International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1130
Enhancing the Security in Cryptosystems Based on Magic Rectangle
Статья научная
The security of any cryptosystems is based on the way in which it produces different ciphertext for the same plaintext. Normally, various block cipher modes viz., CBC, OFC, etc., are used in producing different ciphertext for the same plaintext but it is a time consuming process. Instead of using block cipher, a different encoding method for the plaintext is proposed in this paper using magic rectangle. The advantage of using the encoding scheme is different numerals is used in encoding each characters of a plaintext. Thus instead of considering the ASCII encoding for a character to be encrypted, the numeral which occurs at the position which corresponds to the ASCII value of the character is taken from the magic rectangle. Further, different numerals from magic rectangles for the same character are produced by considering the magic sum, starting number and template of magic rectangle. Once the magic rectangles are created, the numerals which occur in the magic rectangles are considered for the encoding of the plaintext character which is then used for encryption in the cryptosystems like RSA, ElGamal. The proposed work provides an additional layer of security to any public key cryptosystems. As this model is acting as a wrapper to any public key cryptosystems, it ensures enhanced security. The proposed methodology is implemented with different processors 1, 2, 4, 8 and 16 in a simulated environment using Maui scheduler which employs back filling philosophy.
Бесплатно
Ensem_SLDR: Classification of Cybercrime using Ensemble Learning Technique
Статья научная
With the advancement of technology, cybercrimes are surging at an alarming rate as miscreants pour into the world's modern reliance on the virtual platform. Due to the accumulation of an enormous quantity of cybercrime data, there is huge potential to analyze and segregate the data with the help of Machine Learning. The focus of this research is to construct a model, Ensem_SLDR which can predict the relevant sections of IT Act 2000 from the compliant text/subjects with the aid of Natural Language Processing, Machine Learning, and Ensemble Learning methods. The objective of this paper is to implement a robust technique to categorize cybercrime into two sections, 66 and 67 of IT Act 2000 with high precision using ensemble learning technique. In the proposed methodology, Bag of Words approach is applied for performing feature engineering where these features are given as input to the hybrid model Ensem_SLDR. The proposed model is implemented with the help of model stacking, comprising Support Vector Machine (SVM), Logistic Regression, Decision Tree, and Random Forest and gave better performance by having 96.55 % accuracy, which is higher and reliable than the past models implemented using a single learning algorithm and some of the existing hybrid models. Ensemble learning techniques enhance model performance and robustness. This research is beneficial for cyber-crime cells in India, which have a repository of detailed information on cybercrime including complaints and investigations. Hence, there is a need for model and automation systems empowered by artificial intelligence technologies for the analysis of cybercrime and their classification of its sections.
Бесплатно
Ensemble Learning Approach for Classification of Network Intrusion Detection in IoT Environment
Статья научная
Over the last two years,the number of cyberattacks has grown significantly, paralleling the emergence of new attack types as intruder’s skill sets have improved. It is possible to attack other devices on a botnet and launch a man-in-the-middle attack with an IOT device that is present in the home network. As time passes, an ever-increasing number of devices are added to a network. Such devices will be destroyed completely if one or both of them are disconnected from a network. Detection of intrusions in a network becomes more difficult because of this. In most cases, manual detection and intervention is ineffective or impossible. Consequently, it's vital that numerous types of network threats can be better identified with less computational complexity and time spent on processing. Numerous studies have already taken place, and specific attacks are being examined. In order to quickly detect an attack, an IDS uses a well-trained classification model. In this study, multi-layer perceptron classifier along with random forest is used to examine the accuracy, precision, recall and f-score of IDS. IoT environment-based intrusion related benchmark datasets UNSWNB-15 and N_BaIoT are utilized in the experiment. Both of these datasets are relatively newer than other datasets, which represents the latest attack. Additionally, ensembles of different tree sizes and grid search algorithms are employed to determine the best classifier learning parameters. The research experiment's outcomes demonstrate the effectiveness of the IDS model using random forest over the multi-layer perceptron neural network model since it outperforms comparable ensembles analyzed in the literature in terms of K-fold cross validation techniques.
Бесплатно
Ensemble feature selection and classification of internet traffic using XGBoost classifier
Статья научная
Identification and classification of internet traffic is most important in network management to ensure Quality of Service (QoS). However, existing machine learning models tend to produce unsatisfactory results when applied with imbalanced datasets involving multiple classes. There are two reasons for this: the models have a bias towards classes which have more samples and they also tend to predict only the majority class data as features of the minority class are often treated as noise and therefore ignored. Thus, there is a high probability of misclassification of the minority class compared with the majority class. Therefore, in this paper, we are proposing an ensemble feature selection based on the tree approach and ensemble classification model using XGboost to enhance the performance of classification. The proposed model achieves better classification accuracy compared to other tree based classifiers.
Бесплатно
Статья научная
This paper illustrates the problem in the Active-Active Data Centers of an organization, where response traffic from the destination server is dropped by the firewall because the initial traffic from the client departs from another firewall in different Data Center (asymmetric traffic). This problem can be solved by two proposed solutions, namely the implementation of the BGP Community attributes and OSPF over GRE tunnel. The case study also compares both proposed solutions in terms of recovery time, packet loss, ICMP response time and TCP three-way handshake time for HTTP connection.
Бесплатно
Error Detection & Correction in Wireless Sensor Networks By Using Residue Number Systems
Статья научная
Wireless Sensor Networks have potential of significantly enhancing our ability to monitor and interact with our physical environment. Realizing a fault tolerant operation is critical to the success of WSNs. The integrity of data has tremendous effects on performance of any data acquisition system. Noise and other disturbances can often degrade the information or data acquired from these systems. Devising a fault-tolerant mechanism in wireless sensor networks is very important due to the construction and deployment characteristics of these low powered sensing devices. Moreover, due to the low computation and communication capabilities of the sensor nodes, the fault-tolerant mechanism should have a very low computation overhead. In this paper we focus our work on low complexity error detection technique which can be implemented with low data redundancy and efficient energy consuming in wireless sensor node by using of Residue Number Systems.
Бесплатно
Error prone transmission system to resist data loss in a wireless sensor network
Статья научная
Data losses in wireless sensor network (WSN) commonly occur due to diverse transmission errors such as hardware or software limitations, channel congestion, network coverage constraint and transmission delay. Another important cause for data loss is distinct security attacks caused by illegal interferences of illicit third parties. Apart from that data loss may occur due to some unforeseen causes too. A number of efforts have been made in WSN to control such types of data loss during the transmission process individually or along with various combinations. However, none of them are capable of addressing each of the mentioned cause of data loss in WSN environment. Henceforth, we have proposed an error resistant technique for WSN to address all of the mentioned causes for data loss. The proposed technique also offers a backup system for the accidental data losses. The experimental results shows that the proposed technique offers minimum data loss during the communication process by offering higher Signal to Noise Ratio (SNR) and low Information Loss compared to the other existing error control techniques. The time efficiency can also be justified by its high Throughput and complexity can be verified by measuring Cyclomatic Complexity.
Бесплатно
Establishing Inter Vehicle Wireless Communication in Vanet and Preventing It from Hackers
Статья научная
The entire humanity needs a vehicle to travel from one place to another. Obviously a new model vehicle is manufactured by the manufacturing companies to attract its customers every day. All the manufactured vehicles have different advantages, when compared with one another. In this case, we introduce another added advantage to the vehicle is establishing inter vehicle wireless communication in VANET and preventing it from the hackers. This type of inter vehicle wireless communication among vehicles that are moving faster on the road will lead safety and increase Quality of Service (QoS) to the passengers. The proposed wireless inter vehicle communication will allow vehicles to inter change messages from one vehicle to another vehicle with the help of network communication and prevents the communication from the hackers.
Бесплатно
Estimating the Video Registration Using Image Motions
Статья научная
In this research, we consider the problems of registering multiple video sequences dynamic scenes which are not limited non rigid objects such as fireworks, blasting, high speed car moving taken from different vantage points. In this paper we propose a simple algorithm we can create different frames on particular videos moving for matching such complex scenes. Our algorithm does not require the cameras to be synchronized, and is not based on frame-by-frame or volume-by-volume registration. Instead, we model each video as the output of a linear dynamical system and transform the task of registering the video sequences to that of registering the parameters of the corresponding dynamical models. In this paper we use of a joint frame together to form distinct frame concurrently. The joint identification and the Jordan canonical form are not only applicable to the case of registering video sequences, but also to the entire genre of algorithms based on the dynamic texture model. We have also shown that out of all the possible choices for the method of identification and canonical form, the JID using JCF performs the best.
Бесплатно
Estimating the sample size for training intrusion detection systems
Статья научная
Intrusion detection systems (IDS) are gaining attention as network technologies are vastly growing. Most of the research in this field focuses on improving the performance of these systems through various feature selection techniques along with using ensembles of classifiers. An orthogonal problem is to estimate the proper sample sizes to train those classifiers. While this problem has been considered in other disciplines, mainly medical and biological, to study the relation between the sample size and the classifiers accuracy, it has not received a similar attention in the context of intrusion detection as far as we know. In this paper we focus on systems based on Na?ve Bayes classifiers and investigate the effect of the training sample size on the classification performance for the imbalanced NSL-KDD intrusion dataset. In order to estimate the appropriate sample size required to achieve a required classification performance, we constructed the learning curve of the classifier for individual classes in the dataset. For this construction we performed nonlinear least squares curve fitting using two different power law models. Results showed that while the shifted power law outperforms the power law model in terms of fitting performance, it exhibited a poor prediction performance. The power law, on the other hand, showed a significantly better prediction performance for larger sample sizes.
Бесплатно
Ethical network surveillance using packet sniffing tools: a comparative study
Статья научная
Nowadays, with growing of computer's networks and Internet, the security of data, systems and applications is becoming a real challenge for network's developers and administrators. An intrusion detection system is the first and reliable technique in the network's security that is based gathering data from computer network. Further, the need for monitoring, auditing and analysis tools of data traffic is becoming an important factor to increase an overall system and network security by avoiding external attackers and monitoring abuse of the IT assets by employees in the workplace. The techniques that used for collecting and converting data to a readable format are called packet sniffing. Packet Sniffer is a tool that used to capture packets in binary format, converts that binary data into a readable data format and log of that captured data for analyzing and monitoring, displaying different used applications, clear-text user names, passwords, and other vulnerabilities. It is used by network administrator to keep the network is more secured, safe and to support better decision. There are many different sniffing tools for monitoring, analyzing, and reporting the network's traffic. In this paper we will compare between three different sniffing tools; TCPDump, Wireshark, and Colasoft according to various parameters such as their detection ability, filtering, availability, supported operating system, open source, GUI, their characteristics and features, qualitative and quantitative parameters. In addition, this paper may be considered as an insight for the new researchers to guide them to an overview, essentials, and understanding of the packet sniffing techniques and their working.
Бесплатно
Статья научная
This paper presents a methodology for providing high availability to the demands of cloud's clients. To attain this objective, failover stratagems for cloud computing using integrated checkpointing algorithms are purposed in this paper. Purposed strategy integrate checkpointing feature with load balancing algorithms and also make multilevel checkpoint to decrease checkpointing overheads. For implementation of purposed failover strategies, a cloud simulation environment is developed, which has the ability to provide high availability to clients in case of failure/recovery of service nodes. \The primary objective of this research work is to improve the checkpoint efficiency and prevent checkpointing from becoming the bottleneck of cloud data centers. In order to find an efficient checkpoint interval, checkpointing overheads has also considered in this paper. By varying rerun time of checkpoints comparison tables are made which can be used to find optimal checkpoint interval. The purposed failover strategy will work on application layer and provide highly availability for Platform as a Service (PaaS) feature of cloud computing.
Бесплатно
Evaluation of GAN-based Models for Phishing URL Classifiers
Статья
Phishing attacks by malicious URL/web links are common nowadays. The user data, such as login credentials and credit card numbers can be stolen by their careless clicking on these links. Moreover, this can lead to installation of malware on the target systems to freeze their activities, perform ransomware attack or reveal sensitive information. Recently, GAN-based models have been attractive for anti-phishing URLs. The general motivation is using Generator network (G) to generate fake URL strings and Discriminator network (D) to distinguish the real and the fake URL samples. This is operated in adversarial way between G and D so that the synthesized URL samples by G become more and more similar to the real ones. From the perspective of cybersecurity defense, GAN-based motivation can be exploited for D as a phishing URL detector or classifier. This means after training GAN on both malign and benign URL strings, a strong classifier/detector D can be achieved. From the perspective of cyberattack, the attackers would like to to create fake URLs that are as close to the real ones as possible to perform phishing attacks. This makes them easier to fool users and detectors. In the related proposals, GAN-based models are mainly exploited for anti-phishing URLs. There have been no evaluations specific for GAN-generated fake URLs. The attacker can make use of these URL strings for phishing attacks. In this work, we propose to use TLD (Top-level Domain) and SSIM (Structural Similarity Index Score) scores for evaluation the GAN-synthesized URL strings in terms of the structural similariy with the real ones. The more similar in the structure of the GAN-generated URLs are to the real ones, the more likely they are to fool the classifiers. Different GAN models from basic GAN to others GAN extensions of DCGAN, WGAN, SEQGAN are explored in this work. We show from the intensive experiments that D classifier of basic GAN and DCGAN surpasses other GAN models of WGAN and SegGAN. The effectiveness of the fake URL patterns generated from SeqGAN is the best compared to other GAN models in both structural similarity and the ability in deceiving the phishing URL classifiers of LSTM (Long Short Term Memory) and RF (Random Forest).
Бесплатно
Evaluation of IP Multimedia Subsystem based Mobile Mass Examination System
Статья научная
This research is carried out to develop IP Multimedia Subsystem (IMS) based Mobile Mass Examination (MoMEx) System. MoMEx system is intended to improve on management of examination process for large number of examinees. IMS based application is considered to be the next generation mobile applications that enable developers to take advantage of mobile networks resources. IMS-based application is attributed with robustness and improved Quality of Experience (OoE) for mobile users. Such quality is needed to ensure users reliabilities on the system. In This paper, we cover the analysis and design phase of MoMEx system. We have designed set of questionnaires aimed to gathering insights how much the concept of mobile exam and assessment will be accepted among the students and faculty members. Based on the results obtained, we concluded the functional requirements of MoMEx system prior to implementation phase.
Бесплатно
Статья научная
In this paper, we have evaluated the performance of flooding and probabilistic flooding broadcast methods in a VANET using real city map. A comparative analysis between the performance of these methods with varying traffic density and nodes speed has been conducted. Here, we have considered real city maps extracted from US census TIGER database. Node movements are generated using Intelligent Driving Model for lane Changing (IDM_LC) through VanetMobiSim mobility generator. A different probability for message dissemination is considered for the probabilistic broadcast method to investigate an appropriate probability value that may give best results. Different node densities, Sparse, Intermediate and Dense are considered. The results obtained show that in dense traffic scenario probabilistic flooding method achieves maximum packet delivery ratio for a specific value of p (i.e. 0.1). In sparsely populated network, the PDR is low as compared to other traffic conditions. In a sparse traffic density both the method perform better at high node mobility. But in intermediate and dense traffic scenario performance of both the methods is better in low node mobility.
Бесплатно
Статья научная
In Mobile Ad-hoc Network (MANET), portable devices like smartphones, or laptop PC can join together to make provisional networks without any infrastructure The objective of multicast or unicast protocols is to ensure an efficient route formation and flow control mechanism which is a very challenging issue for many group computing services in MANETs. MANETs can support several real-time applications like emergency rescue, and disaster relief operations which require minimum Quality of Service (QoS) to handle high traffic. Providing QoS for multimedia and group-oriented computing in MANETs becomes a real challenge due to the wireless medium and the mobility of operating nodes. Therefore, an investigation of routing protocols for one-to-many or many-to-many computing is important that supports acceptable QoS in MANETs. Numerous QoS metrics have been considered for the assessment like packet delivery ratio, latency, packet loss rate, control overhead, and throughput. By considering different network topologies and scenarios with different performance parameters, the primary goal of this study is to explore the challenges and factors for QoS services in MANET’s multicast communication. The outcomes of investigation can be used to design the future MANET protocol for multimedia applications. The performance results indicate that the increasing number of sending/receiving nodes may increase the overhead or latency of the network but capable of providing higher network throughput, carried out in NS-2. The results also indicate although MANETs can induce errors and packets are lost as part of the normal operating context, multicast AODV practice superior to the unicast protocol to various QoS in a wide range of scenarios with less overhead.
Бесплатно
Evaluation of QoS Support of AODV and its Multicast Extension for Multimedia over MANETs
Статья научная
Mobile ad hoc networks (MANETs) have become the prominent set of wireless ad hoc networks with their distinctive characteristics, and ranging several fields of applications. In these networks, the nodes are mobile devices, changing their positions with time, resulting in dynamic topologies of the network. These dynamic environments make the routing of data packets from the source to the destination through multi hoping a difficult task. With the growing popularity of sophisticated mobile devices, the demand for multimedia traffic in such networks is also increasing. Henceforth, to ensure the quality of service (QoS) for multimedia traffic over MANETs has turn into further challenging. This paper focuses on the assessment of built-in QoS support of Ad hoc On-demand Distance Vector (AODV), and its multicast extension MAODV for multimedia traffic (a combination of audio and video) over the mobile ad hoc environment. The work is carried out to measure the achievable QoS metrics like packet delivery ratio, latency, and jitter.
Бесплатно
Evaluation of Quality for Semi-Structured Database System
Статья научная
The quality evaluation of transactional calculus for semi-structured database system develops metrics for data quality. A conceptual data model of higher quality leads to a higher quality information system. Quality of a data model may affect with effectiveness i.e. the quality of results and the efficiency like time, effort etc. of development of information system. Hence, boosting up the data model quality is also prone to improve quality of delivered system. An array of metrics for quality has been proposed for the semi-structured data model with proper blend of metrics framework suitable for transactional calculus for data model of semi-structured. This paper proposes a framework for quality evaluation of transactional calculus for semi-structured database system using TCSS X-Query. In the proposed quality evaluation, the viewpoint has been described using a set of proposed quality measurements. Each of these quality measurements is linked with set of related metrics. The framework comprised of direct and indirect metrics for the purpose of quality evaluation. The framework facilities a double-fold view point using a set of quality measurement. In quality evaluation two viewpoint quality dimensions are focused: like designer level viewpoint and user level viewpoint. The proposed metrics set and measurements have been validated empirically. The purpose of empirical validation is to establish the metrics are practically useful for the assessment of quality measurements and operability factor.
Бесплатно
Evaluation of Routing Performance using OSPF and Multi-Controller Based Network Architecture
Статья научная
Newer mobile applications are increasingly being defined using Internet Protocol, resulting in increased use of Internet Protocol and subsequent upsurge of smartphones. However, many communication service provider core networks continue to use classical routing protocols and single controller-based networks if deployed. Controller-based networks built on the foundation of software-defined networks include centralization and separation of control plane and data plane, which can address the challenges experienced with the classical routing protocols. When single controllers are used, they tend to get overloaded with traffic. The ability to use multi-controller-based network architecture to improve quality of service in the mobile IP core network is still an open issue. This paper presents a performance evaluation of multi-controller-based network architecture, running OpenFlow and Open Shortest Path First protocol. The long-term evolution simulated network architecture is created using well-known network simulator Objective Modular Network Testbed running OpenFlow and simuLTE add-on. We test and analyze data traffic for Packet data ratio and Jitter and their associated effects on a multi-controller-based network running OpenFlow versus OSPF on a mobile core network. The experiment created two topologies; multi controller-based and Open Shortest path first network. Video and ping traffic is tested by the generation of traffic from User Equipment to the network-based server in the data center and back, and traffic metrics recorded on an inbuilt integrated development environment. The simulation setup consisted of an OpenFlow controller, HyperFlow algorithm, OpenFlow switches, and Open Shortest Path First routers. The multi-controller-based network improved Jitter by 10 ms. The Open Shortest Path first showed packet data ratio values of 89% gain while the controller-based network registered a value of 86%. A standard deviation test revealed 0.7%, which shows that the difference is not significant when testing for Packet data ratio. We provided insight into the performance of multi-controller-based architecture and Open Shortest Path First protocol in the communication service provider's core network.
Бесплатно
Evaluation of Secure Cloud Transmission Protocol
Статья научная
Authentication, Authorization, integrity, availability and confidentiality are important aspects in cloud computing services. Cloud services market demands can be increased by enhancing the authentication, data confidentiality and customer trust. To achieve strong authentication, security and to earn customer trust, we had proposed and published secure cloud transmission protocol (SecCTP) which describes SecCTP techniques in detail. In this paper, we evaluated the SecCTP and presented the GUI implementation. We discuss the applicability, usefulness and advantages of SecCTP techniques i.e. multi-dimensional password generation and multi-level authentication in comparison with existing cloud authentication and confidentiality techniques. We describe how SecCTP improves the identity, access management, integrity and confidentiality in existing cloud service access. We evaluated SecCTP resistance in multiple attacks.
Бесплатно
