International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1177
Design and Implementation of a Security Scheme for Detecting System Vulnerabilities
Статья научная
With evolution of internet, security becomes a major concern. Number of malicious programs called malware, travels through network into systems. They have many advanced properties like self-hiding, self-healing and stealth mode execution, which are hard to detect. Therefore, the major challenge for researchers today is to detect and mitigate such programs. Since there is a new virus implemented every minute no detection mechanism can be designed which gives 100% protection but by keeping the anti-virus database up to date we can escape many attacks. In this paper, an effort has been made to explain the design of a system program which can scan the vulnerable files on the system, generate logs and this can later be used to design antivirus software and stop virus execution. This program aims to scan system files and target the files which are vulnerable present on the system based on their file extensions. It generates logs after the system scan is complete which can be studied and used for anti-virus creation.
Бесплатно
Design and implementation of malware detection scheme
Статья научная
Malware is a worldwide epidemic and studies suggest that with the evolution of internet it is getting even worse. There is a new virus implemented every minute and various relevant strategies and tactics have been proposed to alleviate and eradicate cyber threats. Therefore, major concern for the researchers today is to detect and mitigate such programs. In this paper an effort has been made to propose a system which will detect some dangerous viruses and some features of the recently emerged new form of malware in cyberspace known as Ransomware. Imposing serious threats to information assets protection ransomware victimizes the internet users by hijacking user files, encrypting them, then demanding a ransom to be paid in exchange of the decryption key. The proposed program aims to scan the system to get hold of all vulnerable files present on the system and to detect the malicious one’s and remove them.
Бесплатно
Статья научная
Wireless communication for data and a variety of wireless interacted devices have increased dramatically in the past few years. Millimeter wave (mmWave) technology can serve the primary objectives of 5G networks, which include high data throughput and low latency. But mmWave signals for communications lacking substantial diffraction and are consequently more susceptible to obstruction by environmental physical objects, which could cause communication lines to be disrupted and congestion takes place. Wireless data transmission suffers from blockages and path loss, causes high latency as well as reduces the data transmission speed and degrades in quality performance. To overcome the limitations, Rough Set Theory with hypertuned SVM is implemented and designed the congestion prediction model based on the behaviour of network towers for low latency and high-speed data transmission. The data from the different towers is initially collected and created as a dataset. Super MICE is a technique to replace the missing data. Then, the Rough Set Theory is utilized to cluster the data into equivalent classes based on the behaviour of 5G, 4G and 3G wireless network. Hypertuned SVM with a Gazelle optimization algorithm is applied to predict the congestion level by accurately selecting the hyperparameter. By employing performance metrics, the proposed approach is examined and contrasted with existing techniques. The evaluation of performance measurements for the proposed method includes informedness attained as 91%, Adjusted Rand Index obtained value as 0.83, Jaccard as 0.737. Accuracy, precision, sensitivity, error, F1_score, and NPV are also achieved at 93%, 92%, 94%, 7%, 92%, and 90%, respectively. According to this evaluation, the proposed model is superior to perform than the earlier used existing methods.
Бесплатно
Design of a Green Automated Wireless System for Optimal Irrigation
Статья научная
Towards sustainable agriculture, the management of scarce water resources has become more crucial. In this article, we proffer a green automated wireless system (GAWS) aimed at maximizing and efficiently utilizing water resources for irrigation. The proposed irrigation system is a green technology which will be powered exclusively by solar energy. In its operation, it uses solar-powered wireless sensors for obtaining and transmitting information about soil moisture content of different segments on a given farm. The GAWS will ensure that irrigation is done only when necessary via a solar-powered irrigation control centre. For optimal irrigation, the automated intelligent control centre is designed to trigger solar-powered groundwater pumps wirelessly to execute necessary irrigation for a particular portion of the farm and fall back on an external irrigation system if that proves insufficient. It is envisaged that the proposed irrigation system will improve total crop yields by maximizing the utility of scarce water resources from both internal and external irrigation sources. It will also minimize the cost of time and labour involved in irrigation management, harness renewable energy and be environmentally friendly.
Бесплатно
Статья научная
Photoplethysmogram (PPG) sensing is a field of signal measurement that involves accurate sensor design and efficient signal processing. Sensing interfaces have matured due to use of sophisticated nano-meter technologies, that allow for high speed, and low error sampling. Thus, in order to improve the efficiency of PPG sensing, the signal processing unit must be tweaked. A wide variety of algorithms have been proposed by researchers that use different classification models for signal conditioning and error reduction. When applied to blood pressure (BP) monitoring, the efficiency of these models is limited by their ability to differentiate between BP levels. In order to improve this efficiency, the underlying text proposes a novel multimodal ensemble classifier. The proposed classifier accumulates correct classification instances from a series of highly efficient classifiers in order to enhance the efficiency of PPG sensing. This efficiency is compared with standard classification models like k-nearest neighbors (kNN), random forest (RF), linear support vector machine (LSVM), multilayer perceptron (MLP), and logistic regression (LR). It is observed that the proposed model is 10% efficient than these models in terms of classification accuracy; and thus, can be used for real time BP monitoring PPG signal acquisition scenarios. This accuracy is estimated by comparing actual BP values with measured BP values, and then evaluating error difference w.r.t. other algorithms.
Бесплатно
Статья научная
In this modern era of digital communication even a trivial task needs to be performed over internet which is not secure. Many cryptographic algorithms existed to provide security which facilitates secure communication through internet. As these algorithms need a secret session key, it is required to interchange this key in a secure way. In two-party communication, two clients initially share a low random (entropy) password through a secure channel to establish a secret session key. But this paradigm necessitates high maintenance of passwords, since each communicating pair requires separate passwords to establish a secure session key. In three-party communication network, each communication party shares a password with the trusted third-party (server) to exchange a secret session key. The beauty of this setting is that, even a server does not know the session key. The Password Authenticated Encrypted Key Exchange (PA-EKE) protocols have attracted a lot of curiosity to authors to propose various two-party and three-party PA-EKE protocols. Security flaws in various protocols proposed by Chang-Chang, Yoon-Yoo, PSRJ and Raj et al. inspired to design a robust, computationally efficient and highly secure protocol. This paper is an attempt to propose a secure and novel Password Authenticated 3P-EKE protocol using XOR operations and analogous (parallel) message transmission. The proposed protocol is easy to design and more secured against all types of attacks like password guessing, replay, pre-play, server spoofing etc. which made this protocol special.
Бесплатно
Design of a Web Interface for Fractional Chaotic Systems
Статья научная
There exists a great number of work related to chaotic systems investigated by many researchers, especially about Lorenz chaotic system. If the order of differentiation of variables are fractional, the systems are called fractional chaotic systems. In this work a web-based interface is designed for fractional composition of five different chaotic systems. The interface takes initial and fractional differentiation values and yields output signals and phase portraits. The paper first introduces design tools and then provides results obtained throughout the experiments.
Бесплатно
Design of an Android Application for Secure Chatting
Статья научная
Smart phones have become an essential part in the life of the individuals and their priorities at the present time. The most prominent uses are in chatting and conversation applications. Most of these applications do not provide the required protection and privacy of the data exchanged between users. Yet there are very few mobile chat applications that provides an End-to-End (E2E) security and privacy-preserving service to their clients. In this paper, a secure chatting application with end to end encryption for smart phones that use the android OS has been proposed. The proposed application uses the ECDH algorithm to generate the key pair and exchange to produce the shared key that will be used for the encryption of data by symmetric algorithms. The proposed Application allows the users to communicate via text messages, voice messages, as well as exchange photos. For the text message security the standard AES algorithm with a 128 bit key is used. The generated key (160 bit) minimized to 128 bit length in order to be used by the AES algorithm. For the voice and image security processes the proposed application uses the symmetric algorithm RC4 for this purpose. RC4 provides less security than AES, but it performs faster and this is required for such types and sizes of data.
Бесплатно
Design, Analysis, and Implementation of a Two-factor Authentication Scheme using Graphical Password
Статья научная
With the increase in the number of e-services, there is a sharp increase in online financial transactions these days. These services require a strong authentication scheme to validate the users of these services and allow access to the resources for strong security. Since two-factor authentication ensures the required security strength, various organizations employ biometric-based or Smart Card or Cryptographic Token-based methods to ensure the safety of user accounts. But most of these methods require a verifier table for validating users at a server. This poses a security threat of stolen-verifier attack. To address this issue, there is a strong need for authentication schemes for e-services that do not require a verifier table at the server. Therefore, this paper proposes the design of an authentication scheme for e-services which should be resistant to various attacks including a stolen verifier attack. The paper will also discuss: 1) The proposed scheme analyzed for security provided against the known authentication attacks 2) The concept implementation of the proposed scheme.
Бесплатно
Статья научная
With all the brisk growth of web, distributed denial of service attacks are becoming the most serious issues in a data center scenarios where lot many servers are deployed. A Distributed Denial of Service attack gen-erates substantial packets by a large number of agents and can easily tire out the processing and communication resources of a victim within very less period of time. Defending DDoS problem involved several steps from detection, characterization and traceback in order todomitigation. The contribution of this research paper is a lot more. Firstly, flooding based DDoS problems is detected using obtained packets based entropy approach in a data center scenario. Secondly entropy based traceback method is applied to find the edge routers from where the whole attack traffic is entering into the ISP domain of the data center. Various simulation scenarios using NS2 are depicted in order to validate the proposed method using GT-ITM primarily based topology generators. Information theory based metrics like entropy; average entropy and differential entropy are used for this purpose.
Бесплатно
Detecting Android Malware by Mining Enhanced System Call Graphs
Статья научная
The persistent threat of malicious applications targeting Android devices has been growing in numbers and severity. Numerous techniques have been utilized to defend against this thread, including heuristic-based ones, which are able to detect unknown malware. Among the many features that this technique uses are system calls. Researchers have used several representation methods to capture system calls, such as histograms. However, some information may be lost if the system calls as a feature is only represented as a 1-dimensional vector. Graphs can represent the interaction of different system calls in an unusual or suspicious way, which can indicate malicious behavior. This study uses machine learning algorithms to recognize malicious behavior represented in a graph. The system call graph was fed into machine learning algorithms such as AdaBoost, Decision Table, Naïve Bayes, Random Forest, IBk, J48, and Logistic regression. We further employ a series feature selection method to improve detection accuracy and eliminate computational complexity. Our experiment results show that the proposed method has reduced feature dimension to 91.95% and provides 95.32% detection accuracy.
Бесплатно
Detecting Hidden Information in FAT
Статья научная
Various steganographic methods are used to hide information. Some of them allow you to reliably hide the fact of storage and transmission of information data. This paper analysis the methods of technical steganography that are based on hiding information messages into the structure of the FAT file system by reordering particular clusters of specially selected files (cover files). These methods allow you to reliably hide information in the file system structure, while redundancy is not explicitly entered anywhere. This means that the hidden information is not explicitly contained in the service fields or individual clusters of the file system, the size of the data stored on the physical storage medium does not change. Such steganographic systems are very difficult to detect, it is almost impossible to identify the fact of hiding information by traditional methods. The steganographic analysis technique based on the study of file system properties was developed. In particular, we analyzed the fragmentation of various files stored on a physical medium, and examine the statistical properties of various types, sizes and uses of files. Identification of anomalous properties may indicate a possible reordering of clusters of individual files, i.e. this will detect hidden information. The study of these principles is important for a better understanding of the design and counteraction of steganographic systems based on the methods of reordering clusters of cover files in the structure of the FAT. Thus, this article substantiates new approaches to steganoanalysis of cluster file systems for information hidingю. They are based on a statistical analysis of file systems of various data carriers, as well as an assessment of the fragmentation level of both individual files and the entire file system.
Бесплатно
Detecting Remote Access Network Attacks Using Supervised Machine Learning Methods
Статья научная
Remote access technologies encrypt data to enforce policies and ensure protection. Attackers leverage such techniques to launch carefully crafted evasion attacks introducing malware and other unwanted traffic to the internal network. Traditional security controls such as anti-virus software, firewall, and intrusion detection systems (IDS) decrypt network traffic and employ signature and heuristic-based approaches for malware inspection. In the past, machine learning (ML) approaches have been proposed for specific malware detection and traffic type characterization. However, decryption introduces computational overheads and dilutes the privacy goal of encryption. The ML approaches employ limited features and are not objectively developed for remote access security. This paper presents a novel ML-based approach to encrypted remote access attack detection using a weighted random forest (W-RF) algorithm. Key features are determined using feature importance scores. Class weighing is used to address the imbalanced data distribution problem common in remote access network traffic where attacks comprise only a small proportion of network traffic. Results obtained during the evaluation of the approach on benign virtual private network (VPN) and attack network traffic datasets that comprise verified normal hosts and common attacks in real-world network traffic are presented. With recall and precision of 100%, the approach demonstrates effective performance. The results for k-fold cross-validation and receiver operating characteristic (ROC) mean area under the curve (AUC) demonstrate that the approach effectively detects attacks in encrypted remote access network traffic, successfully averting attackers and network intrusions.
Бесплатно
Detecting Sinkhole Attacks in Wireless Sensor Network using Hop Count
Статья научная
Nowadays, Wireless Sensor Networks (WSNs) are widely used in many areas, especially in environment applications, military applications, queue tracking, etc. WSNs are vulnerable to different types of security attacks due to various constraints such as broadcasted nature of transmission medium, deployment in open or hostile environment where they are not physically protected, less memory, and limited battery power. So, security system is the crucial requirements of these networks. One of the most notably routing attacks is the sinkhole attack where an adversary captures or insert nodes in the sensor field that advertise high quality routes to the base station. In this paper, a mechanism is proposed against sinkhole attacks which detect malicious nodes using hop counting. The main advantage of the proposed technique is that, a node can detects malicious nodes only collaborating with the neighbor nodes without requiring any negotiation with the base station. Simulation result shows that, the proposed technique successfully detects the sinkhole nodes for large sensor field.
Бесплатно
Detection Block Model for SQL Injection Attacks
Статья научная
With the rapid development of Internet, more and more organizations connect their databases to the Internet for resource sharing. However, due to developers' lack of knowledge of all possible attacks, web applications become vulnerable to multiple attacks. Thus the network databases could face multiple threats. Web applications generally consist of a three tier architecture where database is in the third pole, which is the most valuable asset in any organization. SQL injection is an attack technique in which specially crafted input string is entered in user input field. It is submitted to server and result is returned to the user. In SQL injection vulnerability, the database server is forced to execute malicious operations which may cause the data loss or corruption, denial of access, and unauthentic access to sensitive data by crafting specific inputs. An attacker can directly compromise the database, and that is why this is a most threatening web attack. SQL injection attack occupies first position in top ten vulnerabilities as specified by Open Web Application Security Project. It is probably the most common Website vulnerability today. Current scenarios which provide solutions to SQL injection attack either have limited scope i.e. can’t be implemented across all platforms, or do not cover all types of SQL injection attacks. In this work we implement Message Authentication Code (MAC) based solution against SQL injection attacks. The model works both on client and server side. Client side implements a filter function and server side is based on information theory. MAC of static and dynamic queries is compared to detect SQL injection attack.
Бесплатно
Detection and Mitigation of Sybil Attack in Peer-to-peer Network
Статья научная
Peer-to-peer networks are widely used today. Due to this wide use, they are the target of many attackers. The most mentionable of them is the Sybil attack. This is an attack in which it creates many fake identities. In this paper, the detection scheme and efficient mitigation mechanism to counteract Sybil attack in the peer-to-peer network is proposed. The proposed Sybil detection scheme is used to detect Sybil attack. The detection of Sybil attack is depending upon the behavior of the packets. The identity and the location of the packet are checked. If the location and identity of the packet are changed than that of the mentioned, the packet is detected as a Sybil attack. Sybil mitigation scheme is the combination of cost incurred method and certified authentication method. The Sybil packet will be removed by closing read/write operations. The proposed scheme is evaluated on the basis of detection rate and false positive rate. The experimental results show that Sybil attack is accurately detected by the proposed system in terms of low false positive rate and high detection rate. Moreover, the proposed system works efficiently in terms of Sybil detection rate and false positive rate.
Бесплатно
Статья научная
The primary benefits of Clouds are that they can elastically scale to meet variable demands and provide corresponding environments for computing. Cloud infrastructures require highest levels of protections from DDoS (Distributed Denial-of-Services). Attacks from DDoSs need to be handled as they jeopardize availability of networks. These attacks are becoming very complex and are evolving at rapid rates making it complex to counter them. Hence, this paper proposes GKDPCAs (Gaussian kernel density peak clustering techniques) and ACDBNs (Altered Convolution Deep Belief Networks) to handle these attacks. DPCAs (density peak clustering algorithms) are used to partition training sets into numerous subgroups with comparable characteristics, which help in minimizing the size of training sets and imbalances in samples. Subset of ACDBNs get trained in each subgroup where FSs (feature selections) of this work are executed using SFOs (Sun-flower Optimizations) which evaluate the integrity of reduced feature subsets. The proposed framework has superior results in its experimental findings while working with NSL-KDD and CICIDS2017 datasets. The resulting overall accuracies, recalls, precisions, and F1-scoresare better than other known classification algorithms. The framework also outperforms other IDTs (intrusion detection techniques) in terms of accuracies, detection rates, and false positive rates.
Бесплатно
Detection of DDoS Attacks Using Machine Learning Classification Algorithms
Статья научная
The Internet is the most essential tool for communication in today's world. As a result, cyber-attacks are growing more often, and the severity of the consequences has risen as well. Distributed Denial of Service is one of the most effective and costly top five cyber attacks. Distributed Denial of Service (DDoS) is a type of cyber attack that prevents legitimate users from accessing network system resources. To minimize major damage, quick and accurate DDoS attack detection techniques are essential. To classify target classes, machine learning classification algorithms are faster and more accurate than traditional classification methods. This is a quantitative research applies Logistic Regression, Decision Tree, Random Forest, Ada Boost, Gradient Boost, KNN, and Naive Bayes classification algorithms to detect DDoS attacks on the CIC-DDoS2019 data set, which contains eleven different DDoS attacks each containing 87 features. In addition, evaluated classifiers’ performances in terms of evaluation metrics. Experimental results show that AdaBoost and Gradient Boost algorithms give the best classification results, Logistic Regression, KNN, and Naive Bayes give good classification results, Decision Tree and Random Forest produce poor classification results.
Бесплатно
Detection of Suspicious Timestamps in NTFS using Volume Shadow Copies
Статья научная
When a computer gets involved in a crime, it is the mission of the digital forensic experts to extract the left binary artifacts on that device. Among those artifacts, there may be some volume shadow copy files left on the Windows operating system. Those files are snapshots of the volume recorded by the system in case of a needed restore to a specific past date. Before this study, we did not know if the valuable forensic information hold within those snapshot files can be exploited to locate suspicious timestamps in an NTFS formatted partition. This study provides the reader with an inter-snapshot time analysis for detecting file system timestamp manipulation. In other words, we will leverage the presence of the time information within multiples volume shadow copies to detect any suspicious tampering of the file system timestamps. A detection algorithm of the suspicious timestamps is contributed. Its main role is to assist the digital investigator to spot the manipulation if it has occurred. In addition, a virtual environment has been set up to validate the use of the proposed algorithm for the detection.
Бесплатно
Статья научная
Big data applications running on a big data cluster, creates a set of process on different nodes and exchange data via regular network protocols. The nodes of the cluster may receive some new type of attack or unpredictable internal attack from those applications submitted by client. As the applications are allowed to run on the cluster, it may acquire multiple node resources so that the whole cluster becomes slow or unavailable to other clients. Detection of these new types of attacks is not possible using traditional methods. The cumulative network traffic of the nodes must be analyzed to detect such attacks. This work presents an efficient testbed for internal attack generation, data set creation, and attack detection in the cluster. This work also finds the nodes under attack. A new insider attack named BUSY YARN Attack has been identified and analyzed in this work. The framework can be used to recognize similar insider attacks of type DOS where target node(s) in the cluster is unpredictable.
Бесплатно
