International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1166
Securing Zone Routing Protocol in Ad-Hoc Networks
Статья научная
This paper is a contribution in the field of security analysis on mobile ad-hoc networks, and security requirements of applications. Limitations of the mobile nodes have been studied in order to design a secure routing protocol that thwarts different kinds of attacks. Our approach is based on the Zone Routing Protocol (ZRP); the most popular hybrid routing protocol. The importance of the proposed solution lies in the fact that it ensures security as needed by providing a comprehensive architecture of Secure Zone Routing Protocol (SZRP) based on efficient key management, secure neighbor discovery, secure routing packets, detection of malicious nodes, and preventing these nodes from destroying the network. In order to fulfill these objectives, both efficient key management and secure neighbor mechanisms have been designed to be performed prior to the functioning of the protocol. To validate the proposed solution, we use the network simulator NS-2 to test the performance of secure protocol and compare it with the conventional zone routing protocol over different number of factors that affect the network. Our results evidently show that our secure version paragons the conventional protocol in the packet delivery ratio while it has a tolerable increase in the routing overhead and average delay. Also, security analysis proves in details that the proposed protocol is robust enough to thwart all classes of ad-hoc attacks.
Бесплатно
Securing the Distributions in P2P Networks with Trusted Platform Modules
Статья научная
We present a novel solution that allows one platform to securely distribute or redistribute digital contents to another in P2P networks. The solution includes three protocols (distribution protocol, usage protocol, redistribution protocol) which are all based on platforms with Trusted Platform Modules (TPMs). It maintains the confidentiality and freshness of digital contents during the processes of distribution. Given an ideal (tamper-proof) trusted platform, the solution can even withstand attacks by dishonest users during the processes of usage. Moreover, it can also be used to redistribute n-time-use digital content offline, so it is more flexible and scalable than other related distribution solutions to enable widespread deployment. Lastly, by adding a few simple features to TPMs, our solution can easily prevent the malicious sender and receiver from colluding when the redistribution takes place, so we can ensure that they can not gain more than a previously defined amount of rights without contacting the content provider.
Бесплатно
Security Algorithms for Mitigating Selfish and Shared Root Node Attacks in MANETs
Статья научная
Mobile ad hoc network is a type of self configurable, dynamic wireless network in which all the mobile devices are connected to one another without any centralised infrastructure. Since, the network topology of MANETs changes rapidly. It is vulnerable to routing attacks than any other infrastructure based wireless and wired networks. Hence, providing security to this infrastructure-less network is a major issue. This paper investigates on the security mechanisms that are proposed for Selfish node attack, Shared root node attack and the Control packet attack in MANETs with the aid of a well known multicast routing protocol namely Multicast Ad hoc On Demand Distance Vector (MAODV). The security solutions proposed for each of the above mentioned attacks are evaluated with the help of three evaluation parameters namely packet delivery ratio, control overhead and total overhead. The algorithmic solutions thus obtained are analysed in the simulation environment by using ns-2 simulator.
Бесплатно
Security Analysis and Implementation of an Improved Cch2 Proxy Multi-Signature Scheme
Статья научная
Many of the signature schemes are proposed in which the t out of n threshold schemes are deployed; but they still lack the property of security. In this paper, we have discussed implementation of improved CCH1 and improved CCH2 proxy multi-signature scheme based on elliptic curve cryptosystem. We have represented time complexity, space complexity and computational overhead of improved CCH1 and CCH2 proxy multi-signature schemes. We have presented cryptanalysis of improved CCH2 proxy multi-signature scheme and showed that improved CCH2 scheme is suffered from various attacks i.e. forgery attack and framing attack.
Бесплатно
Статья научная
An efficient threshold signature scheme solves the difficulties of the receiver to proof the approval of the document from the sender as well as detecting if the file has been altered by illegitimate parties. In these days there are plenty of signature schemes such as (t,n) threshold proxy signature scheme. The network is a shared medium so that the weakness security attacks such as eavesdropping, replay attack and modification attack. Thus, we have to establish a common key for encrypting/decrypting our communications over an insecure network. In this scheme, a (t,n) threshold proxy signature scheme based on RSA, any t or more proxy signers can cooperatively generate a proxy signature while t-1 or fewer of them can't do it. The threshold proxy signature scheme uses the RSA cryptosystem to generate the private and the public key of the signers. Comparison is done on the basis of time complexity, space complexity and communication overhead. We compare the performance of four schemes: Hwang et al., Wen et al., Geng et al. and Fengying et al. with the performance of a scheme that has been proposed by the authors of this article earlier. In the proposed scheme, both the combiner and the secret share holder can verify the correctness of the information that they are receiving from each other. Therefore, the enhanced threshold proxy signature scheme is secure and efficient against notorious conspiracy attacks.
Бесплатно
Security Aspects and Challenges in Mobile Adhoc Networks
Статья научная
The traditional notion of a Adhoc wireless network is one in which there are a few Base Stations or Access Points and a number of Mobile Stations or Nodes. Security has become a primary concern in order to provide protected communication between mobile nodes in a hostile environment. The Adhoc networks pose a number of nontrivial challenges to security design, such as open peer-to-peer network architecture, shared wireless medium and network topology. These challenges clearly make a case for building multifence security solutions that achieve both road protection and desirable network performance. The general security objectives like authentication, confidentiality, integrity, availability and non-repudiation, the ad hoc routing protocols should also address location confidentiality, cooperation fairness and absence of traffic diversion. In this paper we attempt to analyze Challenges, Overview of Security, attacks, threats faced by the Adhoc network environment and provide a classification of the various security mechanisms.
Бесплатно
Security Mechanisms to Decrease Vulnerability of Ad-hoc Routing Protocols
Статья научная
Many proposed routing protocols for ad hoc networks operate in an ad hoc fashion, as on demand routing protocols often have low overhead and faster reaction time than other types of routing based on periodic protocols. Dynamic nature of ad-hoc networks leads to challenges in securing the network. Due to the vulnerable nature of ad-hoc networks there are many security threats. One of the solutions to the problem is ARAN – Authenticated routing protocol which is a secure protocol and provides Integrity, Availability, Confidentiality, Authenticity, Non repudiation, Authorization & Anonymity. But an authenticated selfish node can interfere this protocol and disturb the network by dropping packets. However varieties of attacks targeting routing protocols have been identified. By attacking, the routing protocol attacker can absorb network traffic, inject them in the path between source and destination and thus control 0network traffic. Therefore many secure routing protocols have been developed that deal with these attacks. This paper analyzes the security aspects of one commonly used secure routing protocol ARAN.
Бесплатно
Security Requirements Metrics for Pattern-Lock Applications on Mobile Devices
Статья научная
Pattern-Lock is one of graphical authentication schemes that shows high popularity today. Based on recent research, the security requirements metrics of Pattern-Lock applications have not proposed yet. The goal of this study is to define security requirements metrics for Pattern-Lock applications on mobile devices. Our study has identified 12 threat statements and 18 requirements statements by analyzing STRIDE (Spoofing the identity, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege) and Extended Misuse Case diagram. To develop the metrics we have used Goal-Question-Metric (GQM) paradigm. Based on these, we develop 3 Goals and 7 Questions and resulted in 20 metrics for security requirements. The metrics have been evaluated using 30 App Locker Android applications, and the results show that some metrics have higher values than others. Number of Pattern Characteristics that Successfully Detected, Ability to Relock, and Grid Size metrics have the three highest values. These metrics requires higher priorities to look into when developers need to build the App Locker applications. Moreover, developers should ensure that App Locker applications have values higher than average of security goals and metrics achievements.
Бесплатно
Статья научная
This paper deals with the description of the threats to mobile devices and suggests the security software that provides comprehensive protection of personal data and mobile telephone from malware and illegal activity of cyber criminals. The developed security software Green Head protects personal smartphones of majority of brands from spam, viruses and unauthorized access. It is an innovative software product ensuring information security of mobile phones from all currently existing threats that today does not have any full analogs. Green Head security software warns the user about wiretapping, which keeps professional and personal confidential information intact. The developed security software is universal for people using mobile phones in professional and personal life because any stored information is protected from various attacks.
Бесплатно
Статья научная
Compared with the conventional control systems, networked control systems (NCSs) are more open to the external network. As a result, they are more vulnerable to attacks from disgruntled insiders or malicious cyber-terrorist organizations. Therefore, the security issues of NCSs have been receiving a lot of attention recently. In this brief, we review the existing literature on security issues of NCSs and propose some security solutions for the DC motor networked control system. The typical Data Encryption Standard (DES) algorithm is adopted to implement data encryption and decryption. Furthermore, we design a Detection and Reaction Mechanism (DARM) on the basis of DES algorithm and the improved grey prediction model. Finally, our proposed security solutions are tested with the established models of deception and DOS attacks. According to the results of numerical experiments, it's clear to see the great feasibility and effectiveness of the proposed solutions above.
Бесплатно
Security against Sample Pair Steganalysis in Eight Queens Data Hiding Technique
Статья научная
There are many steganalysis methods, which can estimate length of a message embedded in least significant bits. It may be embedded either in spatial domain or in frequency domain. The well known approaches are Chi – Square test, RS steganalysis and Sample Pair steganalysis. Many commercial steganographic programs are based on LSB method. It is important to ensure undetectablity of a hidden message in a carrier. We present an analysis of steganographic security on data hiding approach using eight queen solutions. In this approach, relationship between message bytes and 8-queen solutions is embedded in the cover. Further, we propose a new approach to adjust the statistical properties of the cover image in such a way that the steganalyst may not be able to detect the presence of hidden message. The proposed approach is tested using steganalysis tool STEGEXPOSE and the experimental results found are within acceptable range.
Бесплатно
Security evaluation of cellular networks handover techniques
Статья научная
This paper examined the handovers in cellular networks from both functional and informational security point of view. The aim was to find out if the security goals of confidentiality, integrity and availability (CIA) are preserved during handovers. Whereas functional security is concerned with the proper operation of the handover procedures, informational security deals with confidentiality and integrity of the handover process. The global system for mobile communication provides data and voice communication services by partitioning coverage areas into hexagonal cells. Since mobility is a prime feature of cellular networks, handovers become significant for the continuity of ongoing calls. However, if these handovers are not handled carefully, session hijacking, masquerading and denial of service can be launched by transmitting at the correct timeslot and frequency. The results of the security investigation of the current handover techniques, methods, procedures, schemes and criteria revealed that the CIA triad was not assured during the handover period. The root cause of these attacks is high latency between handover request and handover execution. To address these shortcomings, this paper proposes an authenticated multi-factor neuro fuzzy handover protocol with low latency for both homogenous and heterogeneous cellular environments.
Бесплатно
Security policy modelling in the mobile agent system
Статья научная
The mobile agent security problem limits the use of mobile agent technology and hinders its extensibility and application because the constantly progressed complexity and extension at the level of systems and applications level increase the difficulty to implement a common security system as well as an anticipated security policy. Ontology is considered one of the most important solutions to the problem of heterogeneity. In this context, our work consists of constructing mobile agent domain security ontology (MASO) in order to eliminate semantic differences between security policies in this domain. We use the OWL language under the protected software to construct this ontology. Then, we chose the WS-Policy standard to model security policies, these policies are structured in forms of security requirements and capabilities. To determine the level of semantic correspondence between security policies we are developing an algorithm called "Matching-algorithm" with Java language and two APIs (Jena API and Jdom API) to manipulate the MASO ontology and security policies.
Бесплатно
Security protocol of keys management system for transmission encrypted data
Статья научная
One of the essential obstacles for the deployment of multicast is the lack of protection. And in multicast security, key management for securing organization or group communication is an important area that desires to be addressed. This paper will give an overview of four key management methods and Kerberos protocol. Cryptographic methods are frequently used for secure Data transmission wireless networks. Most cryptographic approaches can be symmetric and asymmetric, depending on the manner of the utilized keys. There are many kinds of key management methods which have been suggested for secure data transmission. This research includes a study of different key management methods to find an efficient key management for Secure and Reliable data transmission in the network. The experimental results showed that the fourth method represents the optimal key management method because it was providing a more secure way for the transmitted data, and the total time for data retrieval was (314.065, 376.119, 590.348, and 474.881) for the four key management methods sequentially to retrieve 71923records. The first three key management methods depend on symmetric key cryptography and the fourth key management method is a hybrid method, it was dependent on symmetric and asymmetric key cryptography, symmetric in the case of using user shared key and asymmetric in case of using server private key and this was unknown for any one.
Бесплатно
Статья научная
Mobile wallet is a payment platform that stores money as a value in a digital account on mobile device which can then be used for payments with or without the need for the use credit/debit cards. The cases of cyber-attacks are on the rise, posing threats to the confidentiality, integrity and availability of information systems including the mobile wallet transactions. Due to the adverse impacts of cyber-attacks on the mobile payment service providers and the users, as well as the risks associated with the use of information systems, performing risk management becomes imperative for business organizations. This research work focuses on the assessment of the vulnerabilities associated with mobile wallet transactions and performs an empirical risk management in order to derive the security priority level needed to ensure the security and privacy of the users of mobile wallet platforms. Based on the extensive literature review, a structured questionnaire was designed and administered to the mobile wallet users who are Paga student customers via the internet. A total number of 52 respondents participated in the research and their responses were analyzed using descriptive statistics. The results of the analysis show that mobile wallet Login details are the most important part of customer information that need to be highly protected as their compromise is likely to affect others. Also, customers’ information such as Mobile Wallet Account Number, Registered Phone Number, Linked ATM Card details, and Linked ATM Card PIN among others are also plausible to attacks. Hence, different security priority levels were derived to safeguard each of the components and possible security tools and mechanisms are recommended. The study also revealed that there are vulnerabilities from the mobile wallet users end that also pose threat to the security of the payment system and customers’ transaction which need to be properly addressed. This research work will enable the mobile payment service providers focus on their services and prioritize the security solutions for each user’s information types or components base on the risks associated with their system and help in taking an inform security related decisions.
Бесплатно
Security, Privacy and Trust Challenges in Cloud Computing and Solutions
Статья научная
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud computing recently emerged as a promising solution to information technology (IT) management. IT managers look to cloud computing as a means to maintain a flexible and scalable IT infrastructure that enables business agility. As much as the technological benefits, cloud computing also has risks involved. In this paper Cloud Computing security challenges will be discussed and proposed many new recommendations to increase security and trust also maintaining privacy.
Бесплатно
Selection of Next Generation Anti-Virus against Virus Attacks in Networks Using AHP
Статья научная
Defending against virus attacks in network is a vital part of network security. With the rapid evolution of viruses, its defense mechanism has also been evolved over the years. But given the diversity and complexity of virus propagation and its attack behavior, no defense mechanism is equipped fully to protect the network from such attacks. Several antiviruses are available in the market. But none can give full proof solution to malicious attacks in communication networks. In this paper we present a mechanism to measure and compare the relative ability of antivirus against various kinds of viruses. We construct a hierarchical structure for different virus defense mechanism. Using Analytical Hierarchy Process (AHP) we construct a pair wise comparison matrix and find the value of corresponding Eigen vectors; we then apply the theory of AHP to calculate weight of each defense index. We validated our technique with an example. Our method can provide a strong reference to design an optimal network security solution.
Бесплатно
Selective Video Encryption Using the Cross Coupling of One-dimensional Logistic Maps
Статья научная
H.264 videos have been the most shared type of video format in recent times and hence its security is a major issue. The techniques presented in the recent times incur complex computations. The major research objective is to design an efficient Chaotic Selective Video Encryption (CSVE) technique which can result in a better visual degradation of the encrypted video with less computational complexity. In the proposed work, in order to secure the H.264 videos, two one-dimensional logistic maps are cross coupled in the chaotic encryption technique which uses a lookup table for data conversion. The technique is evaluated using different performance metrics like Peak Signal to Noise Ratio (PSNR), entropy, statistical analysis etc along with the traditional logistic map. The work is compared with some recent techniques in terms of PSNR and was found out that the proposed technique has better encryption effect.
Бесплатно
Self Organized Replica Overlay Scheme for P2P Networks
Статья научная
Peer-to-Peer (P2P) systems are widely used for data sharing applications in an autonomous and decentralized mode. P2P systems are suitable for large-scale distributed environments in which nodes can share resources other than data such as computing power, memory and network bandwidth. Some of important parameters that affect the performance of P2P systems are peer availability, data availability, network overhead, overlay structure, churn rate, and data access time. In this paper a self organized replica overlay scheme "Improved Hierarchical Quorum Consensus" (IHQC) for P2P systems is proposed. This scheme organizes replicas in a Self Organized Hierarchical Logical Structure (SOHLS) that has special properties. The scheme improves performance of the system by reducing search time to form read/write quorums, reducing probability of accessing stale data, improving degree of intersection among consecutive quorums and reducing network overhead. This scheme is highly fault tolerant (tolerate up to faults) due to replication of data and inherits the best property of Read-One-Write-All (ROWA) protocol in a dynamic environment of P2P network. The architecture for IHQC is also proposed for implementing the scheme that supports improved performance of P2P systems. This scheme also maximizes the degree of intersection set of read and write quorums; hence, having higher probability to get updated data as compared to all other schemes. The mathematical correctness of the scheme is also presented in the paper. The results of simulation study of the proposed scheme also support and verify its better performance than Random and Hierarchical Quorum Scheme.
Бесплатно
Статья научная
Vehicle ad hoc networks, or VANETs, are highly mobile wireless networks created to help with traffic monitoring and vehicular safety. Security risks are the main problems in VANET. To handle the security threats and to increase the performance of VANETs, this paper proposes an enhanced trust based aggregate model. In the proposed system, a novel adaptive nodal attack detection approach - entropy-based SVM with linear regression addresses the trust factor with kernel density estimation generating the trustiness value thereby classifying the malicious nodes against the trusted nodes in VANETs. Defending the VANETs is through a novel reliance node estimation approach - Bayesian self-healing AIS with Pearson correlation coefficient aggregate model isolating the malicious node thereby the RSU cluster communication getting secure. Furthermore, even a reliable node may be exploited to deliver harmful messages and requires the authority of both the data and the source node to be carried out by the onboard units of the vehicles getting the reports of incident. DoS attacks (Denial of Service) disrupting the usual functioning of the network leads to inaccessible network to its intended users thereby endangering human lives. The proposed system is explicitly defending the VANET against DoS attacks as it predicts the attack without compromising the performance of the VANET handling nodes with various features and functions based on evaluating the maliciousness of attacking nodes accurately and isolating the intrusion. Furthermore, the performance evaluations prove the effectiveness of the proposed work with increased detection rate by 97%, reduced energy consumption by 39% and reduced latency by 25% compared to the existing studies.
Бесплатно
