Статьи журнала - International Journal of Computer Network and Information Security

Все статьи: 1110

The energy-saving modification program of lighting equipment based on the economic evaluation

The energy-saving modification program of lighting equipment based on the economic evaluation

Yuan Yang, Wei-hua Li, Xin-zheng Zhang, Chu-qi Yang, Dong Lv, Hai-qiang Liao, Lin Yang

Статья научная

Considering many lighting energy-saving modification programs have the phenomenon of diseconomy; this paper takes into account economic evaluation to solve this problem. The optimal program of total energy-saving benefit will be found under the limited investment according to economic evaluation of the price, life span and power consumption of lighting equipments. Firstly, the benefit ratio will be used to evaluate on the necessity of modification, and get the order. If the biggest benefit ratio exists in different equipments simultaneously, the better one will be selected in terms of relative payback period of investment. And on the basis, the relative remaining time is innovatively introduced into economic evaluation to determine the locations of modification. Then an example from a factory can prove that the program is workable.

Бесплатно

The method of hidden terminal transmission of network attack signatures

The method of hidden terminal transmission of network attack signatures

Igor Ruban, Nataliia Lukova-Chuiko, Vadym Mukhin, Yaroslav Kornaga, Igor Grishko, Anton Smirnov

Статья научная

This article is proposes a new approach to the transmission of signatures of network attacks onto a remote Internet resource. The problem is that the known protocols that are used for transfer data and control actions from an administrative resource to a network agents are poorly protected. Even in case of use of cryptographic mechanisms for organization of secure connections, it is possible to form behavioral patterns of interactions such as "administrative resource - network agents." Such templates allow to predict the actions taken in accordance with the security policy in order to maintain the required level of functionality of a remote Internet resource. Thus, it is necessary to develop a new protocol for the transfer of designated information, based on information technology, which level out the existence of opportunities for the formation of behavioral patterns of network interactions. As such technology, it is proposed to use a set of means of network interaction and some methods of hidden (steganographic) data transmission in information and telecommunication networks.

Бесплатно

Threat Modelling and Detection Using Semantic Network for Improving Social Media Safety

Threat Modelling and Detection Using Semantic Network for Improving Social Media Safety

Fethi Fkih, Ghadeer Al-Turaif

Статья научная

Social media provides a free space to users to post their information, opinions, feelings, etc. Also, it allows users to easily and simultaneously communicate with each other. As a result, threat detection in social media is critical for ensuring the user’s safety and preventing suspicious activities such as criminal behavior, hate speech, ethnic conflicts and terrorist plots. These suspicious activities have a negative impact on the community’s life and cause tension and social unrest among individuals in both inside and outside of cyberspace. Furthermore, with the recent popularity of social networking sites, the number of discussions containing threats is increasing, causing fear in various parties, whether at the individual or state level. Moreover, these social networking service providers do not have complete control over the content that users post. In this paper, we propose to design a threat detection model on Twitter using a semantic network. To achieve this aim, we designed a threat semantic network, named, ThrNet that will be integrated in our proposed threat detection model called, DetThr. We compared the performance of our model (DetThr) with a set of well-known Machine Learning algorithms. Results show that the DetThr model achieves an accuracy of 76% better than Machine Learning algorithms. It works well with an error rate of forecasting threatening tweet messages as non-threatening (false negatives) is about 29%, while the error rate of forecasting non-threatening tweet messages as threatening (false positives) is about 19%.

Бесплатно

Threshold Based Kernel Level HTTP Filter (TBHF) for DDoS Mitigation

Threshold Based Kernel Level HTTP Filter (TBHF) for DDoS Mitigation

Mohamed Ibrahim AK, Lijo George, Kritika Govind, S. Selvakumar

Статья научная

HTTP flooding attack has a unique feature of interrupting application level services rather than depleting the network resources as in any other flooding attacks. Bombarding of HTTP GET requests to a target results in Denial of Service (DoS) of the web server. Usage of shortened Uniform Resource Locator (URL) is one of the best ways to unknowingly trap users for their participation in HTTP GET flooding attack. The existing solutions for HTTP attacks are based on browser level cache maintenance, CAPTCHA technique, and usage of Access Control Lists (ACL). Such techniques fail to prevent dynamic URL based HTTP attacks. To come up with a solution for the prevention of such kind of HTTP flooding attack, a real time HTTP GET flooding attack was generated using d0z-me, a malicious URL shortener tool. When user clicked the shortened URL, it was found that the user intended web page was displayed in the web browser. But simultaneously, an avalanche of HTTP GET requests were generated at the backdrop to the web server based on the scripts downloaded from the attacker. Since HTTP GET request traffic are part of any genuine internet traffic, it becomes difficult for the firewall to detect such kind of attacks. This motivated us to propose a Threshold Based Kernel Level HTTP Filter (TBHF), which would prevent internet users from taking part in such kind of Distributed Denial of Service (DDoS) attacks unknowingly. Windows Filtering Platform (WFP), which is an Application Programming Interface (API), was used to develop TBHF. The proposed solution was tested by installing TBHF on a victim machine and generating the DDoS attack. It was observed that the TBHF completely prevented the user from participating in DDoS attack by filtering out the malicious HTTP GET requests while allowing other genuine HTTP GET requests generated from that system

Бесплатно

Through the diversity of bandwidth-related metrics, estimation techniques and tools: an overview

Through the diversity of bandwidth-related metrics, estimation techniques and tools: an overview

Fatih Abut

Статья научная

The knowledge of bandwidth in communi - cation networks can be useful in various applications. Some popular examples are validation of service level agreements, traffic engineering and capacity planning support, detection of congested or underutilized links, optimization of network route selection, dynamic server selection for downloads and visualizing network topologies, to name just a few. Following these various motivations, a variety of bandwidth estimation techniques and tools have been proposed in the last decade and still, several new ones are currently being introduced. They all show a wide spectrum of different assumptions, characteristics, advantages and limitations. In this paper, the bandwidth estimation literature is reviewed, with focus on introducing four specific bandwidth-related metrics including capacity, available bandwidth, achievable throughput and bulk transfer capacity (BTC); describing the main characteristics, strengths and weaknesses of major bandwidth estimation techniques as well as classifying the respective tool implementations. Also, the fundamental challenges, practical issues and difficulties faced by designing and implementing bandwidth estimation techniques are addressed.

Бесплатно

Time Window Management for Alert Correlation using Context Information and Classification

Time Window Management for Alert Correlation using Context Information and Classification

Mehdi Bateni, Ahmad Baraani

Статья научная

Alert correlation is a process that analyzes the alerts produced by one or more intrusion detection systems and provides a more succinct and high-level view of occurring or attempted intrusions. Several alert correlation systems use pairwise alert correlation in which each new alert is checked with a number of previously received alerts to find its possible correlations with them. An alert selection policy defines the way in which this checking is done. There are different alert selection policies such as select all, window-based random selection and random directed selection. The most important drawback of all these policies is their high computational costs. In this paper a new selection policy which is named Enhanced Random Directed Time Window (ERDTW) is introduced. It uses a limited time window with a number of sliding time slots, and selects alerts from this time window for checking with current alert. ERDTW classifies time slots to Relevant and Irrelevant slots based on the information gathered during previous correlations. More alerts are selected randomly from relevant slots, and less or no alerts are selected from irrelevant slots. ERDTW is evaluated by using DARPA2000 and netforensicshoneynet data. The results are compared with other selection policies. For LLDoS1.0 and LLDoS2.0 execution times are decreased 60 and 50 percent respectively in comparing with select all policy. While the completeness, soundness and false correlation rate for ERDTW are comparable with other more time consuming policies. For larger datasets like netforensicshoneynet, performance improvement is more considerable while the accuracy is the same.

Бесплатно

Toward Constructing Cancellable Templates using K-Nearest Neighbour Method

Toward Constructing Cancellable Templates using K-Nearest Neighbour Method

Qinghai Gao

Статья научная

The privacy of biometric data needs to be protected. Cancellable biometrics is proposed as an effective mechanism of protecting biometric data. In this paper a novel scheme of constructing cancellable fingerprint minutiae template is proposed. Specifically, each real minutia point from an original template is mapped to a neighbouring fake minutia in a user-specific randomly generated synthetic template using the k-nearest neighbour method. The recognition template is constructed by collecting the neighbouring fake minutiae of the real minutiae. This scheme has two advantages: (1) An attacker needs to capture both the original template and the synthetic template in order to construct the recognition template; (2) A compromised recognition template can be cancelled easily by replacing the synthetic template. Single-neighboured experiments of self-matching, nonself-matching, and imposter matching are carried out on three databases: DB1B from FVC00, DB1B from FVC02, and DB1 from FVC04. Double-neighboured tests are also conducted for DB1B from FVC02. The results show that the constructed recognition templates can perform more accurately than the original templates and it is feasible to construct cancellable fingerprint templates with the proposed approach.

Бесплатно

Toward Security Test Automation for Event Driven GUI Web Contents

Toward Security Test Automation for Event Driven GUI Web Contents

Izzat Alsmadi, Ahmed AlEroud

Статья научная

The web is taking recently a large percentage of software products. The evolving nature of web applications put a serious challenge on testing, if we consider the dynamic nature of the current web. More precisely, testing both blocked contents and AJAX interfaces, might create new challenges in terms of test coverage and completeness. In this paper, we proposed enhancements and extensions of the current test automation activities. In the proposed framework, user interaction with AJAX interfaces is used to collect DOM violation states. A blocked content is accessed through multiple forms' submission with dynamic contents, and in each iteration the vulnerability events databases are modified. Next, the test cases database of possible vulnerable inputs for both AJAX and blocked contents is built. Finally, Coverage assessment is evaluated after executing those test cases based on several possible coverage aspects.

Бесплатно

Towards Modeling Malicious Agents in Decentralized Wireless Sensor Networks: A Case of Vertical Worm Transmissions and Containment

Towards Modeling Malicious Agents in Decentralized Wireless Sensor Networks: A Case of Vertical Worm Transmissions and Containment

ChukwuNonso H. Nwokoye, Virginia E. Ejiofor, Moses O. Onyesolu, Boniface Ekechukwu

Статья научная

Now, it is unarguable that cyber threats arising from malicious codes such as worms possesses the ability to cause losses, damages and disruptions to industries that utilize ICT infrastructure for meaningful daily work. More so for wireless sensor networks (WSN) which thrive on open air communications. As a result epidemic models are used to study propagation patterns of these malicious codes, although they favor horizontal transmissions. Specifically, the literature dealing with the analysis of worms that are both vertically and horizontally (transmitted) is not extensive. Therefore, we propose the Vulnerable–Latent–Breaking Out–Temporarily Immune–Inoculation (VLBTV-I) epidemic model to investigate both horizontal and vertical worm transmission in wireless sensor networks. We derived the solutions of the equilibriums as well as the epidemic threshold for two topological expressions (gleaned from literature). Furthermore, we employed the Runge-Kutta-Fehlberg order 4 and 5 method to solve, simulate and validate our proposed models. Critically, we analyzed the impact of both vertical and horizontal transmissions on the latent and breaking out compartments using several simulations experiments.

Бесплатно

Towards Performance Evaluation of Cognitive Radio Network in Realistic Environment

Towards Performance Evaluation of Cognitive Radio Network in Realistic Environment

Vivek Kukreja, Shailender Gupta, Bharat Bhushan, Chander Kumar

Статья научная

The scarcity of free spectrum compels us to look for alternatives for ever increasing wireless applications. Cognitive Radios (CR) is one such alternative that can solve this problem. The network nodes having CR capability is termed as Cognitive Radio Network (CRN). To have communication in CRN a routing protocol is required. The primary goal of which is to provide a route from source to destination. Various routing protocols have been proposed and tested in idealistic environment using simulation software such as NS-2 and QualNet. This paper is an effort in the same direction but the efficacy is evaluated in realistic conditions by designing a simulator in MATLAB-7. To make the network scenario realistic obstacles of different shapes, type, sizes and numbers have been introduced. In addition to that the shape of the periphery is also varied to find the impact of it on routing protocols. From the results it is observed that the outcomes in the realistic and idealistic vary significantly. The reason for the same has also been discussed in this paper.

Бесплатно

Traffic Engineering with Specified Quality of Service Parameters in Software-defined Networks

Traffic Engineering with Specified Quality of Service Parameters in Software-defined Networks

Artem Volokyta, Alla Kogan, Oleksii Cherevatenko, Dmytro Korenko, Dmytro Oboznyi, Yurii Kulakov

Статья научная

A method of traffic engineering (TE) based on the method of multi-path routing is proposed in the study. Today, one of the main challenges in networking is to organize an efficient TE system that will provide such parameters of quality of service (QoS) as the allowable value of packet loss and time for traffic re-routing. Traditional one-way routing facilities do not provide the required quality of service (QoS) parameters for TE. Modern computer networks use static and dynamic routing algorithms, which are characterized by big time complexity and a large amount of service information. This negatively affects the overall state of the network, namely: leads to network congestion, device failure, loss of information during routing and increases the time for traffic re-routing. Research has shown that the most promising way to solve the TE problem in computer networks is a comprehensive approach, which consists of multi-path routing, SDN technology and monitoring of the overall situation of the network. This paper proposes a method of traffic engineering in a software-defined network with specified quality of service parameters, which has reduced the time of traffic re-routing and the percentage of packet loss due to the combination of the centralized TE method and multi-path routing. From a practical point of view, the obtained method, will improve the quality of service in computer networks in comparison with the known method of traffic construction.

Бесплатно

Traitor Traceable and Revocation-oriented Attribute Based Encryption with Proxy Decryption for Cloud Devices

Traitor Traceable and Revocation-oriented Attribute Based Encryption with Proxy Decryption for Cloud Devices

G. Sravan Kumar, A. Sri Krishna

Статья научная

Cloud storage environment permits the data holders to store their private data on remote cloud computers. Ciphertext Policy Attribute Based Encryption (CP-ABE) is an advanced method that assigns fine-grained access control and provides data confidentiality for accessing the cloud data. CP-ABE methods with small attribute universe limit the practical application of CP-ABE as the public parameter length linearly increases with the number of attributes. Further, it is necessary to provide a way to perform complex calculations during decryption on outsourced devices. In addition, the state-of-art techniques found it difficult to trace the traitor as well as revoke their attribute due to the complexity of ciphertext updation. In this paper, a concrete construction of CP-ABE technique has been provided to address the above limitations. The proposed technique supports large attribute universe, proxy decryption, traitor traceability, attribute revocation and ciphertext updation. The proposed scheme is proven to be secure under random oracle model. Moreover, the experimental outcomes reveal that our scheme is more time efficient than the existing schemes in terms of computation cost.

Бесплатно

Transaction-based QoS management in a Hybrid Wireless Superstore Environment

Transaction-based QoS management in a Hybrid Wireless Superstore Environment

Shankaraiah, Pallapa Venkataram

Статья научная

Hybrid wireless networks are extensively used in the superstores, market places, malls, etc. and provide high QoS (Quality of Service) to the end-users has become a challenging task. In this paper, we propose a policy-based transaction-aware QoS management architecture in a hybrid wireless superstore environment. The proposed scheme operates at the transaction level, for the downlink QoS management. We derive a policy for the estimation of QoS parameters, like, delay, jitter, bandwidth, availability, packet loss for every transaction before scheduling on the downlink. We also propose a QoS monitor which monitors the specified QoS and automatically adjusts the QoS according to the requirement. The proposed scheme has been simulated in hybrid wireless superstore environment and tested for various superstore transactions. The results shows that the policy-based transaction QoS management is enhance the performance and utilize network resources efficiently at the peak time of the superstore business.

Бесплатно

Tree-Based Matched RFID Yoking Making It More Practical and Efficient

Tree-Based Matched RFID Yoking Making It More Practical and Efficient

Hung-Yu Chien

Статья научная

A Radio Frequency Identification (RFID) yoking proof allows an off-line verifier to make sure whether two tags are simultaneously present. Due to off-line property, a reader cannot differentiate valid from invalid proof records when it probes tags, and would generate lots of useless data. This paper proposes a tree-based matched RFID yoking scheme which enhances the cost of identification from O(log N) to O(1), where N is the number of tags, and allows the reader to collect only those matched tags such that it significantly reduces useless data for the verifier to validate off-line.

Бесплатно

Triple Layered Encryption Algorithm for IEEE 802.11 WLANs in E-Government Services

Triple Layered Encryption Algorithm for IEEE 802.11 WLANs in E-Government Services

M A Kabir, K A Sayeed, M A Matin, T Mehenaz, M Kamruzzaman

Статья научная

Wireless local area network (WLAN) can provide e-government services at all levels, from local to national as the WLAN enabled devices have the flexibility to move from one place to another within offices while maintaining connectivity with the network. However, government organizations are subject to strict security policies and other compliance requirements. Therefore, WLAN must ensure the safeguard the privacy of individual data with the strictest levels of security. The 802.11 MAC specifications describe an encryption protocol called Wired Equivalent Privacy (WEP) which is used to protect wireless communications from eavesdropping. It is also capable of preventing unauthorized access. However, the WEP protocol often fails to accomplish its security goal due to the weakness in RC4 and the way it is applied in WEP protocol. This paper focuses the improvement of existing WEP protocol using the varying secret key for each transmission. This will remove the insecurities that currently make the RC4 unattractive for secured networking and this will add further cryptographic strength if applied to Rijndael algorithm. Our result shows that the proposed algorithm is more suitable for small and medium packets and AES for large packets.

Бесплатно

Trust Establishment in SDN: Controller and Applications

Trust Establishment in SDN: Controller and Applications

Bassey Isong, Tebogo Kgogo, Francis Lugayizi

Статья научная

Software Defined Networks (SDNs) is a network technology developed to deal with several limitations faced by the current traditional networks. However, SDN itself is confronted with security challenges which emanates specifically from its platform, given the explosive growth in network attacks and threats. Though many solutions have been developed and proposed, the continual lack of trust between the SDN controller and the applications running atop the control plane poses a great security challenge. SDN controller can easily be attacked by malicious/compromised applications which can result in network failure as the controller represents a single point of failure. Though trust mechanisms to certify network devices exist, mechanisms to certify management applications are still not well developed. Therefore, this paper proposes a novel direct trust establishment framework between an OpenFlow-based SDN controller and applications. The objective is to ensure that SDN controller is protected and diverse applications that consumes network resources are always trusted throughout their lifetime. Additionally, the paper introduce the concept of trust access matrix and application identity to ensure efficient control of network resources. We believe that, if the proposed trust model is adopted in the OpenFlow architecture, it could go a long way to improve the security of the SDN.

Бесплатно

Trust Metric based Soft Security in Mobile Pervasive Environment

Trust Metric based Soft Security in Mobile Pervasive Environment

Madhu Sharma Gaur, Bhaskar Pant

Статья научная

In the decentralized and highly dynamic environment like Mobile Pervasive Environments (MPE) trust and security measurement are two major challenging issues for community researchers. So far primarily many of architectural frameworks and models developed and being used. In the vision of pervasive computing where mobile applications are growing immensely with the potential of low cost, high performance, and user centric solutions. This paradigm is highly dynamic and heterogeneous and brings along trust and security challenges regarding vulnerabilities and threats due to inherent open connectivity. Despite advances in the technology, there is still a lack of methods to measure the security and level of trust and framework for the assessment and calculation of the degree of the trustworthiness. In this paper, we explore security and trust metrics concerns requirement and challenges to decide the trust computations metric parameters for a self-adaptive self-monitoring trust based security assurance in mobile pervasive environment. The objective is to identify the trust parameters while routing and determine the node behavior for soft security trust metric. In winding up, we put our efforts to set up security assurance model to deal with attacks and vulnerabilities requirements of system under exploration.

Бесплатно

Two-Layer Security of Images Using Elliptic Curve Cryptography with Discrete Wavelet Transform

Two-Layer Security of Images Using Elliptic Curve Cryptography with Discrete Wavelet Transform

Ganavi M., Prabhudeva S.

Статья научная

Information security is an important part of the current interactive world. It is very much essential for the end-user to preserve the confidentiality and integrity of their sensitive data. As such, information encoding is significant to defend against access from the non-authorized user. This paper is presented with an aim to build a system with a fusion of Cryptography and Steganography methods for scrambling the input image and embed into a carrier media by enhancing the security level. Elliptic Curve Cryptography (ECC) is helpful in achieving high security with a smaller key size. In this paper, ECC with modification is used to encrypt and decrypt the input image. Carrier media is transformed into frequency bands by utilizing Discrete Wavelet Transform (DWT). The encrypted hash of the input is hidden in high-frequency bands of carrier media by the process of Least-Significant-Bit (LSB). This approach is successful to achieve data confidentiality along with data integrity. Data integrity is verified by using SHA-256. Simulation outcomes of this method have been analyzed by measuring performance metrics. This method enhances the security of images obtained with 82.7528db of PSNR, 0.0012 of MSE, and SSIM as 1 compared to other existing scrambling methods.

Бесплатно

UML Based Integrated Multilevel Checkpointing Algorithms for Cloud Computing Environment

UML Based Integrated Multilevel Checkpointing Algorithms for Cloud Computing Environment

Dilbag Singh, Jaswinder Singh, Amit Chhabra

Статья научная

Main objective of this research work is to improve the checkpoint efficiency for integrated multilevel checkpointing algorithms and prevent checkpointing from becoming the bottleneck of cloud data centers. In order to find an efficient checkpoint interval, checkpointing overheads has also considered in this paper. Traditional checkpointing methods stores persistently snapshots of the present job state and use them for resuming the execution at a later time. The attention of this research is strategies for deciding when and whether a checkpoint should be taken and evaluating them in regard to minimizing the induced monetary costs. By varying rerun time of checkpoints performance comparisons are which will be used to evaluate optimal checkpoint interval. The purposed fail-over strategy will work on application layer and provide highly availability for Platform as a Service (PaaS) feature of cloud computing.

Бесплатно

Understanding the evolution of ransomware: paradigm shifts in attack structures

Understanding the evolution of ransomware: paradigm shifts in attack structures

Aaron Zimba, Mumbi Chishimba

Статья научная

The devasting effects of ransomware have continued to grow over the past two decades which have seen ransomware shift from just being opportunistic attacks to carefully orchestrated attacks. Individuals and business organizations alike have continued to fall prey to ransomware where victims have been forced to pay cybercriminals even up to $1 million in a single attack whilst others have incurred losses in hundreds of millions of dollars. Clearly, ransomware is an emerging cyber threat to enterprise systems that can no longer be ignored. In this paper, we address the evolution of the ransomware and the associated paradigm shifts in attack structures narrowing down to the technical and economic impacts. We formulate an attack model applicable to cascaded network design structures common in enterprise systems. We model the security state of the ransomware attack process as transitions of a finite state machine where state transitions depict breaches of confidentiality, integrity, and availability. We propose a ransomware categorization framework that classifies the virulence of a given ransomware based on a proposed classification algorithm that is based on data deletion and file encryption attack structures. The categories that increase in severity from CAT1 to CAT5 classify the technical prowess and the overall effectiveness of potential ways of retaining the data without paying the ransom demand. We evaluate our modeling approach with a WannaCry attack use case and suggest mitigation strategies and recommend best practices based on these models.

Бесплатно

Журнал