Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1110
Статья научная
The load scheduling is one of the prime concerns for the computation of tasks in a virtual distributed environment. Many meta-heuristic swarm based optimization methods have been developed for scheduling the load in cloud computing environment. These swarm intelligence based algorithms like PSO play a key role in determining the scheduling of the cloudlets on the VMs in the datacenter. Gravitational Search algorithm based on law of gravity schedules the load in an effective manner. Its potential has not been utilized in cloud for load scheduling. This paper proposes a linear improved gravitational search algorithm in Cloud (LIGSA-C). This presents a new linear gravitational function and cost evaluation function for cloudlets using gravitational search approach in cloud. The results are computed by particles for scheduling 10 cloudlets on 8 VMs in the cloud. The detailed analysis of the result is performed. This paper states that LIGSA-C outperforms the existing algorithms like GSA and PSO for minimized cost.
Бесплатно
Load Balancing Early Handoff Scheme for Multimedia Data Transmission in Wireless Networks
Статья научная
This study developed a load balancing early handoff scheme that enables transfer part of heavy load in a base station to the others using the overlap between base stations in wireless cellular networks. The proposed scheme reduces the new call blocking probability (CBP) and handoff call connection dropping probability (CDP) as well as to increase the resource utilization of wireless networks. Since the scheme is triggered by a connection request received by the base station, it immediately reflects the loading of the base station. The proposed load balancing early handoff policy can be integrated in diverse call admission control schemes. The effectiveness of the load balancing early handoff scheme is demonstrated by integrating it with DMTBR to improve the call admission control function. Additionally, NS2 is used to simulate the load balancing early handoff scheme in a wireless network with wrap-around model. The simulation results show that the proposed scheme can effectively improve the wireless network resource utilization.
Бесплатно
Localization by Salp Swarm Optimization with Doppler Effect in Wireless Sensor Networks
Статья научная
Wireless sensor networks (WSNs) have lately been widely used due to its abundant practice in methods that have to be spread over a large range. In any wireless application, the position precision of node is an important core component. Node localization intends to calculate the geographical coordinates of unknown nodes by the assistance of known nodes. In a multidimensional space, node localization is well-thought-out as an optimization problem that can be solved by relying on any metaheuristic’s algorithms for optimal outputs. This paper presents a new localization model using Salp Swarm optimization Algorithm with Doppler Effect (LOSSADE) that exploit the strengths of both methods. The Doppler effect iteratively considers distance between the nodes to determine the position of the nodes. The location of the salp leader and the prey will get updated using the Doppler shift. The performance validation of the presented approach simulated by MATLAB in the network environment with random node deployment. A detailed experimental analysis takes place and the results are investigated under a varying number of anchor nodes, and transmission range in the given search area. The obtained simulation results are compared over the traditional algorithm along with other the state-of-the-art methods shows that the proposed LOSSADE model depicts better localization performance in terms of robustness, accuracy in locating target node position and computation time.
Бесплатно
Locating all the Frequency Hopping Components Using Multi-species Particle Swarm Optimization
Статья научная
The particle swarm optimization (PSO) algorithm is applied to the problem of blind parameter estimation of frequency hopping signals. For this target, one Time Frequency representation such as Smoothed Pseudo Wigner-Ville Distribution (SPWVD) is computed firstly. Then, the peaks on TF plane are searched using multi-species PSO. Each particle moves around two dimension time and frequency plane and will converge to different species, which seeds represent the centers of frequency hopping components. A numerical study is carried out for signals which are embedded in a very low SNR ratio noise. Results show that the new method is feasible and much more robust than some existing estimation algorithms.
Бесплатно
Location Prediction of Mobility Management Using Soft Computing Techniques in Cellular Network
Статья научная
This work describes the neural network technique to solve location management problem. A multilayer neural model is designed to predict the future prediction of the subscriber based on the past predicted information of the subscriber. In this research work, a prediction based location management scheme is proposed for locating a mobile terminal in a communication without losing quality maintains a good response. There are various methods of location management schemes for prediction of the mobile user. Based on individual characteristic of the user, prediction based location management can be implemented. This work is purely analytical which need the past movement of the subscriber and compared with the simulated one. The movement of the mobile target is considered as regular and uniform. An artificial neural network model is used for mobility management to reduce the total cost. Single or multiple mobile targets can be predicted. Among all the neural techniques multilayer perceptron is used for this work. The records are collected from the past movement and are used to train the network for the future prediction. The analytical result of the prediction method is found to be satisfactory.
Бесплатно
Location Privacy using Homomorphic Encryption over Cloud
Статья научная
Homomorphism is a concept that allows one to perform arbitrary calculations on the cipher text. One of the application of this concept is securing one's location while one uses location based services(LBS). In this paper I have discussed an approach to preserve mobile user's location while accessing some location based service. The mobile user is trying to find the nearest locations of his interest using a mobile application. While doing so he wishes to keep his location coordinates a secret from the server. This is because, these days since servers may be maintained by a third party or a middleware might be involved. There is no scope of trusting anyone in this insecure world. Therefore, since in homomorphic encryption offers a way of making calculations on the cipher text thereby not revealing anything about the plaintext to the server, it becomes a more secure and safer choice for making a system which wants to keep the data protected from the server. Problem Statement: Implementing k-nearest neighbour algorithm while preserving user location privacy using homomorphic encryption.
Бесплатно
Low Complexity Multimedia Encryption
Статья научная
Selective encryption algorithms have been proposed to encrypt syntax elements such as intra prediction modes, the sign bit of nonzero DCT coefficients, along with the sign bit of motion vectors. These syntax elements are sensitive enough to produce effective scrambling effect with a relative low computational cost. In this paper, a novel scheme is proposed to further optimize the computational overhead incurred by the encryption for energy critical multimedia applications. The proposed scheme adjusts the selection of syntax elements to be encrypted according to the scene transitions within adjacent video frames. The ratio of intra-coded macroblocks in inter (P and B) frames is calculated and compared with an adaptive threshold value to detect the scene transitions. Furthermore, based on statistical analysis for a few video sequences, a dynamic threshold model to detect the scene transition is proposed. When there is a scene transition between the previous video frame and the current video frame, intra prediction modes and the sign bit of DCT coefficients in the current frame are chosen as syntax elements to be encrypted, whereas in the absence of a scene transition, the sign bit of motion vectors is chosen as the only sensitive syntax elements to be encrypted. Experimental results show that compared with previous work in this field, the proposed scheme can efficiently lower the computational cost incurred by the encryption while maintaining a similar perceptual scrambling effect.
Бесплатно
Low Level Performance Evaluation of InfiniBand with Benchmarking Tools
Статья научная
InfiniBand is widely accepted as a high performance networking technology for datacenters and HPC clusters. It uses the Remote Direct Memory Access (RDMA) where communication tasks that are typically assigned to CPUs are offloaded to the Channel Adapters (CAs), resulting in a significant increase of the throughput and reduction of the latency and CPU load. In this paper, we make an introduction to InfiniBand and IP over InfiniBand (IPoIB), where the latter is a protocol proposed by the IETF to run traditional socket-oriented applications on top of InfiniBand networks. We also evaluate the performance of InfiniBand using different transport protocols with several benchmarking tools in a testbed. For RDMA communications, we consider three transport services: (1) Reliable Connection, (2) Unreliable Connection, and (3) Unreliable Datagram. For UDP and TCP, we use IPoIB. Our results show significant differences between RDMA and IPoIB communications, encouraging the coding of new applications with InfiniBand verbs. Also, it is noticeable that IPoIB in datagram mode and in connected mode have similar performance for small UDP and TCP payload. However, the differences get important as the payload size increases.
Бесплатно
M2KMIX: Identifying the Type of High Rate Flooding Attacks using a Mixture of Expert Systems
Статья научная
High rate flooding attacks such as SYN flood, UDP flood, and HTTP flood have been posing a perilous threat to Web servers, DNS servers, Mail servers, VoIP servers, etc. These high rate flooding attacks deplete the limited capacity of the server resources. Hence, there is a need for the protection of these critical resources from high rate flooding attacks. Existing detection techniques used in Firewalls, IPS, IDS, etc., fail to identify the illegitimate traffic due to its self-similarity nature of legitimate traffic and suffer from low detection accuracy and high false alarms. Also, very few in the literature have focused on identifying the type of attack. This paper focuses on the identification of type of high rate flooding attack with High detection accuracy and fewer false alarms. The attack type identification is achieved by training the classifiers with different feature subsets. Therefore, each trained classifier is an expert in different feature space. High detection accuracy is achieved by creating a mixture of expert classifiers and the ensemble output decisions are identified by our proposed Preferential Agreement (PA) rule. Our proposed classification algorithm, M2KMix (mixture of two Multi Layer Perceptron and one K-Nearest Neighbor models) differs from the existing solutions in feature selection, error cost reduction, and attack type identification. M2KMix was trained and tested with our own SSE Lab 2011 dataset and CAIDA dataset. Detection accuracy and False Alarms are the two metrics used to analyze the performance of the proposed M2KMix algorithm with the existing output combination methods such as mean, maximum, minimum, and product. From the simulation results, it is evident that M2KMix algorithm achieves high detection accuracy (97.8%) with fewer false alarms than the existing output combination methods. M2KMix identifies three types of flooding attacks, viz., the SYN Flood, UDP flood, and HTTP Flood, effectively with detection accuracy of 100%, 93.75%, and 97.5%, respectively.
Бесплатно
MANETs: QoS and investigations on optimized link state routing protocol
Статья научная
Mobile Ad-Hoc Networks (MANETs) are self-forming, self-healing new generation infrastructure less wireless networks. Principal behind these networks is multi hop radio relaying. MANETs are very useful at locations where networking infrastructure is not available. Major applications of these networks can be accessed at military and emergency rescue operations. MANETs may contain small or large set of network nodes; each and every node requires acting as host and the router. Due to random movements of the nodes, MANETs obtain dynamic network topologies. Routing protocols in MANETs are accountable for establishing efficient and error free communication paths between network nodes. Dynamic network topologies make routing challenging. In order to meet requirement of present day applications and to overcome from routing challenges, routing protocols in mobile ad hoc networks need to perform better in terms of certain QoS (Quality of Service) parameters such as; good throughput, sustained communication links and least delay in establishing a link. In this paper, we have discussed QoS in MANETs and analyzed the OLSR (Optimized Link State Routing), a well-known routing protocol in MANETs for possible improvements in its performance. Here, we have revised attributes of core parameters of the standard OLSR routing model in order to obtain a new OLSR design. Performances of the standard and revised OLSR models have been tested and compared under different network scenarios using network simulator-3 (NS-3). Different QoS and performance evaluating metrics such as; the throughput, packet delivery ratio, end to end delay, packet loss and normalized routing load have been considered for measuring performances of either OLSR routing models. Based on the analysis, it is concluded that the revised OLSR model has shown better performances as compared to standard OLSR routing model.
Бесплатно
MUSIC 2D-DOA Estimation using Split Vertical Linear and Circular Arrays
Статья научная
In this paper, the MUSIC 2D-DOA estimation is estimated by splitting the angle into elevation and azimuth components. This technique is based on an array that is composed by a vertical uniform linear array located perpendicularly at the center of another uniform circular array. This array configuration is proposed to reduce the computational burden faced in MUSIC 2D-DOA estimation where the vertical array is used to determine the elevation DOAs (θs) which are used subsequently to determine the azimuth DOAs (∅s) by the circular array instead of searching in all space of the two angles in the case of using circular array only. The new Split beamformer is investigated and the performance of the MUSIC 2D-DOA under several signal conditions in the presence of noise is studied.
Бесплатно
Статья научная
Software-Defined Networking is a new network architecture that separates control and data planes. It has central network control and programmability facilities, so it improves manageability, scaling, and performance. However, it may suffer from creating a single point of failure against the controller, which represents the network control plane. So, defending the controller against attacks such as a distributed denial of service attack is a valuable and urgent issue. The advances of this paper are to implement an accurate and significant method to detect this attack with high accuracy using machine learning-based algorithms exploiting new advanced features obtained from traffic flow information and statistics. The developed model is trained with kernel radial basis function. The technique uses advanced features such as unknown destination addresses, packets inter-arrival time, transport layer protocol header, and type of service header. To the best knowledge of the authors, the proposed approach of the paper had not been used before. The proposed work begins with generating both normal and attack traffic flow packets through the network. When packets reach the controller, it extracts their headers and performs necessary flow calculations to get the needed features. The features are used to create a dataset that is used as an input to linear support vector machine classifier. The classifier is used to train the model with kernel radial basis function. Methods such as Naive Bayes, K-Nearest Neighbor, Decision Tree, and Random Forest are also utilized and compared with the SVM model to improve the detection operation. Hence, suspicious senders are blocked and their information is stored. The experimental results prove that the proposed technique detects the attack with high accuracy and low false alarm, compared to other related techniques.
Бесплатно
Machine Learning-based Intrusion Detection Technique for IoT: Simulation with Cooja
Статья научная
The Internet of Things (IoT) is one of the promising technologies of the future. It offers many attractive features that we depend on nowadays with less effort and faster in real-time. However, it is still vulnerable to various threats and attacks due to the obstacles of its heterogeneous ecosystem, adaptive protocols, and self-configurations. In this paper, three different 6LoWPAN attacks are implemented in the IoT via Contiki OS to generate the proposed dataset that reflects the 6LoWPAN features in IoT. For analyzed attacks, six scenarios have been implemented. Three of these are free of malicious nodes, and the others scenarios include malicious nodes. The typical scenarios are a benchmark for the malicious scenarios for comparison, extraction, and exploration of the features that are affected by attackers. These features are used as criteria input to train and test our proposed hybrid Intrusion Detection and Prevention System (IDPS) to detect and prevent 6LoWPAN attacks in the IoT ecosystem. The proposed hybrid IDPS has been trained and tested with improved accuracy on both KoU-6LoWPAN-IoT and Edge IIoT datasets. In the proposed hybrid IDPS for the detention phase, the Artificial Neural Network (ANN) classifier achieved the highest accuracy among the models in both the 2-class and N-class. Before the accuracy improved in our proposed dataset with the 4-class and 2-class mode, the ANN classifier achieved 95.65% and 99.95%, respectively, while after the accuracy optimization reached 99.84% and 99.97%, respectively. For the Edge IIoT dataset, before the accuracy improved with the 15-class and 2-class modes, the ANN classifier achieved 95.14% and 99.86%, respectively, while after the accuracy optimized up to 97.64% and 99.94%, respectively. Also, the decision tree-based models achieved lightweight models due to their lower computational complexity, so these have an appropriate edge computing deployment. Whereas other ML models reach heavyweight models and are required more computational complexity, these models have an appropriate deployment in cloud or fog computing in IoT networks.
Бесплатно
Malware Classification with Improved Convolutional Neural Network Model
Статья научная
Malware is a threat to people in the cyber world. It steals personal information and harms computer systems. Various developers and information security specialists around the globe continuously work on strategies for detecting malware. From the last few years, machine learning has been investigated by many researchers for malware classification. The existing solutions require more computing resources and are not efficient for datasets with large numbers of samples. Using existing feature extractors for extracting features of images consumes more resources. This paper presents a Convolutional Neural Network model with pre-processing and augmentation techniques for the classification of malware gray-scale images. An investigation is conducted on the Malimg dataset, which contains 9339 gray-scale images. The dataset created from binaries of malware belongs to 25 different families. To create a precise approach and considering the success of deep learning techniques for the classification of raising the volume of newly created malware, we proposed CNN and Hybrid CNN+SVM model. The CNN is used as an automatic feature extractor that uses less resource and time as compared to the existing methods. Proposed CNN model shows (98.03%) accuracy which is better than other existing CNN models namely VGG16 (96.96%), ResNet50 (97.11%) InceptionV3 (97.22%), Xception (97.56%). The execution time of the proposed CNN model is significantly reduced than other existing CNN models. The proposed CNN model is hybridized with a support vector machine. Instead of using Softmax as activation function, SVM performs the task of classifying the malware based on features extracted by the CNN model. The proposed fine-tuned model of CNN produces a well-selected features vector of 256 Neurons with the FC layer, which is input to SVM. Linear SVC kernel transforms the binary SVM classifier into multi-class SVM, which classifies the malware samples using the one-against-one method and delivers the accuracy of 99.59%.
Бесплатно
Malware-Free Intrusions: Exploitation of Built-in Pre-Authentication Services for APT Attack Vectors
Статья научная
Advanced Persistent Threat (APT) actors seek to maintain an undetected presence over a considerable duration and therefore use a myriad of techniques to achieve this requirement. This stealthy presence might be sought on the targeted victim or one of the victims used as pawns for further attacks. However, most of the techniques involve some malicious software leveraging the vulnerability induced by an exploit or leveraging the ignorance of the benign user. But then, malware generates a substantial amount of noise in form of suspicious network traffic or unusual system calls which usually do not go undetected by intrusion detection systems. Therefore, an attack vector that generates as little noise as possible or none at all is especially attractive to ATP threat actors as this perfectly suits the objective thereof. Malware-free intrusions present such attack vectors and indeed are difficult to detect because they mimic the behavior of normal applications and add no extra code for signature detection or anomaly behavior. This paper explores malware-free intrusions via backdoors created by leveraging the available at pre-authentication system tools availed to the common user. We explore two attack vectors used to implant the backdoor and demonstrate how such is accessible over the network via remote access while providing the highest level of system access. We further look at prevention, detection and mitigation measures which can be implemented in the case of compromise.
Бесплатно
MapReduce Algorithm for Single Source Shortest Path Problem
Статья научная
Computing single source shortest path is a popular problem in graph theory, extensively applied in many areas like computer networks, operation research and complex network analysis. SSSP is difficult to parallelize efficiently as more parallelization leads to more work done by any algorithm. MapReduce is a popular programming framework for large data processing in distributed and cloud environments. In this paper, we have proposed MR-DSMR, a Map reduce version of Dijkstra Strip-mined Relaxation (DSMR) algorithm and MR3-BFS algorithms. We have compared the performance of both the algorithms with BFS. It is observed that MR-DSMR takes lesser communication and computation time compared to existing algorithms.
Бесплатно
Mean Response Time Approximation for HTTP Transactions over Transport Protocols
Статья научная
This paper addresses mean response time that end-users experience when using the Internet. HTTP (Hyper Text Transfer Protocol) is a widely used transfer protocol to retrieve web objects in the Internet. Generally, HTTP uses TCP (Transmission Control Protocol) in a transport layer. But it is known that HTTP interacts with TCP inefficiently. As an example of such inefficiencies, HTTP does not require TCP to deliver the rigid order, which may cause head-of-line blocking. As another transport layer protocol, SCTP (Stream Control Transmission Protocol) has attractive features such as multi-streaming and multi-homing unlike TCP. Within an SCTP association, multi-streaming allows for independent delivery among streams, thus can avoid the head-of-line blocking. In addition, SCTP provides very large number of streams; therefore, it can transfer multiple objects more efficiently than the typical HTTP/1.1 over TCP which limits the number of pipelines. Mean response time is one of the main measures that end users using Internet concern. This paper presents the simple analytical model and algorithm to find the mean response time for HTTP over SCTP including the previous HTTP over TCP. Some computational experiences show that the proposed model and algorithm are well approximated to the real environment. Also, it is shown that mean response time for HTTP over SCTP can be less than that for HTTP over TCP.
Бесплатно
Measuring Corporate Social Responsibility Based on a Fuzzy Analytical Hierarchy Process
Статья научная
With increasing social awareness on the issue of corporate social responsibility (CSR), the measurement of CSR has received considerable attention in both academic literature and managerial practice. Following a review of CSR theory development and the literature on measures of CSR, this paper proposes a systematic approach to measure CSR using fuzzy analytical hierarchy process (FAHP). In addition, a preliminary investigation is presented to explain how the approach can help in evaluating CSR in practice.
Бесплатно
Статья научная
Steganography is the discipline of invisible communication by hiding the exchanged secret information (message) in another digital information media (image, video or audio). The existence of the message is kept indiscernible in sense that no one, other than the intended recipient, suspects the existence of the message. The majority of steganography techniques are implemented either in spatial domain or in frequency domain of the digital images while the embedded information can be in the form of plain or cipher message. Medical image steganography is classified as a distinctive case of image steganography in such a way that both the image and the embedded information have special requirements such as achieving utmost clarity reading of the medical images and the embedded messages. There is a contention between the amount of hidden information and the caused detectable distortion of image. The current paper studies the degradation of the medical image when undergoes the steganography process in the frequency domain.
Бесплатно
Статья научная
Internets of Things (IoT) are distinguished by different devices, which support the ability to provide innovative services in various applications. The main aspects of security which involves maintaining confidentiality and authentication of data, integrity within the IoT network, privacy and trust among IoT devices are important issues to be addressed. Conventional security policies cannot be used directly to IoT devices due to the limitation of memory and high power consumption factors. One of the security breaches in the intranet is lack of encryption due to the IoT devices infrastructure. The basic IoT devices are 8-bit, low-cost, limited memory and power consumption devices which limit the complex algorithm execution. The key distribution is another major challenge in IoT network. This paper proposes a solution to transmitting messages by adopting Random Number generation and distribution of session key for every message without any difficulty. It gives better result to resist from the brute force attack in a network.
Бесплатно
