Abstract: This paper presents a distributed intrusion
detection system IDS, based on the concept of specialized
distributed agents community representing agents with the
same purpose for detecting distributed attacks. The semantic of
intrusion events occurring in a predetermined network has been
defined. The correlation rules referring the process which our
proposed IDS combines the captured events that is distributed
both spatially and temporally. And then the proposed IDS tries
to extract significant and broad patterns for set of well-known
attacks. The primary goal of our work is to provide intrusion
detection and real-time prevention capability against insider
attacks in distributed and fully automated environments.
Abstract: Quantum cryptography offers a way of key agreement,
which is unbreakable by any external adversary. Authentication is
of crucial importance, as perfect secrecy is worthless if the identity
of the addressee cannot be ensured before sending important information.
Message authentication has been studied thoroughly, but no
approach seems to be able to explicitly counter meet-in-the-middle
impersonation attacks. The goal of this paper is the development of
an authentication scheme being resistant against active adversaries
controlling the communication channel. The scheme is built on top
of a key-establishment protocol and is unconditionally secure if built
upon quantum cryptographic key exchange. In general, the security
is the same as for the key-agreement protocol lying underneath.
Abstract: Recently, Jia et al. proposed a remote user authentication scheme using bilinear pairings and an Elliptic Curve Cryptosystem (ECC). However, the scheme is vulnerable to privileged insider attack at their proposed registration phase and to forgery attack at their proposed authentication phase. In addition, the scheme can be vulnerable to server spoofing attack because it does not provide mutual authentication between the user and the remote server. Therefore, this paper points out that the Jia et al. scheme is vulnerable to the above three attacks.
Abstract: In 2011, Debiao et al. pointed out that S-3PAKE protocol proposed by Lu and Cao for password-authenticated key exchange in the three-party setting is vulnerable to an off-line dictionary attack. Then, they proposed some countermeasures to eliminate the security vulnerability of the S-3PAKE. Nevertheless, this paper points out their enhanced S-3PAKE protocol is still vulnerable to undetectable on-line dictionary attacks unlike their claim.
Abstract: There are various overlay structures that provide
efficient and scalable solutions for point and range query in a peer-topeer
network. Overlay structure based on m-Binary Search Tree
(BST) is one such popular technique. It deals with the division of the
tree into different key intervals and then assigning the key intervals to
a BST. The popularity of the BST makes this overlay structure
vulnerable to different kinds of attacks. Here we present four such
possible attacks namely index poisoning attack, eclipse attack,
pollution attack and syn flooding attack. The functionality of BST is
affected by these attacks. We also provide different security
techniques that can be applied against these attacks.
Abstract: In this era of technology, fueled by the pervasive usage of the internet, security is a prime concern. The number of new attacks by the so-called “bots", which are automated programs, is increasing at an alarming rate. They are most likely to attack online registration systems. Technology, called “CAPTCHA" (Completely Automated Public Turing test to tell Computers and Humans Apart) do exist, which can differentiate between automated programs and humans and prevent replay attacks. Traditionally CAPTCHA-s have been implemented with the challenge involved in recognizing textual images and reproducing the same. We propose an approach where the visual challenge has to be read out from which randomly selected keywords are used to verify the correctness of spoken text and in turn detect the presence of human. This is supplemented with a speaker recognition system which can identify the speaker also. Thus, this framework fulfills both the objectives – it can determine whether the user is a human or not and if it is a human, it can verify its identity.
Abstract: A parametric study of a mixed-compression
supersonic inlet is performed and reported. The effects of inlet Mach
Numbers, varying from 4 to 10, and angle of attack, varying from 0
to 10, are reported for a constant inlet dynamic pressure. The paper
looked at the variations of mass flow rates through the inlet, gain in
entropy through the inlet, and the angles of the external oblique
shocks. The mass flow rates were found to decrease monotonically
with Mach numbers and increase with angle of attacks. On the other
hand the entropy gain through the inlet increased with increasing
Mach number and angle of attack. The variation in static pressure
was found to be identical from the inlet throat to the exit for Mach
number values higher than 6.
Abstract: The performance of Advection Upstream Splitting
Method AUSM schemes are evaluated against experimental flow
fields at different Mach numbers and results are compared with
experimental data of subsonic, supersonic and hypersonic flow fields.
The turbulent model used here is SST model by Menter. The
numerical predictions include lift coefficient, drag coefficient and
pitching moment coefficient at different mach numbers and angle of
attacks. This work describes a computational study undertaken to
compute the Aerodynamic characteristics of different air vehicles
configurations using a structured Navier-Stokes computational
technique. The CFD code bases on the idea of upwind scheme for the
convective (convective-moving) fluxes. CFD results for GLC305
airfoil and cone cylinder tail fined missile calculated on above
mentioned turbulence model are compared with the available data.
Wide ranges of Mach number from subsonic to hypersonic speeds are
simulated and results are compared. When the computation is done
by using viscous turbulence model the above mentioned coefficients
have a very good agreement with the experimental values. AUSM
scheme is very efficient in the regions of very high pressure gradients
like shock waves and discontinuities. The AUSM versions simulate
the all types of flows from lower subsonic to hypersonic flow without
oscillations.
Abstract: Multimedia security is an incredibly significant area of concern. The paper aims to discuss a robust image watermarking scheme, which can withstand geometric attacks. The source image is initially moment normalized in order to make it withstand geometric attacks. The moment normalized image is wavelet transformed. The first level wavelet transformed image is segmented into blocks if size 8x8. The product of mean and standard and standard deviation of each block is computed. The second level wavelet transformed image is divided into 8x8 blocks. The product of block mean and the standard deviation are computed. The difference between products in the two levels forms the watermark. The watermark is inserted by modulating the coefficients of the mid frequencies. The modulated image is inverse wavelet transformed and inverse moment normalized to generate the watermarked image. The watermarked image is now ready for transmission. The proposed scheme can be used to validate identification cards and financial instruments. The performance of this scheme has been evaluated using a set of parameters. Experimental results show the effectiveness of this scheme.
Abstract: Security management has changed from the
management of security equipments and useful interface to manager.
It analyzes the whole security conditions of network and preserves the
network services from attacks. Secure router technology has security
functions, such as intrusion detection, IPsec(IP Security) and access
control, are applied to legacy router for secure networking. It controls
an unauthorized router access and detects an illegal network intrusion.
This paper relates to a security engine management of router based on
a security policy, which is the definition of security function against a
network intrusion. This paper explains the security policy and designs
the structure of security engine management framework.
Abstract: The Address Resolution Protocol (ARP) is used by
computers to map logical addresses (IP) to physical addresses
(MAC). However ARP is an all trusting protocol and is stateless
which makes it vulnerable to many ARP cache poisoning attacks
such as Man-in-the-Middle (MITM) and Denial of service (DoS)
attacks. These flaws result in security breaches thus weakening the
appeal of the computer for exchange of sensitive data. In this paper
we describe ARP, outline several possible ARP cache poisoning
attacks and give the detailed of some attack scenarios in network
having both wired and wireless hosts. We have analyzed each of
proposed solutions, identify their strengths and limitations. Finally
get that no solution offers a feasible solution. Hence, this paper
presents an efficient and secure version of ARP that is able to cope
up with all these types of attacks and is also a feasible solution. It is a
stateful protocol, by storing the information of the Request frame in
the ARP cache, to reduce the chances of various types of attacks in
ARP. It is more efficient and secure by broadcasting ARP Reply
frame in the network and storing related entries in the ARP cache
each time when communication take place.
Abstract: This paper proposes an easy-to-use instruction hiding
method to protect software from malicious reverse engineering
attacks. Given a source program (original) to be protected, the
proposed method (1) takes its modified version (fake) as an input,
(2) differences in assembly code instructions between original and
fake are analyzed, and, (3) self-modification routines are introduced
so that fake instructions become correct (i.e., original instructions)
before they are executed and that they go back to fake ones after
they are executed. The proposed method can add a certain amount
of security to a program since the fake instructions in the resultant
program confuse attackers and it requires significant effort to discover
and remove all the fake instructions and self-modification routines.
Also, this method is easy to use (with little effort) because all a user
(who uses the proposed method) has to do is to prepare a fake source
code by modifying the original source code.
Abstract: In this paper is to evaluate audio and speech quality
with the help of Digital Audio Watermarking Technique under the
different types of attacks (signal impairments) like Gaussian Noise,
Compression Error and Jittering Effect. Further attacks are
considered as Hostile Environment. Audio and Speech Quality
Evaluation is an important research topic. The traditional way for
speech quality evaluation is using subjective tests. They are reliable,
but very expensive, time consuming, and cannot be used in certain
applications such as online monitoring. Objective models, based on
human perception, were developed to predict the results of subjective
tests. The existing objective methods require either the original
speech or complicated computation model, which makes some
applications of quality evaluation impossible.
Abstract: Along with increasing development of generation of supersonic planes especially fighters and request for increasing the performance and maneuverability scientists and engineers suggested the delta and double delta wing design. One of the areas which was necessary to be researched, was the Aerodynamic review of this type of wings in high angles of attack at low speeds that was very important in landing and takeoff the planes and maneuvers. Leading Edges of the wings,cause the separation flow from wing surface and then formation of powerful vortex with high rotational speed which studing the mechanism and location of formation and also the position of the vortex breakdown in high angles of attack is very important. In this research, a double delta wing with 76o/45o sweep angles at high angle of attack in steady state and incompressible flow were numerically analyzed with Fluent software. With analaysis of the numerical results, we arrived the most important characteristic of the double delta wings which is keeping of lift at high angles of attacks.
Abstract: Recently, Denial of Service(DoS) attacks and Distributed DoS(DDoS) attacks which are stronger form of DoS attacks from plural hosts have become security threats on the Internet. It is important to identify the attack source and to block attack traffic as one of the measures against these attacks. In general, it is difficult to identify them because information about the attack source is falsified. Therefore a method of identifying the attack source by tracing the route of the attack traffic is necessary. A traceback method which uses traffic patterns, using changes in the number of packets over time as criteria for the attack traceback has been proposed. The traceback method using the traffic patterns can trace the attack by matching the shapes of input traffic patterns and the shape of output traffic pattern observed at a network branch point such as a router. The traffic pattern is a shapes of traffic and unfalsifiable information. The proposed trace methods proposed till date cannot obtain enough tracing accuracy, because they directly use traffic patterns which are influenced by non-attack traffics. In this paper, a new traffic pattern matching method using Independent Component Analysis(ICA) is proposed.
Abstract: Recently, malware attacks have become more serious
over the Internet by e-mail, denial of service (DoS) or distributed
denial of service (DDoS). The Botnets have become a significant part
of the Internet malware attacks. The traditional botnets include three
parts – botmaster, command and control (C&C) servers and bots. The
C&C servers receive commands from botmaster and control the
distributions of computers remotely. Bots use DNS to find the
positions of C&C server. In this paper, we propose an advanced hybrid
peer-to-peer (P2P) botnet 2.0 (AHP2P botnet 2.0) using web 2.0
technology to hide the instructions from botmaster into social sites,
which are regarded as C&C servers. Servent bots are regarded as
sub-C&C servers to get the instructions from social sites. The AHP2P
botnet 2.0 can evaluate the performance of servent bots, reduce DNS
traffics from bots to C&C servers, and achieve harder detection bots
actions than IRC-based botnets over the Internet.
Abstract: Digital watermarking is one of the techniques for
copyright protection. In this paper, a normalization-based robust
image watermarking scheme which encompasses singular value
decomposition (SVD) and discrete cosine transform (DCT)
techniques is proposed. For the proposed scheme, the host image is
first normalized to a standard form and divided into non-overlapping
image blocks. SVD is applied to each block. By concatenating the
first singular values (SV) of adjacent blocks of the normalized image,
a SV block is obtained. DCT is then carried out on the SV blocks to
produce SVD-DCT blocks. A watermark bit is embedded in the highfrequency
band of a SVD-DCT block by imposing a particular
relationship between two pseudo-randomly selected DCT
coefficients. An adaptive frequency mask is used to adjust local
watermark embedding strength. Watermark extraction involves
mainly the inverse process. The watermark extracting method is blind
and efficient. Experimental results show that the quality degradation
of watermarked image caused by the embedded watermark is visually
transparent. Results also show that the proposed scheme is robust
against various image processing operations and geometric attacks.
Abstract: The number of intrusions and attacks against critical
infrastructures and other information networks is increasing rapidly.
While there is no identified evidence that terrorist organizations are
currently planning a coordinated attack against the vulnerabilities of
computer systems and network connected to critical infrastructure,
and origins of the indiscriminate cyber attacks that infect computers
on network remain largely unknown. The growing trend toward the
use of more automated and menacing attack tools has also
overwhelmed some of the current methodologies used for tracking
cyber attacks. There is an ample possibility that this kind of cyber
attacks can be transform to cyberterrorism caused by illegal purposes.
Cyberterrorism is a matter of vital importance to national welfare.
Therefore, each countries and organizations have to take a proper
measure to meet the situation and consider effective legislation about
cyberterrorism.
Abstract: A novel robust audio watermarking scheme is
proposed in this paper. In the proposed scheme, the host audio signals
are segmented into frames. Two consecutive frames are assessed if
they are suitable to represent a watermark bit. If so, frequency
transform is performed on these two frames. The compressionexpansion
technique is adopted to generate distortion over the two
frames. The distortion is used to represent one watermark bit.
Psychoacoustic model is applied to calculate local auditory mask to
ensure that the distortion is not audible. The watermarking schemes
using mono and stereo audio signals are designed differently. The
correlation-based detection method is used to detect the distortion
and extract embedded watermark bits. The experimental results show
that the quality degradation caused by the embedded watermarks is
perceptually transparent and the proposed schemes are very robust
against different types of attacks.
Abstract: With the rapid development of wireless mobile communication, applications for mobile devices must focus on network security. In 2008, Chang-Chang proposed security improvements on the Lu et al.-s elliptic curve authentication key agreement protocol for wireless mobile networks. However, this paper shows that Chang- Chang-s improved protocol is still vulnerable to off-line password guessing attacks unlike their claims.