Abstract: Mobile Ad Hoc Networks (MANETs) is a collection
of mobile devices forming a communication network without
infrastructure. MANET is vulnerable to security threats due to
network’s limited security, dynamic topology, scalability and the lack
of central management. The Quality of Service (QoS) routing in such
networks is limited by network breakage caused by node mobility or
nodes energy depletions. The impact of node mobility on trust
establishment is considered and its use to propagate trust through a
network is investigated in this paper. This work proposes an
enhanced Associativity Based Routing (ABR) with Fuzzy based
Trust (Fuzzy- ABR) routing protocol for MANET to improve QoS
and to mitigate network attacks.
Abstract: Mobile Ad hoc Network is a set of self-governing
nodes which communicate through wireless links. Dynamic topology
MANETs makes routing a challenging task. Various routing
protocols are there, but due to various fundamental characteristic
open medium, changing topology, distributed collaboration and
constrained capability, these protocols are tend to various types of
security attacks. Black hole is one among them. In this attack,
malicious node represents itself as having the shortest path to the
destination but that path not even exists. In this paper, we aim to
develop a routing protocol for detection and prevention of black hole
attack by modifying AODV routing protocol. This protocol is able to
detect and prevent the black hole attack. Simulation is done using
NS-2, which shows the improvement in network performance.
Abstract: Thousands of organisations store important and
confidential information related to them, their customers, and their
business partners in databases all across the world. The stored data
ranges from less sensitive (e.g. first name, last name, date of birth) to
more sensitive data (e.g. password, pin code, and credit card
information). Losing data, disclosing confidential information or
even changing the value of data are the severe damages that
Structured Query Language injection (SQLi) attack can cause on a
given database. It is a code injection technique where malicious SQL
statements are inserted into a given SQL database by simply using a
web browser. In this paper, we propose an effective pattern
recognition neural network model for detection and classification of
SQLi attacks. The proposed model is built from three main elements
of: a Uniform Resource Locator (URL) generator in order to generate
thousands of malicious and benign URLs, a URL classifier in order
to: 1) classify each generated URL to either a benign URL or a
malicious URL and 2) classify the malicious URLs into different
SQLi attack categories, and a NN model in order to: 1) detect either a
given URL is a malicious URL or a benign URL and 2) identify the
type of SQLi attack for each malicious URL. The model is first
trained and then evaluated by employing thousands of benign and
malicious URLs. The results of the experiments are presented in
order to demonstrate the effectiveness of the proposed approach.
Abstract: It is important to take security measures to protect
your computer information, reduce identify theft, and prevent from
malicious cyber-attacks. With cyber-attacks on the continuous rise,
people need to understand and learn ways to prevent from these
attacks. Cyber-attack is an important factor to be considered if one is
to be able to protect oneself from malicious attacks. Without proper
security measures, most computer technology would hinder home
users more than such technologies would help. Knowledge of how
cyber-attacks operate and protective steps that can be taken to reduce
chances of its occurrence are key to increasing these security
measures. The purpose of this paper is to inform home users on the
importance of identifying and taking preventive steps to avoid cyberattacks.
Throughout this paper, many aspects of cyber-attacks will be
discuss: what a cyber-attack is, the affects of cyber-attack for home
users, different types of cyber-attacks, methodology to prevent such
attacks; home users can take to fortify security of their computer.
Abstract: A Distributed Denial of Service (DDoS) attack is a
major threat to cyber security. It originates from the network layer or
the application layer of compromised/attacker systems which are
connected to the network. The impact of this attack ranges from the
simple inconvenience to use a particular service to causing major
failures at the targeted server. When there is heavy traffic flow to a
target server, it is necessary to classify the legitimate access and
attacks. In this paper, a novel method is proposed to detect DDoS
attacks from the traces of traffic flow. An access matrix is created
from the traces. As the access matrix is multi dimensional, Principle
Component Analysis (PCA) is used to reduce the attributes used for
detection. Two classifiers Naive Bayes and K-Nearest neighborhood
are used to classify the traffic as normal or abnormal. The
performance of the classifier with PCA selected attributes and actual
attributes of access matrix is compared by the detection rate and
False Positive Rate (FPR).
Abstract: The tomato is a very important crop, whose
cultivation in the Mediterranean basin is severely affected by the
phytoparasitic weed Phelipanche ramosa. The semiarid regions of
the world are considered the main areas where this parasitic weed is
established causing heavy infestation as it is able to produce high
numbers of seeds (up to 500,000 per plant), which remain viable for
extended period (more than 20 years). In this paper the results
obtained from eleven treatments in order to control this parasitic
weed including chemical, agronomic, biological and biotechnological
methods compared with the untreated test under two plowing depths
(30 and 50 cm) are reported. The split-plot design with 3 replicates
was adopted. In 2014 a trial was performed in Foggia province
(southern Italy) on processing tomato (cv Docet) grown in the field
infested by Phelipanche ramosa. Tomato seedlings were transplant
on May 5, on a clay-loam soil. During the growing cycle of the
tomato crop, at 56-78 and 92 days after transplantation, the number
of parasitic shoots emerged in each plot was detected. At tomato
harvesting, on August 18, the major quantity-quality yield parameters
were determined (marketable yield, mean weight, dry matter, pH,
soluble solids and color of fruits). All data were subjected to analysis
of variance (ANOVA) and the means were compared by Tukey's test.
Each treatment studied did not provide complete control against
Phelipanche ramosa. However, among the different methods tested,
some of them which Fusarium, gliphosate, radicon biostimulant and
Red Setter tomato cv (improved genotypes obtained by Tilling
technology) under deeper plowing (50 cm depth) proved to mitigate
the virulence of the Phelipanche ramose attacks. It is assumed that
these effects can be improved combining some of these treatments
each other, especially for a gradual and continuing reduction of the
“seed bank” of the parasite in the soil.
Abstract: Wireless sensor network is vulnerable to a wide range
of attacks. Recover secrecy after compromise, to develop technique
that can detect intrusions and able to resilient networks that isolates
the point(s) of intrusion while maintaining network connectivity for
other legitimate users. To define new security metrics to evaluate
collaborative intrusion resilience protocol, by leveraging the sensor
mobility that allows compromised sensors to recover secure state
after compromise. This is obtained with very low overhead and in a
fully distributed fashion using extensive simulations support our
findings.
Abstract: In this paper, we have proposed a parallel IDS and
honeypot based approach to detect and analyze the unknown and
known attack taxonomy for improving the IDS performance and
protecting the network from intruders. The main theme of our
approach is to record and analyze the intruder activities by using both
the low and high interaction honeypots. Our architecture aims to
achieve the required goals by combing signature based IDS,
honeypots and generate the new signatures. The paper describes the
basic component, design and implementation of this approach and
also demonstrates the effectiveness of this approach to reduce the
probability of network attacks.
Abstract: Multispectral screening systems are becoming more
popular because of their very interesting properties and applications.
One of the most significant applications of multispectral screening
systems is prevention of terrorist attacks. There are many kinds of
threats and many methods of detection. Visual detection of objects
hidden under clothing of a person is one of the most challenging
problems of threats detection. There are various solutions of the
problem; however, the most effective utilize multispectral
surveillance imagers. The development of imaging devices and
exploration of new spectral bands is a chance to introduce new
equipment for assuring public safety. We investigate the possibility
of long lasting detection of potentially dangerous objects covered
with various types of clothing. In the article we present the results of
comparative studies of passive imaging in three spectrums – visible,
infrared and terahertz.
Abstract: Recent growth in digital multimedia technologies has presented a lot of facilities in information transmission, reproduction and manipulation. Therefore, the concept of information security is one of the superior articles in the present day situation. The biometric information security is one of the information security mechanisms. It has the advantages as well as disadvantages. The biometric system is at risk to a range of attacks. These attacks are anticipated to bypass the security system or to suspend the normal functioning. Various hazards have been discovered while using biometric system. Proper use of steganography greatly reduces the risks in biometric systems from the hackers. Steganography is one of the fashionable information hiding technique. The goal of steganography is to hide information inside a cover medium like text, image, audio, video etc. through which it is not possible to detect the existence of the secret information. Here in this paper a new security concept has been established by making the system more secure with the help of steganography along with biometric security. Here the biometric information has been embedded to a skin tone portion of an image with the help of proposed steganographic technique.
Abstract: A Mobile Ad-hoc Network (MANET) is a self managing network consists of versatile nodes that are capable of communicating with each other without having any fixed infrastructure. These nodes may be routers and/or hosts. Due to this dynamic nature of the network, routing protocols are vulnerable to various kinds of attacks. The black hole attack is one of the conspicuous security threats in MANETs. As the route discovery process is obligatory and customary, attackers make use of this loophole to get success in their motives to destruct the network. In Black hole attack the packet is redirected to a node that actually does not exist in the network. Many researchers have proposed different techniques to detect and prevent this type of attack. In this paper, we have analyzed various routing protocols in this context. Further we have shown a critical comparison among various protocols. We have shown various routing metrics are required proper and significant analysis of the protocol.
Abstract: Privacy and Security have emerged as an important research issue in Mobile Ad Hoc Networks (MANET) due to its unique nature such as scarce of resources and absence of centralized authority. There are number of protocols have been proposed to provide privacy and security for data communication in an adverse environment, but those protocols are compromised in many ways by the attackers. The concept of anonymity (in terms of unlinkability and unobservability) and pseudonymity has been introduced in this paper to ensure privacy and security. In this paper, a Secure Onion Throat (SOT) protocol is proposed to provide complete anonymity in an adverse environment. The SOT protocol is designed based on the combination of group signature and onion routing with ID-based encryption for route discovery. The security analysis demonstrates the performance of SOT protocol against all categories of attacks. The simulation results ensure the necessity and importance of the proposed SOT protocol in achieving such anonymity.
Abstract: A duplicated image region may be subjected to a number of attacks such as noise addition, compression, reflection, rotation, and scaling with the intention of either merely mating it to its targeted neighborhood or preventing its detection. In this paper, we present an effective and robust method of detecting duplicated regions inclusive of those affected by the various attacks. In order to reduce the dimension of the image, the proposed algorithm firstly performs discrete wavelet transform, DWT, of a suspicious image. However, unlike most existing copy move image forgery (CMIF) detection algorithms operating in the DWT domain which extract only the low frequency subband of the DWT of the suspicious image thereby leaving valuable information in the other three subbands, the proposed algorithm simultaneously extracts features from all the four subbands. The extracted features are not only more accurate representation of image regions but also robust to additive noise, JPEG compression, and affine transformation. Furthermore, principal component analysis-eigenvalue decomposition, PCA-EVD, is applied to reduce the dimension of the features. The extracted features are then sorted using the more computationally efficient Radix Sort algorithm. Finally, same affine transformation selection, SATS, a duplication verification method, is applied to detect duplicated regions. The proposed algorithm is not only fast but also more robust to attacks compared to the related CMIF detection algorithms. The experimental results show high detection rates.
Abstract: Considering the complexities involved in Cloud computing, there are still plenty of issues that affect the privacy of data in cloud environment. Unless these problems get solved, we think that the problem of preserving privacy in cloud databases is still open. In tokenization and homomorphic cryptography based solutions for privacy preserving cloud database querying, there is possibility that by colluding with service provider adversary may run brute force attacks that will reveal the attribute values.
In this paper we propose a solution by defining the variant of K –means clustering algorithm that effectively detects such brute force attacks and enhances privacy of cloud database querying by preventing this attacks.
Abstract: Cyber terrors against specific enterprises or countries have been increasing recently. Such attacks against specific targets are called advanced persistent threat (APT), and they are giving rise to serious social problems. The malicious behaviors of APT attacks mostly affect websites and penetrate enterprise networks to perform malevolent acts. Although many enterprises invest heavily in security to defend against such APT threats, they recognize the APT attacks only after the latter are already in action. This paper discusses the characteristics of APT attacks at each step as well as the strengths and weaknesses of existing malicious code detection technologies to check their suitability for detecting APT attacks. It then proposes a network-based malicious behavior detection algorithm to protect the enterprise or national networks.
Abstract: A novel behavioral detection framework is proposed
to detect zero day buffer overflow vulnerabilities (based on network
behavioral signatures) using zero-day exploits, instead of the
signature-based or anomaly-based detection solutions currently
available for IDPS techniques. At first we present the detection
model that uses shadow honeypot. Our system is used for the online
processing of network attacks and generating a behavior detection
profile. The detection profile represents the dataset of 112 types of
metrics describing the exact behavior of malware in the network. In
this paper we present the examples of generating behavioral
signatures for two attacks – a buffer overflow exploit on FTP server
and well known Conficker worm. We demonstrated the visualization
of important aspects by showing the differences between valid
behavior and the attacks. Based on these metrics we can detect
attacks with a very high probability of success, the process of
detection is however very expensive.
Abstract: This paper investigates the encryption efficiency of RC6 block cipher application to digital images, providing a new mathematical measure for encryption efficiency, which we will call the encryption quality instead of visual inspection, The encryption quality of RC6 block cipher is investigated among its several design parameters such as word size, number of rounds, and secret key length and the optimal choices for the best values of such design parameters are given. Also, the security analysis of RC6 block cipher for digital images is investigated from strict cryptographic viewpoint. The security estimations of RC6 block cipher for digital images against brute-force, statistical, and differential attacks are explored. Experiments are made to test the security of RC6 block cipher for digital images against all aforementioned types of attacks. Experiments and results verify and prove that RC6 block cipher is highly secure for real-time image encryption from cryptographic viewpoint. Thorough experimental tests are carried out with detailed analysis, demonstrating the high security of RC6 block cipher algorithm. So, RC6 block cipher can be considered to be a real-time secure symmetric encryption for digital images.
Abstract: Vehicular Ad-hoc Network (VANET) is taking more
attention in automotive industry due to the safety concern of human
lives on roads. Security is one of the safety aspects in VANET. To be
secure, network availability must be obtained at all times since
availability of the network is critically needed when a node sends any
life critical information to other nodes. However, it can be expected
that security attacks are likely to increase in the coming future due to
more and more wireless applications being developed and deployed
onto the well-known expose nature of the wireless medium. In this
respect, the network availability is exposed to many types of attacks.
In this paper, Denial of Service (DOS) attack on network availability
is presented and its severity level in VANET environment is
elaborated. A model to secure the VANET from the DOS attacks has
been developed and some possible solutions to overcome the attacks
have been discussed.
Abstract: This paper discusses a new heavy tailed distribution based data hiding into discrete cosine transform (DCT) coefficients of image, which provides statistical security as well as robustness against steganalysis attacks. Unlike other data hiding algorithms, the proposed technique does not introduce much effect in the stegoimage-s DCT coefficient probability plots, thus making the presence of hidden data statistically undetectable. In addition the proposed method does not compromise on hiding capacity. When compared to the generic block DCT based data-hiding scheme, our method found more robust against a variety of image manipulating attacks such as filtering, blurring, JPEG compression etc.
Abstract: Because of the great advance in multimedia
technology, digital multimedia is vulnerable to malicious
manipulations. In this paper, a public key self-recovery block-based
video authentication technique is proposed which can not only
precisely localize the alteration detection but also recover the missing
data with high reliability. In the proposed block-based technique,
multiple description coding MDC is used to generate two codes (two
descriptions) for each block. Although one block code (one
description) is enough to rebuild the altered block, the altered block
is rebuilt with better quality by the two block descriptions. So using
MDC increases the ratability of recovering data. A block signature is
computed using a cryptographic hash function and a doubly linked
chain is utilized to embed the block signature copies and the block
descriptions into the LSBs of distant blocks and the block itself. The
doubly linked chain scheme gives the proposed technique the
capability to thwart vector quantization attacks. In our proposed
technique , anyone can check the authenticity of a given video using
the public key. The experimental results show that the proposed
technique is reliable for detecting, localizing and recovering the
alterations.