Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1066
An TPM based approach for generation of secret key
Статья научная
As the world becoming so much internet de-pendent and near about all the communications are done via internet, so the security of the communicating data is to be enhanced accordingly. For these purpose many encryption-decryption algorithms are available and many neural network based keys are also available which is used in these algorithms. Neural Network is a technique which is designed to work like a human brain. It has the ability to perform complex calculations with ease. To generate a secret key using neural networks many techniques are available like Tree Parity Machine (TPM) and many others. In TPM there are some flaws like less randomness, less time efficient. There are already three rules available i.e. Hebbian Rule, Anti Hebbian Rule and Random Walk, with same problems. So to overcome these issues, we propose a new approach based on the same concept(TPM, as Tree-structured Neural Network’s execution time is comparatively less than that of the other Neural Networks) which generate random and time-efficient secret key.
Бесплатно
An Ultra-secure Router-to-router Spontaneous Key Exchange System
Статья научная
This paper presents an ultra-secure router-to-router key exchange system. The key exchange process can be initiated by either router at will and can be carried out as often as required. We compare the efficacy of the proposed approach with contemporary quantum key distribution (QKD) systems and show that quantum-level security is attainable without resorting to single photon generators and other attendant instrumentation associated with QKD. Furthermore, the proposed system addresses the extremely limited geographical reach of commercially available QKD systems and other environmental restrictions they must operate in. The proposed system carries out all processing in electronics and is not vulnerable to the man in the middle attack. The medium of transfer can, of course, be optical fibers as is common in telecommunication.
Бесплатно
An Underwater Acoustic Routing protocol based on Hole Projecton
Статья научная
The directed routing protocol ends in failure when it faces a situation of the destination node with a very low velocity in a sparse ad hoc network so that none of nodes exist in its forwarding zone. Illuminated by BFDREAM and ZONER, the paper firstly proposes a novelty routing protocol that is fairly immune to forwarding failure through projecting the present source node on the boundaries of baffle holes of underwater acoustic networks in deep sea. Compared with DREAM and BFDREAM, the experimental results show our protocol achieves a great improvement in decreasing the propagation delay and reducing quantities of the non-effect information. So the new protocol may have a bright application prospect in deep sea acoustic networks.
Бесплатно
An Update based Energy-Efficient Reactive Routing Protocol for Mobile Ad Hoc Networks
Статья научная
Low cost energy-efficient (power based) routing protocols of mobile ad hoc networks (MANETs) increase the lifetime of static networks by using received signal strength (RSS) and battery power status (PS). They require GPS service to find the exact location of mobile nodes. The GPS devices themselves consume power because they need excessive updates to find the stationary nodes for efficient routing. To overcome this, RSS is being used as a metric, followed by, residual battery power. The recent protocols, based on these concepts, provide energy efficient routes during the route discovery phase only. Topological changes make these routes weak in due course of time. To update routes, HELLO process can be used, which however creates unnecessary overhead, delay and consumes power. Hence, these protocols do not update the routes. We propose an energy-efficient reactive routing protocol that uses the RSS and PS of mobile nodes. Proposed Link Failure Prediction (LFP) algorithm uses the link-layer feedback system to update active routes. We use ns2 for simulation of the proposed algorithm. Comparing the results of proposed scheme and existing scheme, in terms of energy consumption, link failure probability, and retransmission of packets, we observe that the proposed scheme outperforms the existing one.
Бесплатно
An analytical study of cellular automata and its applications in cryptography
Статья научная
Security and confidentiality are the major concerns in information technology enabled services wherein data security, user authentication, industrial security and message authentication have a great deal of access to the world anywhere, anytime. The implication is: there is a need for efficient methods to secure digital data across different platforms. The concept of cellular automata finds application in the design of efficient methods to secure digital information. It is a recent field of research and its recognition has been on the rise with its high parallel structure and ability to design complex dynamic systems. In this paper, we study the basic concepts of different types of cellular automata and also discuss its applications in cryptography with various examples.
Бесплатно
An approach to develop a transactional calculus for semi-structured database system
Статья научная
Traditional database system forces all data to adhere to an explicitly specified, rigid schema and most of the limitations of traditional database may be overcome by semi-structured database. Whereas a traditional transaction system guarantee that either all modifications are done or none of these i.e. the database must be atomic (either occurs all or occurs nothing) in nature. In this paper transaction is treating as a mapping from its environment to compensable programs and provides a transaction refinement calculus. The motivation of the Transactional Calculus for Semi Structured Database System (TCSS) is-finally, on a highly distributed network, it is desirable to provide some amount of fault tolerance. The paper proposes a mathematical framework for transactions where a transaction is treated as a mapping from its environment to compensable programs and also provides a transaction refinement calculus. It proposes to show that most of the semi structured transaction can be converted to a calculus based model which is simply consists of a forward activity and a compensation module of CAP (consistency, availability, and partition tolerance) [12] and BASE (basic availability, soft state and eventually consistent) [45] theorem. It proposes to show that most of the semi-structured transaction can be converted to a calculus based model which is simply consists of a forward activity and a compensation module of CAP and BASE theorem. It is important that the service still perform as expected if some nodes crash or communication links fail, Verification of several useful properties of the proposed TCSS includes in this article. Moreover, a detailed comparative analysis has been providing towards evaluation of the proposed TCSS.
Бесплатно
An efficiency optimization for network intrusion detection system
Статья научная
With the enormous rise in the usage of computer networks, the necessity for safeguarding these networks is also increased. Network intrusion detection systems (NIDS) are designed to monitor and inspect the activities in a network. NIDS mainly depends on the features of the input network data as these features give information on the behaviour nature of the network traffic. The irrelevant and redundant network features negatively affect the efficacy and quality of NIDS, particularly its classification accuracy, detection time and processing complexity. In this paper, several feature selection techniques are applied to optimize the efficiency of NIDS. The categories of the applied feature selection techniques are the filter, wrapper and hybrid. Support vector machine (SVM) is employed as the detection model to classify the network connections behaviour into normal and abnormal traffic. NIDS is trained and tested on the benchmark NSL-KDD dataset. The performance of the applied feature selection techniques is compared with each other and the results are discussed. Evaluation results demonstrated the superiority of the wrapper techniques in providing the highest classification accuracy with the lowest detection time and false alarms of the NIDS.
Бесплатно
An efficient image block encryption for key generation using non-uniform cellular automata
Статья научная
Cryptographic image block encryption schemes play a significant role in information enabled services. This paper proposes an image block encryption scheme based on a novel three stage selection (TSS) method in a public cloud with reversible cellular automata. Due to the openness of public cloud, different attacks are possible over user sensitive information. The TSS method has three stages and they generate a robust master key with user plaintext as input and produces an encrypted block as key to be sent to authenticated users. An analysis of experimental results shows that this new method has a large key space and immune to brute force attacks, statistical cryptanalysis attacks and chosen plaintext attacks. Also, the encrypted image entropy value could be increased to 7.9988 making it ideal for a best image block encryption for key generation.
Бесплатно
An efficient indexing technique for AES lookup table to prevent side-channel cache timing attack
Статья научная
In the era of virtualization, co-residency with unknown neighbours is a necessary evil and leakage of information through side-channels is an inevitable fact. Preventing this leakage of information through side-channels, while maintaining high efficiency, has become one of the most challenging parts of any implementation of the Advanced Encryption Standard (AES) that is based on the Rijndael Cipher. Exploiting the associative nature of the cache and susceptible memory access pattern, AES is proved to be vulnerable to side-channel cache-timing attacks. The reason of this vulnerability is primarily ascribed to the existence of correlation between the index Bytes of the State matrix and corresponding accessed memory blocks. In this paper, we idealized the model of cache-timing attack and proposed a way of breaking this correlation through the implementation of a Random Address Translator (RAT). The simplicity of the design architecture of RAT can make itself a good choice as a way of indexing the lookup tables for the implementers of the AES seeking resistance against side-channel cache-timing attacks.
Бесплатно
An efficient steganography technique for images using chaotic bitstream
Статья научная
Steganography is a science of security technique through invisible communication; hiding secret message into cover objects without any suspicion. Protection of the hidden information from an adversary is the main purpose of any steganography system even if the embedding method is obvious. In this paper, an effective image steganography system based on a least significant bit (LSB) algorithm and chaos is proposed. The proposed method contains a spatial domain technique in which the Logistic map is used for generating chaotic bitstream and bitwise XOR operation which is used to create control bit. Control bit determines whether the LSB of a specific pixel is changed or not according to the secret message. This provides direct manipulation over the pixels of the image with a very low precision hence enhances the system security. In this study, gray image is used as secret message and a larger scale image as cover image. Experimental results demonstrate that the proposed method is very efficient to detect LSB replacement in the algorithm. Moreover, the proposed algorithm is highly sensitive to the stego key parameters due to complex structure of chaos which provides high level of security in the whole system and effectively hides and detects the image information.
Бесплатно
Статья научная
This research proposes a model for presenting email to Artificial Neural Network (ANN) to classify spam and legitimate emails. The proposed model based on selecting wise 13 fixed features relevant to spam emails combined with text features. The experiment tests many scenarios to find out the best-suited combination of features representation. These scenarios show the effect of using term frequency (tf), term frequency-inverse document frequency (tf*idf), Level two (L2) normalization, and principal component analysis (PCA) for dimension reduction. Text features vectors are represented in the principal component space as a reduced form of the original features vectors. PCA reduction effect on ANN performance is also studied. Among these tests, best-suited model that improves ANN classification and speeds up training is concluded and suggested. An idea of integrating ANN anti-spam filter into score-based anti-spam systems is also explained in this paper. XEAMS email gateway, the commercial anti-spam, already uses Naïve Bayes (NB) filter as one of its many techniques to identify spam email. The proposed approach influences filtering results by 7.5% closer to XEAMS anti-spam system results than NB filter does on real-life emails of Arabic and English messages.
Бесплатно
An evolutionary approach of attack graph to attack tree conversion
Статья научная
The advancement of modern day computing has led to an increase of threats and intrusions. As a result, advanced security measurements and threat analysis models are necessary to detect these threats and identify protective measures needed to secure a system. Attack graphs and attack trees are the most popular form of attack modeling today. While both of these approaches represent the possible attack steps followed by an attacker, attack trees are architecturally more rigorous than attack graphs and provide more insights regarding attack scenarios. The goal of this research is to identify the possible direction to construct attack trees from attack graphs analyzing a large volume of data, alerts or logs generated through different intrusion detection systems or network configurations. This literature summarizes the different approaches through an extensive survey of the relevant papers and identifies the current challenges, requirements and limitations of an efficient attack modeling approach with attack graphs and attack trees. A discussion of the current state of the art is presented in the later part of the paper, followed by the future direction of research.
Бесплатно
An experimental evaluation of tools for estimating bandwidth-related metrics
Статья научная
For many different applications, current information about the bandwidth-related metrics of the utilized connection is very useful as they directly impact the performance of throughput sensitive applications such as streaming servers, IPTV and VoIP applications. In literature, several tools have been proposed to estimate major bandwidth-related metrics such as capacity, available bandwidth and achievable throughput. The vast majority of these tools fall into one of Packet Pair (PP), Variable Packet Size (VPS), Self-Loading of Periodic Streams (SLoPS) or Throughput approaches. In this study, seven popular bandwidth estimation tools including nettimer, pathrate, pathchar, pchar, clink, pathload and iperf belonging to these four well-known estimation techniques are presented and experimentally evaluated in a controlled testbed environment. Differently from the rest of studies in literature, all tools have been uniformly classified and evaluated according to an objective and sophisticated classification and evaluation scheme. The performance comparison of the tools incorporates not only the estimation accuracy but also the probing time and overhead caused.
Бесплатно
An extended approach for enhancing packet-loss of inter-SGSN in 3G mobile networks
Статья научная
This paper presents a new SRNC relocation approach based on BOFC functions. The new approach handles all possible combinations of the user equipment movements, particularly, when it moves across overlapped regions with different GGSN branches. Additionally, it integrates both RNC and BS levels in order to reduce the number of packets loss during the hard handover process. The experimental results showed that the new approach reduces the packet-loss ratio in comparison to both SRNC and BOFC approaches. Besides, the experimental results showed that the average execution time of the handover procedure in each network component is closed to the average execution time of the BOFC approach.
Бесплатно
An implementation of software routing for building a private cloud
Статья научная
The demand on cloud computing is increasing, more organizations tend to use it to store and process their data. In this article, we address some challenges starting by building a private cloud from our own company’s old devices, and then implementing some functionalities that a private cloud can offer to its users. Since cloud computing is a paradigm which is based mainly on a virtualized environment, therefore we used Proxmox Virtual Environment which is an open source free server virtualization technology for this purpose. Then we deployed software routers on the virtual routers through Quagga software to perform the routing functionality among the virtual machines. Finally, and in order to show the real use of our private cloud, an open source Nextcloud service is installed which is a free file sharing software that is used to show Software as a Service (SaaS) usage of our private cloud. We tested our implementation of private cloud computing through two case studies that showed a successful access of a user to the Nextcloud service. In the same time, we tested the routing functionality of the private cloud through the use of Quagga software router without using a physical router. As a result, our private cloud is fully oriented open source, cost effective and reliable.
Бесплатно
An improved DNA based security model using reduced cipher text technique
Статья научная
An essential parameter of information security during data transmission is a secure cryptographic system. In this paper a new cryptographic security technique is proposed to secure data from un-authorized access. The proposed system incorporate cryptology technique of encryption inherits the concept of DNA based encryption using a 128-bit key. Besides this key, round key selection technique, random series of DNA based coding and modified DNA based coding are followed by unique method of substitutions. The proposed technique increases size of the cipher text by 33% as compared to conventional DNA and non DNA based algorithms where size of the cipher text becomes almost double of the original file. This reduction in cipher text improves memory utilization along with data security. The paper is organized in six Sections. Section 1, gives the introduction and also briefly describes related work. In Section 2, the proposed model for solving the problem is described. Various steps involved during encryption and decryption are explained in Section 3, and the results obtained by implementing the proposed algorithm are presented and discussed in Section 4. The Section 5 concludes the work and brief outline of the future work is given in Section 6.
Бесплатно
An improved method for packed malware detection using PE header and section table information
Статья научная
Malware poses one of the most serious threats to computer information systems. The current detection technology of malware has several inherent constraints. Because signature-based traditional techniques embedded in commercial antiviruses are not capable of detecting new and obfuscated malware, machine learning algorithms are applied in identifing patterns of malware behavior through features extracted from programs. There, a method is presented for detecting malware based on the features extracted from the PE header and section table PE files. The packed files are detected and then unpacke them. The PE file features are extracted and their static features are selected from PE header and section tables through forward selection method. The files are classified into malware files and clean files throughs different classification methods. The best results are obtained through DT classifier with an accuracy of 98.26%. The results of the experiments consist of 971 executable files containing 761 malware and 210 clean files with an accuracy of 98.26%.
Бесплатно
An improved model for securing ambient home network against spoofing attack
Статья научная
Mobile Ad hoc Networks (MANET) are prone to malicious attacks and intermediate nodes on the home network may spoof the packets being transmitted before reaching the destination. This study implements an enhanced Steganography Adaptive Neuro-Fuzzy Algorithm (SANFA) technique for securing the ambient home network against spoofing attacks. Hybrid techniques that comprises image steganography, adaptive neuro-fuzzy and transposition cipher were used for the model development. Two variant of the model: SANFA and transpose SANFA were compared using precision and convergence time as performance metrics. The simulation results showed that the transpose SANFA has lower percentage of precision transmitting in a smaller network and a higher percentage of precision transmitting in a larger network. The convergence time result showed that packet transmitted in a smaller network size took longer time to converge while packet transmitted in a larger network size took shorter period to converge.
Бесплатно
An integrated perceptron kernel classifier for intrusion detection system
Статья научная
Because of the tremendous growth in the network based services as well as the sharing of sensitive data, the network security becomes a challenging task. The major risk in the network is the intrusion. Among various hardening system, intrusion detection system (IDS) plays a significant role in providing network security. Several traditional techniques are utilized for network security but still they lack in providing security. The major drawbacks of these network security algorithms are inaccurate classification results, increased false alarm rate, etc. to avoid these issues, an Integrated Perceptron Kernel Classifier is proposed in this work. The input raw data are preprocessed initially for the purpose of removing the noisy data as well as irrelevant data. Then the features form the preprocessed data are extracted by clustering it depending up on the Fuzzy C-Mean Clustering. Then the clustered features are extracted by employing the Density based Distance Maximization approach. After this the best features are selected using Modified Ant Colony Optimization by improving the convergence time. Finally the extracted best features are classified for identifying the network traffic as normal and abnormal by introducing an Integrated Perceptron Kernel Classifier. The performance of this framework is evaluated and compared with the existing classifiers such as SVM and PNN. The results prove the superiority of this framework with better classification accuracy.
Бесплатно
Analysis and Comparison of Access Control Policies Validation Mechanisms
Статья научная
Validation and verification of security policies is a critical and important task to ensure that access control policies are error free. The two most common problems present in access control policies are: inconsistencies and incompleteness. In order to detect such problems, various access control policy validation mechanisms are proposed by the researchers. However, comprehensive analysis and evaluation of the existing access control policy validation techniques is missing in the literature. In this paper, we have provided a first detailed survey of this domain and presented the taxonomy of the access control policy validation mechanisms. Furthermore, we have provided a qualitative comparison and trend analysis of the existing schemes. From this survey, we found that only few validation mechanisms exist that can handle both inconsistency and incompleteness problem. Also, most of the policy validation techniques are inefficient in handling continuous values and Boolean expressions.
Бесплатно
