Abstract: Least Significant Bit (LSB) technique is the earliest
developed technique in watermarking and it is also the most simple,
direct and common technique. It essentially involves embedding the
watermark by replacing the least significant bit of the image data with
a bit of the watermark data. The disadvantage of LSB is that it is not
robust against attacks. In this study intermediate significant bit (ISB)
has been used in order to improve the robustness of the watermarking
system. The aim of this model is to replace the watermarked image
pixels by new pixels that can protect the watermark data against
attacks and at the same time keeping the new pixels very close to the
original pixels in order to protect the quality of watermarked image.
The technique is based on testing the value of the watermark pixel
according to the range of each bit-plane.
Abstract: In the project FleGSens, a wireless sensor network
(WSN) for the surveillance of critical areas and properties is currently developed which incorporates mechanisms to ensure information
security. The intended prototype consists of 200 sensor nodes for
monitoring a 500m long land strip. The system is focused on ensuring
integrity and authenticity of generated alarms and availability in the
presence of an attacker who may even compromise a limited number
of sensor nodes. In this paper, two of the main protocols developed
in the project are presented, a tracking protocol to provide secure
detection of trespasses within the monitored area and a protocol for secure detection of node failures. Simulation results of networks
containing 200 and 2000 nodes as well as the results of the first prototype comprising a network of 16 nodes are presented. The focus of the simulations and prototype are functional testing of the protocols
and particularly demonstrating the impact and cost of several attacks.
Abstract: This paper proposes a technique to protect against
email bombing. The technique employs a statistical approach, Naïve
Bayes (NB), and Neural Networks to show that it is possible to
differentiate between good and bad traffic to protect against email
bombing attacks. Neural networks and Naïve Bayes can be trained
by utilizing many email messages that include both input and output
data for legitimate and non-legitimate emails. The input to the model
includes the contents of the body of the messages, the subject, and
the headers. This information will be used to determine if the email
is normal or an attack email. Preliminary tests suggest that Naïve
Bayes can be trained to produce an accurate response to confirm
which email represents an attack.
Abstract: Wireless sensor networks can be used to measure and monitor many challenging problems and typically involve in monitoring, tracking and controlling areas such as battlefield monitoring, object tracking, habitat monitoring and home sentry systems. However, wireless sensor networks pose unique security challenges including forgery of sensor data, eavesdropping, denial of service attacks, and the physical compromise of sensor nodes. Node in a sensor networks may be vanished due to power exhaustion or malicious attacks. To expand the life span of the sensor network, a new node deployment is needed. In military scenarios, intruder may directly organize malicious nodes or manipulate existing nodes to set up malicious new nodes through many kinds of attacks. To avoid malicious nodes from joining the sensor network, a security is required in the design of sensor network protocols. In this paper, we proposed a security framework to provide a complete security solution against the known attacks in wireless sensor networks. Our framework accomplishes node authentication for new nodes with recognition of a malicious node. When deployed as a framework, a high degree of security is reachable compared with the conventional sensor network security solutions. A proposed framework can protect against most of the notorious attacks in sensor networks, and attain better computation and communication performance. This is different from conventional authentication methods based on the node identity. It includes identity of nodes and the node security time stamp into the authentication procedure. Hence security protocols not only see the identity of each node but also distinguish between new nodes and old nodes.
Abstract: The paradigm of mobile agent provides a promising technology for the development of distributed and open applications. However, one of the main obstacles to widespread adoption of the mobile agent paradigm seems to be security. This paper treats the security of the mobile agent against malicious host attacks. It describes generic mobile agent protection architecture. The proposed approach is based on the dynamic adaptability and adopts the reflexivity as a model of conception and implantation. In order to protect it against behaviour analysis attempts, the suggested approach supplies the mobile agent with a flexibility faculty allowing it to present an unexpected behaviour. Furthermore, some classical protective mechanisms are used to reinforce the level of security.
Abstract: In this paper we introduce three watermarking methods that can be used to count the number of times that a user has played some content. The proposed methods are tested with audio content in our experimental system using the most common signal processing attacks. The test results show that the watermarking methods used enable the watermark to be extracted under the most common attacks with a low bit error rate.
Abstract: The usage of internet is rapidly increasing and the usage of mobile agent technology in internet environment has a great demand. The security issue one of main obstacles that restrict the mobile agent technology to spread. This paper proposes Secure-Image Mechanism (SIM) as a new mechanism to protect mobile agents against malicious hosts. . SIM aims to protect mobile agent by using the symmetric encryption and hash function in cryptography science. This mechanism can prevent the eavesdropping and alteration attacks. It assists the mobile agents to continue their journey normally incase attacks occurred.
Abstract: IETF defines mobility support in IPv6, i.e. MIPv6, to
allow nodes to remain reachable while moving around in the IPv6
internet. When a node moves and visits a foreign network, it is still
reachable through the indirect packet forwarding from its home
network. This triangular routing feature provides node mobility but
increases the communication latency between nodes. This deficiency
can be overcome by using a Binding Update (BU) scheme, which let
nodes keep up-to-date IP addresses and communicate with each other
through direct IP routing. To further protect the security of BU, a
Return Routability (RR) procedure was developed. However, it has
been found that RR procedure is vulnerable to many attacks. In this
paper, we will propose a lightweight RR procedure based on
geometric computing. In consideration of the inherent limitation of
computing resources in mobile node, the proposed scheme is
developed to minimize the cost of computations and to eliminate the
overhead of state maintenance during binding updates. Compared with
other CGA-based BU schemes, our scheme is more efficient and
doesn-t need nonce tables in nodes.
Abstract: Ad hoc networks are characterized by multi-hop
wireless connectivity and frequently changing network topology.
Forming security association among a group of nodes in ad-hoc
networks is more challenging than in conventional networks due to the
lack of central authority, i.e. fixed infrastructure. With that view in
mind, group key management plays an important building block of
any secure group communication. The main contribution of this paper
is a low complexity key management scheme that is suitable for fully
self-organized ad-hoc networks. The protocol is also password
authenticated, making it resilient against active attacks. Unlike other
existing key agreement protocols, ours make no assumption about the
structure of the underlying wireless network, making it suitable for
“truly ad-hoc" networks. Finally, we will analyze our protocol to show
the computation and communication burden on individual nodes for
key establishment.
Abstract: This paper introduces a technique of distortion
estimation in image watermarking using Genetic Programming (GP).
The distortion is estimated by considering the problem of obtaining a
distorted watermarked signal from the original watermarked signal as
a function regression problem. This function regression problem is
solved using GP, where the original watermarked signal is
considered as an independent variable. GP-based distortion
estimation scheme is checked for Gaussian attack and Jpeg
compression attack. We have used Gaussian attacks of different
strengths by changing the standard deviation. JPEG compression
attack is also varied by adding various distortions. Experimental
results demonstrate that the proposed technique is able to detect the
watermark even in the case of strong distortions and is more robust
against attacks.
Abstract: Video watermarking is usually considered as watermarking of a set of still images. In frame-by-frame watermarking approach, each video frame is seen as a single watermarked image, so collusion attack is more critical in video watermarking. If the same or redundant watermark is used for embedding in every frame of video, the watermark can be estimated and then removed by watermark estimate remodolulation (WER) attack. Also if uncorrelated watermarks are used for every frame, these watermarks can be washed out with frame temporal filtering (FTF). Switching watermark system or so-called SS-N system has better performance against WER and FTF attacks. In this system, for each frame, the watermark is randomly picked up from a finite pool of watermark patterns. At first SS-N system will be surveyed and then a new collusion attack for SS-N system will be proposed using a new algorithm for separating video frame based on watermark pattern. So N sets will be built in which every set contains frames carrying the same watermark. After that, using WER attack in every set, N different watermark patterns will be estimated and removed later.
Abstract: Electronic seal is an electronic device to check the
authenticity and integrity of freight containers at the point of arrival.
While RFID-based eSeals are gaining more acceptances and there are
also some standardization processes for these devices, a recent
research revealed that the current RFID-based eSeals are vulnerable to
various attacks. In this paper, we provide a feasible solution to
enhance the security of active RFID-based eSeals. Our approach is to
use an authentication and key agreement protocol between eSeal and
reader device, enabling data encryption and integrity check. Our
protocol is based on the use of block cipher AES, which is reasonable
since a block cipher can also be used for many other security purposes
including data encryption and pseudo-random number generation. Our
protocol is very simple, and it is applicable to low-end active RFID
eSeals.
Abstract: Resistance of denial of service attacks is a key security requirement in voting protocols. Acquisti protocol plays an important role in development of internet voting protocols and claims its security without strong physical assumptions. In this study firstly Acquisti protocol is modeled in extended applied pi calculus, and then resistance of denial of service attacks is proved with ProVerif. The result is that it is not resistance of denial of service attacks because two denial of service attacks are found. Finally we give the method against the denial of service attacks.
Abstract: In recent years with the rapid development of Internet and the Web, more and more web applications have been deployed in many fields and organizations such as finance, military, and government. Together with that, hackers have found more subtle ways to attack web applications. According to international statistics, SQL Injection is one of the most popular vulnerabilities of web applications. The consequences of this type of attacks are quite dangerous, such as sensitive information could be stolen or authentication systems might be by-passed. To mitigate the situation, several techniques have been adopted. In this research, a security solution is proposed using Artificial Neural Network to protect web applications against this type of attacks. The solution has been experimented on sample datasets and has given promising result. The solution has also been developed in a prototypic web application firewall called ANNbWAF.
Abstract: In this paper, an artificial intelligent technique for
robust digital image watermarking in multiwavelet domain is
proposed. The embedding technique is based on the quantization
index modulation technique and the watermark extraction process
does not require the original image. We have developed an
optimization technique using the genetic algorithms to search for
optimal quantization steps to improve the quality of watermarked
image and robustness of the watermark. In addition, we construct a
prediction model based on image moments and back propagation
neural network to correct an attacked image geometrically before the
watermark extraction process begins. The experimental results show
that the proposed watermarking algorithm yields watermarked image
with good imperceptibility and very robust watermark against various
image processing attacks.
Abstract: Biometric techniques are gaining importance for
personal authentication and identification as compared to the
traditional authentication methods. Biometric templates are
vulnerable to variety of attacks due to their inherent nature. When a
person-s biometric is compromised his identity is lost. In contrast to
password, biometric is not revocable. Therefore, providing security
to the stored biometric template is very crucial. Crypto biometric
systems are authentication systems, which blends the idea of
cryptography and biometrics. Fuzzy vault is a proven crypto
biometric construct which is used to secure the biometric templates.
However fuzzy vault suffer from certain limitations like nonrevocability,
cross matching. Security of the fuzzy vault is affected
by the non-uniform nature of the biometric data. Fuzzy vault when
hardened with password overcomes these limitations. Password
provides an additional layer of security and enhances user privacy.
Retina has certain advantages over other biometric traits. Retinal
scans are used in high-end security applications like access control to
areas or rooms in military installations, power plants, and other high
risk security areas. This work applies the idea of fuzzy vault for
retinal biometric template. Multimodal biometric system
performance is well compared to single modal biometric systems.
The proposed multi modal biometric fuzzy vault includes combined
feature points from retina and fingerprint. The combined vault is
hardened with user password for achieving high level of security.
The security of the combined vault is measured using min-entropy.
The proposed password hardened multi biometric fuzzy vault is
robust towards stored biometric template attacks.