Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1110
Agent based trust establishment between vehicle in vehicular cloud networks
Статья научная
In order to enhance the driving experience with increased security and privacy, a category of MANET has emerged i.e VANET. The nodes are highly mobile, uncoordinated and dynamic in nature. An progressive step in this vision is Vehicular Cloud (VC) the advancement in Intelligent Transport System (ITS).The resources are shared between the vehicle nodes to provide the services at a economical cost. In order to provide them there should be hassle free secure communication link established between the Vehicle nodes, Road side unit (RSU) and the Cloud. Trust establishment in VC between vehicle nodes enhances the security aspects in VC. In this paper we put forth an trust evaluation scheme based on Dempster Shafer theory. The trust evaluation is based on Direct trust and Indirect trust, the priority of which can be accustomed.
Бесплатно
Alleviating malicious insider attacks in MANET using a multipath on-demand security mechanism
Статья научная
MANET is a family of ad hoc networks that spans a huge spectrum of other networking paradigms such as WMN, WSN, and VANET etc. There is a dire need for strengthening the base of all these networks from the security point of view. The vulnerability of MANET towards the attacks is huge as compared to its wired counterparts. MANETs are vulnerable to attacks because of the unique characteristics which they exhibit like the absence of central authority, usage of wireless links, dynamism in topology, shared media, constrained resources, etc. The ramification being that the security needs of MANETs become absolutely different than the ones which exist in the customary networks. One of the basal vulnerabilities of MANETs comes from their peer to peer architecture which is completely open wherein the mobile nodes act as routers, the medium of communication is open making it reachable to both the legitimate users of the network as well as the malicious nodes. Consequently, there is a bankruptcy of clear line of defense from the perspective of security design. This in turn implies that any node which may even be authentic can enter the network and affect its performance by dropping the packets instead of forwarding them. The occurrences of the attacks of this type in ad hoc networks result in the situation where even the standard routing protocols do not provide the required security. The proposed solutions in literature such as SAODV, ARAN, and SEAODV all provide authentication and encryption based solutions to these attacks. But, the attack on availability which is the most common and easiest of them all cannot be avoided by the authentication and encryption because even the authentic user can be the attacker. Also, the encryption cannot be helpful to prevent such attacks. Therefore, in such a situation if a proper solution is not provided the entire MANET operation will get crippled. The main aim of this paper is to guarantee a security solution which provides defense against these attacks. To achieve this, a Multipath On-demand security Mechanism, called Secure Multipath Ad hoc On-demand Distance vector routing protocol (SMAODV), is presented which eliminates the malicious nodes from the network thereby preventing MANETs from the effects of such malicious nodes.
Бесплатно
Alternative Equations for Guillou-Quisquater Signature Scheme
Статья научная
In 1990, Guillou and Quisquater published an article where they described a new digital signature system. Their technique was based on the RSA algorithm. In this paper, we present several modified Guillou-Quisquater digital signature protocols. We discuss their security and complexity. These schemes can be seen as alternative signature methods if existing systems are completely broken.
Бесплатно
An Algebraic Method for the N-Queens Problem Based on Permutation Operation Group
Статья научная
To analyze N-Queens problem in permutation space, this paper defines isomorphic operations of permutation to dihedral group D4. With these operations to find elements within an orbit, two operations on orbits are also defined to generate new orbit from existing ones. Orbit signature is proposed to uniquely identify different orbits in orbit space. A search algorithm based on orbit signature is presented, and finally the effectiveness of the algorithm is illustrated by an example.
Бесплатно
An Algorithm for Static Tracing of Message Passing Interface Programs Using Data Flow Analysis
Статья научная
Message Passing Interface (MPI) is a well know paradigm that is widely used in coding explicit parallel programs. MPI programs exchange data among parallel processes using communication routines. Program execution trace depends on the way that its processes are communicated together. For the same program, there are a lot of processes transitions states that may appear due to the nondeterministic features of parallel execution. In this paper we present a new algorithm that statically generates the execution trace of a given MPI program using data flow analysis technique. The performance of the proposed algorithm is evaluated and compared with that of two heuristic techniques that use a random and genetic algorithm approaches to generate trace sequences. The results show that the proposed algorithm scales well with the program size and avoids the problem of processes state explosion which the other techniques suffer from.
Бесплатно
An Analysis of Link Disjoint and Node Disjoint Multipath Routing for Mobile Ad Hoc Network
Статья научная
In Mobile Ad hoc Network, path between source and destination node changes too frequently due to unpredictable behavior and movement of mobile nodes. The data delivery to the intended destination becomes very challenging. The paths exist between source and destination node may be various types. Data delivery may be done with single or multiple paths. Single path sometimes not guaranteed about data delivery, so one of the better solution is multipath data delivery. Here, in this paper, we have considered Link Disjoint and Node Disjoint multipath for data delivery. For this AOMDV protocol with node and link disjoint is considered to evaluate performance. To evaluate their performance different node pause time considered with varying number of nodes. We have computed various QoS network metrics like throughput, average end-to-end delay, routing overhead to identify in which method of data delivery perform better and in what conditions. The results obtain shows that Node Disjoint multipath method AOMDV performs better than Link Disjoint method. The simulation work carried out using Simulator NS-2.34.
Бесплатно
An Analytical Approach to Assess and Compare the Vulnerability Risk of Operating Systems
Статья научная
Operating system (OS) security is a key component of computer security. Assessing and improving OSs strength to resist against vulnerabilities and attacks is a mandatory requirement given the rate of new vulnerabilities discovered and attacks occur. Frequency and the number of different kinds of vulnerabilities found in an OS can be considered an index of its information security level. In the present study we assess five mostly used OSs, Microsoft Windows (windows 7, windows 8 and windows 10), Apple’s Mac and Linux for their discovered vulnerabilities and the risk associated in each. Each discovered and reported vulnerability has an Exploitability score assigned in CVSS [27] of the national vulnerability data base. We compare the risk from vulnerabilities in each of the five Operating Systems. The Risk Indexes used are developed based on the Markov model to evaluate the risk of each vulnerability [11, 21, 22]. Statistical methodology and underlying mathematical approach is described. The analysis includes all the reported vulnerabilities in the National Vulnerability Database [19] up to October 30, 2018. Initially, parametric procedures are conducted and measured. There are however violations of some assumptions observed. Therefore, authors recognized the need for non-parametric approaches. 6838 vulnerabilities recorded were considered in the analysis. According to the risk associated with all the vulnerabilities considered, it was found that there is a statistically significant difference among average risk level for some operating systems. This indicates that according to our method some operating systems have been more risk vulnerable than others given the assumptions and limitations. Relevant Test results revealing a statistically significant difference in the Risk levels of different OSs are presented.
Бесплатно
An Analytical Assessment on Document Clustering
Статья научная
Clustering is related to data mining for information retrieval. Relevant information is retrieved quickly while doing the clustering of documents. It organizes the documents into groups; each group contains the documents of similar type content. Document clustering is an unsupervised approach of data mining. Different clustering algorithms are used for clustering the documents such as partitioned clustering (K-means Clustering) and Hierarchical Clustering (Agglomerative Hierarchical Clustering (AHC)). This paper presents analysis of Suffix Tree Clustering (STC) Algorithm and other clustering techniques (K-means, AHC) that are being done in literature survey. The paper also focuses on traditional Vector Space Model (VSM) for similarity measures, which is used for clustering the documents. This paper also focuses on the comparison of different clustering algorithms. STC algorithm improves the searching performance as compare to other clustering algorithms as the papers studied in literature survey. The paper presents STC algorithm applied on the search result documents, which is stored in the dataset. This paper articulates the key requirements for web document clustering and clusters would be created on the full text of the web documents. STC perform the clustering and make the clusters based on phrases shared between the documents. STC is faster clustering algorithm for document clustering.
Бесплатно
An Architecture for Alert Correlation Inspired By a Comprehensive Model of Human Immune System
Статья научная
Alert correlation is the process of analyzing, relating and fusing the alerts generated by one or more Intrusion Detection Systems (IDS) in order to provide a high-level and comprehensive view of the security situation of the system or network. Different approaches, such as rule-based, prerequisites consequences-based, learning-based and similarity-based approach are used in correlation process. In this paper, a new AIS-inspired architecture is presented for alert correlation. Different aspects of human immune system (HIS) are considered to design iCorrelator. Its three-level structure is inspired by three types of responses in human immune system: the innate immune system's response, the adaptive immune system's primary response, and the adaptive immune system's secondary response. iCorrelator also uses the concepts of Danger theory to decrease the computational complexity of the correlation process without considerable accuracy degradation. By considering the importance of signals in Danger theory, a new alert selection policy is introduced. It is named Enhanced Random Directed Time Window (ERDTW) and is used to classify time slots to Relevant (Dangerous) and Irrelevant (Safe) slots based on the context information gathered during previous correlations. iCorrelator is evaluated using the DARPA 2000 dataset and a netForensics honeynet data. Completeness, soundness, false correlation rate and the execution time are investigated. Results show that iCorrelator generates attack graph with an acceptable accuracy that is comparable to the best known solutions. Moreover, inspiring by the Danger theory and using context information, the computational complexity of the correlation process is decreased considerably and makes it more applicable to online correlation.
Бесплатно
An EVCS for Color Images with Real Size Image Recovery and Ideal Contrast Using Bit Plane Encoding
Статья научная
Conventional visual secret sharing schemes generate noise-like random pixels on shares to hide secret images. It suffers a management problem, because of which dealers cannot visually identify each share. This problem is solved by the Extended Visual Cryptography scheme (EVCS). However, the previous approaches involving the EVCS for general access structures suffer from a low contrast problem. This paper proposes a new (k,n)-threshold image sharing scheme using extended visual cryptography scheme for color images based on bit plane encoding that encrypts a color image in such a way that results of encryption is in the form of shares. Shares do not reflect any information directly, information is scrambled instead. The traditional binary EVCS is used to get the sharing images at every bit level of each principle component of a color image. This scheme provides a more efficient way to hide natural images in different shares. Furthermore, the size of the hidden secret can be recovered by inspecting the blocks in the shares. This new scheme for color images gives the ideal contrast in the recovered image.
Бесплатно
Статья научная
Vehicular Ad-hoc Network (VANET) is a growing technology that utilizes moving vehicles as mobile nodes for exchanging essential information between users. Unlike the conventional radio frequency based VANET, the Visible Light Communication (VLC) is used in the VANET to improve the throughput. However, the road safety is considered as a significant issue for users of VANET. Therefore, congestion-aware routing is required to be developed for enhancing road safety, because it creates a collision between the vehicles that causes packet loss. In this paper, the Multi Objective Congestion Metric based Artificial Ecosystem Optimization (MOCMAEO) is proposed to enhance road safety. The MOCMAEO is used along with the Ad hoc On-Demand Distance Vector (AODV) routing protocol for generating the optimal routing path between the source node to the Road Side Unit (RSU). Specifically, the performance of the MOCMAEO is improved using the multi-objective fitness functions such as congestion metric, residual energy, distance, and some hops. The performance of the MOCMAEO is analyzed by means of Packet Delivery Ratio (PDR), throughput, delay, and Normalized Routing Load (NRL). The PSO based geocast routing protocols such as LARgeoOPT, DREAMgeoOPT, and ZRPgeoOPT are used to evaluate the performance of the MOCMAEO method. The PDR of the MOCMAEO method is 99.92 % for 80 nodes, which is high when compared to the existing methods.
Бесплатно
An Effective Way of Evaluating Trust in Inter-cloud Computing
Статья научная
For any communication to be successful, trust is necessary. For inter-cloud communication, clouds interact with each other for resource sharing. Since they are unaware of their opposite party, there should be some mechanism by which the cloud gets an idea about them prior to the communication. This is accomplished through trust management systems that calculate the trust rating of clouds from opinions from their peers. There is no way to ensure whether these peers are genuine in their opinion or not. This paper proposes a method to reduce such problems by considering the latest history of communication of a particular cloud and ignore the opinions given by less trusted clouds.
Бесплатно
An Effective and Secure Cipher Based on SDDO
Статья научная
To improve the efficiency of security of the information secure mechanism, an algorithm BMD-128 is proposed. This algorithm is built on the SDDO. Using this operator decreases significanthy the cost of hardware implementation. Besides, it also ensures both the high applicability in the transaction needing the change of session keys with high frequency and the ability against slide attack. Concurrently, this algorithm also eliminates the weak keys without the complex round key proceduce. The algorithm is evaluated regards to the standard NESSIE and the ability against the differential cryptanalysis. Concurrently, it is also compared the performance with the other famous ciphers when implementing on hardware FPGA.
Бесплатно
An Efficiency and Algorithm Detection for Stenography in Digital Symbols
Статья научная
In modern conditions; Steganography has become the digital strategy of hiding files in one form or other MEDIA like images, sound files or video files. Algorithms built-in digital information for color images based techniques steganography. This work presents a new method of steganography based on space domain to encode more information in the image, making small changes in their pixels. The results work obtained in this work that the new detection method of steganography based on new spatial coding additional information in the image, making small changes in their pixels based on the expansion of the range is designed for testing the proposed structure. This work study is to develop a new method to detect human faces, reflected in digital photography, with a high work rate and accuracy of detection.
Бесплатно
An Efficient (n, n) Visual Secret Image Sharing using Random Grids with XOR Recovery
Статья научная
Visual cryptography by name itself suggests cryptography related to images. It is a branch of cryptography that deals with the encryption and decryption of images. Visual cryptography demonstrates a visual secret sharing scheme in which an image has been divided into n shares and original image can be decrypt with these shares without / less computational efforts. This paper proposed an efficient (n, n) visual secret image sharing method using random grids. This scheme gives the complete retrieval of secret image using XOR stacking without the need of a codebook. The Random Grid based Visual Cryptography results no pixel expansion. The proposed method works for (shares) for retrieval of original image. Experimental results demonstrate that the proposed method produces better results in terms of simplicity, visual quality and performance.
Бесплатно
An Efficient Approach for Detection of Compromised SDN Switches and Restoration of Network Flow
Статья научная
In Software Defined Networking (SDN) the data plane is separated from the controller plane to achieve better functionality than the traditional networking. Although this approach poses a lot of security vulnerabilities due to its centralized approach. One significant issue is compromised SDN switches because the switches are dumb in SDN architecture and in absence of any intelligence it can be a easy target to the attackers. If one or more switches are attacked and compromised by the attackers, then the whole network might be down or defunct. Therefore, in this work we have devised a strategy to successfully detect the compromised SDN switches, isolate them and then reconstruct the whole network flow again by bypassing the compromised switches. In our proposed approach of detection, we have used two controllers, one as primary and another as secondary which is used to run and validate our algorithm in the detection process. Flow reconstruction is the next job of the secondary controller which after execution is conveyed to the primary controller. A two-controller strategy has been used to balance the additional load of detection and reconstruction activity from the master controller and thus achieved a balanced outcome in terms of running time and CPU utilization. All the propositions are validated by experimental analysis of the results and compared with existing state of the art to satisfy our claim.
Бесплатно
An Efficient Chaos-based Image Encryption Scheme Using Affine Modular Maps
Статья научная
Linear congruential generator has been widely applied to generate pseudo-random numbers successfully. This paper proposes a novel chaos-based image encryption scheme using affine modular maps, which are extensions of linear congruential generators, acting on the unit interval. A permutation process utilizes two affine modular maps to get two index order sequences for the shuffling of image pixel positions, while a diffusion process employs another two affine modular maps to yield two pseudo-random gray value sequences for a two-way diffusion of gray values. Experimental results are carried out with detailed analysis to demonstrate that the proposed image encryption scheme possesses large key space to frustrate brute-force attack efficiently and can resist statistical attack, differential attack, known-plaintext attack as well as chosen-plaintext attack thanks to the yielded gray value sequences in the diffusion process not only being sensitive to the control parameters and initial conditions of the considered chaotic maps, but also strongly depending on the plain-image processed.
Бесплатно
Статья научная
Information security is indispensable in the transmission of multimedia data. While accumulating and distributing such multimedia data, the access of data from a third person is the real security challenging issue. Information hiding plays an important role. Scramble the data before hiding it in carrier media gives enhanced security level for the data. In this paper, bit plane slicing is used to represent an input image with eight planes at bit-level instead of pixel-level. As the least significant bit contains noisy information, only the most significant bit plane can be used to represent an image. At the first level, an input image is processed through the spatial domain. Transform domain techniques are used to process the image at the middle level. Elliptic curve cryptography is used to scramble and descramble the MSB plane image. A logistic chaotic sequence of the input image is added to the most significant bit plane image to generate the final scrambled image. The discrete wavelet transform is used to embed the scrambled image in its high-frequency sub-bands. At the last level, a least significant bit technique, a spatial domain is used to embed the scrambled image in the carrier image. Message integrity is also verified by finding the hash of an input image. The performance of the proposed method is evaluated through various security measures. It gives good results as number of pixel change rate is closer to 100% and unified average changing intensity is 33.46.
Бесплатно
Статья научная
Steganography is the art of amalgamating the secret message into another public message which may be text, audio or video file in a way that no one can know or imperceptible the existence of message. So, the secret message can send in a secret and obscure way using steganography techniques. In this paper, we use the audio steganography where the secret message conceal in audio file. We use audio rather than image because the human auditory system (HAS) is more sensitive than human visual system (HVS). We propose an audio steganography algorithm, for embedding text, audio or image based on Lifting Wavelet Transform (LWT) transform with modification of Least Significant Bit (LSB) technique and three random keys where these key is used to increase the robustness of the LSB technique and without it no one can know the sort of secret message type, the length of the secret message and the initial position of the embedded secret message in LSB. The performance of our algorithm is calculated using SNR and we compare the values of our proposed method with some known algorithms.
Бесплатно
An Efficient Multi-keyword Symmetric Searchable Encryption Scheme for Secure Data Outsourcing
Статья научная
Symmetric searchable encryption (SSE) schemes allow a data owner to encrypt its data in such a way that it could be searched in encrypted form. When searching over encrypted data the retrieved data, search query, and search query outcome everything must be protected. A series of SSE schemes have been proposed in the past decade. In this paper, we are going to propose our an efficient multi-keyword symmetric searchable encryption scheme for secure data outsourcing and evaluate the performance of our proposed scheme on a real data set.
Бесплатно
