International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1130
Improved Trial Division Technique for Primality Checking in RSA Algorithm
Статья научная
The RSA cryptosystem, invented by Ron Rivest, Adi Shamir and Len Adleman was first publicized in the August 1977 issue of Scientific American. The security level of this algorithm very much depends on two large prime numbers. To check the primality of large number in personal computer is huge time consuming using the best known trial division algorithm. The time complexity for primality testing has been reduced using the representation of divisors in the form of 6n±1. According to the fundamental theorem of Arithmetic, every number has unique factorization. So to check primality, it is sufficient to check if the number is divisible by any prime below the square root of the number. The set of divisors obtained by 6n±1 form representation contains many composites. These composite numbers have been reduced by 30k approach. In this paper, the number of composites has been further reduced using 210k approach. A performance analysis in time complexity has been given between 210k approach and other prior applied methods. It has been observed that the time complexity for primality testing has been reduced using 210k approach.
Бесплатно
Improving Energy of Modified Multi-Level LEACH Protocol by Triggering Random Channel Selection
Статья научная
The energy has undergone a major concern in wireless sensor networks. One direction of the LEACH protocol would be towards a future in which four levels will continue to dominate. The other direction would be towards to improve these levels further and increasingly smaller amount of energy consumption. The support provided by the LEACH protocol has been crucial in which upgrade these levels and build smart distributed network. The previous scenario is not motivated by the scientific altruism. They are large number of clients in the proposed scenario and therefore have a good reason to encourage a scalable alternative for communication. LEACH protocol to take a leaf out of the proposed scenario and it has a good energy saver, less energy consumption. The proposed scenario needs to be better understanding the catalytic role played by the previous three levels LEACH protocol. It should also see whether there is scope for deploying more nodes through collaboratively proposed protocol with three level protocols.
Бесплатно
Improving Quality of Service of Femto Cell Using Optimum Location Identification
Статья научная
To enhance the throughput and Quality of Service (QoS) of indoor users, Femto cells became the best solution. The placement of a femtocell is always a challenging task due to its interference constraints with other cells. If the base stations has limited number of Femto-cells, then there is need to focus much on interference constraints. In the dense countries like India, there is a need to install more number of Femto-cells to get the proper throughput. But, the limiting factor here is frequency and interference management. This paper explained the interference management issues and hand over issues. This paper proposed method of optimal placement of Femto cell to increase the QoS in dense environment where macro-cell holds many number of Femto cells. This solution made an assumption that the interference effect was considerably strong when compared to Noise. Hence, we have not considered Noise parameter in the analysis. It was shown that the optimal placement has better throughput when compared to blind placement. Two cases were considered as blind placements and their throughput was analyzed with respect to optimal placement. The proposed method was tested in both single and multi-room buildings. Finally, it was observed that the gain of 50% was increased with respect to large buildings with many rooms.
Бесплатно
Improving Security Using a Three-Tier Authentication for Automated Teller Machine (ATM)
Статья научная
The current use of Personal Identification Number (PIN) for verification of the validity of a customer’s identity on Automated Teller Machine (ATM) systems is susceptible to unauthorized access and illegal withdrawal of cash from the ATM, hence, the need for more reliable means of carrying out user authentication. We present a three-tier authentication model with three layers of authentication using password, fingerprint and One-Time-Password (OTP). The identity of an ATM user is validated using password, fingerprint and OTP. Object-Oriented Analysis and Design Methodology (OOADM) was employed in the investigation of the existing system and analysis of the proposed system. Microsoft Visual Basic.NET and Microsoft SQL Server were employed in the implementation of the system. The result is a three-tier authentication model for ATM. Alphabetic keys and some special character keys were introduced to the existing numeric keypad for authentication. The ATM was interfaced with a fingerprint reader for improved security.
Бесплатно
Improving Security of the Baptista's Cryptosystem Using Two-step Logistic Map
Статья научная
Over last 3 decades, many cryptography algorithms based on chaos have been proposed that are very fast in computation. Chaos is used for secured communication in two ways as analog secured communication and digital chaotic ciphers. This paper is mainly focused at digital chaotic cryptosystem. In symmetric cryptosystems, same key is used for both encryption and decryption purpose. In 1998, Baptista gave the most used symmetric cryptosystem based on Ergodic property of logistic map. Later on, many refinements were done in Baptista's algorithm. By going through later proposed refinements in this cryptosystem, some flaws are observed. Proposed scheme has a two-step logistic map that is a feedback mechanism using an extra variable to come over these flaws. At last, there is comparison between proposed scheme and other version of Baptista type cryptosystem, which shows that the proposed scheme is better than previous ones and it is resist against behavior analysis attack and partial key recovery attack.
Бесплатно
Improving the AODV Protocol to Satisfy the Required Level of Reliability for Home Area Networks
Статья научная
For decades, the structure of existing power grids has not changed. It is an old structure that depends heavily on fossil fuel as an energy source, and in the future, this is likely to be critical in the field of energy. To solve these problems and to make optimal use of energy resources, a new concept is proposed, called Smart Grid. Smart Grid is an electric power distribution automation system, which can provide a two-way flow of electricity and information between power plants and consumers. The Smart Grid communications infrastructure consists of different network components, such as Home Area Network (HAN), Neighborhood Area Network (NAN) and Wide Area Network (WAN). Achieving the required level of reliability in the transmission of information to all sections, including the HAN, is one of the main objectives in the design and implementation of Smart Grid. This study offers a routing protocol by considering the parameters and constraints of HAN, which, by improving AODV routing protocol, achieves the level of required reliability for data transmission in this network. These improvements include: making table-driven AODV routing protocol, extending the routing protocol to compute multiple paths in a route discovery, simplification and providing the effect of HAN parameters. The results of the NS2 simulation indicate that applying this improved routing protocol in the HAN, satisfies the required level of reliability of the network, which is over 98%.
Бесплатно
Improving the Performance of Routing Protocol using Genetic Algorithm
Статья научная
Internet reliability and performance is based mostly on the underlying routing protocols. The current traffic load has to be taken into account for computation of paths in routing protocols. Addressing the selection of path, from a known source to destination is the basic aim of this paper. Making use of multipoint crossover and mutation is done for optimum and when required alternate path determination. Network scenario which consists of nodes that are fixed and limited to the known size of topology, comprises the population size. This paper proposes a simple method of calculating the shortest path for a network using Genetic Algorithm (GA), which is capable of giving an efficient, dynamic and consistent solution in spite of, what topology, changes in link and node happen and volume of the network. GA is used in this paper for optimization of routing. It helps us in enhancing the performance of the routers.
Бесплатно
Статья научная
Mobile Ad-hoc Network (MANET) is mostly decentralized and self-adjustable network system. It is significant to optimize the overall network energy utilization and improve packet sending performance by reducing the errors, generated due to different real-life environmental effects. In this paper, considering atmospheric, environmental change and varying distance for topological change, we try to generate the routing cost. By introducing m-minimum (membership value as m) triangular fuzzy number at interval based cost and energy of the network, we try to handle the uncertain environment. Here we generate both fuzzy minimum spanning tree (FMST) for a given n- nodes network and p-node fuzzy multicast minimum spanning tree (pFMMST), in fuzzy interval based format. Applying the fuzzy credibility distribution we modify the network routing cost and energy utilization for both FMST and pFMMST. Comparing the routing cost and residual energy for FMST and pFMMST of MANET, it is concluded that, pFMMST is better FMST based packet routing approach, with minimum routing cost, optimized total energy utilization and best possible technique to reduce the error which is generated due to the deviation of interval of upper and lower limit data in route cost and residual energy.
Бесплатно
Improvising QoS through Cross-Layer Optimization in MANETs
Статья научная
In Mobile Adhoc Networks (MANETs), nodes are mobile and interact through wireless links. Mobility is a significant advantage of MANETs. However, due to the unpredictable nature of mobility, the link may fail frequently, degrading the Quality of Service (QoS) of MANETs applications. This paper outlines a novel Ad hoc On-Demand Distance Vector with Proactive Alternate Route Discovery (AODV-PARD) routing protocol that uses signal strength-based link failure time estimation. The node predicts the link failure time and warns the upstream node through a warning message about the failure. On the basis of this information, a mechanism for identifying alternate routes is started in order to reroute traffic to the alternate route prior to the link failure. It significantly reduces packet loss and improves all the QoS parameters. The suggested protocol is compared to the traditional Ad hoc On-Demand Distance Vector (AODV) routing protocol and shows that the outlined protocol results in an improvement in QoS.
Бесплатно
Increasing the Efficiency of IDS Systems by Hardware Implementation of Packet Capturing
Статья научная
Capturing is the first step in intrusion detection system (IDS). Having wire speed, omitting the OS from capturing process and no need for making a copy of packets from the system’s environment to the user’s environment are some of the system characteristics. If these requirements are not met, packet capture system is considered as the main bottleneck of IDS and the overall efficiency of this system will be influenced. Presence of all these three characteristics calls for utilization of hardware methods. In this paper, by using of FPGA, a line sniffing and load balancing system are designed in order to be applied in IDS systems. The main contribution of our work is the feasibility of attaching labels to the beginning part of each packet, aiming at quick easy access of other IDS modules to information of each packet and also reducing workload of these modules. Packet classification in the proposed system can be configured to 2, 3, and 5 tuple, which can also be applied in IDS detection module in addition to load balancing part of this system. Load balancing module uses Hash table and its Hash function has the least flows collisions. This system is implemented on a set of virtex 6 and 7 families and is able to capture packets 100% and perform the above mentioned processes by speed of 12 Gbit/s.
Бесплатно
Inculcating global optimization in ZRP through newfangled firefly algorithm
Статья научная
Zone Routing Protocol (ZRP) has evolved as an efficient hybrid routing protocol with extremely high potentiality owing to the integration of two radically different schemes, proactive and reactive in such a way that a balance between control overhead and latency is achieved while maintaining routng and security concerns. The execution of ZRP in any case, is affected by different system conditions, for example, zone span, arrange measure, portability and so forth. The exploration work depicted in this paper centers around enhancing the execution of zone steering convention by lessening the measure of receptive traffic which is fundamentally in charge of corrupted system execution in the event of extensive systems. The methodology is structured to such an extent that the zone range of the system stays unaffected while accomplishing better QOS(Quality of Service) execution alongside productive memory utilization.This is actualized by utilizing two calculations. The principal calculation is intended to adjust the measure of proactive and receptive traffic without expanding the zone sweep dependent on the collection of courses in a focal overseer called Head.The utilization of Route Aggregation(RA) approach helps in decreasing the steering overhead and furthermore help accomplish execution optimization.The execution of proposed convention is evaluated under fluctuating hub size and versatility. The second calculation called the firefly streamlining calculation intends to accomplish worldwide enhancement which is very hard to accomplish due to non-linearity of capacities and multimodality of calculations. Different customary improvement procedures like angle based methods, tree based calculations need to manage such issues so this exploration based work uses the meta-heuristic calculation; it takes focal points of both course total and firefly calculations to upgrade QOS of Mobile Ad-hoc Network. For execution assessment a lot of benchmark capacities are being embraced like, parcel conveyance proportion and start to finish postponement to approve the proposed methodology. Recreation results delineate better execution of proposed brand new Firefly Algorithm (FRA) when contrasted with ZRP and RA-ZRP.
Бесплатно
Статья научная
In this manuscript, an Individual Updating Strategies-based Elephant Herding Optimization Algorithm are proposed to facilitate the effective load balancing (LB) process in cloud computing. Primary goal of proposed Individual Updating Strategies-based Elephant Herding Optimization Algorithm focus on issuing the workloads pertaining to network links by the purpose of preventing over-utilization and under-utilization of the resources. Here, NIUS-EHOA-LB-CE is proposed to exploit the merits of traditional Elephant Herd Optimization algorithm to achieve superior results in all dimensions of cloud computing. In this NIUS-EHOA-LB-CE achieves the allocation of Virtual Machines for the incoming tasks of cloud, when the number of currently processing tasks of a specific VM is less than the cumulative number of tasks. Also, it attains potential load balancing process differences with the help of each individual virtual machine’s processing time and the mean processing time (MPT) incurred by complete virtual machine. Efficacy of the proposed technique activates the Cloudsim platform. Experimental results of the proposed method shows lower Mean Response time 11.6%, 18.4%, 20.34%and 28.1%, lower Mean Execution Time 78.2%, 65.4%, 40.32% and 52.6% compared with existing methods, like Improved Artificial Bee Colony utilizing Monarchy Butterfly Optimization approach for Load Balancing in Cloud Environments (IABC-MBOA-LB-CE), An improved Hybrid Fuzzy-Ant Colony Algorithm Applied to Load Balancing in Cloud Computing Environment (FACOA-LB-CE), Hybrid firefly and Improved Multi-Objective Particle Swarm Optimization for energy efficient LB in Cloud environments (FF-IMOPSO-LB-CE) and A hybrid gray wolf optimization and Particle Swarm Optimization algorithm for load balancing in cloud computing environment (GWO-PSO-LB-CE).
Бесплатно
Industrial Control Systems Honeypot: A Formal Analysis of Conpot
Статья научная
Technologies used in ICS and Smart Grid are overlapping. The most discussed attacks on ICSs are Stuxnet and Black energy malware. The anatomy of these attacks not only pointed out that the security of ICS is of prime concern but also demanded to execute a proactive approach in practicing ICS security. Honeypot is used to implement defensive measures for security. The Honeynet group released Honeypot for ICS labelled as Conpot in 2013. Though the Conpot is low interactive Honeypot, it emulates processes of different cyber-physical systems, typically Smart Grid. In the literature, the effectiveness of Honeypot operations was studied by challenging limitations of the existing setup or proposing new variants. Similar approaches are followed for Conpot evaluation. However, none of the work addressed a formal verification method to verify the engagement of Honeypot, and this makes the presented work unique. For proposed work, Coloured Petri Net (CPN) tool is used for formal verification of Conpot. The variants of Conpot are modelled, including initial state model, deadlock state model and livelock model. Further evaluation of these models based on state space analysis results confirmed that Conpot could lure an attacker by engaging him in an infinite loop and thereby limiting the scope of the attacker from exploring and damaging the real-time systems or services. However, in the deadlock state, the attacker’s activity in the conpot will be restricted and will be unable to proceed further as the conpot model incorporates deadlock loop.
Бесплатно
Information Leakage Prevention Using Virtual Disk Drive
Статья научная
The worst news for information technology people are computer has been stolen or lost. The actual problem is the loss of the data stored on the hard drive that can fall into the wrong hands. However, users of information system and laptops computers are facing real problems with due to intruders using attack techniques when they are connected to the network and lost or stolen computers. In order to protect your organization against information leakage you should encrypt this data by only allowing the user with access to the encryption key to view the data, authorized application usage, and control who gets access to specific types of data. This work focuses on confidentiality of secure information storage. In addition, it presents the model to create of a Virtual Disk Drive (VDD) on MS Windows, that appear to the user (after the mounting process) as hard disks, but that are really stored as ciphered files on a file system. The proposed VDD prevents dictionary attacks and brute force attacks by incorporating a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) in the login mechanism. The authentication method for the VDD login is based upon a 3-D image CAPTCHA. All components of this work are integrated in one security VDD tool called "SecDisk".
Бесплатно
Статья научная
Election Commission of X City is an institution that serves as the organizer of elections in the X City, which has a website as a medium in the delivery of information to the public and as a medium for the management and structuring of voter data in the domicile of X City. As a website that stores sensitive data, it is necessary to have risk management aimed at improving the security aspects of the website of Election Commission of X City. The Information System Security Assessment Framework (ISSAF) is a penetration testing standard used to test website resilience, with nine stages of attack testing which has several advantages over existing security controls against threats and security gaps, and serves as a bridge between technical and managerial views of penetration testing by applying the necessary controls on both aspects. Penetration testing is carried out to find security holes on the website, which can then be used for assessment on ISO 31000 risk management which includes the stages of risk identification, risk analysis, and risk evaluation. The main findings of this study are testing a combination of penetration testing using the ISSAF framework and ISO 31000 risk management to obtain the security risks posed by a website. Based on this research, obtained the results that there are 18 security gaps from penetration testing, which based on ISO 31000 risk management assessment there are two types of security risks with high level, eight risks of medium level security vulnerabilities, and eight risks of security vulnerability with low levels. Some recommendations are given to overcome the risk of gaps found on the website.
Бесплатно
Статья научная
In the modern world, the military sphere occupies a very high place in the life of the country. At the same time, this area needs quick and accurate solutions. This decision can greatly affect the unfolding of events on the battlefield and indicate that they must be used carefully, using all possible means. During the war, the speed and importance of decisions are very important, and we note that the relevance of this topic is growing sharply. The purpose of the work is to create a comprehensive information system that facilitates the work of commanders of tactical units, which organizes the visualization and classification of aerial objects in real-time, the classification of objects for radio-technical intelligence, the structuring of military information and facilitates the perception of military information. The object of research/development is a phenomenon that creates a problematic problem, has the presence of slowing factors in the process of command and control, using teams of tactical links, which can slow down decision-making, as well as affect their correctness. The research/development aims to address emerging bottlenecks in the command-and-control process performed by tactical link teams, providing improved visualization, analysis and work with military data. The result of the work is an information system for processing military data to help commanders of tactical units. This system significantly improves on known officer assistance tools, although it includes a set of programs that have been used in parallel on an as-needed basis. Using modern information technologies and ease of use, the system covers problems that may arise for commanders. Also, each program included in the complex information system has its degree of innovation. The information system for structuring military information is distinguished by the possibility of use on any device. The information system for the visualization and clustering of aerial objects and the information system for the classification of objects for radio technical intelligence are distinguished by their component nature. This means that the application can use sources of input information and provides an API to use other processing information. Regarding the information system for integration into information materials, largely unknown terms and abbreviations are defined, so such solutions, cannot integrate the required data into real documents. Therefore, using this comprehensive information system, the command of tactical units will have the opportunity to improve the quality and achieve the command-and-control process.
Бесплатно
Innovative Method for Enhancing Key Generation and Management in the AES-Algorithm
Статья научная
With the extraordinary maturity of data exchange in network environments and increasing the attackers capabilities, information security has become the most important process for data storage and communication. In order to provide such information security the confidentiality, data integrity, and data origin authentication must be verified based on cryptographic encryption algorithms. This paper presents a development of the advanced encryption standard (AES) algorithm, which is considered as the most eminent symmetric encryption algorithm. The development focuses on the generation of the integration between the developed AES based S-Boxes, and the specific selected secret key generated from the quantum key distribution.
Бесплатно
Integer Programming Models for Task Scheduling and Resource Allocation in Mobile Cloud Computing
Статья научная
In traditional mobile cloud computing, user tasks are uploaded and processed on a cloud server over the Internet. Due to the recent rapid increase in the number of mobile users connected to the network, due to overload of the Internet communication channels, there are significant delays in the delivery of data processed on cloud servers to the user. Furthermore, it complicates the optimal scheduling of the tasks of many users on cloud servers and the delivery of results. Scheduling is an approach used to reduce the tasks execution time by ensuring a balanced distribution of user tasks on cloud servers. The goal of scheduling is to ensure selection of appropriate resources to handle tasks quickly, taking into account user requirements. Whereas the goal of cloud service providers is to provide users with the required resources through performing effective scheduling so that both the user and the service provider can benefit. The article proposes a scheduling model to reduce processing time, network latency, and power consumption of mobile devices through optimal task placement in the cloudlet network in a mobile cloud computing environment.
Бесплатно
Статья научная
Today, there are known the basic principles of decision-making on the safety control of distributed computer systems in the face of uncertainty and risk. However, in this area there are no practical methods for the quantitative risk analysis and assessment, taking into account the dynamic changes of security threats, which is typical for distributed computer systems. In this paper is suggested an approach to assesment and minimization of the security risks, which allows to reduce the potential losses due to the realization of threats, to analyze the dynamics of intrusions into computer systems and to select the effective security tools. As a result, there is designed the structure of the tools for risk minimization in the distributed computer systems and are formalized the main functions of this structure. Also, in the paper is suggested the assessment of risk factors of the security threats and the probability of the threats realization, which are based on their division into appropriate groups. The proposed tools for security risk minimization allow effectively identify, classify and analyze threats to the security of the distributed computing systems.
Бесплатно
Статья научная
With attackers discovering more inventive ways to take advantage of network weaknesses, the pace of attacks has drastically increased in recent years. As a result, network security has never been more important, and many network intrusion detection systems (NIDS) rely on old, out-of-date attack signatures. This necessitates the deployment of reliable and modern Network Intrusion Detection Systems that are educated on the most recent data and employ deep learning techniques to detect malicious activities. However, it has been found that the most recent datasets readily available contain a large quantity of benign data, enabling conventional deep learning systems to train on the imbalance data. A high false detection rate result from this. To overcome the aforementioned issues, we suggest a Synthetic Minority Over-Sampling Technique (SMOTE) integrated convolution neural network and bi-directional long short-term memory SCNN-BIDLSTM solution for creating intrusion detection systems. By employing the SMOTE, which integrates a convolution neural network to extract spatial features and a bi-directional long short-term memory to extract temporal information; difficulties are reduced by increasing the minority samples in our dataset. In order to train and evaluate our model, we used open benchmark datasets as CIC-IDS2017, NSL-KDD, and UNSW-NB15 and compared the results with other state of the art models.
Бесплатно
