Abstract: A Mobile Ad-hoc Network (MANET) is a self managing network consists of versatile nodes that are capable of communicating with each other without having any fixed infrastructure. These nodes may be routers and/or hosts. Due to this dynamic nature of the network, routing protocols are vulnerable to various kinds of attacks. The black hole attack is one of the conspicuous security threats in MANETs. As the route discovery process is obligatory and customary, attackers make use of this loophole to get success in their motives to destruct the network. In Black hole attack the packet is redirected to a node that actually does not exist in the network. Many researchers have proposed different techniques to detect and prevent this type of attack. In this paper, we have analyzed various routing protocols in this context. Further we have shown a critical comparison among various protocols. We have shown various routing metrics are required proper and significant analysis of the protocol.
Abstract: Privacy and Security have emerged as an important research issue in Mobile Ad Hoc Networks (MANET) due to its unique nature such as scarce of resources and absence of centralized authority. There are number of protocols have been proposed to provide privacy and security for data communication in an adverse environment, but those protocols are compromised in many ways by the attackers. The concept of anonymity (in terms of unlinkability and unobservability) and pseudonymity has been introduced in this paper to ensure privacy and security. In this paper, a Secure Onion Throat (SOT) protocol is proposed to provide complete anonymity in an adverse environment. The SOT protocol is designed based on the combination of group signature and onion routing with ID-based encryption for route discovery. The security analysis demonstrates the performance of SOT protocol against all categories of attacks. The simulation results ensure the necessity and importance of the proposed SOT protocol in achieving such anonymity.
Abstract: It is well-known that in wireless local area networks,
authenticating nodes by their MAC addresses is not secure since it is
very easy for an attacker to learn one of the authorized addresses and
change his MAC address accordingly. In this paper, in order to
prevent MAC address spoofing attacks, we propose to use
dynamically changing MAC addresses and make each address usable
for only one session. The scheme we propose does not require any
change in 802.11 protocols and incurs only a small performance
overhead. One of the nice features of our new scheme is that no third
party can link different communication sessions of the same user by
monitoring MAC addresses therefore our scheme is preferable also
with respect to user privacy.
Abstract: RFID system, in which we give identification number to each item and detect it with radio frequency, supports more variable service than barcode system can do. For example, a refrigerator with RFID reader and internet connection will automatically notify expiration of food validity to us. But, in spite of its convenience, RFID system has some security threats, because anybody can get ID information of item easily. One of most critical threats is privacy invasion. Existing privacy protection schemes or systems have been proposed, and these schemes or systems defend normal users from attempts that any attacker tries to get information using RFID tag value. But, these systems still have weakness that attacker can get information using analogous value instead of original tag value. In this paper, we mention this type of attack more precisely and suggest 'Tag Broker Model', which can defend it. Tag broker in this model translates original tag value to random value, and user can only get random value. Attacker can not use analogous tag value, because he/she is not able to know original one from it.
Abstract: The objective of current study is to investigate the
differences of winning and losing teams in terms of goal scoring and
passing sequences. Total of 31 matches from UEFA-EURO 2012
were analyzed and 5 matches were excluded from analysis due to
matches end up drawn. There are two groups of variable used in the
study which is; i. the goal scoring variable and: ii. passing sequences
variable. Data were analyzed using Wilcoxon matched pair rank test
with significant value set at p < 0.05. Current study found the timing
of goal scored was significantly higher for winning team at 1st half
(Z=-3.416, p=.001) and 2nd half (Z=-3.252, p=.001). The scoring
frequency was also found to be increase as time progressed and the
last 15 minutes of the game was the time interval the most goals
scored. The indicators that were significantly differences between
winning and losing team were the goal scored (Z=-4.578, p=.000),
the head (Z=-2.500, p=.012), the right foot (Z=-3.788,p=.000),
corner (Z=-.2.126,p=.033), open play (Z=-3.744,p=.000), inside the
penalty box (Z=-4.174, p=.000) , attackers (Z=-2.976, p=.003) and
also the midfielders (Z=-3.400, p=.001). Regarding the passing
sequences, there are significance difference between both teams in
short passing sequences (Z=-.4.141, p=.000). While for the long
passing, there were no significance difference (Z=-.1.795, p=.073).
The data gathered in present study can be used by the coaches to
construct detailed training program based on their objectives.
Abstract: As the Internet technology has developed rapidly, the
number of identities (IDs) managed by each individual person has
increased and various ID management technologies have been
developed to assist users. However, most of these technologies are
vulnerable to the existing hacking methods such as phishing attacks
and key-logging. If the administrator-s password is exposed, an
attacker can access the entire contents of the stolen user-s data files in
other devices. To solve these problems, we propose here a new ID
management scheme based on a Single Password Protocol. The paper
presents the details of the new scheme as well as a formal analysis of
the method using BAN Logic.
Abstract: Nowadays, we are facing with network threats that
cause enormous damage to the Internet community day by day. In
this situation, more and more people try to prevent their network
security using some traditional mechanisms including firewall,
Intrusion Detection System, etc. Among them honeypot is a versatile
tool for a security practitioner, of course, they are tools that are meant
to be attacked or interacted with to more information about attackers,
their motives and tools. In this paper, we will describe usefulness of
low-interaction honeypot and high-interaction honeypot and
comparison between them. And then we propose hybrid honeypot
architecture that combines low and high -interaction honeypot to
mitigate the drawback. In this architecture, low-interaction honeypot
is used as a traffic filter. Activities like port scanning can be
effectively detected by low-interaction honeypot and stop there.
Traffic that cannot be handled by low-interaction honeypot is handed
over to high-interaction honeypot. In this case, low-interaction
honeypot is used as proxy whereas high-interaction honeypot offers
the optimal level realism. To prevent the high-interaction honeypot
from infections, containment environment (VMware) is used.
Abstract: Tracing and locating the geographical location of users (Geolocation) is used extensively in todays Internet. Whenever we, e.g., request a page from google we are - unless there was a specific configuration made - automatically forwarded to the page with the relevant language and amongst others, dependent on our location identified, specific commercials are presented. Especially within the area of Network Security, Geolocation has a significant impact. Because of the way the Internet works, attacks can be executed from almost everywhere. Therefore, for an attribution, knowledge of the origination of an attack - and thus Geolocation - is mandatory in order to be able to trace back an attacker. In addition, Geolocation can also be used very successfully to increase the security of a network during operation (i.e. before an intrusion actually has taken place). Similar to greylisting in emails, Geolocation allows to (i) correlate attacks detected with new connections and (ii) as a consequence to classify traffic a priori as more suspicious (thus particularly allowing to inspect this traffic in more detail). Although numerous techniques for Geolocation are existing, each strategy is subject to certain restrictions. Following the ideas of Endo et al., this publication tries to overcome these shortcomings with a combined solution of different methods to allow improved and optimized Geolocation. Thus, we present our architecture for improved Geolocation, by designing a new algorithm, which combines several Geolocation techniques to increase the accuracy.
Abstract: This paper proposes an easy-to-use instruction hiding
method to protect software from malicious reverse engineering
attacks. Given a source program (original) to be protected, the
proposed method (1) takes its modified version (fake) as an input,
(2) differences in assembly code instructions between original and
fake are analyzed, and, (3) self-modification routines are introduced
so that fake instructions become correct (i.e., original instructions)
before they are executed and that they go back to fake ones after
they are executed. The proposed method can add a certain amount
of security to a program since the fake instructions in the resultant
program confuse attackers and it requires significant effort to discover
and remove all the fake instructions and self-modification routines.
Also, this method is easy to use (with little effort) because all a user
(who uses the proposed method) has to do is to prepare a fake source
code by modifying the original source code.
Abstract: Both image steganography and image encryption have
advantages and disadvantages. Steganograhy allows us to hide a
desired image containing confidential information in a covered or
host image while image encryption is decomposing the desired image
to a non-readable, non-comprehended manner. The encryption
methods are usually much more robust than the steganographic ones.
However, they have a high visibility and would provoke the attackers
easily since it usually is obvious from an encrypted image that
something is hidden! The combination of steganography and
encryption will cover both of their weaknesses and therefore, it
increases the security. In this paper an image encryption method
based on sinc-convolution along with using an encryption key of 128
bit length is introduced. Then, the encrypted image is covered by a
host image using a modified version of JSteg steganography
algorithm. This method could be applied to almost all image formats
including TIF, BMP, GIF and JPEG. The experiment results show
that our method is able to hide a desired image with high security and
low visibility.
Abstract: In multi hop wireless systems, such as ad hoc and
sensor networks, mobile ad hoc network applications are deployed,
security emerges as a central requirement. A particularly devastating
attack is known as the wormhole attack, where two or more malicious
colluding nodes create a higher level virtual tunnel in the network,
which is employed to transport packets between the tunnel end points.
These tunnels emulate shorter links in the network. In which
adversary records transmitted packets at one location in the network,
tunnels them to another location, and retransmits them into the
network. The wormhole attack is possible even if the attacker has not
compromised any hosts and even if all communication provides
authenticity and confidentiality. In this paper, we analyze wormhole
attack nature in ad hoc and sensor networks and existing methods of
the defending mechanism to detect wormhole attacks without require
any specialized hardware. This analysis able to provide in
establishing a method to reduce the rate of refresh time and the
response time to become more faster.
Abstract: In this paper the development of a software to
encrypt messages with asymmetric cryptography is presented. In
particular, is used the RSA (Rivest, Shamir and Adleman) algorithm
to encrypt alphanumeric information. The software allows to
generate different public keys from two prime numbers provided by
the user, the user must then select a public-key to generate the
corresponding private-key. To encrypt the information, the user must
provide the public-key of the recipient as well as the message to be
encrypted. The generated ciphertext can be sent through an insecure
channel, so that would be very difficult to be interpreted by an
intruder or attacker. At the end of the communication, the recipient
can decrypt the original message if provide his/her public-key and
his/her corresponding private-key.
Abstract: Despite extensive study on wireless sensor network
security, defending internal attacks and finding abnormal behaviour
of the sensor are still difficult and unsolved task. The conventional
cryptographic technique does not give the robust security or detection
process to save the network from internal attacker that cause by
abnormal behavior. The insider attacker or abnormally behaved
sensor identificationand location detection framework using false
massage detection and Time difference of Arrival (TDoA) is
presented in this paper. It has been shown that the new framework
can efficiently identify and detect the insider attacker location so that
the attacker can be reprogrammed or subside from the network to
save from internal attack.
Abstract: Game theory could be used to analyze the conflicted
issues in the field of information hiding. In this paper, 2-phase game
can be used to build the embedder-attacker system to analyze the
limits of hiding capacity of embedding algorithms: the embedder
minimizes the expected damage and the attacker maximizes it. In the
system, the embedder first consumes its resource to build embedded
units (EU) and insert the secret information into EU. Then the attacker
distributes its resource evenly to the attacked EU. The expected
equilibrium damage, which is maximum damage in value from the
point of view of the attacker and minimum from the embedder against
the attacker, is evaluated by the case when the attacker attacks a
subset from all the EU. Furthermore, the optimal equilibrium capacity
of hiding information is calculated through the optimal number of EU
with the embedded secret information. Finally, illustrative examples
of the optimal equilibrium capacity are presented.
Abstract: Vehicular communications play a substantial role in providing safety in transportation by means of safety message exchange. Researchers have proposed several solutions for securing safety messages. Protocols based on a fixed key infrastructure are more efficient in implementation and maintain stronger security in comparison with dynamic structures. These protocols utilize zone partitioning to establish distinct key infrastructure under Certificate Authority (CA) supervision in different regions. Secure anonymous broadcasting (SAB) is one of these protocols that preserves most of security aspects but it has some deficiencies in practice. A very important issue is region change of a vehicle for its mobility. Changing regions leads to change of CA and necessity of having new key set to resume communication. In this paper, we propose solutions for informing vehicles about region change to obtain new key set before entering next region. This hinders attackers- intrusion, packet loss and lessons time delay. We also make key request messages secure by confirming old CA-s public key to the message, hence stronger security for safety message broadcasting is attained.
Abstract: We propose an enhanced key management scheme
based on Key Infection, which is lightweight scheme for tiny sensors.
The basic scheme, Key Infection, is perfectly secure against node
capture and eavesdropping if initial communications after node
deployment is secure. If, however, an attacker can eavesdrop on
the initial communications, they can take the session key. We use
common neighbors for each node to generate the session key. Each
node has own secret key and shares it with its neighbor nodes. Then
each node can establish the session key using common neighbors-
secret keys and a random number. Our scheme needs only a few
communications even if it uses neighbor nodes- information. Without
losing the lightness of basic scheme, it improves the resistance against
eavesdropping on the initial communications more than 30%.
Abstract: This paper describes the design and results of FROID,
an outbound intrusion detection system built with agent technology
and supported by an attacker-centric ontology. The prototype
features a misuse-based detection mechanism that identifies remote
attack tools in execution. Misuse signatures composed of attributes
selected through entropy analysis of outgoing traffic streams and
process runtime data are derived from execution variants of attack
programs. The core of the architecture is a mesh of self-contained
detection cells organized non-hierarchically that group agents in a
functional fashion. The experiments show performance gains when
the ontology is enabled as well as an increase in accuracy achieved
when correlation cells combine detection evidence received from
independent detection cells.
Abstract: Internet is largely composed of textual contents and a
huge volume of digital contents gets floated over the Internet daily.
The ease of information sharing and re-production has made it
difficult to preserve author-s copyright. Digital watermarking came
up as a solution for copyright protection of plain text problem after
1993. In this paper, we propose a zero text watermarking algorithm
based on occurrence frequency of non-vowel ASCII characters and
words for copyright protection of plain text. The embedding
algorithm makes use of frequency non-vowel ASCII characters and
words to generate a specialized author key. The extraction algorithm
uses this key to extract watermark, hence identify the original
copyright owner. Experimental results illustrate the effectiveness of
the proposed algorithm on text encountering meaning preserving
attacks performed by five independent attackers.
Abstract: During the last couple of years, the degree of dependence on IT systems has reached a dimension nobody imagined to be possible 10 years ago. The increased usage of mobile devices (e.g., smart phones), wireless sensor networks and embedded devices (Internet of Things) are only some examples of the dependency of modern societies on cyber space. At the same time, the complexity of IT applications, e.g., because of the increasing use of cloud computing, is rising continuously. Along with this, the threats to IT security have increased both quantitatively and qualitatively, as recent examples like STUXNET or the supposed cyber attack on Illinois water system are proofing impressively. Once isolated control systems are nowadays often publicly available - a fact that has never been intended by the developers. Threats to IT systems don’t care about areas of responsibility. Especially with regard to Cyber Warfare, IT threats are no longer limited to company or industry boundaries, administrative jurisdictions or state boundaries. One of the important countermeasures is increased cooperation among the participants especially in the field of Cyber Defence. Besides political and legal challenges, there are technical ones as well. A better, at least partially automated exchange of information is essential to (i) enable sophisticated situational awareness and to (ii) counter the attacker in a coordinated way. Therefore, this publication performs an evaluation of state of the art Intrusion Detection Message Exchange protocols in order to guarantee a secure information exchange between different entities.
Abstract: These days MANET is attracting much attention as
they are expected to gratefully influence communication between
wireless nodes. Along with this great strength, there is much more
chance of leave and being attacked by a malicious node. Due to this
reason much attention is given to the security and the private issue in
MANET. A lot of research in MANET has been doing. In this paper
we present the overview of MANET, the security issues of MANET,
IP configuration in MANET, the solution to puzzle out the security
issues and the simulation of the proposal idea. We add the method to
figure out the malicious nodes so that we can prevent the attack from
them. Nodes exchange the information about nodes to prevent DAD
attack. We can get 30% better performance than the previous
MANETConf.