International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1177
Application of Erlang Formulae in Next Generation Networks
Статья научная
The paper deals with the possibility of the Erlang B and Erlang C formula utilization in Next Generation Networks (NGN). Based on the common properties of synchronous and asynchronous networks it is possible the utilization of Erlang formulas also for asynchronous networks. It is possible to describe traffic in NGN networks by calculation of following parameters – loss, link utilization and bandwidth. The second part of this paper deals with the possibility of application of Erlang B formula in contact center. Contact center is one of the many examples of the NGN networks. By application of Erlang B formula in contact center environment it is possible to monitor following important parameters - number of agents, probability of call blocking, utilization of agents and mean number of calls in the system.
Бесплатно
Application of geo-location-based access control in an enterprise environment
Статья научная
Unauthorized Access has been difficult to stop or prevent in the last few decades using username and password authentication only. For an individual, data breach might just be a simple case of espionage or the loss of private credentials, for an enterprise, this could mean the loss of billions of dollars. Preventing Unauthorized Access to Enterprise Systems Using a Location-based Logical Access Control proposes a framework that uses time and location in preventing and defending against data breaches. The framework was developed using Java with an Eclipse IDE. The database was designed using MySQL and locations were collected using Google Maps API. Users registered at different locations in a university campus were unable to access another’s account in the database because they were both outside the known location and tried to do this at off-work hours. Users were registered with username and password at specified locations. The users are then made to login from same and different locations with correct username and passwords. it was discovered that access to the database was only given when the username and password was correct and location was same as at registered or as allowed by an administrator. The system was found to protect against unauthorized access arising from stolen login credentials and unauthorized remote logins from malicious users.
Бесплатно
Artificial Intrusion Detection Techniques: A Survey
Статья научная
Networking has become the most integral part of our cyber society. Everyone wants to connect themselves with each other. With the advancement of network technology, we find this most vulnerable to breach and take information and once information reaches to the wrong hands it can do terrible things. During recent years, number of attacks on networks have been increased which drew the attention of many researchers on this field. There have been many researches on intrusion detection lately. Many methods have been devised which are really very useful but they can only detect the attacks which already took place. These methods will always fail whenever there is a foreign attack which is not famous or which is new to the networking world. In order to detect new intrusions in the network, researchers have devised artificial intelligence technique for Intrusion detection prevention system. In this paper we are going to cover what types evolutionary techniques have been devised and their significance and modification.
Бесплатно
Статья научная
Long-Term Evolution (LTE) is the next generation of current mobile telecommunication networks. LTE has a ?at radio-network architecture and signi?cant increase in spectrum efficiency, throughput and user capacity. In this paper, performance analysis of robust channel estimators for Downlink Long Term Evolution-Advanced (DL LTE-A) system using three Artificial Neural Networks: Feed-forward neural network (FFNN), Cascade-forward neural network (CFNN) and Layered Recurrent Neural Network (LRN) are trained separately using Back-Propagation Algorithm and also ANN is trained by Genetic Algorithm (GA). The methods use the information got by the received reference symbols to estimate the total frequency response of the channel in two important phases. In the first phase, the proposed ANN based method learns to adapt to the channel variations, and in the second phase it estimates the channel matrix to improve performance of LTE. The performance of the estimation methods is evaluated by simulations in Vienna LTE-A DL Link Level Simulator in MATLAB software. Performance of the proposed channel estimator, ANN trained by Genetic Algorithm (ANN-GA) is compared with traditional Least Square (LS) algorithm and ANN based other estimator like Feed-forward neural network, Layered Recurrent Neural Network and Cascade-forward neural network for Closed Loop Spatial Multiplexing (CLSM)-Single User Multi-input Multi-output (MIMO-2×2 and 4×4) in terms of throughput. Simulation result shows proposed ANN-GA gives better performance than other ANN based estimations methods and LS.
Бесплатно
Artificially Augmented Training for Anomaly-based Network Intrusion Detection Systems
Статья научная
Attacks on web servers are becoming increasingly prevalent; the resulting social and economic impact of successful attacks is also exacerbated by our dependency on web-based applications. There are many existing attack detection and prevention schemes, which must be carefully configured to ensure their efficacy. In this paper, we present a study challenges that arise in training network payload anomaly detection schemes that utilize collected network traffic for tuning and configuration. The advantage of anomaly-based intrusion detection is in its potential for detecting zero day attacks. These types of schemes, however, require extensive training to properly model the normal characteristics of the system being protected. Usually, training is done through the use of real data collected by monitoring the activity of the system. In practice, network operators or administrators may run into cases where they have limited availability of such data. This issue can arise due to the system being newly deployed (or heavily modified) or due to the content or behavior that leads to normal characterization having been changed. We show that artificially generated packet payloads can be used to effectively augment the training and tuning. We evaluate the method using real network traffic collected at a server site; We illustrate the problem at first (use of highly variable and unsuitable training data resulting in high false positives of 3.6∼10%), then show improvements using the augmented training method (false positives as low as 0.2%). We also measure the impact on network performance, and present a lookup based optimization that can be used to improve latency and throughput.
Бесплатно
Статья научная
Military tasks constitute the most important and significant applications of WSNs. In military, Sensor node deployment increases activities, efficient operation, saves loss of life, and protects national sovereignty. Usually, the main difficulties in military missions are energy consumption and security in the network. Another major security issues are hacking or masquerade attack. To overcome the limitations, the proposed method modified DBSCAN with OSPREY optimization Algorithm (OOA) using hybrid classifier Long Short-Term Memory (LSTM) with Extreme Gradient Boosting (XGBOOST) to detect attack types in the WSN military sector for enhancing security. First, nodes are deployed and modified DBSCAN algorithm is used to cluster the nodes to reduce energy consumption. To select the cluster head optimally by using the OSPREY optimization Algorithm (OOA) based on small distance and high energy for transfer data between the base station and nodes. Hybrid LSTM-XGBOOST classifier utilized to learn the parameter and predict the four assault types such as scheduling, flooding, blackhole and grayhole assault. Classification and network metrics including Packet Delivery Ratio (PDR), Throughput, Average Residual Energy (ARE), Packet Loss Ratio (PLR), Accuracy and F1_score are used to evaluate the performance of the model. Performance results show that PDR of 94.12%, 3.2 Mbps throughput at 100 nodes, ARE of 8.94J, PLR of 5.88%, accuracy of 96.14%, and F1_score of 95.04% are achieved. Hence, the designed model for assault prediction types in WSN based on modified DBSCAN clustering with a hybrid classifier yields better results.
Бесплатно
Assessing vulnerability of mobile messaging apps to man-in-the-middle (MitM) attack
Статья научная
Mobile apps are gaining in popularity and are becoming an indispensable part of our digital lives. Several mobile apps (such as messaging apps) contain personal/private information of the users. Inevitably, the compromise of accounts associated with such sensitive apps can result in disastrous consequences for the end user. Recently, Password Reset Man-in-the-Middle (PRMitM) attack was proposed at the application level in which an attacker can take over a user’s web account while the user is trying to access/download resources from the attacker’s website. In this work, we adapt this attack so that it can be applied in the context of mobile messaging apps. Specifically, we analyze 20 popular mobile messaging apps for vulnerability to MitM attack, 10 of which support secure communication through end-to-end encryption. Based on our holistic analysis, we have identified 10 of the tested apps as being vulnerable to MitM attack and elaborated on the corresponding attack scenarios. On comparing the secure messaging apps to non-secure messaging apps for vulnerability to MitM attack, we found that an app’s features and design choices decide if it is susceptible to MitM attack irrespective of whether it provides end-to-end encryption or not. Further, we have proposed design improvements to increase the overall security of all mobile messaging apps against MitM attack.
Бесплатно
Asymptotic Stability Analysis of E-speed Start Congestion Control Protocol for TCP
Статья научная
All the proposed window based congestion control protocols use a single slow start algorithm. It has been shown in literature that slow start inefficiently utilizes bandwidth in a network with high bandwidth delay product (BDP). A multiple startup algorithm (E-speed start) was proposed in this work. E-speed start specifies a multiple selectable startup for Transmission Control Protocol (TCP). It is proposed that startup speed for TCP be selectable from n-arry startup algorithms. In E-speed start, a binary start was implemented based on a calculated value β which depends on the available bandwidth and other network conditions. A model for E-speed start was derived using utility maximization theory and the principle of decentralised solution. The model derived was shown to be stable by linear approximation, Laplace transform and by using the concept of Nyquist Stability criterion.
Бесплатно
Статья научная
Augmented Reality (AR) and Virtual Reality (VR) are innovative technologies that are experiencing a widespread recognition. These technologies possess the capability to transform and redefine our interactions with the surrounding environment. However, as these technologies spread, they also introduce new security challenges. In this paper, we discuss the security challenges posed by Augmented reality and Virtual Reality, and propose a Machine Learning-based approach to address these challenges. We also discuss how Machine Learning can be used to detect and prevent attacks in Augmented reality and Virtual Reality. By leveraging the power of Machine Learning algorithms, we aim to bolster the security defences of Augmented reality and Virtual Reality systems. To accomplish this, we have conducted a comprehensive evaluation of various Machine Learning algorithms, meticulously analysing their performance and efficacy in enhancing security. Our results show that Machine Learning can be an effective way to improve the security of Augmented reality and virtual reality systems.
Бесплатно
Статья научная
In order to ensure and enforce endpoint security, Network Access Control (NAC) is attracting considerable interest from the research community. Most NAC architectures are based on 802.1x, EAP (Extensible Authentication Protocol), EAPoL (EAP over LAN) 802.11i, 802.11w, and RADIUS (Remote Authentication Dial-In User Service) protocols. Unprotected management and control frames in some of above protocols lead to several attacks. Eliminating flaws completely in design of each protocol is a challenge. These flaws help malicious user and infected endpoint to intrude into the NAC architecture to make damage into it. Many researches have been carried out to address this issue. In this paper, we have made an attempt to explain attacks in above protocols and present a survey and analysis of different solution approaches proposed by researchers. The affect of vulnerability and attack of above protocols in NAC is also discussed. The finding of this review will provide useful insights into the vulnerabilities, attacks in above protocols, and their proposed solutions with issues, which may create a research scope for strengthening security in NAC.
Бесплатно
Audio Codecs in VoIPv6: A Performance Analysis
Статья научная
Audio communications in IP based networks have been revolutionized by the introduction of VoIP applications. High cost-efficiency has made VoIP to be the communication means in today’s world; and this trend is anticipated to be continued on an ongoing basis. The performance of VoIP significantly depends on the efficiency of the audio codecs used in any communication scenario which make the study on the performance issues of audio codecs in VoIP applications worth investigating. IPv6 is the new version of IP, which will gradually replace the current IPv4 as the transition from IPv4 to IPv6 is already in place. This demands the scrutiny of the audio codecs being used in IPv4 to be tested for their compatibility in IPv6 in terms of desired performance. This paper presents the study on the performance of selected audio codecs that are widely used in VoIPv4. G.711, G.729A and G.723.1 codecs were chosen for the study in VoIPv6 based scenarios presented in this paper. The selected audio codecs were applied in IPv6 based voice communication network scenarios to determine their performance efficiency by observing various QoS parameters. The study was done by means of simulation using OPNET.
Бесплатно
Augmented Reality Mobile Application of Balinese Hindu Temples: DewataAR
Статья научная
Augmented reality is a visual technology which combines virtual objects into the real environment in real time. E-tourism in Bali needs to be optimized, so that information technology can help tourists and provide new experiences when traveling. Generally, tourists wish for gaining information in an attractive way about visiting tourism objects. Nowadays, mobile-based application programs that provide information about tourism objects in Bali are rarely found. Therefore, it is important to develop an application which provides information system about tourism objects, especially about the Tanah Lot temple. By implementing augmented reality technology, which grows rapidly all over the world, the application of DewataAR can show 3 dimensional objects, video, and audio information of the temples. The application works by scanning brochure of tourism object by using an Android smartphone or tablet, then it can display 3 dimensional objects, video, and audio information about those tourism objects. Hence, augmented reality can be alternative media for promoting tourism object attractively for tourists and also be able to develop tourism in Bali.
Бесплатно
Auto-Pattern Programmable Kernel Filter (Auto-PPKF) for Suppression of Bot Generated Traffic
Статья научная
Bots usually vary from their other malicious counter parts by periodically reporting to the botmaster through regular exchange of messages. Our experiments on bot attack generation showed a continuous exchange of packets with similar content between the botmaster and the zombie machine at various time intervals. Though there were also genuine packets with similar content being sent out of the victim machine challenge was to differentiate between the two and pass only the genuine ones. In this paper, an algorithm namely Auto-Pattern Programmable Kernel Filter (Auto-PPKF), for automatic detection of patterns from packet payload for filtering out malicious packets generated by bots is proposed. The significant feature of our proposed Auto-PPKF algorithm is that, the malicious pattern is deduced at kernel level on the fly from packet payload. Traditional algorithms such as Boyer Moore, Knuth Morris Patt, and Naive Pattern search algorithms require the pattern to be identified available a priori. Currently, Longest Common Subsequence (LCS) algorithm stands as the most preferred algorithm for pattern matching. But the disadvantage is that common sequences can also exist in many genuine packets. Hence, the challenge lies in automatic detection of malicious patterns and filtering of the packets having such malicious patterns. This would not only put off the communication between the Botmaster and Zombie machine, but will also thus prevent user information from being sent to the botmaster.
Бесплатно
Статья научная
Mobile ad hoc network (MANET) routing is a generous tactic used for allocating packets to the base station (BS). During the operations of routing, occurrence of malicious node embellishes the mobile ad hoc network operations. For that reason, a trusted distributed routing protocol is obliged that maintains the routing buttressing and the proficiency of mobile ad hoc network. To overcome these challenging issues, Auto-Metric Graph Neural Network based Blockchain technology is proposed in this manuscript for Secured Dynamic Optimal Routing in MANET (BC-SDOR-MANET-AGNN). The proposed approach is simulated in NS-2 tool. The proposed BC-SDOR-MANET-AGNN approach attains 76.26%, 65.57%, 42.9% minimal delay during 25% malicious routing environment, 73.06%, 63.82%, 38.84% less delay during 50% malicious routing environment when analyzed to the existing models, like enhanced hybrid secure multipath routing protocol for MANET (BC-SDOR-MANET-GAHC), an improved ad hoc on-demand distance vector routing security approach based on BC technology in MANET (BC-SDOR-MANET-AODV-MQS) and block chain-based better approach for the mobile ad-hoc networking protocol using ensemble algorithm (BC-SDOR-MANET-E-BATMAN) methods.
Бесплатно
Статья научная
Smart cities (SCs) are being constructed with the huge placement of the Internet of Things (IoT). Real-time enhancements to life quality based on comfort and efficiency. The key concerns in most SCs that immediately impact network performance are security and privacy. Numerous approaches are proposed for secure data transmission, but the current methods do not provide high accuracy and it provide high computational time. To resolve these problems, an Auto-metric Graph Neural Network for Attack Detection and Secure Data Transmission using Optimized Enhanced Identity-Based Encryption in IoT (AGNN-AWHSE-ST-IoT) is proposed. Primarily, the input data is taken from the NSL-KDD dataset. The input data is gathered with the aid of NSL-KDD is pre-processed using three steps, crisp data conversion, splitting, and normalization. Then the Pre-processed input is fed into the Colour Harmony Algorithm (CHA) based feature selection to select the important features. After feature selection, the preferred features are given to the AGNN classifier. After classifying, the data is given to Enhanced Identity-Based Encryption (EIBE), and it is optimized using Wild Horse Optimizer (WHO) for transmitting the data more safely. The outcomes of the normal data are displayed using the LCD monitor. The AGNN-AWHSE-ST-IoT method is implemented in PYTHON. The AGNN-AWHSE-ST-IoT method attains 8.888%, 13.953%, 19.512% higher accuracy, 2.105%, 6.593%, 8.988% higher cumulative accuracy, 54.285%, 54.285%, 52.941% lower encryption time, 8.2%, 3.3%, 6.9% lower decryption time, 11.627%, 10.344%, 6.666% higher security level and 60.869%, 70% and 64% lower computational time than the existing approaches such as SBAS-ST-IoT, BDN-GWMNN-ST-IoT and DNN-LSTM-ST-IoT respectively.
Бесплатно
Avoidance and Mitigation of All Packet Drop Attacks in MANET using Enhanced AODV with Cryptography
Статья научная
MANET is a decentralized network that has no infrastructure and nodes can communicate with each other by multi-hoping the messages. Due to this nature of MANET, it is prone to many security attacks in which packet drop attacks are very common. Various packet drop attacks like Blackhole attacks, Grayhole attack, Co-operative Blackhole attack, etc are the attacks that become a bottleneck in efficient routing and security in MANET. Various mechanisms are devised in past but none of them prove to be effective against all types of packet drop attacks. In this paper, a mechanism is formulated that enhances the AODV routing protocol with Trueness Level and Cryptography for effectively counter all types of packet drop attacks by mitigating them through avoidance and elimination of source of attack after detection. This mechanism is powered by efficient use of Cryptography in its natural form. This work is compared with published work Extended Data Routing Information mechanism against various parameters like Packet Delivery Ratio, Normalized Control Load, Accuracy and Reliability in the same environment and parameters in MATLAB 2013a.
Бесплатно
BDCC: Backpressure routing and dynamic prioritization for congestion control in WMSNs
Статья научная
Rapid technological advances and innovations in the area of autonomous systems push the researchers towards autonomous networked systems with emphasis on Wireless Multimedia Sensor Networks (WMSNs). In WMSN event-driven applications, it is critical to report the detected events in the area, resulting in sudden bursts of traffic due to occurrence of spatially-correlated or multiple events, causing loss of data. Also, nodes have very limited power due to hardware constraints. Packet losses and retransmissions resulting from congestion, cost precious energy and shorten the lifetime of sensor nodes. Till now, in WMSNs, Congestion control techniques are based on detection of congestion and recovery, but they cannot eliminate or prevent the occurrence of congestion. Collision is a symptom of congestion in the wireless channel and can result in a time-variant channel capacity. The method in the proposed algorithm is that the routing algorithms do not precalculate the routes and the next step is chosen dynamically. Decisions are made based on the congestion degree on neighbor nodes; each node sees its own queue backlog and neighbor's queue backlog and chooses its own degree and route based on the queue backlogs obtained from its neighbors. If there is two or more data with the same condition in the backpressure routing, we use service differentiation to prioritize packets. The results obtained from simulation test done by NS-2 simulator indicate that the proposed model is more innovative and presents better performance in compare with CCF and PCCP protocols.
Бесплатно
Статья научная
Quasi Orthogonal Space Time Block Code (QO-STBC) can provide full-rate transmission and low decoding complexity. This paper deals with channel estimation for Quasi Orthogonal Space Time Block Code (QO-STBC) encoded Orthogonal Frequency Division Multiplexing (OFDM) based Multiple Input multiple Output (MIMO) Code Division Multiple Access (CDMA) system. Using the QO-STBC coding property, we analysis the weight performance that reduce the computational complexity of system. The design of channel estimation method is proposed by considering Minimum Mean Square Error (MMSE), Zero Forcing (ZF), and Singular Value Decomposition (SVD) that involves four transmit antennas and four receive antennas. Such filter facilitates the use of standard equalizer or decoder that has been designed to mitigate the Inter Symbol Interference (ISI) effect. In this paper analytical results show that the BER analysis of Minimum Mean Square Error (MMSE) algorithm using various modulation techniques outperforms as compared to other channel equalization techniques.
Бесплатно
BSHOA: Energy Efficient Task Scheduling in Cloud-fog Environment
Статья научная
Cloud-fog computing frameworks are innovative frameworks that have been designed to improve the present Internet of Things (IoT) infrastructures. The major limitation for IoT applications is the availability of ongoing energy sources for fog computing servers because transmitting the enormous amount of data generated by IoT devices will increase network bandwidth overhead and slow down the responsive time. Therefore, in this paper, the Butterfly Spotted Hyena Optimization algorithm (BSHOA) is proposed to find an alternative energy-aware task scheduling technique for IoT requests in a cloud-fog environment. In this hybrid BSHOA algorithm, the Butterfly optimization algorithm (BOA) is combined with Spotted Hyena Optimization (SHO) to enhance the global and local search behavior of BOA in the process of finding the optimal solution for the problem under consideration. To show the applicability and efficiency of the presented BSHOA approach, experiments will be done on real workloads taken from the Parallel Workload Archive comprising NASA Ames iPSC/860 and HP2CN (High-Performance Computing Center North) workloads. The investigation findings indicate that BSHOA has a strong capacity for dealing with the task scheduling issue and outperforms other approaches in terms of performance parameters including throughput, energy usage, and makespan time.
Бесплатно
Battering Keyloggers and Screen Recording Software by Fabricating Passwords
Статья научная
The keyloggers are covert security threat to the privacy and identity of users. The attackers are exploring different techniques of keylogging using hardware keyloggers, software keyloggers and screen capturing software to steal the user sensitive data. The Incognizance of the user is imposing greater risk. To overcome this problem, we have proposed a model. In this model solution to Keylogger and Screen Recording Software has been proposed by using the concept of fabricated password on untrusted machine. It deceives the untrusted system's key logging and video capturing software. The concept used here is "WYSINT What You See Is Not True". The main feature of this model is that it has a hardware recognition to retrieve the key .This key is required by the Temporary Filter layer (TFL) as an intermediary to change into the trusted password after bypassing all the capturing techniques and returning the original password to the required website.
Бесплатно
