International Journal of Computer Network and Information Security @ijcnis
Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1157

Trust Metric based Soft Security in Mobile Pervasive Environment
Статья научная
In the decentralized and highly dynamic environment like Mobile Pervasive Environments (MPE) trust and security measurement are two major challenging issues for community researchers. So far primarily many of architectural frameworks and models developed and being used. In the vision of pervasive computing where mobile applications are growing immensely with the potential of low cost, high performance, and user centric solutions. This paradigm is highly dynamic and heterogeneous and brings along trust and security challenges regarding vulnerabilities and threats due to inherent open connectivity. Despite advances in the technology, there is still a lack of methods to measure the security and level of trust and framework for the assessment and calculation of the degree of the trustworthiness. In this paper, we explore security and trust metrics concerns requirement and challenges to decide the trust computations metric parameters for a self-adaptive self-monitoring trust based security assurance in mobile pervasive environment. The objective is to identify the trust parameters while routing and determine the node behavior for soft security trust metric. In winding up, we put our efforts to set up security assurance model to deal with attacks and vulnerabilities requirements of system under exploration.
Бесплатно

Two-Layer Security of Images Using Elliptic Curve Cryptography with Discrete Wavelet Transform
Статья научная
Information security is an important part of the current interactive world. It is very much essential for the end-user to preserve the confidentiality and integrity of their sensitive data. As such, information encoding is significant to defend against access from the non-authorized user. This paper is presented with an aim to build a system with a fusion of Cryptography and Steganography methods for scrambling the input image and embed into a carrier media by enhancing the security level. Elliptic Curve Cryptography (ECC) is helpful in achieving high security with a smaller key size. In this paper, ECC with modification is used to encrypt and decrypt the input image. Carrier media is transformed into frequency bands by utilizing Discrete Wavelet Transform (DWT). The encrypted hash of the input is hidden in high-frequency bands of carrier media by the process of Least-Significant-Bit (LSB). This approach is successful to achieve data confidentiality along with data integrity. Data integrity is verified by using SHA-256. Simulation outcomes of this method have been analyzed by measuring performance metrics. This method enhances the security of images obtained with 82.7528db of PSNR, 0.0012 of MSE, and SSIM as 1 compared to other existing scrambling methods.
Бесплатно

Two-factor Mutual Authentication with Fingerprint and MAC Address Validation
Статья научная
Mobile Ad hoc NETworks (MANET), unlike typical wireless networks, may be used spontaneously without the need for centralized management or network environment. Mobile nodes act as mediators to help multi-hop communications in such networks, and most instances, they are responsible for all connectivity tasks. MANET is a challenging endeavor because these systems can be attacked, which can harm the network. As a result, security concerns become a primary factor for these types of networks. This article aims to present an efficient two-factor smart card-based passcode authentication technique for securing legitimate users on an unprotected network. This scheme enables the password resetting feature. A secured mechanism for sharing keys is offered by using the hash function. We present a new two-factor mutual authentication technique based on an entirely new mechanism called the virtual smart card. Compared to authentication, the proposed method has fewer computation processes but is more time efficient since it is based on a hash function. Additionally, this approach is resistant to most attacker behaviors, such as Mutual authentication, Gateway node bypassing attacks, DoS attacks, replay attacks, Man in the middle attacks, and stolen smart device attacks. Experimental results validate the efficiency of this scheme, and its security is also analyzed.
Бесплатно

UML Based Integrated Multilevel Checkpointing Algorithms for Cloud Computing Environment
Статья научная
Main objective of this research work is to improve the checkpoint efficiency for integrated multilevel checkpointing algorithms and prevent checkpointing from becoming the bottleneck of cloud data centers. In order to find an efficient checkpoint interval, checkpointing overheads has also considered in this paper. Traditional checkpointing methods stores persistently snapshots of the present job state and use them for resuming the execution at a later time. The attention of this research is strategies for deciding when and whether a checkpoint should be taken and evaluating them in regard to minimizing the induced monetary costs. By varying rerun time of checkpoints performance comparisons are which will be used to evaluate optimal checkpoint interval. The purposed fail-over strategy will work on application layer and provide highly availability for Platform as a Service (PaaS) feature of cloud computing.
Бесплатно

Understanding the evolution of ransomware: paradigm shifts in attack structures
Статья научная
The devasting effects of ransomware have continued to grow over the past two decades which have seen ransomware shift from just being opportunistic attacks to carefully orchestrated attacks. Individuals and business organizations alike have continued to fall prey to ransomware where victims have been forced to pay cybercriminals even up to $1 million in a single attack whilst others have incurred losses in hundreds of millions of dollars. Clearly, ransomware is an emerging cyber threat to enterprise systems that can no longer be ignored. In this paper, we address the evolution of the ransomware and the associated paradigm shifts in attack structures narrowing down to the technical and economic impacts. We formulate an attack model applicable to cascaded network design structures common in enterprise systems. We model the security state of the ransomware attack process as transitions of a finite state machine where state transitions depict breaches of confidentiality, integrity, and availability. We propose a ransomware categorization framework that classifies the virulence of a given ransomware based on a proposed classification algorithm that is based on data deletion and file encryption attack structures. The categories that increase in severity from CAT1 to CAT5 classify the technical prowess and the overall effectiveness of potential ways of retaining the data without paying the ransom demand. We evaluate our modeling approach with a WannaCry attack use case and suggest mitigation strategies and recommend best practices based on these models.
Бесплатно

Статья научная
The deployment of sensor nodes in underwater environment is constrained by some resources of sensor node like: energy, processing speed, cost and memory and also affected by dynamic nature of water. The main purpose of node deployment is to get the sensed data from the underwater environment. One of the major tasks is to cover the whole area in underwater and also there must be a full connectivity in the network so that each sensor nodes are able to send their data to the other sensor node. Some researchers use the concept of node mobility for better coverage and connectivity. This work proposes an efficient node deployment technique for enhancing the coverage and connectivity in underwater sensor network. Simulation results show good performance in terms of area coverage and connectivity.
Бесплатно

Статья научная
This work focuses on developing a universal onboard neural network system for restoring information when helicopter turboshaft engine sensors fail. A mathematical task was formulated to determine the occurrence and location of these sensor failures using a multi-class Bayesian classification model that incorporates prior knowledge and updates probabilities with new data. The Bayesian approach was employed for identifying and localizing sensor failures, utilizing a Bayesian neural network with a 4–6–3 structure as the core of the developed system. A training algorithm for the Bayesian neural network was created, which estimates the prior distribution of network parameters through variational approximation, maximizes the evidence lower bound of direct likelihood instead, and updates parameters by calculating gradients of the log-likelihood and evidence lower bound, while adding regularization terms for warnings, distributions, and uncertainty estimates to interpret results. This approach ensures balanced data handling, effective training (achieving nearly 100% accuracy on both training and validation sets), and improved model understanding (with training losses not exceeding 2.5%). An example is provided that demonstrates solving the information restoration task in the event of a gas-generator rotor r.p.m. sensor failure in the TV3-117 helicopter turboshaft engine. The developed onboard neural network system implementing feasibility on a helicopter using the neuro-processor Intel Neural Compute Stick 2 has been analytically proven.
Бесплатно

User's Profile Replication Tree and On Demand Replica Update in Wireless Communication
Статья научная
Replication strategy is mostly useful for replicating the called mobile user's profile at selected locations where some caller mobile users have higher calling rate. It plays important role in personal communication services (PCS) in order to reduce call setup cost and call setup time. In prior replication schemes, replicated sites (visitor location registers) have no inter relationship. We have proposed a novel and innovative replication tree which is buildup from replicated VLRs (visitor location registers). VLRs are replicated based on effective replication probability of caller mobile user. Home location register (HLR) keeps update replica at root VLR in the replication tree and root VLR forwards update replica to a VLR in the replication tree on demand. The main objective of the proposed scheme is to reduce call setup time and call setup cost by enabling replication of called mobile user's location profile at certain visitor location registers (VLRs) where caller mobile user roams. We have presented analytical modeling which shows that setting inter-relationship among the replicated sites helps in further reducing the call setup cost.
Бесплатно

Using Adaptive Neuro-Fuzzy Inference System in Alert Management of Intrusion Detection Systems
Статья научная
By ever increase in using computer network and internet, using Intrusion Detection Systems (IDS) has been more important. Main problems of IDS are the number of generated alerts, alert failure as well as identifying the attack type of alerts. In this paper a system is proposed that uses Adaptive Neuro-Fuzzy Inference System to classify IDS alerts reducing false positive alerts and also identifying attack types of true positive ones. By the experimental results on DARPA KDD cup 98, the system can classify alerts, leading a reduction of false positive alerts considerably and identifying attack types of alerts in low slice of time.
Бесплатно

Using P systems to Solve the Discrete Logarithm Problem used in Diffie-Hellman Key Exchange Protocol
Статья научная
The discrete logarithm problem has been used as the basis of several cryptosystems, especially the Diffie- Hellman key exchange protocol. P systems are a cluster of distributed parallel computing devices in a biochemical type. This paper presents a P system with active membranes and strong priority to solve the discrete logarithm problem used in Diffie-Hellman key exchange protocol. To the best of our knowledge, it’s the first time to solve the problem using P systems.
Бесплатно

Using homomorphic cryptographic solutions on E-voting systems
Статья научная
Homomorphic Cryptography raised as a new solution used in electronic voting systems. In this research, Fully Homomorphic encryption used to design and implement an e-voting system. The purpose of the study is to examine the applicability of Fully Homomorphic encryption in real systems and to evaluate the performance of fully homomorphic encryption in e-voting systems. Most of homomorphic cryptography e-voting systems based on additive or multiplicative homomorphic encryption. In this research, fully homomorphic encryption used to provide both operations additive and multiplication, which ease the demonstration of none interactive zero-knowledge proof NIZKP. The proposed e-voting system achieved most of the important security issues of the internet-voting systems such as eligibility, privacy, accuracy, verifiability, fairness, and others. One of the most important properties of the implemented internet voting system its applicability to work on cloud infrastructure, while preserving its security characteristics. The implementation is done using homomorphic encryption library HELib. Addition and multiplication properties of fully homomorphic encryption were used to verify the correctness of vote structure as a NIZKP, and for calculating the results of the voting process in an encrypted way. The results show that the implemented internet voting system is secure and applicable for a large number of voters up to 10 million voters.
Бесплатно

Using progressive success probabilities for sound-pruned enumerations in BKZ algorithm
Статья научная
We introduce a new technique for BKZ reduction, which incorporated four improvements of BKZ 2.0 (including: sound pruning, preprocessing of local blocks, shorter enumeration radius and early-abortion). This algorithm is designed based on five claims which be verified strongly in experimental results. The main idea is that, similar to progressive BKZ which using decrement of enumeration cost after each sequence incremental reduction to augment the block size, we use the decrement of enumeration cost after each round of our algorithm to augment the success probability of bounding function. Also we discussed parallelization considerations in our technique.
Бесплатно

VLSI implementation of CMOS full adders with low leakage power
Статья научная
In this paper, we present two different methods to implement 1-bit full adder namely MTJ based full adder design also called MFA and Lector method based full adder design. These adders are designed and implemented using CADENCE Design Suite 6.1.6 Virtuoso ADE. The implemented design is verified using CADENCE ASSURA. The performance is measured for 45nm technology and a comparative analysis of transistor count; delay and power of the adders were performed. When compared with the previous MFA the proposed MFA overcomes the SEU error which is a result of body biasing. In Lector technique the transistor density is reduced by implementing the sum logic in terms of carry thus reducing the area. In order to attain the complete logic levels buffers are introduced at the sum and carry outputs of both Lector and MFA. The Lector method uses less number of transistors when compared with proposed MFA, but the proposed MFA is efficient because it achieves minimum power dissipation when compared to the Lector method.
Бесплатно

Validation of an adaptive risk-based access control model for the internet of things
Статья научная
The Internet of Things (IoT) has spread into multiple dimensions that incorporate different physical and virtual things. These things are connected together using different communication technologies to provide unlimited services. These services help not only to improve the quality of our daily lives, but also to provide a communication platform for increasing object collaboration and information sharing. Like all new technologies, the IoT has many security challenges that stand as a barrier to the successful implementation of IoT applications. These challenges are more complicated due to the dynamic and heterogeneous nature of IoT systems. However, authentication and access control models can be used to address the security issue in the IoT. To increase information sharing and availability, the IoT requires a dynamic access control model that takes not only access policies but also real-time contextual information into account when making access decisions. One of the dynamic features is the security risk. This paper proposes an Adaptive Risk-Based Access Control (AdRBAC) model for the IoT and discusses its validation using expert reviews. The proposed AdRBAC model conducts a risk analysis to estimate the security risk value associated with each access request when making an access decision. This model has four inputs/risk factors: user context, resource sensitivity, action severity and risk history. These risk factors are used to estimate a risk value associated with the access request to make the access decision. To provide the adaptive features, smart contracts will be used to monitor the user behaviour during access sessions to detect any malicious actions from the granted users. To validate and refine the proposed model, twenty IoT security experts from inside and outside the UK were interviewed. The experts have suggested valuable information that will help to specify the appropriate risk factors and risk estimation technique for implantation of the AdRBAC model.
Бесплатно

Variants of Energy Efficient Clustering Protocols for Wireless Sensor Networks
Статья научная
The energy resource-contrived is the most difficult aspect of WSN and that energy cannot be re-charged. When every sensor node is needed to move ahead the data packet to the sink node, the problem emerges there. Through unmoving, listening and retrans-mitting, the accessible energy in every node could be lost in this procedure because of collisions as well as over-hearing. Network topology management and energy min-imization is done due to Cluster-based WSN routing pro-tocols. In clustering in WSN, sensor nodes are sorted into little disjoint clusters, where every cluster has an organizer referred as CH. In this paper, energy efficient clustering techniques related to WSNs are discussed and com-parative analysis is also performed.
Бесплатно

Verification of cloud based information integration architecture using colored petri nets
Статья научная
Healthcare applications, such as patient record, patient – doctor mapping service, various disease symptoms etc. The major challenges is processing and integrating the real time data. Following-up with analyzing the data would involve moving the data in Data Lake to a Cloud to known about the status of the patient and for tracking purpose. In this research, we recommend a cloud based information integration framework using Data Lake in Cloud. This work extends the information integration architecture by designing with Data Lake in Cloud, using mathematical model (Petri Net) to verify architecture. This approach has the ability to scale up and down in real time data, and leading to efficient way of using data resources in the Cloud.
Бесплатно

Статья научная
This paper focuses on the design model verification processes to reduce modification cost after the software is delivered. We proposed a new design flow of web content integrity to protect web security by using colored petri nets simulation. The method covers the design process from the firewall stage to the recovery stage. In the proposed solution, the model verified the integrity of web content through detection tampering and recovery web content processes. Furthermore, the specification formally verifies the model checking technique by colored Petri nets formalism. Finally, the model is simulated by colored petri nets to insure the correct behavior of the designed web content integrity model.
Бесплатно

Verifier-based Password Authenticated 3P-EKE Protocol using PCLA keys
Статья научная
This paper endeavors to present a novel framework for the generic structure of a verifier-based password authenticated Three-Party Encrypted Key Exchange (3P-EKE) protocol which yields more efficient protocol than the ones knew before. A previous framework presented by Archana and Premchand is more secured against all types of attacks like password guessing, replay, pre-play, man-in-the-middle attack etc. But unfortunately, this protocol does not solve the problem of a server compromise. These proofs help as inspiration to search for another framework. The framework we offer produces more efficient 3P-EKE protocol, and, in addition, delivers perceptive clarification about the existing attacks that do not solve in the previous framework. Moreover, it allows direct change from a class of verge private-key encryption to a hybrid (symmetric & Asymmetric) one without significant overhead.
Бесплатно

Vertical Handoff Decision Algorithm Based on PRSS and Dwell Time
Статья научная
Next generation wireless network (NGWN) is a mixture of various heterogeneous technology. It allows the global information access to the user while moving from one network to another. The challenging issue in NGWNs to design an intelligent vertical handoff decision algorithm beyond traditional one. The traditional algo-rithms are based on signal strength only to determine the right time and right network. But, these algorithms have a large number of unnecessary handoff due to fluctuating RSS. Although, the number of unnecessary handoffs can be reduced by an RSS with hysteresis margin scheme. But these algorithms increases the risk of high dropping and low utilization. Therefore, the aim of our research is to develop a vertical handoff decision algorithm that can select an optimum target network based on bandwidth requirement, battery power, cost of service, network per-formance and network condition. By the implementation of our algorithm, we can provide a mechanism that can select the best network at the appropriate time and pro-vides the uninterrupted services to mobile users, that al-lows connectivity between universal mobile telecommu-nication system (UMTS) and wireless local area network (WLAN). The inclusion of hysteresis margin and dwell time in predicted RSS helps in reducing the early handoff, ping pong effect, decision delay and utilization rate.
Бесплатно

Vertical Handoff with Predictive Received Signal Strength in Next Generation Wireless Network
Статья научная
Since the last few decades, tremendous innovations and inventions have been observed in every field, but especially in wireless network technology. The prevailing demand curves and trends in this particular area of communication show the importance of real-time multimedia applications over several networks with guaranteed quality of service (QoS). The Next Generation Wireless Network (NGWN) consists of heterogeneous wireless networks that will grant high data rate and bandwidth to mobile users. The primary aim of Next Generation Wireless Network (NGWN) is to conceal heterogeneities and to achieve convergence of diverse networks to provide seamless mobility. So that mobile user can move freely between networks without losing the connection or changing the setting at any moment. When the mobile user moves between different networks, there is a requirement to handover the channel, from one network to another by considering its services, features and user preferences. Channel handover between two different networks is done with the help of vertical handoff (VHO). In a heterogeneous environment, numerous technologies co-exist with their unique characteristics. Therefore, it is very difficult to design efficient handoff decision algorithm. The poorly designed handoff algorithm tends to increase the traffic load and, thereby tend to dramatic decrease in quality of service. A mobile node equipped with multiple network interfaces will be able to access heterogeneous wireless access network. But the availability of alternatives give rise to a problem of unnecessary handoff. To avoid this, we have proposed a decision algorithm based on predictive received signal strength, hysteresis margin and dwell time to select an optimum target network. The handoff policies are designed using received signal strength (RSS), available bandwidth, service cost, user preference, type of application and network condition to reduce the number of handoffs, decision delay, probability of handoff failure and probability of unnecessary handoff. We have also made a comparative analysis of various vertical handoff decision algorithms in this paper.
Бесплатно