International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1188
Статья научная
Mobile Ad-hoc Network (MANET) is mostly decentralized and self-adjustable network system. It is significant to optimize the overall network energy utilization and improve packet sending performance by reducing the errors, generated due to different real-life environmental effects. In this paper, considering atmospheric, environmental change and varying distance for topological change, we try to generate the routing cost. By introducing m-minimum (membership value as m) triangular fuzzy number at interval based cost and energy of the network, we try to handle the uncertain environment. Here we generate both fuzzy minimum spanning tree (FMST) for a given n- nodes network and p-node fuzzy multicast minimum spanning tree (pFMMST), in fuzzy interval based format. Applying the fuzzy credibility distribution we modify the network routing cost and energy utilization for both FMST and pFMMST. Comparing the routing cost and residual energy for FMST and pFMMST of MANET, it is concluded that, pFMMST is better FMST based packet routing approach, with minimum routing cost, optimized total energy utilization and best possible technique to reduce the error which is generated due to the deviation of interval of upper and lower limit data in route cost and residual energy.
Бесплатно
Improvising QoS through Cross-Layer Optimization in MANETs
Статья научная
In Mobile Adhoc Networks (MANETs), nodes are mobile and interact through wireless links. Mobility is a significant advantage of MANETs. However, due to the unpredictable nature of mobility, the link may fail frequently, degrading the Quality of Service (QoS) of MANETs applications. This paper outlines a novel Ad hoc On-Demand Distance Vector with Proactive Alternate Route Discovery (AODV-PARD) routing protocol that uses signal strength-based link failure time estimation. The node predicts the link failure time and warns the upstream node through a warning message about the failure. On the basis of this information, a mechanism for identifying alternate routes is started in order to reroute traffic to the alternate route prior to the link failure. It significantly reduces packet loss and improves all the QoS parameters. The suggested protocol is compared to the traditional Ad hoc On-Demand Distance Vector (AODV) routing protocol and shows that the outlined protocol results in an improvement in QoS.
Бесплатно
Increasing the Efficiency of IDS Systems by Hardware Implementation of Packet Capturing
Статья научная
Capturing is the first step in intrusion detection system (IDS). Having wire speed, omitting the OS from capturing process and no need for making a copy of packets from the system’s environment to the user’s environment are some of the system characteristics. If these requirements are not met, packet capture system is considered as the main bottleneck of IDS and the overall efficiency of this system will be influenced. Presence of all these three characteristics calls for utilization of hardware methods. In this paper, by using of FPGA, a line sniffing and load balancing system are designed in order to be applied in IDS systems. The main contribution of our work is the feasibility of attaching labels to the beginning part of each packet, aiming at quick easy access of other IDS modules to information of each packet and also reducing workload of these modules. Packet classification in the proposed system can be configured to 2, 3, and 5 tuple, which can also be applied in IDS detection module in addition to load balancing part of this system. Load balancing module uses Hash table and its Hash function has the least flows collisions. This system is implemented on a set of virtex 6 and 7 families and is able to capture packets 100% and perform the above mentioned processes by speed of 12 Gbit/s.
Бесплатно
Inculcating global optimization in ZRP through newfangled firefly algorithm
Статья научная
Zone Routing Protocol (ZRP) has evolved as an efficient hybrid routing protocol with extremely high potentiality owing to the integration of two radically different schemes, proactive and reactive in such a way that a balance between control overhead and latency is achieved while maintaining routng and security concerns. The execution of ZRP in any case, is affected by different system conditions, for example, zone span, arrange measure, portability and so forth. The exploration work depicted in this paper centers around enhancing the execution of zone steering convention by lessening the measure of receptive traffic which is fundamentally in charge of corrupted system execution in the event of extensive systems. The methodology is structured to such an extent that the zone range of the system stays unaffected while accomplishing better QOS(Quality of Service) execution alongside productive memory utilization.This is actualized by utilizing two calculations. The principal calculation is intended to adjust the measure of proactive and receptive traffic without expanding the zone sweep dependent on the collection of courses in a focal overseer called Head.The utilization of Route Aggregation(RA) approach helps in decreasing the steering overhead and furthermore help accomplish execution optimization.The execution of proposed convention is evaluated under fluctuating hub size and versatility. The second calculation called the firefly streamlining calculation intends to accomplish worldwide enhancement which is very hard to accomplish due to non-linearity of capacities and multimodality of calculations. Different customary improvement procedures like angle based methods, tree based calculations need to manage such issues so this exploration based work uses the meta-heuristic calculation; it takes focal points of both course total and firefly calculations to upgrade QOS of Mobile Ad-hoc Network. For execution assessment a lot of benchmark capacities are being embraced like, parcel conveyance proportion and start to finish postponement to approve the proposed methodology. Recreation results delineate better execution of proposed brand new Firefly Algorithm (FRA) when contrasted with ZRP and RA-ZRP.
Бесплатно
Статья научная
In this manuscript, an Individual Updating Strategies-based Elephant Herding Optimization Algorithm are proposed to facilitate the effective load balancing (LB) process in cloud computing. Primary goal of proposed Individual Updating Strategies-based Elephant Herding Optimization Algorithm focus on issuing the workloads pertaining to network links by the purpose of preventing over-utilization and under-utilization of the resources. Here, NIUS-EHOA-LB-CE is proposed to exploit the merits of traditional Elephant Herd Optimization algorithm to achieve superior results in all dimensions of cloud computing. In this NIUS-EHOA-LB-CE achieves the allocation of Virtual Machines for the incoming tasks of cloud, when the number of currently processing tasks of a specific VM is less than the cumulative number of tasks. Also, it attains potential load balancing process differences with the help of each individual virtual machine’s processing time and the mean processing time (MPT) incurred by complete virtual machine. Efficacy of the proposed technique activates the Cloudsim platform. Experimental results of the proposed method shows lower Mean Response time 11.6%, 18.4%, 20.34%and 28.1%, lower Mean Execution Time 78.2%, 65.4%, 40.32% and 52.6% compared with existing methods, like Improved Artificial Bee Colony utilizing Monarchy Butterfly Optimization approach for Load Balancing in Cloud Environments (IABC-MBOA-LB-CE), An improved Hybrid Fuzzy-Ant Colony Algorithm Applied to Load Balancing in Cloud Computing Environment (FACOA-LB-CE), Hybrid firefly and Improved Multi-Objective Particle Swarm Optimization for energy efficient LB in Cloud environments (FF-IMOPSO-LB-CE) and A hybrid gray wolf optimization and Particle Swarm Optimization algorithm for load balancing in cloud computing environment (GWO-PSO-LB-CE).
Бесплатно
Indoor Channel Modelling for PLC Network in MIMO Context
Статья научная
This paper presents a comprehensive study on the modeling of power line communication (PLC) channels in a MIMO (Multiple Input Multiple Output) environment. PLC systems utilize existing electrical infrastructure to transmit data, but the complexity of these channels, characterized by multipath propagation and inter-symbol interference (ISI), poses significant challenges for designing robust and efficient systems. In this study, we rigorously compare two approaches to PLC channel modelling, which are as follows: the empirical approach and the deterministic approach. The empirical approach relies on the analysis of experimental data to derive statistical models of the channel, offering a realistic representation based on concrete observations. In contrast, the deterministic approach employs theoretical principles and electromagnetic equations to model the channel behavior, providing a detailed description of propagation phenomena. The obtained results demonstrate the significant impact of multipath propagation on the performance of PLC communication systems, highlighting the limitations of empirical models in various scenarios and the increased accuracy of deterministic models. This comparative study conducted in this work highlights the advantages and limitations of each approach and proposes solutions to optimize the performance of power line communication networks.
Бесплатно
Industrial Control Systems Honeypot: A Formal Analysis of Conpot
Статья научная
Technologies used in ICS and Smart Grid are overlapping. The most discussed attacks on ICSs are Stuxnet and Black energy malware. The anatomy of these attacks not only pointed out that the security of ICS is of prime concern but also demanded to execute a proactive approach in practicing ICS security. Honeypot is used to implement defensive measures for security. The Honeynet group released Honeypot for ICS labelled as Conpot in 2013. Though the Conpot is low interactive Honeypot, it emulates processes of different cyber-physical systems, typically Smart Grid. In the literature, the effectiveness of Honeypot operations was studied by challenging limitations of the existing setup or proposing new variants. Similar approaches are followed for Conpot evaluation. However, none of the work addressed a formal verification method to verify the engagement of Honeypot, and this makes the presented work unique. For proposed work, Coloured Petri Net (CPN) tool is used for formal verification of Conpot. The variants of Conpot are modelled, including initial state model, deadlock state model and livelock model. Further evaluation of these models based on state space analysis results confirmed that Conpot could lure an attacker by engaging him in an infinite loop and thereby limiting the scope of the attacker from exploring and damaging the real-time systems or services. However, in the deadlock state, the attacker’s activity in the conpot will be restricted and will be unable to proceed further as the conpot model incorporates deadlock loop.
Бесплатно
Information Leakage Prevention Using Virtual Disk Drive
Статья научная
The worst news for information technology people are computer has been stolen or lost. The actual problem is the loss of the data stored on the hard drive that can fall into the wrong hands. However, users of information system and laptops computers are facing real problems with due to intruders using attack techniques when they are connected to the network and lost or stolen computers. In order to protect your organization against information leakage you should encrypt this data by only allowing the user with access to the encryption key to view the data, authorized application usage, and control who gets access to specific types of data. This work focuses on confidentiality of secure information storage. In addition, it presents the model to create of a Virtual Disk Drive (VDD) on MS Windows, that appear to the user (after the mounting process) as hard disks, but that are really stored as ciphered files on a file system. The proposed VDD prevents dictionary attacks and brute force attacks by incorporating a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) in the login mechanism. The authentication method for the VDD login is based upon a 3-D image CAPTCHA. All components of this work are integrated in one security VDD tool called "SecDisk".
Бесплатно
Статья научная
Election Commission of X City is an institution that serves as the organizer of elections in the X City, which has a website as a medium in the delivery of information to the public and as a medium for the management and structuring of voter data in the domicile of X City. As a website that stores sensitive data, it is necessary to have risk management aimed at improving the security aspects of the website of Election Commission of X City. The Information System Security Assessment Framework (ISSAF) is a penetration testing standard used to test website resilience, with nine stages of attack testing which has several advantages over existing security controls against threats and security gaps, and serves as a bridge between technical and managerial views of penetration testing by applying the necessary controls on both aspects. Penetration testing is carried out to find security holes on the website, which can then be used for assessment on ISO 31000 risk management which includes the stages of risk identification, risk analysis, and risk evaluation. The main findings of this study are testing a combination of penetration testing using the ISSAF framework and ISO 31000 risk management to obtain the security risks posed by a website. Based on this research, obtained the results that there are 18 security gaps from penetration testing, which based on ISO 31000 risk management assessment there are two types of security risks with high level, eight risks of medium level security vulnerabilities, and eight risks of security vulnerability with low levels. Some recommendations are given to overcome the risk of gaps found on the website.
Бесплатно
Статья научная
In the modern world, the military sphere occupies a very high place in the life of the country. At the same time, this area needs quick and accurate solutions. This decision can greatly affect the unfolding of events on the battlefield and indicate that they must be used carefully, using all possible means. During the war, the speed and importance of decisions are very important, and we note that the relevance of this topic is growing sharply. The purpose of the work is to create a comprehensive information system that facilitates the work of commanders of tactical units, which organizes the visualization and classification of aerial objects in real-time, the classification of objects for radio-technical intelligence, the structuring of military information and facilitates the perception of military information. The object of research/development is a phenomenon that creates a problematic problem, has the presence of slowing factors in the process of command and control, using teams of tactical links, which can slow down decision-making, as well as affect their correctness. The research/development aims to address emerging bottlenecks in the command-and-control process performed by tactical link teams, providing improved visualization, analysis and work with military data. The result of the work is an information system for processing military data to help commanders of tactical units. This system significantly improves on known officer assistance tools, although it includes a set of programs that have been used in parallel on an as-needed basis. Using modern information technologies and ease of use, the system covers problems that may arise for commanders. Also, each program included in the complex information system has its degree of innovation. The information system for structuring military information is distinguished by the possibility of use on any device. The information system for the visualization and clustering of aerial objects and the information system for the classification of objects for radio technical intelligence are distinguished by their component nature. This means that the application can use sources of input information and provides an API to use other processing information. Regarding the information system for integration into information materials, largely unknown terms and abbreviations are defined, so such solutions, cannot integrate the required data into real documents. Therefore, using this comprehensive information system, the command of tactical units will have the opportunity to improve the quality and achieve the command-and-control process.
Бесплатно
Innovative Forensics in IoT Clouds by Leveraging Blockchain for Data Integrity and Security
Статья научная
The Internet of Things and cloud computing are expanding at a very rapid rate, which has posed a great challenge in maintaining data security and integrity, particularly during forensic investigation. The conventional logging mechanisms are prone to manipulation, unreliable, and difficult to verify the digital evidence. In response to these problems, a blockchain-based system is suggested to facilitate the security and reliability of forensic data stored on cloud-based environments, which is related to IoT devices. The decentralized storage is paired with the smart contract technology to form an immutable version of the cloud communications to make sure that the evidence is unaltered to guarantee its verifiability. It further has a safe off-chain storage system enabling swift records and recalls of massive forensic records. The enormous amount of experimentation has demonstrated that the system minimizes the verification times to about 28 to 39 milliseconds. It is quicker than the methods that are currently in place and has high data integrity. The framework enhances transaction throughput as well as provides scalable solution to preserve forensic evidence. It has offered a feasible and reliable platform to enhance the security, visibility and reliability of forensic data within intricate IoT and cloud environments. These characteristics aid law enforcement groups and forensic investigators in having effective and credible investigations.
Бесплатно
Innovative Method for Enhancing Key Generation and Management in the AES-Algorithm
Статья научная
With the extraordinary maturity of data exchange in network environments and increasing the attackers capabilities, information security has become the most important process for data storage and communication. In order to provide such information security the confidentiality, data integrity, and data origin authentication must be verified based on cryptographic encryption algorithms. This paper presents a development of the advanced encryption standard (AES) algorithm, which is considered as the most eminent symmetric encryption algorithm. The development focuses on the generation of the integration between the developed AES based S-Boxes, and the specific selected secret key generated from the quantum key distribution.
Бесплатно
Integer Programming Models for Task Scheduling and Resource Allocation in Mobile Cloud Computing
Статья научная
In traditional mobile cloud computing, user tasks are uploaded and processed on a cloud server over the Internet. Due to the recent rapid increase in the number of mobile users connected to the network, due to overload of the Internet communication channels, there are significant delays in the delivery of data processed on cloud servers to the user. Furthermore, it complicates the optimal scheduling of the tasks of many users on cloud servers and the delivery of results. Scheduling is an approach used to reduce the tasks execution time by ensuring a balanced distribution of user tasks on cloud servers. The goal of scheduling is to ensure selection of appropriate resources to handle tasks quickly, taking into account user requirements. Whereas the goal of cloud service providers is to provide users with the required resources through performing effective scheduling so that both the user and the service provider can benefit. The article proposes a scheduling model to reduce processing time, network latency, and power consumption of mobile devices through optimal task placement in the cloudlet network in a mobile cloud computing environment.
Бесплатно
Статья научная
Today, there are known the basic principles of decision-making on the safety control of distributed computer systems in the face of uncertainty and risk. However, in this area there are no practical methods for the quantitative risk analysis and assessment, taking into account the dynamic changes of security threats, which is typical for distributed computer systems. In this paper is suggested an approach to assesment and minimization of the security risks, which allows to reduce the potential losses due to the realization of threats, to analyze the dynamics of intrusions into computer systems and to select the effective security tools. As a result, there is designed the structure of the tools for risk minimization in the distributed computer systems and are formalized the main functions of this structure. Also, in the paper is suggested the assessment of risk factors of the security threats and the probability of the threats realization, which are based on their division into appropriate groups. The proposed tools for security risk minimization allow effectively identify, classify and analyze threats to the security of the distributed computing systems.
Бесплатно
Статья научная
With attackers discovering more inventive ways to take advantage of network weaknesses, the pace of attacks has drastically increased in recent years. As a result, network security has never been more important, and many network intrusion detection systems (NIDS) rely on old, out-of-date attack signatures. This necessitates the deployment of reliable and modern Network Intrusion Detection Systems that are educated on the most recent data and employ deep learning techniques to detect malicious activities. However, it has been found that the most recent datasets readily available contain a large quantity of benign data, enabling conventional deep learning systems to train on the imbalance data. A high false detection rate result from this. To overcome the aforementioned issues, we suggest a Synthetic Minority Over-Sampling Technique (SMOTE) integrated convolution neural network and bi-directional long short-term memory SCNN-BIDLSTM solution for creating intrusion detection systems. By employing the SMOTE, which integrates a convolution neural network to extract spatial features and a bi-directional long short-term memory to extract temporal information; difficulties are reduced by increasing the minority samples in our dataset. In order to train and evaluate our model, we used open benchmark datasets as CIC-IDS2017, NSL-KDD, and UNSW-NB15 and compared the results with other state of the art models.
Бесплатно
Integrity Analysis of Multimedia File Transmission between Mobile Phones
Статья научная
Mobile forensics deals with evidence from mobile devices. Data recovered from the mobile devices are helpful in investigation to solve criminal cases. It is crucial to preserve the integrity of these data. According to research carried out [1], it has been noted that not all data extracted from mobile phones have discrepancies in hash values during integrity verification. It has been reported that only the Multimedia Messaging Service message type showed a variation in hash values when performing data extraction. The main objective in this work is to study the variance in the content of the graphic files transferred between mobile phones via Bluetooth or MMS. We also determine the causes of such variations, if any, while checking the graphics file integrity. Different parameters including distance and file format have been varied and a series of test were conducted using: mobile sets of same make same model, same make different model and different make different model on different graphic file formats of different sizes. Results obtained confirmed that there was no alteration of graphic files during Bluetooth transmission. However, while transmitting the graphic files through Multimedia Messaging Service, results showed notable alteration level for graphic files of certain file format and size.
Бесплатно
Статья научная
The data aggregation is a widely used energy-efficient mechanism in wireless sensor Networks (WSNs), by avoiding the redundant data transmitting to base station. The deployment of wireless communicating sensor nodes in the hostile or unattended environment causes attack more easily and the resource limited characteristics make the conventional security algorithms infeasible, hence protecting privacy and integrity during data aggregation is a challenging task. The privacy of a sensor data ensures, it is known only to itself and the integrity guarantees sensor data has not tampered during data aggregation. The Integrity Protecting Privacy preserving Data Aggregation (IPPDA) protocols ensures a robust and accurate results at the base station. This paper summarises on such IPPDA protocols during data aggregation.
Бесплатно
Intelligent Autoencoder with LSTM based Intrusion Detection and Recommender System
Статья научная
With the swift growth of digital networks and information in both public and private sectors, it is essential to deal with the considerable threat that network attacks pose to data integrity and confidentiality. Consequently, there is a pressing requirement for the establishment of effective mechanisms to detect and provide recommendations for addressing intrusion attacks. In this paper, we propose a semantic-based intrusion detection system that aims to improve performance by incorporating semantic representations consisting of feature groups and their associated weights, leading to the creation of a weighted knowledge graph. The weights of the features are determined using sparse autoencoders. From these weights, the most significant features are normalized to a specific range. This approach comprises a combination of a Deep Auto Encoder (AE) and Long Short-Term Memory (LSTM) networks for intrusion detection. Furthermore, the ensemble method of Extreme Gradient Boosting (XGBoost) is used to identify and recommend high-probability attack scenarios. The dataset used to evaluate is the CSE-CIC-IDS dataset. Performance metrics such as accuracy, precision, recall, false positive rate, receiver operating characteristic metrics, loss, and error rate are used to measure the performance, and the results show the approach demonstrates substantial improvements in detection accuracy, minimizing false positives, enhancing reliability, and outperforming existing models. The combination of semantic knowledge, deep learning, and ensemble learning ensures a proactive and adaptive cybersecurity framework.
Бесплатно
Intelligent Rate Adaptation Based on Improved Simulated Annealing Algorithm
Статья научная
This paper analyzes the PHY layer of IEEE 802.11 standards for a variety of transmission rates, after learning that MAC layer does not provide adaptive approach for rate control. With the study of various adaptive algorithms, the SAARF (Simulated Annealing Auto Rate Fallback) protocol based on simulated annealing algorithm is proposed on rate adaptation in MAC Layer, which can adaptively adjust transmitting rate. Compared with ARF (Auto Rate Fallback) protocol, SAARF can more effectively improve network performance from the simulation results.
Бесплатно
Intelligent Reduction in Signaling Load of Location Management in Mobile Data Networks
Статья научная
Massive increase in the mobile data traffic volume has recently resulted in a big interest towards the distributed mobility management solutions that aim to address the limitations and drawbacks of centralized mobility management. Location management is an important requirement in a distributed mobility management environment. To provide seamless Internet data services to a mobile node, the location of a mobile node is stored and periodically updated on a location server through a location update message that is sent by the mobile node. In this paper, we propose an intelligent approach of setting the period of sending location update messages on the basis of a mobile node's patterns of data sessions and IP handovers. We use a machine learning approach on the location server. The results show that our approach significantly reduces the signaling load of the location management and the overall reduction is more than 50%.
Бесплатно
