Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1130
Статья научная
In 2009 Craig Gentry proved that Fully Homomorphic Encryption can be applied and realized in principle. Homomorphism allowed us to perform arbitrary computations and calculations on encrypted data. With RSA being the first cryptosystem to hold homomorphic properties, there came other additive and multiplicative cryptosystems. However, fully Homomorphic encryption proved to be the ultimate cryptographic solution to ensure security of data on cloud. It enables processing and computing arbitrary functions over the encrypted data thereby reducing the probability of accessing the plain text.
Бесплатно
Honeypot System for Attacks on SSH Protocol
Статья научная
Honeypots are effective network security systems built to study the tactics of attackers and their intents. In this paper, we deployed Kippo honeypot to analyze Secure Shell attacks. Both the dictionary attack and intrusion activities of attackers have been discussed. We collected usernames and passwords that are attempted by dictionary attack targeting Secure Shell service. We have traced the frequently attacking machines based on their IP addresses. We have also recorded the commands they executed after successful logins to the Secure Shell honeypot server. We logged vast amount of connection requests destined to number of ports originated from different locations of the world. From our honeypot system, we have collected attack data that enables us to learn common Secure Shell based attacks.
Бесплатно
Hybrid Cryptographic Approach for Data Security Using Elliptic Curve Cryptography for IoT
Статья научная
The Internet of Things (IoT) technology has changed the contemporary digital world. Devices connected to the IoT have sensors embedded within them. All these devices are purposely connected to share data among them through the Internet. Data sharing among IoT devices needs some security protocols to maintain the privacy and confidentiality of information. IoT devices have less computing power to perform various operations of a cryptographic process. So, there is a need of cryptographic approach to reduce the computational complexity for resource-constrained devices and provide data security. However, storing data over the cloud server also reduces storage overhead, but data transmission via the cloud is not always secure. Data integrity and authentication can be compromised because the end user can only access the data with the help of a cloud server. To ensure the security and integrity of the data, various cryptographic techniques are used. Therefore, in this paper, we propose a secure and optimized hybrid cryptographic scheme for the secure sharing of data by combining Advanced Encryption Standard (AES) and Elliptic Curve Cryptography (ECC). To ensure authentication and data integrity, the proposed scheme primarily uses the Message Authentication Code (MAC). The encrypted messages are stored on a cloud server to reduce storage overhead. The experimental findings demonstrate that the proposed scheme is effective and produces superior results as compared to existing approaches.
Бесплатно
Статья научная
Encryption along with compression is the process used to secure any multimedia content processing with minimum data storage and transmission. The transforms plays vital role for optimizing any encryption-compression systems. Earlier the original information in the existing security system based on the fractional Fourier transform (FRFT) is protected by only a certain order of FRFT. In this article, a novel method for encryption-compression scheme based on multiple parameters of discrete fractional Fourier transform (DFRFT) with random phase matrices is proposed. The multiple-parameter discrete fractional Fourier transform (MPDFRFT) possesses all the desired properties of discrete fractional Fourier transform. The MPDFRFT converts to the DFRFT when all of its order parameters are the same. We exploit the properties of multiple-parameter DFRFT and propose a novel encryption-compression scheme using the double random phase in the MPDFRFT domain for encryption and compression data. The proposed scheme with MPDFRFT significantly enhances the data security along with image quality of decompressed image compared to DFRFT and FRFT and it shows consistent performance with different images. The numerical simulations demonstrate the validity and efficiency of this scheme based on Peak signal to noise ratio (PSNR), Compression ratio (CR) and the robustness of the schemes against bruit force attack is examined.
Бесплатно
Статья научная
Wireless Sensor Networks (WSNs) are one of the most researched areas worldwide as the wide-scale networks possess low cost, are small in size, consume low power, and can be deployed in various environments. Among various applications of WSNs, target tracking is a highly demanding and broadly investigated application of wireless sensor networks. The parameter of accurate tracking is restricted because of the limited resources present in the wireless sensor networks, noise of the network, environmental factors, and faulty sensor nodes. Our work aims to enhance the accuracy of the tracking process as well as energy utilization by combing the mechanism of clustering with the prediction. Here, we present a hybrid energy-regulated constant gain Kalman filter-based target detection and tracking method, which is an algorithm to make the best use of energy and enhance precision in tracking. Our proposed algorithm is compared with the existing approaches where it is observed that the proposed technique possesses efficient energy utilization by decreasing the transference of unimportant data within the sensor network, achieving accurate results.
Бесплатно
Hybrid Intrusion Detection Using Ensemble of Classification Methods
Статья научная
One of the major developments in machine learning in the past decade is the ensemble method, which finds highly accurate classifier by combining many moderately accurate component classifiers. In this research work, new ensemble classification methods are proposed for homogeneous ensemble classifiers using bagging and heterogeneous ensemble classifiers using arcing classifier and their performances are analyzed in terms of accuracy. A Classifier ensemble is designed using Radial Basis Function (RBF) and Support Vector Machine (SVM) as base classifiers. The feasibility and the benefits of the proposed approaches are demonstrated by the means of real and benchmark data sets of intrusion detection. The main originality of the proposed approach is based on three main parts: preprocessing phase, classification phase and combining phase. A wide range of comparative experiments are conducted for real and benchmark data sets of intrusion detection. The accuracy of base classifiers is compared with homogeneous and heterogeneous models for data mining problem. The proposed ensemble methods provide significant improvement of accuracy compared to individual classifiers and also heterogeneous models exhibit better results than homogeneous models for real and benchmark data sets of intrusion detection.
Бесплатно
Hybrid KP-ABE algorithm with time bounded access control for cloud data security
Статья научная
Cloud computing presents a vast area for distributed computing where integrated data centres provide resources for immense and scalable distribution of confidential data. Conceptually, cloud applications being offered, information security and its confidentiality become a vital issue to the cloud. So, as to craft certain security of data at cloud data stowage a design and execution of an algorithmic rule to boost cloud security is planned. With an concept, where the planned algorithmic rule integrates option of three completely different existing algorithms and named RAD cryptography algorithm with most novel and attractive conception of Attribute based encryption (ABE) so as to manage, control access and file sharing management in cloud with its special attribute computing properties. During this analysis, a secure file sharing scheme supported attribute is given. In this Research, during this analysis, work data is encrypted using Hybrid attribute based algorithm i.e. RAD Algorithm which proves its proficiency and effectiveness with respect to security level. If any user wants to access the encrypted information where some authentication credentials also are created based on cipher-text, then it has to evidence itself by providing authentication credentials. Consequently, the planned algorithm offers enriched security along with it diminishes time complexity during encryption and decryption technique for data file.
Бесплатно
Hybrid Model for Location Privacy in Wireless Ad-Hoc Networks
Статья научная
In the today's fast growing world, use of internet is increasing popularly and at the same time Location-based services (LBS) are also getting more popular. LBS providers require user's current locations to answer their location-based queries. The primary objective of the present work is to develop a system which preserves the location privacy of the concerned individual. This objective is achieved by simulating locally cloak algorithm and globally cloak algorithm for Manhattan mobility model and Waypoint mobility model using NS-2.34 environment. In the experiments, to hide the user's current locations in rectangle [bounding box] according to users privacy need, obfuscation and k-anonymity strategies are used.
Бесплатно
Статья научная
Cloud computing is an emerging concept that makes better use of a large number of distributed resources. The most significant issue that affects the cloud computing environment is resource provisioning. Better performance in the shortest amount of time is an important goal in resource provisioning. Create the best solution for dynamically provisioning resources in the shortest time possible. This paper aims to perform resource provisioning with an optimal performance solution in the shortest time. Hybridization of two Meta-heuristics techniques, such as HSMOSA (Hybrid Spider Monkey Optimization with Simulated Annealing), is proposed in resource provisioning for cloud environment. Finds the global and local value using Spider Monkey Optimization's (SMO) social behavior and then utilizes Simulated Annealing (SA) to search around the global value in each iteration. As a result, the proposed approach aids in enhancing their chances of improving their position. The CloudSimPlus Simulator is used to test the proposed approach. The fitness value, execution time, throughput, mean, and standard deviation of the proposed method were calculated over various tasks and execution iterations. These performance metrics are compared with the PSO-SA algorithm. Simulation results validate the better working of the proposed HSMOSA algorithm with minimum time compared to the PSO-SA algorithm.
Бесплатно
Статья научная
Peer to peer networks have become one of the most popular networking methods because of their flexibility and many use cases such as file sharing and distributed computations. Unstructured overlay peer to peer networks are one of key components of peer to peer systems that are considerable because of their low cost in network construction and maintenance. One of the main challenges in unstructured peer to peer overlay networks is the topology mismatch between overlay network and the underlying physical infrastructure. The root of this challenge is lack of awareness about peers in the network infrastructure during connection to and disconnection from overlay network, in addition to the neighbor selection mechanism in the overlay network. Different types of awareness of network infrastructure includes awareness of the location of internet service providers. Also awareness of proximity, geographical location and resources of peers. In this article we present a middleware which configures overlay network by using public measurements and the estimated delay among peers in order to have the most conformity with the topology of physical infrastructure. To evaluate the performance, our middleware is implemented on the top of Gnutella which is an unstructured overlay peer-to-peer network. Our simulations show that our middleware enhances the conformity of overlay network to the topology of physical network infrastructure. In addition, it improved the average throughput and the average delay.
Бесплатно
IEATH: Improved Energy Aware and Two Hop Multipath Routing Protocol in Wireless Sensor Networks
Статья научная
Wireless sensor networks in terms of energy sources are limited. Furthermore due to this type of network infrastructure wireless communications and channel errors not possible to reach the correct packet to the destination exists; hence the proposing algorithms to improve the quality of service in these networks and sending packets are very important. In this paper we proposed a reliable and energy aware packet delivery mechanism to ensure quality of service in wireless sensor networks. In our proposed algorithm to ensure that a packet of information sent to the destination, the multi-path Forwarding method is used; So that several copies of an information packet via separate routes are sent to the destination, also routing decisions in this way occurs by considering the remaining energy in the neighborhood of nodes that are located in two hop of sender node. Simulation results show that the rate of release of data packets reduced in this way and thus the reliability of packet is increased, also the energy efficiency of sensor nodes effectively improved. Therefore this algorithm increase overall lifetime in wireless sensor networks.
Бесплатно
IHBOT: An Intelligent and Hybrid Model for Investigation and Classification of IoT Botnet
Статья научная
The Internet of Things (IoT) is revolutionizing the technological market with exponential growth year wise. This revolution of IoT applications has also brought hackers and malware to gain remote access to IoT devices. The security of IoT systems has become more critical for consumers and businesses because of their inherent heterogenous design and open interfaces. Since the release of Mirai in 2016, IoT malware has gained an exponential growth rate. As IoT system and their infrastructure have become critical resources that triggers IoT malware injected by various shareholders in different settings. The enormous applications cause flooding of insecure packets and commands that fueled threats for IoT applications. IoT botnet is one of the most critical malwares that keeps evolving with the network traffic and may harm the privacy of IoT devices. In this work, we presented several sets of malware analysis mechanisms to understand the behavior of IoT malware. We devise an intelligent and hybrid model (IHBOT) that integrates the malware analysis and distinct machine learning algorithms for the identification and classification of the different IoT malware family based on network traffic. The clustering mechanism is also integrated with the proposed model for the identification of malware families based on similarity index. We have also applied YARA rules for the mitigation of IoT botnet traffic.
Бесплатно
Статья научная
The major IT developments lead to speed and mobility elevation of information access. One of them is using the website to share and gather information. Therefore, the mobility and information disclosure create a harmful vulnerability. Which is the leakage of information, whether organizational or sensitive information, such as bank accounts, phone number and many more. Security testing is necessarily needed on website usage. One of the website security testing method is penetration testing. Supporting framework that can be used in this method is OWASP Testing Guide Version 4. OTG Version 4 has 11 stages cover all aspects of website protection and security. Security testing is nicely done using tools / software. Tools with the concept of OSINT (Open Source Intelligence) are used to get better access and availability by using the characteristics of open source. The IT risk assessment analysis carried out by ISO 31000 framework and based on the results that have been obtained through penetration testing with OWASP framework. Significance & values of this research is finding the best and effective way to making IT risk management guidelines along with the combination of with OWASP & ISO 31000 framework, by doing website security assessment with penetration testing method based on OWASP framework to get the system vulnerabilities and analyze the risks that appears with the ISO 31000 framework. Also, the IT risk management guidelines consist of system improvement recommendations along with evaluation report which obtained from the collaboration analysis the OSINT concept, penetration testing methods, OWASP and ISO 31000 framework.
Бесплатно
Identification of compromised nodes in MANETs using machine learning technique
Статья научная
Mobile ad hoc networks (MANETs) are faced with various security challenges emanating from malicious attacks. Their dynamic nature make nodes more vulnerable to attacks from either malicious nodes or intruders since there is no fixed infrastructure resulting in each node acting as router to transmit data. Currently, several solutions have been proposed and implemented in different ways aimed at eliminating or reducing these malicious attacks. However, the attacks still persist. Therefore, this paper proposes an efficient security mechanism based on machine learning as a solution that detects and identifies malicious attacks in real-time basis by classifying packets data as either normal or abnormal. To achieve this, we conducted experiments using logistic regression (LR) and a support vector machine (SVM) to choose the best predictive model utilizing the Iris data set. The results obtained show that LR performed better than SVM with an accuracy of 100% detection rate. Thus, LR is better suited for the identification of malicious attacks in MANETs. Furthermore, we proposed and designed a framework to detect malicious attacks in real-time in MANETs based on packet behavior using the LR model and the components were presented. We believe that, if this framework is implemented in MANETs, it could go a long way to reduce the rate of attacks in the infrastructure less network.
Бесплатно
Identity Authentication and Context Privacy Preservation in Wireless Health Monitoring System
Статья научная
Privacy preservation is an important challenge for wireless health monitoring system. This paper analyses the privacy threat types based on the wireless health monitoring system architecture, and built the key system model for identity threat and context privacy preservation based on traffic analysis threat. To resist these threat , the integrated message encryption, identity authentication and traffic context privacy preservation, based on identity-based cryptography(IBC) and identity-based signature(IBS), is carried out at one time during the process of sending, receiving and accessing the patients’ health information. Extensive analysis demonstrates the effectiveness of the proposed scheme.
Бесплатно
Identity Verification Mechanism for Detecting Fake Profiles in Online Social Networks
Статья научная
Impersonating users' identity in Online Social Networks (OSNs) is one of the open dilemmas from security and privacy point of view. Scammers and adversaries seek to create set of fake profiles to carry out malicious behaviors and online social crimes in social media. Recognizing the identity of Fake Profiles is an urgent issue of concern to the attention of researchers. In this paper, we propose a detection technique called Fake Profile Recognizer (FPR) for verifying the identity of profiles, and detecting the fake profiles in OSNs. The detection method in our proposed technique is based on utilizing Regular Expression (RE) and Deterministic Finite Automaton (DFA) approaches. We evaluated our proposed detection technique on three datasets types of OSNs: Facebook, Google+, and Twitter. The results explored high Precision, Recall, accuracy, and low False Positive Rates (FPR) of detecting Fake Profiles in the three datasets.
Бесплатно
Image Encryption Using Chaotic Map and Block Chaining
Статья научная
In this paper, a new Chaotic Map with Block Chaining (CMBC) cryptosystem for image encryption is proposed. It is a simple block cipher based on logistic chaotic maps and cipher block chaining (CBC). The new system utilizes simplicity of implementation, high quality, and enhanced security by the combined properties of chaos and CBC cipher. Implementation of the proposed technique has been realized for experimental purposes, and tests have been carried out with detailed analysis, demonstrating its high security. Results confirm that the scheme is unbreakable with reference to many of the well-known attacks. Comparative study with other algorithms indicates the superiority of CMBC security with slight increase in encryption time.
Бесплатно
Image Encryption based on the RGB PIXEL Transposition and Shuffling
Статья научная
Privacy is one of the key issues information Security addresses. Through encryption one can prevent a third party from understanding raw data during signal transmission. The encryption methods for enhancing the security of digital contents has gained high significance in the current era of breach of security and misuse of the confidential information intercepted and misused by the unauthorized parties. This paper sets out to contribute to the general body of knowledge in the area of cryptography application and by developing a cipher algorithm for image encryption of m*n size by shuffling the RGB pixel values. The algorithm ultimately makes it possible for encryption and decryption of the images based on the RGB pixel. The algorithm was implemented using MATLAB.
Бесплатно
Image Hashing Through Spatio-triad Relationship
Статья научная
Authenticating the content of the digital image has profound influence in legal matters and in court rooms. Image forensics plays an important role towards it. Proposed approach helps to authenticate the original image by generating a content based image signature that is a unique fingerprint for the image. Our novel approach establishes spatio triad relationship among features and finds the centre of gravity or centroid of the same after indexing. Topology of the triad relationship for the content based low level feature descriptors is preserved through aggregation until single key feature is deduced which is a 128 bit signature hash value and represented in decimal form. Density of feature keypoints influences the centre of gravity which acts as a unique signature for the given image. Manipulated image cannot contribute to restore / regenerate the same signature. We have verified our authentication approach for standard benchmark image dataset like MICC-F220, Columbia Image Splicing Evaluation dataset and Image manipulation dataset from Friedrich Alexander University and have found satisfactory results for the same. Content based image signature obtained is used to verify authenticity of image and for retrieval of video from database. Content based image fingerprint generated can also be considered for embedding as a watermark.
Бесплатно
Image cryptography with matrix array symmetric key using chaos based approach
Статья научная
With the increase in use of digital technology, use of data items in the format of text, image and videos are also increases. To securely send this data, many users and smart applications have adapted the image encryption approach. But the existing concepts are based on general AES approach. There is need to securely send the data with the addition of some expert image encryption and key generation approach. In this paper, we are using Matrix Array Symmetric Key (MASK) for the key generation and Chaos based approach for the image encryption. The main function of MASK is to generate the key for the encryption and decryption. The encryption process involves the generation of key. We have considered the key of MASK-256 for the encryption having 16 rounds. Chaos based concept has been considered for the encryption of image. Here, permutation- substitution based chaos based approach has been adopted for the image encryption. Moreover, in this approach, we have adapted the concept of partial encryption of image pixels instead of complete encryption so that in case of arrack, intruder can be confused with the partial encrypted image. In this approach, different image samples having different sizes have been considered. Further, concept is evaluated based on the parameters of Information Entropy, Elapsed Time, Precision, Recall and F-Measure.
Бесплатно
