SlideShare una empresa de Scribd logo

January 2021 - Top 10 Read Articles in Network Security & Its Applications

IJNSA Journal
IJNSA Journal

The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.

Ingeniería
1 de 44
Descargar para leer sin conexión
Network Security and Its Applications Top 10 Read Articles in January 2021 International Journal of Network Security & Its Applications (IJNSA) http://airccse.org/journal/ijnsa.html ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
SECURITY & PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS Faheem Masoodi1 Shadab Alam2 and Shams Tabrez Siddiqui2 1 Department of Computer Science, University of Kashmir, J&k, India 2 Department of Computer Science, Jazan University, KSA ABSTRACT The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures. KEYWORDS Internet of Things, privacy, attacks, security, threats, protocols. For More Details : http://aircconline.com/ijnsa/V11N2/11219ijnsa05.pdf Volume Link : http://airccse.org/journal/jnsa19_current.html
REFERENCES [1] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of things (IoT): a vision, architectural elements, and future directions, Future Gener. Comput. Syst. 29 (7) (2013) 1645– 1660. [2] Roman, R., Najera, P., Lopez, J., 2011. Securing the internet of things. Computer 44 (9), 51_58. [3] Horrow, S., and Anjali, S. (2012). Identity Management Framework for Cloud-Based Internet of Things. SecurIT ’12 Proceedings of the First International Conference on Security of Internet of Things, 200– 203. 2012 [4] Whitmore, A., Agarwal, A., and Da Xu, L. (2014). The Internet of Things: A survey of topics and trends. Information Systems Frontiers, 17(2), 261– 274. [5] Aazam, M., St-Hilaire, M., Lung, C.-H., and Lambadaris, I. (2016). PRE-Fog: IoT trace based probabilistic resource estimation at Fog. 2016 13th IEEE Annual Consumer Communications and Networking Conference (CCNC), 12– 17. [6] Jiang, H., Shen, F., Chen, S., Li, K. C., and Jeong, Y. S. (2015). A secure and scalable storage system for aggregate data in IoT. Future Generation Computer Systems, 49, 133– 141. [7] Li, S., Tryfonas, T., and Li, H. (2016). The Internet of Things: a security point of view. Internet Research, 26(2), 337– 359. [8] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys Tutorials, 17(4):2347–2376, Fourth quarter 2015. [9] Pongle, P., and Chavan, G. (2015). A survey: Attacks on RPL and 6LoWPAN in IoT. 2015 International Conference on Pervasive Computing: Advance Communication Technology and Application for Society, ICPC 2015, 0(c), 0–5. [10] Tsai, C.-W., Lai, C.-F., and Vasilakos, A. V. (2014). Future Internet of Things: open issues and challenges. Wireless Networks, 20(8), 2201–2217. [11] V. Karagiannis, P. Chatzimisios, F. Vazquez-Gallego, and J. Alonso-Zarate, "A survey on application layer protocols for the internet of things," Transaction on IoT and Cloud Computing, vol. 3, no. 1, pp. 11-17, 2015 [12] D. Locke, "MQ telemetry transport (MQTT) v3. 1 protocol specification," IBM Developer WorksTechnicalLibrary,2010, http://www.ibm.com/developerworks/webservices/library/wsmqtt/index.html
[13] M. Singh, M. Rajan, V. Shivraj, and P. Balamuralidhar, "Secure MQTT for the Internet of Things (IoT)," in Fifth International Conference on Communication Systems and Network Technologies (CSNT 2015), April 2015, pp. 746-751. [14] OASIS, "OASIS Advanced Message Queuing Protocol (AMQP) Version 1.0," 2012, http://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-complete-v1.0-os.pdf [15] T. Winter, et al., "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks," IETF RFC 6550, Mar. 2012, http://www.ietf.org/rfc/rfc6550.txt [16] A. Aijaz and A. Aghvami, "Cognitive machine-to-machine communications for internet-of- things: A protocol stack perspective," IEEE Internet of Things Journal, vol. 2, no. 2, pp. 103-112, April 2015, [17] http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=7006643 [18] Z. Zhou, B. Yao, R. Xing, L. Shu, and S. Bu, "E-CARP: An energy-efficient routing protocol for UWSNs on the internet of underwater things," IEEE Sensors Journal, vol. PP, no. 99, 2015, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7113774 [19] D. Dujovne, T. Watteyne, X. Vilajosana, and P. Thubert, "6TiSCH: Deterministic IP- enabled industrial internet (of things)," IEEE Communications Magazine, vol. 52, no.12, pp. 36- 41, December 2014, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6979984 [20] M. Hasan, E. Hossain, D. Niyato, "Random access for machine-to-machine communication in LTEadvanced networks: issues and approaches," in IEEE Communications Magazine, vol. 51, no. 6, pp.86-93, June 2013, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6525600 [21] Z-Wave, "Z-Wave Protocol Overview," v. 4, May 2007, https://wiki.ase.tut.fi/courseWiki/imges/9/94/SDS10243_2_Z_Wave_Protocol_Overview.pdf [22] ZigBee Standards Organization, “ZigBee Specification,” Document 053474r17, Jan 2008, 604 pp., http://home.deib.polimi.it/cesana/teaching/IoT/papers/ZigBee/ZigBeeSpec.pdf [23] O. Cetinkaya and O. Akan, "A dash7-based power metering system," in 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), Jan 2015, pp. 406-411, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=7158010 [24] Zhang, Zhi-Kai, et al. ”IoT security: ongoing challenges and research opportunities.” ServiceOriented Computing and Applications (SOCA), 2014 IEEE 7th International Conference on. IEEE, 2014. [28] D. Migault, D. Palomares, E. Herbert, W. You, G. Ganne, G. Arfaoui, and M. Laurent, “E2E: An Optimized IPsec Architecture for Secure And Fast Offload,” in Seventh International Conference on Availability, Reliability and Security E2E: 2012.
[26] Abomhara, Mohamed, and Geir M. Køien. ”Security and privacy in the Internet of Things: Current status and open issues.” Privacy and Security in Mobile Systems (PRISMS), 2014 International Conference on. IEEE, 2014. [27] B. L. Suto, “Analyzing the Accuracy and Time Costs of Web Application Security Scanners,” San Fr., no. October 2007, 2010. [28] O. El Mouaatamid, M. LahmerInternet of Things security: layered classification of attacks and possible countermeasures Electron J (9) (2016). [29] Seda F. Gürses/Bettina Berendt/Thomas Santen, Multilateral Security Requirements Analysis for Preserving Privacy in Ubiquitous Environments, in Bettina Berendt/Ernestina Menasalvas (eds), Workshop on Ubiquitous Knowledge Discovery for Users (UKDU '06), at 51– 64; [30] Stankovic, J. (2014). Research directions for the internet of things. IEEE Internet of Things Journal, 1(1), 3–9 [31] Sicari, Sabrina, et al. "Security, privacy and trust in the Internet of Things: The road ahead." Computer Networks76 (2015): 146-164. [32]https://www.cso.com.au/article/575407/internet-things-iot-threats-countermeasures/ Accessed on 15-03-2019 [33] Bokhari, Mohammad Ubaidullah, and Faheem Masoodi. "Comparative analysis of structures and attacks on various stream ciphers." Proceedings of the 4th National Conference. 2010.
A CONCEPTUAL SECURE BLOCKCHAIN- BASED ELECTRONIC VOTING SYSTEM Ahmed Ben Ayed Department of Engineering and Computer Science, Colorado Technical University, Colorado Springs, Colorado, USA ABSTRACT Blockchain is offering new opportunities to develop new types of digital services. While research on the topic is still emerging, it has mostly focused on the technical and legal issues instead of taking advantage of this novel concept and creating advanced digital services. In this paper, we are going to leverage the open source Blockchain technology to propose a design for a new electronic voting system that could be used in local or national elections. The Blockchain-based system will be secure, reliable, and anonymous, and will help increase the number of voters as well as the trust of people in their governments. KEYWORDS Blockchain, Electronic Voting System, e-Voting, I-Voting, iVote For More Details : https://aircconline.com/ijnsa/V9N3/9317ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa17_current.html
REFERENCES [1] Madise, Ü. Madise and T. Martens, “E-voting in Estonia 2005. The first practice of country- wide binding Internet voting in the world.”,Electronic voting, 2nd International Workshop, Bregenz, Austria,(2006) August 2-4. [2] J. Gerlach and U. Grasser, “Three Case Studies from Switzerland: E-voting”, Berkman Center Research Publication, (2009). [3] I. S. G. Stenerud and C. Bull, “When reality comes knocking Norwegian experiences with verifiable electronic voting”, Electronic Voting. Vol. 205. (2012), pp. 21-33. [4] C. Meter and A. Schneider and M. Mauve, “Tor is not enough: Coercion in Remote Electronic Voting Systems. arXiv preprint. (2017). [5] D. L. Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communication of the ACM. Vol. 24(2). (1981), pp. 84-90. [6] T. ElGamal, “A public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms”, IEEE Trans. Info. Theory. Vol. 31. (1985), pp. 469-472. [7] S. Ibrahim and M. Kamat and M. Salleh and S. R. A. Aziz, “Secure E-Voting with Blind Signature”, Proceeding of the 4th National Conference of Communication Technology, Johor, Malaysia, (2003) January 14-15. [8] J. Jan and Y. Chen and Y. Lin, “The Design of Protocol for e-Voting on the Internet”, Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security Technology, London, England, (2001) October 16-19. [9] D. L. Dill and A.D. Rubin, “E-Voting Security”, Security and Privacy Magazine, Vol. 2(1). (2004), pp. 22-23. [10] D. Evans and N. Paul, “Election Security: Perception and Reality”. IEEE Privacy Magazine, vol. 2(1). (2004), pp. 2-9. [11] Trueb Baltic, “Estonian Electronic ID – Card Application Specification Prerequisites to the Smart Card Differentiation to previous Version of EstEID Card Application.” http://www.id.ee/public/TBSPEC-EstEID-Chip-App-v3_5-20140327.pdf [12] Cybernetica. “Internet Voting Solution.” https://cyber.ee/uploads/2013/03/cyber_ivoting_NEW2_A4_web.pdf. [13] D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine, and J. A. Halderman, “Security Analysis of the Estonian Internet Voting System.” Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications Security. (2014), pp. 703-715. [14] Ministry of Local Government and Modernisation. “Internet Voting Pilot to be Discontinued.” https://www.regjeringen.no/en/aktuelt/Internet-voting-pilot-to-be- discontinued/id764300/ [15] J. A. Halderman, and V. Teague, “The New South Wales iVote System: Security Failures and Verifications Flaws in a Live Online Election.” International Conference on E-Voting and Identity. (2015), pp. 35-53. [16] S. Wolchok, E. Wustrow, D. Isabel, J. A. Halderman, “Attacking the Washington, DC Internet Voting System.” International Conference on Financial Cryptography and Data Security (2012), pp. 114-128. [17] National Institute of Standards and Technology, “Federal Information Processing Standards Publication”, (2012). [18] S. Nakamoto, “A Peer-to-Peer Electronic Cash System”, (2008). [19] F. Reid and M. Harrigan, “An Analysis of Anonymity in the Bitcoin System”, Security and Privacy in Social Networks. (2013), pp. 1-27. [20] S. Raval, “Decentralized Applications: Harnessing Bitcoin’s Blockchain Technology.” O’Reilly Media, Inc. Sebastopol, California (2016). [21] J. R. Douceur, “The Sybil Attack”, International Workshop on Peer-to-Peer Systems, (2002), pp. 251-260. AUTHORS Ahmed Ben Ayed, has received his Bachelor of Science in Computer Information Systems, Master of Science in Cyber Security and Information Assurance, and currently a doctoral student at Colorado Technical University, and an Adjunct Professor at California Takshila University. His research interests are Android Security, Pattern Recognition of Malicious Applications, Machine Learning, Cryptography, Information & System Security and Cyber Security.
MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWARE Abdurrahman Pektaş1 , Elif Nurdan Pektaş2 and Tankut Acarman1 1 Department of Computer Engineering, Galatasaray University, İstanbul, Turkey 2 Siemens Turkey, Yakack Caddesi No: 111, 34870 Kartal, Istanbul, Turkey ABSTRACT In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152 malware samples belonging to 16 families and 523 benign samples. KEYWORDS Android, Malware, Frequent Sequence Mining, Behavioural Pattern, API Calls, Dynamic Analysis For More Details : http://aircconline.com/ijnsa/V10N4/10418ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa18_current.html
REFERENCES [1] Statcounter: Operating system market share worldwide, (2018). http://gs.statcounter.com/os- marketshare#monthly-201801-201801-bar. [Online; accessed 7-October-2017]. [2] Ilsun You & Kangbin Yim (2010) “Malware obfuscation techniques: A brief survey”, Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010 International Conference on, pp297– 300. [3] 2016 Symantec Security Report, Internet: https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf, 29.06.2018. [4] Abdurrahman Pektas & Tankut Acarman (2018) “Malware classification based on api calls and behavior analysis”, IET Information Security, Vol. 12, No.2, pp 107-117. [5] Abdurrahman Pektas & Tankut Acarman (2014) “A dynamic malware analyzer against virtual machine aware malicious software”, Security and Communication Networks, Vol. 7, No.12, pp2245–2257. [6] Nizar R Mabroukeh & Christie I Ezeife (2010) “A taxonomy of sequential pattern mining algorithms”, ACM Computing Surveys (CSUR), Vol. 43, No.1:3. [7] Philippe Fournier-Viger & Jerry Chun-Wei Lin & Rage Uday Kiran & Yun Sing Koh & Rincy Thomas (2017) “A survey of sequential pattern mining”, Data Science and Pattern Recognition, Vol.1, No.1, pp54–77. [8] Yong Qiao & Jie He & Yuexiang Yang & Lin Ji (2013) “Analyzing malware by abstracting the frequent itemsets in api call sequences”,Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on, pp.265–270. [9] Youngjoon Ki & Eunjin Kim & Huy Kang Kim (2015) “A novel approach to detect malware based on api call sequence analysis”, International Journal of Distributed Sensor Networks, Vol. 11, No.6,pp:95-10. [10] In Kyeom Cho & Eul Gyu Im (2015), “Extracting representative api patterns of malware families using multiple sequence alignments”, In Proceedings of the 2015 Conference on research in adaptive and convergent systems, pp.308–313. [11] Winfried Just (2001) “Computational complexity of multiple sequence alignment with sp- score”, Journal of computational biology, Vol. 8, No. 6. pp. 615–623. [12] Lusheng Wang & Tao Jiang (1994), “On the complexity of multiple sequence alignment”, Journal of computational biology, Vol. 1, No.4, p.337–348. [13] Yujie Fan &Yanfang Ye & Lifei Chen (2016), “Malicious sequential pattern mining for automatic malware detection”, Expert Systems with Applications, Vol.52, pp.16–25.
[14] Iltaek Kwon & Eul Gyu Im (2017), “Extracting the representative api call patterns of malware families using recurrent neural network”, In Proceedings of the International Conference on Research in Adaptive and Convergent Systems, pp.202–207. [15] Canfora, G., Mercaldo, F., & Visaggio, C. A. (2016). An hmm and structural entropy based detector for android malware: An empirical study. Computers & Security, 61, 1-18. [16] Salehi, Z., Sami, A., & Ghiasi, M. (2017). MAAR: Robust features to detect malicious activity based on API calls, their arguments and return values. Engineering Applications of Artificial Intelligence, 59, 93-102. [17] Shijo, P. V., & Salim, A. (2015). Integrated static and dynamic analysis for malware detection. Procedia Computer Science, 46, 804-811. [18] Cuckoo Sandbox, Internet: https://cuckoosandbox.org/, 29.06.2018. [19] Virustotal, Internet: https://www.virustotal.com/, 29.06.2018. [20] Payam Refaeilzadeh & Lei Tang & Huan Liu (2009) “Cross-validation”, In Encyclopedia of database systems, pp.532–538, Springer. [21] A. Barthels, Behavior-based Malware Detection, Faculty of Informatics, The Technical University of Munich, Master Thesis, 2009. [22] Chand, C., Thakkar, A., & Ganatra, A. (2012). Sequential pattern mining: Survey and current research challenges. International Journal of Soft Computing and Engineering, 2(1), 185- 193. [23] Parikh, M., Chaudhari, B., & Chand, C. (2013). A comparative study of sequential pattern mining algorithms. International Journal of Application or Innovation in Engineering & Management (IJAIEM), 2(2). [24] Mooney, C. H., & Roddick, J. F. (2013). Sequential pattern mining--approaches and algorithms. ACM Computing Surveys (CSUR), 45(2), 19. [25] Ramakrishnan Srikant & Rakesh Agrawal (1996), “Mining sequential patterns: Generalizations and performance improvements”, In International Conference on Extending Database Technology, pp.1–17, Springer. [26] Jay Ayres & Jason Flannick & Johannes Gehrke & Tomi Yiu (2002) “Sequential pattern mining using a bitmap representation”, In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp.429–435. [27] Mohammed J Zaki. Spade (2001) “An efficient algorithm for mining frequent sequences. Machine learning”, Vol.42, No.1-2, pp.31–60.
[28] Philippe Fournier-Viger &Antonio Gomariz & Ted Gueniche &Azadeh Soltani & Cheng- Wei Wu & Vincent S Tseng (2014) “Spmf: a java open-source pattern mining library”, The Journal of Machine Learning Research, Vol.15, No.1, pp.3389–3393. [29] SPMF library, Internet: http://www.philippe-fournier-viger.com/spmf/, 29.06.2018. [30] Philippe Fournier-Viger & Antonio Gomariz & Manuel Campos & Rincy Thomas (2014) “Fast vertical mining of sequential patterns using co-occurrence information”, In Pacific-Asia Conference on Knowledge Discovery and Data Mining, pp.40–52, Springer. [31] Gandotra, E., Bansal, D., & Sofat, S. (2014). Malware analysis and classification: A survey. Journal of Information Security, 5(02), 56. [32] Leo Breiman (2001) “Random forests”, Machine learning, Vol.45, No.1, pp.5–32. [33] Padraig Cunningham & Sarah Jane Delany (2007) “k-nearest neighbour classifiers”, Multiple Classifier Systems, Vol.34, pp.1–17. [34] Marti A. Hearst & Susan T Dumais & Edgar Osuna & John Platt & Bernhard Scholkopf (1998), “Support vector machines”, IEEE Intelligent Systems and their applications, Vol. 13, No.4, pp.18–28. [35] Fabian Pedregosa & Gaël Varoquaux &Alexandre Gramfort & Vincent Michel & Bertrand Thirion & Olivier Grisel & Mathieu Blondel & Peter Prettenhofer &Ron Weiss &Vincent Dubourg (2011) “Scikit-learn: Machine learning in python”, Journal of machine learning research, Vol. 12, pp.2825–2830. [36] Hossin, M., & Sulaiman, M. N. (2015). A review on evaluation metrics for data classification evaluations. International Journal of Data Mining & Knowledge Management Process, 5(2), 1. [37] Yiming Yang (1999) “An evaluation of statistical approaches to text categorization”, Information retrieval, Vol.1, No. 1-2, pp.69–90. [38] Thomas G Dietterich (1998), “Approximate statistical tests for comparing supervised classification learning algorithms”, Neural computation, Vol.10, No.7, pp.1895–1923. AUTHORS Abdurrahman Pektaş received his B.Sc. and M Sc. at Galatasaray University and his PhD at the University of Joseph Fourier, all in computer engineering, in 2009, 2012 and 2015, respectively. He is a senior researcher at Galatasaray University. His research interests are analysis, detection and classification of malicious software, machine learning and security analysis tool development.
Elif Nurdan Pektaş received his B.Sc. and M Sc. at Galatasaray University all in computer engineering, in 2010, and 2014, respectively. She is leading software developer at Siemens Turkey. Her research interests are developing IoT based applications, deep learning, cloud based application and automated testing. Tankut Acarman received his Ph.D. degree in Electrical and Computer engineering from the Ohio State University in 2002. He is professor and head of computer engineering department at Galatasaray University in Istanbul, Turkey. His research interests lie along all aspects of autonomous s ystems, intelligent vehicle technologies and security. He is the co-author of the book entitled “Autonomous Ground.
PLEDGE: A POLICY-BASED SECURITY PROTOCOL FOR PROTECTING CONTENT ADDRESSABLE STORAGE ARCHITECTURES Wassim Itani Ayman Kayssi Ali Chehab Department of Electrical and Computer Engineering American University of Beirut Beirut 1107 2020, Lebanon ABSTRACT In this paper we present PLEDGE, an efficient and scalable security ProtocoL for protecting fixedcontent objects in contEnt aDdressable storaGe (CAS) architEctures. PLEDGE follows an end-to-end policy-driven security approach to secure the confidentiality, integrity, and authenticity of fixed-content entities over the enterprise network links and in the nodes of the CAS device. It utilizes a customizable and configurable extensible mark-up language (XML) security policy to provide flexible, multi-level, and fine-grained encryption and hashing methodologies to fixed content CAS entities. PLEDGE secures data objects based on their content and sensitivity and highly overcomes the performance of bulk and raw encryption protocols such as the Secure Socket Layer (SSL) and the Transport Layer Security (TLS) protocols. Moreover, PLEDGE transparently stores sensitive objects encrypted (partially or totally) in the CAS storage nodes without affecting the CAS storage system operation or performance and takes into consideration the processing load, computing power, and memory capabilities of the client devices which may be constrained by limited processing power, memory resources, or network connectivity. PLEDGE complies with regulations such as the Health Insurance Portability and Accountability Act (HIPAA) requirements and the SEC Rule 17a-4 financial standards. The protocol is implemented in a real CAS network using an EMC Centera backend storage device. The application secured by PLEDGE in the sample implementation is an X-Ray radiography scanning system in a healthcare network environment. The experimental test bed implementation conducted shows a speedup factor of three over raw encryption security mechanisms. KEYWORDS Security, Content-addressable storage security, Policy-driven security, Customizable security. For More Details : http://airccse.org/journal/nsa/1010s8.pdf Volume Link : http://airccse.org/journal/jnsa10_current.html
REFERENCES [1] W. Itani, A. Kayssi, A. Chehab, “An efficient and scalable Security ProtocoL for protecting fixedContent Objects in ContEnt aDdressable StoraGe architectures”, in Proc. of the Third International Conference on Security and Privacy in Communication Networks, Nice, France, Sept, 2007. [2] A. Freier, P. Karlton, P. Kocher, “The SSL Protocol Version 3.0, ” Internet-Draft, 1996. [3] T. Dierks, C. Allen, “The TLS Protocol – Version 1.0, ” RFC 2246, 1999. [4] EMC Centera homepage: http://www.emc.com/products/family/emc-centera-family.htm, accessed Jan. 14, 2008. [5] Health Insurance Portability & Accountability Act homepage: http://www.hipaa.org, accessed Jan. 14, 2008. [6] SEC 17 CFR Part 240, Release No. 34-38245, “Reporting Requirements for Broker Dealers Under the Security Exchange Act of 1934,” January 1997, http://www.sec.gov/rules/final/34- 38245.txt, accessed Jan. 14, 2008. [7] J. Daemen and V. Rijmen, “Rijndael, the advanced encryption standard,” Dr. Dobb's Journal, vol. 26, no. 3, March 2001, pp. 137 - 139. [8] National Institute of Standards and Technology, August 2002, Secure Hash Standard, Federal Information Processing Standards, Publication 180-2, http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf, accessed Jan. 14, 2008. [9] Y. Zheng, J. Pieprzyk, J. Seberry, “HAVAL--A One-Way Hashing Algorithm with Variable Length of Output,” in Proc. Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, pp. 83-104, 1992. [10] R. Rivest, “The MD5 Message-Digest Algorithm,” RFC 1321, 1992. [11] W. Itani, A. Kayssi, “J2ME End-to-End Security for M-Commerce,” in Proc IEEE Wireless Communications and Networking Conference, 2003. [12] W. Itani, A. Kayssi, “SPECSA: a Scalable, Policy-driven, Extensible, and Customizable Security Architecture for Wireless Enterprise Applications,” Computer Communications, vol. 27, no. 18, December 2004, pp. 1825 - 1839. [13] W. Itani, A. Kayssi, A. Chehab, “PATRIOT – a Policy-Based, Multi-level Security Protocol for Safekeeping Audit Logs on Wireless Devices,” in Proc. IEEE/CreateNet First
International Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm), Athens, Greece, 2005. [14] W. Itani, A. Kayssi, A. Chehab, “An Enterprise Policy-Based Security Protocol for Protecting Relational Database Network Objects,” in Proc. 2006 International Wireless Communications and Mobile Computing Conference (IWCMC), Vancouver, Canada, 2006. [15] T. Bray, J. Paoli, C. M. Sperberg-McQueen, E. Maler, F. Yergeau (September 2006), “Extensible Markup Language (XML) 1.0”, World Wide Web Consortium, http://www.w3.org/TR/2006/REC-xml20060816/, accessed Jan. 14, 2008. [16] The Gramm-Leach-Bliley Website: http://banking.senate.gov/conf/, accessed Jan. 14, 2008. [17] J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, C. Wells and B. Zhao, “OceanStore: an Architecture for Global- Scale Persistent Storage,” in Proc. Ninth International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 190 - 201, November 2000, Cambridge, Massachusetts, United States. [18] H. Cheng, X. Li, “Partial Encryption of Compressed Images and Videos,” IEEE Transactions on Signal Processing, vol. 48, no. 8, pp. 2439-2451, August 2000. [19] M. Van Droogenbroeck, R. Benedett, “Techniques for a Selective Encryption of Uncompressed and Compressed Images,” in Proc. Advanced Concepts for Intelligent Vision Systems, pp. 90 - 97, Ghent University, Belgium, September 2002. [20] R. Pfarrhofer and A. Uhl, “Selective Image Encryption using JBIG,” Lecture Notes in Computer Science, pp. 98-107, 2005. [21] S. Lian, J. Sun, D. Zhang, Z. Wang, “A Selective Image Encryption Scheme Based on JPEG2000 Codec,” Lecture Notes in Computer Science, vol. 3332, pp. 65 - 72, 2004. [22] X. Lu and A. Eskicioglu, “Selective Encryption of Multimedia Content in Distribution Networks: Challenges and New Directions,” in Proc. IASTED International Conference on Communications, Internet and Information Technology (CIIT 2003), Scottsdale, AZ, USA, November 2003. [23] A. Pommer and A. Uhl, “Application Scenarios for Selective Encryption of Visual Data,” in Proc. Multimedia and Security Workshop, ACM Multimedia, pp. 71 - 74, Juan-les-Pins, France, December 2002. [24] A. Pommer and A. Uhl, “Selective Encryption of Wavelet-Packet Encoded Image Data Efficiency and Security,” ACM Multimedia Systems, Special issue on Multimedia Security, pp. 279 - 287, 2003.
[25] M. Van Droogenbroeck, “Partial Encryption of Images for Real-Time Applications,” http://www.ulg.ac.be/telecom/publi/publications/mvd/Vandroogenbroeck2004Partial.pdf, 2004, accessed Jan. 14, 2008. [26] S. Lakshmanan, M. Ahamad, and H. Venkateswaran, Responsive Security for Stored Data, IEEE Transactions on Parallel and Distributed Systems, vol. 14, no. 9, September 2003. [27] L. Wang, Y. Nie, W. Nie, and L. Jiao, “Artificial Immune Strategies Improve the Security of Data Storage”, in Proc. ICNC 2005, LNCS 3611, pp. 839 – 848, 2005. [28] S. Morgan, L. Russell and B. Reed, Security Method and System for Persistent Storage and Communications on Computer Network Systems and Computer Network Systems Employing the Same, International Business Machines Corporation, Patent number: 6816970, Nov 9, 2004. [29] B. Iyer, S. Mehrotra, E. Mykletun, G. Tsudik, and Y. Wu, “A Framework for Efficient Storage Security in RDBMS,” in Proc. Seventh Int’l Conf. Extending Database Technology (EDBT 2004), Mar. 2004 [30] J. D. Strunk, G. R. Goodson, M. L. Scheinholtz, C. A. N. Soules, and G. R. Ganger, Self- Securing Storage: Protecting Data in Compromised Systems, in Proc. 2000 Symposium on Operating Systems Design and Implementation (OSDI), October 2000. [31] W. Diffie, P.C. van Oorschot, and M.J. Wiener, “Authentication and authenticated key exchanges”, Designs, Codes and Cryptography 2 (1992), 107-125.
AN INTELLECT LEARNING ON E-MAIL SECURITY AND FRAUD, SPAM AND PHISHING Dr.P.S.Jagadeesh Kumar1 , Dr.S.Meenakshi Sundaram2 , Mr.Ranjeet kumar3 1, 2, 3 Department of Computer Science and Engineering, Don Bosco Institute of Technology, Kumbalagodu, Bangalore, India – 560074. ABSTRACT Cybercrime has grown voluminous pleats with veneration to the development of first-hand technology. The flout towards cybercrime has become todays prime centric with developing countries frugality as well. Nonetheless hefty figure of security and privacy available with modern expertise; phishing, spam and email fraud are more equally exasperating. In this intellect learning, the authors’ primary interest is to make a healthy charge on phishing, spam and email fraud towards the wealthy personal information and realm. Official and business related information needs added exhaustive sanctuary and discretion from the hackers to be on the top in their one-to-one arena. KEYWORDS Cybercrime, Phishing, Spam, Email fraud, Security and Privacy, Intellect learning. For More Details : http://airccse.org/journal/nsa/7515nsa03.pdf Volume Link : http://airccse.org/journal/jnsa15_current.html
REFERENCES [1] Andronicus A. Akinyelu and Aderemi O. Adewumi, (2014) “Classification of Phishing Email Using Random Forest MachineLearning Technique”, Journal of Applied Mathematics, Hindawi Publishing Corporation, Vol. 2014, Article ID 425731, 6 pages. [2] Dhanalakshmi Ranganayaklu&Chellapan C, (2013) “Detecting malicious URLs in E-mail – An Implementation”Proceedia of AASRI Conference on intelligent systems and control, Elsevier, pp.125-131. [3] Jagruti Patel, Sheetal Mehta, (2015) “A literature review on phishing email detection using data mining”, International Journal of Engineering Sciences & Research Technology, Vol. 4(3), pp.46-53. [4] M.Madhuri, K.Yeseswini, U.Vidya Sagar, (2013) “Intelligent phishing website detection andPrevention system by using link guard algorithm” International Journal of Communication Network Security, ISSN: 2231 – 1882, Vol. 2, Issue2, pp.9-16. [5] Tzipora Halevi, James Lewis, Nasir Memon, (2013) “A Pilot Study of Cyber Security and Privacy Related Behavior and Personality Traits” International World Wide Web ConferenceCommittee (IW3C2), May 13–17, Rio de Janeiro, Brazil.ACM 978-1-4503-2038- 2/13/05. [6] Jayshree Hajgude, Dr.Lata Ragha, (2013) “Performance Evaluation of Phish Mail Guard: Phishing Mail Detection Technique by using Textual and URL analysis” Int. J. on Recent Trends in Engineering and Technology, Vol. 8, No. 1, pp.23-29, ACEEE Publication. [7] Ritika Arora, Neha Arora, (2014) “Phishing Attack Techniques”, International Journal of Computer Science and Technology, Vol.5, Issue.4, pp.300-302. [8] Amir Herzberg, Ahmad Jbara, (2006) “Security and Identification Indicators for Browsersagainst Spoofing and Phishing Attacks”, manuscript is available as ePrint Archive: Report 2004/155, at http://eprint.iacr.org/2004/155 [9] S.Arun, D.Anandan, T.Selvaprabhu, B.Sivakumar, P.Revathi, H.Shine, (2012) “Detecting Phishing attacks inpurchasing process through proactive approach” Advanced Computing: An International Journal (ACIJ), Vol.3, No.3, pp.81-93, DOI: 10.5121/acij.2012.3309. [10] Yan Luo, (2010) “Workload characterization of spam emailfiltering systems” International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, pp.22-4. [11] Gaurav Ojha and Gaurav Kumar Tak, (2012) “A novel approach against e-mail attacksderived from user-awareness basedtechniques” International Journal of Information Technology Convergence and Services (IJITCS) Vol.2, No.4, pp.1-16, DOI: 10.5121/ijitcs.2012.2401.
[12] Srishti Gupta, Ponnurangam Kumaraguru, (2014) “Emerging Phishing Trends and Effectiveness of theAnti-Phishing Landing Page” arXiv: 1406.3682v1 [cs.CY]. [13] Maher Aburrous,M.A. Hossain, Keshav Dahal, Fadi Thabtah (2010) “Associative Classification Techniques for predicting e-Banking PhishingWebsites” MCIT, 978-1-4244- 7003-7/10© IEEE. [14] Andre Bergholz, Jan De Beer, Sebastian Glahn,Marie-Francine Moens, Gerhard Paab and Siehyun Strobel, (2010) “New filtering approaches for phishing email” Journal of Computer Security,Vol.18, pp.7–35, DOI 10.3233/JCS-2010-037, IOS Press. [15] Thamarai Subramaniam, Hamid A.Jalab and Alaa Y.Taqa, (2010) “Overview of textual antispam filtering techniques” International Journal of the Physical Sciences, Vol. 5(12), pp. 1869-1882, Available online at http://www.academicjournals.org/IJPS ©2010 Academic Journals. [16] Cleber K. Olivoa, Altair O.Santina, Luiz S.Oliveirab, (2013) “Obtaining the threat model for e-mail phishing” Applied Soft Computing, Vol. 13, pp. 4841–4848, Contents lists available at ScienceDirect, 1568-4946 © Elsevier B.V. DOI:10.1016/j.asoc.2011.06.016. [17] Nalin Asanka Gamagedara, Steve Love, Carsten Maple, (2013) “Can a Mobile Game Teach Computer Users to Thwart Phishing Attacks?” International Journal for Infonomics (IJI), Volume 6, Issues ¾, pp.720-730, http://www.infonomics-society.org/IJI [18] Carine G. Webber, Maria de Fatima W. do Prado Lima, and Felipe S. Hepp, (2012) “Testing Phishing Detection Criteria and Methods” Frontiers in Computer Education, AISC 133, pp. 853–858, © Springer-Verlag Berlin Heidelberg. [19] Kamini (Simi) Bajaj and Josef Pieprzyk, (2014) “A Case Study of User-Level Spam Filtering” Proceedings of the Twelfth Australasian Information Security Conference, Auckland, New Zealand, pp.67-75. [20] Satish.S, Suresh Babu.K, (2013) “Phishing websites detection based on web source code and url in the webpage” International Journal of Computer Science and Engineering Communications IJCSEC. Vol.1 Issue.1, pp.1-5, scientistlink.com. [21] Tyler Moore and Richard Clayton, (2007) “Examining the Impact of Website Take-down on Phishing” APWG eCrime Researchers Summit, Pittsburgh, PA, USA. [22] Maher Aburrous, M.A.Hossain, Keshav Dahal, Fadi Thabtah, (2010) “Intelligent phishing detection system for e-banking using fuzzy data mining” Expert Systems with Applications, Vol.37, pp.7913– 7921, 0957-4174, Elsevier Ltd,DOI:10.1016/j.eswa.2010.04.044
[23] A.S.Zadgaonkar, Suraj Prasad Keshari, Savita Ajay, (2013) “A Model for Identifying Phishing EMail Based on Structural Properties” International Journal of Science and Modern Engineering (IJISME)ISSN: 2319-6386, Volume-1, Issue-6, pp.71-74. [24] Ali Darwish, Ahmed El Zarka and Fadi Aloul, (2013) “Towards Understanding Phishing Victims' Profile” 978-1-4673-5157-7/13 © IEEE. [25] Asani emmanuel oluwatobi, Aadegun adekanmi, (2014) “Maximum phish bait: towards feature based detection of phising using maximum entropy classification technique” International Conference on Science, Technology, Education, Arts, Management and Social SciencesiSTEAMS Research Nexus Conference. [26] Saeed Abu-Nimeh, Dario Nappa, Xinlei Wang, and Suku Nair, (2009) “Distributed Phishing Detection by ApplyingVariable Selection using Bayesian AdditiveRegression Trees” IEEE ICC 2009 proceedings, http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=5198931978-1-4244-3435-0/09 © IEEE. [27] Nirmala Suryavanshi, Anurag Jain, (2015) “A Review of Various Techniques for Detection and Prevention for Phishing Attack” International Journal of Advanced Computer Technology, Vol.4, No.3, pp.41-46. [28] Niharika Vaishnaw, SRTandan (2015) “Development of Anti-Phishing Model forClassification of Phishing E-mail” International Journal of Advanced Research in Computer and Communication EngineeringVol. 4, Issue 6, pp.39-45, DOI 10.17148/IJARCCE.2015.4610. [29] Niharika Vaishnaw, SRTandan (2011) “Architecture for the Detection of phishing in MobileInternet” International Journal of Computer Science and Information Technologies, Vol.2 (3), pp.1297-1299. [30] Geerthik.S (2013) “Survey on Internet Spam: Classification and Analysis” Int.J.Computer Technology & Applications,Vol 4 (3), pp.384-391,Available online@www.ijcta.com. [31] P.Rohini, K.Ramya (2014) “Phishing Email Filtering Techniques-A Survey”, International Journal of Computer Trend and Technology, Vol.17, No.1, pp.18-21. http://www.ijcttjournal.org [32] Masoumeh Zareapoor, Seeja K.R (2015) “Feature Extraction or Feature Selection for Text Classification: A Case Study on Phishing Email Detection”, I.J. Information Engineering and Electronic Business, 2015, Vol.2, pp.60-65, Published Online March 2015 in MECS (http://www.mecs-press.org/)DOI: 10.5815/ijieeb.2015.02.08
[33] Ram B.Basnet, Andrew H.Sung, Quingzhong Liu (2014) “Learning to detect phishing URLs”, International Journal of Research in Engineering and Technology, Vol.3 Issue.6, pp.11-24, Available @ http://www.ijret.org [34] R. Dhanalakshmi, C. Chellappan, Quingzhong Liu (2012) “Mitigating E-Mail Threats - A Web Content BasedApplication”, Proceedings of the International MultiConference of Engineers and Computer Scientists, Vol.1, IMECS’12, Hong Kong. [35] R. Dhanalakshmi, C. Chellappan, Quingzhong Liu (2012) “Evolving Fuzzy Neural Network for Phishing Emails Detection”, Journal of Computer Science 8 (7): pp.1099-1107, ISSN 1549-3636©Science Publications. [36] Goverdhan Reddy Jidiga, Dr.P Sammulal, (2013) “Machine learning approach to anomaly detection incyber security with a case study of spamming attack”, International Journal of Computer Engineering& Technology, Vol.4, Issue.3, May-June (2013), pp. 113- 122, © IAEME: www.iaeme.com/ijcet.asp [37] Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, Dawn Song (2011) “Design and Evaluation of a Real-Time URL Spam Filtering Service”, IEEE Symposium on Security and Privacy, pp.447-462, 1081-6011/11© 2011 IEEE, DOI: 10.1109/SP.2011.25 [38] Steve Sheng, Mandy Holbrook, Ponnurangam Kumaraguru, Lorrie Cranor, Julie Downs (2010) “Who Falls for Phish? A Demographic Analysis of PhishingSusceptibility and Effectiveness of Interventions”, Atlanta, Georgia, USA.Copyright 2010 ACM 978-1-60558- 929-9/10/04. [39] Yue Zhang, Jason Hong, Lorrie Cranor (2007) “CANTINA: A Content-Based Approach toDetecting Phishing Web Sites”, International World Wide Web ConferenceCommittee, May 8–12, 2007, Banff, Alberta, Canada, ACM 978-1-59593-654-7/07/0005 [40] Ram B.Basnet,Andrew H.Sung (2010) “Classifying Phishing Emails Using Confidence- Weighted Linear Classifiers”, International Conference on Information Security and Artificial Intelligence (ISAI 2010),978-1-4244-8870-4 /10 C IEEE, pp.108-112. [41] Michalis Polychronakis, Panayiotis Mavrommatis, Niels Provos (2010) “Ghost turns Zombie: Exploring the Life Cycle of Web-based Malware”, https://www.usenix.org/legacy/event/leet08/tech/full_papers/polychronakis/polychronakis.pd f [42] JaeSeung Song and Andreas Kunz (2013) “Towards Standardized Prevention ofUnsolicited Communications and PhishingAttacks”, Journal of ICT Standardization, Vol. 1, PP.109–122, River Publishers, DOI: 10.13052/jicts2245-800X .126. [43] Bo Li and Yevgeniy (2010) “Feature Cross-Substitution in Adversarial Classification”,http://vorobeychik.com/2014/sma.pdf
[44] Justin ma, Lawrence k.Saul, Stefan savage and Geoffrey M.Voelker(2011) “Towards Standardiz Prevention of Unsolicited Communications and Phishing Attacks”, ACM Transactions on Intelligent Systems and Technology, Vol.2, No.3, Article 30, ACM 2157- 6904/2011/04-ART30, http://doi.acm.org/10.1145/1961189.1961202 [45] Vishakha B.Pawar, Pritish A.Tijare (2014) “Phishing Email Detection Techniques: A Review”, International Journal of Advance Research inComputer Science and Management Studies, Vol.2, 277, Available online at: www.ijarcsms.com [46] Noor Ghazi M.Jameel, Loay E.George (2013) “Detection Phishing Emails Using Features Decisive Values”, International Journal of Advanced Research inComputer Science and Software Engineering, Vol.3, Issue 7, pp.257-262, Available online at: www.ijarcsse.com [47] Hima Sampath Rao, SK Abdul Nabi (2014) “A novel approach for predictingphishing websites using the mapreduce framework”, International Journal of Computer Science and Mobile Computing, Vol.3, Issue 10, pp.505-510, Available Online at www.ijcsmc.com [48] Mona Ghotaish Alkhozae, Omar Abdullah Batarfi (2011) “Phishing Websites Detection based on Phishing Characteristics in the Webpage Source Code”, International Journal of Information and Communication Technology Research, Vol.1, No.6, pp.283-291. [49] Boateng,Priscilla Mateko Amanor (2014) “Phishing, SMiShing & Vishing: An Assessment of Threats againstMobile Devices”, Journal of Emerging Trends in Computing and Information Sciences, Vol.5, No.4, pp.297-307, Available Online at www.ijcsmc.com [50] De Wang, Shamkant B. Navathe, Ling Liu, Danesh Irani, Acar Tamersoy, Calton Pu (2014) “Click Traffic Analysis of Short URL Spam on Twitter”, http://www.cc.gatech.edu/~atamerso/papers/wang_collaboratecom13.pdf [51] Yan Yeung (2007) “A Learning Approach to Spam Detection bas SocialNetworks”, CEAS 2007 - Fourth Conference on Email and Anti-Spam, August 2 2007, Mountain View, California USA. [52] Szde Yu (2011) “Email spam and the CAN-SPAM Act: A qualitative analysis”, International Journal of Cyber Criminology, Vol. 5 Issue 1, Vol.1, No.6, pp.715-735. [53] Shams Zawoad, Amit Kumar Dutta, Alan Sprague, Ragib Hasan, Jason Britt, and Gary Warner Net: Investigating Phish Clusters Using Drop Email Addresses”, http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6805777
AUTHORS Dr.P.S.Jagadesh Kumar, Professor in the Department of Computer Science and Engineering, Don Bosco Institute of Technology, Bengaluru has 16 years of teaching experience, including 6 year of research experience in the field of received his B.E. degree from University of Madras in Electrical and Electronics Engineering discipline in the year 1999. He obtained his M.E degree in 2004 with specialization in Computer Science and Engineering from Annamalai University Ph.D. from Anna University, Chennai. Dr.S.Meenakshi Sundaram is working as Professor and Head in the Department of Computer Science and Engineering at India. He obtained Bachelor Degree in Computer Science and Engineering from Bharathidasan University in 1989. He obtained his M.Tech from National Institute of Technology, Tiruchirappalli in 2006 and Ph.D. in Computer Science & Engineering from Anna University Chennai in 2014. He has presented 3 papers in International Conferences and published 17 papers in International Journals. Mr.Ranjeet Kumar is working as an Associate Professor in the Department of Computer Science & Engineering at Don Bosco Institute of Technology, Bengaluru 560074. He has completed Bachelor of engineering in electrical & electronics engineering from Kuvempu University, Shimoga, Karnataka in 2001. He has also completed his Master of Technology in Computer Science & Engineering from Visveswaraya Technological University, Belgaum, Karnataka in 2010.
ARCHITECTURE FOR INTRUSION DETECTION SYSTEM WITH FAULT TOLERANCE USING MOBILE AGENT Chintan Bhatt1 , Asha Koshti2 ,Hemant Agrawal3 , Zakiya Malek4 , Dr Bhushan Trivedi5 MCA Dept.,GLS Institute of Computer Technology, Ahmedabad, India ABSTRACT This paper is a survey of the work, done for making an IDS fault tolerant. Architecture of IDS that uses mobile Agent provides higher scalability. Mobile Agent uses Platform for detecting Intrusions using filter Agent, co-relater agent, Interpreter agent and rule database. When server (IDS Monitor) goes down, other hosts based on priority takes Ownership. This architecture uses decentralized collection and analysis for identifying Intrusion. Rule sets are fed based on user- behaviour or application behaviour. This paper suggests that intrusion detection system (IDS) must be fault tolerant; otherwise, the intruder may first subvert the IDS then attack the target system at will. KEYWORDS Fault tolerance, Mobile Agent, Intrusion Detection System For More Details : http://airccse.org/journal/nsa/0911nsa13.pdf Volume Link : http://airccse.org/journal/jnsa11_current.html
REFERENCES [1] Lange, D., Oshima, M. 1998. Programming and Deploying Java Mobile Agents with Aglets . Addison-Wesley. [2] Rothermel, K., Schwehm, M. 1998. Mobile Agents . In Kent, A., Williams, J. (Editors) Encyclopedia for Computer Science and Technology . M. Dekker Inc. New York, USA [3] Jansen, W. 1999. Mobile agents and security. In Proceedings of the 1999 Canadian Information Technology Security Symposium . [4] Jansen, W. 2002. Intrusion detection with mobile agents. Computer Communications , 25(15): 1392-1401. [5] Jansen, W., Karygiannis, T. 1999. Mobile agent security. Special Publication 800 19, National Institute of Standards and Technology (NIST). [6] Jansen, W., Mell, P., Karygiannis, T., Marks, D. 1999. Applying mobile agents to intrusion detection and response. Interim Report 6416, National Institute of Standards and Technology (NIST) [7] Intelligent Agents for Distributed Intrusion Detection System M. Benattou, and K. Tamine World Academy of Science, Engineering and Technology 6 2005 [8] Intrusion Detection & Prevention by Carl Endorf, Eugene Schultz and Jim Mellander ISBN:0072229543 TMH pub. [9] INTELLIGENT INTRUSION DETECTION SYSTEM FRAMEWORK USING MOBILE AGENTS International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 2, July 2009 [10] DIDMA: A Distributed Intrusion Detection System Using Mobile Agents Pradeep Kannadiga and Mohammad Zulkernine School of Computing Queen’s University Proceedings of the Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Networks (SNPD/SAWN’05) 0-7695-2294-7/05 © 2005 IEEE [11] Applying Mobile Agents to Intrusion Detection and Response Wayne Jansen, Peter Mell, Tom Karygiannis, Don Marks National Institute of Standards and Technology Computer Security Division NIST Interim Report (IR) – 6416 October 1999 [12] An Architecture for Intrusion Detection using Autonomous Agents Jai Sundar Balasubramaniyan, Jose Omar Garcia-Fernandez,DavidIsaco, Eugene Spafford, Diego Zamboniy Center for Education and Research in Information Assurance and Security Purdue University CERIAS Technical Report 98/05 June 11, 1998
[13] A New Mobile Agent-Based Intrusion Detection System Using Distributed Sensors Mohamad Eid American University of Beirut, Department of Electrical and Computer Engineering [14] Snort website: www.snort.org AUTHORS Chintan Bhatt MCA, SEM-5 Student GLSICT, Ahmedabad , India Research Area :- Network Security Asha Koshti MCA, SEM-5 Student GLSICT, Ahmedabad , India Research Area :- Network Security Hemant Agrwal MCA, SEM-5 Student GLSICT, Ahmedabad , India Research Area :- Network Security Zakiya Malek Assistant Professor, GLSICT, Ahmedabad , India Research Area :- Network Security Dr. Bhushan Trivedi Ditrector, GLSICT, Ahmedabad , India Research Area :- Network Security
IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY Moussa WITTI and Dimitri KONSTANTAS Information Science Institute University of Geneva Route de Drize 7, 1227 Carouge, Switzerland ABSTRACT The increase of smart devices has accelerated sensitive data exchange on the Internet using most of the time unsecured channels. Since a massive use of RFID (Radio-frequency Identification) tags in the transportation and construction industries from 1980 to 1990, with the expanded use of the Internet with 2G/3G or 4G since 2000, we are witnessing a new era of connected objects. A huge number of heterogeneous sensors may collect and dispatch sensitive data from an endpoint to worldwide network on the Internet. Privacy concerns in IOT remain important issues in the research. In this paper, we aim to evaluate current research state related to privacy and security in IOT by identifying existing approaches and publications trends. Therefore, we have conducted a systematic mapping study using automated searches from selected relevant academics databases. The result of this mapping highlights research type and contribution in different facets and research activities trends in the topic of “security and privacy” in IoT edge, cloud and fog environment. KEYWORDS Internet of Thing, privacy, security, the mapping study For More Details : http://aircconline.com/ijnsa/V10N6/10618ijnsa03.pdf Volume Link : http://airccse.org/journal/jnsa18_current.html
REFERENCES [1] Aaditya Jain, B. S. (2016, April). Internet of Things: Architecture, security goals, and challenges. International Journal Innovative Research in Science & Engineering (IJIRSE), Vol.No2:Issue4. [2] Alfaqih, T. M., & Al-Muhtadi, J. (2016). Internet of Things Security based on Devices Architecture. International Journal of Computer Applications. [3] Athreya, A. P., DeBruhl, B., & Tague, P. (2013). Designing for self-configuration and selfadaptation in the “internet of things" in Collaborative Computing: Networking Applications and Worksharing. 9th International Conference Collaboratecom, (pp. 585-592). [4] Bagozzi, R. Y. (1991). Assessing Construct Validity in Organizational Research. Administrative Science Quarterly (36:3), pp 421-458. [5] Bouij-Pasquier Imane, A. A. (2015). A Security Framework for Internet of Things. 14 th International conference, CANS 2015, , (pp. 19-31 Volume 9476 of the series Lecture Notes in Computer Science). Marrakesh. [6] Burnett L., K. B.-S. (Volume 10, Issue 4, May 2003). The GeneTrustee: a universal identification system that ensures privacy and confidentiality for human genetic databases. Journal of law and medicine, 506-513. [7] Cavalcante E. et al. (2016). On the interplay of Internet of Things and Cloud Computing: A systematic mapping study. Computer Communications Volumes 89-90, Pages 17-33. [8] Charu C. Aggarwal; Philip S. Yu, eds. (2008). "A General Survey of Privacy". Privacy- Preserving Data Mining – Models and Algorithms [9] Ding Chao, L. Y. (2011). Security Architecture and Key Technologies for IoT/CPS. ZTE Communication, 17(1):11-16. [10] Erez Shmueli, T. Z. (2014). Constrained obfuscation of relational databases. Information Sciences, Volume 286, 35. [11] Gang G., L. Z. (2011). "Internet of things security analysis," in Internet Technology and Applications (iTAP), 2011 International Conference on, 1-4. [12] Gregor, S. (2006). The Nature of Theory in Information Systems. MIS Quarterly (30:3), 611-642. [13] Hernandez-Ramos JosAľ L., J. B. (2015). Preserving Smart Objects Privacy through Anonymous. Sensors - Open Access Journal. [14] Hevner, A. M. (2004). Design Science in Information Systems Research. MIS Quarterly (28:1), 75-105.
[15] JianQiang Li, J.-J. Y. (2013). A top-down approach for approximate data anonymisation. Enterprise Information Systems, 272. [16] Junqing Le, X. L. (2016). Full Autonomy: A Novel Individualized Anonymity Model for Privacy Preserving. Computers & Security. [17] Kocher, P. L. (2004). Security as a new dimension in embedded. In: Proceedings of the 41st Annual Design Automation Conference, DAC 2004, San Diego, CA, USA, June 7-11 (pp. 753- 760). New York: ACM. [18] Liu C., Y. Z. (2012). Research on Dynamical Security Risk Assessment for the Internet of Things inspired by immunology, in Eighth International Conference on Natural Computation (ICNC). [19] Leusse P, P. P. (2009). Security Cell, a security model for the Internet of Things and Services. International Conference on in Advances in Future Internet, (pp. 47-52). [20] Loukil F., Ghedira C., Aïcha-Nabila B., Boukadi K., Maamar Z. Privacy-Aware in the IoT Applications: A Systematic Literature Review. International Conference on Cooperative Information Systems (CoopIS) 2017. Proceedings, Part I. Lecture Notes in Computer Science 10573, Springer 2017, ISBN 978-3-319-69461-0, Oct 2017, Rhodes, Greece. [21] Mingqiang Xue, P. P. (2011). Distributed privacy preserving data collection. In Proceedings of the 16th international conference on Database systems for advanced applications. [22] Ninghui Li, Tiancheng Li, and Suresh Venkatasubramanian "t-Closeness: Privacy Beyond kAnonymity and l-Diversity," 2007 IEEE 23rd International Conference on Data Engineering, Istanbul, 2007, pp. 106-115. [23] Pan Yang, X. G. (2013). A Privacy-Preserving Data Obfuscation Scheme Used in Data Statistics and Data Mining. IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing,(p. 881). [24] Pierangela Samarati and L. Sweeney. k-anonymity: a model for protecting privacy. Proceedings of the IEEE Symposium on Research in Security and Privacy (S&P). May 1998, Oakland, CA. [25] Kai Petersen, Robert Feldt, Shahid Mujtaba, and Michael Mattsson. 2008. Systematic mapping studies in software engineering. In Proceedings of the 12th international conference on Evaluation and Assessment in Software Engineering (EASE’08), Giuseppe Visaggio, Maria Teresa Baldassarre, Steve Linkman, and Mark Turner (Eds.). BCS Learning & Development Ltd., Swindon, UK, 68-77. [26] Philipp Offermann, O. L. (2009). Outline of a design science research process. In Proceedings of the 4th International Conference on Design Science Research in Information Systems and Technology (DESRIST ’09).
[27] Ricardo Neisse, G. S. (2015). A Model-based Security Toolkit for the Internet of Things. ScienceDirect. [28] Robert Bredereck, A. N. (2014). The effect of homogeneity on the computational complexity of combinatorial data anonymization. Data Mining and Knowledge Discovery, Volume 28, Number 1,65. [29] Samani A., H. H. (2015). Privacy in Internet of Things: A Model and Protection Framework. The 6th International Conference on Ambient Systems, Networks and Technologies (ANT-2015), the 5th International Conference on Sustainable Energy Information Technology (SEIT-2015) (pp. Volume 52, 2015, Pages 606-613). Procedia Computer Science. [30] Shmatikov, J. B. (2006). Efficient anonymity-preserving data collection. In Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining (KDD ’06).ACM, New York, NY, USA, (pp. 76-85). [31] Syazarin, N., Aziz, N. A., Daud, S. M., & Syarif, S. A. (2017). An Overview on Security Features or Internet of Things (IoT) in Perception Layer. Journal of Engineering and Applied Sciences. [32] Usha P., R. S. (2014). Sensitive attribute based non-homogeneous anonymization for privacy preserving data mining. International Conference on Information Communication and Embedded Systems (ICICES2014), 1. [33] Venable, J. (2006). The Role of Theory and Theorising in Design Science Research. First International Conference on Design Science Research in Information Systems and Technology, (pp.1-18). Claremont, CA: Claremont Graduate University. [34] Xiao L, H. B. (2010). A knowledgeable security model for distributed health information systems. Computers & Security., (pp. 331-349). [35] Xin Ma, Q. H. (2010). Study on the Applications of Internet of Things in the Field of Public Safety. China Safety Science Journal, 20(007):170-176. [36] Yunjung Lee, Y. P. (2015). "Security Threats Analysis and Considerations for Internet of Things". 2015 8th International Conference on Security Technology (SecTech), (pp. vol. 00, no. , pp. 28- 30). [37] ZhangW., B. Q. (2013). Security Architecture of the Internet of Things Oriented to Perceptual Layer. in International Journal on Computer, Consumer and Control (IJ3C), Volume 2, No.2. [38] Zhiqiang Yang, S. Z. (2005). Anonymity-preserving data collection. In Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining (KDD ’05). ACM,New York, NY, USA, (pp. 334-343).
AUTHORS Moussa WITTI is a consulting engineer and IT architect in the R&D. He is advising bank and insurance firms in content and data management. He has more than 13 years of IT application development and deployment experience. He has obtained an MBA from Toulouse Business School and master Research in Computer Science from university of Franche-Comté in Besançon (FRANCE). Dimitri KONSTANTAS is Professor at the University of Geneva (CH) and director of the . He has been active since 1987 in research in the areas of Object Oriented systems, agent technologies, and mobile health systems, with numerous publications in international conferences and journals. His current interests are Mobile Services and Applications with special focus in the well- being services for elderly and information security. Professor D. Konstantas has a long participation in European research and industrial projects and is consultant and expert to several European companies and governments.
STEGANALYSIS ALGORITHM FOR PNG IMAGES BASED ON FUZZY LOGIC TECHNIQUE Jawaher alqahtani, Daniyal Alghazzawi1 and Li Cheng2 1 Department of Information Systems, King Abdulaziz University, Jeddah, Saudi Arabia 2 Xinjiang Technical Institute of Physics & Chemistry, Chinese Academy of Sciences, China ABSTRACT Embedding a message in media files, also known as steganography, is a common approach to hide secret information. It has been exploited by some criminals to confidentially exchange messages. As a countermeasure, tools have been developed in order to detect hidden information form digital media such as text, image, audio or video files. However the efficiency and performance of previous approaches still have room for improvement. In this research, we focus on algorithm design for better efficiency of hidden message detection from PNG files. We employ three classic AI approaches including neural network, fuzzy logic, and genetic algorithm and evaluate their efficiency and performance in controlled experiments. Finally we introduce our message detection system for PNG files based on LSB approach and present its usability in different case scenarios. KEYWORDS Steganography, Steganalysis, Artificial Intelligence, fuzzy logic. For More Details : https://aircconline.com/ijnsa/V8N6/8616ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa16_current.html
REFERENCES [1] P. Thiyagarajan, G. Aghila, and V. P. Venkatesan, "Steganalysis Using Color Model Conversion," arXiv preprint arXiv:1206.2914, 2012. [2] R. Poornima and R. Iswarya, "An Overview of digital image Steganography," International Journal of Computer Science & Engineering Survey (IJCSES), vol. 4, pp. 23-31, 2013. [3] S. Engle, "Current State of Steganography: Uses, Limits, & Implications," Retrieved March, vol. 12, p. 2012, 2003. [4] S. A. Laskar and K. Hemachandran, "A Review on Image Steganalysis techniques for Attacking Steganography," in International Journal of Engineering Research and Technology, 2014. [5] C. James, "Steganography Past, Present, Future," URL:http://www.sans.org/reaing_room/whitepapers/steganography/steganogaphy_past_prese nt_futur e _552. pdf ( 12.12. 2009). [6] B. Boehm, "StegExpose-A Tool for Detecting LSB Steganography," arXiv preprint arXiv:1410.6656, 2014. [7] M. M. Amin, M. Salleh, S. Ibrahim, M. R. Katmin, and M. Shamsuddin, "Information hiding using steganography," in Telecommunication Technology, 2003. NCTT 2003 Proceedings. 4th National Conference on, 2003, pp. 21-25. [8] R. Amirtharajan, V. Rajesh, P. Archana, and J. Rayappan, "Pixel indicates, standard deviates: A way for random image steganography," Res. J. Inform. Technol, vol. 5, pp. 383-392, 2013. [9] G. Swain and S. K. Lenka, "Classification image steganography techniques in spatial domain: A study," Int J Comput Sci Eng Tech, vol. 5, pp. 219-32, 2014. [10] S. Goel, A. Rana, and M. Kaur, "A Review of Comparison Techniques of Image Steganography," Global Journal of Computer Science and Technology, vol. 13, 2013. [11] S. Azevedo, L. Gonçalves, and R. Rudson, Fuzzy Logic on a Polygenic Multi-Agent System for Steganalysis of Digital Images: INTECH Open Access Publisher, 2012. [12] W. W. Zin, "Message Embedding In PNG File Using LSB Steganographic Technique," International Journal of Science and Research (IJSR) Volume, vol. 2, 2013. [13] T. Qiao, F. Retraint, R. Cogranne, and C. Zitzmann, "Steganalysis of JSteg algorithm using hypothesis testing theory," EURASIP Journal on Information Security, vol. 2015, pp. 1-16, 2015.
[14] J. Fridrich and J. Kodovský, "Steganalysis of LSB replacement using parity-aware features," in Information Hiding, 2013, pp. 31-45. [15] V. L. Reddy, A. Subramanyam, and P. C. Reddy, "Implementation of LSB steganography and its evaluation for various file formats," Int. J. Advanced Networking and Applications, vol. 2, pp. 868-872, 2011. [16] H.-W. Tseng and H.-S. Leng, "A Steganographic Method Based on Pixel-Value Differencing and the Perfect Square Number," Journal of Applied Mathematics, vol. 2013, 2013. [17] D.-C. Wu and W.-H. Tsai, "A steganographic method for images by pixel-value differencing," Pattern Recognition Letters, vol. 24, pp. 1613-1626, 2003. [18] M. H. Mohamed, N. M. Al-Aidroos, and M. A. Bamatraf, "Innovative Multi-Level Secure Steganographic Scheme based on Pixel Value Difference." [19] D. Gupta and S. Choubey, "Discrete Wavelet Transform for Image Processing," International Journal of Emerging Technology and Advanced Engineering, vol. 4, pp. 598- 602, 2015. [20] R. an Amirtharajan and J. Rayappan, "Steganography—time to time: A review," Research Journal of Information Technology, vol. 5, pp. 58-66, 2013. [21] A. Ibrahim, "Steganalysis in computer forensics," in Australian Digital Forensics Conference, 2007, p. 10. [22] N. Meghanathan and L. Nayak, "Steganalysis algorithms for detecting the hidden information in image, audio and video cover media," international journal of Network Security & Its application (IJNSA), vol. 2, pp. 43-55, 2010. [23] R. P. S. Sruthi Das N, "A Survey on Different Image Steganalysis Techniques," International Journal of Modern Trends in Engineering and Research vol. 02, p. 5, 2015. [24] K. Curran and J. Mc Devitt, "Image analysis for online dynamic steganography detection," Computer and Information Science, vol. 1, p. p32, 2008. [25] H. Wang and S. Wang, "Cyber warfare: steganography vs. steganalysis," Communications of the ACM, vol. 47, pp. 76-82, 2004. [26] S. O. Mundhada and V. Shandilya, "Spatial and Transformation Domain Techniques for Image Enhancement," International Journal of Engineering Science and Innovative Technology (IJESIT), vol. 1, pp. 213-216, 2012.
[27] J. Green, I. Levstein, C. R. J. Boggs, and T. Fenger, "Steganography Analysis: Efficacy and Response-Time of Current Steganalysis Software," J Comput Sci, vol. 9, pp. 236-44, 2015. [28] R. Kumar, K. K. Saini, and S. Chand, "A New Steganography Technique Using Snake Scan Ordering Strategy," International Journal of Image, Graphics and Signal Processing (IJIGSP), vol. 5, p. 25, 2013. [29] R. Singh and G. Chawla, "A Review on Image Steganography," International Journal of Advanced Research in Computer Science and Software Engineering, vol. 4, pp. 686-689, 2014. [30] S. Mehta, A. Maru, and P. K. Goel, "A Survey Paper on Steganalysis F5 Algorithm." [31] A. Brown, "Graphics File Formats," ed, 2008. [32] S. M. Badr, G. Ismaial, and A. H. Khalil, "A Review on Steganalysis Techniques: From Image Format Point of View," International Journal of Computer Applications, vol. 102, 2014. [33] T. Boutell, "PNG (Portable Network Graphics) Specification Version 1.0," 1997. [34] M. Al Fahdi, N. Clarke, and S. Furnell, "Towards An Automated Forensic Examiner (AFE) Based Upon Criminal Profiling & Artificial Intelligence," 2013. [35] A. Irons and H. S. Lallie, "Digital Forensics to Intelligent Forensics," Future Internet, vol. 6, pp. 584-596, 2014. [36] R. Din and A. Samsudin, "Computational intelligence in steganalysis environment," 2008. [37] A. I. Bouguerne, B. H. F. Merouani, and C. N. Kobsi, "Multi Resolution Decomposition For A Passive Steganalysis Based On a Multi Agent System." [38] N. Kobsi and H. F. Merouani, "Neural Network Based Image Steganalysis: A Comparative Study," in Neural Networks for Signal Processing [1994] IV. Proceedings of the 1994 IEEE Workshop, 2007, pp. 423-430. [39] I. Khan, "An Efficient Neural Network based Algorithm of Steganography for image," International Journal of Computer Technology and Electronics Engineering (IJCTEE) Volume, vol. 1, pp. 63-67. [40] C. Bergman and J. Davidson, "An artificial neural network for wavelet steganalysis," Final Report to Midwest Forensics Resource Center, 2005.
[41] S. Bakhshandeh, J. R. Jamjah, and B. Z. Azami, "Blind Image Steganalysis based on local information and human visual system," in Signal Processing, Image Processing and Pattern Recognition, ed: Springer, 2009, pp. 201-208. [42] X. Y. Yu and A. Wang, "An investigation of genetic algorithm on steganalysis techniques," in Intelligent Information Hiding and Multimedia Signal Processing, 2009. IIH- MSP'09. Fifth International Conference on, 2009, pp. 1118-1121.
A PLAIN IMAGE DEPENDENT IMAGE ENCRYPTION SCHEME USING HALF PIXEL LEVEL INTERCHANGE PERMUTATION OPERATION Li Liu, Yucheng Chen and Ruisong Ye Department of Mathematics, Shantou University, Shantou, Guangdong, 515063, P. R. China ABSTRACT In this paper, a chaos-based image encryption scheme with half-pixel-level interchange permutation strategy and plain-image dependence is proposed. The proposed image encryption scheme consists of a confusion process and a diffusion process. In the confusion process, a pixel- swapping operation between higher bit planes and lower bit planes is employed to replace the traditional confusion operation. The halfpixel-level interchange permutation strategy between the higher 4-bit plane part and the lower 4-bit plane part not only improves the conventional permutation efficiency within the plain-image, but also changes all the pixel gray values. The system parameters of generalized Arnold map applied for the permutation operation relies on the plain-image content and consequently can resist chosen-plaintext and knownplaintext attacks effectively. To enhance the security of the proposed image encryption, one multimodal skew tent map is utilized to generate pseudo-random gray value sequence for diffusion operation. Simulations have been carried out thoroughly with comparisons with some other existing image encryption schemes. The experimental results demonstrate that the proposed image encryption scheme is highly secure thanks to its large key space and efficient permutation-diffusion operations. KEYWORDS Generalized Arnold map, Interchange permutation, Chaotic system, Multimodal skew tent map, Image encryption. For More Details : https://aircconline.com/ijnsa/V9N4/9417ijnsa05.pdf Volume Link : http://airccse.org/journal/jnsa17_current.html
REFERENCES [1] D. R. Stinson, Cryptography: Theory and Practice, CRC Press, Boca Raton, 1995. [2] C. E. Shannon, Communication theory of secrecy systems, Bell Syst. Tech. J, 28(1949): 656- 715. [3] J. Fridrich, Symmetric ciphers based on two-dimensional chaotic maps, International Journal of Bifurcation and Chaos, 8(1998): 1259-1284. [4] Z.-H. Guan, F. Huang, W. Guan, Chaos-based image encryption algorithm, Physics Letters A, 346(2005): 153-157. [5] S. Lian, J. Sun, Z. Wang, A block cipher based on a suitable use of the chaotic standard map, Chaos, Solitons and Fractals, 26 (2005): 117-129. [6] Y. Wang, K. W. Wong, X. F. Liao, T. Xiang, G. R. Chen, A chaos-based image encryption algorithm with variable control parameters, Chaos, Solitons and Fractals, 41:4(2009): 1773- 1783. [7] W. Zhang, Kwok-wo. Wong, H. Yu, Z. Zhu, An image encryption scheme using reverse 2- dimensional chaotic map and dependent diffusion, Commun. Nonlinear Sci. Numer. Simul., 18:8(2013): 2066-2080. [8] Y. Xi, X. Zhang, R. Ye, Color image encryption based on multiple chaotic systems, International Journal of Network Security & Its Applications, 8:5(2016): 39-50. [9] C. Q. Li, S. J. Li, G. R. Chen, G. Chen, L. Hu, Cryptanalysis of a new signal security system for multimedia data transmission. EURASIP J. Appl. Signal Process., 8(2005): 1277-1288. [10] S. J. Li, C. Q. Li, G. R. Chen, N. G. Bourbakis, K. T. Lo, A general quantitative cryptanalysis of permutation-only multimedia ciphers against plain-image attacks. Signal Process. Image Commun., 23(2009): 212-223. [11] D. Xiao, X. Liao, P. Wei, Analysis and improvement of a chaos-based image encryption algorithm, Chaos, Solitons and Fractals, 40(2009): 2191-2199. [12] E. Solak, C. Cokal, O. T. Yildiz, and T. Biyikoglu, Cryptanalysis of fridrich’s chaotic image encryption, International Journal of Bifurcation and Chaos, 20:5 (2010): 1405-1413. [13] J. M. Liu, Q. Qu, Cryptanalysis of a substitution-diffusion based on cipher usingchaotic standard and logistic map, in: Third International Symposium on Information Processing, 2010, pp.67-69.
[14] R. Rhouma, E. Solak, S. Belghith, Cryptanalysis of a new substitution-diffusion based image cipher, Commun. Nonlinear Sci. Numer. Simulat., 15 (2010): 1887-1892. [15] X. Wang, G. He, Cryptanalysis on a novel image encryption method based on total shuffling scheme, Optics Commun., 284 (2011): 5804-5807. [16] R. Ye, A novel chaos-based image encryption scheme with an efficient permutation- diffusion mechanism, Optics Commun., 284(2011): 5290-5298. [17] Vinod Patidar, N. K. Pareek. G. Purohit, K. K. Sud, A robust and secure chaotic standard map based pseudorandom permutation substitution scheme for image encryption. Optics Commun., 284(2011): 4331-4339. [18] Y. Zhou, L. Bao, C.L. Philip Chen, Image encryption using a new parametric switching chaotic system, Signal Processing, 93(2013): 3039-3052. [19] Y. Zhou, L. Bao, C.L. Philip Chen, A new 1D chaotic system for image encryption, Signal Processing, 97(2014): 172-182. [20] X. Wang, D. Luan, A novel image encryption algorithm using chaos and reversible cellular automata, Commun Nonlinear Sci. Numer. Simulat., 18(2013): 3075-3085. [21] Z.-L. Zhu, W. Zhang, K.-W. Wong, H. Yu, A chaos-based symmetric image encryption scheme using a bit-level permutation, Information Sciences, 181(2011): 1171-1186. [22] L. Teng, X. Wang, A bit-level image encryption algorithm based on spatiotemporal chaotic system and self-adaptive, Optics Communications, 285(2012): 4048-4054. [23] W. Zhang, K.-W. Wong, H. Yu, Z.-L. Zhu, An image encryption scheme using lightweight bit-level confusion and cascade cross circular diffusion. Optics Commun., 285 (2012): 2343- 2354. [24] W. Zhang, K.-W. Wong, H. Yu, Z.-L. Zhu, A symmetric color image encryption algorithm using the intrinsic features of bit distributions. Commum. Nonliear Sci. Numer. Simulat., 18 (2013): 584-600. [25] G. J. Zhang, Q. Liu, A novel image encryption method based on total shuffling scheme, Optics Commun., 284(2011): 2775-2780 [26] X. Wang, L. Liu, Y. Zhang, A novel chaotic block image encryption algorithm based on dynamic random growth technique, Optics and Lasers in Engineering, 66(2015): 10-18. [27] J. Chen, Z. Zhu, C. Fu, H. Yu, L. Zhang, An efficient image encryption scheme using gray code based permutation approach, Optics and Lasers in Engineering,67(2015): 191-204.
[28] J. Chen, Z. Zhu, C. Fu, H. Yu, Y. Zhang, Reusing the permutation matrix by dynamically for efficient image cryptographic algorithm, Signal Processing, 111(2015): 294-307. [29] Y. Q. Zhang, X. Y. Wang, A new image encryption algorithm based on non-adjacent coupled map lattices , Applied Soft Computing, 26(2015): 10-20. [30] M. Hasler and Y. L. Maistrenko, An introduction to the synchronization of chaotic systems: coupled skew tent map, IEEE Transactions on Circuits and Systems, 44(1997): 856- 866. [31] R. Ye, W. Guo, A Chaos-based Image Encryption Scheme Using Multimodal Skew Tent Maps, Journal of Emerging Trends in Computing and Information Sciences, 4:10(2013): 800-810. [32] Y. Wang, K.W. Wong, X.F. Liao, G.R. Chen, A new chaos-based fast image encryption algorithm, Appl. Soft. Comput.,11(2011): 514-522. [33] M. Wu, An improved discrete Arnold transform and its application in image scrambling and encryption, Acta Phys. Sin., 63:9(2014): 090504. [34] G. Alvarez, S. Li, Some basic cryptographic requirements for chaos-based cryptosystem, International Journal of Bifurcation and Chaos, 16(2006): 2129-2151. [35] IEEE Computer Society, IEEE standard for binary floating-point arithmetic, ANSI/IEEE std. 1985:754-1985. [36] K. Wong, B. Kwok, W. Law, A fast image encryption scheme based on chaotic standard map, Physics Letters A, 372:15(2008), 2645-2652. [37] K. Wong, B. Kwok, C. Yuen, An efficient diffusion approach for chaos-based image encryption, Chaos, Solitons and Fractals, 41:5(2009): 2652-2663.
SECURING IEEE 802.11G WLAN USING OPEN VPN AND ITS IMPACT ANALYSIS Praveen Likhar, Ravi Shankar Yadav and Keshava Rao M Centre for Artificial Intelligence and Robotics (CAIR), Defence Research and Development Organisation (DRDO), Bangalore-93, India ABSTRACT Like most advances, wireless LAN poses both opportunities and risks. The evolution of wireless networking in recent years has raised many serious security issues. These security issues are of great concern for this technology as it is being subjected to numerous attacks. Because of the free-space radio transmission in wireless networks, eavesdropping becomes easy and consequently a security breach may result in unauthorized access, information theft, interference and service degradation. Virtual Private Networks (VPNs) have emerged as an important solution to security threats surrounding the use of public networks for private communications. While VPNs for wired line networks have matured in both research and commercial environments, the design and deployment of VPNs for WLAN is still an evolving field. This paper presents an approach to secure IEEE 802.11g WLAN using OpenVPN, a transport layer VPN solution and its impact on performance of IEEE 802.11g WLAN. KEYWORDS WLAN, IEEE 802.11g, VPN, Performance evaluation, Security. For More Details : http://airccse.org/journal/nsa/1111nsa07.pdf Volume Link : http://airccse.org/journal/jnsa11_current.html
REFERENCES [1] T. Karygiannis & L. Owens, (2002) “Wireless Network Security 802.11, Bluetooth and Handheld Devices”, National Institute of technology, Special Publication, pp 800–848. [2] Y. Zahur & T. A. Yang, (2004) “Wireless LAN Security and Laboratory Designs”, Journal of Computing Sciences in Colleges, vol. 19, pp 44– 60. [3] N. Borisov, I. Goldberg & D. Wagner, (2001) “Intercepting Mobile Communications: The Insecurity of 802.11”, Proceedings of the Seventh Annual International Conference on Mobile Computing and Networking. [4] D. B. Faria & D. R. Cheriton, (2002) “DoS and Authentication in Wireless Public Access Networks”, Proceedings of ACM Workshop on Wireless Security, pp 47–56. [5] W. A. Arbaugh, N. Shankar, J. Wang & K. Zhang, (2002) “Your 802.11 network has no clothes”, IEEE Wireless Communications Magazine. [6] S.R. Fluhrer, I. Mantin & A. Shamir, (2001) “Weaknesses in the Key Scheduling Algorithm of RC4”, Selected Areas in Cryptography, pp 1–24. [7] Adam Stubblefield, John Ioannidis & Aviel D. Rubin, (2001) “Using the Fluhrer, Mantin, and Shamir Attack to Break WEP”, AT&T Labs Technical Report TD-4ZCPZZ. [8] Jumnit hong & Raid Lemachheche, (2003) “WEP protocol Weaknesses and Vulnerabilities”, ECE 578 Computer Networks and Security. [9] OpenVPN, http://openvpn.net/ [10] Praveen Likhar, Ravi Shankar Yadav & Keshava Rao M, (2011) “Performance Evaluation of Transport Layer VPN on IEEE 802.11g WLAN”, Communications in Computer and information science, Springer-Verlag, vol. 197, pp 407– 415. [11] IEEE Std 802.11™-2007 (Revision of IEEE Std 802.11-199) [12] OpenSSL-The Open Source toolkit for SSL/TLS, http://www.openssl.org [13] Aircrack, http://www.aircrack-ng.org/ [14] Airpwn, http://sourceforge.net/projects/airpwn [15] Airsnarf, http://airsnarf.shmoo.com/ [16] BSD-Airtools, http://www.dachb0den.com/projects/bsd-airtools.html
[17] Dsniff, http://monkey.org/~dugsong/dsniff/ [18] Dstumbler, http://www.dachb0den.com/projects/dstumbler.html [19] Fake AP, http://www.blackalchemy.to/project/fakeap/ [20] KisMAC, http://binaervarianz.de/projekte/programmieren/kismac/ [21] Kismet, http://www.kismetwireless.net/ [22] MacIdChanger, http://www.codeproject.com/KB/applications/MacIdChanger.aspx [23] MacStumbler, http://www.macstumbler.com/ [24] Netstumbler, http://www.netstumbler.com/ [25] Wep0ff, http://www.ptsecurity.com/ [26] WEPCrack, http://sourceforge.net/projects/wepcrack [27] WEPWedgie, http://sourceforge.net/projects/wepwedgie/ [28] Wifitap, http://sid.rstack.org/static/articles/w/i/f/Wifitap_EN_9613.html [29] TUN-TAP, http://en.wikipedia.org/wiki/TUN/TAP [30] TUN-TAP FAQ, http://vtun.sourceforge.net/tun/faq.html [31] E. Stephan, (2005) “IP Performance Metrics (IIPM) Metrics Registry”, RFC 4148. [32] S. Bradner & J. McQuaid, (2005) “Benchmarking Methodology for Network Interconnect Devices”, RFC 2544. [33] G. Almes, S. Kalidindi, & M. Zekauskas (1999) “A One-way Delay Metric for IPPM”, RFC 2679. [34] G. Almes, S. Kalidindi, & M. Zekauskas (1999) “One Way Packet Loss Metric for IPPM”, RFC 2680. [35] C. Demichelis & P. Chimento, (2002) “IP Packet Delay Variation”, RFC 3393. [36] M. Feilner (2006) OpenVPN: Building and Integrating Virtual Private Networks, Packt Publishing.

Recomendados

TCP/IP Stack Configuration with Configuration Assistant for IBM z/OS CS
TCP/IP Stack Configuration with Configuration Assistant for IBM z/OS CSTCP/IP Stack Configuration with Configuration Assistant for IBM z/OS CS
TCP/IP Stack Configuration with Configuration Assistant for IBM z/OS CSzOSCommserver
 
z/OS Communications Server Overview
z/OS Communications Server Overviewz/OS Communications Server Overview
z/OS Communications Server OverviewzOSCommserver
 
The Scala Programming Language
The Scala Programming LanguageThe Scala Programming Language
The Scala Programming LanguageHaim Michael
 
Quick introduction to scala
Quick introduction to scalaQuick introduction to scala
Quick introduction to scalaMohammad Hossein Rimaz
 
Summer training presentation on "CORE JAVA".
Summer training presentation on "CORE JAVA".Summer training presentation on "CORE JAVA".
Summer training presentation on "CORE JAVA".SudhanshuVijay3
 
Advance java summer training report
Advance java summer training report Advance java summer training report
Advance java summer training report Nitesh Saini
 
WebSphere 8 Intro (pt-BR)
WebSphere 8 Intro (pt-BR)WebSphere 8 Intro (pt-BR)
WebSphere 8 Intro (pt-BR)Juarez Junior
 
z/OS V2.4 Preview: z/OS Container Extensions - Running Linux on Z docker cont...
z/OS V2.4 Preview: z/OS Container Extensions - Running Linux on Z docker cont...z/OS V2.4 Preview: z/OS Container Extensions - Running Linux on Z docker cont...
z/OS V2.4 Preview: z/OS Container Extensions - Running Linux on Z docker cont...zOSCommserver
 

Recomendados

TCP/IP Stack Configuration with Configuration Assistant for IBM z/OS CS
TCP/IP Stack Configuration with Configuration Assistant for IBM z/OS CSTCP/IP Stack Configuration with Configuration Assistant for IBM z/OS CS
TCP/IP Stack Configuration with Configuration Assistant for IBM z/OS CSzOSCommserver
 
z/OS Communications Server Overview
z/OS Communications Server Overviewz/OS Communications Server Overview
z/OS Communications Server OverviewzOSCommserver
 
The Scala Programming Language
The Scala Programming LanguageThe Scala Programming Language
The Scala Programming LanguageHaim Michael
 
Quick introduction to scala
Quick introduction to scalaQuick introduction to scala
Quick introduction to scalaMohammad Hossein Rimaz
 
Summer training presentation on "CORE JAVA".
Summer training presentation on "CORE JAVA".Summer training presentation on "CORE JAVA".
Summer training presentation on "CORE JAVA".SudhanshuVijay3
 
Advance java summer training report
Advance java summer training report Advance java summer training report
Advance java summer training report Nitesh Saini
 
WebSphere 8 Intro (pt-BR)
WebSphere 8 Intro (pt-BR)WebSphere 8 Intro (pt-BR)
WebSphere 8 Intro (pt-BR)Juarez Junior
 
z/OS V2.4 Preview: z/OS Container Extensions - Running Linux on Z docker cont...
z/OS V2.4 Preview: z/OS Container Extensions - Running Linux on Z docker cont...z/OS V2.4 Preview: z/OS Container Extensions - Running Linux on Z docker cont...
z/OS V2.4 Preview: z/OS Container Extensions - Running Linux on Z docker cont...zOSCommserver
 
z/OS 2.3 HiperSockets Converged Interface (HSCI) support
z/OS 2.3 HiperSockets Converged Interface (HSCI) supportz/OS 2.3 HiperSockets Converged Interface (HSCI) support
z/OS 2.3 HiperSockets Converged Interface (HSCI) supportzOSCommserver
 
Tide Brochure v1
Tide Brochure v1Tide Brochure v1
Tide Brochure v1Andy Childs
 
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX Features
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX FeaturesImplementation and Use of Generic VTAM Resources with Parallel SYSPLEX Features
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX FeaturesCA Technologies
 
Introduction to react native
Introduction to react nativeIntroduction to react native
Introduction to react nativeDani Akash
 
Report summer training core java
Report summer training core javaReport summer training core java
Report summer training core javaSudhanshuVijay3
 
A Project Report on Insurance System with Tracking Manager
A Project Report on Insurance System with Tracking Manager A Project Report on Insurance System with Tracking Manager
A Project Report on Insurance System with Tracking Manager Sachin Kariyattin
 
Android messaging application proposal
Android messaging application proposalAndroid messaging application proposal
Android messaging application proposalincisive jovial
 
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...Amazon Web Services
 
Sysplex in a Nutshell
Sysplex in a NutshellSysplex in a Nutshell
Sysplex in a NutshellzOSCommserver
 
Placement zone
Placement zonePlacement zone
Placement zoneShruti Dalela
 
OOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best PracticesOOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best Practicesvasuballa
 
Flux
FluxFlux
FluxŁukasz Kużyński
 
RPA Consultant Certified in UiPath and Automation Anywhere
RPA Consultant Certified in UiPath and Automation Anywhere RPA Consultant Certified in UiPath and Automation Anywhere
RPA Consultant Certified in UiPath and Automation Anywhere Pranay Sagar
 
Introduction to Scala
Introduction to ScalaIntroduction to Scala
Introduction to ScalaRahul Jain
 
Open APIs: What's Hot, What's Not?
Open APIs: What's Hot, What's Not?Open APIs: What's Hot, What's Not?
Open APIs: What's Hot, What's Not?John Musser
 
Web Services ppt
Web Services pptWeb Services ppt
Web Services pptOECLIB Odisha Electronics Control Library
 
Industrial Training report on java
Industrial Training report on javaIndustrial Training report on java
Industrial Training report on javaSoftvision Info Solutions Private Limited
 
Java project
Java projectJava project
Java projectRishabh Jain
 
Summer training report on java se6 technology
Summer training report on java se6 technologySummer training report on java se6 technology
Summer training report on java se6 technologyShamsher Ahmed
 
INTERNSHIP REPORT
INTERNSHIP REPORTINTERNSHIP REPORT
INTERNSHIP REPORTMufaddal Vasi
 
July 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
May 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsMay 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 

Más contenido relacionado

La actualidad más candente

z/OS 2.3 HiperSockets Converged Interface (HSCI) support
z/OS 2.3 HiperSockets Converged Interface (HSCI) supportz/OS 2.3 HiperSockets Converged Interface (HSCI) support
z/OS 2.3 HiperSockets Converged Interface (HSCI) supportzOSCommserver
 
Tide Brochure v1
Tide Brochure v1Tide Brochure v1
Tide Brochure v1Andy Childs
 
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX Features
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX FeaturesImplementation and Use of Generic VTAM Resources with Parallel SYSPLEX Features
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX FeaturesCA Technologies
 
Introduction to react native
Introduction to react nativeIntroduction to react native
Introduction to react nativeDani Akash
 
Report summer training core java
Report summer training core javaReport summer training core java
Report summer training core javaSudhanshuVijay3
 
A Project Report on Insurance System with Tracking Manager
A Project Report on Insurance System with Tracking Manager A Project Report on Insurance System with Tracking Manager
A Project Report on Insurance System with Tracking Manager Sachin Kariyattin
 
Android messaging application proposal
Android messaging application proposalAndroid messaging application proposal
Android messaging application proposalincisive jovial
 
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...Amazon Web Services
 
Sysplex in a Nutshell
Sysplex in a NutshellSysplex in a Nutshell
Sysplex in a NutshellzOSCommserver
 
OOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best PracticesOOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best Practicesvasuballa
 
RPA Consultant Certified in UiPath and Automation Anywhere
RPA Consultant Certified in UiPath and Automation Anywhere RPA Consultant Certified in UiPath and Automation Anywhere
RPA Consultant Certified in UiPath and Automation Anywhere Pranay Sagar
 
Introduction to Scala
Introduction to ScalaIntroduction to Scala
Introduction to ScalaRahul Jain
 
Open APIs: What's Hot, What's Not?
Open APIs: What's Hot, What's Not?Open APIs: What's Hot, What's Not?
Open APIs: What's Hot, What's Not?John Musser
 
Summer training report on java se6 technology
Summer training report on java se6 technologySummer training report on java se6 technology
Summer training report on java se6 technologyShamsher Ahmed
 

La actualidad más candente (20)

z/OS 2.3 HiperSockets Converged Interface (HSCI) support
z/OS 2.3 HiperSockets Converged Interface (HSCI) supportz/OS 2.3 HiperSockets Converged Interface (HSCI) support
z/OS 2.3 HiperSockets Converged Interface (HSCI) support
 
Tide Brochure v1
Tide Brochure v1Tide Brochure v1
Tide Brochure v1
 
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX Features
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX FeaturesImplementation and Use of Generic VTAM Resources with Parallel SYSPLEX Features
Implementation and Use of Generic VTAM Resources with Parallel SYSPLEX Features
 
Introduction to react native
Introduction to react nativeIntroduction to react native
Introduction to react native
 
Report summer training core java
Report summer training core javaReport summer training core java
Report summer training core java
 
A Project Report on Insurance System with Tracking Manager
A Project Report on Insurance System with Tracking Manager A Project Report on Insurance System with Tracking Manager
A Project Report on Insurance System with Tracking Manager
 
Android messaging application proposal
Android messaging application proposalAndroid messaging application proposal
Android messaging application proposal
 
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...
AWS re:Invent 2016: Case Study: How Monsanto Uses Amazon EFS with Their Large...
 
Sysplex in a Nutshell
Sysplex in a NutshellSysplex in a Nutshell
Sysplex in a Nutshell
 
Placement zone
Placement zonePlacement zone
Placement zone
 
OOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best PracticesOOW15 - Oracle E-Business Suite Integration Best Practices
OOW15 - Oracle E-Business Suite Integration Best Practices
 
Flux
FluxFlux
Flux
 
RPA Consultant Certified in UiPath and Automation Anywhere
RPA Consultant Certified in UiPath and Automation Anywhere RPA Consultant Certified in UiPath and Automation Anywhere
RPA Consultant Certified in UiPath and Automation Anywhere
 
Introduction to Scala
Introduction to ScalaIntroduction to Scala
Introduction to Scala
 
Open APIs: What's Hot, What's Not?
Open APIs: What's Hot, What's Not?Open APIs: What's Hot, What's Not?
Open APIs: What's Hot, What's Not?
 
Web Services ppt
Web Services pptWeb Services ppt
Web Services ppt
 
Industrial Training report on java
Industrial Training report on javaIndustrial Training report on java
Industrial Training report on java
 
Java project
Java projectJava project
Java project
 
Summer training report on java se6 technology
Summer training report on java se6 technologySummer training report on java se6 technology
Summer training report on java se6 technology
 
INTERNSHIP REPORT
INTERNSHIP REPORTINTERNSHIP REPORT
INTERNSHIP REPORT
 

Similar a January 2021 - Top 10 Read Articles in Network Security & Its Applications

July 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
May 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsMay 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
June 2021 - Top 10 Read Articles in Network Security and Its Applications
June 2021 - Top 10 Read Articles in Network Security and Its ApplicationsJune 2021 - Top 10 Read Articles in Network Security and Its Applications
June 2021 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...IJNSA Journal
 
September 2021: Top 10 Read Articles in Network Security and Its Applications
September 2021: Top 10 Read Articles in Network Security and Its ApplicationsSeptember 2021: Top 10 Read Articles in Network Security and Its Applications
September 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
Most cited articles in academia - International journal of network security &...
Most cited articles in academia - International journal of network security &...Most cited articles in academia - International journal of network security &...
Most cited articles in academia - International journal of network security &...IJNSA Journal
 
March 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsMarch 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
April 2024 - Top 10 Read Articles in Network Security & Its Applications
April 2024 - Top 10 Read Articles in Network Security & Its ApplicationsApril 2024 - Top 10 Read Articles in Network Security & Its Applications
April 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
January 2024 - Top 10 Read Articles in Network Security & Its Applications
January 2024 - Top 10 Read Articles in Network Security & Its ApplicationsJanuary 2024 - Top 10 Read Articles in Network Security & Its Applications
January 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
February 2024 - Top 10 Read Articles in Network Security & Its Applications
February 2024 - Top 10 Read Articles in Network Security & Its ApplicationsFebruary 2024 - Top 10 Read Articles in Network Security & Its Applications
February 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
March 2022 - Top 10 Read Articles in Network Security and Its Applications
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsMarch 2022 - Top 10 Read Articles in Network Security and Its Applications
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
April 2023: Top 10 Read Articles in Network Security and Its Applications
April 2023: Top 10 Read Articles in Network Security and Its Applications April 2023: Top 10 Read Articles in Network Security and Its Applications
April 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
May 2023: Top 10 Read Articles in Network Security and Its Applications
May 2023: Top 10 Read Articles in Network Security and Its ApplicationsMay 2023: Top 10 Read Articles in Network Security and Its Applications
May 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
June 2023: Top 10 Read Articles in Network Security and Its Applications
June 2023: Top 10 Read Articles in Network Security and Its ApplicationsJune 2023: Top 10 Read Articles in Network Security and Its Applications
June 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
July 2022 - Top 10 Read Articles in Network Security & Its Applications
July 2022 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2022 - Top 10 Read Articles in Network Security & Its Applications
July 2022 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 
December 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsDecember 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
June 2022: Top 10 Read Articles in Network Security and Its Applications
June 2022: Top 10 Read Articles in Network Security and Its ApplicationsJune 2022: Top 10 Read Articles in Network Security and Its Applications
June 2022: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
May 2022: Top 10 Read Articles in Network Security and Its Applications
May 2022: Top 10 Read Articles in Network Security and Its ApplicationsMay 2022: Top 10 Read Articles in Network Security and Its Applications
May 2022: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
January 2023: Top 10 Read Articles in Network Security and Its Applications
January 2023: Top 10 Read Articles in Network Security and Its ApplicationsJanuary 2023: Top 10 Read Articles in Network Security and Its Applications
January 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
 
October 2022: Top 10 Read Articles in Network Security & Its Applications
October 2022: Top 10 Read Articles in Network Security & Its ApplicationsOctober 2022: Top 10 Read Articles in Network Security & Its Applications
October 2022: Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
 

Similar a January 2021 - Top 10 Read Articles in Network Security & Its Applications (20)

July 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2021 - Top 10 Read Articles in Network Security & Its Applications
July 2021 - Top 10 Read Articles in Network Security & Its Applications
 
May 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsMay 2021: Top 10 Read Articles in Network Security and Its Applications
May 2021: Top 10 Read Articles in Network Security and Its Applications
 
June 2021 - Top 10 Read Articles in Network Security and Its Applications
June 2021 - Top 10 Read Articles in Network Security and Its ApplicationsJune 2021 - Top 10 Read Articles in Network Security and Its Applications
June 2021 - Top 10 Read Articles in Network Security and Its Applications
 
Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...Most Downloaded article for an year in academia - International Journal of Ne...
Most Downloaded article for an year in academia - International Journal of Ne...
 
September 2021: Top 10 Read Articles in Network Security and Its Applications
September 2021: Top 10 Read Articles in Network Security and Its ApplicationsSeptember 2021: Top 10 Read Articles in Network Security and Its Applications
September 2021: Top 10 Read Articles in Network Security and Its Applications
 
Most cited articles in academia - International journal of network security &...
Most cited articles in academia - International journal of network security &...Most cited articles in academia - International journal of network security &...
Most cited articles in academia - International journal of network security &...
 
March 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsMarch 2024 - Top 10 Read Articles in Network Security & Its Applications
March 2024 - Top 10 Read Articles in Network Security & Its Applications
 
April 2024 - Top 10 Read Articles in Network Security & Its Applications
April 2024 - Top 10 Read Articles in Network Security & Its ApplicationsApril 2024 - Top 10 Read Articles in Network Security & Its Applications
April 2024 - Top 10 Read Articles in Network Security & Its Applications
 
January 2024 - Top 10 Read Articles in Network Security & Its Applications
January 2024 - Top 10 Read Articles in Network Security & Its ApplicationsJanuary 2024 - Top 10 Read Articles in Network Security & Its Applications
January 2024 - Top 10 Read Articles in Network Security & Its Applications
 
February 2024 - Top 10 Read Articles in Network Security & Its Applications
February 2024 - Top 10 Read Articles in Network Security & Its ApplicationsFebruary 2024 - Top 10 Read Articles in Network Security & Its Applications
February 2024 - Top 10 Read Articles in Network Security & Its Applications
 
March 2022 - Top 10 Read Articles in Network Security and Its Applications
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsMarch 2022 - Top 10 Read Articles in Network Security and Its Applications
March 2022 - Top 10 Read Articles in Network Security and Its Applications
 
April 2023: Top 10 Read Articles in Network Security and Its Applications
April 2023: Top 10 Read Articles in Network Security and Its Applications April 2023: Top 10 Read Articles in Network Security and Its Applications
April 2023: Top 10 Read Articles in Network Security and Its Applications
 
May 2023: Top 10 Read Articles in Network Security and Its Applications
May 2023: Top 10 Read Articles in Network Security and Its ApplicationsMay 2023: Top 10 Read Articles in Network Security and Its Applications
May 2023: Top 10 Read Articles in Network Security and Its Applications
 
June 2023: Top 10 Read Articles in Network Security and Its Applications
June 2023: Top 10 Read Articles in Network Security and Its ApplicationsJune 2023: Top 10 Read Articles in Network Security and Its Applications
June 2023: Top 10 Read Articles in Network Security and Its Applications
 
July 2022 - Top 10 Read Articles in Network Security & Its Applications
July 2022 - Top 10 Read Articles in Network Security & Its ApplicationsJuly 2022 - Top 10 Read Articles in Network Security & Its Applications
July 2022 - Top 10 Read Articles in Network Security & Its Applications
 
December 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsDecember 2021: Top 10 Read Articles in Network Security and Its Applications
December 2021: Top 10 Read Articles in Network Security and Its Applications
 
June 2022: Top 10 Read Articles in Network Security and Its Applications
June 2022: Top 10 Read Articles in Network Security and Its ApplicationsJune 2022: Top 10 Read Articles in Network Security and Its Applications
June 2022: Top 10 Read Articles in Network Security and Its Applications
 
May 2022: Top 10 Read Articles in Network Security and Its Applications
May 2022: Top 10 Read Articles in Network Security and Its ApplicationsMay 2022: Top 10 Read Articles in Network Security and Its Applications
May 2022: Top 10 Read Articles in Network Security and Its Applications
 
January 2023: Top 10 Read Articles in Network Security and Its Applications
January 2023: Top 10 Read Articles in Network Security and Its ApplicationsJanuary 2023: Top 10 Read Articles in Network Security and Its Applications
January 2023: Top 10 Read Articles in Network Security and Its Applications
 
October 2022: Top 10 Read Articles in Network Security & Its Applications
October 2022: Top 10 Read Articles in Network Security & Its ApplicationsOctober 2022: Top 10 Read Articles in Network Security & Its Applications
October 2022: Top 10 Read Articles in Network Security & Its Applications
 

Último

Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Standamitlee9823
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXssuser89054b
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLPVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLManishPatel169454
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptDineshKumar4165
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringmulugeta48
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordAsst.prof M.Gokilavani
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...tanu pandey
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VDineshKumar4165
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueBhangaleSonal
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapRishantSharmaFr
 

Último (20)

Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLPVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Wakad Call Me 7737669865 Budget Friendly No Advance Booking
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineering
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
Bhosari ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For ...
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Ramesh Nagar Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 

January 2021 - Top 10 Read Articles in Network Security & Its Applications

  • 1. Network Security and Its Applications Top 10 Read Articles in January 2021 International Journal of Network Security & Its Applications (IJNSA) http://airccse.org/journal/ijnsa.html ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
  • 2. SECURITY & PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS Faheem Masoodi1 Shadab Alam2 and Shams Tabrez Siddiqui2 1 Department of Computer Science, University of Kashmir, J&k, India 2 Department of Computer Science, Jazan University, KSA ABSTRACT The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures. KEYWORDS Internet of Things, privacy, attacks, security, threats, protocols. For More Details : http://aircconline.com/ijnsa/V11N2/11219ijnsa05.pdf Volume Link : http://airccse.org/journal/jnsa19_current.html
  • 3. REFERENCES [1] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of things (IoT): a vision, architectural elements, and future directions, Future Gener. Comput. Syst. 29 (7) (2013) 1645– 1660. [2] Roman, R., Najera, P., Lopez, J., 2011. Securing the internet of things. Computer 44 (9), 51_58. [3] Horrow, S., and Anjali, S. (2012). Identity Management Framework for Cloud-Based Internet of Things. SecurIT ’12 Proceedings of the First International Conference on Security of Internet of Things, 200– 203. 2012 [4] Whitmore, A., Agarwal, A., and Da Xu, L. (2014). The Internet of Things: A survey of topics and trends. Information Systems Frontiers, 17(2), 261– 274. [5] Aazam, M., St-Hilaire, M., Lung, C.-H., and Lambadaris, I. (2016). PRE-Fog: IoT trace based probabilistic resource estimation at Fog. 2016 13th IEEE Annual Consumer Communications and Networking Conference (CCNC), 12– 17. [6] Jiang, H., Shen, F., Chen, S., Li, K. C., and Jeong, Y. S. (2015). A secure and scalable storage system for aggregate data in IoT. Future Generation Computer Systems, 49, 133– 141. [7] Li, S., Tryfonas, T., and Li, H. (2016). The Internet of Things: a security point of view. Internet Research, 26(2), 337– 359. [8] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Communications Surveys Tutorials, 17(4):2347–2376, Fourth quarter 2015. [9] Pongle, P., and Chavan, G. (2015). A survey: Attacks on RPL and 6LoWPAN in IoT. 2015 International Conference on Pervasive Computing: Advance Communication Technology and Application for Society, ICPC 2015, 0(c), 0–5. [10] Tsai, C.-W., Lai, C.-F., and Vasilakos, A. V. (2014). Future Internet of Things: open issues and challenges. Wireless Networks, 20(8), 2201–2217. [11] V. Karagiannis, P. Chatzimisios, F. Vazquez-Gallego, and J. Alonso-Zarate, "A survey on application layer protocols for the internet of things," Transaction on IoT and Cloud Computing, vol. 3, no. 1, pp. 11-17, 2015 [12] D. Locke, "MQ telemetry transport (MQTT) v3. 1 protocol specification," IBM Developer WorksTechnicalLibrary,2010, http://www.ibm.com/developerworks/webservices/library/wsmqtt/index.html
  • 4. [13] M. Singh, M. Rajan, V. Shivraj, and P. Balamuralidhar, "Secure MQTT for the Internet of Things (IoT)," in Fifth International Conference on Communication Systems and Network Technologies (CSNT 2015), April 2015, pp. 746-751. [14] OASIS, "OASIS Advanced Message Queuing Protocol (AMQP) Version 1.0," 2012, http://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-complete-v1.0-os.pdf [15] T. Winter, et al., "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks," IETF RFC 6550, Mar. 2012, http://www.ietf.org/rfc/rfc6550.txt [16] A. Aijaz and A. Aghvami, "Cognitive machine-to-machine communications for internet-of- things: A protocol stack perspective," IEEE Internet of Things Journal, vol. 2, no. 2, pp. 103-112, April 2015, [17] http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=7006643 [18] Z. Zhou, B. Yao, R. Xing, L. Shu, and S. Bu, "E-CARP: An energy-efficient routing protocol for UWSNs on the internet of underwater things," IEEE Sensors Journal, vol. PP, no. 99, 2015, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7113774 [19] D. Dujovne, T. Watteyne, X. Vilajosana, and P. Thubert, "6TiSCH: Deterministic IP- enabled industrial internet (of things)," IEEE Communications Magazine, vol. 52, no.12, pp. 36- 41, December 2014, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6979984 [20] M. Hasan, E. Hossain, D. Niyato, "Random access for machine-to-machine communication in LTEadvanced networks: issues and approaches," in IEEE Communications Magazine, vol. 51, no. 6, pp.86-93, June 2013, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6525600 [21] Z-Wave, "Z-Wave Protocol Overview," v. 4, May 2007, https://wiki.ase.tut.fi/courseWiki/imges/9/94/SDS10243_2_Z_Wave_Protocol_Overview.pdf [22] ZigBee Standards Organization, “ZigBee Specification,” Document 053474r17, Jan 2008, 604 pp., http://home.deib.polimi.it/cesana/teaching/IoT/papers/ZigBee/ZigBeeSpec.pdf [23] O. Cetinkaya and O. Akan, "A dash7-based power metering system," in 12th Annual IEEE Consumer Communications and Networking Conference (CCNC), Jan 2015, pp. 406-411, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=7158010 [24] Zhang, Zhi-Kai, et al. ”IoT security: ongoing challenges and research opportunities.” ServiceOriented Computing and Applications (SOCA), 2014 IEEE 7th International Conference on. IEEE, 2014. [28] D. Migault, D. Palomares, E. Herbert, W. You, G. Ganne, G. Arfaoui, and M. Laurent, “E2E: An Optimized IPsec Architecture for Secure And Fast Offload,” in Seventh International Conference on Availability, Reliability and Security E2E: 2012.
  • 5. [26] Abomhara, Mohamed, and Geir M. Køien. ”Security and privacy in the Internet of Things: Current status and open issues.” Privacy and Security in Mobile Systems (PRISMS), 2014 International Conference on. IEEE, 2014. [27] B. L. Suto, “Analyzing the Accuracy and Time Costs of Web Application Security Scanners,” San Fr., no. October 2007, 2010. [28] O. El Mouaatamid, M. LahmerInternet of Things security: layered classification of attacks and possible countermeasures Electron J (9) (2016). [29] Seda F. Gürses/Bettina Berendt/Thomas Santen, Multilateral Security Requirements Analysis for Preserving Privacy in Ubiquitous Environments, in Bettina Berendt/Ernestina Menasalvas (eds), Workshop on Ubiquitous Knowledge Discovery for Users (UKDU '06), at 51– 64; [30] Stankovic, J. (2014). Research directions for the internet of things. IEEE Internet of Things Journal, 1(1), 3–9 [31] Sicari, Sabrina, et al. "Security, privacy and trust in the Internet of Things: The road ahead." Computer Networks76 (2015): 146-164. [32]https://www.cso.com.au/article/575407/internet-things-iot-threats-countermeasures/ Accessed on 15-03-2019 [33] Bokhari, Mohammad Ubaidullah, and Faheem Masoodi. "Comparative analysis of structures and attacks on various stream ciphers." Proceedings of the 4th National Conference. 2010.
  • 6. A CONCEPTUAL SECURE BLOCKCHAIN- BASED ELECTRONIC VOTING SYSTEM Ahmed Ben Ayed Department of Engineering and Computer Science, Colorado Technical University, Colorado Springs, Colorado, USA ABSTRACT Blockchain is offering new opportunities to develop new types of digital services. While research on the topic is still emerging, it has mostly focused on the technical and legal issues instead of taking advantage of this novel concept and creating advanced digital services. In this paper, we are going to leverage the open source Blockchain technology to propose a design for a new electronic voting system that could be used in local or national elections. The Blockchain-based system will be secure, reliable, and anonymous, and will help increase the number of voters as well as the trust of people in their governments. KEYWORDS Blockchain, Electronic Voting System, e-Voting, I-Voting, iVote For More Details : https://aircconline.com/ijnsa/V9N3/9317ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa17_current.html
  • 7. REFERENCES [1] Madise, Ü. Madise and T. Martens, “E-voting in Estonia 2005. The first practice of country- wide binding Internet voting in the world.”,Electronic voting, 2nd International Workshop, Bregenz, Austria,(2006) August 2-4. [2] J. Gerlach and U. Grasser, “Three Case Studies from Switzerland: E-voting”, Berkman Center Research Publication, (2009). [3] I. S. G. Stenerud and C. Bull, “When reality comes knocking Norwegian experiences with verifiable electronic voting”, Electronic Voting. Vol. 205. (2012), pp. 21-33. [4] C. Meter and A. Schneider and M. Mauve, “Tor is not enough: Coercion in Remote Electronic Voting Systems. arXiv preprint. (2017). [5] D. L. Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”, Communication of the ACM. Vol. 24(2). (1981), pp. 84-90. [6] T. ElGamal, “A public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms”, IEEE Trans. Info. Theory. Vol. 31. (1985), pp. 469-472. [7] S. Ibrahim and M. Kamat and M. Salleh and S. R. A. Aziz, “Secure E-Voting with Blind Signature”, Proceeding of the 4th National Conference of Communication Technology, Johor, Malaysia, (2003) January 14-15. [8] J. Jan and Y. Chen and Y. Lin, “The Design of Protocol for e-Voting on the Internet”, Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security Technology, London, England, (2001) October 16-19. [9] D. L. Dill and A.D. Rubin, “E-Voting Security”, Security and Privacy Magazine, Vol. 2(1). (2004), pp. 22-23. [10] D. Evans and N. Paul, “Election Security: Perception and Reality”. IEEE Privacy Magazine, vol. 2(1). (2004), pp. 2-9. [11] Trueb Baltic, “Estonian Electronic ID – Card Application Specification Prerequisites to the Smart Card Differentiation to previous Version of EstEID Card Application.” http://www.id.ee/public/TBSPEC-EstEID-Chip-App-v3_5-20140327.pdf [12] Cybernetica. “Internet Voting Solution.” https://cyber.ee/uploads/2013/03/cyber_ivoting_NEW2_A4_web.pdf. [13] D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine, and J. A. Halderman, “Security Analysis of the Estonian Internet Voting System.” Proceedings of the
  • 8. 2014 ACM SIGSAC Conference on Computer and Communications Security. (2014), pp. 703-715. [14] Ministry of Local Government and Modernisation. “Internet Voting Pilot to be Discontinued.” https://www.regjeringen.no/en/aktuelt/Internet-voting-pilot-to-be- discontinued/id764300/ [15] J. A. Halderman, and V. Teague, “The New South Wales iVote System: Security Failures and Verifications Flaws in a Live Online Election.” International Conference on E-Voting and Identity. (2015), pp. 35-53. [16] S. Wolchok, E. Wustrow, D. Isabel, J. A. Halderman, “Attacking the Washington, DC Internet Voting System.” International Conference on Financial Cryptography and Data Security (2012), pp. 114-128. [17] National Institute of Standards and Technology, “Federal Information Processing Standards Publication”, (2012). [18] S. Nakamoto, “A Peer-to-Peer Electronic Cash System”, (2008). [19] F. Reid and M. Harrigan, “An Analysis of Anonymity in the Bitcoin System”, Security and Privacy in Social Networks. (2013), pp. 1-27. [20] S. Raval, “Decentralized Applications: Harnessing Bitcoin’s Blockchain Technology.” O’Reilly Media, Inc. Sebastopol, California (2016). [21] J. R. Douceur, “The Sybil Attack”, International Workshop on Peer-to-Peer Systems, (2002), pp. 251-260. AUTHORS Ahmed Ben Ayed, has received his Bachelor of Science in Computer Information Systems, Master of Science in Cyber Security and Information Assurance, and currently a doctoral student at Colorado Technical University, and an Adjunct Professor at California Takshila University. His research interests are Android Security, Pattern Recognition of Malicious Applications, Machine Learning, Cryptography, Information & System Security and Cyber Security.
  • 9. MINING PATTERNS OF SEQUENTIAL MALICIOUS APIS TO DETECT MALWARE Abdurrahman Pektaş1 , Elif Nurdan Pektaş2 and Tankut Acarman1 1 Department of Computer Engineering, Galatasaray University, İstanbul, Turkey 2 Siemens Turkey, Yakack Caddesi No: 111, 34870 Kartal, Istanbul, Turkey ABSTRACT In the era of information technology and connected world, detecting malware has been a major security concern for individuals, companies and even for states. The New generation of malware samples upgraded with advanced protection mechanism such as packing, and obfuscation frustrate anti-virus solutions. API call analysis is used to identify suspicious malicious behavior thanks to its description capability of a software functionality. In this paper, we propose an effective and efficient malware detection method that uses sequential pattern mining algorithm to discover representative and discriminative API call patterns. Then, we apply three machine learning algorithms to classify malware samples. Based on the experimental results, the proposed method assures favorable results with 0.999 F-measure on a dataset including 8152 malware samples belonging to 16 families and 523 benign samples. KEYWORDS Android, Malware, Frequent Sequence Mining, Behavioural Pattern, API Calls, Dynamic Analysis For More Details : http://aircconline.com/ijnsa/V10N4/10418ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa18_current.html
  • 10. REFERENCES [1] Statcounter: Operating system market share worldwide, (2018). http://gs.statcounter.com/os- marketshare#monthly-201801-201801-bar. [Online; accessed 7-October-2017]. [2] Ilsun You & Kangbin Yim (2010) “Malware obfuscation techniques: A brief survey”, Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010 International Conference on, pp297– 300. [3] 2016 Symantec Security Report, Internet: https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf, 29.06.2018. [4] Abdurrahman Pektas & Tankut Acarman (2018) “Malware classification based on api calls and behavior analysis”, IET Information Security, Vol. 12, No.2, pp 107-117. [5] Abdurrahman Pektas & Tankut Acarman (2014) “A dynamic malware analyzer against virtual machine aware malicious software”, Security and Communication Networks, Vol. 7, No.12, pp2245–2257. [6] Nizar R Mabroukeh & Christie I Ezeife (2010) “A taxonomy of sequential pattern mining algorithms”, ACM Computing Surveys (CSUR), Vol. 43, No.1:3. [7] Philippe Fournier-Viger & Jerry Chun-Wei Lin & Rage Uday Kiran & Yun Sing Koh & Rincy Thomas (2017) “A survey of sequential pattern mining”, Data Science and Pattern Recognition, Vol.1, No.1, pp54–77. [8] Yong Qiao & Jie He & Yuexiang Yang & Lin Ji (2013) “Analyzing malware by abstracting the frequent itemsets in api call sequences”,Trust, Security and Privacy in Computing and Communications (TrustCom), 2013 12th IEEE International Conference on, pp.265–270. [9] Youngjoon Ki & Eunjin Kim & Huy Kang Kim (2015) “A novel approach to detect malware based on api call sequence analysis”, International Journal of Distributed Sensor Networks, Vol. 11, No.6,pp:95-10. [10] In Kyeom Cho & Eul Gyu Im (2015), “Extracting representative api patterns of malware families using multiple sequence alignments”, In Proceedings of the 2015 Conference on research in adaptive and convergent systems, pp.308–313. [11] Winfried Just (2001) “Computational complexity of multiple sequence alignment with sp- score”, Journal of computational biology, Vol. 8, No. 6. pp. 615–623. [12] Lusheng Wang & Tao Jiang (1994), “On the complexity of multiple sequence alignment”, Journal of computational biology, Vol. 1, No.4, p.337–348. [13] Yujie Fan &Yanfang Ye & Lifei Chen (2016), “Malicious sequential pattern mining for automatic malware detection”, Expert Systems with Applications, Vol.52, pp.16–25.
  • 11. [14] Iltaek Kwon & Eul Gyu Im (2017), “Extracting the representative api call patterns of malware families using recurrent neural network”, In Proceedings of the International Conference on Research in Adaptive and Convergent Systems, pp.202–207. [15] Canfora, G., Mercaldo, F., & Visaggio, C. A. (2016). An hmm and structural entropy based detector for android malware: An empirical study. Computers & Security, 61, 1-18. [16] Salehi, Z., Sami, A., & Ghiasi, M. (2017). MAAR: Robust features to detect malicious activity based on API calls, their arguments and return values. Engineering Applications of Artificial Intelligence, 59, 93-102. [17] Shijo, P. V., & Salim, A. (2015). Integrated static and dynamic analysis for malware detection. Procedia Computer Science, 46, 804-811. [18] Cuckoo Sandbox, Internet: https://cuckoosandbox.org/, 29.06.2018. [19] Virustotal, Internet: https://www.virustotal.com/, 29.06.2018. [20] Payam Refaeilzadeh & Lei Tang & Huan Liu (2009) “Cross-validation”, In Encyclopedia of database systems, pp.532–538, Springer. [21] A. Barthels, Behavior-based Malware Detection, Faculty of Informatics, The Technical University of Munich, Master Thesis, 2009. [22] Chand, C., Thakkar, A., & Ganatra, A. (2012). Sequential pattern mining: Survey and current research challenges. International Journal of Soft Computing and Engineering, 2(1), 185- 193. [23] Parikh, M., Chaudhari, B., & Chand, C. (2013). A comparative study of sequential pattern mining algorithms. International Journal of Application or Innovation in Engineering & Management (IJAIEM), 2(2). [24] Mooney, C. H., & Roddick, J. F. (2013). Sequential pattern mining--approaches and algorithms. ACM Computing Surveys (CSUR), 45(2), 19. [25] Ramakrishnan Srikant & Rakesh Agrawal (1996), “Mining sequential patterns: Generalizations and performance improvements”, In International Conference on Extending Database Technology, pp.1–17, Springer. [26] Jay Ayres & Jason Flannick & Johannes Gehrke & Tomi Yiu (2002) “Sequential pattern mining using a bitmap representation”, In Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp.429–435. [27] Mohammed J Zaki. Spade (2001) “An efficient algorithm for mining frequent sequences. Machine learning”, Vol.42, No.1-2, pp.31–60.
  • 12. [28] Philippe Fournier-Viger &Antonio Gomariz & Ted Gueniche &Azadeh Soltani & Cheng- Wei Wu & Vincent S Tseng (2014) “Spmf: a java open-source pattern mining library”, The Journal of Machine Learning Research, Vol.15, No.1, pp.3389–3393. [29] SPMF library, Internet: http://www.philippe-fournier-viger.com/spmf/, 29.06.2018. [30] Philippe Fournier-Viger & Antonio Gomariz & Manuel Campos & Rincy Thomas (2014) “Fast vertical mining of sequential patterns using co-occurrence information”, In Pacific-Asia Conference on Knowledge Discovery and Data Mining, pp.40–52, Springer. [31] Gandotra, E., Bansal, D., & Sofat, S. (2014). Malware analysis and classification: A survey. Journal of Information Security, 5(02), 56. [32] Leo Breiman (2001) “Random forests”, Machine learning, Vol.45, No.1, pp.5–32. [33] Padraig Cunningham & Sarah Jane Delany (2007) “k-nearest neighbour classifiers”, Multiple Classifier Systems, Vol.34, pp.1–17. [34] Marti A. Hearst & Susan T Dumais & Edgar Osuna & John Platt & Bernhard Scholkopf (1998), “Support vector machines”, IEEE Intelligent Systems and their applications, Vol. 13, No.4, pp.18–28. [35] Fabian Pedregosa & Gaël Varoquaux &Alexandre Gramfort & Vincent Michel & Bertrand Thirion & Olivier Grisel & Mathieu Blondel & Peter Prettenhofer &Ron Weiss &Vincent Dubourg (2011) “Scikit-learn: Machine learning in python”, Journal of machine learning research, Vol. 12, pp.2825–2830. [36] Hossin, M., & Sulaiman, M. N. (2015). A review on evaluation metrics for data classification evaluations. International Journal of Data Mining & Knowledge Management Process, 5(2), 1. [37] Yiming Yang (1999) “An evaluation of statistical approaches to text categorization”, Information retrieval, Vol.1, No. 1-2, pp.69–90. [38] Thomas G Dietterich (1998), “Approximate statistical tests for comparing supervised classification learning algorithms”, Neural computation, Vol.10, No.7, pp.1895–1923. AUTHORS Abdurrahman Pektaş received his B.Sc. and M Sc. at Galatasaray University and his PhD at the University of Joseph Fourier, all in computer engineering, in 2009, 2012 and 2015, respectively. He is a senior researcher at Galatasaray University. His research interests are analysis, detection and classification of malicious software, machine learning and security analysis tool development.
  • 13. Elif Nurdan Pektaş received his B.Sc. and M Sc. at Galatasaray University all in computer engineering, in 2010, and 2014, respectively. She is leading software developer at Siemens Turkey. Her research interests are developing IoT based applications, deep learning, cloud based application and automated testing. Tankut Acarman received his Ph.D. degree in Electrical and Computer engineering from the Ohio State University in 2002. He is professor and head of computer engineering department at Galatasaray University in Istanbul, Turkey. His research interests lie along all aspects of autonomous s ystems, intelligent vehicle technologies and security. He is the co-author of the book entitled “Autonomous Ground.
  • 14. PLEDGE: A POLICY-BASED SECURITY PROTOCOL FOR PROTECTING CONTENT ADDRESSABLE STORAGE ARCHITECTURES Wassim Itani Ayman Kayssi Ali Chehab Department of Electrical and Computer Engineering American University of Beirut Beirut 1107 2020, Lebanon ABSTRACT In this paper we present PLEDGE, an efficient and scalable security ProtocoL for protecting fixedcontent objects in contEnt aDdressable storaGe (CAS) architEctures. PLEDGE follows an end-to-end policy-driven security approach to secure the confidentiality, integrity, and authenticity of fixed-content entities over the enterprise network links and in the nodes of the CAS device. It utilizes a customizable and configurable extensible mark-up language (XML) security policy to provide flexible, multi-level, and fine-grained encryption and hashing methodologies to fixed content CAS entities. PLEDGE secures data objects based on their content and sensitivity and highly overcomes the performance of bulk and raw encryption protocols such as the Secure Socket Layer (SSL) and the Transport Layer Security (TLS) protocols. Moreover, PLEDGE transparently stores sensitive objects encrypted (partially or totally) in the CAS storage nodes without affecting the CAS storage system operation or performance and takes into consideration the processing load, computing power, and memory capabilities of the client devices which may be constrained by limited processing power, memory resources, or network connectivity. PLEDGE complies with regulations such as the Health Insurance Portability and Accountability Act (HIPAA) requirements and the SEC Rule 17a-4 financial standards. The protocol is implemented in a real CAS network using an EMC Centera backend storage device. The application secured by PLEDGE in the sample implementation is an X-Ray radiography scanning system in a healthcare network environment. The experimental test bed implementation conducted shows a speedup factor of three over raw encryption security mechanisms. KEYWORDS Security, Content-addressable storage security, Policy-driven security, Customizable security. For More Details : http://airccse.org/journal/nsa/1010s8.pdf Volume Link : http://airccse.org/journal/jnsa10_current.html
  • 15. REFERENCES [1] W. Itani, A. Kayssi, A. Chehab, “An efficient and scalable Security ProtocoL for protecting fixedContent Objects in ContEnt aDdressable StoraGe architectures”, in Proc. of the Third International Conference on Security and Privacy in Communication Networks, Nice, France, Sept, 2007. [2] A. Freier, P. Karlton, P. Kocher, “The SSL Protocol Version 3.0, ” Internet-Draft, 1996. [3] T. Dierks, C. Allen, “The TLS Protocol – Version 1.0, ” RFC 2246, 1999. [4] EMC Centera homepage: http://www.emc.com/products/family/emc-centera-family.htm, accessed Jan. 14, 2008. [5] Health Insurance Portability & Accountability Act homepage: http://www.hipaa.org, accessed Jan. 14, 2008. [6] SEC 17 CFR Part 240, Release No. 34-38245, “Reporting Requirements for Broker Dealers Under the Security Exchange Act of 1934,” January 1997, http://www.sec.gov/rules/final/34- 38245.txt, accessed Jan. 14, 2008. [7] J. Daemen and V. Rijmen, “Rijndael, the advanced encryption standard,” Dr. Dobb's Journal, vol. 26, no. 3, March 2001, pp. 137 - 139. [8] National Institute of Standards and Technology, August 2002, Secure Hash Standard, Federal Information Processing Standards, Publication 180-2, http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf, accessed Jan. 14, 2008. [9] Y. Zheng, J. Pieprzyk, J. Seberry, “HAVAL--A One-Way Hashing Algorithm with Variable Length of Output,” in Proc. Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology, pp. 83-104, 1992. [10] R. Rivest, “The MD5 Message-Digest Algorithm,” RFC 1321, 1992. [11] W. Itani, A. Kayssi, “J2ME End-to-End Security for M-Commerce,” in Proc IEEE Wireless Communications and Networking Conference, 2003. [12] W. Itani, A. Kayssi, “SPECSA: a Scalable, Policy-driven, Extensible, and Customizable Security Architecture for Wireless Enterprise Applications,” Computer Communications, vol. 27, no. 18, December 2004, pp. 1825 - 1839. [13] W. Itani, A. Kayssi, A. Chehab, “PATRIOT – a Policy-Based, Multi-level Security Protocol for Safekeeping Audit Logs on Wireless Devices,” in Proc. IEEE/CreateNet First
  • 16. International Conference on Security and Privacy for Emerging Areas in Communication Networks (SecureComm), Athens, Greece, 2005. [14] W. Itani, A. Kayssi, A. Chehab, “An Enterprise Policy-Based Security Protocol for Protecting Relational Database Network Objects,” in Proc. 2006 International Wireless Communications and Mobile Computing Conference (IWCMC), Vancouver, Canada, 2006. [15] T. Bray, J. Paoli, C. M. Sperberg-McQueen, E. Maler, F. Yergeau (September 2006), “Extensible Markup Language (XML) 1.0”, World Wide Web Consortium, http://www.w3.org/TR/2006/REC-xml20060816/, accessed Jan. 14, 2008. [16] The Gramm-Leach-Bliley Website: http://banking.senate.gov/conf/, accessed Jan. 14, 2008. [17] J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, C. Wells and B. Zhao, “OceanStore: an Architecture for Global- Scale Persistent Storage,” in Proc. Ninth International Conference on Architectural Support for Programming Languages and Operating Systems, pp. 190 - 201, November 2000, Cambridge, Massachusetts, United States. [18] H. Cheng, X. Li, “Partial Encryption of Compressed Images and Videos,” IEEE Transactions on Signal Processing, vol. 48, no. 8, pp. 2439-2451, August 2000. [19] M. Van Droogenbroeck, R. Benedett, “Techniques for a Selective Encryption of Uncompressed and Compressed Images,” in Proc. Advanced Concepts for Intelligent Vision Systems, pp. 90 - 97, Ghent University, Belgium, September 2002. [20] R. Pfarrhofer and A. Uhl, “Selective Image Encryption using JBIG,” Lecture Notes in Computer Science, pp. 98-107, 2005. [21] S. Lian, J. Sun, D. Zhang, Z. Wang, “A Selective Image Encryption Scheme Based on JPEG2000 Codec,” Lecture Notes in Computer Science, vol. 3332, pp. 65 - 72, 2004. [22] X. Lu and A. Eskicioglu, “Selective Encryption of Multimedia Content in Distribution Networks: Challenges and New Directions,” in Proc. IASTED International Conference on Communications, Internet and Information Technology (CIIT 2003), Scottsdale, AZ, USA, November 2003. [23] A. Pommer and A. Uhl, “Application Scenarios for Selective Encryption of Visual Data,” in Proc. Multimedia and Security Workshop, ACM Multimedia, pp. 71 - 74, Juan-les-Pins, France, December 2002. [24] A. Pommer and A. Uhl, “Selective Encryption of Wavelet-Packet Encoded Image Data Efficiency and Security,” ACM Multimedia Systems, Special issue on Multimedia Security, pp. 279 - 287, 2003.
  • 17. [25] M. Van Droogenbroeck, “Partial Encryption of Images for Real-Time Applications,” http://www.ulg.ac.be/telecom/publi/publications/mvd/Vandroogenbroeck2004Partial.pdf, 2004, accessed Jan. 14, 2008. [26] S. Lakshmanan, M. Ahamad, and H. Venkateswaran, Responsive Security for Stored Data, IEEE Transactions on Parallel and Distributed Systems, vol. 14, no. 9, September 2003. [27] L. Wang, Y. Nie, W. Nie, and L. Jiao, “Artificial Immune Strategies Improve the Security of Data Storage”, in Proc. ICNC 2005, LNCS 3611, pp. 839 – 848, 2005. [28] S. Morgan, L. Russell and B. Reed, Security Method and System for Persistent Storage and Communications on Computer Network Systems and Computer Network Systems Employing the Same, International Business Machines Corporation, Patent number: 6816970, Nov 9, 2004. [29] B. Iyer, S. Mehrotra, E. Mykletun, G. Tsudik, and Y. Wu, “A Framework for Efficient Storage Security in RDBMS,” in Proc. Seventh Int’l Conf. Extending Database Technology (EDBT 2004), Mar. 2004 [30] J. D. Strunk, G. R. Goodson, M. L. Scheinholtz, C. A. N. Soules, and G. R. Ganger, Self- Securing Storage: Protecting Data in Compromised Systems, in Proc. 2000 Symposium on Operating Systems Design and Implementation (OSDI), October 2000. [31] W. Diffie, P.C. van Oorschot, and M.J. Wiener, “Authentication and authenticated key exchanges”, Designs, Codes and Cryptography 2 (1992), 107-125.
  • 18. AN INTELLECT LEARNING ON E-MAIL SECURITY AND FRAUD, SPAM AND PHISHING Dr.P.S.Jagadeesh Kumar1 , Dr.S.Meenakshi Sundaram2 , Mr.Ranjeet kumar3 1, 2, 3 Department of Computer Science and Engineering, Don Bosco Institute of Technology, Kumbalagodu, Bangalore, India – 560074. ABSTRACT Cybercrime has grown voluminous pleats with veneration to the development of first-hand technology. The flout towards cybercrime has become todays prime centric with developing countries frugality as well. Nonetheless hefty figure of security and privacy available with modern expertise; phishing, spam and email fraud are more equally exasperating. In this intellect learning, the authors’ primary interest is to make a healthy charge on phishing, spam and email fraud towards the wealthy personal information and realm. Official and business related information needs added exhaustive sanctuary and discretion from the hackers to be on the top in their one-to-one arena. KEYWORDS Cybercrime, Phishing, Spam, Email fraud, Security and Privacy, Intellect learning. For More Details : http://airccse.org/journal/nsa/7515nsa03.pdf Volume Link : http://airccse.org/journal/jnsa15_current.html
  • 19. REFERENCES [1] Andronicus A. Akinyelu and Aderemi O. Adewumi, (2014) “Classification of Phishing Email Using Random Forest MachineLearning Technique”, Journal of Applied Mathematics, Hindawi Publishing Corporation, Vol. 2014, Article ID 425731, 6 pages. [2] Dhanalakshmi Ranganayaklu&Chellapan C, (2013) “Detecting malicious URLs in E-mail – An Implementation”Proceedia of AASRI Conference on intelligent systems and control, Elsevier, pp.125-131. [3] Jagruti Patel, Sheetal Mehta, (2015) “A literature review on phishing email detection using data mining”, International Journal of Engineering Sciences & Research Technology, Vol. 4(3), pp.46-53. [4] M.Madhuri, K.Yeseswini, U.Vidya Sagar, (2013) “Intelligent phishing website detection andPrevention system by using link guard algorithm” International Journal of Communication Network Security, ISSN: 2231 – 1882, Vol. 2, Issue2, pp.9-16. [5] Tzipora Halevi, James Lewis, Nasir Memon, (2013) “A Pilot Study of Cyber Security and Privacy Related Behavior and Personality Traits” International World Wide Web ConferenceCommittee (IW3C2), May 13–17, Rio de Janeiro, Brazil.ACM 978-1-4503-2038- 2/13/05. [6] Jayshree Hajgude, Dr.Lata Ragha, (2013) “Performance Evaluation of Phish Mail Guard: Phishing Mail Detection Technique by using Textual and URL analysis” Int. J. on Recent Trends in Engineering and Technology, Vol. 8, No. 1, pp.23-29, ACEEE Publication. [7] Ritika Arora, Neha Arora, (2014) “Phishing Attack Techniques”, International Journal of Computer Science and Technology, Vol.5, Issue.4, pp.300-302. [8] Amir Herzberg, Ahmad Jbara, (2006) “Security and Identification Indicators for Browsersagainst Spoofing and Phishing Attacks”, manuscript is available as ePrint Archive: Report 2004/155, at http://eprint.iacr.org/2004/155 [9] S.Arun, D.Anandan, T.Selvaprabhu, B.Sivakumar, P.Revathi, H.Shine, (2012) “Detecting Phishing attacks inpurchasing process through proactive approach” Advanced Computing: An International Journal (ACIJ), Vol.3, No.3, pp.81-93, DOI: 10.5121/acij.2012.3309. [10] Yan Luo, (2010) “Workload characterization of spam emailfiltering systems” International Journal of Network Security & Its Application (IJNSA), Vol.2, No.1, pp.22-4. [11] Gaurav Ojha and Gaurav Kumar Tak, (2012) “A novel approach against e-mail attacksderived from user-awareness basedtechniques” International Journal of Information Technology Convergence and Services (IJITCS) Vol.2, No.4, pp.1-16, DOI: 10.5121/ijitcs.2012.2401.
  • 20. [12] Srishti Gupta, Ponnurangam Kumaraguru, (2014) “Emerging Phishing Trends and Effectiveness of theAnti-Phishing Landing Page” arXiv: 1406.3682v1 [cs.CY]. [13] Maher Aburrous,M.A. Hossain, Keshav Dahal, Fadi Thabtah (2010) “Associative Classification Techniques for predicting e-Banking PhishingWebsites” MCIT, 978-1-4244- 7003-7/10© IEEE. [14] Andre Bergholz, Jan De Beer, Sebastian Glahn,Marie-Francine Moens, Gerhard Paab and Siehyun Strobel, (2010) “New filtering approaches for phishing email” Journal of Computer Security,Vol.18, pp.7–35, DOI 10.3233/JCS-2010-037, IOS Press. [15] Thamarai Subramaniam, Hamid A.Jalab and Alaa Y.Taqa, (2010) “Overview of textual antispam filtering techniques” International Journal of the Physical Sciences, Vol. 5(12), pp. 1869-1882, Available online at http://www.academicjournals.org/IJPS ©2010 Academic Journals. [16] Cleber K. Olivoa, Altair O.Santina, Luiz S.Oliveirab, (2013) “Obtaining the threat model for e-mail phishing” Applied Soft Computing, Vol. 13, pp. 4841–4848, Contents lists available at ScienceDirect, 1568-4946 © Elsevier B.V. DOI:10.1016/j.asoc.2011.06.016. [17] Nalin Asanka Gamagedara, Steve Love, Carsten Maple, (2013) “Can a Mobile Game Teach Computer Users to Thwart Phishing Attacks?” International Journal for Infonomics (IJI), Volume 6, Issues ¾, pp.720-730, http://www.infonomics-society.org/IJI [18] Carine G. Webber, Maria de Fatima W. do Prado Lima, and Felipe S. Hepp, (2012) “Testing Phishing Detection Criteria and Methods” Frontiers in Computer Education, AISC 133, pp. 853–858, © Springer-Verlag Berlin Heidelberg. [19] Kamini (Simi) Bajaj and Josef Pieprzyk, (2014) “A Case Study of User-Level Spam Filtering” Proceedings of the Twelfth Australasian Information Security Conference, Auckland, New Zealand, pp.67-75. [20] Satish.S, Suresh Babu.K, (2013) “Phishing websites detection based on web source code and url in the webpage” International Journal of Computer Science and Engineering Communications IJCSEC. Vol.1 Issue.1, pp.1-5, scientistlink.com. [21] Tyler Moore and Richard Clayton, (2007) “Examining the Impact of Website Take-down on Phishing” APWG eCrime Researchers Summit, Pittsburgh, PA, USA. [22] Maher Aburrous, M.A.Hossain, Keshav Dahal, Fadi Thabtah, (2010) “Intelligent phishing detection system for e-banking using fuzzy data mining” Expert Systems with Applications, Vol.37, pp.7913– 7921, 0957-4174, Elsevier Ltd,DOI:10.1016/j.eswa.2010.04.044
  • 21. [23] A.S.Zadgaonkar, Suraj Prasad Keshari, Savita Ajay, (2013) “A Model for Identifying Phishing EMail Based on Structural Properties” International Journal of Science and Modern Engineering (IJISME)ISSN: 2319-6386, Volume-1, Issue-6, pp.71-74. [24] Ali Darwish, Ahmed El Zarka and Fadi Aloul, (2013) “Towards Understanding Phishing Victims' Profile” 978-1-4673-5157-7/13 © IEEE. [25] Asani emmanuel oluwatobi, Aadegun adekanmi, (2014) “Maximum phish bait: towards feature based detection of phising using maximum entropy classification technique” International Conference on Science, Technology, Education, Arts, Management and Social SciencesiSTEAMS Research Nexus Conference. [26] Saeed Abu-Nimeh, Dario Nappa, Xinlei Wang, and Suku Nair, (2009) “Distributed Phishing Detection by ApplyingVariable Selection using Bayesian AdditiveRegression Trees” IEEE ICC 2009 proceedings, http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=5198931978-1-4244-3435-0/09 © IEEE. [27] Nirmala Suryavanshi, Anurag Jain, (2015) “A Review of Various Techniques for Detection and Prevention for Phishing Attack” International Journal of Advanced Computer Technology, Vol.4, No.3, pp.41-46. [28] Niharika Vaishnaw, SRTandan (2015) “Development of Anti-Phishing Model forClassification of Phishing E-mail” International Journal of Advanced Research in Computer and Communication EngineeringVol. 4, Issue 6, pp.39-45, DOI 10.17148/IJARCCE.2015.4610. [29] Niharika Vaishnaw, SRTandan (2011) “Architecture for the Detection of phishing in MobileInternet” International Journal of Computer Science and Information Technologies, Vol.2 (3), pp.1297-1299. [30] Geerthik.S (2013) “Survey on Internet Spam: Classification and Analysis” Int.J.Computer Technology & Applications,Vol 4 (3), pp.384-391,Available online@www.ijcta.com. [31] P.Rohini, K.Ramya (2014) “Phishing Email Filtering Techniques-A Survey”, International Journal of Computer Trend and Technology, Vol.17, No.1, pp.18-21. http://www.ijcttjournal.org [32] Masoumeh Zareapoor, Seeja K.R (2015) “Feature Extraction or Feature Selection for Text Classification: A Case Study on Phishing Email Detection”, I.J. Information Engineering and Electronic Business, 2015, Vol.2, pp.60-65, Published Online March 2015 in MECS (http://www.mecs-press.org/)DOI: 10.5815/ijieeb.2015.02.08
  • 22. [33] Ram B.Basnet, Andrew H.Sung, Quingzhong Liu (2014) “Learning to detect phishing URLs”, International Journal of Research in Engineering and Technology, Vol.3 Issue.6, pp.11-24, Available @ http://www.ijret.org [34] R. Dhanalakshmi, C. Chellappan, Quingzhong Liu (2012) “Mitigating E-Mail Threats - A Web Content BasedApplication”, Proceedings of the International MultiConference of Engineers and Computer Scientists, Vol.1, IMECS’12, Hong Kong. [35] R. Dhanalakshmi, C. Chellappan, Quingzhong Liu (2012) “Evolving Fuzzy Neural Network for Phishing Emails Detection”, Journal of Computer Science 8 (7): pp.1099-1107, ISSN 1549-3636©Science Publications. [36] Goverdhan Reddy Jidiga, Dr.P Sammulal, (2013) “Machine learning approach to anomaly detection incyber security with a case study of spamming attack”, International Journal of Computer Engineering& Technology, Vol.4, Issue.3, May-June (2013), pp. 113- 122, © IAEME: www.iaeme.com/ijcet.asp [37] Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, Dawn Song (2011) “Design and Evaluation of a Real-Time URL Spam Filtering Service”, IEEE Symposium on Security and Privacy, pp.447-462, 1081-6011/11© 2011 IEEE, DOI: 10.1109/SP.2011.25 [38] Steve Sheng, Mandy Holbrook, Ponnurangam Kumaraguru, Lorrie Cranor, Julie Downs (2010) “Who Falls for Phish? A Demographic Analysis of PhishingSusceptibility and Effectiveness of Interventions”, Atlanta, Georgia, USA.Copyright 2010 ACM 978-1-60558- 929-9/10/04. [39] Yue Zhang, Jason Hong, Lorrie Cranor (2007) “CANTINA: A Content-Based Approach toDetecting Phishing Web Sites”, International World Wide Web ConferenceCommittee, May 8–12, 2007, Banff, Alberta, Canada, ACM 978-1-59593-654-7/07/0005 [40] Ram B.Basnet,Andrew H.Sung (2010) “Classifying Phishing Emails Using Confidence- Weighted Linear Classifiers”, International Conference on Information Security and Artificial Intelligence (ISAI 2010),978-1-4244-8870-4 /10 C IEEE, pp.108-112. [41] Michalis Polychronakis, Panayiotis Mavrommatis, Niels Provos (2010) “Ghost turns Zombie: Exploring the Life Cycle of Web-based Malware”, https://www.usenix.org/legacy/event/leet08/tech/full_papers/polychronakis/polychronakis.pd f [42] JaeSeung Song and Andreas Kunz (2013) “Towards Standardized Prevention ofUnsolicited Communications and PhishingAttacks”, Journal of ICT Standardization, Vol. 1, PP.109–122, River Publishers, DOI: 10.13052/jicts2245-800X .126. [43] Bo Li and Yevgeniy (2010) “Feature Cross-Substitution in Adversarial Classification”,http://vorobeychik.com/2014/sma.pdf
  • 23. [44] Justin ma, Lawrence k.Saul, Stefan savage and Geoffrey M.Voelker(2011) “Towards Standardiz Prevention of Unsolicited Communications and Phishing Attacks”, ACM Transactions on Intelligent Systems and Technology, Vol.2, No.3, Article 30, ACM 2157- 6904/2011/04-ART30, http://doi.acm.org/10.1145/1961189.1961202 [45] Vishakha B.Pawar, Pritish A.Tijare (2014) “Phishing Email Detection Techniques: A Review”, International Journal of Advance Research inComputer Science and Management Studies, Vol.2, 277, Available online at: www.ijarcsms.com [46] Noor Ghazi M.Jameel, Loay E.George (2013) “Detection Phishing Emails Using Features Decisive Values”, International Journal of Advanced Research inComputer Science and Software Engineering, Vol.3, Issue 7, pp.257-262, Available online at: www.ijarcsse.com [47] Hima Sampath Rao, SK Abdul Nabi (2014) “A novel approach for predictingphishing websites using the mapreduce framework”, International Journal of Computer Science and Mobile Computing, Vol.3, Issue 10, pp.505-510, Available Online at www.ijcsmc.com [48] Mona Ghotaish Alkhozae, Omar Abdullah Batarfi (2011) “Phishing Websites Detection based on Phishing Characteristics in the Webpage Source Code”, International Journal of Information and Communication Technology Research, Vol.1, No.6, pp.283-291. [49] Boateng,Priscilla Mateko Amanor (2014) “Phishing, SMiShing & Vishing: An Assessment of Threats againstMobile Devices”, Journal of Emerging Trends in Computing and Information Sciences, Vol.5, No.4, pp.297-307, Available Online at www.ijcsmc.com [50] De Wang, Shamkant B. Navathe, Ling Liu, Danesh Irani, Acar Tamersoy, Calton Pu (2014) “Click Traffic Analysis of Short URL Spam on Twitter”, http://www.cc.gatech.edu/~atamerso/papers/wang_collaboratecom13.pdf [51] Yan Yeung (2007) “A Learning Approach to Spam Detection bas SocialNetworks”, CEAS 2007 - Fourth Conference on Email and Anti-Spam, August 2 2007, Mountain View, California USA. [52] Szde Yu (2011) “Email spam and the CAN-SPAM Act: A qualitative analysis”, International Journal of Cyber Criminology, Vol. 5 Issue 1, Vol.1, No.6, pp.715-735. [53] Shams Zawoad, Amit Kumar Dutta, Alan Sprague, Ragib Hasan, Jason Britt, and Gary Warner Net: Investigating Phish Clusters Using Drop Email Addresses”, http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6805777
  • 24. AUTHORS Dr.P.S.Jagadesh Kumar, Professor in the Department of Computer Science and Engineering, Don Bosco Institute of Technology, Bengaluru has 16 years of teaching experience, including 6 year of research experience in the field of received his B.E. degree from University of Madras in Electrical and Electronics Engineering discipline in the year 1999. He obtained his M.E degree in 2004 with specialization in Computer Science and Engineering from Annamalai University Ph.D. from Anna University, Chennai. Dr.S.Meenakshi Sundaram is working as Professor and Head in the Department of Computer Science and Engineering at India. He obtained Bachelor Degree in Computer Science and Engineering from Bharathidasan University in 1989. He obtained his M.Tech from National Institute of Technology, Tiruchirappalli in 2006 and Ph.D. in Computer Science & Engineering from Anna University Chennai in 2014. He has presented 3 papers in International Conferences and published 17 papers in International Journals. Mr.Ranjeet Kumar is working as an Associate Professor in the Department of Computer Science & Engineering at Don Bosco Institute of Technology, Bengaluru 560074. He has completed Bachelor of engineering in electrical & electronics engineering from Kuvempu University, Shimoga, Karnataka in 2001. He has also completed his Master of Technology in Computer Science & Engineering from Visveswaraya Technological University, Belgaum, Karnataka in 2010.
  • 25. ARCHITECTURE FOR INTRUSION DETECTION SYSTEM WITH FAULT TOLERANCE USING MOBILE AGENT Chintan Bhatt1 , Asha Koshti2 ,Hemant Agrawal3 , Zakiya Malek4 , Dr Bhushan Trivedi5 MCA Dept.,GLS Institute of Computer Technology, Ahmedabad, India ABSTRACT This paper is a survey of the work, done for making an IDS fault tolerant. Architecture of IDS that uses mobile Agent provides higher scalability. Mobile Agent uses Platform for detecting Intrusions using filter Agent, co-relater agent, Interpreter agent and rule database. When server (IDS Monitor) goes down, other hosts based on priority takes Ownership. This architecture uses decentralized collection and analysis for identifying Intrusion. Rule sets are fed based on user- behaviour or application behaviour. This paper suggests that intrusion detection system (IDS) must be fault tolerant; otherwise, the intruder may first subvert the IDS then attack the target system at will. KEYWORDS Fault tolerance, Mobile Agent, Intrusion Detection System For More Details : http://airccse.org/journal/nsa/0911nsa13.pdf Volume Link : http://airccse.org/journal/jnsa11_current.html
  • 26. REFERENCES [1] Lange, D., Oshima, M. 1998. Programming and Deploying Java Mobile Agents with Aglets . Addison-Wesley. [2] Rothermel, K., Schwehm, M. 1998. Mobile Agents . In Kent, A., Williams, J. (Editors) Encyclopedia for Computer Science and Technology . M. Dekker Inc. New York, USA [3] Jansen, W. 1999. Mobile agents and security. In Proceedings of the 1999 Canadian Information Technology Security Symposium . [4] Jansen, W. 2002. Intrusion detection with mobile agents. Computer Communications , 25(15): 1392-1401. [5] Jansen, W., Karygiannis, T. 1999. Mobile agent security. Special Publication 800 19, National Institute of Standards and Technology (NIST). [6] Jansen, W., Mell, P., Karygiannis, T., Marks, D. 1999. Applying mobile agents to intrusion detection and response. Interim Report 6416, National Institute of Standards and Technology (NIST) [7] Intelligent Agents for Distributed Intrusion Detection System M. Benattou, and K. Tamine World Academy of Science, Engineering and Technology 6 2005 [8] Intrusion Detection & Prevention by Carl Endorf, Eugene Schultz and Jim Mellander ISBN:0072229543 TMH pub. [9] INTELLIGENT INTRUSION DETECTION SYSTEM FRAMEWORK USING MOBILE AGENTS International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 2, July 2009 [10] DIDMA: A Distributed Intrusion Detection System Using Mobile Agents Pradeep Kannadiga and Mohammad Zulkernine School of Computing Queen’s University Proceedings of the Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Networks (SNPD/SAWN’05) 0-7695-2294-7/05 © 2005 IEEE [11] Applying Mobile Agents to Intrusion Detection and Response Wayne Jansen, Peter Mell, Tom Karygiannis, Don Marks National Institute of Standards and Technology Computer Security Division NIST Interim Report (IR) – 6416 October 1999 [12] An Architecture for Intrusion Detection using Autonomous Agents Jai Sundar Balasubramaniyan, Jose Omar Garcia-Fernandez,DavidIsaco, Eugene Spafford, Diego Zamboniy Center for Education and Research in Information Assurance and Security Purdue University CERIAS Technical Report 98/05 June 11, 1998
  • 27. [13] A New Mobile Agent-Based Intrusion Detection System Using Distributed Sensors Mohamad Eid American University of Beirut, Department of Electrical and Computer Engineering [14] Snort website: www.snort.org AUTHORS Chintan Bhatt MCA, SEM-5 Student GLSICT, Ahmedabad , India Research Area :- Network Security Asha Koshti MCA, SEM-5 Student GLSICT, Ahmedabad , India Research Area :- Network Security Hemant Agrwal MCA, SEM-5 Student GLSICT, Ahmedabad , India Research Area :- Network Security Zakiya Malek Assistant Professor, GLSICT, Ahmedabad , India Research Area :- Network Security Dr. Bhushan Trivedi Ditrector, GLSICT, Ahmedabad , India Research Area :- Network Security
  • 28. IOT AND SECURITY-PRIVACY CONCERNS: A SYSTEMATIC MAPPING STUDY Moussa WITTI and Dimitri KONSTANTAS Information Science Institute University of Geneva Route de Drize 7, 1227 Carouge, Switzerland ABSTRACT The increase of smart devices has accelerated sensitive data exchange on the Internet using most of the time unsecured channels. Since a massive use of RFID (Radio-frequency Identification) tags in the transportation and construction industries from 1980 to 1990, with the expanded use of the Internet with 2G/3G or 4G since 2000, we are witnessing a new era of connected objects. A huge number of heterogeneous sensors may collect and dispatch sensitive data from an endpoint to worldwide network on the Internet. Privacy concerns in IOT remain important issues in the research. In this paper, we aim to evaluate current research state related to privacy and security in IOT by identifying existing approaches and publications trends. Therefore, we have conducted a systematic mapping study using automated searches from selected relevant academics databases. The result of this mapping highlights research type and contribution in different facets and research activities trends in the topic of “security and privacy” in IoT edge, cloud and fog environment. KEYWORDS Internet of Thing, privacy, security, the mapping study For More Details : http://aircconline.com/ijnsa/V10N6/10618ijnsa03.pdf Volume Link : http://airccse.org/journal/jnsa18_current.html
  • 29. REFERENCES [1] Aaditya Jain, B. S. (2016, April). Internet of Things: Architecture, security goals, and challenges. International Journal Innovative Research in Science & Engineering (IJIRSE), Vol.No2:Issue4. [2] Alfaqih, T. M., & Al-Muhtadi, J. (2016). Internet of Things Security based on Devices Architecture. International Journal of Computer Applications. [3] Athreya, A. P., DeBruhl, B., & Tague, P. (2013). Designing for self-configuration and selfadaptation in the “internet of things" in Collaborative Computing: Networking Applications and Worksharing. 9th International Conference Collaboratecom, (pp. 585-592). [4] Bagozzi, R. Y. (1991). Assessing Construct Validity in Organizational Research. Administrative Science Quarterly (36:3), pp 421-458. [5] Bouij-Pasquier Imane, A. A. (2015). A Security Framework for Internet of Things. 14 th International conference, CANS 2015, , (pp. 19-31 Volume 9476 of the series Lecture Notes in Computer Science). Marrakesh. [6] Burnett L., K. B.-S. (Volume 10, Issue 4, May 2003). The GeneTrustee: a universal identification system that ensures privacy and confidentiality for human genetic databases. Journal of law and medicine, 506-513. [7] Cavalcante E. et al. (2016). On the interplay of Internet of Things and Cloud Computing: A systematic mapping study. Computer Communications Volumes 89-90, Pages 17-33. [8] Charu C. Aggarwal; Philip S. Yu, eds. (2008). "A General Survey of Privacy". Privacy- Preserving Data Mining – Models and Algorithms [9] Ding Chao, L. Y. (2011). Security Architecture and Key Technologies for IoT/CPS. ZTE Communication, 17(1):11-16. [10] Erez Shmueli, T. Z. (2014). Constrained obfuscation of relational databases. Information Sciences, Volume 286, 35. [11] Gang G., L. Z. (2011). "Internet of things security analysis," in Internet Technology and Applications (iTAP), 2011 International Conference on, 1-4. [12] Gregor, S. (2006). The Nature of Theory in Information Systems. MIS Quarterly (30:3), 611-642. [13] Hernandez-Ramos JosAľ L., J. B. (2015). Preserving Smart Objects Privacy through Anonymous. Sensors - Open Access Journal. [14] Hevner, A. M. (2004). Design Science in Information Systems Research. MIS Quarterly (28:1), 75-105.
  • 30. [15] JianQiang Li, J.-J. Y. (2013). A top-down approach for approximate data anonymisation. Enterprise Information Systems, 272. [16] Junqing Le, X. L. (2016). Full Autonomy: A Novel Individualized Anonymity Model for Privacy Preserving. Computers & Security. [17] Kocher, P. L. (2004). Security as a new dimension in embedded. In: Proceedings of the 41st Annual Design Automation Conference, DAC 2004, San Diego, CA, USA, June 7-11 (pp. 753- 760). New York: ACM. [18] Liu C., Y. Z. (2012). Research on Dynamical Security Risk Assessment for the Internet of Things inspired by immunology, in Eighth International Conference on Natural Computation (ICNC). [19] Leusse P, P. P. (2009). Security Cell, a security model for the Internet of Things and Services. International Conference on in Advances in Future Internet, (pp. 47-52). [20] Loukil F., Ghedira C., Aïcha-Nabila B., Boukadi K., Maamar Z. Privacy-Aware in the IoT Applications: A Systematic Literature Review. International Conference on Cooperative Information Systems (CoopIS) 2017. Proceedings, Part I. Lecture Notes in Computer Science 10573, Springer 2017, ISBN 978-3-319-69461-0, Oct 2017, Rhodes, Greece. [21] Mingqiang Xue, P. P. (2011). Distributed privacy preserving data collection. In Proceedings of the 16th international conference on Database systems for advanced applications. [22] Ninghui Li, Tiancheng Li, and Suresh Venkatasubramanian "t-Closeness: Privacy Beyond kAnonymity and l-Diversity," 2007 IEEE 23rd International Conference on Data Engineering, Istanbul, 2007, pp. 106-115. [23] Pan Yang, X. G. (2013). A Privacy-Preserving Data Obfuscation Scheme Used in Data Statistics and Data Mining. IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing,(p. 881). [24] Pierangela Samarati and L. Sweeney. k-anonymity: a model for protecting privacy. Proceedings of the IEEE Symposium on Research in Security and Privacy (S&P). May 1998, Oakland, CA. [25] Kai Petersen, Robert Feldt, Shahid Mujtaba, and Michael Mattsson. 2008. Systematic mapping studies in software engineering. In Proceedings of the 12th international conference on Evaluation and Assessment in Software Engineering (EASE’08), Giuseppe Visaggio, Maria Teresa Baldassarre, Steve Linkman, and Mark Turner (Eds.). BCS Learning & Development Ltd., Swindon, UK, 68-77. [26] Philipp Offermann, O. L. (2009). Outline of a design science research process. In Proceedings of the 4th International Conference on Design Science Research in Information Systems and Technology (DESRIST ’09).
  • 31. [27] Ricardo Neisse, G. S. (2015). A Model-based Security Toolkit for the Internet of Things. ScienceDirect. [28] Robert Bredereck, A. N. (2014). The effect of homogeneity on the computational complexity of combinatorial data anonymization. Data Mining and Knowledge Discovery, Volume 28, Number 1,65. [29] Samani A., H. H. (2015). Privacy in Internet of Things: A Model and Protection Framework. The 6th International Conference on Ambient Systems, Networks and Technologies (ANT-2015), the 5th International Conference on Sustainable Energy Information Technology (SEIT-2015) (pp. Volume 52, 2015, Pages 606-613). Procedia Computer Science. [30] Shmatikov, J. B. (2006). Efficient anonymity-preserving data collection. In Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining (KDD ’06).ACM, New York, NY, USA, (pp. 76-85). [31] Syazarin, N., Aziz, N. A., Daud, S. M., & Syarif, S. A. (2017). An Overview on Security Features or Internet of Things (IoT) in Perception Layer. Journal of Engineering and Applied Sciences. [32] Usha P., R. S. (2014). Sensitive attribute based non-homogeneous anonymization for privacy preserving data mining. International Conference on Information Communication and Embedded Systems (ICICES2014), 1. [33] Venable, J. (2006). The Role of Theory and Theorising in Design Science Research. First International Conference on Design Science Research in Information Systems and Technology, (pp.1-18). Claremont, CA: Claremont Graduate University. [34] Xiao L, H. B. (2010). A knowledgeable security model for distributed health information systems. Computers & Security., (pp. 331-349). [35] Xin Ma, Q. H. (2010). Study on the Applications of Internet of Things in the Field of Public Safety. China Safety Science Journal, 20(007):170-176. [36] Yunjung Lee, Y. P. (2015). "Security Threats Analysis and Considerations for Internet of Things". 2015 8th International Conference on Security Technology (SecTech), (pp. vol. 00, no. , pp. 28- 30). [37] ZhangW., B. Q. (2013). Security Architecture of the Internet of Things Oriented to Perceptual Layer. in International Journal on Computer, Consumer and Control (IJ3C), Volume 2, No.2. [38] Zhiqiang Yang, S. Z. (2005). Anonymity-preserving data collection. In Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining (KDD ’05). ACM,New York, NY, USA, (pp. 334-343).
  • 32. AUTHORS Moussa WITTI is a consulting engineer and IT architect in the R&D. He is advising bank and insurance firms in content and data management. He has more than 13 years of IT application development and deployment experience. He has obtained an MBA from Toulouse Business School and master Research in Computer Science from university of Franche-Comté in Besançon (FRANCE). Dimitri KONSTANTAS is Professor at the University of Geneva (CH) and director of the . He has been active since 1987 in research in the areas of Object Oriented systems, agent technologies, and mobile health systems, with numerous publications in international conferences and journals. His current interests are Mobile Services and Applications with special focus in the well- being services for elderly and information security. Professor D. Konstantas has a long participation in European research and industrial projects and is consultant and expert to several European companies and governments.
  • 33. STEGANALYSIS ALGORITHM FOR PNG IMAGES BASED ON FUZZY LOGIC TECHNIQUE Jawaher alqahtani, Daniyal Alghazzawi1 and Li Cheng2 1 Department of Information Systems, King Abdulaziz University, Jeddah, Saudi Arabia 2 Xinjiang Technical Institute of Physics & Chemistry, Chinese Academy of Sciences, China ABSTRACT Embedding a message in media files, also known as steganography, is a common approach to hide secret information. It has been exploited by some criminals to confidentially exchange messages. As a countermeasure, tools have been developed in order to detect hidden information form digital media such as text, image, audio or video files. However the efficiency and performance of previous approaches still have room for improvement. In this research, we focus on algorithm design for better efficiency of hidden message detection from PNG files. We employ three classic AI approaches including neural network, fuzzy logic, and genetic algorithm and evaluate their efficiency and performance in controlled experiments. Finally we introduce our message detection system for PNG files based on LSB approach and present its usability in different case scenarios. KEYWORDS Steganography, Steganalysis, Artificial Intelligence, fuzzy logic. For More Details : https://aircconline.com/ijnsa/V8N6/8616ijnsa01.pdf Volume Link : http://airccse.org/journal/jnsa16_current.html
  • 34. REFERENCES [1] P. Thiyagarajan, G. Aghila, and V. P. Venkatesan, "Steganalysis Using Color Model Conversion," arXiv preprint arXiv:1206.2914, 2012. [2] R. Poornima and R. Iswarya, "An Overview of digital image Steganography," International Journal of Computer Science & Engineering Survey (IJCSES), vol. 4, pp. 23-31, 2013. [3] S. Engle, "Current State of Steganography: Uses, Limits, & Implications," Retrieved March, vol. 12, p. 2012, 2003. [4] S. A. Laskar and K. Hemachandran, "A Review on Image Steganalysis techniques for Attacking Steganography," in International Journal of Engineering Research and Technology, 2014. [5] C. James, "Steganography Past, Present, Future," URL:http://www.sans.org/reaing_room/whitepapers/steganography/steganogaphy_past_prese nt_futur e _552. pdf ( 12.12. 2009). [6] B. Boehm, "StegExpose-A Tool for Detecting LSB Steganography," arXiv preprint arXiv:1410.6656, 2014. [7] M. M. Amin, M. Salleh, S. Ibrahim, M. R. Katmin, and M. Shamsuddin, "Information hiding using steganography," in Telecommunication Technology, 2003. NCTT 2003 Proceedings. 4th National Conference on, 2003, pp. 21-25. [8] R. Amirtharajan, V. Rajesh, P. Archana, and J. Rayappan, "Pixel indicates, standard deviates: A way for random image steganography," Res. J. Inform. Technol, vol. 5, pp. 383-392, 2013. [9] G. Swain and S. K. Lenka, "Classification image steganography techniques in spatial domain: A study," Int J Comput Sci Eng Tech, vol. 5, pp. 219-32, 2014. [10] S. Goel, A. Rana, and M. Kaur, "A Review of Comparison Techniques of Image Steganography," Global Journal of Computer Science and Technology, vol. 13, 2013. [11] S. Azevedo, L. Gonçalves, and R. Rudson, Fuzzy Logic on a Polygenic Multi-Agent System for Steganalysis of Digital Images: INTECH Open Access Publisher, 2012. [12] W. W. Zin, "Message Embedding In PNG File Using LSB Steganographic Technique," International Journal of Science and Research (IJSR) Volume, vol. 2, 2013. [13] T. Qiao, F. Retraint, R. Cogranne, and C. Zitzmann, "Steganalysis of JSteg algorithm using hypothesis testing theory," EURASIP Journal on Information Security, vol. 2015, pp. 1-16, 2015.
  • 35. [14] J. Fridrich and J. Kodovský, "Steganalysis of LSB replacement using parity-aware features," in Information Hiding, 2013, pp. 31-45. [15] V. L. Reddy, A. Subramanyam, and P. C. Reddy, "Implementation of LSB steganography and its evaluation for various file formats," Int. J. Advanced Networking and Applications, vol. 2, pp. 868-872, 2011. [16] H.-W. Tseng and H.-S. Leng, "A Steganographic Method Based on Pixel-Value Differencing and the Perfect Square Number," Journal of Applied Mathematics, vol. 2013, 2013. [17] D.-C. Wu and W.-H. Tsai, "A steganographic method for images by pixel-value differencing," Pattern Recognition Letters, vol. 24, pp. 1613-1626, 2003. [18] M. H. Mohamed, N. M. Al-Aidroos, and M. A. Bamatraf, "Innovative Multi-Level Secure Steganographic Scheme based on Pixel Value Difference." [19] D. Gupta and S. Choubey, "Discrete Wavelet Transform for Image Processing," International Journal of Emerging Technology and Advanced Engineering, vol. 4, pp. 598- 602, 2015. [20] R. an Amirtharajan and J. Rayappan, "Steganography—time to time: A review," Research Journal of Information Technology, vol. 5, pp. 58-66, 2013. [21] A. Ibrahim, "Steganalysis in computer forensics," in Australian Digital Forensics Conference, 2007, p. 10. [22] N. Meghanathan and L. Nayak, "Steganalysis algorithms for detecting the hidden information in image, audio and video cover media," international journal of Network Security & Its application (IJNSA), vol. 2, pp. 43-55, 2010. [23] R. P. S. Sruthi Das N, "A Survey on Different Image Steganalysis Techniques," International Journal of Modern Trends in Engineering and Research vol. 02, p. 5, 2015. [24] K. Curran and J. Mc Devitt, "Image analysis for online dynamic steganography detection," Computer and Information Science, vol. 1, p. p32, 2008. [25] H. Wang and S. Wang, "Cyber warfare: steganography vs. steganalysis," Communications of the ACM, vol. 47, pp. 76-82, 2004. [26] S. O. Mundhada and V. Shandilya, "Spatial and Transformation Domain Techniques for Image Enhancement," International Journal of Engineering Science and Innovative Technology (IJESIT), vol. 1, pp. 213-216, 2012.
  • 36. [27] J. Green, I. Levstein, C. R. J. Boggs, and T. Fenger, "Steganography Analysis: Efficacy and Response-Time of Current Steganalysis Software," J Comput Sci, vol. 9, pp. 236-44, 2015. [28] R. Kumar, K. K. Saini, and S. Chand, "A New Steganography Technique Using Snake Scan Ordering Strategy," International Journal of Image, Graphics and Signal Processing (IJIGSP), vol. 5, p. 25, 2013. [29] R. Singh and G. Chawla, "A Review on Image Steganography," International Journal of Advanced Research in Computer Science and Software Engineering, vol. 4, pp. 686-689, 2014. [30] S. Mehta, A. Maru, and P. K. Goel, "A Survey Paper on Steganalysis F5 Algorithm." [31] A. Brown, "Graphics File Formats," ed, 2008. [32] S. M. Badr, G. Ismaial, and A. H. Khalil, "A Review on Steganalysis Techniques: From Image Format Point of View," International Journal of Computer Applications, vol. 102, 2014. [33] T. Boutell, "PNG (Portable Network Graphics) Specification Version 1.0," 1997. [34] M. Al Fahdi, N. Clarke, and S. Furnell, "Towards An Automated Forensic Examiner (AFE) Based Upon Criminal Profiling & Artificial Intelligence," 2013. [35] A. Irons and H. S. Lallie, "Digital Forensics to Intelligent Forensics," Future Internet, vol. 6, pp. 584-596, 2014. [36] R. Din and A. Samsudin, "Computational intelligence in steganalysis environment," 2008. [37] A. I. Bouguerne, B. H. F. Merouani, and C. N. Kobsi, "Multi Resolution Decomposition For A Passive Steganalysis Based On a Multi Agent System." [38] N. Kobsi and H. F. Merouani, "Neural Network Based Image Steganalysis: A Comparative Study," in Neural Networks for Signal Processing [1994] IV. Proceedings of the 1994 IEEE Workshop, 2007, pp. 423-430. [39] I. Khan, "An Efficient Neural Network based Algorithm of Steganography for image," International Journal of Computer Technology and Electronics Engineering (IJCTEE) Volume, vol. 1, pp. 63-67. [40] C. Bergman and J. Davidson, "An artificial neural network for wavelet steganalysis," Final Report to Midwest Forensics Resource Center, 2005.
  • 37. [41] S. Bakhshandeh, J. R. Jamjah, and B. Z. Azami, "Blind Image Steganalysis based on local information and human visual system," in Signal Processing, Image Processing and Pattern Recognition, ed: Springer, 2009, pp. 201-208. [42] X. Y. Yu and A. Wang, "An investigation of genetic algorithm on steganalysis techniques," in Intelligent Information Hiding and Multimedia Signal Processing, 2009. IIH- MSP'09. Fifth International Conference on, 2009, pp. 1118-1121.
  • 38. A PLAIN IMAGE DEPENDENT IMAGE ENCRYPTION SCHEME USING HALF PIXEL LEVEL INTERCHANGE PERMUTATION OPERATION Li Liu, Yucheng Chen and Ruisong Ye Department of Mathematics, Shantou University, Shantou, Guangdong, 515063, P. R. China ABSTRACT In this paper, a chaos-based image encryption scheme with half-pixel-level interchange permutation strategy and plain-image dependence is proposed. The proposed image encryption scheme consists of a confusion process and a diffusion process. In the confusion process, a pixel- swapping operation between higher bit planes and lower bit planes is employed to replace the traditional confusion operation. The halfpixel-level interchange permutation strategy between the higher 4-bit plane part and the lower 4-bit plane part not only improves the conventional permutation efficiency within the plain-image, but also changes all the pixel gray values. The system parameters of generalized Arnold map applied for the permutation operation relies on the plain-image content and consequently can resist chosen-plaintext and knownplaintext attacks effectively. To enhance the security of the proposed image encryption, one multimodal skew tent map is utilized to generate pseudo-random gray value sequence for diffusion operation. Simulations have been carried out thoroughly with comparisons with some other existing image encryption schemes. The experimental results demonstrate that the proposed image encryption scheme is highly secure thanks to its large key space and efficient permutation-diffusion operations. KEYWORDS Generalized Arnold map, Interchange permutation, Chaotic system, Multimodal skew tent map, Image encryption. For More Details : https://aircconline.com/ijnsa/V9N4/9417ijnsa05.pdf Volume Link : http://airccse.org/journal/jnsa17_current.html
  • 39. REFERENCES [1] D. R. Stinson, Cryptography: Theory and Practice, CRC Press, Boca Raton, 1995. [2] C. E. Shannon, Communication theory of secrecy systems, Bell Syst. Tech. J, 28(1949): 656- 715. [3] J. Fridrich, Symmetric ciphers based on two-dimensional chaotic maps, International Journal of Bifurcation and Chaos, 8(1998): 1259-1284. [4] Z.-H. Guan, F. Huang, W. Guan, Chaos-based image encryption algorithm, Physics Letters A, 346(2005): 153-157. [5] S. Lian, J. Sun, Z. Wang, A block cipher based on a suitable use of the chaotic standard map, Chaos, Solitons and Fractals, 26 (2005): 117-129. [6] Y. Wang, K. W. Wong, X. F. Liao, T. Xiang, G. R. Chen, A chaos-based image encryption algorithm with variable control parameters, Chaos, Solitons and Fractals, 41:4(2009): 1773- 1783. [7] W. Zhang, Kwok-wo. Wong, H. Yu, Z. Zhu, An image encryption scheme using reverse 2- dimensional chaotic map and dependent diffusion, Commun. Nonlinear Sci. Numer. Simul., 18:8(2013): 2066-2080. [8] Y. Xi, X. Zhang, R. Ye, Color image encryption based on multiple chaotic systems, International Journal of Network Security & Its Applications, 8:5(2016): 39-50. [9] C. Q. Li, S. J. Li, G. R. Chen, G. Chen, L. Hu, Cryptanalysis of a new signal security system for multimedia data transmission. EURASIP J. Appl. Signal Process., 8(2005): 1277-1288. [10] S. J. Li, C. Q. Li, G. R. Chen, N. G. Bourbakis, K. T. Lo, A general quantitative cryptanalysis of permutation-only multimedia ciphers against plain-image attacks. Signal Process. Image Commun., 23(2009): 212-223. [11] D. Xiao, X. Liao, P. Wei, Analysis and improvement of a chaos-based image encryption algorithm, Chaos, Solitons and Fractals, 40(2009): 2191-2199. [12] E. Solak, C. Cokal, O. T. Yildiz, and T. Biyikoglu, Cryptanalysis of fridrich’s chaotic image encryption, International Journal of Bifurcation and Chaos, 20:5 (2010): 1405-1413. [13] J. M. Liu, Q. Qu, Cryptanalysis of a substitution-diffusion based on cipher usingchaotic standard and logistic map, in: Third International Symposium on Information Processing, 2010, pp.67-69.
  • 40. [14] R. Rhouma, E. Solak, S. Belghith, Cryptanalysis of a new substitution-diffusion based image cipher, Commun. Nonlinear Sci. Numer. Simulat., 15 (2010): 1887-1892. [15] X. Wang, G. He, Cryptanalysis on a novel image encryption method based on total shuffling scheme, Optics Commun., 284 (2011): 5804-5807. [16] R. Ye, A novel chaos-based image encryption scheme with an efficient permutation- diffusion mechanism, Optics Commun., 284(2011): 5290-5298. [17] Vinod Patidar, N. K. Pareek. G. Purohit, K. K. Sud, A robust and secure chaotic standard map based pseudorandom permutation substitution scheme for image encryption. Optics Commun., 284(2011): 4331-4339. [18] Y. Zhou, L. Bao, C.L. Philip Chen, Image encryption using a new parametric switching chaotic system, Signal Processing, 93(2013): 3039-3052. [19] Y. Zhou, L. Bao, C.L. Philip Chen, A new 1D chaotic system for image encryption, Signal Processing, 97(2014): 172-182. [20] X. Wang, D. Luan, A novel image encryption algorithm using chaos and reversible cellular automata, Commun Nonlinear Sci. Numer. Simulat., 18(2013): 3075-3085. [21] Z.-L. Zhu, W. Zhang, K.-W. Wong, H. Yu, A chaos-based symmetric image encryption scheme using a bit-level permutation, Information Sciences, 181(2011): 1171-1186. [22] L. Teng, X. Wang, A bit-level image encryption algorithm based on spatiotemporal chaotic system and self-adaptive, Optics Communications, 285(2012): 4048-4054. [23] W. Zhang, K.-W. Wong, H. Yu, Z.-L. Zhu, An image encryption scheme using lightweight bit-level confusion and cascade cross circular diffusion. Optics Commun., 285 (2012): 2343- 2354. [24] W. Zhang, K.-W. Wong, H. Yu, Z.-L. Zhu, A symmetric color image encryption algorithm using the intrinsic features of bit distributions. Commum. Nonliear Sci. Numer. Simulat., 18 (2013): 584-600. [25] G. J. Zhang, Q. Liu, A novel image encryption method based on total shuffling scheme, Optics Commun., 284(2011): 2775-2780 [26] X. Wang, L. Liu, Y. Zhang, A novel chaotic block image encryption algorithm based on dynamic random growth technique, Optics and Lasers in Engineering, 66(2015): 10-18. [27] J. Chen, Z. Zhu, C. Fu, H. Yu, L. Zhang, An efficient image encryption scheme using gray code based permutation approach, Optics and Lasers in Engineering,67(2015): 191-204.
  • 41. [28] J. Chen, Z. Zhu, C. Fu, H. Yu, Y. Zhang, Reusing the permutation matrix by dynamically for efficient image cryptographic algorithm, Signal Processing, 111(2015): 294-307. [29] Y. Q. Zhang, X. Y. Wang, A new image encryption algorithm based on non-adjacent coupled map lattices , Applied Soft Computing, 26(2015): 10-20. [30] M. Hasler and Y. L. Maistrenko, An introduction to the synchronization of chaotic systems: coupled skew tent map, IEEE Transactions on Circuits and Systems, 44(1997): 856- 866. [31] R. Ye, W. Guo, A Chaos-based Image Encryption Scheme Using Multimodal Skew Tent Maps, Journal of Emerging Trends in Computing and Information Sciences, 4:10(2013): 800-810. [32] Y. Wang, K.W. Wong, X.F. Liao, G.R. Chen, A new chaos-based fast image encryption algorithm, Appl. Soft. Comput.,11(2011): 514-522. [33] M. Wu, An improved discrete Arnold transform and its application in image scrambling and encryption, Acta Phys. Sin., 63:9(2014): 090504. [34] G. Alvarez, S. Li, Some basic cryptographic requirements for chaos-based cryptosystem, International Journal of Bifurcation and Chaos, 16(2006): 2129-2151. [35] IEEE Computer Society, IEEE standard for binary floating-point arithmetic, ANSI/IEEE std. 1985:754-1985. [36] K. Wong, B. Kwok, W. Law, A fast image encryption scheme based on chaotic standard map, Physics Letters A, 372:15(2008), 2645-2652. [37] K. Wong, B. Kwok, C. Yuen, An efficient diffusion approach for chaos-based image encryption, Chaos, Solitons and Fractals, 41:5(2009): 2652-2663.
  • 42. SECURING IEEE 802.11G WLAN USING OPEN VPN AND ITS IMPACT ANALYSIS Praveen Likhar, Ravi Shankar Yadav and Keshava Rao M Centre for Artificial Intelligence and Robotics (CAIR), Defence Research and Development Organisation (DRDO), Bangalore-93, India ABSTRACT Like most advances, wireless LAN poses both opportunities and risks. The evolution of wireless networking in recent years has raised many serious security issues. These security issues are of great concern for this technology as it is being subjected to numerous attacks. Because of the free-space radio transmission in wireless networks, eavesdropping becomes easy and consequently a security breach may result in unauthorized access, information theft, interference and service degradation. Virtual Private Networks (VPNs) have emerged as an important solution to security threats surrounding the use of public networks for private communications. While VPNs for wired line networks have matured in both research and commercial environments, the design and deployment of VPNs for WLAN is still an evolving field. This paper presents an approach to secure IEEE 802.11g WLAN using OpenVPN, a transport layer VPN solution and its impact on performance of IEEE 802.11g WLAN. KEYWORDS WLAN, IEEE 802.11g, VPN, Performance evaluation, Security. For More Details : http://airccse.org/journal/nsa/1111nsa07.pdf Volume Link : http://airccse.org/journal/jnsa11_current.html
  • 43. REFERENCES [1] T. Karygiannis & L. Owens, (2002) “Wireless Network Security 802.11, Bluetooth and Handheld Devices”, National Institute of technology, Special Publication, pp 800–848. [2] Y. Zahur & T. A. Yang, (2004) “Wireless LAN Security and Laboratory Designs”, Journal of Computing Sciences in Colleges, vol. 19, pp 44– 60. [3] N. Borisov, I. Goldberg & D. Wagner, (2001) “Intercepting Mobile Communications: The Insecurity of 802.11”, Proceedings of the Seventh Annual International Conference on Mobile Computing and Networking. [4] D. B. Faria & D. R. Cheriton, (2002) “DoS and Authentication in Wireless Public Access Networks”, Proceedings of ACM Workshop on Wireless Security, pp 47–56. [5] W. A. Arbaugh, N. Shankar, J. Wang & K. Zhang, (2002) “Your 802.11 network has no clothes”, IEEE Wireless Communications Magazine. [6] S.R. Fluhrer, I. Mantin & A. Shamir, (2001) “Weaknesses in the Key Scheduling Algorithm of RC4”, Selected Areas in Cryptography, pp 1–24. [7] Adam Stubblefield, John Ioannidis & Aviel D. Rubin, (2001) “Using the Fluhrer, Mantin, and Shamir Attack to Break WEP”, AT&T Labs Technical Report TD-4ZCPZZ. [8] Jumnit hong & Raid Lemachheche, (2003) “WEP protocol Weaknesses and Vulnerabilities”, ECE 578 Computer Networks and Security. [9] OpenVPN, http://openvpn.net/ [10] Praveen Likhar, Ravi Shankar Yadav & Keshava Rao M, (2011) “Performance Evaluation of Transport Layer VPN on IEEE 802.11g WLAN”, Communications in Computer and information science, Springer-Verlag, vol. 197, pp 407– 415. [11] IEEE Std 802.11™-2007 (Revision of IEEE Std 802.11-199) [12] OpenSSL-The Open Source toolkit for SSL/TLS, http://www.openssl.org [13] Aircrack, http://www.aircrack-ng.org/ [14] Airpwn, http://sourceforge.net/projects/airpwn [15] Airsnarf, http://airsnarf.shmoo.com/ [16] BSD-Airtools, http://www.dachb0den.com/projects/bsd-airtools.html
  • 44. [17] Dsniff, http://monkey.org/~dugsong/dsniff/ [18] Dstumbler, http://www.dachb0den.com/projects/dstumbler.html [19] Fake AP, http://www.blackalchemy.to/project/fakeap/ [20] KisMAC, http://binaervarianz.de/projekte/programmieren/kismac/ [21] Kismet, http://www.kismetwireless.net/ [22] MacIdChanger, http://www.codeproject.com/KB/applications/MacIdChanger.aspx [23] MacStumbler, http://www.macstumbler.com/ [24] Netstumbler, http://www.netstumbler.com/ [25] Wep0ff, http://www.ptsecurity.com/ [26] WEPCrack, http://sourceforge.net/projects/wepcrack [27] WEPWedgie, http://sourceforge.net/projects/wepwedgie/ [28] Wifitap, http://sid.rstack.org/static/articles/w/i/f/Wifitap_EN_9613.html [29] TUN-TAP, http://en.wikipedia.org/wiki/TUN/TAP [30] TUN-TAP FAQ, http://vtun.sourceforge.net/tun/faq.html [31] E. Stephan, (2005) “IP Performance Metrics (IIPM) Metrics Registry”, RFC 4148. [32] S. Bradner & J. McQuaid, (2005) “Benchmarking Methodology for Network Interconnect Devices”, RFC 2544. [33] G. Almes, S. Kalidindi, & M. Zekauskas (1999) “A One-way Delay Metric for IPPM”, RFC 2679. [34] G. Almes, S. Kalidindi, & M. Zekauskas (1999) “One Way Packet Loss Metric for IPPM”, RFC 2680. [35] C. Demichelis & P. Chimento, (2002) “IP Packet Delay Variation”, RFC 3393. [36] M. Feilner (2006) OpenVPN: Building and Integrating Virtual Private Networks, Packt Publishing.