Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1110
Ethical network surveillance using packet sniffing tools: a comparative study
Статья научная
Nowadays, with growing of computer's networks and Internet, the security of data, systems and applications is becoming a real challenge for network's developers and administrators. An intrusion detection system is the first and reliable technique in the network's security that is based gathering data from computer network. Further, the need for monitoring, auditing and analysis tools of data traffic is becoming an important factor to increase an overall system and network security by avoiding external attackers and monitoring abuse of the IT assets by employees in the workplace. The techniques that used for collecting and converting data to a readable format are called packet sniffing. Packet Sniffer is a tool that used to capture packets in binary format, converts that binary data into a readable data format and log of that captured data for analyzing and monitoring, displaying different used applications, clear-text user names, passwords, and other vulnerabilities. It is used by network administrator to keep the network is more secured, safe and to support better decision. There are many different sniffing tools for monitoring, analyzing, and reporting the network's traffic. In this paper we will compare between three different sniffing tools; TCPDump, Wireshark, and Colasoft according to various parameters such as their detection ability, filtering, availability, supported operating system, open source, GUI, their characteristics and features, qualitative and quantitative parameters. In addition, this paper may be considered as an insight for the new researchers to guide them to an overview, essentials, and understanding of the packet sniffing techniques and their working.
Бесплатно
Статья научная
This paper presents a methodology for providing high availability to the demands of cloud's clients. To attain this objective, failover stratagems for cloud computing using integrated checkpointing algorithms are purposed in this paper. Purposed strategy integrate checkpointing feature with load balancing algorithms and also make multilevel checkpoint to decrease checkpointing overheads. For implementation of purposed failover strategies, a cloud simulation environment is developed, which has the ability to provide high availability to clients in case of failure/recovery of service nodes. \The primary objective of this research work is to improve the checkpoint efficiency and prevent checkpointing from becoming the bottleneck of cloud data centers. In order to find an efficient checkpoint interval, checkpointing overheads has also considered in this paper. By varying rerun time of checkpoints comparison tables are made which can be used to find optimal checkpoint interval. The purposed failover strategy will work on application layer and provide highly availability for Platform as a Service (PaaS) feature of cloud computing.
Бесплатно
Evaluation of GAN-based Models for Phishing URL Classifiers
Статья
Phishing attacks by malicious URL/web links are common nowadays. The user data, such as login credentials and credit card numbers can be stolen by their careless clicking on these links. Moreover, this can lead to installation of malware on the target systems to freeze their activities, perform ransomware attack or reveal sensitive information. Recently, GAN-based models have been attractive for anti-phishing URLs. The general motivation is using Generator network (G) to generate fake URL strings and Discriminator network (D) to distinguish the real and the fake URL samples. This is operated in adversarial way between G and D so that the synthesized URL samples by G become more and more similar to the real ones. From the perspective of cybersecurity defense, GAN-based motivation can be exploited for D as a phishing URL detector or classifier. This means after training GAN on both malign and benign URL strings, a strong classifier/detector D can be achieved. From the perspective of cyberattack, the attackers would like to to create fake URLs that are as close to the real ones as possible to perform phishing attacks. This makes them easier to fool users and detectors. In the related proposals, GAN-based models are mainly exploited for anti-phishing URLs. There have been no evaluations specific for GAN-generated fake URLs. The attacker can make use of these URL strings for phishing attacks. In this work, we propose to use TLD (Top-level Domain) and SSIM (Structural Similarity Index Score) scores for evaluation the GAN-synthesized URL strings in terms of the structural similariy with the real ones. The more similar in the structure of the GAN-generated URLs are to the real ones, the more likely they are to fool the classifiers. Different GAN models from basic GAN to others GAN extensions of DCGAN, WGAN, SEQGAN are explored in this work. We show from the intensive experiments that D classifier of basic GAN and DCGAN surpasses other GAN models of WGAN and SegGAN. The effectiveness of the fake URL patterns generated from SeqGAN is the best compared to other GAN models in both structural similarity and the ability in deceiving the phishing URL classifiers of LSTM (Long Short Term Memory) and RF (Random Forest).
Бесплатно
Evaluation of IP Multimedia Subsystem based Mobile Mass Examination System
Статья научная
This research is carried out to develop IP Multimedia Subsystem (IMS) based Mobile Mass Examination (MoMEx) System. MoMEx system is intended to improve on management of examination process for large number of examinees. IMS based application is considered to be the next generation mobile applications that enable developers to take advantage of mobile networks resources. IMS-based application is attributed with robustness and improved Quality of Experience (OoE) for mobile users. Such quality is needed to ensure users reliabilities on the system. In This paper, we cover the analysis and design phase of MoMEx system. We have designed set of questionnaires aimed to gathering insights how much the concept of mobile exam and assessment will be accepted among the students and faculty members. Based on the results obtained, we concluded the functional requirements of MoMEx system prior to implementation phase.
Бесплатно
Статья научная
In this paper, we have evaluated the performance of flooding and probabilistic flooding broadcast methods in a VANET using real city map. A comparative analysis between the performance of these methods with varying traffic density and nodes speed has been conducted. Here, we have considered real city maps extracted from US census TIGER database. Node movements are generated using Intelligent Driving Model for lane Changing (IDM_LC) through VanetMobiSim mobility generator. A different probability for message dissemination is considered for the probabilistic broadcast method to investigate an appropriate probability value that may give best results. Different node densities, Sparse, Intermediate and Dense are considered. The results obtained show that in dense traffic scenario probabilistic flooding method achieves maximum packet delivery ratio for a specific value of p (i.e. 0.1). In sparsely populated network, the PDR is low as compared to other traffic conditions. In a sparse traffic density both the method perform better at high node mobility. But in intermediate and dense traffic scenario performance of both the methods is better in low node mobility.
Бесплатно
Статья научная
In Mobile Ad-hoc Network (MANET), portable devices like smartphones, or laptop PC can join together to make provisional networks without any infrastructure The objective of multicast or unicast protocols is to ensure an efficient route formation and flow control mechanism which is a very challenging issue for many group computing services in MANETs. MANETs can support several real-time applications like emergency rescue, and disaster relief operations which require minimum Quality of Service (QoS) to handle high traffic. Providing QoS for multimedia and group-oriented computing in MANETs becomes a real challenge due to the wireless medium and the mobility of operating nodes. Therefore, an investigation of routing protocols for one-to-many or many-to-many computing is important that supports acceptable QoS in MANETs. Numerous QoS metrics have been considered for the assessment like packet delivery ratio, latency, packet loss rate, control overhead, and throughput. By considering different network topologies and scenarios with different performance parameters, the primary goal of this study is to explore the challenges and factors for QoS services in MANET’s multicast communication. The outcomes of investigation can be used to design the future MANET protocol for multimedia applications. The performance results indicate that the increasing number of sending/receiving nodes may increase the overhead or latency of the network but capable of providing higher network throughput, carried out in NS-2. The results also indicate although MANETs can induce errors and packets are lost as part of the normal operating context, multicast AODV practice superior to the unicast protocol to various QoS in a wide range of scenarios with less overhead.
Бесплатно
Evaluation of QoS Support of AODV and its Multicast Extension for Multimedia over MANETs
Статья научная
Mobile ad hoc networks (MANETs) have become the prominent set of wireless ad hoc networks with their distinctive characteristics, and ranging several fields of applications. In these networks, the nodes are mobile devices, changing their positions with time, resulting in dynamic topologies of the network. These dynamic environments make the routing of data packets from the source to the destination through multi hoping a difficult task. With the growing popularity of sophisticated mobile devices, the demand for multimedia traffic in such networks is also increasing. Henceforth, to ensure the quality of service (QoS) for multimedia traffic over MANETs has turn into further challenging. This paper focuses on the assessment of built-in QoS support of Ad hoc On-demand Distance Vector (AODV), and its multicast extension MAODV for multimedia traffic (a combination of audio and video) over the mobile ad hoc environment. The work is carried out to measure the achievable QoS metrics like packet delivery ratio, latency, and jitter.
Бесплатно
Evaluation of Quality for Semi-Structured Database System
Статья научная
The quality evaluation of transactional calculus for semi-structured database system develops metrics for data quality. A conceptual data model of higher quality leads to a higher quality information system. Quality of a data model may affect with effectiveness i.e. the quality of results and the efficiency like time, effort etc. of development of information system. Hence, boosting up the data model quality is also prone to improve quality of delivered system. An array of metrics for quality has been proposed for the semi-structured data model with proper blend of metrics framework suitable for transactional calculus for data model of semi-structured. This paper proposes a framework for quality evaluation of transactional calculus for semi-structured database system using TCSS X-Query. In the proposed quality evaluation, the viewpoint has been described using a set of proposed quality measurements. Each of these quality measurements is linked with set of related metrics. The framework comprised of direct and indirect metrics for the purpose of quality evaluation. The framework facilities a double-fold view point using a set of quality measurement. In quality evaluation two viewpoint quality dimensions are focused: like designer level viewpoint and user level viewpoint. The proposed metrics set and measurements have been validated empirically. The purpose of empirical validation is to establish the metrics are practically useful for the assessment of quality measurements and operability factor.
Бесплатно
Evaluation of Routing Performance using OSPF and Multi-Controller Based Network Architecture
Статья научная
Newer mobile applications are increasingly being defined using Internet Protocol, resulting in increased use of Internet Protocol and subsequent upsurge of smartphones. However, many communication service provider core networks continue to use classical routing protocols and single controller-based networks if deployed. Controller-based networks built on the foundation of software-defined networks include centralization and separation of control plane and data plane, which can address the challenges experienced with the classical routing protocols. When single controllers are used, they tend to get overloaded with traffic. The ability to use multi-controller-based network architecture to improve quality of service in the mobile IP core network is still an open issue. This paper presents a performance evaluation of multi-controller-based network architecture, running OpenFlow and Open Shortest Path First protocol. The long-term evolution simulated network architecture is created using well-known network simulator Objective Modular Network Testbed running OpenFlow and simuLTE add-on. We test and analyze data traffic for Packet data ratio and Jitter and their associated effects on a multi-controller-based network running OpenFlow versus OSPF on a mobile core network. The experiment created two topologies; multi controller-based and Open Shortest path first network. Video and ping traffic is tested by the generation of traffic from User Equipment to the network-based server in the data center and back, and traffic metrics recorded on an inbuilt integrated development environment. The simulation setup consisted of an OpenFlow controller, HyperFlow algorithm, OpenFlow switches, and Open Shortest Path First routers. The multi-controller-based network improved Jitter by 10 ms. The Open Shortest Path first showed packet data ratio values of 89% gain while the controller-based network registered a value of 86%. A standard deviation test revealed 0.7%, which shows that the difference is not significant when testing for Packet data ratio. We provided insight into the performance of multi-controller-based architecture and Open Shortest Path First protocol in the communication service provider's core network.
Бесплатно
Evaluation of Secure Cloud Transmission Protocol
Статья научная
Authentication, Authorization, integrity, availability and confidentiality are important aspects in cloud computing services. Cloud services market demands can be increased by enhancing the authentication, data confidentiality and customer trust. To achieve strong authentication, security and to earn customer trust, we had proposed and published secure cloud transmission protocol (SecCTP) which describes SecCTP techniques in detail. In this paper, we evaluated the SecCTP and presented the GUI implementation. We discuss the applicability, usefulness and advantages of SecCTP techniques i.e. multi-dimensional password generation and multi-level authentication in comparison with existing cloud authentication and confidentiality techniques. We describe how SecCTP improves the identity, access management, integrity and confidentiality in existing cloud service access. We evaluated SecCTP resistance in multiple attacks.
Бесплатно
Статья научная
Underwater communication is one of the important research areas which involves design and development of communication systems that can demonstrate high data rate and low Bit Error Rate (BER). In this work three different modulation schemes are compared for their performances in terms of BER and Peak to Average Power Ratio (PAPR). The realistic channel model called WATERMARK is used as a benchmark to evaluate channel performances. The mathematical model is developed in MATLAB and channel environments such as Norway Oslo fjord (NOF1), Norway Continental Shelf (NCS1), Brest Commercial Harbour (BCH1), Kauai (KAU1, KAU2) are considered for modelling different underwater channels. The data symbols are modulated using Dual Tree Complex Wavelet Transform (DTCWT) Orthogonal Frequency Division Multiplexing (OFDM) model to generate multi subcarriers and are demodulated at the receiver considering underwater channel environments. The BER results are evaluated for channel depth less than 10m and 10-50m. An improvement of 2x10-2 in terms of BER is observed when compared with Fast Fourier Transform (FFT) based OFDM model.
Бесплатно
Статья научная
The current communication requirements are moving quickly to mobile ad-hoc networks, mainly because of the decreasing cost of wireless networking technology and the increasing capacity to integrate into embedded devices technologies such as WiFi, ZigBee, Bluetooth, and WAVE. It is important to understand the limitation or the strength of each protocol and standard in order to make a better selection decision at the moment of implementing a specific scenario. This paper evaluates how routing protocols perform in mobile scenarios when the speed of nodes is relatively high. Our research shows that reactive routing protocols have a better packet delivery ratio (PDR) than proactive routing protocols. However, proactive routing protocols have a smaller end-to-end delay and hops count.
Бесплатно
Статья научная
Millions of citizens around the world have already acquired their new electronic passport. The e-passport is equipped with contactless chip which stores personal data of the passport holder, information about the passport and the issuing institution, as well as with a multiple biometrics enabling cryptographic functionality. Countries are required to build a Public Key Infrastructure, biometric and Radio Frequency Identification to support various cryptographic, as this is considered the basic tools to prove the authenticity and integrity of the Machine Readable Travel Documents. The large-scale worldwide PKI is construction, by means of bilateral trust relationships between Countries. Investigate the good practices, which are essential for the establishment of a global identification scheme based on e-passports. The paper explores the privacy and security implications of this impending worldwide experiment in biometrics authentication technology.
Бесплатно
Experimental Analysis of OLSR and DSDV Protocols on NS-2.35 in Mobile Ad-Hoc Networks
Статья научная
Mobile ad-hoc networks are autonomous networks of intelligent mobile nodes. Designing an efficient routing protocol with goal efficient route establishment is still a burning research issue. Routing protocols are broadly classified into proactive and reactive protocols on the basis of their nature of working. In this paper, we present comparative simulation analysis of two proactive protocols namely, Optimized Link State Routing (OLSR) and Destination-Sequenced Distance Vector (DSDV). Simulations have been carried out multiple times using Network Simulator-2.35 (NS-2.35), on random scenario patterns and compared in two environments (OLSR and DSDV) by varying the network size and mobility of nodes. We have patched and installed OLSR protocol on NS-2.35 as it's not available as a part of NS-2.35 installation. The simulation results indicate that, OLSR perform better than DSDV protocol for application oriented metrices such as packet delivery fraction, packet loss and end-to-end delay. But, Routing Overheads is significantly consistently higher for OLSR protocol in all the cases considered, which is proven experimentally. Furthermore, based upon the simulation results, work can be done in the direction of improving the performance of the OLSR protocol to make it a choice of proactive protocol for large and denser network.
Бесплатно
Exploiting SIMD Instructions in Modern Microprocessors to Optimize the Performance of Stream Ciphers
Статья научная
Modern microprocessors are loaded with a lot of performance optimization features. Single Instruction Multiple Data (SIMD) instruction set feature specially designed for improving the performance of multimedia applications is one among them. But most of the encryption algorithms do not use these features to its fullest. This paper discusses various optimization principles to be followed by encryption algorithm designers to exploit the features of underlying processor to the maximum. It also analyses the performance of four eSTREAM finalist stream ciphers – HC-128, Rabbit, Salsa 20/12 and Sosemanuk – under various methods of implementation. Scope of implementing these stream ciphers using SIMD instructions is examined and improvement in performance achieved by this implementation has been measured. Modifications in the algorithm which provide further improvement in performance of these ciphers are also studied.
Бесплатно
Exponential Brute-Force Complexity of A Permutation Based Stream Cipher
Статья научная
This paper introduces a permutation generation mechanism based on a shared secret key. The generated permutation vectors are used as encryption keys in a stream ciphering cryptosystem. We investigated various types of attacks on the known stream cipher RC4 and patched most of its loopholes, especially biased-byte and state-related attacks. Unique to our approach, we prove mathematically that the complexity of brute-forcing such a system is (2n), where n is the key size in bytes. This paper also presents a complete security model using permutation-based encryption, in order to handle privacy. In addition, our approach achieved higher performance than that of existing peer techniques, while maintaining solid security. Experimental results show that our system is much faster than the existing security mechanisms, such as AES and DES.
Бесплатно
Extended DragonDeBrujin Topology Synthesis Method
Статья научная
Scaling high performance computer systems needs increasing the fault tolerance at the design stage of a topology. There are several approaches of designing simple fast routing with fault tolerance. One of effective approach is to ensure fault tolerance at the topology level. This article discusses two methods for optimizing topologies synthesized using Dragonfly and Excess De Brujin. Methods of topology saturation are discusses, which allow to increase the dimension of the system without deterioration of topological characteristics due to the optimization of the synthesis method. Three scaling constraint methods are also proposed to reduce the topology dimension to the desired performance.
Бесплатно
Extended K-Anonymity Model for Privacy Preserving on Micro Data
Статья научная
Today, information collectors, particularly statistical organizations, are faced with two conflicting issues. On one hand, according to their natural responsibilities and the increasing demand for the collected data, they are committed to propagate the information more extensively and with higher quality and on the other hand, due to the public concern about the privacy of personal information and the legal responsibility of these organizations in protecting the private information of their users, they should guarantee that while providing all the information to the population, the privacy is reasonably preserved. This issue becomes more crucial when the datasets published by data mining methods are at risk of attribute and identity disclosure attacks. In order to overcome this problem, several approaches, called p-sensitive k-anonymity, p+-sensitive k-anonymity, and (p, α)-sensitive k-anonymity, were proposed. The drawbacks of these methods include the inability to protect micro datasets against attribute disclosure and the high value of the distortion ratio. In order to eliminate these drawbacks, this paper proposes an algorithm that fully protects the propagated micro data against identity and attribute disclosure and significantly reduces the distortion ratio during the anonymity process.
Бесплатно
Статья научная
Wireless links are characterized by high error rates and intermittent connectivity. TCP congestion control has been developed on the assumption that network congestion is the only cause for packet loss. Upon detecting a packet loss, TCP drops its transmit window resulting in an unnecessary reduction of end-to-end throughput which results in suboptimal performance.The sender has to be made aware by some feedback mechanism that some of the losses reported are not due to congestion. The Active Queue Management algorithms (AQM) are used to reduce congestion, and in this paper, we have analysed four AQM algorithms, Random Early Deduction (RED), Wireless Explicit Congestion Notification (WECN), Queue Management Backward Congestion Control Algorithm (QMBCCA) and its enhanced version Extended Queue Management Backward Congestion Control Algorithm (EQMBCCA). WECN, QMBCCA & EQMBCCA algorithms make use of feedback mechanisms. WECN gives feedback using the CE bit. QMBCCA and EQMBCCA make use of ISQ notifications and also the CE bit whenever the average queue size crosses minimum threshold value. EQMBCCA reduces the reverse ISQ traffic by introducing a configurable intermediate threshold value IntThres. The comparison is made in terms of Delay, HTTP packet loss percentage and fairness for FTP flows in a wireless environment. It is found that the performance of EQMBCCA is almost equal to that of QMBCCA and better than RED and WECN.
Бесплатно
Extending the WSN lifetime by Dividing the Network Area into a Specific Zones
Статья научная
LEACH protocol is considered the best in the WSN protocols in extending the network lifetime and reduces energy loss, but LEACH suffers from the problem of the correct distribution of the nodes correlation with CHs. In this paper, we propose an improved protocol called LEACH-Z(LEACH zones), this protocol improves the distribution of clusters by making the clusters near the base station(BS) large(greater number of nodes) and the clusters are far from BS small(lesser number of nodes), where divides the network area to parts(zones), be part of a larger when close to the BS in addition to preventing the election of CHs in the region far from the BS and thus conserve energy this means that the nodes will remain alive as long as possible, this makes nodes gather more information. The results proved that the LEACH-Z is better than the original LEACH and more optimizations to reduce energy consumption.
Бесплатно
