Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1066
A Novel Technique to Prevent PUE Attack in Cognitive Radio Network
Статья научная
Need of wireless communication is increasing to work from distance. That is why new applications are made everyday which increases demand of spectrum but due to limitation of spectrum and inefficient utilization of spectrum. A new paradigm is constituted which is called Cognitive Radio Network (CRN). It get more attention in recent times due to most promising solution for the efficient utilization of spectrum. Spectrum sensing in CRN makes it prone to many attacks on each layer. One of these attacks is PUE attack where a malicious user pretends to be a primary user and not let others to use primary user's channel in its absence. It may cause Denial of Service attack in the network. There are many techniques available in the literature for detection and prevention of PUE attack but still there are some limitations in these approaches. Current research provides detection results based on the energy level of all users in the network. In this paper we provide a novel approach to prevent PUE attacker based on signal activity patterns. Simulation is done in MATLAB-2013 and results show that proposed method gives excellent performance.
Бесплатно
A Novel VideoTransmission Evaluation Framework based on TCP-Friendly Congestion Control Mechanism
Статья научная
TFRC protocol is suitable for video transmission in a wire network, and quality assessment is also essential in a video transmission system. In this paper, a real-time video transmission system based on TFRC protocol is proposed, and the evaluation model about the system is improved in the framework of Evalvid. It assesses the quality and efficiency of the video transmission according to the actual video file, and analyzes losses frame in different video types during transmission as well as the video quality in receiver. The results of simulation experiment in NS-2 show that when real-time video transmitted in wire network environment using this system, the receiver can get satisfactory video quality by reason of the TFRC protocol friendliness and the smoothness of sending rate. Based on the characteristic of high error rate in wireless network, the novel TCP friendly congestion control algorithm TFRC-JI proposed in our previous work [1] was adopted, which introduces the latency vibration to distinguish the link congestion from code error, thus different speed control mechanism is feedback to the transmitting end. Simulation experiment results indicated that compared with the traditional TFRC, the TFRC-JI suites well for real-time service transmission.
Бесплатно
A Packet Routing Model for Computer Networks
Статья научная
The quest for reliable data transmission in today’s computer networks and internetworks forms the basis for which routing schemes need be improved upon. The persistent increase in the size of internetwork leads to a dwindling performance of the present routing algorithms which are meant to provide optimal path for forwarding packets from one network to the other. A mathematical and analytical routing model framework is proposed to address the routing needs to a substantial extent. The model provides schemes typical of packet sources, queuing system within a buffer, links and bandwidth allocation and time-based bandwidth generator in routing chunks of packets to their destinations. Principal to the choice of link are such design considerations as least-congested link in a set of links, normalized throughput, mean delay and mean waiting time and the priority of packets in a set of prioritized packets. These performance metrics were targeted and the resultant outcome is a fair, load-balanced network.
Бесплатно
A Practical Privacy Preserving E-Voting Scheme with Smart Card Using Blind Signature
Статья научная
Voting is regarded as one of the most effective methods for individuals to express their opinions to select their democratic leader in the public elections. As the computing, communicating, and cryptographic techniques progress rapidly, increasing emphasis has been placed on developing electronic voting schemes capable of providing more efficient voting services than conventional paper-based voting methods. A receipt-free e-voting scheme based on the virtual voting booth that can be implemented with a smart card. Receipt-freeness is achieved by distributing the voting procedure between the voter and the smart card. By using smart cards to randomize part of content of the ballot, the voter cannot construct a receipt. The voter and the smart card jointly contribute randomness for the encryption of the ballot. To provide convenience to voters, sufficient voting facilities are supplied in sufficient public voting booths.
Бесплатно
A Preliminary Study of Fake Fingerprints
Статья научная
Fingerprint is a widely used biometrics. Its extensive usage motivates imposter to fabricate fake fingerprints. Vitality detection has been proposed to prevent counterfeit finger attack. Currently the detection can be done either during the process of acquiring fingerprint image or by comparing multiple sequentially acquired images. It is an ongoing research problem to detect whether a given fingerprint image is obtained from a real or a fake fingertip. In this paper we look into the differences between real and fake fingerprints as the first step to approach this problem. Specifically, we study the effects of different imaging sensors on the sizes of templates and on the matching scores between real and fake fingerprints. We also compare the fake fingerprints made from different materials. Experiments are carried out with two publicly available fingerprint databases and the findings are reported.
Бесплатно
A Procedure of Text Steganography Using Indian Regional Language
Статья научная
In this paper we present a work of text steganography. Now a days, maintain the security of the secret information has been a great challenge. Sender can send messages habitually through a communication channel like Internet, draws the attention of third parties, hackers and crackers, perhaps causing attempts to break and expose the unusual messages. Steganography is a promising region which is used for secured data transmission over any public media. Substantial amount of research work has been accepted by different researchers on steganography. In this paper, a text steganography procedure has been planned with the help of an Indian regional language i.e. Oriya language. Text steganography together with quantum approach based on the use of two specific characters and two special characters like invited comas (opening and closing) in Oriya language and mapping technique of quantum gate truth table have been used.
Бесплатно
A Proficient Mechanism for Cloud Security Supervision in Distributive Computing Environment
Статья научная
In the existing epoch, the cloud-IoT integrated distributive computing is earning very high attractiveness because of its immense characteristics which can be divided into two categories namely essential and common characteristics. The essential characteristics of cloud-IoT computing are demand dependent like broad network access, self-service, resource pooling, and speedy elastic nature. The common characteristics of cloud-IoT computing are homogeneity, massive scale, virtualization, resilient computing, low cost software availability, service orientation, geographic independent computation, and advanced safety availability. The cloud-IoT dependent internetworked distributive computation is internet based computation environment in which infrastructure, application software, and various similar / dissimilar platforms are accessible in the cloud and the end users (businessman, developers) have the right to use it as the client. Cloud is a step from Utility Computing and several industries / companies are frequently using cloud based systems in their day-to-day work. Therefore, safety issues and challenges of cloud computing cannot be avoided in the current era. Hence, the researchers must develop high order authentication protocols for preventing the safety threats of cloud based data communication systems.. The proposed CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) based management of cloud-IoT integrated information is a two phase authenticated encoding (AE) mechanism. The first phase is worn for executing privacy computations, and the second phase is used for computing validation and truthfulness. Here, both the cycles use same encoding technique. It is well known to us that the CCM/CCMP is an amalgamation of two forms namely AES counter form and CBC- MAC (cipher-block-chain message authentication code) protocol form. The counter form is worn to carry out encoding which guarantees data privacy whereas CBC-MAC is worn to attain data legitimacy and reliability. In this investigation work the author has investigated and critically analyzed the CCMP dependent safe Cloud-IoT integrated distributive mechanism for data / information management. The proposed approach further improves the overall security and performance of cloud-IoT integrated computing networks. Further, the author has solved the challenges of cloud-IoT computing by studying and analyzing major cloud-IoT computing safety concerns, and safety threats which are expected in future generation cloud computing systems. In this paper, the author has proposed CCMP & CBC-HMAC (Cipher-Block-Chain key Hash-Message-Authentication-Code) encoding protocol can be efficiently used for providing information safety and preventing various attacks when the data is being transferred between the Cloud and a local network. The prevention mechanism for unauthorized access of data within the cloud is also presented whose performance is highly satisfactory. A secure and flexible framework to support self-organize and self register of consumer’s information in to the cloud network is designed and tested. The testing results of proposed analysis provides us very clear evidences that the PRF of CCMP is a superior and secure in contrast to that of CBC-HMAC.
Бесплатно
A Proposed Digital Forensics Business Model to Support Cybercrime Investigation in Indonesia
Статья научная
Digital forensics will always include at least human as the one who performs activities, digital evidence as the main object, and process as a reference for the activities followed. The existing framework has not provided a description of the interaction between human, interaction between human and digital evidence, as well as interaction between human and the process itself. A business model approach can be done to provide the idea regarding the interaction in question. In this case, what has been generated by the author in the previous study through a business model of the digital chain of custody becomes the first step in constructing a business model of a digital forensics. In principle, the proposed business model already accommodates major components of digital forensics (human, digital evidence, process) and also considers the interactions among the components. The business model suggested has contained several basic principles as described in The Regulation of Chief of Indonesian National Police (Perkap) No 10/2010. This will give support to law enforcement to deal with cybercrime cases that are more frequent and more sophisticated, and can be a reference for each institution and organization to implement digital forensics activities.
Бесплатно
A Review of Router based Congestion Control Algorithms
Статья научная
This paper presents a study of Router based Congestion control approaches in wired network. As network is considered as a distributed system, any problem arises in such a system requires a distributed solution. Thus for good congestion control in the network we also need a solution distributed at source as well as router ends. The purpose of this study is to review the router based Congestion control research for wired network and characterize the different approaches to Congestion control design, by considering their advantages and limitations.
Бесплатно
Статья научная
Cloud computing is called globalization for computer and internet. Either directly or indirectly we are using cloud technology almost every day. Today cloud computing is getting popular in every developed country, but it's not over all officially adopted in most of the 3rd world developing country like Bangladesh. This paper will show some categorize survey of continuous progress, advantages, disadvantages, dependencies, maturity of cloud computing from 2012 to till now. Also we will show recent ranking of cloud adoption in different country. Also our main target will review major barriers to adopt cloud. Finally we will propose some initial steps to adopt cloud technology in our country by studying previous trade-off factors of survey report.
Бесплатно
A Risk-Assessment of Cyber Attacks and Defense Strategies in Industry 4.0 Ecosystem
Статья научная
The development of technology and uses increases the interconnected digital ecosystem. This is accompanied by dense data usage. Wherever digital data is available, cyber-attacks are threatened and increase the need for cybersecurity prevention. The fact that Industry 4.0 basic fuel is data indicates that the risk of cyber-attack will continue to increase in Industry 4.0. In this study, the sources of cybersecurity threats in the Industry 4.0 ecosystem are examined in the corporate and end-user dimensions. The cybersecurity vulnerabilities most evident in Industry 4.0 systems have been determined to consist of vulnerabilities in control systems protocols, unprotected thing connections, neglect of periodic infiltration tests, inability to manage network devices effectively and untrained personnel. The cyber defense strategies and requirements for these vulnerabilities have been determined. At the same time, corporates and end-users have been told how to implement these preventions. As a result, it is not possible to completely prevent cyber-attacks within the Industry 4.0 ecosystem. Preventing the vulnerabilities identified in the study will ensure that the damage is minimal in attacks.
Бесплатно
A Robust Fault Detection Scheme for the Advanced Encryption Standard
Статья научная
Fault attacks are powerful and efficient cryptanalysis techniques to find the secret key of the Advanced Encryption Standard (AES) algorithm. These attacks are based on injecting faults into the structure of the AES to obtain the confidential information. To protect the AES implementation against these attacks, a number of countermeasures have been proposed. In this paper, we propose a fault detection scheme for the Advanced Encryption Standard. We present its details implementation in each transformation of the AES. The simulation results show that the fault coverage achieves 99.999% for the proposed scheme. Moreover, the proposed fault detection scheme has been implemented on Xilinx Virtex-5 FPGA. Its area overhead and frequency degradation have been compared and it is shown that the proposed scheme achieves a good performance in terms of area and frequency.
Бесплатно
A Robust Image Steganography using DWT Difference Modulation (DWTDM)
Статья научная
Maintaining the secrecy of information is of great concern today.Steganography is the art and science that hides the information in an appropriate cover carrier like image, text, audio and video media. Considerable amount of work has been carried out by different researchers on steganography. In this work a new transform domain image stenographic technique DWTDM is presented where secret data is embedded in adjacent DWT coefficient differences. The dynamic range of the DWT difference considered while extraction of data which results an efficient and robust stenographic technique which can avoid various image attacks and works perfectly well for both uncompressed and compressed domain. Experimental results demonstrate the effectiveness and accuracy of the proposed technique in terms of security of hidden data and various image similarity metrics.
Бесплатно
Статья научная
All over the world, there is a tremendous increase in disaster occurrences such as landslide, toxic gas pollutions and wild fires. Least developed countries like Uganda have taken minimal efforts in management and containment of such disasters on behalf of the local populace. The dangers of fires are as a result of lack of proper information about the location, intensity and rate of spread of fire. However, the use of WSN may be one of the alternative ways of reducing risks associated with spreading fires resulting into destruction of lives and property worth millions of shillings. Our research looks at fire monitoring using sensors deployed in an event field to detect possible precursors of a fire occurrence using a simulated approach of OPNET Modeler (Ver. 14.0). Mobile nodes were deployed in proximity of (500X500) m2 flat space moving at a uniform speed of 10ms-1 for 30 minutes. Our simulations are based on ftp high priority traffic to reflect real time information transfer for analysis. This paper evaluates and discusses how sensed information can be transmitted through a network with minimal delay and proposes a scalable WSN architectural design based on protocol perspective i.e. AODV and DSR. Two QoS parameters have been considered i.e. delay and throughput. Our results show that AODV scheme has got a minimum delay of 0.2ms-1and a maximum throughput of 1.7Mbps. Hence it's highly recommended for monitoring fires in large open area settings compared to DSR that is suitable for smaller areas. Results show that DSR exhibits higher delays due to nodal congestion and high control overheads. However, introducing the proposed heterogeneous routing mechanism i.e. (AODV+DSR) into the network significantly improves the performance of DSR.
Бесплатно
A Secure Code-Based Authentication Scheme for RFID Systems
Статья научная
Two essential problems are still posed in terms of Radio Frequency Identification (RFID) systems, including: security and limitation of resources. Recently, Li et al.'s proposed a mutual authentication scheme for RFID systems in 2014, it is based on Quasi Cyclic-Moderate Density Parity Check (QC-MDPC) McEliece cryptosystem. This cryptosystem is designed to reducing the key sizes. In this paper, we found that this scheme does not provide untraceability and forward secrecy properties. Furthermore, we propose an improved version of this scheme to eliminate existing vulnerabilities of studied scheme. It is based on the QC-MDPC McEliece cryptosystem with padding the plaintext by a random bit-string. Our work also includes a security comparison between our improved scheme and different code-based RFID authentication schemes. We prove secrecy and mutual authentication properties by AVISPA (Automated Validation of Internet Security Protocols and Applications) tools. Concerning the performance, our scheme is suitable for low-cost tags with resource limitation.
Бесплатно
A Secure LEACH Protocol for Efficient CH Selection and Secure Data Communication in WSNs
Статья научная
Due to the applications of wireless sensor networks (WSNs) in distinct fields, like civilian and military, environmental monitoring, and target tracking, etc., it became the important research area for researchers. Therefore, an efficient organization of network topology is needed for multi-hop data aggregation based on the energy constrained WSNs with large scale deployment for making the routing task simpler, balancing the load efficiently, and enhancing the network lifetime. The low-energy adaptive clustering hierarchy (LEACH) is an architecture of application-specific protocol, which is used for WSNs. However, this LEACH protocol suffered from more energy consumption in network without considering the cluster heads (CHs) distribution on a rotation basis. In addition, the complex security mechanisms are not sufficient due to limited bandwidth and other restrictions that the sensor nodes have. Thus, it is essential to improve the energy efficiency, CH stability and secure data transmission in WSN’s, which is the main objective of this work. Motivated from these three challenges, this article proposes a stable and secure LEACH (SS-LEACH), in which a new and improved protocol of LEACH is proposed for enhancing the stability of CH and energy efficiency as it considers the nodes’ consumed energy ratio (CER) for CH selection and random number generation, here after the proposed LEACH is named as CER-LEACH. In addition, it aims to prevent the previously elected CH node and it will get another chance in the current round. This method correlates the threshold used in traditional LEACH with the energy consumption ratio of each node. Further, it also introduces a hybrid reputation-based data transmission (HRDT) scheme for secure data transmission. With the proposed CER-LEACH protocol, WSNs achieves better performance in terms of secured communication, network lifetime, and energy consumption based on the analysis of simulation results as compared to state-of-art approaches.
Бесплатно
A Secure Method for Network Coding-based Reprogramming Protocols in Wireless Sensor Networks
Статья научная
Reprogramming protocols provide a convenient way to update program images via wireless communication. In hostile environments where there may be malicious attacks against wireless sensor networks, the process of reprogramming faces threats from potentially compromised nodes. While existing solutions can provide authentication services, they are insufficient for a new generation of network coding-based reprogramming protocols in wireless sensor networks. We present a security approach that is able to defend pollution attack against reprogramming protocols based on network coding. It employs a homomorphic hashing function and an identity-based aggregate signature to allow sensor nodes to check packets on-the-fly before they accept incoming encoded packets, and introduces an efficient mechanism to reduce the computation overhead at each node and to eliminate bad packets quickly. Castalia simulations show that when the 5% of the nodes in a network of 100 nodes are rogue, using our approach, the efficiency of the secure reprogramming protocol based on network coding improves almost ten-fold for a checking probability of 2%.
Бесплатно
Статья научная
The huge availability and prosperity of net technology results in raised on-line media sharing over the cloud platform which has become one of the important resources and tools for development in our societies. So, in the epoch of enormous data great amount of sensitive information and transmission of different media transmitted over the net for communication. And recently, fog computing has captured the world's attention due to their inherent features relevant compared to the cloud domain, But this push to head for many issues related to data security and privacy in fog computing which it's still under studied in their initial juncture. Therefore, in this paper, we will review a security system that relies on encryption as a kind of effective solution to secure image data. We use an approach of using chaotic map plus space curve techniques moreover the confusion and diffusion strategies are carried out utilizing Hilbert curvature and chaotic map such as two-dimensional Henon map (2D-HM) to assert image confusion with pixel level permutation .Also we relied in our system the way of shuffling the image with blocks and use a key for each block, which is chooses randomly to have a high degree of security. The efficiency of the proposed technique has been tested utilizing different investigations like analysis of entropy [7.9993], NPCR [99.6908%] and finally UACI [33.6247%]. Analysis of results revealed that the proposed system of image encryption technique has favorable effects, and can achieve a good results moreover it fights different attacks and by comparing with another techniques denote that our proposed fulfills high security level with high quality.
Бесплатно
Статья научная
In this paper, a chaotic image encryption scheme with an efficient permutation–diffusion mechanism is constructed, where six generalized Bernoulli shift maps and one six-dimensional Arnold map are utilized to generate one hybrid chaotic orbit applied to disorder the pixel positions in the permutation process while four generalized Bernoulli shift maps and one Arnold map are employed to yield two random gray value sequences to change the gray values by a two-way diffusion process. Several merits of the proposed image encryption scheme are achieved, including a huge key space, good statistical properties resisting statistical attack and differential attack, desirable robustness against malicious attacks on cipher-images, such as cropping, noising, JPEG compression, etc. Experimental results have been carried out with detailed analysis to show that the proposed scheme can be a potential candidate for practical image encryption.
Бесплатно
A Semantic Context-Based Model for MobileWeb Services Access Control
Статья научная
As mobile web services becomes more pervasive, applications based on mobile web services will need flexible access control mechanisms. Unlike traditional approaches based on the identity or role for access control, access decisions for these applications will depend on the combination of the required attributes of users and the contextual information. This paper proposes a semantic context-based access control model (called SCBAC) to be applied in mobile web services environment by combining semantic web technologies with context-based access control mechanism. The proposed model is a context-centric access control solutions, context is the first-class principle that explicitly guides both policy specification and enforcement process. In order to handle context information in the model, this paper proposes a context ontology to represent contextual information and employ it in the inference engine. As well as, this paper specifies access control policies as rules over ontologies representing the concepts introduced in the SCBAC model, and uses semantic web rule language (SWRL) to form policy rule and infer those rules by JESS inference engine. The proposed model can also be applied to context-aware applications.
Бесплатно
