Abstract: RFID system, in which we give identification number to each item and detect it with radio frequency, supports more variable service than barcode system can do. For example, a refrigerator with RFID reader and internet connection will automatically notify expiration of food validity to us. But, in spite of its convenience, RFID system has some security threats, because anybody can get ID information of item easily. One of most critical threats is privacy invasion. Existing privacy protection schemes or systems have been proposed, and these schemes or systems defend normal users from attempts that any attacker tries to get information using RFID tag value. But, these systems still have weakness that attacker can get information using analogous value instead of original tag value. In this paper, we mention this type of attack more precisely and suggest 'Tag Broker Model', which can defend it. Tag broker in this model translates original tag value to random value, and user can only get random value. Attacker can not use analogous tag value, because he/she is not able to know original one from it.
Abstract: Spam mails are unwanted mails sent to large number
of users. Spam mails not only consume the network resources, but
cause security threats as well. This paper proposes an efficient
technique to detect, and to prevent spam mail in the sender side rather
than the receiver side. This technique is based on a counter set on the
sender server. When a mail is transmitted to the server, the mail server
checks the number of the recipients based on its counter policy. The
counter policy performed by the mail server is based on some
pre-defined criteria. When the number of recipients exceeds the
counter policy, the mail server discontinues the rest of the process, and
sends a failure mail to sender of the mail; otherwise the mail is
transmitted through the network. By using this technique, the usage of
network resources such as bandwidth, and memory is preserved. The
simulation results in real network show that when the counter is set on
the sender side, the time required for spam mail detection is 100 times
faster than the time the counter is set on the receiver side, and the
network resources are preserved largely compared with other
anti-spam mail techniques in the receiver side.
Abstract: As the mobile Internet has become widespread in
recent years, communication based on mobile networks is increasing.
As a result, security threats have been posed with regard to the
abnormal traffic of mobile networks, but mobile security has been
handled with focus on threats posed by mobile malicious codes, and
researches on security threats to the mobile network itself have not
attracted much attention. In mobile networks, the IP address of the data
packet is a very important factor for billing purposes. If one mobile
terminal use an incorrect IP address that either does not exist or could
be assigned to another mobile terminal, billing policy will cause
problems. We monitor and analyze 3G mobile data networks traffics
for a period of time and finds some abnormal IP packets. In this paper,
we analyze the reason for abnormal IP packets on 3G Mobile Data
Networks. And we also propose an algorithm based on IP address table
that contains addresses currently in use within the mobile data network
to detect abnormal IP packets.
Abstract: Security risk models have been successful in estimating the likelihood of attack for simple security threats. However, modeling complex system and their security risk is even a challenge. Many methods have been proposed to face this problem. Often difficult to manipulate, and not enough all-embracing they are not as famous as they should with administrators and deciders. We propose in this paper a new tool to model big systems on purpose. The software, takes into account attack threats and security strength.
Abstract: Recent communications environment significantly
expands the mobile environment. The popularization of smartphones
with various mobile services has emerged, and smartphone users are
rapidly increasing. Because of these symptoms, existing wired
environment in a variety of mobile traffic entering to mobile network
has threatened the stability of the mobile network. Unlike traditional
wired infrastructure, mobile networks has limited radio resources and
signaling procedures for complex radio resource management. So
these traffic is not a problem in wired networks but mobile networks, it
can be a threat. In this paper, we analyze the security threats in mobile
networks and provide direction to solve it.
Abstract: Recently, Denial of Service(DoS) attacks and Distributed DoS(DDoS) attacks which are stronger form of DoS attacks from plural hosts have become security threats on the Internet. It is important to identify the attack source and to block attack traffic as one of the measures against these attacks. In general, it is difficult to identify them because information about the attack source is falsified. Therefore a method of identifying the attack source by tracing the route of the attack traffic is necessary. A traceback method which uses traffic patterns, using changes in the number of packets over time as criteria for the attack traceback has been proposed. The traceback method using the traffic patterns can trace the attack by matching the shapes of input traffic patterns and the shape of output traffic pattern observed at a network branch point such as a router. The traffic pattern is a shapes of traffic and unfalsifiable information. The proposed trace methods proposed till date cannot obtain enough tracing accuracy, because they directly use traffic patterns which are influenced by non-attack traffics. In this paper, a new traffic pattern matching method using Independent Component Analysis(ICA) is proposed.
Abstract: The purpose of this paper is to analyze determinants of
information security affecting adoption of the Web-based integrated
information systems (IIS). We introduced Web-based information
systems which are designed to formulate strategic plans for Peruvian
government. Theoretical model is proposed to test impact of
organizational factors (deterrent efforts and severity; preventive
efforts) and individual factors (information security threat; security
awareness) on intentions to proactively use the Web-based IIS .Our
empirical study results highlight that deterrent efforts and deterrent
severity have no significant influence on the proactive use intentions
of IIS, whereas, preventive efforts play an important role in proactive
use intentions of IIS. Thus, we suggest that organizations need to do
preventive efforts by introducing various information security
solutions, and try to improve information security awareness while
reducing the perceived information security threats.
Abstract: Software and applications are subjected to serious and damaging security threats, these threats are increasing as a result of increased number of potential vulnerabilities. Security testing is an indispensable process to validate software security requirements and to identify security related vulnerabilities. In this paper we analyze and compare different available vulnerabilities testing techniques based on a pre defined criteria using analytical hierarchy process (AHP). We have selected five testing techniques which includes Source code analysis, Fault code injection, Robustness, Stress and Penetration testing techniques. These testing techniques have been evaluated against five criteria which include cost, thoroughness, Ease of use, effectiveness and efficiency. The outcome of the study is helpful for researchers, testers and developers to understand effectiveness of each technique in its respective domain. Also the study helps to compare the inner working of testing techniques against a selected criterion to achieve optimum testing results.
Abstract: Multiparty voice over IP (MVoIP) systems allows a group of people to freely communicate each other via the internet, which have many applications such as online gaming, teleconferencing, online stock trading etc. Peertalk is a peer to peer multiparty voice over IP system (MVoIP) which is more feasible than existing approaches such as p2p overlay multicast and coupled distributed processing. Since the stream mixing and distribution are done by the peers, it is vulnerable to major security threats like nodes misbehavior, eavesdropping, Sybil attacks, Denial of Service (DoS), call tampering, Man in the Middle attacks etc. To thwart the security threats, a security framework called PEERTS (PEEred Reputed Trustworthy System for peertalk) is implemented so that efficient and secure communication can be carried out between peers.
Abstract: There are many expand of Wi-Fi zones provided
mobile careers and usage of wireless access point at home as increase
of usage of wireless internet caused by the use of smart phone. This
paper shows wireless local area network status, security threats of
WLAN and functionality of major wireless access point in Korea. We
propose security countermeasures concerned with life cycle of access
point from manufacturing to installation, using and finally disposal.
There needed to releasing with configured secure at access point.
Because, it is most cost effective resolution than stage of installation or
other life cycle of access point.
Abstract: Recently, information security has become a key issue
in information technology as the number of computer security
breaches are exposed to an increasing number of security threats. A
variety of intrusion detection systems (IDS) have been employed for
protecting computers and networks from malicious network-based or
host-based attacks by using traditional statistical methods to new data
mining approaches in last decades. However, today's commercially
available intrusion detection systems are signature-based that are not
capable of detecting unknown attacks. In this paper, we present a
new learning algorithm for anomaly based network intrusion
detection system using decision tree algorithm that distinguishes
attacks from normal behaviors and identifies different types of
intrusions. Experimental results on the KDD99 benchmark network
intrusion detection dataset demonstrate that the proposed learning
algorithm achieved 98% detection rate (DR) in comparison with
other existing methods.
Abstract: This paper proposes a novel architecture for At-
Home medical care which enables senior citizens, patients
with chronic ailments and patients requiring post- operative
care to be remotely monitored in the comfort of their homes.
This architecture is implemented using sensors and wireless
networking for transmitting patient data to the hospitals,
health- care centers for monitoring by medical professionals.
Patients are equipped with sensors to measure their
physiological parameters, like blood pressure, pulse rate etc.
and a Wearable Data Acquisition Unit is used to transmit the
patient sensor data. Medical professionals can be alerted to
any abnormal variations in these values for diagnosis and
suitable treatment. Security threats and challenges inherent to
wireless communication and sensor network have been
discussed and a security mechanism to ensure data
confidentiality and source authentication has been proposed.
Symmetric key algorithm AES has been used for encrypting
the data and a patent-free, two-pass block cipher mode CCFB
has been used for implementing semantic security.
Abstract: The world is moving rapidly toward the deployment
of information and communication systems. Nowadays, computing
systems with their fast growth are found everywhere and one of the main challenges for these systems is increasing attacks and security threats against them. Thus, capturing, analyzing and verifying security requirements becomes a very important activity in
development process of computing systems, specially in developing
systems such as banking, military and e-business systems. For
developing every system, a process model which includes a process,
methods and tools is chosen. The Rational Unified Process (RUP) is
one of the most popular and complete process models which is used
by developers in recent years. This process model should be extended to be used in developing secure software systems. In this
paper, the Requirement Discipline of RUP is extended to improve RUP for developing secure software systems. These proposed extensions are adding and integrating a number of Activities, Roles,
and Artifacts to RUP in order to capture, document and model threats
and security requirements of system. These extensions introduce a
group of clear and stepwise activities to developers. By following these activities, developers assure that security requirements are
captured and modeled. These models are used in design, implementation and test activitie