifying and thwarting malicious activities within communication channels. Despite the existence of various intrusion detection system (IDS) approaches, challenges persist in terms of accurate classification and specification. Consequently, this article introduces a novel and innovative approach, the African Vulture-based Modular Neural System (AVbMNS), to address these issues. This research aims to detect and categorize malicious events in wireless networks effectively. The methodology begins with preprocessing the dataset and extracting relevant features. These extracted features are then subjected to a novel training technique to enhance the detection and classification of network attacks. The integration of African Vulture optimization significantly enhances the detection rate, leading to more precise attack identification. The research's effectiveness is demonstrated through validation using the NSL-KDD dataset, with impressive results. The performance analysis reveals that the developed model achieves a remarkable 99.87% detection rate and 99.92% accuracy when applied to the NSL-KDD dataset. Furthermore, the outcomes of this novel model are compared with existing approaches to gauge the extent of improvement. The comparative assessment affirms that the developed model outperforms its counterparts, underscoring its effectiveness in addressing the challenges of intrusion detection in wireless networks.
Бесплатно
An Efficient Position based Power Aware Routing Algorithm in Mobile Ad-hoc Networks
Статья научная
In this paper we introduced an efficient scheme based on a weighted metric of remaining battery power, speed and distance of nodes for determining routes in wireless Mobile Ad hoc Networks (MANET). For the cases where significant difference in the velocities of the communicating nodes or the battery power of the intermediate nodes is low, traditional schemes fail to establish the communication among nodes with reliable QoS. We proposed a new algorithm that uses weighted combination of metrics of distance, velocity and battery power in selecting the route over earlier MFR (Most Forward within Radius) method. The proposed scheme encompasses the load balancing issues and eventually it increases the network lifetime and network performance. Simulation experiment showed that the proposed algorithm reduces the packet loss than that of existing MFR algorithm. Experimental results also revealed that besides packet loss, the proposed strategy achieves higher throughput (14.35%) rate than that of existing MFR. Furthermore, usages of these new metrics ensure the higher mean time to node failure.
Бесплатно
An Efficient Route Failure Detection Mechanism with Energy Efficient Routing (EER) Protocol in MANET
Статья
Mobile ad-hoc network (MANET) is a network with two or more number of nodes with restricted energy constraint. The high dynamic nature in MANET attracts needs to consider the energy efficient features in their construct. The routing protocol is an important criterion to be considered for evaluating the performance of the MANET. Energy consumption plays vital role in MANET. Hence designing the scheme that supports energy efficient is much needed for the high dynamic MANET environment concerned. This paper proposes the Energy Efficient Routing (EER) protocol based on efficient route failure detection. The Scope of this paper is to suggest a fresh routing procedure for Mobile Ad-hoc Network minimizes unsuccessful communication. The projected procedure practices three important criterions to locate the path that assure authentic communication. The channel caliber, connection caliber and node’s residual energy is important reason for the failure of the node in MANET. Hence, the suggested routing mechanism believes these three different parameters to choose the finest node in the route. The reliable transmission and reception are attained by transferring information through route nominated by the suggested system verified by means of NS-2 simulator.
Бесплатно
An Efficient and Secure Blockchain Consensus Algorithm Using Game Theory
Статья научная
Blockchain technology is a decentralized ledger system that finds applications in various domains such as banking, e-governance, and supply chain management. The consensus algorithm plays a crucial role in any blockchain network as it directly impacts the network's performance and security. There have been several proposed consensus mechanisms in the literature, including Proof of Work (PoW), Proof of Stake (PoS), Robust Proof of Stake (RPoS), and Delegated Proof of Stake (DPoS). Both Ethereum and Bitcoin utilize the PoW consensus mechanism, where nodes compete to solve puzzles in order to generate blocks, consuming significant processing power. On the other hand, the PoS consensus mechanism selects miners based on the stakes they hold, making it more energy efficient. However, PoS has drawbacks such as vulnerability to coin age accumulation attacks and the potential for partial centralization. In this work, we present a consensus mechanism known as Delegated Proof of Stake with Downgrading Mechanism using Game Theory (DDPoS (GT)). This mechanism employs a two-step game strategy to divide nodes into strong and weak nodes, as well as attack and non-attack nodes. Later, the results of the two games are combined to enhance protocol efficiency and security. Experimental results using a private Ethereum-based network demonstrate that DDPoS (GT) performs better than PoS and DPoS in terms of transaction latency, average block waiting time, and fairness.
Бесплатно
An Encryption Technique based upon Encoded Multiplier with Controlled Generation of Random Numbers
Статья научная
This paper presents an encryption technique based on independent random number generation for every individual message sent based upon a pass key which depends upon a secured telephonic conversation and the starting time of the conversation. . A multiplier technique is then applied on the plain text in order to generate the cipher text. The world runs on ciphers today and the generation of secure keys for producing a cipher asks for more simplicity yet requires much more effective cryptosystems which could generate a cipher with the most minimal complexity. Vedic Mathematics in itself offers a wide variety of techniques for encrypting a text which even involves concepts of elliptical curves, Vedic multiplier and so on. The Vedic Multiplier system is used for encoding and decoding and here we have used it to encrypt plain texts and generate a certain kind of cipher based on some random sequence of character equivalents and partial products. The objective of this paper will always resound for the development of a unique system which will ensure secrecy and authenticity for the private communication between two entities. The proposed idea can be implemented for inter-office message communication.
Бесплатно
Статья научная
UASN (Underwater Acoustic Sensor Network) has intrinsic impediments, since it is utilized and utilizes acoustic signs to impart in the sea-going world. Examples include long delays in propagation, limited bandwidth, high transmitting energy costs, very high attenuation in the signal, expensive implementation and battery replacement etc. The UASN routing schemes must therefore take account of these features to achieve balance energy, prevent void hole and boost network life. One of the significant issue in routing is the presence of void node. A void node is a node that does not have any forwarder node. The presence of void may cause the bundle conveyance in the steering time which prompts information misfortune. The gap during steering influences the network execution regarding proliferation delay, vitality utilization and network lifetime, and so forth. So with the objective to remove the void node in the networks, this work presents an energy efficient optimal path routing for void avoidance in underwater acoustic sensor networks. This work uses the concept of gray wolf optimization algorithm to calculate the fitness function and that fitness function is used to select the best forwarder node in the networks. This work only consider the vertical directions which further reduces the end to end delay. The proposed work has been simulated on MATLAB and performances are evaluated in terms of broadcast copies of data, energy tax, and packet delivery ratio, number of dead nodes, network lifetime and delay.
Бесплатно
An Energy Efficient and Secure Clustering Protocol for Military based WSN
Статья научная
Less contiguous nature of military applications demands for surveillance of widespread areas that are indeed harder to monitor. Unlike traditional Wireless Sensor Networks (WSNs), a military based large size sensor network possesses unique requirements/challenges in terms of self-configuration, coverage, connectivity and energy dissipation. Taking this aspect into consideration, this paper proposes a novel, efficient and secure clustering method for military based applications. In any clustering based approach, one of the prime concerns is appropriate selection of Cluster Heads and formation of balanced clusters. This paper proposes and analyzes two schemes, Average Energy based Clustering (AEC) and Threshold Energy based Clustering (TEC). In AEC, a node is elected as Cluster Head (CH) if its residual energy is above the average energy of its cluster whereas in case of TEC, a node is elected as Cluster Head if its residual energy is above the threshold energy. Further, both AEC and TEC choose nodes as CHs if their distance lies within safety zone of the Base Station. In this paper, aim is to come up with a solution that not only conserves energy but balance load while electing safe nodes as CHs. The performance of proposed protocols was critically evaluated in terms of network lifetime, average residual energy of nodes and uniformity in energy dissipation of nodes. Results clearly demonstrated that AEC is successful in incorporating security whilst increasing overall lifetime of network, load balance and uniform energy dissipation.
Бесплатно
An Energy-Aware Data-Gathering Protocol Based on Clustering using AUV in Underwater Sensor Networks
Статья научная
Underwater Wireless Sensor Networks (UWSNs) consist of certain number of sensors and vehicles interacting with each other to collect data. In recent years, the use of Autonomous Underwater Vehicle (AUV) has improved the data delivery ratio and maximized the energy efficiency in UWSNs. Clustering is one of the effective techniques in energy management which increases the lifetime of these networks. One of the most important parameters in creating optimized clusters is the choice of appropriate cluster head (CH), which not only increases the lifetime of the network and the received data in the sink, but also reduces energy consumption. Clustering of networks was primary done via distributed methods in previous researches. It spends too much energy and also involves too many nodes in the clustering process and fades their main functionality, which is gathering data in sensor networks. It also causes more damping of the network. However, in the proposed protocol, instead of having them distributed by the network and the nodes, the stages of clustering and selecting the appropriate CH is the task of the AUV (Autonomous Underwater Vehicle). Since all the necessary measures to cluster in the network will be carried out by the AUV by this method, many control overheads in the process of clustering the network will be removed and energy consumption caused by nodes reduces significantly. With this method, the network scalability will also be manageable and under control. For simulating and implementing our method we mainly used the OPNET software. The results show that energy consumption of nodes in the proposed algorithm has been significantly improved compared to previous results.
Бесплатно
An Enhanced Dynamic Mutual Authentication Scheme for Smart Card Based Networks
Статья научная
Network security is the prevailing and challenging factor in computer communications. Computer security and communication security are interrelated and essential features in the internetworking system. Network security is ascertained by many factors like authentication, authorization, digital signatures, cryptography, steganography etc. Among them authentication is playing an important role in networked communications, where the communicating partners are to be identified each other legitimately. Authentication process ensures the legitimacy of the communicating partners in networked communication. In an authentication process, the originator of the communication and the respondent transact some identification codes to each other, prior to start of the message transaction. Several methods have been proposed regarding the authentication process for computer communication and smart card based networks from time to time. We introduced a new scheme to enhance and ensure the remote authentication through secure and dynamic authentication using a smart card, which is relatively a different approach. This scheme discusses the authentication procedure for smart card based network systems. This article introduces a dynamic authentication scheme, which includes a number of factors, among them the password, password index, and date of modification are important factors, which decide the dynamicity in authentication. The static approach authentication schemes are vulnerable to different types of attacks in networked communication. This dynamic authentication scheme ensures the authentication, confidentiality, reliability, integrity and security in network communications. This article discusses the implementation of this scheme and to analyze the security and performance factors to ensure the dynamic mutual authentication and to enhance the security features in authentication for smart card based networks.
Бесплатно
An Enhanced Process Scheduler Using Multi-Access Edge Computing in An IoT Network
Статья научная
Multi-access edge computing has the ability to provide high bandwidth, and low latency, ensuring high efficiency in performing network operations and thus, it seems to be promising in the technical field. MEC allows processing and analysis of data at the network edges but it has finite number of resources which can be used. To overcome this restriction, a scheduling algorithm can be used by an orchestrator to deliver high quality services by choosing when and where each process should be executed. The scheduling algorithm must meet the expected outcome by utilizing lesser number of resources. This paper provides a scheduling algorithm containing two cooperative levels with an orchestrator layer acting at the center. The first level schedules local processes on the MEC servers and the next layer represents the orchestrator and allocates processes to nearby stations or cloud. Depending on latency and throughput, the processes are executed according to their priority. A resource optimization algorithm has also been proposed for extra performance. This offers a cost-efficient solution which provides good service availability. The proposed algorithm has a balanced wait time (Avg) and blocking percentage (Avg) of 2.37ms and 0.4 respectively. The blocking percentage is 1.65 times better than Shortest Job First Scheduling (SJFS) and 1.3 times better than Earliest Deadline First Scheduling (EDFS). The optimization algorithm can work on many kinds of network traffic models such as uniformly distributed and base stations with unbalanced loads.
Бесплатно
Статья научная
In general, Vehicular Ad hoc Networks (VANETs) are permitting the communication between one vehicle with neighboring vehicles, infrastructure, and Road-Side Unit (RSU). In this, vehicle platoon is commonly known as the vehicle driving pattern it categorizes the batching of the vehicle in the on the trot fashion. It has been reviewed as an effective resolution to mitigate the reduction in traffic blockage and to widen the opulence of the travel. However, the malicious activities of any unauthorized person in VANET are increased the damage to authorized vehicles. In this manuscript, the Identity based Conditional Privacy-Preserving Authentication (ID-CPPA) signature scheme is proposed to detect the malignant command vehicle very efficiently by the consumer vehicle. In this, the proposed ID-CPPA method uses one-way hash functions for improving the efficiency of Road-Side Unit (RSU) signing and verification of a messages. In order to provide better concealment to the vehicle, Phase Truncated Fourier Transform based asymmetric encryption algorithm (PTFT-AE) is proposed. Thus, the proposed ID-CPPA-PTFT-AE approach has achieved 28.96%, 37.58%, 31.36% higher security rate and 25.8%, 37.9%, 42.6% lower delay than the existing MPDC-LPNS, PPSR-GS, and WCAA-TST methods respectively.
Бесплатно
An Extended Approach for Efficient Data Storage in Cloud Computing Environment
Статья научная
In recent years, the advent of online data storage services has been enabled users to save their data and operational programs in cloud databases. Using an efficient and intelligent management helps to optimize quality of provided services. Also it is possible to increase throughput of services by eliminating repeated data. In following article we have offered a completely dynamic approach to detect and eliminate duplicated data which exist in shared storage resources among virtual machines. Results of simulation show that proposed approach, compared to the similar approaches, will save the storage space substantially by reducing usage of CPU, RAM, also will increase rate of de-duplication data up to 23 %.
Бесплатно
An Image Encryption Scheme Based on Chaotic Systems with Changeable Parameters
Статья научная
This paper proposes an image encryption scheme based on chaotic system with changeable parameters depending on plain-image. A generalized Arnold map, whose control parameters are changeable and image-dependent during the iteration procedure, is utilized to generate chaotic orbits applied to permute the pixel positions. A diffusion function is also designed to realize the diffusion effect by piece-wise linear chaotic map. In both the permutation process and the diffusion process, the keystreams generated by chaotic maps are all strongly dependent on plain-image, and thereby can improve the encryption security efficiently. The major merits of the proposed image encryption scheme include a huge key space, good statistical nature resisting statistical analysis attack, differential attack, and good resistance against known-plaintext attack and chosen-plaintext attack, etc. Experimental results have been carried out with detailed analysis to show that the proposed scheme can be a potential candidate for practical image encryption.
Бесплатно
