Abstract: Security risk models have been successful in estimating the likelihood of attack for simple security threats. However, modeling complex system and their security risk is even a challenge. Many methods have been proposed to face this problem. Often difficult to manipulate, and not enough all-embracing they are not as famous as they should with administrators and deciders. We propose in this paper a new tool to model big systems on purpose. The software, takes into account attack threats and security strength.
Abstract: There are various overlay structures that provide
efficient and scalable solutions for point and range query in a peer-topeer
network. Overlay structure based on m-Binary Search Tree
(BST) is one such popular technique. It deals with the division of the
tree into different key intervals and then assigning the key intervals to
a BST. The popularity of the BST makes this overlay structure
vulnerable to different kinds of attacks. Here we present four such
possible attacks namely index poisoning attack, eclipse attack,
pollution attack and syn flooding attack. The functionality of BST is
affected by these attacks. We also provide different security
techniques that can be applied against these attacks.
Abstract: The security of their network remains the priorities of almost all companies. Existing security systems have shown their limit; thus a new type of security systems was born: honeypots. Honeypots are defined as programs or intended servers which have to attract pirates to study theirs behaviours. It is in this context that the leurre.com project of gathering about twenty platforms was born. This article aims to specify a model of honeypots attack. Our model describes, on a given platform, the evolution of attacks according to theirs hours. Afterward, we show the most attacked services by the studies of attacks on the various ports. It is advisable to note that this article was elaborated within the framework of the research projects on honeyspots within the LABTIC (Laboratory of Information Technologies and Communication).
Abstract: In order to guarantee secure communication for wireless sensor networks (WSNs), many user authentication schemes have successfully drawn researchers- attention and been studied widely. In 2012, He et al. proposed a robust biometric-based user authentication scheme for WSNs. However, this paper demonstrates that He et al.-s scheme has some drawbacks: poor reparability problem, user impersonation attack, and sensor node impersonate attack.
Abstract: Tracing and locating the geographical location of users (Geolocation) is used extensively in todays Internet. Whenever we, e.g., request a page from google we are - unless there was a specific configuration made - automatically forwarded to the page with the relevant language and amongst others, dependent on our location identified, specific commercials are presented. Especially within the area of Network Security, Geolocation has a significant impact. Because of the way the Internet works, attacks can be executed from almost everywhere. Therefore, for an attribution, knowledge of the origination of an attack - and thus Geolocation - is mandatory in order to be able to trace back an attacker. In addition, Geolocation can also be used very successfully to increase the security of a network during operation (i.e. before an intrusion actually has taken place). Similar to greylisting in emails, Geolocation allows to (i) correlate attacks detected with new connections and (ii) as a consequence to classify traffic a priori as more suspicious (thus particularly allowing to inspect this traffic in more detail). Although numerous techniques for Geolocation are existing, each strategy is subject to certain restrictions. Following the ideas of Endo et al., this publication tries to overcome these shortcomings with a combined solution of different methods to allow improved and optimized Geolocation. Thus, we present our architecture for improved Geolocation, by designing a new algorithm, which combines several Geolocation techniques to increase the accuracy.
Abstract: Network security attacks are the violation of
information security policy that received much attention to the
computational intelligence society in the last decades. Data mining
has become a very useful technique for detecting network intrusions
by extracting useful knowledge from large number of network data
or logs. Naïve Bayesian classifier is one of the most popular data
mining algorithm for classification, which provides an optimal way
to predict the class of an unknown example. It has been tested that
one set of probability derived from data is not good enough to have
good classification rate. In this paper, we proposed a new learning
algorithm for mining network logs to detect network intrusions
through naïve Bayesian classifier, which first clusters the network
logs into several groups based on similarity of logs, and then
calculates the prior and conditional probabilities for each group of
logs. For classifying a new log, the algorithm checks in which cluster
the log belongs and then use that cluster-s probability set to classify
the new log. We tested the performance of our proposed algorithm by
employing KDD99 benchmark network intrusion detection dataset,
and the experimental results proved that it improves detection rates
as well as reduces false positives for different types of network
intrusions.
Abstract: An adaptive Fuzzy Inference Perceptual model has
been proposed for watermarking of digital images. The model
depends on the human visual characteristics of image sub-regions in
the frequency multi-resolution wavelet domain. In the proposed
model, a multi-variable fuzzy based architecture has been designed to
produce a perceptual membership degree for both candidate
embedding sub-regions and strength watermark embedding factor.
Different sizes of benchmark images with different sizes of
watermarks have been applied on the model. Several experimental
attacks have been applied such as JPEG compression, noises and
rotation, to ensure the robustness of the scheme. In addition, the
model has been compared with different watermarking schemes. The
proposed model showed its robustness to attacks and at the same time
achieved a high level of imperceptibility.
Abstract: terrorism and extremism are among the most
dangerous and difficult to forecast the phenomena of our time, which
are becoming more diverse forms and rampant. Terrorist attacks often
produce mass casualties, involve the destruction of material and
spiritual values, beyond the recovery times, sow hatred among
nations, provoke war, mistrust and hatred between the social and
national groups, which sometimes can not be overcome within a
generation. Currently, the countries of Central Asia are a topical issue
– the threat of terrorism and religious extremism, which grow not
only in our area, but throughout the world. Of course, in each of the
terrorist threat is assessed differently. In our country the problem of
terrorism should not be acutely. Thus, after independence and
sovereignty of Kazakhstan has chosen the path of democracy,
progress and free economy. With the policy of the President of
Kazakhstan Nursultan Nazarbayev and well-organized political and
economic reforms, there has been economic growth and rising living
standards, socio-political stability, ensured civil peace and accord in
society [1].
Abstract: In this paper, we present an innovative scheme of
blindly extracting message bits from an image distorted by an attack.
Support Vector Machine (SVM) is used to nonlinearly classify the
bits of the embedded message. Traditionally, a hard decoder is used
with the assumption that the underlying modeling of the Discrete
Cosine Transform (DCT) coefficients does not appreciably change.
In case of an attack, the distribution of the image coefficients is
heavily altered. The distribution of the sufficient statistics at the
receiving end corresponding to the antipodal signals overlap and a
simple hard decoder fails to classify them properly. We are
considering message retrieval of antipodal signal as a binary
classification problem. Machine learning techniques like SVM is
used to retrieve the message, when certain specific class of attacks is
most probable. In order to validate SVM based decoding scheme, we
have taken Gaussian noise as a test case. We generate a data set using
125 images and 25 different keys. Polynomial kernel of SVM has
achieved 100 percent accuracy on test data.
Abstract: In this era of technology, fueled by the pervasive usage of the internet, security is a prime concern. The number of new attacks by the so-called “bots", which are automated programs, is increasing at an alarming rate. They are most likely to attack online registration systems. Technology, called “CAPTCHA" (Completely Automated Public Turing test to tell Computers and Humans Apart) do exist, which can differentiate between automated programs and humans and prevent replay attacks. Traditionally CAPTCHA-s have been implemented with the challenge involved in recognizing textual images and reproducing the same. We propose an approach where the visual challenge has to be read out from which randomly selected keywords are used to verify the correctness of spoken text and in turn detect the presence of human. This is supplemented with a speaker recognition system which can identify the speaker also. Thus, this framework fulfills both the objectives – it can determine whether the user is a human or not and if it is a human, it can verify its identity.
Abstract: Now a days, a significant part of commercial and governmental organisations like museums, cultural organizations, libraries, commercial enterprises, etc. invest intensively in new technologies for image digitization, digital libraries, image archiving and retrieval. Hence image authorization, authentication and security has become prime need. In this paper, we present a semi-fragile watermarking scheme for color images. The method converts the host image into YIQ color space followed by application of orthogonal dual domains of DCT and DWT transforms. The DCT helps to separate relevant from irrelevant image content to generate silent image features. DWT has excellent spatial localisation to help aid in spatial tamper characterisation. Thus image adaptive watermark is generated based of image features which allows the sharp detection of microscopic changes to locate modifications in the image. Further, the scheme utilises the multipurpose watermark consisting of soft authenticator watermark and chrominance watermark. Which has been proved fragile to some predefined processing like intentinal fabrication of the image or forgery and robust to other incidental attacks caused in the communication channel.
Abstract: A parametric study of a mixed-compression
supersonic inlet is performed and reported. The effects of inlet Mach
Numbers, varying from 4 to 10, and angle of attack, varying from 0
to 10, are reported for a constant inlet dynamic pressure. The paper
looked at the variations of mass flow rates through the inlet, gain in
entropy through the inlet, and the angles of the external oblique
shocks. The mass flow rates were found to decrease monotonically
with Mach numbers and increase with angle of attacks. On the other
hand the entropy gain through the inlet increased with increasing
Mach number and angle of attack. The variation in static pressure
was found to be identical from the inlet throat to the exit for Mach
number values higher than 6.
Abstract: The performance of Advection Upstream Splitting
Method AUSM schemes are evaluated against experimental flow
fields at different Mach numbers and results are compared with
experimental data of subsonic, supersonic and hypersonic flow fields.
The turbulent model used here is SST model by Menter. The
numerical predictions include lift coefficient, drag coefficient and
pitching moment coefficient at different mach numbers and angle of
attacks. This work describes a computational study undertaken to
compute the Aerodynamic characteristics of different air vehicles
configurations using a structured Navier-Stokes computational
technique. The CFD code bases on the idea of upwind scheme for the
convective (convective-moving) fluxes. CFD results for GLC305
airfoil and cone cylinder tail fined missile calculated on above
mentioned turbulence model are compared with the available data.
Wide ranges of Mach number from subsonic to hypersonic speeds are
simulated and results are compared. When the computation is done
by using viscous turbulence model the above mentioned coefficients
have a very good agreement with the experimental values. AUSM
scheme is very efficient in the regions of very high pressure gradients
like shock waves and discontinuities. The AUSM versions simulate
the all types of flows from lower subsonic to hypersonic flow without
oscillations.
Abstract: Multimedia security is an incredibly significant area of concern. The paper aims to discuss a robust image watermarking scheme, which can withstand geometric attacks. The source image is initially moment normalized in order to make it withstand geometric attacks. The moment normalized image is wavelet transformed. The first level wavelet transformed image is segmented into blocks if size 8x8. The product of mean and standard and standard deviation of each block is computed. The second level wavelet transformed image is divided into 8x8 blocks. The product of block mean and the standard deviation are computed. The difference between products in the two levels forms the watermark. The watermark is inserted by modulating the coefficients of the mid frequencies. The modulated image is inverse wavelet transformed and inverse moment normalized to generate the watermarked image. The watermarked image is now ready for transmission. The proposed scheme can be used to validate identification cards and financial instruments. The performance of this scheme has been evaluated using a set of parameters. Experimental results show the effectiveness of this scheme.
Abstract: Security management has changed from the
management of security equipments and useful interface to manager.
It analyzes the whole security conditions of network and preserves the
network services from attacks. Secure router technology has security
functions, such as intrusion detection, IPsec(IP Security) and access
control, are applied to legacy router for secure networking. It controls
an unauthorized router access and detects an illegal network intrusion.
This paper relates to a security engine management of router based on
a security policy, which is the definition of security function against a
network intrusion. This paper explains the security policy and designs
the structure of security engine management framework.
Abstract: Malaria is a serious, acute and chronic relapsing
infection to humans. It is characterized by periodic attacks of chills,
fever, nausea, vomiting, back pain, increased sweating anemia,
splenomegaly (enlargement of the spleen) and often-fatal
complications.The malaria disease is caused by the multiplication of
protozoa parasite of the genus Plasmodium. Malaria in humans is due
to 4 types of malaria parasites such that Plasmodium falciparum,
Plasmodium vivax, Plasmodium malariae and Plasmodium ovale.
P.vivax malaria differs from P. falciparum malaria in that a person
suffering from P. vivax malaria can experience relapses of the
disease. Between the relapses, the malaria parasite will remain
dormant in the liver of the patient, leading to the patient being
classified as being in the dormant class. A mathematical model for
the transmission of P. vivax is developed in which the human
population is divided into four classes, the susceptible, the infected,
the dormant and the recovered. In this paper, we formulate the
dynamical model of P. vivax malaria to see the distribution of this
disease at the district level.
Abstract: The increasing development of wireless networks and
the widespread popularity of handheld devices such as Personal
Digital Assistants (PDAs), mobile phones and wireless tablets
represents an incredible opportunity to enable mobile devices as a
universal payment method, involving daily financial transactions.
Unfortunately, some issues hampering the widespread acceptance of
mobile payment such as accountability properties, privacy protection,
limitation of wireless network and mobile device. Recently, many
public-key cryptography based mobile payment protocol have been
proposed. However, limited capabilities of mobile devices and
wireless networks make these protocols are unsuitable for mobile
network. Moreover, these protocols were designed to preserve
traditional flow of payment data, which is vulnerable to attack and
increase the user-s risk. In this paper, we propose a private mobile
payment protocol which based on client centric model and by
employing symmetric key operations. The proposed mobile payment
protocol not only minimizes the computational operations and
communication passes between the engaging parties, but also
achieves a completely privacy protection for the payer. The future
work will concentrate on improving the verification solution to
support mobile user authentication and authorization for mobile
payment transactions.
Abstract: The Address Resolution Protocol (ARP) is used by
computers to map logical addresses (IP) to physical addresses
(MAC). However ARP is an all trusting protocol and is stateless
which makes it vulnerable to many ARP cache poisoning attacks
such as Man-in-the-Middle (MITM) and Denial of service (DoS)
attacks. These flaws result in security breaches thus weakening the
appeal of the computer for exchange of sensitive data. In this paper
we describe ARP, outline several possible ARP cache poisoning
attacks and give the detailed of some attack scenarios in network
having both wired and wireless hosts. We have analyzed each of
proposed solutions, identify their strengths and limitations. Finally
get that no solution offers a feasible solution. Hence, this paper
presents an efficient and secure version of ARP that is able to cope
up with all these types of attacks and is also a feasible solution. It is a
stateful protocol, by storing the information of the Request frame in
the ARP cache, to reduce the chances of various types of attacks in
ARP. It is more efficient and secure by broadcasting ARP Reply
frame in the network and storing related entries in the ARP cache
each time when communication take place.
Abstract: This paper proposes an easy-to-use instruction hiding
method to protect software from malicious reverse engineering
attacks. Given a source program (original) to be protected, the
proposed method (1) takes its modified version (fake) as an input,
(2) differences in assembly code instructions between original and
fake are analyzed, and, (3) self-modification routines are introduced
so that fake instructions become correct (i.e., original instructions)
before they are executed and that they go back to fake ones after
they are executed. The proposed method can add a certain amount
of security to a program since the fake instructions in the resultant
program confuse attackers and it requires significant effort to discover
and remove all the fake instructions and self-modification routines.
Also, this method is easy to use (with little effort) because all a user
(who uses the proposed method) has to do is to prepare a fake source
code by modifying the original source code.
Abstract: This paper presents a novel method that allows an
agent host to delegate its signing power to an anonymous mobile
agent in such away that the mobile agent does not reveal any information about its host-s identity and, at the same time, can be authenticated by the service host, hence, ensuring fairness of service
provision. The solution introduces a verification server to verify the
signature generated by the mobile agent in such a way that even if colluding with the service host, both parties will not get more information than what they already have. The solution incorporates
three methods: Agent Signature Key Generation method, Agent
Signature Generation method, Agent Signature Verification method.
The most notable feature of the solution is that, in addition to allowing secure and anonymous signature delegation, it enables
tracking of malicious mobile agents when a service host is attacked. The security properties of the proposed solution are analyzed, and the solution is compared with the most related work.