International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1130
System Design of a Trusted SoC and Detailed Analysis of its Secure State Transitions
Статья научная
According to the relevant criterion and principle for designing and evaluating various trusted computing chips, we have proposed a new trusted SoC chip, and have given the implementation of its basic functional modules. In detail, we have discussed the design of the trusted SoC security architecture and the main module functional modules such as microprocessor, cryptographic function module, security management module, input/output interface, along with the most important memory management unit. Moreover, we have discussed reliability of relevant parameters and transfer strategy for trusted root in chip development and application, together with the simulation and validation of corresponding functions. At last, we point out that one of the most important further research directions is the trusted measurement of dynamic data and software running in security environment.
Бесплатно
System Monitoring Addon Analysis in System Load Simulation
Статья научная
The complexity of interconnected devices requires constant real-time monitoring, as failure of one part can have catastrophic consequences for the entire system. Computer-information monitoring tools enable us to always be one step ahead of potential problems that may occur in a monitored network environment, whether it is a human-caused configuration or simply an element has failed or stopped working. Not only can they report potential problems, but they can also solve the problem itself. For example, if an element needs increased resources at a given time, the tool itself can recognize it and automatically increase the resource needs of that element. By setting up a monitoring system in a virtual environment, the results can be seen and through their analysis will bring an optimal solution when it comes to what agent to use. This paper presents analysis of how network monitoring agent is responding in cases when there is increased use of shared resources. Knowing this can help in choosing what agent should be used in any given environment, and with that more resources will be saved. This leads to better utilization of resources which is an important in mid-size and big setup of computer monitoring systems.
Бесплатно
Targeted Attacks Detection and Security Intruders Identification in the Cyber Space
Статья научная
The number of new cybersecurity threats and opportunities is increasing over time, as well as the amount of information that is generated, processed, stored and transmitted using ICTs. Particularly sensitive are the objects of critical infrastructure of the state, which include the mining industry, transport, telecommunications, the banking system, etc. From these positions, the development of systems for detecting attacks and identifying intruders (including the critical infrastructure of the state) is an important and relevant scientific task, which determined the tasks of this article. The paper identifies the main factors influencing the choice of the most effective method for calculating the importance coefficients to increase the objectivity and simplicity of expert assessment of security events in cyberspace. Also, a methodology for conducting an experimental study was developed, in which the goals and objectives of the experiment, input and output parameters, the hypothesis and research criteria, the sufficiency of experimental objects and the sequence of necessary actions were determined. The conducted experimental study confirmed the adequacy of the models proposed in the work, as well as the ability of the method and system created on their basis to detect targeted attacks and identify intruders in cyberspace at an early stage, which is not included in the functionality of modern intrusion detection and prevention systems.
Бесплатно
Task Assignment for Heterogeneous Computing Problems using Improved Iterated Greedy Algorithm
Статья научная
The problem of task assignment is one of the most fundamental among combinatorial optimization problems. Solving the Task Assignment Problem is very important for many real time and computational scenarios where a lot of small tasks need to be solved by multiple processors simultaneously. A classic problem that confronts computer scientists across the globe pertaining to the effective assignment of tasks to the various processors of the system due to the intractability of the task assignment problem for more than 3 processors. Several Algorithms and methodologies have been proposed to solve the Task Assignment Problem, most of which use Graph Partitioning and Graph Matching Techniques. Significant research has also been carried out in solving the Task Assignment Problem in a parallel environment. Here we propose a modified version of iterated greedy algorithm that capitalizes on the efficacy of the Parallel Processing paradigm, minimizing the various costs along with the duration of convergence. The central notion of the algorithm is to enhance the quality of assignment in every iteration, utilizing the values from the preceding iterations and at the same time assigning these smaller computations to internal processors (i.e. parallel processing) to hasten the computation. On implementation, the algorithm was tested using Message Passing Interface (MPI) and the results show the effectiveness of the said algorithm.
Бесплатно
Статья научная
Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols use cryptographic algorithms to secure data and ensure security goals such as Data Confidentiality and Integrity in networking. They are used along with other protocols such as HTTP, SMTP, etc. in applications such as web browsing, electronic mail, and VoIP. The existing versions of the protocols as well as the cryptographic algorithms they use have vulnerabilities and is not resistant towards Man-In-The- Middle (MITM) attacks. Exploiting these vulnerabilities, several attacks have been launched on SSL/TLS such as session hijacking, version degradation, heart bleed, Berserk etc. This paper is a comprehensive analysis of the vulnerabilities in the protocol, attacks launched by exploiting the vulnerabilities and techniques to mitigate the flaws in protocols. A novel taxonomy of the attacks against SSL/TLS has been proposed in this paper.
Бесплатно
TempR: Application of Stricture Dependent Intelligent Classifier for Fast Flux Domain Detection
Статья научная
Fast-flux service networks (FFSN) helps the cyber-criminals to hide the servers used for malicious activities behind a wall of proxies (bots). It provides the reliability and detection evasion to a malicious server. FFSN use a large pool of IP addresses for proxies. Detection of FFSN is difficult as few benign technologies like Content distribution networks and round robin DNS have similar working characteristics. Many approaches have been proposed to detect FFSN and fast flux domains. However, due to dynamic behavior of FFSN, these techniques suffer from a significant number of false positives. In this paper, we present a Temporal and Real time detections based approach (TempR) to detect fast flux domains. The features of fast flux domains and benign domains have been collected and classified using intelligent classifiers. Our technique illustrates 96.99% detection accuracy with the recent behavior of fast flux domains.
Бесплатно
Ternary Tree Based Group Key Agreement for Cognitive Radio MANETs
Статья научная
This paper presents an efficient contributory group key agreement protocol for secure communication between the lightweight small devices in cognitive radio mobile ad hoc networks. A Ternary tree based Group ECDH.2 (TGECDH.2) protocol that uses a batch rekeying algorithm during membership change is proposed in this paper. This ternary tree is a balanced key tree in which appropriate insertion point is selected for the joining members during rekeying operation. TGECDH.2 combines the computational efficiency of ECDH protocol and the communication efficiency of GDH.2 protocol. From the performance analysis, it is inferred that the TGECDH.2 outperforms an existing ternary tree based protocol. Hence, it is best suited for the resource constrained mobile devices such as notebooks, laptops, sensors, etc. in cognitive radio mobile ad hoc networks.
Бесплатно
Text Steganography Using Quantum Approach in Regional Language with Revised SSCE
Статья научная
In this contribution we present a work of text steganography. Maintain the security of the secret information has been a great challenge in our day to day life. Sender can send messages habitually through a communication channel like Internet, draws the attention of third parties, hackers and crackers, perhaps causing attempts to break and expose the unusual messages. Steganography is a talented province which is used for secured data transmission over any public media. Extensive amount of research work has been established by different researchers on steganography. In this paper, a text steganography procedure has been designed with the help of a Regional language of India i.e. Gujarati language. Here the quantum approach also incorporates for increasing the security level. A Revised SSCE code (SSCE - Secret Steganography Code for Embedding) has been implemented in this work to upgrade the level of security. Text steganography together with Revised SSCE code & quantum approach based on the use of two specific and two special characters in Gujarati language and mapping technique of quantum gate truth table have been used.
Бесплатно
Textual Manipulation for SQL Injection Attacks
Статья научная
SQL injection attacks try to use string or text manipulations to access illegally websites and their databases. This is since using some symbols or characters in SQL statements may trick the authentication system to incorrectly allow such SQL statements to be processed or executed. In this paper, we highlighted several examples of such text manipulations that can be successfully used in SQL injection attacks. We evaluated the usage of those strings on several websites and web pages using SNORT open source. We also conducted an extensive comparison study of some relevant papers.
Бесплатно
The AODV extension protocol named AODV_SPB
Статья научная
An unbalanced traffic load distribution leads to a degradation of network performance; most of nodes in the network are heavily loaded, resulting in a large queue, a high packet delay, and high energy consumption. The optimization of load balancing to avoid congestion has been the subject of many researches in recent years. Many authors have proposed different solutions to anticipate the failure of route in Manets by adding a function that predicts the failure of the links to distribute the traffic load on all nodes of the network. In this paper we propose an extension to the AODV-balanced protocol named AODV_SPB 《ad hoc on demand distance vector with stable path, less congested with load balancing》, which looks for a stable and less overloaded path .A comparative study is done under the NS2 simulator with AODV and AODV-SPB. This last protocol shows its effectiveness with respect to the two protocols cited in terms of; overload, delivery rates of packets and the average of delay with 4 simulation scenarios.
Бесплатно
Статья научная
Elections are believed to be the key pillars of democracy and voting is one of the electoral processes that ensure the sustenance of democracy in any civil society. In this paper, we developed an electronic voting system, which will eliminate rigging and manipulation of results to its barest minimum, this problem is mostly associated with the manual system of voting. The implementation of electronic voting system in Nigeria will boost the integrity of INEC and the result they produce. The programs used to develop this system are PHP, MySQL, Java Query, CSS and HTML. These packages make the Graphic Interface User friendly enough for even those with little or no computer knowledge.
Бесплатно
The Mathematical Model for Research of the UAV Longitudinal Moving
Статья научная
The paper presents one of the perspective directions of the development to modern aviation, which is connected with designing and producing unmanned aerial vehicles (UAV) of various functionalities for applying in both military and civilian spheres. The syntheses of UAV control systems, regardless of their type and purpose presumes creation of adequate mathematical models, first of all adequate aerodynamic mathematical models. In the paper results that forms and justify the aerodynamic mathematical model and as well as the results of building a general mathematical model of the longitudinal movement of the perspective UAV are presented. Also factors that forms the mathematical model on given aerodynamic, geometric, mass and inertial data for a hypothetical perspective altitude long-range UAV are submitted. Assessment of the impact of these data on the dynamic, temporal, and logarithmic frequency response UAV also has been given in this paper.
Бесплатно
Статья научная
We described the placing of the mobile agents in a dynamic environment. It formed a dynamic environment for a complex of dynamically changing mobile agents. We described a two-level system of connections at the global and local levels of interaction. Such a scheme allows you to support the survivability of a dynamic environment. We presented the model of placement of mobile agents in a dynamic environment, which forms the basis of the trajectory of interaction between mobile agents, enabling us to combine the dynamic environment into a unified dynamic environment. The proposed method for mobile agents parameters restoring in a unified dynamic environment, taking into account the similarity coefficients, allows restore 80% parameters of an inaccessible mobile agent. This indicates the high efficiency of the objects description in the form of a unified dynamic environment in order to maintain its integrity.
Бесплатно
The New Block Cipher Design (Tigris Cipher)
Статья научная
In the present paper we have proposed a new variant of AES cipher with high level of security and an elegant construction called TIGRIS cipher. The TIGRIS name has been derived from one of the two famous rivers in Iraq. The proposed TIGRIS cipher is a revision for the proposed Euphrates cipher which has already been published. It has been designed with a good coherent structure that is based on solid algebraic and well mathematical opinions. The proposed cipher uses the SPN structure and what is known by the Galois Field GF (28). It is an iterated cipher that has a conservative design which is easily implemented on both hardware and software. It operates with block size of 128-bits and with three variable key lengths of 128-bits, 192-bits and 256-bits in addition to sixteen rounds or multiples of four rounds. The proposed cipher works with good invertible operations' stages and a compact duplicated ciphering key. The Tigris cipher construction strategy includes the adoption of construction a new S-box with high non-linearity that uses the same routines of the AES-S-box stage but with different modular arithmetic of irreducible polynomial and different affine matrix in addition to the distinct constant vector. The second and the third layers of the proposed model are based on the shifting concept for the confusion and diffusion process with reversible operations. The last layer of the proposed model is the key addition layer that is responsible for the expanding and generating the ciphering key by two directions those of row and column expansion, which are associated with two constant vectors of golden ratio and base nature algorithm as a fixed word to eliminate any weak or semi-weak ciphering key.
Бесплатно
Статья научная
There is suggested a method for the trust level establishment to the nodes of distributed computer systems (DCS) taken into account the dynamics of the information value changing and with the in-time records of the security incidents from the nodes. The proposed method of the DCS nodes rating establishment allows adaptively and during the DCS functioning to determine a safety configuration of resources (nodes) for the information processing in the DCS. Also, there is described the specifics of the implementation of the mechanisms for the nodes trust level establishment.
Бесплатно
The Research of Unconditionally Secure Authentication Code For Multi-Source Network Coding
Статья научная
In a network system, network coding allows intermediate nodes to encode the received messages before forwarding them, thus network coding is vulnerable to pollution attacks. Besides, the attacks are amplified by the network coding process with the result that the whole network maybe polluted. In this paper, we proposed a novel unconditionally secure authentication code for multi-source network coding, which is robust against pollution attacks. For the authentication scheme based on theoretic strength, it is robust against those attackers that have unlimited computational resources, and the intermediate nodes therein can verify the integrity and origin of the encoded messages received without having to decode them, and the receiver nodes can check them out and discard the messages that fail the verification. By this way, the pollution is canceled out before reaching the destinations.
Бесплатно
The Scalability and Stability Analysis of KLEACH Routing Protocol in Wireless Sensor Networks
Статья научная
The scalability and stability in wireless sensor networks (WSNs) are considering as an important issue due to the large numbers of nodes and consequently their node density and deployment. While the network size increase, the need of scalable and efficient routing protocols is indispensable. Moreover, sensor nodes have to be alive to guarantee the network operation for the period which the first node died doesn't appear. This period, named network stability region, is ameliorated by many techniques. In fact, the balancing energy consumption and clustering method are among those techniques. In this paper, we present the scalability and stability analysis of the routing protocol LEACH based on K-means clustering algorithm (KLEACH). Accordingly, the simulation results of the performance metrics verify the efficiency and the scalability of KLEACH protocol compared to LEACH.
Бесплатно
The Security of Blockchain-based Electronic Health Record: A Systematic Review
Статья научная
The healthcare industry makes rampant strides in sharing electronic health records with upgraded efficiency and delivery. Electronic health records comprise personal and sensitive information of patients that are confidential. The current security mechanism in cloud computing to store and share electronic health records results in data breaches. In the recent era, blockchain is introduced in storing and accessing electronic health records. Blockchain is utilized for numerous applications in the healthcare industry, such as remote patient tracking, biomedical research, collaborative decision making and patient-centric data sharing with multiple healthcare providers. In all circumstances, blockchain guarantees immutability, data privacy, data integrity, transparency, interoperability, and user privacy that are strictly required to access electronic health records. This review paper provides a systematic study of the security of blockchain-based electronic health records. Moreover, based on thematic content analysis of various research literature, this paper provides open challenges in the blockchain-based electronic health record.
Бесплатно
The energy-saving modification program of lighting equipment based on the economic evaluation
Статья научная
Considering many lighting energy-saving modification programs have the phenomenon of diseconomy; this paper takes into account economic evaluation to solve this problem. The optimal program of total energy-saving benefit will be found under the limited investment according to economic evaluation of the price, life span and power consumption of lighting equipments. Firstly, the benefit ratio will be used to evaluate on the necessity of modification, and get the order. If the biggest benefit ratio exists in different equipments simultaneously, the better one will be selected in terms of relative payback period of investment. And on the basis, the relative remaining time is innovatively introduced into economic evaluation to determine the locations of modification. Then an example from a factory can prove that the program is workable.
Бесплатно
The method of hidden terminal transmission of network attack signatures
Статья научная
This article is proposes a new approach to the transmission of signatures of network attacks onto a remote Internet resource. The problem is that the known protocols that are used for transfer data and control actions from an administrative resource to a network agents are poorly protected. Even in case of use of cryptographic mechanisms for organization of secure connections, it is possible to form behavioral patterns of interactions such as "administrative resource - network agents." Such templates allow to predict the actions taken in accordance with the security policy in order to maintain the required level of functionality of a remote Internet resource. Thus, it is necessary to develop a new protocol for the transfer of designated information, based on information technology, which level out the existence of opportunities for the formation of behavioral patterns of network interactions. As such technology, it is proposed to use a set of means of network interaction and some methods of hidden (steganographic) data transmission in information and telecommunication networks.
Бесплатно
