Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1110
Статья научная
The major IT developments lead to speed and mobility elevation of information access. One of them is using the website to share and gather information. Therefore, the mobility and information disclosure create a harmful vulnerability. Which is the leakage of information, whether organizational or sensitive information, such as bank accounts, phone number and many more. Security testing is necessarily needed on website usage. One of the website security testing method is penetration testing. Supporting framework that can be used in this method is OWASP Testing Guide Version 4. OTG Version 4 has 11 stages cover all aspects of website protection and security. Security testing is nicely done using tools / software. Tools with the concept of OSINT (Open Source Intelligence) are used to get better access and availability by using the characteristics of open source. The IT risk assessment analysis carried out by ISO 31000 framework and based on the results that have been obtained through penetration testing with OWASP framework. Significance & values of this research is finding the best and effective way to making IT risk management guidelines along with the combination of with OWASP & ISO 31000 framework, by doing website security assessment with penetration testing method based on OWASP framework to get the system vulnerabilities and analyze the risks that appears with the ISO 31000 framework. Also, the IT risk management guidelines consist of system improvement recommendations along with evaluation report which obtained from the collaboration analysis the OSINT concept, penetration testing methods, OWASP and ISO 31000 framework.
Бесплатно
Identification of compromised nodes in MANETs using machine learning technique
Статья научная
Mobile ad hoc networks (MANETs) are faced with various security challenges emanating from malicious attacks. Their dynamic nature make nodes more vulnerable to attacks from either malicious nodes or intruders since there is no fixed infrastructure resulting in each node acting as router to transmit data. Currently, several solutions have been proposed and implemented in different ways aimed at eliminating or reducing these malicious attacks. However, the attacks still persist. Therefore, this paper proposes an efficient security mechanism based on machine learning as a solution that detects and identifies malicious attacks in real-time basis by classifying packets data as either normal or abnormal. To achieve this, we conducted experiments using logistic regression (LR) and a support vector machine (SVM) to choose the best predictive model utilizing the Iris data set. The results obtained show that LR performed better than SVM with an accuracy of 100% detection rate. Thus, LR is better suited for the identification of malicious attacks in MANETs. Furthermore, we proposed and designed a framework to detect malicious attacks in real-time in MANETs based on packet behavior using the LR model and the components were presented. We believe that, if this framework is implemented in MANETs, it could go a long way to reduce the rate of attacks in the infrastructure less network.
Бесплатно
Identity Authentication and Context Privacy Preservation in Wireless Health Monitoring System
Статья научная
Privacy preservation is an important challenge for wireless health monitoring system. This paper analyses the privacy threat types based on the wireless health monitoring system architecture, and built the key system model for identity threat and context privacy preservation based on traffic analysis threat. To resist these threat , the integrated message encryption, identity authentication and traffic context privacy preservation, based on identity-based cryptography(IBC) and identity-based signature(IBS), is carried out at one time during the process of sending, receiving and accessing the patients’ health information. Extensive analysis demonstrates the effectiveness of the proposed scheme.
Бесплатно
Identity Verification Mechanism for Detecting Fake Profiles in Online Social Networks
Статья научная
Impersonating users' identity in Online Social Networks (OSNs) is one of the open dilemmas from security and privacy point of view. Scammers and adversaries seek to create set of fake profiles to carry out malicious behaviors and online social crimes in social media. Recognizing the identity of Fake Profiles is an urgent issue of concern to the attention of researchers. In this paper, we propose a detection technique called Fake Profile Recognizer (FPR) for verifying the identity of profiles, and detecting the fake profiles in OSNs. The detection method in our proposed technique is based on utilizing Regular Expression (RE) and Deterministic Finite Automaton (DFA) approaches. We evaluated our proposed detection technique on three datasets types of OSNs: Facebook, Google+, and Twitter. The results explored high Precision, Recall, accuracy, and low False Positive Rates (FPR) of detecting Fake Profiles in the three datasets.
Бесплатно
Image Encryption Using Chaotic Map and Block Chaining
Статья научная
In this paper, a new Chaotic Map with Block Chaining (CMBC) cryptosystem for image encryption is proposed. It is a simple block cipher based on logistic chaotic maps and cipher block chaining (CBC). The new system utilizes simplicity of implementation, high quality, and enhanced security by the combined properties of chaos and CBC cipher. Implementation of the proposed technique has been realized for experimental purposes, and tests have been carried out with detailed analysis, demonstrating its high security. Results confirm that the scheme is unbreakable with reference to many of the well-known attacks. Comparative study with other algorithms indicates the superiority of CMBC security with slight increase in encryption time.
Бесплатно
Image Encryption based on the RGB PIXEL Transposition and Shuffling
Статья научная
Privacy is one of the key issues information Security addresses. Through encryption one can prevent a third party from understanding raw data during signal transmission. The encryption methods for enhancing the security of digital contents has gained high significance in the current era of breach of security and misuse of the confidential information intercepted and misused by the unauthorized parties. This paper sets out to contribute to the general body of knowledge in the area of cryptography application and by developing a cipher algorithm for image encryption of m*n size by shuffling the RGB pixel values. The algorithm ultimately makes it possible for encryption and decryption of the images based on the RGB pixel. The algorithm was implemented using MATLAB.
Бесплатно
Image Hashing Through Spatio-triad Relationship
Статья научная
Authenticating the content of the digital image has profound influence in legal matters and in court rooms. Image forensics plays an important role towards it. Proposed approach helps to authenticate the original image by generating a content based image signature that is a unique fingerprint for the image. Our novel approach establishes spatio triad relationship among features and finds the centre of gravity or centroid of the same after indexing. Topology of the triad relationship for the content based low level feature descriptors is preserved through aggregation until single key feature is deduced which is a 128 bit signature hash value and represented in decimal form. Density of feature keypoints influences the centre of gravity which acts as a unique signature for the given image. Manipulated image cannot contribute to restore / regenerate the same signature. We have verified our authentication approach for standard benchmark image dataset like MICC-F220, Columbia Image Splicing Evaluation dataset and Image manipulation dataset from Friedrich Alexander University and have found satisfactory results for the same. Content based image signature obtained is used to verify authenticity of image and for retrieval of video from database. Content based image fingerprint generated can also be considered for embedding as a watermark.
Бесплатно
Image cryptography with matrix array symmetric key using chaos based approach
Статья научная
With the increase in use of digital technology, use of data items in the format of text, image and videos are also increases. To securely send this data, many users and smart applications have adapted the image encryption approach. But the existing concepts are based on general AES approach. There is need to securely send the data with the addition of some expert image encryption and key generation approach. In this paper, we are using Matrix Array Symmetric Key (MASK) for the key generation and Chaos based approach for the image encryption. The main function of MASK is to generate the key for the encryption and decryption. The encryption process involves the generation of key. We have considered the key of MASK-256 for the encryption having 16 rounds. Chaos based concept has been considered for the encryption of image. Here, permutation- substitution based chaos based approach has been adopted for the image encryption. Moreover, in this approach, we have adapted the concept of partial encryption of image pixels instead of complete encryption so that in case of arrack, intruder can be confused with the partial encrypted image. In this approach, different image samples having different sizes have been considered. Further, concept is evaluated based on the parameters of Information Entropy, Elapsed Time, Precision, Recall and F-Measure.
Бесплатно
Impact of Equalizer step size in Underwater Acoustic Communication Channel
Статья научная
The Underwater Acoustic Channel (UAC) is a time variant channel and its multipath effects create ISI. This is one of the most important obstacles in the UAC channel which reduces the transmission rate. To remove this obstacle, a proper filter has to be designed in the receiver section. In this article, optimal step size for equalizer is computed and compared the results with the known techniques namely Decision Feedback Equalizer with interleave division multiple access (DFE IDMA) and Cyclic Prefix - Orthogonal Frequency Division Multiplexing (CP-OFDM) Equalizer. Channels are modeled using ray tracing methods. The various factors considered are ambient noise, attenuation loss, bottom and surface loss. The overall path loss for channels is computed by summing up the attenuation loss, surface and bottom loss. Simulation results evident that for short range UAC channel, the BER in the order of 10-2 is achieved using proposed methodology with least Eb/No compared to standard DFE method.
Бесплатно
Impact of IPv4, IPv6 and dual stack interface over wireless networks
Статья научная
The entire networking society is tremendously moving towards the IPv6 addressing architecture leaving behind the IPv4 address space. This happens due to the tremendous growth of Internet usage over the networking. The government has mandated that all the devices would be IPv6 compatible as the delay in the deployment of IPv6 would result in the negative impact of future growth and global connectivity of the internet. In this paper we are dealing with the impact of different interfaces like IPv4 only, IPv6 only and Dual stack mechanism over wireless networks with varying PHY and MAC layer interface of 802.11 a/g and 802.11 b standards. The results are simulated over Qualnet 5.1 simulator with various parameters like throughput, delay, jitter and packet delivery ratio is been calculated.
Бесплатно
Impact of Model Mobility in Ad Hoc Routing Protocols
Статья научная
An Ad Hoc network is a temporary network without infrastructure, dynamically formed by mobile devices without turning to any existing centralized administration. To send packets to remote nodes, a node use other nodes as intermediate relays, and ask them to transmit its packets. For this purpose, a routing protocol is needed. Because mobile devices are used, the network topology is unpredictable and can change at any time. The objective of this paper is to know the effect of mobility on the performance of Ad Hoc routing protocols, based on multi simulations performed with Glomosim.
Бесплатно
Impact of Physical Layer Jamming on Wireless Sensor Networks with Shadowing and Multicasting
Статья научная
This paper analyzes the impact of a physical layer jamming on the performance of wireless sensor networks by performing exhaustive comparative simulations using multicasting and by employing varying intensity of shadowing (constant and log normal). Comprehensive result analysis reveals that jamming drastically degrades the legitimate traffic throughput in a network, and, the constant shadowing approach is a better fit for a static network, both, under static as well as mobile jammer environments, as compared to the log normal one. An improvement in sink-node packet delivery ratio by 15.02 % and 16.58 % was observed with static and mobile jammer environments respectively, under multicasting and constant shadowing mean of 8.0. Further, average sink-node packet delivery ratio with constant shadowing shows an improvement of 4.15% and 5.94%, using static and mobile jammer environment respectively, in comparison to the values obtained under log normal shadowing based network.
Бесплатно
Impact of Wireless Channel Model on 802.15.6 Standard Performance for Wireless Body Sensor Networks
Статья научная
Wireless Body Sensor Network (WBAN) is a set of wearable and implantable devices capable of measuring physiological parameters and monitoring patient with chronic disease where early diagnosis is highly demanded. Several models introduced the general characterization of WBAN devices path loss considering possible shadowing due to obstruction of the signal (by the human body or any other obstacles) as well as the different postures of the human body. This paper aims at reporting an overview of WBSNs technologies, particular applications, system architecture and channel modeling. Emphasis is given to the IEEE 802.15.6 standard which enables the development of WBAN for medical and non-medical applications. The standard's performance within a time based variation and log-distance path loss is presented based on various simulations.
Бесплатно
Implementation of An Optimized and Pipelined Combinational Logic Rijndael S-Box on FPGA
Статья научная
In this paper, presents an optimized combinational logic based Rijndael S-Box implementation for the SubByte transformation(S-box) in the Advanced Encryption Standard (AES) algorithm on FPGA. S-box dominated the hardware complexity of the AES cryptographic module thus we implement its mathematic equations based on optimized and combinational logic circuits until dynamic power consumption reduced. The complete data path of the S-box algorithm is simulated as a net list of AND, OR, NOT and XOR logic gates, also for increase in speed and maximum operation frequency used 4-stage pipeline in proposed method. The proposed implemented combinational logic based S-box have been successfully synthesized and implemented using Xilinx ISE V7.1 and Virtex IV FPGA to target device Xc4vf100. Power is analized using Xilinx XPower analyzer and achieved power consumption is 29 mW in clock frequency of 100 MHz. The results from the Place and Route report indicate that maximum clock frequency is 209.617 MHz.
Бесплатно
Implementation of Enhanced Security Algorithms in Mobile Ad hoc Networks
Статья научная
Mobile Ad hoc Networks are wireless infrastructure less networks can beeasily formed or deployed due to its simple infrastructure. Security has become a primary concern in order to provide protected communication between mobile nodes in a hostile environment. The main objective of this work is to enhance the performance of the network by securing the data and to minimize the malicious nodes which disturb the stream of the network. Securing data is a critical task which can be achieved by cryptographic algorithms and disturbance detection plays as a crucial ingredient in any comprehensive security solution to address the threats.Hence a Novel Cryptographic Algorithm with a new Disturbance Detection System (DDS) has been proposed for Mobile Adhoc Networks. This method prevents the outside attacks to obtain any information from any data exchange in network and also use promiscuous mode of working along with rating and collaborative decision making based on multiple threshold values.The proposed algorithm was implemented and simulated in the Glomosim and the result analysis proved that the performance of the network is increased.
Бесплатно
Implementation of GSM Based Security System with IOT Applications
Статья научная
An effective security system is designed and implemented through the application of embedded systems and the Internet of Things (IoT). The main goal of this work is to present the IoT system and modern technology systems / embedded intelligent networks. IoT is the technology of the future in contact machine / machine device / machine is possible thanks to the electronics, sensor technology, software and connectivity system to enable these items to collect and exchange data. Embedded system is a real-time mainframe structure on a particular task, an automatic or electrical system including, often within the limits of real-time raking as sensors, modules with microcontrollers, etc...This is integrated with sensor main server and GSM global system For mobile), it is able to send data and IP addresses through SMS message. This will facilitate the identification of the unknown person embedded in real-time in these devices. The video data are transferred to another back-end server via TCP (Transmission Control Protocol) of the device. This server collects data and provides HTTP Web. A browser is used to view data and can be remotely controlled. This type is giving an idea about the probability and effectiveness of the system, this thesis presents the results of the investigation into the security system and some realistic implementations.
Бесплатно
Implementation of Risk Management with SCRUM to Achieve CMMI Requirements
Статья научная
Majority of the software development companies are practicing agile methods to develop high quality products. SCRUM is one of the most widely used agile methods. Capability maturity model integration (CMMI) is one of the quality standards for software companies. In this research, we propose an implementation of risk management with SCRUM in order to make it compatible with CMMI. We conducted a survey to validate the proposed solution. Questionnaire includes 20 questions that are divided into three goals. The proposed solution is validated through survey with support of 70.94%. We anticipate that the proposed solution will enable software companies to achieve CMMI and it will also improve the quality of software products.
Бесплатно
Implementation of SRRC Filter in Mobile WiMax with DWT Based OFDM System
Статья научная
Pulse shaping filter when applied to the symbols generated for transmission in a bandwidth limited systems allow for bandwidth containment that reduces the Inter-Symbol Interference (ISI) arising from multipath signal reflections which further minimizes the probability of errors at the receiver. Wavelets encompass the advantages of transforming and mapping data onto orthogonal subcarriers with optimal flexibility as well as less complexity which leads to increase the bandwidth efficiency of an Orthogonal Frequency Division Multiplexing (OFDM) system. In this paper Square Root Raised Cosine (SRRC) a pulse shaping technique when applied to Discrete Wavelet Transform (DWT) based OFDM system in mobile WiMax is simulated and its performance analysis in terms of Bit Error rate (BER) as a function of Signal to Noise Ratio (SNR) is investigated for various modulation schemes under AWGN channel. The results obtained show that SRRC filter offers to significantly improve BER for the given SNR and enhance the performance of physical layer in Mobile WiMax. The performance measurements and analysis is done in the simulation developed in MATLAB.
Бесплатно
Implementation of the Naive Bayes Classifier Method for Potential Network Port Selection
Статья научная
The rapid development of information technology has also accompanied by an increase in activities classified as dangerous and irresponsible, such as information theft. In the field of network systems, this kind of activity is called intrusion. Intrusion Detection System (IDS) is a system that prevents intrusion and protecting both hosts and network assets. At present, the development of various techniques and methods for implementing IDS is a challenge, along with the increasing pattern of intrusion activities. The various methods used in IDS have generally classified into two types, namely Signature-Based Intrusion Detection System (SIDS) and the Anomaly-Based Intrusion Detection System (AIDS). When a personal computer (PC) connected to the Internet, a malicious attacker tries to enter and exploit it. One of the most commonly used techniques in accessing open ports which are the door for applications and services that use connections in TCP/IP networks. Open ports indicate a particular process where the server provides certain services to clients and vice versa. This study applies the Naïve Bayes classifier to predict port numbers that have the potential to change activity status from "close" to "open" and vice versa. Predictable potential port numbers can be a special consideration for localizing monitoring activities in the future. The method applied is classified as AIDS because it based on historical data of port activity obtained through the port scan process, regardless of the type of attack. Naïve Bayes classifier is determined to have two event conditions that predict the occurrence of specific port numbers when they occur in specified duration and activity status. The study results have shown a 70% performance after being applied to selected test data.
Бесплатно
Implementing security features in MANET routing protocols
Статья научная
Mobile ad-hoc network or MANET is an auto-organizing network of mobile nodes. It lacks centralized control and is connected by wireless links. One of the many benefits of MANETs is that it can be utilized where there is no proper infrastructural support for wireless access and wired backbone is not possible. One major drawbacks of MANET is that as it is an infracture-less network, created on the fly, so here each node also functions as a router. So, each node participates in the routing of packets and information along the network. Due to this feature in MANETs, it is convenient to attack one of the nodes of MANET and then organize an attack on the whole network. To, secure the routing protocols in MANETs there are already a number of security features included in many of the unicast and multicast routing protocols. Like the use of unique signature and the use of secured algorithmic approach to secure against the various network layer routing attacks in MANETs. In this paper it is proposed that the use of hashing and secured algorithmic approaches like, Alpha Numeric Routing, when combined can introduce a unique security feature to On-Demand Routing protocols both in its multicast and unicast avatars. Some comparison, is done in the end of the new approach combines with the existing approaches by only using, Alpha Numeric Reflex Routing Algorithm. The outcome of the implementation was as expected, the results satisfied the input algorithms. Last but not the least analysis of the results is done and there is a discussion about the obtained results.
Бесплатно
