International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1148
Cross Layer Transmission for AOS Packet Service
Статья научная
In this paper, the AOS packet service data transfers structure is presented first. Based on it, the effective throughput rate of AOS packet service is analyzed. Then, in order to improve the effective throughput rate, a scheme of AOS cross layer transmission system is presented. In the proposed scheme, based on the space channel state, the dynamic optimization parameters of network layer, Space Date Link Protocol sublayer and Sync and Channel Coding sublayer in AOS are selected. Then the switch thresholds are presented. Finally, the effective throughput rate of the proposed AOS cross layer transmission system is simulated. Simulations show that the throughput rate can be optimized effectively.
Бесплатно
Cryptography Using Multiple Two-Dimensional Chaotic Maps
Статья научная
In this paper, a symmetric key block cipher cryptosystem is proposed, involving multiple two-dimensional chaotic maps and using 128-bits external secret key. Computer simulations indicate that the cipher has good diffusion and confusion properties with respect to the plaintext and the key. Moreover, it produces ciphertext with random distribution. The computation time is much less than previous related works. Theoretic analysis verifies its superiority to previous cryptosystems against different types of attacks.
Бесплатно
Cryptography based on RGB color channels using ANNs
Статья научная
Information is by far the most precious thing in almost every field. Everything we do in the present-day world generated some data and most of the data are vulnerable to unwanted threats. The organizations and agencies are becoming more and more dependent on their digitized information systems. Also, the general public is slowly getting cyber- conscious and thus they also fear for the leak and tampering of their secured information. Today’s information systems are under the constant threats of manipulation and overriding by various criminal organizations. Thus, the information in today’s world is kept under the password authentication. These passwords are a combination of a string of alphanumeric and special characters. Also, the key used to encrypt the information are exposed to either both or one of the parties. To overcome this vulnerability, an encryption technique is proposed where the key will be generated and transmitted using TPM and the final encrypted text will be stored in the image format by segregating the text data into the 3-channelled image, i.e., RGB.
Бесплатно
Статья научная
Grid computing incorporates dispersed resources to work out composite technical, industrial, and business troubles. Thus a capable scheduling method is necessary for obtaining the objectives of grid. The disputes of parallel computing are commencing with the computing resources for the number of jobs and intricacy, craving, resource malnourishment, load balancing and efficiency. The risk stumbling upon parallel computing is the enthusiasm to scrutinize different optimization techniques to achieve the tasks without unsafe surroundings. Here Cuckoo Genetic Optimization Algorithm (CGOA) is established that was motivated from cuckoo optimization algorithm (COA) and genetic algorithm (GA) for task scheduling in parallel environment (grid computing system). This CGOA is implemented on parallel dealing out for effective scheduling of multiple tasks with less schedule length and load balance. Here transmission time is evaluated with number of job set. This is computed with the help of job-processor relationship. This technique handles the issues well and the results show that complexity, load balance and resource utilization are finely managed.
Бесплатно
Cuckoo optimisation based intrusion detection system for cloud computing
Статья научная
In the digital era, cloud computing plays a significant role in scalable resource sharing to carry out seamless computing and information sharing. Securing the data, resources, applications and infrastructure of the cloud is a challenging task among the researchers. To secure the cloud, cloud security controls are deployed in the cloud computing environment. The cloud security controls are roughly classified as deterrent controls, preventive controls, detective controls and corrective controls. Among these, detective controls are significantly contributing for cloud security by detecting the possible intrusions to prevent the cloud environment from the possible attacks. This detective control mechanism is established using intrusion detection system (IDS). The detecting accuracy of the IDS greatly depends on the network traffic data that is employed to develop the IDS using machine-learning algorithm. Hence, this paper proposed a cuckoo optimisation-based method to preprocess the network traffic data for improving the detection accuracy of the IDS for cloud security. The performance of the proposed algorithm is compared with the existing algorithms, and it is identified that the proposed algorithm performs better than the other algorithms compared.
Бесплатно
Cumulative Techniques for Overcoming Security Threats in Manets
Статья научная
In day-to-day communications we may need to establish temporary (ad hoc) connections anytime, anywhere. Data transfer through this ad hoc wireless network is required when it is hard to establish the large infrastructure. In MANETs there are many challenges in terms of deploying security especially when the confidentiality of the data is compromised. If the data is highly confidential, then providing security especially in the malicious environment is really a challenging task. Many researchers have however proposed solutions for internal as well as external attacks. But unfortunately everyone has some tradeoffs. Some methods are designed only for specific attacks. Some provide solutions for many attacks but depend on the factors like delay, high resource utilization etc. In this paper, we have in sighted into various security providing techniques that have cumulated from many years. We have attempted to present the current approaches for developing secured systems. These methods have used simple techniques to enhance the security and to reduce the complexity. There are many surveys done before on the security issues and methods. However to our information no one has surveyed the current emerging secured methods which may be more effective than the mostly used ones.
Бесплатно
Cyber attacks in cloud computing: modelling multi-stage attacks using probability density curves
Статья научная
Cyber attacks in cloud computing more often than not tend to exploit vulnerabilities and weaknesses found in the underlying structural components of the cloud. Such vulnerabilities and weaknesses have drawn interest from various attack profiles ranging from script kiddies to APTs. Regardless of the attack profile, cyber attackers have come to leverage the interdependencies exhibited amongst these vulnerabilities by chaining exploits together to effectuate complex interlinked attack paths. Such chaining of vulnerabilities in cloud components results in multi-stage attacks where the attacker traverses different segments of the cloud residing in different layers to reach the target. In this paper, we partition the cloud into three different layers to show how multi-stage attacks on Confidentiality, Integrity and Availability (CIA) interleave with the SaaS, PaaS and IaaS cloud computing service models. Further, we generate multi-stage attack paths based on the vulnerabilities exhibited in the components across the partitioned cloud layers. Furthermore, we model the constituents of multi-stage attack events as discrete random Bernoulli variables to characterize the attack path pursued by a given attack profile. We generate probability density curves of the associated resultant attack paths to infer on the nature of the attack and recommend a hierarchical security mitigation process based on the nature of the attack nodes.
Бесплатно
Cyber security and analysis of cyber-crime laws to restrict cyber crime in Pakistan
Статья научная
This research report analyses the plebeian interest and tension hostility between privacy and cyber security in Pakistan. I explore the areas threaten by hackers in means of ATM card hacks and social data sniffing. It explores the challenges for Cyber security belongs to privacy and data protection.
Бесплатно
D2D Communication Using Distributive Deep Learning with Coot Bird Optimization Algorithm
Статья научная
D2D (Device-to-device) communication has a major role in communication technology with resource and power allocation being a major attribute of the network. The existing method for D2D communication has several problems like slow convergence, low accuracy, etc. To overcome these, a D2D communication using distributed deep learning with a coot bird optimization algorithm has been proposed. In this work, D2D communication is combined with the Coot Bird Optimization algorithm to enhance the performance of distributed deep learning. Reducing the interference of eNB with the use of deep learning can achieve near-optimal throughput. Distributed deep learning trains the devices as a group and it works independently to reduce the training time of the devices. This model confirms the independent resource allocation with optimized power value and the least Bit Error Rate for D2D communication while sustaining the quality of services. The model is finally trained and tested successfully and is found to work for power allocation with an accuracy of 99.34%, giving the best fitness of 80%, the worst fitness value of 46%, mean value of 6.76 and 0.55 STD value showing better performance compared to the existing works.
Бесплатно
DAPSK – OFDMA PON Based Heterogeneous Optical Network
Статья научная
The broadband access networks require suitable differential modulation techniques that can provide better performance in real-time fading channels. A heterogeneous optical access network adopting spectrally efficient DAPSK – Orthogonal Frequency Division Multiple (OFDMA) - Passive Optical Network (PON) is proposed and simulated. The performance of the proposed heterogeneous network is analyzed in terms of received Bit Error Rate (BER) and spectral efficiency. The results show that 64 DAPSK – OFDMA over the proposed architecture achieves a better spectral efficiency of about 1.062 bps/Hz than 64 QAM – OFDMA with less degradation in error performance.
Бесплатно
Статья научная
Distributed Denial of Service (DDoS) is an ever-changing type of attack in cybersecurity, especially with the growing demand for cloud and web services raising a never-ending challenge in the lucrative business. DDoS attacks disrupt users' access to the targeted online services leading to significant business loss. This article presents a three-level architecture for detecting DDoS attacks at the application layer. The first level is responsible for selecting the best features of the samples and classifying the traffic into either benign or malicious, then the second level consists of a hard voting classifier to identify the type of the DDoS source: UDP, TCP, or Mixed-based. Finally, the last level aligns the attack to the appropriate DDoS type. This approach is validated using the CIC-DDoS2019 dataset, and the time, accuracy score, and precision are used as the model performance metrics. Compared to the existing machine learning (ML) approaches, the proposed architecture reveals substantial improvements in both binary and multiclass classification of application-layer DDoS attacks.
Бесплатно
DNA-Genetic Encryption Technique
Статья научная
In this paper, we propose DNA-Genetic Encryption Technique (D-GET) in order to make the technique more secure and less predictable. In this technique, binaries any type of digital data and convert it to DNA sequencing, reshape, encrypt, crossover, mutate and then reshape. The main stages of D-GET are repeated three times or more. Transmit the encrypted data in text/image format file. In other side, the receiver uses the D-GET to decrypt the received data and reshape it to original format. This Technique also transforms the text into an image and vice versa to improve security and multiple key sequences to increase the degree of diffusion and confusion, which makes resulting cipher data difficult to decipher and makes to realize a perfect secrecy system. Experimental results demonstrate that proposed technique has multilayer protection stages against different attacks and higher level of security based on the multi-stages and genetic operations. Decrypted data are acceptable because of there is absolutely difference between it and secret data.
Бесплатно
DNS Pharming through PHP Injection: Attack Scenario and Investigation
Статья научная
With the increase in technology, Internet has provided set of tools and technologies which has enabled web programmers to develop effective websites. PHP is most widely used server side scripting language and more than twenty million of web sites are designed through PHP. It has used as a core script in Web Content Management System (WCMS), such as Joomla, WordPress, Drupal, SilverStripe etc. PHP has also security flaws due to the certain vulnerabilities such as PHP injection, remote file inclusion and unauthorized file creation. PHP injection is a variant of code injection attacks in which PHP script may be exploited to execute remote commands. The contribution of this paper is twofold: First, it presents a unifying view of PHP injection vulnerability, which causes alteration in the 'hosts file'; Second, It introduces an investigation process against alteration in 'hosts file' through PHP injection. This attack has been introduced as a type of DNS pharming. In this investigation process a chain of evidence has been created and an algebraic signature has been developed to detect explained attack.
Бесплатно
Data Sharing for Context-Sensitive Access Control Policy Evaluation and Enforcement
Статья научная
Context-awareness has long been an important building block in designing systems that vary their operating behavior based on an analysis of rapidly changing operating conditions. There is the need however to define context more formally so that context data-sharing can take place between systems and more complex interactions between connected systems can be developed. The area of computer security is examined in particular as an area where the representation and sharing of context data can lead to more effective policy enforcement. A framework is proposed for sharing data between assessment sensors and enforcement mechanisms in order to facilitate more accurate policy enforcement. A detailed performance analysis of the proposed system is offered along with conclusions on the feasibility of such systems.
Бесплатно
Data Traffic Modeling During Global Cyberattacks
Статья научная
The article analyses the possibilities and techniques of modeling global cyber-attacks on an internetwork of small countries. The authors study the Distributed Denial of Service (DDoS) attack against Estonian internetwork, which took place in 2007, in an open-source Nessi2 simulator environment, as DDoS appears to be the most common type of informational attack on resources used todeay. Such a modeling can be replicated with a certain degree of accuracy because the most of powerful attacks have been relatively well-documented. The article covers the most lifelike attack scenarios accomplished by sophisticated modeling of underlying traffic cases. Conclusions drawn from the simulation show that even large-scale DDoS attacks can be successfully modeled using limited resources only. Future research directions, motivated by the research, underlying this article, are highlighted at the end.
Бесплатно
Статья научная
Building strong IDS is essential in today’s network traffic environment, feature reduction is one approach in constructing the effective IDS system by selecting the most relevant features in detecting most known and unknown attacks. In this work, proposing the hybrid feature selection method by combining Mutual Information and Linear Correlation Coefficient techniques (MI-LCC) in producing the most efficient and optimized feature subset. Support Vector Machine (SVM) classification technique being used in accurately classifying the traffic data into normal and malicious records. The proposed framework shall be evaluated with the standard benchmarked datasets including KDD-Cup-99, NSL-KDD, and UNSW-NB15 datasets. The test results, comparison analysis and reference graphs shows that the proposed feature selection model produces optimized and most important features set for classifier to achieve stated accuracy and less false positive rate compared with other similar techniques.
Бесплатно
Day-ahead Pricing Model for Smart Cloud using Time Dependent Pricing
Статья научная
Smart clouds allow every consumer and cloud service provider a two-way communication, thus enabling cloud service provider to generate a time dependent pricing model using a feedback loop. This model charges a consumer more in peak periods and less during off peak periods, which encourages consumers to reschedule their workload to less traffic (off-peak) periods. This helps service providers to practice a versatile pricing technique to increase their profits by covering off-peak demand and minimizing the provider's cost optimization problem. It also minimizes the execution time in setting these prices by Compromised Cost-Time Based (CCTB) scheduling. Shifting workload is a probabilistic function which tells consumers to shift their workload. This paper presents a model to calculate day-ahead prices. The proposed model dynamically adjusts the rewards or discounts based on consumer behavior in the past, and helps providers to maximize their revenue by shifting the consumers' workload.
Бесплатно
Статья научная
Load balancing plays a major part in improving the performance of fog computing, which has become a requirement in fog layer for distributing all workload in equal manner amongst the current Virtual machines (VMs) in a segment. The distribution of load is a complicated process as it consists of numerous users in fog computing environment. Hence, an effectual technique called Mutated Leader Algorithm (MLA) is proposed for balancing load in fogging environment. Firstly, fog computing is initialized with fog layer, cloud layer and end user layer. Then, task is submitted from end user under fog layer with cluster of nodes. Afterwards, load balancing process is done in each cluster and the resources for each VM are predicted using Deep Residual Network (DRN). The load balancing is accomplished by allocating and reallocating the task from the users to the VMs in the cloud based on the resource constraints optimally using MLA. Here, the load balancing is needed for optimizing resources and objectives. Lastly, if VMs are overloaded and then the jobs are pulled from associated VM and allocated to under loaded VM. Thus the proposed MLA achieved minimum execution time is 1.472ns, cost is $69.448 and load is 0.0003% respectively.
Бесплатно
Deep learning approach on network intrusion detection system using NSL-KDD dataset
Статья научная
The network infrastructure of any organization is always under constant threat to a variety of attacks; namely, break-ins, security breach or system misuse. The Network Intrusion Detection System (NIDS) employed in a network detects such penetration attacks and intrusions within a network. Known classes of attacks can be detected easily by performing pattern matching while the unknown attacks are harder to detect. An attempt has been made to design a system using a deep learning approach for intrusion detection that not only learns but also adjusts itself to the patterns not defined earlier. Sparse auto-encoder has been used for unsupervised feature learning. Logistic classifier is then utilized for classification on NSL-KDD dataset. The performance of the system has been measured with respect to accuracy, precision and recall and the results have been found to be very promising for future use and modifications.
Бесплатно
Defending of IP Spoofing by Ingress Filter in Extended-Inter Domain Packet Key Marking System
Статья научная
The significance of the DDoS problem and the increased occurrence and strength of attacks has led to the dawn of numerous prevention mechanisms. IP spoofing is most frequently used in denial-of-service attacks. In such attacks, the goal is to flood the victim with overwhelming amounts of traffic, and the attacker does not care about receiving responses to the attack packets. IP spoofing is one of the basic weaknesses in the Internet Protocol to launch the DDOS attack. Each prevention mechanism has some unique advantages and disadvantages over the others. The existing methods become ineffective due to a large number of filters required and they lack in information about where to place the filter. We propose Ingress filter in Extended Inter Domain Packet Key marking system .This paper comprises of two functional blocks namely, Key marking system and filtering blocks. In the marking block, each source is labeled with a key. The key is changed continuously for a certain period of time to provide secured system and is validated at border routers. In the filtering block, spoofed packets are filtered at the border router using Ingress filter to filter beyond periphery routers. The filter placement algorithm clearly put forwards the conditions under which the filter can operate accurately. The accuracy of the proposed systems is validated using Network Simulator (NS-2).
Бесплатно
