Статьи журнала - International Journal of Computer Network and Information Security
Все статьи: 1066
Single Sign-On in Cloud Federation using CloudSim
Статья научная
Single Sign-On (SSO) is an authentication mechanism in which a Cloud Service Consumer (CSC) needs to be authenticated only once while accessing vari-ous services from multiple service providers, or when accessing multiple services from the same service provid-er. In the case of Cloud Federation, the consumers can get services from various Cloud Service Providers (CSPs) who are members of the federation, and SSO can be used to verify the legitimate users without requiring them to get authenticated with each service provider separately. CloudSim is a popular tool used for simulating various cloud computing scenarios. As of now, the simulator lacks effective user authentication and authorization methods with it. In this paper, we discuss the design and implementation of SSO mechanism in the Cloud Federa-tion scenario using the CloudSim toolkit. We have used the Fully Hashed Menezes-Qu-Vanstone (FHMQV) pro-tocol for the key exchange and the Symmetric Key En-cryption technique AES-128 for encrypting the identity tokens. We give the workflow model for the proposed approach of SSO in the Cloud Federation and also, the execution time taken in the simulation for various Single Sign-On scenarios where the number of SSO required varies are also shown.
Бесплатно
Social Engineering: I-E based Model of Human Weakness for Attack and Defense Investigations
Статья научная
Social engineering is the attack aimed to manipulate dupe to divulge sensitive information or take actions to help the adversary bypass the secure perimeter in front of the information-related resources so that the attacking goals can be completed. Though there are a number of security tools, such as firewalls and intrusion detection systems which are used to protect machines from being attacked, widely accepted mechanism to prevent dupe from fraud is lacking. However, the human element is often the weakest link of an information security chain, especially, in a human-centered environment. In this paper, we reveal that the human psychological weaknesses result in the main vulnerabilities that can be exploited by social engineering attacks. Also, we capture two essential levels, internal characteristics of human nature and external circumstance influences, to explore the root cause of the human weaknesses. We unveil that the internal characteristics of human nature can be converted into weaknesses by external circumstance influences. So, we propose the I-E based model of human weakness for social engineering investigation. Based on this model, we analyzed the vulnerabilities exploited by different techniques of social engineering, and also, we conclude several defense approaches to fix the human weaknesses. This work can help the security researchers to gain insights into social engineering from a different perspective, and in particular, enhance the current and future research on social engineering defense mechanisms.
Бесплатно
Social Networking for Botnet Command and Control
Статья научная
A botnet is a group of compromised computers—often a large group—under the command and control of a malicious botmaster. Botnets can be used for a wide variety of malicious attacks, including spamming, distributed denial of service, and identity theft. Botnets are generally recognized as a serious threat on the Internet. This paper discusses SocialNetworkingBot, a botnet we have developed that uses Twitter for command and control. In SocialNetworkingBot, the botmaster tweets commands that are acted on by the individual bots. We discuss the functionality and implementation of SocialNetworkingBot, as well as a small-scale experiment that we have conducted. The botnet presented here is intended to serve as a proof of concept and a platform to facilitate further research.
Бесплатно
Software Activation Using Multithreading
Статья научная
Software activation is an anti-piracy technology designed to verify that software products have been legitimately licensed. Activation should be quick and simple while simultaneously being secure and protecting customer privacy. The most common form of software activation is for the user to enter a legitimate product serial number. However, software activation based on serial numbers appears to be weak, since cracks for many programs are readily available on the Internet. Users can employ such cracks to bypass software activation. Serial number verification logic usually executes sequentially in a single thread. Such an approach is relatively easy to break since attackers can trace the code to understand how the logic works. In this paper, we develop a practical multi-threaded verification design. Our results show that by proper use of multi-threading, the amount of traceable code in a debugger can be reduced to a low percentage of the total and the traceable code in each run can differ as well. This makes it significantly more difficult for an attacker to reverse engineer the code as a means of bypassing a security check. Finally, we attempt to quantify the increased effort needed to break our verification logic.
Бесплатно
Статья научная
Quality is a consequential factor for the software product. During the software development at most care was taken at each step for the quality product. Development process generally embedded with several qualitative and quantitative techniques. The characteristics of final software product should reach all the standards. Reliability is a paramount element which quantifications the probability that a software product could able to work afore it authentically fails to perform its intended functionality. Software testing is paramount phase where gargantuan resources were consumed. Over around fifty percent of cost was consumed during this testing phase, that is why testing was performed in disciplined environment. Software product release time is considered to be crucial subject at which the software product testing was stopped and it could be release into market, such that the software product should have quality and reliability. In this paper we have investigated the concept of software testing effort dependent software reliability growth models by considering the exponentiated-gompertz function as testing effort function to determine the release time of the software. Thus, constructed testing effort dependent models was computed on three authentic time datasets. Parameter estimation is done through least square estimation and metrics like Mean square Error (MSE) and Absolute Error (AE) are utilized for model comparison. The proposed testing effort dependent model performance was better than the rest of the models.
Бесплатно
Spam Reduction by using E-mail History and Authentication (SREHA)
Статья научная
Spam messages are today one of the most serious threats to users of E-mail messages. There are several ways to prevent and detect spam message, the most important way is filtering spam. Sometimes Filtering fails to discover some spam messages or even fails in the classification of non-spam messages as a spam messages. In this paper, we suggest a new effective method that reduces the spam messages by integrating prevention and detection techniques in one scheme. The reduction achieved by considering history and user authentication. This method based on issuing a certificate to each reliable user during the process of Email account Creation. The certificate used by Email servers to discard or forward ingoing or outgoing Emails. Each Server has to maintain white, gray and blacklist according to Email classification spam or ham, which determined by the user or by the contents examination of the message in terms of empty or contained only links without any text or by searching for a specific keywords in the subject and in the content. We believe that there are no bad or good E–mails forever, so the proposed model dynamically allows the transition of E-mail from one state to another state based on the number of received spam and ham messages.
Бесплатно
Статья научная
In the presented paper it is investigated the influence of the subjective perception of the objectively existing security values upon the security measures and indicators in the framework of the subjective entropy maximum principle. The subjective analysis theory entropy paradigm makes it possible to consider the security system based upon dynamic parameters as an active system governed by an individual (active element of the managerial system) with the help of her/his individual subjective preferences optimal distributions obtained in conditions of the available situation multi-alternativeness and those achievable alternatives presence, as well as the active system active element’s individual subjective preferences uncertainty. The described approach takes into account the simple two-alternative security situation in regards with the objectively existing effectiveness functions, related to security measures, in the view of a controlled parameter and a combination of it with its rate as the ratio. It is obtained the expressions for the objective functional extremal functions of the effectiveness and preferences, mathematically explicitly visualizing the security situation and allowing taking a good choice. The ideas of the required proper governing, managing, and control methods choice optimization with respect to only 2 alternative objective effectiveness functions arguments might be simple; nevertheless, increasing the number of parameters and further complication of the problem setting will not change the principle of the problem solution. This study is rather comparative. The significance and value of the study becomes clear in comparison with the theoretical results in the entropy paradigm field. Herein the solution obtained in the explicit view based upon the integral form objective functional. Such kind of dynamic optimization was not modeled in the background works.
Бесплатно
Split-Network in Wireless Sensor Network:Attack and Countermeasures
Статья научная
Wireless Sensor Network usually is deployed open environment to collect some sensitive information and has special features of its own are different from traditional network, which is vulnerable to internal and external attacks. Whole network can be split up into many separate subnets which cannot communicate with each other because some vital sensor nodes are attacked. This paper proposed an effective countermeasure based on ARMA prediction model and frequency hopping to react against split-network attack. ARMA model is used to evaluate the behavior of sensor nodes. Frequency hopping makes the communication frequency of the network escape from attack frequency. Then wireless sensor network is integrated into single network from split-network. Simulation results show the proposed countermeasure significantly reduces the success rate of split-network attack and increases the lifetime of network.
Бесплатно
Statistical Hiding Fuzzy Commitment Scheme for Securing Biometric Templates
Статья научная
By considering the security flaws in cryptographic hash functions, any commitment scheme designed straight through hash function usage in general terms is insecure. In this paper, we develop a general fuzzy commitment scheme called an ordinary fuzzy commitment scheme (OFCS), in which many fuzzy commitment schemes with variety complexity assumptions is constructed. The scheme is provably statistical hiding (the advisory gets almost no statistically advantages about the secret message). The efficiency of our scheme offers different security assurance, and the trusted third party is not involved in the exchange of commitment. The characteristic of our scheme makes it useful for biometrics systems. If the biometrics template is compromised, then there is no way to use it directly again even in secure biometrics systems. This paper combines biometrics and OFCS to achieve biometric protection scheme using smart cards with renewability of protected biometrics template property.
Бесплатно
Статья научная
Represented paper is currently topical, because of year on year increasing quantity and diversity of attacks on computer networks that causes significant losses for companies. This work provides abilities of such problems solving as: existing methods of location of anomalies and current hazards at networks, statistical methods consideration, as effective methods of anomaly detection and experimental discovery of choosed method effectiveness. The method of network traffic capture and analysis during the network segment passive monitoring is considered in this work. Also, the processing way of numerous network traffic indexes for further network information safety level evaluation is proposed. Represented methods and concepts usage allows increasing of network segment reliability at the expense of operative network anomalies capturing, that could testify about possible hazards and such information is very useful for the network administrator. To get a proof of the method effectiveness, several network attacks, whose data is storing in specialised DARPA dataset, were chosen. Relevant parameters for every attack type were calculated. In such a way, start and termination time of the attack could be obtained by this method with insignificant error for some methods.
Бесплатно
Stochastic RA-Network for the Nodes Functioning Analysis in the Distributed Computer Systems
Статья научная
In the paper is described the simulating process for the situations analysis and the decisions making about the functioning of the Distributed Computer Systems (DCS) nodes on the basis of special stochastic RA-networks mechanism. There are presented the main problems in the estimations of the DCS nodes functioning parameters and there are shown that the suggested RA-networks mechanism allows simulate the data flow with the different, including the significantly different intensities, what is particularly important in for the situations analysis and the decisions making in the DCS nodes parameters dynamics control.
Бесплатно
Study and Analysis of Text Steganography Tools
Статья научная
"Maintain the security of the secret information", this words has been a great challenge in our day to day life. Sender can send messages regularly through a communication channel like Internet, draws the attention of third parties, hackers and crackers, perhaps causing attempts to break and expose the unusual messages. Steganography is a gifted region which is used for secured data transmission over any public media. Wide quantity of research work has been established by different researchers on steganography. Steganalysis is an art and science of detecting messages hidden using steganography. Some research work has also been remarked in the field of Steganalysis also. In this contribution, we have gone through steganalysis attack of some established text steganography tools.
Бесплатно
Study of 2D DOA Estimation for Uniform Circular Array in Wireless Location System
Статья научная
In this paper, the use of a uniform circular antenna arrays (UCA) for high resolution of two dimensional (2D) direction of arrivals (DOAs) estimation in wireless location system is investigated. Performance of 2D DOA estimation based on the real-valued unitary transformation MUSIC algorithm for UCA is presented, especially focusing on DOA estimation of multiple correlated signals. The determination of the number of incident signals on an antenna array is addressed in the condition of colored noise and coherent signal sources. Selected method for estimating the number of these sources is formulated based on the modified eigenvectors of the covariance matrix of the received signal at the antenna array. The calibration procedure is also presented for UCA especially. Simulation results are presented to confirm the performance analysis of algorithm, then the validations of Unitary Transformation MUSIC algorithm are performed based on the measurement data in a wireless location system.
Бесплатно
Статья научная
Long-Term Evolution (LTE) is the next generation of current mobile telecommunication networks. LTE has a new flat radio-network architecture and significant increase in spectrum efficiency. In this paper, performance analysis of robust channel estimators for Downlink Long Term Evolution-Advanced (DL LTE-A) system using three Artificial Neural Network ANN Architectures: Feed-forward neural network, Cascade-forward neural network and Layered Recurrent Neural Network (LRN) are adopted to train the constructed ANNs models separately using Back-Propagation Algorithm. The methods use the information got by the received reference symbols to estimate the total frequency response of the channel in two important phases. In the first phase, the proposed ANN based method learns to adapt to the channel variations, and in the second phase it estimates the channel matrix to improve performance of LTE. The performance of the estimation methods is evaluated by simulations in Vienna LTE-A DL Link Level Simulator. Performance of the proposed channel estimator, Layered Recurrent Neural Network is compared with traditional Least Square (LS) algorithm and ANN based other estimator like Feed-forward neural network and Cascade-forward neural network for Closed Loop Spatial Multiplexing-Single User Multi-input Multi-output (2×2 and 4×4) (CLSM-SUMIMO) in terms of throughput. Simulation result shows LRN gives better performance than other ANN based estimations methods and LS.
Бесплатно
Study of Multi-Level Cryptography Algorithm: Multi-Prime RSA and DES
Статья научная
The purpose of this study is to implement and observe parameters like time and memory for implementation of multi-level encryption using the Data Encryption Standard (DES) and a modified version of the RSA Algorithm, the multi-prime RSA. The average values are calculated for each parameter after using a different number of primes and the results have been illustrated graphically and in tabular form for clarity of conclusions. The advantages and reasoning for using this approach have also been listed in the study.
Бесплатно
Study on Supervision Mechanism in Mobile Value-added Market Based on Stackelberg Game Theory
Статья научная
Since powerful supervision on the mobile valueadded services is lacking nowadays, the mobile market goes into a tendency of being rather chaotic. This research will analyze the behavior of both the service providers and mobile operators, with game theory model to be established. Moreover, the Nash Equilibrium will also be considered which shows that the costs and extent of the mobile operator’s supervision besides the penalty for the service provider’s being caught will definitely influence the probability for service providers to violate the rules. On the other hand, the proportion of illegal gains shared by mobile operators and the penalty degree for service providers may be the main factors that affect the mobile operator’s supervision choices. At last suggestions are made on the service provider’s strategic choices.
Бесплатно
Study the One-bit Hard Combination Scheme on Cognitive Radio Users
Статья научная
This paper describes the performance of one-bit hard combination scheme of cooperative spectrum sensing for different number of cognitive radio users. We evaluate cooperative spectrum sensing by simulating OR rule as a hard combination data fusion rule. Energy detector is used to observe the presence of primary user (PU) signal. It improves the probability of detection by collaborating to detect PUs signal in cognitive radio (CR) system. Simulation result shows that the probability of missed detection is decreasing for both conventional hard combination and 1-bit hard combination scheme with OR rule correspondingly with increasing the probability of false alarm. It is shown that 1-bit scheme has much better performance than the conventional hard combination scheme. This is also shown that the probability of missed detection is decreased even though CR user is increased. Here missed detection probability is decreased when the number of user increases.
Бесплатно
Subcarrier and Power Allocation in OFDM-based Cognitive Radio Systems
Статья научная
For CR systems, where primary and CR users co-exist in adjacent bands, it is important to keep the interference introduced to the primary user (PU) band within a tolerable range. In this paper, we investigate the subcarrier and power allocation problem in CR systems, where primary and CR users co-exist in adjacent bands, while keeping the total interference introduced to the PU band below a certain threshold and the total power allocated to the CR users under a constraint. First, according to the different purposes of the resource allocation, several suboptimal subcarrier allocation algorithms are investigated, which are termed as Max-Rate, Min-Interference and Fair-Rate subcarrier allocation algorithm, separately. Further, for a given subcarrier allocation three suboptimal power allocation algorithms which have less complexity are proposed and compared to the optimal power allocation algorithm. Numerical results are obtained for the behaviors and performance of our proposed algorithms.
Бесплатно
Survey of Current Multipath Routing Protocols for Mobile AD Hoc Networks
Статья научная
A Mobile Ad hoc NETwork (MANET) is a wireless communication network with minimum physical infrastructure with diverse communication applications. Mobility and Multihopping are the main characteristics of MANET. Multipath routing protocols establish multiple routes between nodes. The construction of multiple routes should be done with minimum overhead and bandwidth consumption. The purpose of this article is to analyze the characteristics and functionality of various multipath routing protocols and to do the performance comparison between these multipath routing protocols to choose the best among them to use in large networks.
Бесплатно
Swarm Flooding Attack against Directed Diffusion in Wireless Sensor Networks
Статья научная
The objective of this paper is to study the vulnerabilities of sensor networks, design, and implement new approaches for routing attack. As one of the cornerstones of network infrastructure, routing systems are facing more threats than ever; they are vulnerable by nature and challenging to protect. We present a new attack, Swarm Flooding Attack, against Directed Diffusion based WSNs, which targets the consumption of sensors computational resources, such as bandwidth, disk space, or processor time. Two variants of swarm attack have been introduced: Bee and Ant. Both approaches are inspired from the natural swarming difference between bees and ants. In all cases, the strategy used to mount an attack is the same. An attack consists of a set of malicious user queries represented by interests that are inserted into the network. However, the two forms of attack vary in the synchronization aspects among attackers. These types of attacks are hard to defend against as illustrated. For each of the proposed attack models, we present analysis, simulation, and experimental measurements. We show that the system achieves maximal damage on system performance represented by many metrics.
Бесплатно
