Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1110
Information Leakage Prevention Using Virtual Disk Drive
Статья научная
The worst news for information technology people are computer has been stolen or lost. The actual problem is the loss of the data stored on the hard drive that can fall into the wrong hands. However, users of information system and laptops computers are facing real problems with due to intruders using attack techniques when they are connected to the network and lost or stolen computers. In order to protect your organization against information leakage you should encrypt this data by only allowing the user with access to the encryption key to view the data, authorized application usage, and control who gets access to specific types of data. This work focuses on confidentiality of secure information storage. In addition, it presents the model to create of a Virtual Disk Drive (VDD) on MS Windows, that appear to the user (after the mounting process) as hard disks, but that are really stored as ciphered files on a file system. The proposed VDD prevents dictionary attacks and brute force attacks by incorporating a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) in the login mechanism. The authentication method for the VDD login is based upon a 3-D image CAPTCHA. All components of this work are integrated in one security VDD tool called "SecDisk".
Бесплатно
Статья научная
Election Commission of X City is an institution that serves as the organizer of elections in the X City, which has a website as a medium in the delivery of information to the public and as a medium for the management and structuring of voter data in the domicile of X City. As a website that stores sensitive data, it is necessary to have risk management aimed at improving the security aspects of the website of Election Commission of X City. The Information System Security Assessment Framework (ISSAF) is a penetration testing standard used to test website resilience, with nine stages of attack testing which has several advantages over existing security controls against threats and security gaps, and serves as a bridge between technical and managerial views of penetration testing by applying the necessary controls on both aspects. Penetration testing is carried out to find security holes on the website, which can then be used for assessment on ISO 31000 risk management which includes the stages of risk identification, risk analysis, and risk evaluation. The main findings of this study are testing a combination of penetration testing using the ISSAF framework and ISO 31000 risk management to obtain the security risks posed by a website. Based on this research, obtained the results that there are 18 security gaps from penetration testing, which based on ISO 31000 risk management assessment there are two types of security risks with high level, eight risks of medium level security vulnerabilities, and eight risks of security vulnerability with low levels. Some recommendations are given to overcome the risk of gaps found on the website.
Бесплатно
Статья научная
In the modern world, the military sphere occupies a very high place in the life of the country. At the same time, this area needs quick and accurate solutions. This decision can greatly affect the unfolding of events on the battlefield and indicate that they must be used carefully, using all possible means. During the war, the speed and importance of decisions are very important, and we note that the relevance of this topic is growing sharply. The purpose of the work is to create a comprehensive information system that facilitates the work of commanders of tactical units, which organizes the visualization and classification of aerial objects in real-time, the classification of objects for radio-technical intelligence, the structuring of military information and facilitates the perception of military information. The object of research/development is a phenomenon that creates a problematic problem, has the presence of slowing factors in the process of command and control, using teams of tactical links, which can slow down decision-making, as well as affect their correctness. The research/development aims to address emerging bottlenecks in the command-and-control process performed by tactical link teams, providing improved visualization, analysis and work with military data. The result of the work is an information system for processing military data to help commanders of tactical units. This system significantly improves on known officer assistance tools, although it includes a set of programs that have been used in parallel on an as-needed basis. Using modern information technologies and ease of use, the system covers problems that may arise for commanders. Also, each program included in the complex information system has its degree of innovation. The information system for structuring military information is distinguished by the possibility of use on any device. The information system for the visualization and clustering of aerial objects and the information system for the classification of objects for radio technical intelligence are distinguished by their component nature. This means that the application can use sources of input information and provides an API to use other processing information. Regarding the information system for integration into information materials, largely unknown terms and abbreviations are defined, so such solutions, cannot integrate the required data into real documents. Therefore, using this comprehensive information system, the command of tactical units will have the opportunity to improve the quality and achieve the command-and-control process.
Бесплатно
Innovative Method for Enhancing Key Generation and Management in the AES-Algorithm
Статья научная
With the extraordinary maturity of data exchange in network environments and increasing the attackers capabilities, information security has become the most important process for data storage and communication. In order to provide such information security the confidentiality, data integrity, and data origin authentication must be verified based on cryptographic encryption algorithms. This paper presents a development of the advanced encryption standard (AES) algorithm, which is considered as the most eminent symmetric encryption algorithm. The development focuses on the generation of the integration between the developed AES based S-Boxes, and the specific selected secret key generated from the quantum key distribution.
Бесплатно
Integer Programming Models for Task Scheduling and Resource Allocation in Mobile Cloud Computing
Статья научная
In traditional mobile cloud computing, user tasks are uploaded and processed on a cloud server over the Internet. Due to the recent rapid increase in the number of mobile users connected to the network, due to overload of the Internet communication channels, there are significant delays in the delivery of data processed on cloud servers to the user. Furthermore, it complicates the optimal scheduling of the tasks of many users on cloud servers and the delivery of results. Scheduling is an approach used to reduce the tasks execution time by ensuring a balanced distribution of user tasks on cloud servers. The goal of scheduling is to ensure selection of appropriate resources to handle tasks quickly, taking into account user requirements. Whereas the goal of cloud service providers is to provide users with the required resources through performing effective scheduling so that both the user and the service provider can benefit. The article proposes a scheduling model to reduce processing time, network latency, and power consumption of mobile devices through optimal task placement in the cloudlet network in a mobile cloud computing environment.
Бесплатно
Статья научная
Today, there are known the basic principles of decision-making on the safety control of distributed computer systems in the face of uncertainty and risk. However, in this area there are no practical methods for the quantitative risk analysis and assessment, taking into account the dynamic changes of security threats, which is typical for distributed computer systems. In this paper is suggested an approach to assesment and minimization of the security risks, which allows to reduce the potential losses due to the realization of threats, to analyze the dynamics of intrusions into computer systems and to select the effective security tools. As a result, there is designed the structure of the tools for risk minimization in the distributed computer systems and are formalized the main functions of this structure. Also, in the paper is suggested the assessment of risk factors of the security threats and the probability of the threats realization, which are based on their division into appropriate groups. The proposed tools for security risk minimization allow effectively identify, classify and analyze threats to the security of the distributed computing systems.
Бесплатно
Статья научная
With attackers discovering more inventive ways to take advantage of network weaknesses, the pace of attacks has drastically increased in recent years. As a result, network security has never been more important, and many network intrusion detection systems (NIDS) rely on old, out-of-date attack signatures. This necessitates the deployment of reliable and modern Network Intrusion Detection Systems that are educated on the most recent data and employ deep learning techniques to detect malicious activities. However, it has been found that the most recent datasets readily available contain a large quantity of benign data, enabling conventional deep learning systems to train on the imbalance data. A high false detection rate result from this. To overcome the aforementioned issues, we suggest a Synthetic Minority Over-Sampling Technique (SMOTE) integrated convolution neural network and bi-directional long short-term memory SCNN-BIDLSTM solution for creating intrusion detection systems. By employing the SMOTE, which integrates a convolution neural network to extract spatial features and a bi-directional long short-term memory to extract temporal information; difficulties are reduced by increasing the minority samples in our dataset. In order to train and evaluate our model, we used open benchmark datasets as CIC-IDS2017, NSL-KDD, and UNSW-NB15 and compared the results with other state of the art models.
Бесплатно
Integrity Analysis of Multimedia File Transmission between Mobile Phones
Статья научная
Mobile forensics deals with evidence from mobile devices. Data recovered from the mobile devices are helpful in investigation to solve criminal cases. It is crucial to preserve the integrity of these data. According to research carried out [1], it has been noted that not all data extracted from mobile phones have discrepancies in hash values during integrity verification. It has been reported that only the Multimedia Messaging Service message type showed a variation in hash values when performing data extraction. The main objective in this work is to study the variance in the content of the graphic files transferred between mobile phones via Bluetooth or MMS. We also determine the causes of such variations, if any, while checking the graphics file integrity. Different parameters including distance and file format have been varied and a series of test were conducted using: mobile sets of same make same model, same make different model and different make different model on different graphic file formats of different sizes. Results obtained confirmed that there was no alteration of graphic files during Bluetooth transmission. However, while transmitting the graphic files through Multimedia Messaging Service, results showed notable alteration level for graphic files of certain file format and size.
Бесплатно
Статья научная
The data aggregation is a widely used energy-efficient mechanism in wireless sensor Networks (WSNs), by avoiding the redundant data transmitting to base station. The deployment of wireless communicating sensor nodes in the hostile or unattended environment causes attack more easily and the resource limited characteristics make the conventional security algorithms infeasible, hence protecting privacy and integrity during data aggregation is a challenging task. The privacy of a sensor data ensures, it is known only to itself and the integrity guarantees sensor data has not tampered during data aggregation. The Integrity Protecting Privacy preserving Data Aggregation (IPPDA) protocols ensures a robust and accurate results at the base station. This paper summarises on such IPPDA protocols during data aggregation.
Бесплатно
Intelligent Rate Adaptation Based on Improved Simulated Annealing Algorithm
Статья научная
This paper analyzes the PHY layer of IEEE 802.11 standards for a variety of transmission rates, after learning that MAC layer does not provide adaptive approach for rate control. With the study of various adaptive algorithms, the SAARF (Simulated Annealing Auto Rate Fallback) protocol based on simulated annealing algorithm is proposed on rate adaptation in MAC Layer, which can adaptively adjust transmitting rate. Compared with ARF (Auto Rate Fallback) protocol, SAARF can more effectively improve network performance from the simulation results.
Бесплатно
Intelligent Reduction in Signaling Load of Location Management in Mobile Data Networks
Статья научная
Massive increase in the mobile data traffic volume has recently resulted in a big interest towards the distributed mobility management solutions that aim to address the limitations and drawbacks of centralized mobility management. Location management is an important requirement in a distributed mobility management environment. To provide seamless Internet data services to a mobile node, the location of a mobile node is stored and periodically updated on a location server through a location update message that is sent by the mobile node. In this paper, we propose an intelligent approach of setting the period of sending location update messages on the basis of a mobile node's patterns of data sessions and IP handovers. We use a machine learning approach on the location server. The results show that our approach significantly reduces the signaling load of the location management and the overall reduction is more than 50%.
Бесплатно
Intelligent Routing using Ant Algorithms for Wireless Ad Hoc Networks
Статья научная
Wireless network is one of the niche areas and has been a growing interest owing to their ability to control the physical environment even from remote locations. Intelligent routing, bandwidth allocation and power control techniques are the known critical factors for this network communication. It is customary to find a feasible path between the communication end point which is a challenging task in this type of network. The present study proposes an Ant Mobility Model (AMM), an on-demand, multi-path routing algorithm that exercises power control and coordinate the nodes to communicate with one another in wireless network. The main goal of this protocol is to reduce the overhead, congestion, and stagnation, while increasing the throughput of the network. It can be realized from the simulation results that AMM proves to be a promising solution for the mobility pattern in wireless networks like MANETs.
Бесплатно
Intelligent Wireless Sensor Network System to shrink Suspected Terror from Militants
Статья научная
In current scenario, there are always impending threats from militants and terrorists within and out of a country. The sensor networks play a vital role in minimizing the loss of human lives in the event of usual calamity and artificial sabotage created by terrorists. The sensor networks can be successfully deployed in any difficult geographical terrains where manual round-the-clock surveillance is highly impossible. Energy aware routing is immensely helpful to sensor networks in the aspect of extending the life span of the WSNs. In this paper, an automatic suspected terror system based on wireless sensor networks is developed, which is designed for high-rise metro structure. In order to provide early extinguish of impending threats by putting any bomb, large numbers of detectors which periodically measure noise, smell, infringement, vibration, temperature concentration, unidentified stranger photo are deployed from major streets. Those scattered detectors report their monitoring information to the surveillance center via the self-organizing hierarchical intelligent wireless sensor networks (IWSN). Test results from it show that the automatic suspected terror system achieves the design requirements.
Бесплатно
Intelligent energy aware fidelity based on-demand secure routing protocol for MANET
Статья научная
Mobile Ad-Hoc Networks are very flexible networks, since they do not depend on any infrastructure or central authority. Due to this property, MANETs are highly ubiquitous in defense, commercial and public sectors. Despite the usage, MANET faces problems with security, packet drops, network overhead, end-to-end delay and battery power. To combat these shortcomings, we have proposed a new trust based on-demand routing protocol that can adapt to the specific energy conditions of nodes in a MANET. It uses the concept of fidelity which varies depending on packet drops. This fidelity is monitored through direct and indirect methods. The main aim of the protocol is to develop a model that considers both trust and battery power of the nodes, before selecting them as prospective nodes for secure transmission of data. With dynamic battery threshold calculations, the nodes make an intelligent choice of the next hop, and packet losses are effectively minimized. In addition to providing data origin authentication services, integrity checks, the proposed “Intelligent Energy Aware Fidelity Based On-Demand Secure Routing (IEFBOD)” protocol is able to mitigate intelligent, colluding malicious agents which drop packets or modify packets etc. that they are required to forward. New packets called report and recommendation have been used to effectively detect and eliminate these malicious nodes from a network. Our protocol has been compared to other existing secure routing protocols using simulation, and it displays improved performance metrics, namely high packet delivery fraction, low normalized routing load and low end-to-end delay.
Бесплатно
Inter integrated WSN for crude oil pipeline monitoring
Статья научная
An inter-integrated system for crude oil pipeline using Wireless Sensor Network is designed for an incessant monitoring and communication in the desert for a span of 1350 Km from pumping station to harbor stockpiling tanks with 135 distributed control system stations. The proposed wireless sensor network equipment is used to scan the sensor status installed in the pipeline and send the required information utilizing dedicated low bandwidth with Quality of Service level three secured Message Queuing Telemetry Transport. This system generates energy on its own by using the solar panel and stores it in battery banks. Low power controller with Wi-Fi developed by Texas Instruments has been utilized to design a working prototype.
Бесплатно
Interaction of High Speed TCPs with Recent AQMs through Experimental Evaluation
Статья научная
Congestion control approaches, source based approach and router based approach have their own limitations. In source based approach, it is difficult to get correct location of congestion and without proper admission control; we cannot effectively manage the congestion problem. Thus both the approaches have to work in coordination for effective congestion control. In this context, an interaction study plays an important role to verify how a TCP implemented at source end works with Active Queue Management at router end. In this paper, we analyzed the performance of different high speed TCP variants at the source end with some recent AQM approaches: CoDel and sfqCoDel. The main objective of this work is to obtain the interaction patterns of different high speed TCP variants like: HTCP, Compound, HSTCP, Scalable and Cubic with recently proposed AQMs: CoDel and sfqCoDel. Simulation results show that that if we want to achieve a better throughput, minimum delay and improved fairness simultaneously, Cubic-sfqCoDel may be a good choice of TCP-AQM combinations for high speed networks.
Бесплатно
Interconnect network on chip topology in multi-core processors: a comparative study
Статья научная
A variety of technologies in recent years have been developed in designing on-chip networks with the multicore system. In this endeavor, network interfaces mainly differ in the way a network physically connects to a multicore system along with the data path. Semantic substances of communication for a multicore system are transmitted as data packets. Thus, whenever a communication is made from a network, it is first segmented into sub-packets and then into fixed-length bits for flow control digits. To measure required space, energy & latency overheads for the implementation of various interconnection topologies we will be using multi2sim simulator tool that will act as research bed to experiment various tradeoffs between performance and power, and between performance and area requires analysis for further possible optimizations.
Бесплатно
Interference effect of ACL’s and SCO’s IEEE 802.15 transmission on IEEE 802.11 performance
Статья научная
This study aims to investigate the effect of Bluetooth on WLAN 802.11 performance. In contrast to other studies, we distinguish bluetooth into two mechanisms, namely Asynchronous Connectionless (ACL) and Synchronous Connection-Oriented (SCO). Various scenarios (with range variation between the sender node and the access point (AP) and also the presence of ACL or SCO transmission as interference) was designed to conduct experiment. In general, experiment was conducted with two nodes that act as sender and receiver node that connected through internet. In addition, to determine the effect of bluetooth on WLAN performance we use several test parameters, which are received signal strength indication (RSSI), signal to noise ratio (SNR), upstream and downstream, jitter, and packet loss rate (PLR). The study revealed the both ACL and SCO did not significantly affect WLAN performance, because they can only reduce the performance based on certain parameters and scenarios. But when they were compared, SCO has worst effect on WLAN performance, particularly on upstream, jitter, and PLR.
Бесплатно
Internet of Things: A Review on Technologies, Architecture, Challenges, Applications, Future Trends
Статья научная
World Wide Web (1990's) and Mobile Internet (the 2000's) had consequential corroborated the way how people communicate. However, with evolution in technology, the cataclysm of Internet has stepped into a new phase-Internet of Things. Internet of Things, a prominent paradigm in the field of IT having a nominal intervention of humans allowing diverse things to communicate with each other, anticipate, sight, and perceive surroundings. IoT exploits RFID tags, NFC, sensors, smart bands, and wired or wireless communication technologies to build smart surroundings, smart Homes, quick-witted intelligence in medical care, ease of Transport, and more. This paper introduces IoT with emphasis on its driver technologies and system architecture. In addition to application layer protocols, we focus on identifying various issues and application areas of IoT as well as future research trends in the field of IoT. We have also highlighted how big data is associated with Internet of Things.
Бесплатно
Статья научная
The Internet is a communication network where two or more than two users communicate and exchange the data. Black hole attack is a security threat in which a malicious node drops some or all of the packets. The proposed framework implements a biometric authentication system into the communication network to verify the user and to save the user from any internal or external threat. The main objective is to integrate the biometric security with the communication network. The attack is supposed to be a Black hole which has been considered as a smart attack. Feature extraction of Fingerprint dataset will be done using minutiae extractor. This will extract ridge endings and ridge bifurcation from the thinned image. Genetic algorithm is usedto reduce the features to useful pool. If the user is authentic only then prevention mechanism against black hole is applied. Genetic Algorithm is used to find out black hole node based on the fitness function. Proposed model’s performance is evaluated using various metrics like delay, throughput, energy consumption and packet delivery ratio.
Бесплатно
