Abstract: The continued growth of the cities is causing an
increase of the amount of surface to illuminate. However, this rise
into lighting brings some unintended consequences such as increased
of energy consumption or the light pollution. To make these effects
less intrusive as possible some councils have chosen to perform a
part-night lighting in some areas. Nonetheless, this kind of shutdown
may cause serious problems which we intend to highlight in this
paper.
Abstract: Today’s technology is heavily dependent on web applications. Web applications are being accepted by users at a very rapid pace. These have made our work efficient. These include webmail, online retail sale, online gaming, wikis, departure and arrival of trains and flights and list is very long. These are developed in different languages like PHP, Python, C#, ASP.NET and many more by using scripts such as HTML and JavaScript. Attackers develop tools and techniques to exploit web applications and legitimate websites. This has led to rise of web application security; which can be broadly classified into Declarative Security and Program Security. The most common attacks on the applications are by SQL Injection and XSS which give access to unauthorized users who totally damage or destroy the system. This paper presents a detailed literature description and analysis on Web Application Security, examples of attacks and steps to mitigate the vulnerabilities.
Abstract: Medical images require special safety and confidentiality because critical judgment is done on the information provided by medical images. Transmission of medical image via internet or mobile phones demands strong security and copyright protection in telemedicine applications. Here, highly secured and robust watermarking technique is proposed for transmission of image data via internet and mobile phones. The Region of Interest (ROI) and Non Region of Interest (RONI) of medical image are separated. Only RONI is used for watermark embedding. This technique results in exact recovery of watermark with standard medical database images of size 512x512, giving 'correlation factor' equals to 1. The correlation factor for different attacks like noise addition, filtering, rotation and compression ranges from 0.90 to 0.95. The PSNR with weighting factor 0.02 is up to 48.53 dBs. The presented scheme is non blind and embeds hospital logo of 64x64 size.
Abstract: Fuzzy fingerprint vault is a recently developed cryptographic construct based on the polynomial reconstruction problem to secure critical data with the fingerprint data. However, the previous researches are not applicable to the fingerprint having a few minutiae since they use a fixed degree of the polynomial without considering the number of fingerprint minutiae. To solve this problem, we use an adaptive degree of the polynomial considering the number of minutiae extracted from each user. Also, we apply multiple polynomials to avoid the possible degradation of the security of a simple solution(i.e., using a low-degree polynomial). Based on the experimental results, our method can make the possible attack difficult 2192 times more than using a low-degree polynomial as well as verify the users having a few minutiae.
Abstract: Trust is essential for further and wider acceptance of
contemporary e-services. It was first addressed almost thirty years
ago in Trusted Computer System Evaluation Criteria standard by
the US DoD. But this and other proposed approaches of that
period were actually solving security. Roughly some ten years ago,
methodologies followed that addressed trust phenomenon at its core,
and they were based on Bayesian statistics and its derivatives, while
some approaches were based on game theory. However, trust is a
manifestation of judgment and reasoning processes. It has to be dealt
with in accordance with this fact and adequately supported in cyber
environment. On the basis of the results in the field of psychology
and our own findings, a methodology called qualitative algebra has
been developed, which deals with so far overlooked elements of trust
phenomenon. It complements existing methodologies and provides a
basis for a practical technical solution that supports management of
trust in contemporary computing environments. Such solution is also
presented at the end of this paper.
Abstract: A wrist-band type biosignal measurement system and its data transfer through human body communication (HBC) were investigated. An HBC method based on pulses of ultra-wide band instead of using frequency or amplitude modulations was studied and implemented since the system became very compact and it was more suited for personal or mobile health monitoring. Our system measured photo-plethysmogram (PPG) and measured PPG signals were transmitted through a finger to a monitoring PC system. The device was compact and low-power consuming. HBC communication has very strongsecurity measures since it does not use wireless network.Furthermore, biosignal monitoring system becomes handy because it does not need to have wire connections.
Abstract: Wireless sensor networks can be used to measure and monitor many challenging problems and typically involve in monitoring, tracking and controlling areas such as battlefield monitoring, object tracking, habitat monitoring and home sentry systems. However, wireless sensor networks pose unique security challenges including forgery of sensor data, eavesdropping, denial of service attacks, and the physical compromise of sensor nodes. Node in a sensor networks may be vanished due to power exhaustion or malicious attacks. To expand the life span of the sensor network, a new node deployment is needed. In military scenarios, intruder may directly organize malicious nodes or manipulate existing nodes to set up malicious new nodes through many kinds of attacks. To avoid malicious nodes from joining the sensor network, a security is required in the design of sensor network protocols. In this paper, we proposed a security framework to provide a complete security solution against the known attacks in wireless sensor networks. Our framework accomplishes node authentication for new nodes with recognition of a malicious node. When deployed as a framework, a high degree of security is reachable compared with the conventional sensor network security solutions. A proposed framework can protect against most of the notorious attacks in sensor networks, and attain better computation and communication performance. This is different from conventional authentication methods based on the node identity. It includes identity of nodes and the node security time stamp into the authentication procedure. Hence security protocols not only see the identity of each node but also distinguish between new nodes and old nodes.
Abstract: As the disfunctions of the information society and
social development progress, intrusion problems such as malicious
replies, spam mail, private information leakage, phishing, and
pharming, and side effects such as the spread of unwholesome
information and privacy invasion are becoming serious social
problems. Illegal access to information is also becoming a problem as
the exchange and sharing of information increases on the basis of the
extension of the communication network. On the other hand, as the
communication network has been constructed as an international,
global system, the legal response against invasion and cyber-attack
from abroad is facing its limit. In addition, in an environment where
the important infrastructures are managed and controlled on the basis
of the information communication network, such problems pose a
threat to national security. Countermeasures to such threats are
developed and implemented on a yearly basis to protect the major
infrastructures of information communication. As a part of such
measures, we have developed a methodology for assessing the
information protection level which can be used to establish the
quantitative object setting method required for the improvement of the
information protection level.
Abstract: Wireless Mesh Networks (WMNs) are an emerging
technology for last-mile broadband access. In WMNs, similar to ad
hoc networks, each user node operates not only as a host but also as a
router. User packets are forwarded to and from an Internet-connected
gateway in multi-hop fashion. The WMNs can be integrated with
other networking technologies i.e. ad hoc networks, to implement a
smooth network extension. The meshed topology provides good
reliability and scalability, as well as low upfront investments. Despite
the recent start-up surge in WMNs, much research remains to be
done in standardizing the functional parameters of WMNs to fully
exploit their full potential. An edifice of the security concerns of
these networks is authentication of a new client joining an integrated
ad hoc network and such a scenario will require execution of a multihop
authentication technique. Our endeavor in this paper is to
introduce a secure authentication technique, with light over-heads
that can be conveniently implemented for the ad-hoc nodes forming
clients of an integrated WMN, thus facilitating their inter-operability.
Abstract: Image watermarking has proven to be quite an
efficient tool for the purpose of copyright protection and
authentication over the last few years. In this paper, a novel image
watermarking technique in the wavelet domain is suggested and
tested. To achieve more security and robustness, the proposed
techniques relies on using two nested watermarks that are embedded
into the image to be watermarked. A primary watermark in form of a
PN sequence is first embedded into an image (the secondary
watermark) before being embedded into the host image. The
technique is implemented using Daubechies mother wavelets where
an arbitrary embedding factor α is introduced to improve the
invisibility and robustness. The proposed technique has been applied
on several gray scale images where a PSNR of about 60 dB was
achieved.
Abstract: India is currently the second most populous nation in
the world with over 1.2 billion people, growing annually at the rate of
1.5%. It is experiencing a surge in energy demands, expected to grow
more than three to four times in 25 years. Most of the energy
requirements are currently satisfied by the import of fossil fuels –
coal, petroleum-based products and natural gas. Biofuels can satisfy
these energy needs in an environmentally benign and cost effective
manner while reducing dependence on import of fossil fuels, thus
providing National Energy Security. Among various forms of
bioenergy, bioethanol is one of the major options for India because of
availability of feed stock crops.
This paper presents an overview on bioethanol production and
technology, steps taken by the Indian government to facilitate and
bring about optimal development and utilization of indigenous
biomass feedstocks for production of this biofuel.
Abstract: In this manuscript, a wavelet-based blind
watermarking scheme has been proposed as a means to provide
security to authenticity of a fingerprint. The information used for
identification or verification of a fingerprint mainly lies in its
minutiae. By robust watermarking of the minutiae in the fingerprint
image itself, the useful information can be extracted accurately even
if the fingerprint is severely degraded. The minutiae are converted in
a binary watermark and embedding these watermarks in the detail
regions increases the robustness of watermarking, at little to no
additional impact on image quality. It has been experimentally shown
that when the minutiae is embedded into wavelet detail coefficients
of a fingerprint image in spread spectrum fashion using a
pseudorandom sequence, the robustness is observed to have a
proportional response while perceptual invisibility has an inversely
proportional response to amplification factor “K". The DWT-based
technique has been found to be very robust against noises,
geometrical distortions filtering and JPEG compression attacks and is
also found to give remarkably better performance than DCT-based
technique in terms of correlation coefficient and number of erroneous
minutiae.
Abstract: There is a real threat on the VIPs personal pages on
the Social Network Sites (SNS). The real threats to these pages is
violation of privacy and theft of identity through creating fake pages
that exploit their names and pictures to attract the victims and spread
of lies. In this paper, we propose a new secure architecture that
improves the trusting and finds an effective solution to reduce fake
pages and possibility of recognizing VIP pages on SNS. The
proposed architecture works as a third party that is added to
Facebook to provide the trust service to personal pages for VIPs.
Through this mechanism, it works to ensure the real identity of the
applicant through the electronic authentication of personal
information by storing this information within content of their
website. As a result, the significance of the proposed architecture is
that it secures and provides trust to the VIPs personal pages.
Furthermore, it can help to discover fake page, protect the privacy,
reduce crimes of personality-theft, and increase the sense of trust and
satisfaction by friends and admirers in interacting with SNS.
Abstract: This paper presents a boarding on biometric
authentication through the Keystrokes Dynamics that it intends to
identify a person from its habitual rhythm to type in conventional
keyboard. Seven done experiments: verifying amount of prototypes,
threshold, features and the variation of the choice of the times of the
features vector. The results show that the use of the Keystroke
Dynamics is simple and efficient for personal authentication, getting
optimum resulted using 90% of the features with 4.44% FRR and 0%
FAR.
Abstract: Medical image data hiding has strict constrains such
as high imperceptibility, high capacity and high robustness.
Achieving these three requirements simultaneously is highly
cumbersome. Some works have been reported in the literature on
data hiding, watermarking and stegnography which are suitable for
telemedicine applications. None is reliable in all aspects. Electronic
Patient Report (EPR) data hiding for telemedicine demand it blind
and reversible. This paper proposes a novel approach to blind
reversible data hiding based on integer wavelet transform.
Experimental results shows that this scheme outperforms the prior
arts in terms of zero BER (Bit Error Rate), higher PSNR (Peak Signal
to Noise Ratio), and large EPR data embedding capacity with
WPSNR (Weighted Peak Signal to Noise Ratio) around 53 dB,
compared with the existing reversible data hiding schemes.
Abstract: This paper describes the study of cryptographic hash functions, one of the most important classes of primitives used in recent techniques in cryptography. The main aim is the development of recent crypt analysis hash function. We present different approaches to defining security properties more formally and present basic attack on hash function. We recall Merkle-Damgard security properties of iterated hash function. The Main aim of this paper is the development of recent techniques applicable to crypt Analysis hash function, mainly from SHA family. Recent proposed attacks an MD5 & SHA motivate a new hash function design. It is designed not only to have higher security but also to be faster than SHA-256. The performance of the new hash function is at least 30% better than that of SHA-256 in software. And it is secure against any known cryptographic attacks on hash functions.
Abstract: When architecting an application, key nonfunctional requirements such as performance, scalability, availability and security, which influence the architecture of the system, are some times not adequately addressed. Performance of the application may not be looked at until there is a concern. There are several problems with this reactive approach. If the system does not meet its performance objectives, the application is unlikely to be accepted by the stakeholders. This paper suggests an approach for performance modeling for web based J2EE and .Net applications to address performance issues early in the development life cycle. It also includes a Performance Modeling Case Study, with Proof-of-Concept (PoC) and implementation details for .NET and J2EE platforms.
Abstract: Cryptographic algorithms play a crucial role in the
information society by providing protection from unauthorized
access to sensitive data. It is clear that information technology will
become increasingly pervasive, Hence we can expect the emergence
of ubiquitous or pervasive computing, ambient intelligence. These
new environments and applications will present new security
challenges, and there is no doubt that cryptographic algorithms and
protocols will form a part of the solution. The efficiency of a public
key cryptosystem is mainly measured in computational overheads,
key size and bandwidth. In particular the RSA algorithm is used in
many applications for providing the security. Although the security
of RSA is beyond doubt, the evolution in computing power has
caused a growth in the necessary key length. The fact that most chips
on smart cards can-t process key extending 1024 bit shows that there
is need for alternative. NTRU is such an alternative and it is a
collection of mathematical algorithm based on manipulating lists of
very small integers and polynomials. This allows NTRU to high
speeds with the use of minimal computing power. NTRU (Nth degree
Truncated Polynomial Ring Unit) is the first secure public key
cryptosystem not based on factorization or discrete logarithm
problem. This means that given sufficient computational resources
and time, an adversary, should not be able to break the key. The
multi-party communication and requirement of optimal resource
utilization necessitated the need for the present day demand of
applications that need security enforcement technique .and can be
enhanced with high-end computing. This has promoted us to develop
high-performance NTRU schemes using approaches such as the use
of high-end computing hardware. Peer-to-peer (P2P) or enterprise
grids are proven as one of the approaches for developing high-end
computing systems. By utilizing them one can improve the
performance of NTRU through parallel execution. In this paper we
propose and develop an application for NTRU using enterprise grid
middleware called Alchemi. An analysis and comparison of its
performance for various text files is presented.
Abstract: Proxy signature helps the proxy signer to sign
messages on behalf of the original signer. It is very useful when
the original signer (e.g. the president of a company) is not
available to sign a specific document. If the original signer can
not forge valid proxy signatures through impersonating the proxy
signer, it will be robust in a virtual environment; thus the original
signer can not shift any illegal action initiated by herself to the
proxy signer. In this paper, we propose a new proxy signature
scheme. The new scheme can prevent the original signer from
impersonating the proxy signer to sign messages. The proposed
scheme is based on the regular ElGamal signature. In addition,
the fair privacy of the proxy signer is maintained. That means,
the privacy of the proxy signer is preserved; and the privacy can
be revealed when it is necessary.
Abstract: Automatic Extraction of Event information from
social text stream (emails, social network sites, blogs etc) is a vital
requirement for many applications like Event Planning and
Management systems and security applications. The key information
components needed from Event related text are Event title, location,
participants, date and time. Emails have very unique distinctions over
other social text streams from the perspective of layout and format
and conversation style and are the most commonly used
communication channel for broadcasting and planning events.
Therefore we have chosen emails as our dataset. In our work, we
have employed two statistical NLP methods, named as Finite State
Machines (FSM) and Hidden Markov Model (HMM) for the
extraction of event related contextual information. An application
has been developed providing a comparison among the two methods
over the event extraction task. It comprises of two modules, one for
each method, and works for both bulk as well as direct user input.
The results are evaluated using Precision, Recall and F-Score.
Experiments show that both methods produce high performance and
accuracy, however HMM was good enough over Title extraction and
FSM proved to be better for Venue, Date, and time.