Scholarly

FleGSens – Secure Area Monitoring Using Wireless Sensor Networks

Year: 2009 Volume: 3 Issue: 8 1537 - 1548 Pages

Abstract: In the project FleGSens, a wireless sensor network (WSN) for the surveillance of critical areas and properties is currently developed which incorporates mechanisms to ensure information security. The intended prototype consists of 200 sensor nodes for monitoring a 500m long land strip. The system is focused on ensuring integrity and authenticity of generated alarms and availability in the presence of an attacker who may even compromise a limited number of sensor nodes. In this paper, two of the main protocols developed in the project are presented, a tracking protocol to provide secure detection of trespasses within the monitored area and a protocol for secure detection of node failures. Simulation results of networks containing 200 and 2000 nodes as well as the results of the first prototype comprising a network of 16 nodes are presented. The focus of the simulations and prototype are functional testing of the protocols and particularly demonstrating the impact and cost of several attacks.

Hardware Approach to Solving Password Exposure Problem through Keyboard Sniff

Year: 2009 Volume: 3 Issue: 8 1534 - 1536 Pages

Abstract: This paper introduces a hardware solution to password exposure problem caused by direct accesses to the keyboard hardware interfaces through which a possible attacker is able to grab user-s password even where existing countermeasures are deployed. Several researches have proposed reasonable software based solutions to the problem for years. However, recently introduced hardware vulnerability problems have neutralized the software approaches and yet proposed any effective software solution to the vulnerability. Hardware approach in this paper is expected as the only solution to the vulnerability

Web Application Security, Attacks and Mitigation

Year: 2013 Volume: 7 Issue: 5 595 - 599 Pages

Abstract: Today’s technology is heavily dependent on web applications. Web applications are being accepted by users at a very rapid pace. These have made our work efficient. These include webmail, online retail sale, online gaming, wikis, departure and arrival of trains and flights and list is very long. These are developed in different languages like PHP, Python, C#, ASP.NET and many more by using scripts such as HTML and JavaScript. Attackers develop tools and techniques to exploit web applications and legitimate websites. This has led to rise of web application security; which can be broadly classified into Declarative Security and Program Security. The most common attacks on the applications are by SQL Injection and XSS which give access to unauthorized users who totally damage or destroy the system. This paper presents a detailed literature description and analysis on Web Application Security, examples of attacks and steps to mitigate the vulnerabilities.

Trust Managementfor Pervasive Computing Environments

Year: 2010 Volume: 4 Issue: 1 75 - 80 Pages

Authors:
Denis Trcek

Abstract: Trust is essential for further and wider acceptance of contemporary e-services. It was first addressed almost thirty years ago in Trusted Computer System Evaluation Criteria standard by the US DoD. But this and other proposed approaches of that period were actually solving security. Roughly some ten years ago, methodologies followed that addressed trust phenomenon at its core, and they were based on Bayesian statistics and its derivatives, while some approaches were based on game theory. However, trust is a manifestation of judgment and reasoning processes. It has to be dealt with in accordance with this fact and adequately supported in cyber environment. On the basis of the results in the field of psychology and our own findings, a methodology called qualitative algebra has been developed, which deals with so far overlooked elements of trust phenomenon. It complements existing methodologies and provides a basis for a practical technical solution that supports management of trust in contemporary computing environments. Such solution is also presented at the end of this paper.

Improve of Evaluation Method for Information Security Levels of CIIP (Critical Information Infrastructure Protection)

Year: 2007 Volume: 1 Issue: 12 3825 - 3829 Pages

Abstract: As the disfunctions of the information society and social development progress, intrusion problems such as malicious replies, spam mail, private information leakage, phishing, and pharming, and side effects such as the spread of unwholesome information and privacy invasion are becoming serious social problems. Illegal access to information is also becoming a problem as the exchange and sharing of information increases on the basis of the extension of the communication network. On the other hand, as the communication network has been constructed as an international, global system, the legal response against invasion and cyber-attack from abroad is facing its limit. In addition, in an environment where the important infrastructures are managed and controlled on the basis of the information communication network, such problems pose a threat to national security. Countermeasures to such threats are developed and implemented on a yearly basis to protect the major infrastructures of information communication. As a part of such measures, we have developed a methodology for assessing the information protection level which can be used to establish the quantitative object setting method required for the improvement of the information protection level.

Bioethanol - A Viable Answer to India-s Surging Energy Needs

Year: 2012 Volume: 6 Issue: 8 2082 - 2086 Pages

Authors:
Pranav Raghav Sood

Abstract: India is currently the second most populous nation in the world with over 1.2 billion people, growing annually at the rate of 1.5%. It is experiencing a surge in energy demands, expected to grow more than three to four times in 25 years. Most of the energy requirements are currently satisfied by the import of fossil fuels – coal, petroleum-based products and natural gas. Biofuels can satisfy these energy needs in an environmentally benign and cost effective manner while reducing dependence on import of fossil fuels, thus providing National Energy Security. Among various forms of bioenergy, bioethanol is one of the major options for India because of availability of feed stock crops. This paper presents an overview on bioethanol production and technology, steps taken by the Indian government to facilitate and bring about optimal development and utilization of indigenous biomass feedstocks for production of this biofuel.

GridNtru: High Performance PKCS

Year: 2007 Volume: 1 Issue: 11 3435 - 3438 Pages

Abstract: Cryptographic algorithms play a crucial role in the information society by providing protection from unauthorized access to sensitive data. It is clear that information technology will become increasingly pervasive, Hence we can expect the emergence of ubiquitous or pervasive computing, ambient intelligence. These new environments and applications will present new security challenges, and there is no doubt that cryptographic algorithms and protocols will form a part of the solution. The efficiency of a public key cryptosystem is mainly measured in computational overheads, key size and bandwidth. In particular the RSA algorithm is used in many applications for providing the security. Although the security of RSA is beyond doubt, the evolution in computing power has caused a growth in the necessary key length. The fact that most chips on smart cards can-t process key extending 1024 bit shows that there is need for alternative. NTRU is such an alternative and it is a collection of mathematical algorithm based on manipulating lists of very small integers and polynomials. This allows NTRU to high speeds with the use of minimal computing power. NTRU (Nth degree Truncated Polynomial Ring Unit) is the first secure public key cryptosystem not based on factorization or discrete logarithm problem. This means that given sufficient computational resources and time, an adversary, should not be able to break the key. The multi-party communication and requirement of optimal resource utilization necessitated the need for the present day demand of applications that need security enforcement technique .and can be enhanced with high-end computing. This has promoted us to develop high-performance NTRU schemes using approaches such as the use of high-end computing hardware. Peer-to-peer (P2P) or enterprise grids are proven as one of the approaches for developing high-end computing systems. By utilizing them one can improve the performance of NTRU through parallel execution. In this paper we propose and develop an application for NTRU using enterprise grid middleware called Alchemi. An analysis and comparison of its performance for various text files is presented.

Keywords:
Alchemi
GridNtru
Ntru
PKCS.

The Relationship between Employability and Training

Year: 2011 Volume: 5 Issue: 8 969 - 973 Pages

Abstract: The aim of this paper is to provide an empirical evidence about the effects that the management of continuous training have on employability (or employment stability) in the Spanish labour market. With this purpose a binary logit model with interaction effect is been used. The dependent variable includes two situations of the active workers: continuous and discontinuous employability. To distinguish between them an Employability Index Stability (ESI) was calculated taking into account two factors: time worked and job security. Various aspects of the continuous training and personal workers data are used as independent variables. The data obtained from a survey of a sample of 918 employed have revealed a relationship between the likelihood of continuous employability and continuous training received. The empirical results support the positive and significant relationship between various aspects of the training provided by firms and employability likelihood of the workers, postulate alike from a theoretical point of view.

Implementation and Analysis of Elliptic Curve Cryptosystems over Polynomial basis and ONB

Year: 2007 Volume: 1 Issue: 10 3025 - 3029 Pages

Abstract: Polynomial bases and normal bases are both used for elliptic curve cryptosystems, but field arithmetic operations such as multiplication, inversion and doubling for each basis are implemented by different methods. In general, it is said that normal bases, especially optimal normal bases (ONB) which are special cases on normal bases, are efficient for the implementation in hardware in comparison with polynomial bases. However there seems to be more examined by implementing and analyzing these systems under similar condition. In this paper, we designed field arithmetic operators for each basis over GF(2233), which field has a polynomial basis recommended by SEC2 and a type-II ONB both, and analyzed these implementation results. And, in addition, we predicted the efficiency of two elliptic curve cryptosystems using these field arithmetic operators.

Security Architecture for At-Home Medical Care Using Sensor Network

Year: 2010 Volume: 4 Issue: 12 1726 - 1729 Pages

Abstract: This paper proposes a novel architecture for At- Home medical care which enables senior citizens, patients with chronic ailments and patients requiring post- operative care to be remotely monitored in the comfort of their homes. This architecture is implemented using sensors and wireless networking for transmitting patient data to the hospitals, health- care centers for monitoring by medical professionals. Patients are equipped with sensors to measure their physiological parameters, like blood pressure, pulse rate etc. and a Wearable Data Acquisition Unit is used to transmit the patient sensor data. Medical professionals can be alerted to any abnormal variations in these values for diagnosis and suitable treatment. Security threats and challenges inherent to wireless communication and sensor network have been discussed and a security mechanism to ensure data confidentiality and source authentication has been proposed. Symmetric key algorithm AES has been used for encrypting the data and a patent-free, two-pass block cipher mode CCFB has been used for implementing semantic security.

Dynamic Adaptability Using Reflexivity for Mobile Agent Protection

Year: 2008 Volume: 2 Issue: 11 3685 - 3690 Pages

Abstract: The paradigm of mobile agent provides a promising technology for the development of distributed and open applications. However, one of the main obstacles to widespread adoption of the mobile agent paradigm seems to be security. This paper treats the security of the mobile agent against malicious host attacks. It describes generic mobile agent protection architecture. The proposed approach is based on the dynamic adaptability and adopts the reflexivity as a model of conception and implantation. In order to protect it against behaviour analysis attempts, the suggested approach supplies the mobile agent with a flexibility faculty allowing it to present an unexpected behaviour. Furthermore, some classical protective mechanisms are used to reinforce the level of security.

A Novel Hybrid Mobile Agent Based Distributed Intrusion Detection System

Year: 2008 Volume: 2 Issue: 9 2932 - 2935 Pages

Abstract: The first generation of Mobile Agents based Intrusion Detection System just had two components namely data collection and single centralized analyzer. The disadvantage of this type of intrusion detection is if connection to the analyzer fails, the entire system will become useless. In this work, we propose novel hybrid model for Mobile Agent based Distributed Intrusion Detection System to overcome the current problem. The proposed model has new features such as robustness, capability of detecting intrusion against the IDS itself and capability of updating itself to detect new pattern of intrusions. In addition, our proposed model is also capable of tackling some of the weaknesses of centralized Intrusion Detection System models.

Multisensor Agent Based Intrusion Detection

Year: 2007 Volume: 1 Issue: 5 1213 - 1216 Pages

Authors:
Richard A. Wasniowski

Abstract: In this paper we propose a framework for multisensor intrusion detection called Fuzzy Agent-Based Intrusion Detection System. A unique feature of this model is that the agent uses data from multiple sensors and the fuzzy logic to process log files. Use of this feature reduces the overhead in a distributed intrusion detection system. We have developed an agent communication architecture that provides a prototype implementation. This paper discusses also the issues of combining intelligent agent technology with the intrusion detection domain.

Gait Recognition System: Bundle Rectangle Approach

Year: 2009 Volume: 3 Issue: 10 1793 - 1799 Pages

Abstract: Biometrics methods include recognition techniques such as fingerprint, iris, hand geometry, voice, face, ears and gait. The gait recognition approach has some advantages, for example it does not need the prior concern of the observed subject and it can record many biometric features in order to make deeper analysis, but most of the research proposals use high computational cost. This paper shows a gait recognition system with feature subtraction on a bundle rectangle drawn over the observed person. Statistical results within a database of 500 videos are shown.

Power Generation Scheduling of Thermal Units Considering Gas Pipelines Constraints

Year: 2009 Volume: 3 Issue: 1 14 - 19 Pages

Abstract: With the growth of electricity generation from gas energy gas pipeline reliability can substantially impact the electric generation. A physical disruption to pipeline or to a compressor station can interrupt the flow of gas or reduce the pressure and lead to loss of multiple gas-fired electric generators, which could dramatically reduce the supplied power and threaten the power system security. Gas pressure drops during peak loading time on pipeline system, is a common problem in network with no enough transportation capacity which limits gas transportation and causes many problem for thermal domain power systems in supplying their demand. For a feasible generation scheduling planning in networks with no sufficient gas transportation capacity, it is required to consider gas pipeline constraints in solving the optimization problem and evaluate the impacts of gas consumption in power plants on gas pipelines operating condition. This paper studies about operating of gas fired power plants in critical conditions when the demand of gas and electricity peak together. An integrated model of gas and electric model is used to consider the gas pipeline constraints in the economic dispatch problem of gas-fueled thermal generator units.

Keywords:

Determination of Cr Content in Canned Fish Marketed in Iran

Year: 2014 Volume: 8 Issue: 12 1310 - 1313 Pages

Abstract: The presence of heavy metals in the environment could constitute a hazard to food security and public health. These can be accumulated in aquatic animals such as fish. Samples of four popular brands of canned fish in the Iranian market (yellowfin tuna, common Kilka, Kawakawa and longtail tuna) were analyzed for level of Cr after wet digestion with acids using graphite furnace atomic absorption spectrophotometry. The mean concentrations for Cr in the different brands were: 2.57, 3.24, 3.16 and 1.65 μg/g for brands A, B, C and D respectively. Significant differences were observed in the Cr levels between all of the different brands of canned fish evaluated in this study. The Cr concentrations for the varieties of canned fishes were generally within the FAO/WHO, U.S. FDA and U.S. EPA recommended limits for fish.

Using Secure-Image Mechanism to Protect Mobile Agent Against Malicious Hosts

Year: 2009 Volume: 3 Issue: 11 2532 - 2537 Pages

Authors:
Tarig Mohamed Ahmed

Abstract: The usage of internet is rapidly increasing and the usage of mobile agent technology in internet environment has a great demand. The security issue one of main obstacles that restrict the mobile agent technology to spread. This paper proposes Secure-Image Mechanism (SIM) as a new mechanism to protect mobile agents against malicious hosts. . SIM aims to protect mobile agent by using the symmetric encryption and hash function in cryptography science. This mechanism can prevent the eavesdropping and alteration attacks. It assists the mobile agents to continue their journey normally incase attacks occurred.

New Curriculum Approach in Teaching Network Security Subjects for ICT Courses in Malaysia

Year: 2008 Volume: 2 Issue: 7 708 - 712 Pages

Abstract: This paper discusses a curriculum approach that will give emphasis on practical portions of teaching network security subjects in information and communication technology courses. As we are well aware, the need to use a practice and application oriented approach in education is paramount. Research on active learning and cooperative groups have shown that students grasps more and have more tendency towards obtaining and realizing soft skills like leadership, communication and team work as opposed to the more traditional theory and exam based teaching and learning. While this teaching and learning paradigm is relatively new in Malaysia, it has been practiced widely in the West. This paper examines a certain approach whereby students learning wireless security are divided into and work in small and manageable groups where there will be 2 teams which consist of black hat and white hat teams. The former will try to find and expose vulnerabilities in a wireless network while the latter will try their best to prevent such attacks on their wireless networks using hardware, software, design and enforcement of security policy and etc. This paper will try to show that the approach taken plus the use of relevant and up to date software and hardware and with suitable environment setting will hopefully expose students to a more fruitful outcome in terms of understanding of concepts, theories and their motivation to learn.

An Improved Method to Watermark Images Sensitive to Blocking Artifacts

Year: 2007 Volume: 1 Issue: 10 2979 - 2984 Pages

Authors:
Afzel Noore

Abstract: A new digital watermarking technique for images that are sensitive to blocking artifacts is presented. Experimental results show that the proposed MDCT based approach produces highly imperceptible watermarked images and is robust to attacks such as compression, noise, filtering and geometric transformations. The proposed MDCT watermarking technique is applied to fingerprints for ensuring security. The face image and demographic text data of an individual are used as multiple watermarks. An AFIS system was used to quantitatively evaluate the matching performance of the MDCT-based watermarked fingerprint. The high fingerprint matching scores show that the MDCT approach is resilient to blocking artifacts. The quality of the extracted face and extracted text images was computed using two human visual system metrics and the results show that the image quality was high.

Keywords:
Digital watermarking
data hiding
modified discretecosine transformation (MDCT).

Designing a Framework for Network Security Protection

Year: 2012 Volume: 6 Issue: 6 750 - 754 Pages

Authors:
Eric P. Jiang

Abstract: As the Internet continues to grow at a rapid pace as the primary medium for communications and commerce and as telecommunication networks and systems continue to expand their global reach, digital information has become the most popular and important information resource and our dependence upon the underlying cyber infrastructure has been increasing significantly. Unfortunately, as our dependency has grown, so has the threat to the cyber infrastructure from spammers, attackers and criminal enterprises. In this paper, we propose a new machine learning based network intrusion detection framework for cyber security. The detection process of the framework consists of two stages: model construction and intrusion detection. In the model construction stage, a semi-supervised machine learning algorithm is applied to a collected set of network audit data to generate a profile of normal network behavior and in the intrusion detection stage, input network events are analyzed and compared with the patterns gathered in the profile, and some of them are then flagged as anomalies should these events are sufficiently far from the expected normal behavior. The proposed framework is particularly applicable to the situations where there is only a small amount of labeled network training data available, which is very typical in real world network environments.

Top Journal

SUGGEST A JOURNAL