International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1148
Distributed Denial of Service Attack Detection Using Hyper Calls Analysis in Cloud
Статья научная
In the scenario of Distributed Denial of Service (DDoS) attacks are increasing in a significant manner, the attacks should be mitigated in the beginning itself to avoid its devastating consequences for any kind of business. DDoS attack can slow down or completely block online services of business like websites, email or anything that faces internet. The attacks are frequently originating from cloud virtual machines for anonymity and wide network bandwidth. Hyper-Calls Analysis(HCA) enables the tracing of command flow to detect any clues for the occurrence of malicious activity in the system. A DDoS attack detection approach proposed in this paper works in the hypervisor side to perform hyper calls based introspection with machine learning algorithms. The system evaluates system calls in hypervisor for the classification of malicious activities through Support Vector Machine and Stochastic Gradient Descent (SVM & SGD) Algorithms. The attack environment created using XOIC attacker tool and CPU death ping libraries. The system’s performance also evaluated on CICDDOS 2019 dataset. The experimental results reveal that more than 99.6% of accuracy in DDoS detection without degrading performance.
Бесплатно
Distributed Encrypting File System for Linux in User-space
Статья научная
Linux systems use Encrypting File System (EFS) for providing confidentiality and integrity services to files stored on disk in a secure, efficient and transparent manner. Distributed encrypting file system should also provide support for secure remote access, multiuser file sharing, possible use by non-privileged users, portability, incremental backups etc. Existing kernel-space EFS designed at file system level provides all necessary features, but they are not portable and cannot be mounted by non-privileged users. Existing user-space EFS have performance limitations and does not provide support for file sharing. Through this paper, modifications in the design and implementation of two existing user-space EFS, for performance gain and file sharing support, has been presented. Performance gain has been achieved in both the proposed approaches using fast and modern ciphers. File sharing support in proposed approaches has been provided with Public Key Infrastructure (PKI) integration using GnuPG PKI module and Linux Pluggable Authentication Module (PAM) framework. Cryptographic metadata is being stored as extended attributes in file's Access Control List (ACL) to make file sharing task easier and seamless to the end user.
Бесплатно
Distributed Intelligence Model for IoT Applications Based on Neural Networks
Статья научная
Increasing the implication of IoT data puts a focus on extracting the knowledge from sensors’ raw data. The management of sensors’ data is inefficient with current solutions, as studies have generally focused on either providing cloud-based IoT solutions or inefficient predefined rules. Cloud-based IoT solutions have problems with latency, availability, security and privacy, and power consumption. Therefore, Providing IoT gateways with relevant intelligence is essential for gaining knowledge from raw data to make the decision of whether to actuate or offload tasks to the cloud. This work proposes a model that provides an IoT gateway with the intelligence needed to extract the knowledge from sensors’ data in order to make the decision locally without needing to send all raw data to the cloud over the Internet. This speeds up decisions and actions for real-time data and overcomes the limitations of cloud-based IoT solutions. When the gateway is unable to process a task locally, the data and task are offloaded to the cloud.
Бесплатно
Distributed Malware Detection Algorithm (DMDA)
Статья научная
The increasing number of malwares has led to an increase in research work on malware analysis studying the malware behavior. The malware tries to leak sensitive information from infected devices. In this paper, we study a specific attack method, which distributes the data source and the point of data loss on different versions of the malware application. That is done using local storage by storing part or all of the vital data to be leaked in the future. We introduce a Distributed Malware Detection Algorithm (DMDA), which is an algorithm to detect distributed malware on app versions. DMDA proposes a new way to analyze application against redistributed malware. DMDA is created to analyze the data and identify transitional loss points. We test this algorithm on a sample of Android applications published on the Google Play market containing 100 applications, where each application has two versions. The algorithm detected 150 transient data sources, 200 transient loss of data point and two leakages of data. In comparison, this dataset was checked using 56 anti-malware applications but none of them could find any malicious code.
Бесплатно
Distributed Monitoring for Wireless Sensor Networks: a Multi-Agent Approach
Статья научная
In this paper, we will present a state of the art in using multi-agent technology for wireless sensor networks where the main goal is the conception of software architecture and the network organization dedicated to optimization, performance analysis, and monitoring. Then we explore in particular, the issues of topology control and works in this field and the use of multi-agent systems. Finally we will propose an agent based algorithm for fault tolerance and topology control in a wireless sensor network. Our proposal consists to embed an agent at each node that is responsible for selecting its parent node or the next hop to the sink when transferring packets. The process of parent change is based on the computation of a fault tolerance degree which is calculated periodically by the agent in cooperation with neighboring nodes, in addition to other parameters such as the number of hops, the energy and the quality of link. Simulation results show that this method of changing parent allows a fault tolerant network with enhanced life time compared with the collect tree protocol CTP used for data gathering in a wireless sensor network.
Бесплатно
Distributed Traffic Balancing Routing for LEO Satellite Networks
Статья научная
Satellite networks have been widely investigated both in the business and academia for many years, with many important routing algorithms reported in the literatures. However, fewer existing routing algorithms focus on the trade-off between the routing survivability and the routing computation and storage overheads. Due to topological dynamics, it is difficult to effectively apply the conventional routing protocols such as RIP or OSPF to Low Earth Orbit (LEO) satellite networks. According to the virtual topology model based on virtual node, this paper propose a new fully distributed routing protocol for LEO satellite networks, called Distributed Traffic Balancing Routing (DTBR). The proposed protocol not only guarantees the routing survivability and provides the ability of traffic balancing, but also result in few additional computation and storage overheads only deriving from the information flooding of failed satellites. Simulation results demonstrate positive conclusions of our methods.
Бесплатно
Distributed and Dynamic Channel Assignment Schemes for Wireless Mesh Network
Статья научная
Wireless mesh network (WMN) with wireless backhaul technology provides last-mile Internet connectivity to the end-users. In multi-radio multi-channel WMN (MRMC-WMN), routers provide multiple concurrent transmissions among end-users. The existence of interference among concurrent transmissions severely degrades the network performance. A well-organized channel assignment (CA) scheme significantly alleviates the interference effect. But in trying to minimize interference, the CA scheme may affect the network connectivity. So, the CA scheme has to consider both these two conflicting issues. In this paper, as part of the initial configuration of WMNs, we propose a game theory-based load-unaware CA scheme to minimize the co-channel interference and to maximize the network connectivity. To adapt to the varying network traffic, we propose a dynamic channel assignment scheme. This scheme measures the traffic-load condition of the working channels of each node. Whenever a node finds an overloaded channel, it initiates a channel switch. Channel switching based on the fixed threshold may result in a channel over/underutilization. For optimal channel utilization, we propose a fuzzy logic-based approach to compute the channel switch threshold. The contending nodes and their densities and loads dominantly affect the network capacity and hence the performance. In the context of network capacity enhancement, we have addressed these factors and focused on increasing the network capacity. The simulation results indicate that our proposed load-unaware and load-aware CA schemes outperform the other related load-unaware and load-aware CA approaches.
Бесплатно
Distributed denial of service detection using multi layered feed forward artificial neural network
Статья научная
One of the dangers faced by various organizations and institutions operating in the cyberspace is Distributed Denial of Service (DDoS) attacks; it is carried out through the internet. It resultant consequences are that it slow down internet services, makes it unavailable, and sometime destroy the systems. Most of the services it affects are online applications and procedures, system and network performance, emails and other system resources. The aim of this work is to detect and classify DDoS attack traffics and normal traffics using multi layered feed forward (FFANN) technique as a tool to develop model. The input parameters used for training the model are: service count, duration, protocol bit, destination byte, and source byte, while the output parameters are DDoS attack traffic or normal traffic. KDD99 dataset was used for the experiment. After the experiment the following results were gotten, 100% precision, 100% specificity rate, 100% classified rate, 99.97% sensitivity. The detection rate is 99.98%, error rate is 0.0179%, and inconclusive rate is 0%. The results above showed that the accuracy rate of the model in detecting DDoS attack is high when compared with that of the related works which recorded detection accuracy as 98%, sensitivity 96%, specificity 100% and precision 100%.
Бесплатно
Distributed wormhole attack mitigation technique in WSNs
Статья научная
Sensing element Networks area unit gaining a lot of attention as a result of applications like sensible cities(traffic congestion, sensible parking, sensible lighting), sensible setting (forest hearth detection, air pollution) security and emergencies (Radiation levels, Explosive and dangerous Gases, Military applications) to call a couple of. The important facet of those observation and chase applications area unit security and sensing element location. The Wireless sensing element Networks may be thought to be associate degree freelance theme for accomplishing data-intensive chores like atmosphere (habitat) perceptive, data congregation, earthquake perceptive, parcel intelligence operation, etc. and any communication to the appliance. Wormhole attack could be a severe threat to the safety of the network. Because it could be a passive attack, it's terribly difficult to notice Wormhole attack. The most stress of this analysis work is to mitigate the wormhole attack. During this paper, we have a tendency to address the wormhole attack by proposing a trust-based wormhole attack mitigation technique. Our projected system is easy with no further hardware demand and no tight clock synchronization.
Бесплатно
Double Layer Image Security System using Encryption and Steganography
Статья научная
The image security on internet transfers is the concern of the hour as the breaching attacks into the image databases are rising every year. The hackers take advantage of the stolen personal and important images to fulfill their dangerous and unethical intentions. The image data theft can be used to defame a person on the internet by posting the illegal and unacceptable images of that person (internet user). Hence the images transfers have to be secure to ensure the privacy of the user's image data. In this research, a number of image security systems have been studied to evaluate the research gap. Majority of the existing image security systems are not up to date to protect against the latest breaching attacks. So, we have proposed an effective and robust image security framework particularly designed for the images. The proposed has been designed and implemented using MATLAB. In this research, a hybrid image security framework has been proposed to overcome the problem stated earlier, which will be implemented by combining various techniques together to achieve the image security goal. The techniques included in the combination would beimage compression, cryptography andsteganography. DWT compression has been used, because it is a stronger compression algorithm. The steganographed image would be compressed to reduce its size. Blowfish encryption algorithm would be used for the encryption purposes. It offers maximum throughput (faster) and also energy efficient. Compressed image would be encrypted to enhance the image security. Real image will be hidden into another image. A cluster based steganographic technique will be used. Real image and face image would be analyzed, and the real image would be embedded in those areas of face image, where color schemes of the real image and face image would be most similar. Kmeans or Hierarchical clustering would be used as a clustering technique. An all new comparative analysis technique would be applied to make the comparison between real image and base image on the basis of color patterns.
Бесплатно
Статья научная
Wireless sensor network (WSN) efficiently sends and receives the data on the internet of things (IoT) environment. As a large-scale WSN's nodes are powered by batteries, it is essential to create an energy-efficient system to decrease energy consumption and increase the network's lifespan. The existing methods not present effectual cluster head (CH) selection and trust node computation. Therefore, dual-discriminator conditional generative adversarial network optimized with a hybrid Momentum search algorithm and Giza Pyramids Construction algorithm for Cluster Based Routing in WSN Assisted IoT is proposed in this manuscript, for securing data transmission by identifying the optimum CH in the network (DDcGAN-MSA-GPCA-CBR-WSN-IoT). Initially, the proposed method is acting routing process via cluster head. Therefore, Dual-Discriminator conditional Generative Adversarial Network (DDcGAN) is considered to select the CH depending on multi-objective fitness function. The multi-objective fitness function, such as energy, delay, throughput, distance among the nodes, cluster density, capacity, collision, traffic rate, and cluster density. Based on fitness function, CH is selected. After cluster head selection, a malicious node depends on three parameters: trust, delay, and distance. These three parameters are optimized by hyb MSA-GPCA for ideal trust path selection. The proposed DDcGAN-MSA-GPCA-WSN-IoT technique is activated in PYTHON and network simulator (NS2) tool. Its effectiveness is analyzed under performance metrics, such as number of alive nodes, dead nodes, delay, energy consumption, packet delivery ratio, a lifetime of sensor nodes, and total residual energy. The simulation outcomes display that the proposed method attains lower delay, higher packet delivery ratio and high network lifetime when comparing to the existing models.
Бесплатно
Dynamic Editing Distance-based Extracting Relevant Information Approach from Social Networks
Статья научная
Online social networks, such as Facebook, Twitter, LinkedIn, etc., have grown exponentially in recent times with a large amount of information. These social networks have huge volumes of data especially in structured, textual, and unstructured forms which have often led to cyber-crimes like cyber terrorism, cyber bullying, etc., and extracting information from these data has now become a serious challenge in order to ensure the data safety. In this work, we propose a new, supervised approach for Information Extraction (IE) from Web resources based on remote dynamic editing, called EIDED. Our approach is part of the family of IE approaches based on masks extraction and is articulated around three algorithms: (i) a labeling algorithm, (ii) a learning and inference algorithm, and (iii) an extended edit distance algorithm. Our proposed approach is able to work even in the presence of anomalies in the tuples such as missing attributes, multivalued attributes, permutation of attributes, and in the structure of web pages. The experimental study, which we conducted, on a standard database of web pages, shows the performance of our EIDED approach compared to approaches based on the classic edit distance, and this with respect to the standard metrics recall coefficient, precision, and F1-measure.
Бесплатно
Статья научная
Cloud computing has become buzzword today. It is a digital service where dynamically scalable and virtualized resources are provided as a service over internet. Task scheduling is premier research topic in cloud computing. It is always a challenging task to map variety of complex task on various available heterogenous resources in scalable and efficient way. The very objective of this paper is to dynamically optimize task scheduling at system level as well as user level. This paper relates benefit-fairness algorithm based on weighted-fair Queuing model which is much more efficient than simple priority queuing. In proposed algorithm, we have classified and grouped all tasks as deadline based and minimum cost based constraints and after dynamic optimization, priority of fairness is applied. Here different priority queue (high, mid, low) are implemented in round-robin fashion as per weights assign to them .We recompile the CloudSim and simulate the proposed algorithm and results of this algorithm is compared with sequential task scheduling and simple constraints (cost and deadline) based task scheduling algorithm. The experimental results indicates that proposed algorithm is, not only beneficial to user and service provider, but also provides better efficiency and fairness at priority level, i.e. benefit at system level.
Бесплатно
Статья научная
The rapid growth of wireless communication and its persistent use influences all walks of life. Mobile WiMAX IEEE 802.16e standard enabled convergence of mobile and fixed broadband networks through a common wide-area radio-access technology and flexible network architecture. It aims to provide seamless support to its users but an inevitable is that the long delay which occurs during the handoff management in every network process. This paper proposes a Dynamic Interval based Processing Algorithm to separate ping-pong users from the pool of users and to process them separately thus reducing the overhead of network re-entry process. Incoming users are divided into three categories like new user, old user and ping pong user. New user should undergo all the phases of network entry process, old user is provided with authentication key which leads to skipping of steps in generation of keys. Proposed algorithm deals with identifying the ping pong users by calculating the inter arrival duration and rate with same base station. When assured authenticated ping-pong users enter the network next time within the allotted time they will be provided with last used Traffic Encryption Key (TEK) thus bypassing key generation phase . It is observed that the proposed work performs the authentication phase and cancels the key generation phase which leads to minimum network entry delay and it saves to the maximum of 80% processing time. The network model was developed using Network Simulator and the algorithm was implemented in MATLAB GUIDE which gets connected to the database developed in MYSQL.This approach is justified through its timing analysis result which proves the efficient swift in the handoff processes.
Бесплатно
Dynamic Model on the Transmission of Malicious Codes in Network
Статья научная
This paper introduces differential susceptible e-epidemic model S_i IR (susceptible class-1 for virus (S1) - susceptible class-2 for worms (S2) -susceptible class-3 for Trojan horse (S3) – infectious (I) – recovered (R)) for the transmission of malicious codes in a computer network. We derive the formula for reproduction number (R0) to study the spread of malicious codes in computer network. We show that the Infectious free equilibrium is globally asymptotically stable and endemic equilibrium is locally asymptotically sable when reproduction number is less than one. Also an analysis has been made on the effect of antivirus software in the infectious nodes. Numerical methods are employed to solve and simulate the system of equations developed.
Бесплатно
Dynamic and Real-time Sleep Schedule Protocols for Energy Efficiency in WSNs
Статья научная
Wireless Sensor Networks are emerging technologies that are diverse on energy consumption from different aspects. In the task mode, energy consumption of sensor nodes is categorized in, data packet transmitting, data processing and idle mode. Fundamentally, higher power is required and utilized at the time of data trans-receive as comparing to idle mode. However, power consumption of sensor in idle mode is necessarily important. To conserve energy, the network must provide quality of service sleep schedule, and use a mechanism to turn off the radio receiver periodically in coordinating method. Moreover, through dynamically round task management of sensors, significant energy saving can be achieved. Based on tasks and sleep schedules, nodes can form their clusters. It is necessary for real-time wireless applications to cogitate data transmit at the actual and response time based on the queries or tasks. This paper proposes Dynamic Immediate Data Report (DIDR) for real-time communication to schedule sleep mode of sensors in the network. Furthermore, to minimize the network energy consumption, Dynamic Schedule Data Report (DSDR) method is proposed. This method shows its efficiency by reducing the active time of nodes in the network. The performance analysis of the proposed works, illustrate effectively more energy efficiency as compared to existing methods.
Бесплатно
ECCO Mnemonic Authentication—Two-Factor Authentication Method with Ease-of-Use
Статья научная
Not very long ago, organizations used to identify their customers by means of one-factor authentication mechanisms. In today's world, however, these mechanisms cannot overcome the new security threats at least when it comes to high risk situations. Hence, identity providers have introduced varieties of two-factor authentication mechanisms. It may be argued that users may experience difficulties at time of authentication in systems that use two-factor authentication mechanisms for example because they may be forced to carry extra devices to be authenticated more accurately. This is however the tradeoff between ease-of-use and having a secure system that may be decided by the users and not the security providers. In this paper we present a new two-factor authentication mechanism that secures systems and at the same time is easier to use. We have used mnemonic features and the cache concept to achieve ease-of-use and security, respectively. Also, we have tested our method with almost 6500 users in real world using The Mechanical Turk Developer Sandbox.
Бесплатно
Effect of Black Hole Attack on MANET Routing Protocols
Статья научная
Due to the massive existing vulnerabilities in mobile ad-hoc networks, they may be insecure against attacks by the malicious nodes. In this paper we have analyzed the effects of Black hole attack on mobile ad hoc routing protocols. Mainly two protocols AODV and Improved AODV have been considered. Simulation has been performed on the basis of performance parameters and effect has been analyzed after adding Black-hole nodes in the network. Finally the results have been computed and compared to stumble on which protocol is least affected by these attacks.
Бесплатно
Статья научная
This paper investigates the impact of propagation delay and channel loss due to the use of multiple LED arrays in visible light communication (VLC) systems based on filter bank multicarrier (FBMC) modulation. FBMC offers greater spectral efficiency, and asynchronous transmission and is a promising alternative scheme to orthogonal frequency division modulation (OFDM). The proposed FBMC model is based on 4-quadrature amplitude modulation (QAM) and 16-QAM formats and uses 100 symbols and 600 input bits per symbol. In this paper, the VLC-FBMC system is designed based on the line-of-sight (LOS) model under the additive white Gaussian noise (AWGN) channel. Comparison analyses between different bit rates in terms of bit error rate (BER), best sampling point, and signal-to-noise ratio (SNR) requirement have been carried out to show the delay and loss effect on communication quality and system performance. The results demonstrate that the proposed FBMC model achieves a bit rate of up to 29.296 Mbit/s with a low BER of 10-3 and less SNR penalty in high QAM formats, demonstrating its potential as a viable alternative to OFDM for future VLC systems.
Бесплатно
Effect of Maintenance on Computer Network Reliability
Статья научная
At the time of the new information technologies, computer networks are inescapable in any large organization, where they are organized so as to form powerful internal means of communication. In a context of dependability, the reliability parameter proves to be fundamental to evaluate the performances of such systems. In this paper, we study the reliability evaluation of a real computer network, through three reliability models. The computer network considered (set of PCs and server interconnected) is localized in a company established in the west of Algeria and dedicated to the production of ammonia and fertilizers. The result permits to compare between the three models to determine the most appropriate reliability model to the studied network, and thus, contribute to improving the quality of the network. In order to anticipate system failures as well as improve the reliability and availability of the latter, we must put in place a policy of adequate and effective maintenance based on a new model of the most common competing risks in maintenance, Alert-Delay model. At the end, dependability measures such as MTBF and reliability are calculated to assess the effectiveness of maintenance strategies and thus, validate the alert delay model.
Бесплатно
