Abstract: Recent innovations in the field of technology led to the use of wireless sensor networks in various applications, which consists of a number of small, very tiny, low-cost, non-tamper proof and resource constrained sensor nodes. These nodes are often distributed and deployed in an unattended environment, so as to collaborate with each other to share data or information. Amidst various applications, wireless sensor network finds a major role in monitoring battle field in military applications. As these non-tamperproof nodes are deployed in an unattended location, they are vulnerable to many security attacks. Amongst many security attacks, the node replication attack seems to be more threatening to the network users. Node Replication attack is caused by an attacker, who catches one true node, duplicates the first certification and cryptographic materials, makes at least one or more copies of the caught node and spots them at certain key positions in the system to screen or disturb the network operations. Preventing the occurrence of such node replication attacks in network is a challenging task. In this survey article, we provide the classification of detection schemes and also explore the various schemes proposed in each category. Also, we compare the various detection schemes against certain evaluation parameters and also its limitations. Finally, we provide some suggestions for carrying out future research work against such attacks.
Abstract: Software development for complex systems requires
efficient and automatic tools that can be used to verify the
satisfiability of some critical properties such as security ones. With
the emergence of Aspect-Oriented Programming (AOP), considerable
work has been done in order to better modularize the separation of
concerns in the software design and implementation. The goal is to
prevent the cross-cutting concerns to be scattered across the multiple
modules of the program and tangled with other modules. One of the
key challenges in the aspect-oriented programs is to be sure that all
the pieces put together at the weaving time ensure the satisfiability
of the overall system requirements. Our paper focuses on this problem and proposes a formal property
verification approach for a given property from the woven program.
The approach is based on the control flow graph (CFG) of the
woven program, and the use of a satisfiability modulo theories (SMT)
solver to check whether each property (represented par one aspect)
is satisfied or not once the weaving is done.
Abstract: Business processes are crucial for organizations and
help businesses to evaluate and optimize their performance and
processes against current and future-state business goals. Outsourcing
business processes to the cloud becomes popular due to a wide
varsity of benefits and cost-saving. However, cloud outsourcing raises
enterprise data security concerns, which must be incorporated in
Business Process Model and Notation (BPMN). This paper, presents
SeCloudBPMN, a lightweight extension for BPMN which extends the
BPMN to explicitly support the security threats in the cloud as an
outsourcing environment. SeCloudBPMN helps business’s security
experts to outsource business processes to the cloud considering
different threats from inside and outside the cloud. In this way,
appropriate security countermeasures could be considered to preserve
data security in business processes outsourcing to the cloud.
Abstract: One possible approach for maintaining the security of communication systems relies on Physical Layer Security mechanisms. However, in wireless time division duplex systems, where uplink and downlink channels are reciprocal, the channel estimate procedure is exposed to attacks known as pilot contamination, with the aim of having an enhanced data signal sent to the malicious user. The Shifted 2-N-PSK method involves two random legitimate pilots in the training phase, each of which belongs to a constellation, shifted from the original N-PSK symbols by certain degrees. In this paper, legitimate pilots’ offset values and their influence on the detection capabilities of the Shifted 2-N-PSK method are investigated. As the implementation of the technique depends on the relation between the shift angles rather than their specific values, the optimal interconnection between the two legitimate constellations is investigated. The results show that no regularity exists in the relation between the pilot contamination attacks (PCA) detection probability and the choice of offset values. Therefore, an adversary who aims to obtain the exact offset values can only employ a brute-force attack but the large number of possible combinations for the shifted constellations makes such a type of attack difficult to successfully mount. For this reason, the number of optimal shift value pairs is also studied for both 100% and 98% probabilities of detecting pilot contamination attacks. Although the Shifted 2-N-PSK method has been broadly studied in different signal-to-noise ratio scenarios, in multi-cell systems the interference from the signals in other cells should be also taken into account. Therefore, the inter-cell interference impact on the performance of the method is investigated by means of a large number of simulations. The results show that the detection probability of the Shifted 2-N-PSK decreases inversely to the signal-to-interference-plus-noise ratio.
Abstract: Users in social networks either unicast or broadcast
their messages. At mention is the popular way of unicasting for
Twitter whereas general tweeting could be considered as broadcasting
method. Understanding the information flow and dynamics within
a Social Network and modeling the same is a promising and an
open research area called Information Diffusion. This paper seeks an
answer to a fundamental question - understanding if the at-mention
network or the unicasting pattern in social media is purely random
in nature or is there any user specific selectional preference? To
answer the question we present an empirical analysis to understand
the sociological aspects of Twitter mentions network within a social
network community. To understand the sociological behavior we
analyze the values (Schwartz model: Achievement, Benevolence,
Conformity, Hedonism, Power, Security, Self-Direction, Stimulation,
Traditional and Universalism) of all the users. Empirical results
suggest that values traits are indeed salient cue to understand how
the mention-based communication network functions. For example,
we notice that individuals possessing similar values unicast among
themselves more often than with other value type people. We also
observe that traditional and self-directed people do not maintain very
close relationship in the network with the people of different values
traits.
Abstract: African refugees are among the fastest-growing populations in the United States and nearly half of these refugees come from Somalia, many of whom are Somali Bantus, the most marginalized group in Somali society. Yet limited research is available on Somali Bantu refugees. In this paper, Empowerment Theory is used to guide an in-depth exploration of the potential benefits of using community kitchen gardens to increase community food security among Somali Bantu refugees. In addition, recommendations for future research, policy and practice are offered following existing scholarly and grey source literature guidelines as informed by an Empowerment perspective to best meet the needs of this under-researched and underserved yet growing population.
Abstract: Network security engineers work to keep services available all the time by handling intruder attacks. Intrusion Detection System (IDS) is one of the obtainable mechanisms that is used to sense and classify any abnormal actions. Therefore, the IDS must be always up to date with the latest intruder attacks signatures to preserve confidentiality, integrity, and availability of the services. The speed of the IDS is a very important issue as well learning the new attacks. This research work illustrates how the Knowledge Discovery and Data Mining (or Knowledge Discovery in Databases) KDD dataset is very handy for testing and evaluating different Machine Learning Techniques. It mainly focuses on the KDD preprocess part in order to prepare a decent and fair experimental data set. The J48, MLP, and Bayes Network classifiers have been chosen for this study. It has been proven that the J48 classifier has achieved the highest accuracy rate for detecting and classifying all KDD dataset attacks, which are of type DOS, R2L, U2R, and PROBE.
Abstract: The use of biometric identifiers in the field of
information security, access control to resources, authentication in
ATMs and banking among others, are of great concern because of
the safety of biometric data. In the general architecture of a biometric
system have been detected eight vulnerabilities, six of them allow
obtaining minutiae template in plain text. The main consequence
of obtaining minutia templates is the loss of biometric identifier
for life. To mitigate these vulnerabilities several models to protect
minutiae templates have been proposed. Several vulnerabilities in the
cryptographic security of these models allow to obtain biometric data
in plain text. In order to increase the cryptographic security and ease
of reversibility, a minutiae templates protection model is proposed.
The model aims to make the cryptographic protection and facilitate
the reversibility of data using two levels of security. The first level
of security is the data transformation level. In this level generates
invariant data to rotation and translation, further transformation is
irreversible. The second level of security is the evaluation level,
where the encryption key is generated and data is evaluated using a
defined evaluation function. The model is aimed at mitigating known
vulnerabilities of the proposed models, basing its security on the
impossibility of the polynomial reconstruction.
Abstract: Dangerous of climate change is now global problem and as such has a strategic priority also for the European Union. Europe and European citizens try to do their best to cut greenhouse gas emissions, moreover they substantially encourage other nations and regions to follow the same way. The European Commission and a number of Member States have developed adaptation strategies in order to help strengthen EU's resilience to the inevitable impacts of climate change. The EU has long been a driving force in international negotiations on climate change and was instrumental in the development of the UN Framework Convention on Climate Change. As the world's leading donor of development aid, the EU also provides substantial funding to help developing countries tackle climate change problem. Global warming influences human health, biodiversity, ecosystems but also many social and economic sectors. The aim of this paper is to focus on impact of claimant change on for food security. Food security challenges are directly related to globalization, climate change. It means that current and future food policy is exposed to all cross-cutting and that must be linked with environmental and climate targets, which supposed to be achieved. In the 7th EAP —The new general Union Environment Action Program to 2020, called “Living well, within the limits of our planet” EU has agreed to step up its efforts to protect natural capital, stimulate resource efficient, low carbon growth and innovation, and safeguard people’s health and wellbeing– while respecting the Earth’s natural limits.
Abstract: Cybercrime is on the rise, and yet many Law Enforcement Agencies (LEAs) in Malaysia have no Digital Forensics Laboratory (DFL) to assist them in the attrition and analysis of digital evidence. From the estimated number of 30 LEAs in Malaysia, sadly, only eight of them owned a DFL. All of the DFLs are concentrated in the capital of Malaysia and none at the state level. LEAs are still depending on the national DFL (CyberSecurity Malaysia) even for simple and straightforward cases. A survey was conducted among LEAs in Malaysia owning a DFL to understand their history of establishing the DFL, the challenges that they faced and the significance of the DFL to their case investigation. The results showed that the while some LEAs faced no challenge in establishing a DFL, some of them took seven to 10 years to do so. The reason was due to the difficulty in convincing their management because of the high costs involved. The results also revealed that with the establishment of a DFL, LEAs were better able to get faster forensic result and to meet agency’s timeline expectation. It is also found that LEAs were also able to get more meaningful forensic results on cases that require niche expertise, compared to sending off cases to the national DFL. Other than that, cases are getting more complex, and hence, a continuous stream of budget for equipment and training is inevitable. The result derived from the study is hoped to be used by other LEAs in justifying to their management the benefits of establishing an in-house DFL.
Abstract: Outbound tourism in Morocco, as in the majority of developing countries, reveals some of the aspects of inequality between the north and the south. Considered by some researchers as one of the facets of the development crisis, access to tourism and especially international tourism is a chance for a small minority with financial means, while the vast portions of the population dream rather of immigrating to a developed country for the sake of improving their standard of living. The right to travel is also limited by visa requirements, procedures in host countries, security and technical measures and creates discrimination in the practice of tourism. These conditions do not seem to be favorable to the democratization of the practice of international tourism for the populations of the southern countries. This paper is a contribution to the reading of the trends of outbound tourism in developing countries through the example of Morocco. It highlights the different aspects of Moroccan outbound tourism, destinations and the behavior of tourists through an analysis of the offer of a sample of 50 travel agencies. In the same vein, it offers a reading grid of the possibilities offered for the development of outbound tourism and the various existing obstacles to the democratization of international outbound tourism in the southern countries. This reading reveals the transformation in the behavior of Moroccan international tourists as well as the profound changes in Moroccan society, through a model of statistical analysis.
Abstract: In the contemporary global political economy, foreign direct investment (FDI) is gaining currency on daily basis. Notably, the end of the Cold War has brought about the dominance of neoliberal ideology with its mantra of private-sector-led economy. As such, nation-states now see FDI attraction as an important element in their approach to national development. Governments and policy makers are preoccupying themselves with unraveling the best strategies to not only attract more FDI but also to attain the desired socio-economic development status. In Nigeria, the perceived development potentials of FDI have brought about aggressive hunt for foreign investors, most especially since transition to civilian rule in May 1999. Series of liberal and market oriented strategies are being adopted not only to attract foreign investors but largely to stimulate private sector participation in the economy. It is on this premise that this study interrogates the politics of FDI attraction for domestic development in Nigeria between 1999 and 2014, with the ultimate aim of examining the nexus between regime type and the ability of a state to attract and benefit from FDI. Building its analysis within the framework of institutional utilitarianism, the study posits that the essential FDI strategies for achieving the greatest happiness for the greatest number of Nigerians are political not economic. Both content analysis and descriptive survey methodology were employed in carrying out the study. Content analysis involves desk review of literatures that culminated in the development of the study’s conceptual and theoretical framework of analysis. The study finds no significant relationship between transition to democracy and FDI inflows in Nigeria, as most of the attracted investments during the period of the study were market and resource seeking as was the case during the military regime, thereby contributing minimally to the socio-economic development of the country. It is also found that the country placed much emphasis on liberalization and incentives for FDI attraction at the neglect of improving the domestic investment environment. Consequently, poor state of infrastructure, weak institutional capability and insecurity were identified as the major factors seriously hindering the success of Nigeria in exploiting FDI for domestic development. Given the reality of the currency of FDI as a vector of economic globalization and that Nigeria is trailing the line of private-sector-led approach to development, it is recommended that emphasis should be placed on those measures aimed at improving the infrastructural facilities, building solid institutional framework, enhancing skill and technological transfer and coordinating FDI promotion activities by different agencies and at different levels of government.
Abstract: Security of context-aware ubiquitous systems is
paramount, and authentication plays an important aspect in cloud
computing and ubiquitous computing. Trust management has been
identified as vital component for establishing and maintaining
successful relational exchanges between trading partners in cloud
and ubiquitous systems. Establishing trust is the way to build good
relationship with both client and provider which positive activates will
increase trust level, otherwise destroy trust immediately. We propose
a new context-aware authentication system using a trust management
system between client and server, and between servers, a trust which
induces partnership, thus to a close cooperation between these servers.
We defined the rules (algorithms), as well as the formulas to manage
and calculate the trusting degrees depending on context, in order to
uniquely authenticate a user, thus a single sign-on, and to provide
him better services.
Abstract: Intrusion detection systems (IDS) are the main components of network security. These systems analyze the network events for intrusion detection. The design of an IDS is through the training of normal traffic data or attack. The methods of machine learning are the best ways to design IDSs. In the method presented in this article, the pruning algorithm of C5.0 decision tree is being used to reduce the features of traffic data used and training IDS by the least square vector algorithm (LS-SVM). Then, the remaining features are arranged according to the predictor importance criterion. The least important features are eliminated in the order. The remaining features of this stage, which have created the highest level of accuracy in LS-SVM, are selected as the final features. The features obtained, compared to other similar articles which have examined the selected features in the least squared support vector machine model, are better in the accuracy, true positive rate, and false positive. The results are tested by the UNSW-NB15 dataset.
Abstract: This paper presents an optimized, robust, and secured watermarking technique. The methodology used in this work is the combination of entropy and chaotic grid map. The proposed methodology incorporates Discrete Cosine Transform (DCT) on the host image. To improve the imperceptibility of the method, the host image DCT blocks, where the watermark is to be embedded, are further optimized by considering the entropy of the blocks. Chaotic grid is used as a key to reorder the DCT blocks so that it will further increase security while selecting the watermark embedding locations and its sequence. Without a key, one cannot reveal the exact watermark from the watermarked image. The proposed method is implemented on four different images. It is concluded that the proposed method is giving better results in terms of imperceptibility measured through PSNR and found to be above 50. In order to prove the effectiveness of the method, the performance analysis is done after implementing different attacks on the watermarked images. It is found that the methodology is very strong against JPEG compression attack even with the quality parameter up to 15. The experimental results are confirming that the combination of entropy and chaotic grid map method is strong and secured to different image processing attacks.
Abstract: Internet of Things (IoT) is a powerful industry system, which end-devices are interconnected and automated, allowing the devices to analyze data and execute actions based on the analysis. The IoT technology leverages the technology of Radio-Frequency Identification (RFID) and Wireless Sensor Network (WSN), including mobile and sensor. These technologies contribute to the evolution of IoT. However, due to more devices are connected each other in the Internet, and data from various sources exchanged between things, confidentiality of the data becomes a major concern. This paper focuses on one of the major challenges in IoT; authentication, in order to preserve data integrity and confidentiality are in place. A few solutions are reviewed based on papers from the last few years. One of the proposed solutions is securing the communication between IoT devices and cloud servers with Elliptic Curve Cryptograhpy (ECC) based mutual authentication protocol. This solution focuses on Hyper Text Transfer Protocol (HTTP) cookies as security parameter. Next proposed solution is using keyed-hash scheme protocol to enable IoT devices to authenticate each other without the presence of a central control server. Another proposed solution uses Physical Unclonable Function (PUF) based mutual authentication protocol. It emphasizes on tamper resistant and resource-efficient technology, which equals a 3-way handshake security protocol.
Abstract: In this modern era of technology, the concept of Internet of Things is very popular in every domain. It is a widely distributed system of things in which the data collected from sensory devices is transmitted, analyzed locally/collectively then broadcasted to network where action can be taken remotely via mobile/web apps. Today’s mobile computing is also gaining importance as the services are provided during mobility. Through mobile computing, data are transmitted via computer without physically connected to a fixed point. The challenge is to provide services with high speed and security. Also, the data gathered from the mobiles must be processed in a secured way. Mobile computing is strongly influenced by internet of things. In this paper, we have discussed security issues and challenges of internet of things and mobile computing and we have compared both of them on the basis of similarities and dissimilarities.
Abstract: Security of the smart home in terms of behavior activity pattern recognition is a totally dissimilar and unique issue as compared to the security issues of other scenarios. Sensor devices (low capacity and high capacity) interact and negotiate each other by detecting the daily behavior activity of individuals to execute common tasks. Once a device (e.g., surveillance camera, smart phone and light detection sensor etc.) is compromised, an adversary can then get access to a specific device and can damage daily behavior activity by altering the data and commands. In this scenario, a group of common instruction processes may get involved to generate deadlock. Therefore, an effective suitable security solution is required for smart home architecture. This paper proposes seamless distributed Scheme which fortifies low computational wireless devices for secure communication. Proposed scheme is based on lightweight key-session process to upheld cryptic-link for trajectory by recognizing of individual’s behavior activities pattern. Every device and service provider unit (low capacity sensors (LCS) and high capacity sensors (HCS)) uses an authentication token and originates a secure trajectory connection in network. Analysis of experiments is revealed that proposed scheme strengthens the devices against device seizure attack by recognizing daily behavior activities, minimum utilization memory space of LCS and avoids network from deadlock. Additionally, the results of a comparison with other schemes indicate that scheme manages efficiency in term of computation and communication.
Abstract: In the current age of technology, information is the most precious asset of a company. Today, companies have a large amount of data. As the data become larger, access to data for some particular information is becoming slower day by day. Faster data processing to shape it in the form of information is the biggest issue. The major problems in distributed databases are the efficiency of data distribution and response time of data distribution. The security of data distribution is also a big issue. For these problems, we proposed a strategy that can maximize the efficiency of data distribution and also increase its response time. This technique gives better results for secure data distribution from multiple heterogeneous sources. The newly proposed technique facilitates the companies for secure data sharing efficiently and quickly.
Abstract: Today, the mankind is in the stage of development, every day comes with new proposal of technology, in order to secure these types of technology, we also prepare high yielding security modules to conserve these resources. The capacity of human brain to recognize anything is far more than any species; this is all due to our developing cycle of curiosity. In this paper, we proposed a scheme based on graphical password using QR Code which provides more security to the recent online system. It also contains a supportive sound signature. In this system, authentication is done using sequence of images in QR code form. Users select one click-point per image with the help of QR scanner or recognizer. The encoded phrase in a QR code emphasizes the minimum probability of attacking via shoulder surfing or other attacks.