International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1130
Статья научная
With the development of web technology, spreading of Trojan and viruses via website vulnerabilities is becoming increasingly common. To solve this problem, we propose a system for malicious links detection based on security relevance of webpage script text and present the design and implementation of this system. Firstly, according to the current analysis of malicious links, we describe requirements and the general design for detection system. Secondly we describe the security-related algorithm with mathematical language, and give the data structure of this algorithm. Finally, we analyze and summarize the experimental results, and verify the reliability and rationality of system.
Бесплатно
Design and Implementation of Adaptive Universal Filtered Multi Carrier for 5G and Beyond
Статья научная
The current generation (5G) mobile communication system promises to accommodate a wide range of new applications and use scenarios, resulting in more flexible and unified connection. To satisfy the required criteria, the current waveform was replaced with new UF-OFDM, which combines the advantages of OFDM with enhanced spectral characteristics and greater resilience against time-frequency misalignments. However, its biggest disadvantage is the transmitter's computational complexity, which may be up to two hundred times that of OFDM if there is no reduction in complexity. The majority of current research on unique waveforms has focused on filter modification or performance enhancement strategies. UFMC with the use of adaptive filter (UFMC -FSK) is offered as a revolutionary technique in this study. The filter designed and used to transport information through the index modulation technique. As a result, each UF-OFDM sub band's used filter is chosen, so the data rate is enhanced according to a filter configured depending on original input data bits. The combined Maximum-likelihood (ML) decision metric for each sub band that is calculated at the receiver. Each sub band has a filter as well as data symbols that provide the minimal metric for making decisions are discovered. Furthermore, the bit error rate and power spectrum density are enhanced over the UF-OFDM technique, however there is some trade-off. Overall, the proposed system outperform typical UF-OFDM. Matlab simulations are used to assess the performance of the Adaptive UFMC system.
Бесплатно
Design and Implementation of Reliable Encryption Algorithms through Soft Error Mitigation
Статья научная
Designing a reliable system on reconfigurable devices has become a significant factor for implementing mission critical applications like communication protocols, automotive, nuclear reactor control, and remote applications. With the improvement in fabrication technology, logic density of the field programmable gate arrays has increased rapidly. Because of decrease in feature size, integrated circuits are becoming vulnerable to errors and also the ageing component results in run time faults. FPGAs when used in harsh conditions like high radiation and temperatures, there is a possibility of getting affected by transient faults or the soft errors. In digital communication, safety and confidentiality of data is achieved through a suitable encryption algorithm. Encryption is most important aspect when it comes to security. Reliable design techniques are very much necessary for maintaining the system’s normal function. Many of the available techniques are based on redundancy logic causing area overhead for the design. Through this paper, an implementation is illustrated for managing soft errors or the single event upsets. Proposed methodology identifies and avoids the errors occurring at the logic resources where the encryption algorithms are mapped on the device. Thus encryption algorithms work normally without getting affected by the errors. During the simulation process, errors are injected at the configuration memory frames and monitored using a Single event-upset manager (SEM) controller. The proposed design is implemented on Zedboard using Xilinx Vivado 2017.4.
Бесплатно
Статья научная
Field programmable gate arrays (FPGAs) are the reconfigurable logic devices which are widely used in many applications like space missions, automotive electronics, complex computing systems and system prototyping. Run time reconfigurability feature supported in high end FPGAs allows the designer to optimize design with respect to resource utilization and power consumption. Using partial reconfiguration a specific part of the FPGA can be reconfigured at run time without altering the original design. In data communication, safety and confidentiality of data is achieved through a suitable encryption algorithm. Encryption is most important aspect when it comes to security. Design flexibility can be increased by providing an option to the user to select a particular algorithm as per the requirement. Instead of using a single algorithm to encrypt data, multiple algorithms can be used with an option to switch between the algorithms. Thus optimizing the resource utilization and also can avoid security breach. Through this work, an attempt is made to include reconfiguration of the design at run-time. This design implements different encryption algorithms at different instance of time. In this paper two encryption algorithms i.e. Advance Encryption Standard (AES) and TwoFish both of 128-bit are chosen to reconfigure at runtime using a custom ICAP (Internal Configuration Access Port) controller IP provided by Xilinx and is implemented on Zedboard. Main advantage of this implementation is that the user have an option to switch between two algorithms, thus helping in overall resource optimization.
Бесплатно
Статья научная
In the last decades, monitoring cameras begin to play a vital role in securing sensitive systems such as government sites or establishments. Generally, these kinds of cameras are fixed-location (i.e. outdoor camera) such that the viewpoint is limited to small area and not covering the whole place. In addition, there are some drawbacks that appear when using these kinds of cameras such as being breakable (intentionally or not) which may lead to camera malfunction or breaking in the linked electrical wires that may cause disconnection between the camera, monitor and its receiver. However, the main problem is the lacking of secure protecting system that prevents intruders from entering into the system disabling or malfunction it. In this research a new system is proposed in order to solve these problems by using wireless-mobile camera with embedded programmable operating system which enables controlling this camera remotely by sending wireless commands through the embedded component called Arduino card controller. This card enables the connection between the camera and the server to be programmatic by the user or developer. The main goal of this research is to design a monitoring system to detect any suspicious events and to ensure that the transferring monitoring data from the camera to the server is not infiltrated by unauthorized person by applying a set of techniques from image detection, object tracking and security algorithms to the instructions or the program of the camera. Compared with other researches, this work achieved the following goals: 1- Using Arduino card for programming the camera. 2- IP camera does not require user name and password. 3- The images and the other information are (encrypted) when sending to/from computer, 4- Using Mobile-wireless camera. 5- Process of keys exchanging between camera and computer. The results of this research are good and achieved the main goals of new developed technique.
Бесплатно
Design and Implementation of a Security Scheme for Detecting System Vulnerabilities
Статья научная
With evolution of internet, security becomes a major concern. Number of malicious programs called malware, travels through network into systems. They have many advanced properties like self-hiding, self-healing and stealth mode execution, which are hard to detect. Therefore, the major challenge for researchers today is to detect and mitigate such programs. Since there is a new virus implemented every minute no detection mechanism can be designed which gives 100% protection but by keeping the anti-virus database up to date we can escape many attacks. In this paper, an effort has been made to explain the design of a system program which can scan the vulnerable files on the system, generate logs and this can later be used to design antivirus software and stop virus execution. This program aims to scan system files and target the files which are vulnerable present on the system based on their file extensions. It generates logs after the system scan is complete which can be studied and used for anti-virus creation.
Бесплатно
Design and implementation of malware detection scheme
Статья научная
Malware is a worldwide epidemic and studies suggest that with the evolution of internet it is getting even worse. There is a new virus implemented every minute and various relevant strategies and tactics have been proposed to alleviate and eradicate cyber threats. Therefore, major concern for the researchers today is to detect and mitigate such programs. In this paper an effort has been made to propose a system which will detect some dangerous viruses and some features of the recently emerged new form of malware in cyberspace known as Ransomware. Imposing serious threats to information assets protection ransomware victimizes the internet users by hijacking user files, encrypting them, then demanding a ransom to be paid in exchange of the decryption key. The proposed program aims to scan the system to get hold of all vulnerable files present on the system and to detect the malicious one’s and remove them.
Бесплатно
Design of a Green Automated Wireless System for Optimal Irrigation
Статья научная
Towards sustainable agriculture, the management of scarce water resources has become more crucial. In this article, we proffer a green automated wireless system (GAWS) aimed at maximizing and efficiently utilizing water resources for irrigation. The proposed irrigation system is a green technology which will be powered exclusively by solar energy. In its operation, it uses solar-powered wireless sensors for obtaining and transmitting information about soil moisture content of different segments on a given farm. The GAWS will ensure that irrigation is done only when necessary via a solar-powered irrigation control centre. For optimal irrigation, the automated intelligent control centre is designed to trigger solar-powered groundwater pumps wirelessly to execute necessary irrigation for a particular portion of the farm and fall back on an external irrigation system if that proves insufficient. It is envisaged that the proposed irrigation system will improve total crop yields by maximizing the utility of scarce water resources from both internal and external irrigation sources. It will also minimize the cost of time and labour involved in irrigation management, harness renewable energy and be environmentally friendly.
Бесплатно
Статья научная
Photoplethysmogram (PPG) sensing is a field of signal measurement that involves accurate sensor design and efficient signal processing. Sensing interfaces have matured due to use of sophisticated nano-meter technologies, that allow for high speed, and low error sampling. Thus, in order to improve the efficiency of PPG sensing, the signal processing unit must be tweaked. A wide variety of algorithms have been proposed by researchers that use different classification models for signal conditioning and error reduction. When applied to blood pressure (BP) monitoring, the efficiency of these models is limited by their ability to differentiate between BP levels. In order to improve this efficiency, the underlying text proposes a novel multimodal ensemble classifier. The proposed classifier accumulates correct classification instances from a series of highly efficient classifiers in order to enhance the efficiency of PPG sensing. This efficiency is compared with standard classification models like k-nearest neighbors (kNN), random forest (RF), linear support vector machine (LSVM), multilayer perceptron (MLP), and logistic regression (LR). It is observed that the proposed model is 10% efficient than these models in terms of classification accuracy; and thus, can be used for real time BP monitoring PPG signal acquisition scenarios. This accuracy is estimated by comparing actual BP values with measured BP values, and then evaluating error difference w.r.t. other algorithms.
Бесплатно
Статья научная
In this modern era of digital communication even a trivial task needs to be performed over internet which is not secure. Many cryptographic algorithms existed to provide security which facilitates secure communication through internet. As these algorithms need a secret session key, it is required to interchange this key in a secure way. In two-party communication, two clients initially share a low random (entropy) password through a secure channel to establish a secret session key. But this paradigm necessitates high maintenance of passwords, since each communicating pair requires separate passwords to establish a secure session key. In three-party communication network, each communication party shares a password with the trusted third-party (server) to exchange a secret session key. The beauty of this setting is that, even a server does not know the session key. The Password Authenticated Encrypted Key Exchange (PA-EKE) protocols have attracted a lot of curiosity to authors to propose various two-party and three-party PA-EKE protocols. Security flaws in various protocols proposed by Chang-Chang, Yoon-Yoo, PSRJ and Raj et al. inspired to design a robust, computationally efficient and highly secure protocol. This paper is an attempt to propose a secure and novel Password Authenticated 3P-EKE protocol using XOR operations and analogous (parallel) message transmission. The proposed protocol is easy to design and more secured against all types of attacks like password guessing, replay, pre-play, server spoofing etc. which made this protocol special.
Бесплатно
Design of a Web Interface for Fractional Chaotic Systems
Статья научная
There exists a great number of work related to chaotic systems investigated by many researchers, especially about Lorenz chaotic system. If the order of differentiation of variables are fractional, the systems are called fractional chaotic systems. In this work a web-based interface is designed for fractional composition of five different chaotic systems. The interface takes initial and fractional differentiation values and yields output signals and phase portraits. The paper first introduces design tools and then provides results obtained throughout the experiments.
Бесплатно
Design of an Android Application for Secure Chatting
Статья научная
Smart phones have become an essential part in the life of the individuals and their priorities at the present time. The most prominent uses are in chatting and conversation applications. Most of these applications do not provide the required protection and privacy of the data exchanged between users. Yet there are very few mobile chat applications that provides an End-to-End (E2E) security and privacy-preserving service to their clients. In this paper, a secure chatting application with end to end encryption for smart phones that use the android OS has been proposed. The proposed application uses the ECDH algorithm to generate the key pair and exchange to produce the shared key that will be used for the encryption of data by symmetric algorithms. The proposed Application allows the users to communicate via text messages, voice messages, as well as exchange photos. For the text message security the standard AES algorithm with a 128 bit key is used. The generated key (160 bit) minimized to 128 bit length in order to be used by the AES algorithm. For the voice and image security processes the proposed application uses the symmetric algorithm RC4 for this purpose. RC4 provides less security than AES, but it performs faster and this is required for such types and sizes of data.
Бесплатно
Design, Analysis, and Implementation of a Two-factor Authentication Scheme using Graphical Password
Статья научная
With the increase in the number of e-services, there is a sharp increase in online financial transactions these days. These services require a strong authentication scheme to validate the users of these services and allow access to the resources for strong security. Since two-factor authentication ensures the required security strength, various organizations employ biometric-based or Smart Card or Cryptographic Token-based methods to ensure the safety of user accounts. But most of these methods require a verifier table for validating users at a server. This poses a security threat of stolen-verifier attack. To address this issue, there is a strong need for authentication schemes for e-services that do not require a verifier table at the server. Therefore, this paper proposes the design of an authentication scheme for e-services which should be resistant to various attacks including a stolen verifier attack. The paper will also discuss: 1) The proposed scheme analyzed for security provided against the known authentication attacks 2) The concept implementation of the proposed scheme.
Бесплатно
Статья научная
With all the brisk growth of web, distributed denial of service attacks are becoming the most serious issues in a data center scenarios where lot many servers are deployed. A Distributed Denial of Service attack gen-erates substantial packets by a large number of agents and can easily tire out the processing and communication resources of a victim within very less period of time. Defending DDoS problem involved several steps from detection, characterization and traceback in order todomitigation. The contribution of this research paper is a lot more. Firstly, flooding based DDoS problems is detected using obtained packets based entropy approach in a data center scenario. Secondly entropy based traceback method is applied to find the edge routers from where the whole attack traffic is entering into the ISP domain of the data center. Various simulation scenarios using NS2 are depicted in order to validate the proposed method using GT-ITM primarily based topology generators. Information theory based metrics like entropy; average entropy and differential entropy are used for this purpose.
Бесплатно
Detecting Android Malware by Mining Enhanced System Call Graphs
Статья научная
The persistent threat of malicious applications targeting Android devices has been growing in numbers and severity. Numerous techniques have been utilized to defend against this thread, including heuristic-based ones, which are able to detect unknown malware. Among the many features that this technique uses are system calls. Researchers have used several representation methods to capture system calls, such as histograms. However, some information may be lost if the system calls as a feature is only represented as a 1-dimensional vector. Graphs can represent the interaction of different system calls in an unusual or suspicious way, which can indicate malicious behavior. This study uses machine learning algorithms to recognize malicious behavior represented in a graph. The system call graph was fed into machine learning algorithms such as AdaBoost, Decision Table, Naïve Bayes, Random Forest, IBk, J48, and Logistic regression. We further employ a series feature selection method to improve detection accuracy and eliminate computational complexity. Our experiment results show that the proposed method has reduced feature dimension to 91.95% and provides 95.32% detection accuracy.
Бесплатно
Detecting Hidden Information in FAT
Статья научная
Various steganographic methods are used to hide information. Some of them allow you to reliably hide the fact of storage and transmission of information data. This paper analysis the methods of technical steganography that are based on hiding information messages into the structure of the FAT file system by reordering particular clusters of specially selected files (cover files). These methods allow you to reliably hide information in the file system structure, while redundancy is not explicitly entered anywhere. This means that the hidden information is not explicitly contained in the service fields or individual clusters of the file system, the size of the data stored on the physical storage medium does not change. Such steganographic systems are very difficult to detect, it is almost impossible to identify the fact of hiding information by traditional methods. The steganographic analysis technique based on the study of file system properties was developed. In particular, we analyzed the fragmentation of various files stored on a physical medium, and examine the statistical properties of various types, sizes and uses of files. Identification of anomalous properties may indicate a possible reordering of clusters of individual files, i.e. this will detect hidden information. The study of these principles is important for a better understanding of the design and counteraction of steganographic systems based on the methods of reordering clusters of cover files in the structure of the FAT. Thus, this article substantiates new approaches to steganoanalysis of cluster file systems for information hidingю. They are based on a statistical analysis of file systems of various data carriers, as well as an assessment of the fragmentation level of both individual files and the entire file system.
Бесплатно
Detecting Remote Access Network Attacks Using Supervised Machine Learning Methods
Статья научная
Remote access technologies encrypt data to enforce policies and ensure protection. Attackers leverage such techniques to launch carefully crafted evasion attacks introducing malware and other unwanted traffic to the internal network. Traditional security controls such as anti-virus software, firewall, and intrusion detection systems (IDS) decrypt network traffic and employ signature and heuristic-based approaches for malware inspection. In the past, machine learning (ML) approaches have been proposed for specific malware detection and traffic type characterization. However, decryption introduces computational overheads and dilutes the privacy goal of encryption. The ML approaches employ limited features and are not objectively developed for remote access security. This paper presents a novel ML-based approach to encrypted remote access attack detection using a weighted random forest (W-RF) algorithm. Key features are determined using feature importance scores. Class weighing is used to address the imbalanced data distribution problem common in remote access network traffic where attacks comprise only a small proportion of network traffic. Results obtained during the evaluation of the approach on benign virtual private network (VPN) and attack network traffic datasets that comprise verified normal hosts and common attacks in real-world network traffic are presented. With recall and precision of 100%, the approach demonstrates effective performance. The results for k-fold cross-validation and receiver operating characteristic (ROC) mean area under the curve (AUC) demonstrate that the approach effectively detects attacks in encrypted remote access network traffic, successfully averting attackers and network intrusions.
Бесплатно
Detecting Sinkhole Attacks in Wireless Sensor Network using Hop Count
Статья научная
Nowadays, Wireless Sensor Networks (WSNs) are widely used in many areas, especially in environment applications, military applications, queue tracking, etc. WSNs are vulnerable to different types of security attacks due to various constraints such as broadcasted nature of transmission medium, deployment in open or hostile environment where they are not physically protected, less memory, and limited battery power. So, security system is the crucial requirements of these networks. One of the most notably routing attacks is the sinkhole attack where an adversary captures or insert nodes in the sensor field that advertise high quality routes to the base station. In this paper, a mechanism is proposed against sinkhole attacks which detect malicious nodes using hop counting. The main advantage of the proposed technique is that, a node can detects malicious nodes only collaborating with the neighbor nodes without requiring any negotiation with the base station. Simulation result shows that, the proposed technique successfully detects the sinkhole nodes for large sensor field.
Бесплатно
Detection Block Model for SQL Injection Attacks
Статья научная
With the rapid development of Internet, more and more organizations connect their databases to the Internet for resource sharing. However, due to developers' lack of knowledge of all possible attacks, web applications become vulnerable to multiple attacks. Thus the network databases could face multiple threats. Web applications generally consist of a three tier architecture where database is in the third pole, which is the most valuable asset in any organization. SQL injection is an attack technique in which specially crafted input string is entered in user input field. It is submitted to server and result is returned to the user. In SQL injection vulnerability, the database server is forced to execute malicious operations which may cause the data loss or corruption, denial of access, and unauthentic access to sensitive data by crafting specific inputs. An attacker can directly compromise the database, and that is why this is a most threatening web attack. SQL injection attack occupies first position in top ten vulnerabilities as specified by Open Web Application Security Project. It is probably the most common Website vulnerability today. Current scenarios which provide solutions to SQL injection attack either have limited scope i.e. can’t be implemented across all platforms, or do not cover all types of SQL injection attacks. In this work we implement Message Authentication Code (MAC) based solution against SQL injection attacks. The model works both on client and server side. Client side implements a filter function and server side is based on information theory. MAC of static and dynamic queries is compared to detect SQL injection attack.
Бесплатно
Detection and Mitigation of Sybil Attack in Peer-to-peer Network
Статья научная
Peer-to-peer networks are widely used today. Due to this wide use, they are the target of many attackers. The most mentionable of them is the Sybil attack. This is an attack in which it creates many fake identities. In this paper, the detection scheme and efficient mitigation mechanism to counteract Sybil attack in the peer-to-peer network is proposed. The proposed Sybil detection scheme is used to detect Sybil attack. The detection of Sybil attack is depending upon the behavior of the packets. The identity and the location of the packet are checked. If the location and identity of the packet are changed than that of the mentioned, the packet is detected as a Sybil attack. Sybil mitigation scheme is the combination of cost incurred method and certified authentication method. The Sybil packet will be removed by closing read/write operations. The proposed scheme is evaluated on the basis of detection rate and false positive rate. The experimental results show that Sybil attack is accurately detected by the proposed system in terms of low false positive rate and high detection rate. Moreover, the proposed system works efficiently in terms of Sybil detection rate and false positive rate.
Бесплатно
