International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1148
Статья научная
Moving from a paper-based to electronic-based medical records has become recently a target for many medical institutions to increase efficiency and decrease costs. However, this makes patient's sensitive data – collected and stored in electronic medical records (EMRs) – more vulnerable and at the risk of privacy violations and breaches. For this sake, institutions try to protect the privacy of its patients' data. However, being a part of a bigger medical system may require that an institution be a part of a global query, such situation imposes new challenges for hospitals to preserve their data privacy while being able to participate in global analytical queries with other hospitals. Secure multi-party computation protocols (SMC) help in executing global analytical queries between a set of distrustful data owners who have no desire to share their confidential data, however they all need to cooperate to answer global queries about patients' medical history. The bulk of SMC protocols targets the ring topology execution environment in which query results at one node are passed to next node in the topology. In this paper, we propose a privacy preserving SMC technique to execute equality-test and range queries on EMRs. Our proposed technique uses bucketization to reduce computational cost. We replaced the conventional ring topology by start where each party can exchange messages directly over a private connection with the mediator. This too can improve management and improves the overall performance. Our experimental results show the effectiveness of our technique which provides better privacy without the need for trusted third party (TTP).
Бесплатно
Secure video compression and integration technique for data transmission
Статья научная
This paper approaches security application for digital image and video processing. The techniques involve H.264 Video Compression, Elliptical Curve Cryptography Encryption followed by Image Interleaving and last by Pixel Integration to generate integrated multi-video. The user can choose any of the videos among the several integrated videos displayed with a unique security key for each video. With the secure key assigned for each video input, the original video is displayed by decrypting it from multiple videos.
Бесплатно
Статья научная
Emergency Message broadcasting is an important process in VANET. Security and reliable transmission are the two major concerns in message broadcasting. VANET is open to unauthorized nodes, hackers, misbehaving vehicles, malicious attackers etc without security. Without valid confirmation of authorized vehicles, these types of attacks may occur. To enhance the reliability in message broadcasting, some existing techniques are used. They transmit the data without much delay but they didn’t provide any trusted authentication. So hackers, malicious nodes, unauthorized vehicles may easily interrupt the emergency messages. Also Brute force attack, Man in Middle attack are not identified and eliminated. In this research, a trust based secured broadcasting mechanism is developed which ensures the metrics such as security, privacy, integrity, trust etc. The major intension of this research is to reduce latency and provide high reliable, secure and efficient communication over the vehicles. The data such as vehicle position, location, speed, and other traffic information’s are generated and stored in a separate table. A network is created with varying densities. A path is generated for message broadcasting between source and destination based on the specific gateway estimated. Here, Optimal Wireless Access in Vanet (OWAV) Protocol is employed to gather vehicle related information to reduce the delay. Blowfish encryption algorithm along with Oppositional Deer Hunting Optimization (ODHO) is used to store the trusted vehicles location to avoid unauthorized tracking. The performance of the proposed research is analyzed with various metrics such as Packet delivery ratio (PDR), transmission delay, encryption time, throughput, computational overhead etc. The efficiency of the research is compared with other existing methods.
Бесплатно
Secured Wireless Sensor Network Protocol using Rabin-assisted Multifactor Authentication
Статья научная
Wireless sensor networks (WSNs) when combined with Internet-of-things (IoT) enable a wide range of applications across multiple domains. Sensor nodes in these wireless sensor networks like any other Internet-connected device are resource constrained and vulnerable to a variety of malicious attacks thereby compromising security. Consequently, a secure and efficient lightweight cryptographic protocol is required that can provide a balance between end-to-end security offering all features but yet lightweight. For secure data transmission and access, newer multi-factor authentication and key management features must be developed as majority of existing techniques have high computational overheads and are vulnerable to a wide range of attacks. In this paper, we propose a Rabin-assisted three-factor authentication protocol that uses the computational asymmetry of Rabin cryptosystem in addition to user password, smartcard and biometric for increased security. NS2 based simulation proves that the proposed protocol outperforms the baseline ad-hoc on-demand distance vector (AODV) protocol in terms of throughput, computation cost, and delay performance. Also, it has the ability to tolerate most common attacks and offers additional functionality features thereby offering a lightweight and highly secure protocol that can be extended to other critical domains like Smart Transportation Systems (STS), Smart grids, Smart buildings etc.
Бесплатно
Securing Voice Communications Using Audio Steganography
Статья научная
Although authentication of users of digital voice-based systems has been addressed by much research and many commercially available products, there are very few that perform well in terms of both usability and security in the audio domain. In addition, the use of voice biometrics has been shown to have limitations and relatively poor performance when compared to other authentication methods. We propose using audio steganography as a method of placing authentication key material into sound, such that an authentication factor can be achieved within an audio channel to supplement other methods, thus providing a multi factor authentication opportunity that retains the usability associated with voice channels. In this research we outline the challenges and threats to audio and voice-based systems in the form of an original threat model focusing on audio and voice-based systems, we outline a novel architectural model that utilises audio steganography to mitigate the threats in various authentication scenarios and finally, we conduct experimentation into hiding authentication materials into an audible sound. The experimentation focused on creating and testing a new steganographic technique which is robust to noise, resilient to steganalysis and has sufficient capacity to hold cryptographic material such as a 2048 bit RSA key in a short audio music clip of just a few seconds achieving a signal to noise ratio of over 70 dB in some scenarios. The method developed was seen to be very robust using digital transmission which has applications beyond this research. With acoustic transmission, despite the progress demonstrated in this research some challenges remain to ensure the approach achieves its full potential in noisy real-world applications and therefore the future research direction required is outlined and discussed.
Бесплатно
Securing Zone Routing Protocol in Ad-Hoc Networks
Статья научная
This paper is a contribution in the field of security analysis on mobile ad-hoc networks, and security requirements of applications. Limitations of the mobile nodes have been studied in order to design a secure routing protocol that thwarts different kinds of attacks. Our approach is based on the Zone Routing Protocol (ZRP); the most popular hybrid routing protocol. The importance of the proposed solution lies in the fact that it ensures security as needed by providing a comprehensive architecture of Secure Zone Routing Protocol (SZRP) based on efficient key management, secure neighbor discovery, secure routing packets, detection of malicious nodes, and preventing these nodes from destroying the network. In order to fulfill these objectives, both efficient key management and secure neighbor mechanisms have been designed to be performed prior to the functioning of the protocol. To validate the proposed solution, we use the network simulator NS-2 to test the performance of secure protocol and compare it with the conventional zone routing protocol over different number of factors that affect the network. Our results evidently show that our secure version paragons the conventional protocol in the packet delivery ratio while it has a tolerable increase in the routing overhead and average delay. Also, security analysis proves in details that the proposed protocol is robust enough to thwart all classes of ad-hoc attacks.
Бесплатно
Securing the Distributions in P2P Networks with Trusted Platform Modules
Статья научная
We present a novel solution that allows one platform to securely distribute or redistribute digital contents to another in P2P networks. The solution includes three protocols (distribution protocol, usage protocol, redistribution protocol) which are all based on platforms with Trusted Platform Modules (TPMs). It maintains the confidentiality and freshness of digital contents during the processes of distribution. Given an ideal (tamper-proof) trusted platform, the solution can even withstand attacks by dishonest users during the processes of usage. Moreover, it can also be used to redistribute n-time-use digital content offline, so it is more flexible and scalable than other related distribution solutions to enable widespread deployment. Lastly, by adding a few simple features to TPMs, our solution can easily prevent the malicious sender and receiver from colluding when the redistribution takes place, so we can ensure that they can not gain more than a previously defined amount of rights without contacting the content provider.
Бесплатно
Security Algorithms for Mitigating Selfish and Shared Root Node Attacks in MANETs
Статья научная
Mobile ad hoc network is a type of self configurable, dynamic wireless network in which all the mobile devices are connected to one another without any centralised infrastructure. Since, the network topology of MANETs changes rapidly. It is vulnerable to routing attacks than any other infrastructure based wireless and wired networks. Hence, providing security to this infrastructure-less network is a major issue. This paper investigates on the security mechanisms that are proposed for Selfish node attack, Shared root node attack and the Control packet attack in MANETs with the aid of a well known multicast routing protocol namely Multicast Ad hoc On Demand Distance Vector (MAODV). The security solutions proposed for each of the above mentioned attacks are evaluated with the help of three evaluation parameters namely packet delivery ratio, control overhead and total overhead. The algorithmic solutions thus obtained are analysed in the simulation environment by using ns-2 simulator.
Бесплатно
Security Analysis and Implementation of an Improved Cch2 Proxy Multi-Signature Scheme
Статья научная
Many of the signature schemes are proposed in which the t out of n threshold schemes are deployed; but they still lack the property of security. In this paper, we have discussed implementation of improved CCH1 and improved CCH2 proxy multi-signature scheme based on elliptic curve cryptosystem. We have represented time complexity, space complexity and computational overhead of improved CCH1 and CCH2 proxy multi-signature schemes. We have presented cryptanalysis of improved CCH2 proxy multi-signature scheme and showed that improved CCH2 scheme is suffered from various attacks i.e. forgery attack and framing attack.
Бесплатно
Статья научная
An efficient threshold signature scheme solves the difficulties of the receiver to proof the approval of the document from the sender as well as detecting if the file has been altered by illegitimate parties. In these days there are plenty of signature schemes such as (t,n) threshold proxy signature scheme. The network is a shared medium so that the weakness security attacks such as eavesdropping, replay attack and modification attack. Thus, we have to establish a common key for encrypting/decrypting our communications over an insecure network. In this scheme, a (t,n) threshold proxy signature scheme based on RSA, any t or more proxy signers can cooperatively generate a proxy signature while t-1 or fewer of them can't do it. The threshold proxy signature scheme uses the RSA cryptosystem to generate the private and the public key of the signers. Comparison is done on the basis of time complexity, space complexity and communication overhead. We compare the performance of four schemes: Hwang et al., Wen et al., Geng et al. and Fengying et al. with the performance of a scheme that has been proposed by the authors of this article earlier. In the proposed scheme, both the combiner and the secret share holder can verify the correctness of the information that they are receiving from each other. Therefore, the enhanced threshold proxy signature scheme is secure and efficient against notorious conspiracy attacks.
Бесплатно
Security Aspects and Challenges in Mobile Adhoc Networks
Статья научная
The traditional notion of a Adhoc wireless network is one in which there are a few Base Stations or Access Points and a number of Mobile Stations or Nodes. Security has become a primary concern in order to provide protected communication between mobile nodes in a hostile environment. The Adhoc networks pose a number of nontrivial challenges to security design, such as open peer-to-peer network architecture, shared wireless medium and network topology. These challenges clearly make a case for building multifence security solutions that achieve both road protection and desirable network performance. The general security objectives like authentication, confidentiality, integrity, availability and non-repudiation, the ad hoc routing protocols should also address location confidentiality, cooperation fairness and absence of traffic diversion. In this paper we attempt to analyze Challenges, Overview of Security, attacks, threats faced by the Adhoc network environment and provide a classification of the various security mechanisms.
Бесплатно
Security Mechanisms to Decrease Vulnerability of Ad-hoc Routing Protocols
Статья научная
Many proposed routing protocols for ad hoc networks operate in an ad hoc fashion, as on demand routing protocols often have low overhead and faster reaction time than other types of routing based on periodic protocols. Dynamic nature of ad-hoc networks leads to challenges in securing the network. Due to the vulnerable nature of ad-hoc networks there are many security threats. One of the solutions to the problem is ARAN – Authenticated routing protocol which is a secure protocol and provides Integrity, Availability, Confidentiality, Authenticity, Non repudiation, Authorization & Anonymity. But an authenticated selfish node can interfere this protocol and disturb the network by dropping packets. However varieties of attacks targeting routing protocols have been identified. By attacking, the routing protocol attacker can absorb network traffic, inject them in the path between source and destination and thus control 0network traffic. Therefore many secure routing protocols have been developed that deal with these attacks. This paper analyzes the security aspects of one commonly used secure routing protocol ARAN.
Бесплатно
Security Requirements Metrics for Pattern-Lock Applications on Mobile Devices
Статья научная
Pattern-Lock is one of graphical authentication schemes that shows high popularity today. Based on recent research, the security requirements metrics of Pattern-Lock applications have not proposed yet. The goal of this study is to define security requirements metrics for Pattern-Lock applications on mobile devices. Our study has identified 12 threat statements and 18 requirements statements by analyzing STRIDE (Spoofing the identity, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege) and Extended Misuse Case diagram. To develop the metrics we have used Goal-Question-Metric (GQM) paradigm. Based on these, we develop 3 Goals and 7 Questions and resulted in 20 metrics for security requirements. The metrics have been evaluated using 30 App Locker Android applications, and the results show that some metrics have higher values than others. Number of Pattern Characteristics that Successfully Detected, Ability to Relock, and Grid Size metrics have the three highest values. These metrics requires higher priorities to look into when developers need to build the App Locker applications. Moreover, developers should ensure that App Locker applications have values higher than average of security goals and metrics achievements.
Бесплатно
Статья научная
This paper deals with the description of the threats to mobile devices and suggests the security software that provides comprehensive protection of personal data and mobile telephone from malware and illegal activity of cyber criminals. The developed security software Green Head protects personal smartphones of majority of brands from spam, viruses and unauthorized access. It is an innovative software product ensuring information security of mobile phones from all currently existing threats that today does not have any full analogs. Green Head security software warns the user about wiretapping, which keeps professional and personal confidential information intact. The developed security software is universal for people using mobile phones in professional and personal life because any stored information is protected from various attacks.
Бесплатно
Статья научная
Compared with the conventional control systems, networked control systems (NCSs) are more open to the external network. As a result, they are more vulnerable to attacks from disgruntled insiders or malicious cyber-terrorist organizations. Therefore, the security issues of NCSs have been receiving a lot of attention recently. In this brief, we review the existing literature on security issues of NCSs and propose some security solutions for the DC motor networked control system. The typical Data Encryption Standard (DES) algorithm is adopted to implement data encryption and decryption. Furthermore, we design a Detection and Reaction Mechanism (DARM) on the basis of DES algorithm and the improved grey prediction model. Finally, our proposed security solutions are tested with the established models of deception and DOS attacks. According to the results of numerical experiments, it's clear to see the great feasibility and effectiveness of the proposed solutions above.
Бесплатно
Security against Sample Pair Steganalysis in Eight Queens Data Hiding Technique
Статья научная
There are many steganalysis methods, which can estimate length of a message embedded in least significant bits. It may be embedded either in spatial domain or in frequency domain. The well known approaches are Chi – Square test, RS steganalysis and Sample Pair steganalysis. Many commercial steganographic programs are based on LSB method. It is important to ensure undetectablity of a hidden message in a carrier. We present an analysis of steganographic security on data hiding approach using eight queen solutions. In this approach, relationship between message bytes and 8-queen solutions is embedded in the cover. Further, we propose a new approach to adjust the statistical properties of the cover image in such a way that the steganalyst may not be able to detect the presence of hidden message. The proposed approach is tested using steganalysis tool STEGEXPOSE and the experimental results found are within acceptable range.
Бесплатно
Security evaluation of cellular networks handover techniques
Статья научная
This paper examined the handovers in cellular networks from both functional and informational security point of view. The aim was to find out if the security goals of confidentiality, integrity and availability (CIA) are preserved during handovers. Whereas functional security is concerned with the proper operation of the handover procedures, informational security deals with confidentiality and integrity of the handover process. The global system for mobile communication provides data and voice communication services by partitioning coverage areas into hexagonal cells. Since mobility is a prime feature of cellular networks, handovers become significant for the continuity of ongoing calls. However, if these handovers are not handled carefully, session hijacking, masquerading and denial of service can be launched by transmitting at the correct timeslot and frequency. The results of the security investigation of the current handover techniques, methods, procedures, schemes and criteria revealed that the CIA triad was not assured during the handover period. The root cause of these attacks is high latency between handover request and handover execution. To address these shortcomings, this paper proposes an authenticated multi-factor neuro fuzzy handover protocol with low latency for both homogenous and heterogeneous cellular environments.
Бесплатно
Security policy modelling in the mobile agent system
Статья научная
The mobile agent security problem limits the use of mobile agent technology and hinders its extensibility and application because the constantly progressed complexity and extension at the level of systems and applications level increase the difficulty to implement a common security system as well as an anticipated security policy. Ontology is considered one of the most important solutions to the problem of heterogeneity. In this context, our work consists of constructing mobile agent domain security ontology (MASO) in order to eliminate semantic differences between security policies in this domain. We use the OWL language under the protected software to construct this ontology. Then, we chose the WS-Policy standard to model security policies, these policies are structured in forms of security requirements and capabilities. To determine the level of semantic correspondence between security policies we are developing an algorithm called "Matching-algorithm" with Java language and two APIs (Jena API and Jdom API) to manipulate the MASO ontology and security policies.
Бесплатно
Security protocol of keys management system for transmission encrypted data
Статья научная
One of the essential obstacles for the deployment of multicast is the lack of protection. And in multicast security, key management for securing organization or group communication is an important area that desires to be addressed. This paper will give an overview of four key management methods and Kerberos protocol. Cryptographic methods are frequently used for secure Data transmission wireless networks. Most cryptographic approaches can be symmetric and asymmetric, depending on the manner of the utilized keys. There are many kinds of key management methods which have been suggested for secure data transmission. This research includes a study of different key management methods to find an efficient key management for Secure and Reliable data transmission in the network. The experimental results showed that the fourth method represents the optimal key management method because it was providing a more secure way for the transmitted data, and the total time for data retrieval was (314.065, 376.119, 590.348, and 474.881) for the four key management methods sequentially to retrieve 71923records. The first three key management methods depend on symmetric key cryptography and the fourth key management method is a hybrid method, it was dependent on symmetric and asymmetric key cryptography, symmetric in the case of using user shared key and asymmetric in case of using server private key and this was unknown for any one.
Бесплатно
Статья научная
Mobile wallet is a payment platform that stores money as a value in a digital account on mobile device which can then be used for payments with or without the need for the use credit/debit cards. The cases of cyber-attacks are on the rise, posing threats to the confidentiality, integrity and availability of information systems including the mobile wallet transactions. Due to the adverse impacts of cyber-attacks on the mobile payment service providers and the users, as well as the risks associated with the use of information systems, performing risk management becomes imperative for business organizations. This research work focuses on the assessment of the vulnerabilities associated with mobile wallet transactions and performs an empirical risk management in order to derive the security priority level needed to ensure the security and privacy of the users of mobile wallet platforms. Based on the extensive literature review, a structured questionnaire was designed and administered to the mobile wallet users who are Paga student customers via the internet. A total number of 52 respondents participated in the research and their responses were analyzed using descriptive statistics. The results of the analysis show that mobile wallet Login details are the most important part of customer information that need to be highly protected as their compromise is likely to affect others. Also, customers’ information such as Mobile Wallet Account Number, Registered Phone Number, Linked ATM Card details, and Linked ATM Card PIN among others are also plausible to attacks. Hence, different security priority levels were derived to safeguard each of the components and possible security tools and mechanisms are recommended. The study also revealed that there are vulnerabilities from the mobile wallet users end that also pose threat to the security of the payment system and customers’ transaction which need to be properly addressed. This research work will enable the mobile payment service providers focus on their services and prioritize the security solutions for each user’s information types or components base on the risks associated with their system and help in taking an inform security related decisions.
Бесплатно
