Abstract: This paper investigates the encryption efficiency of RC6 block cipher application to digital images, providing a new mathematical measure for encryption efficiency, which we will call the encryption quality instead of visual inspection, The encryption quality of RC6 block cipher is investigated among its several design parameters such as word size, number of rounds, and secret key length and the optimal choices for the best values of such design parameters are given. Also, the security analysis of RC6 block cipher for digital images is investigated from strict cryptographic viewpoint. The security estimations of RC6 block cipher for digital images against brute-force, statistical, and differential attacks are explored. Experiments are made to test the security of RC6 block cipher for digital images against all aforementioned types of attacks. Experiments and results verify and prove that RC6 block cipher is highly secure for real-time image encryption from cryptographic viewpoint. Thorough experimental tests are carried out with detailed analysis, demonstrating the high security of RC6 block cipher algorithm. So, RC6 block cipher can be considered to be a real-time secure symmetric encryption for digital images.
Abstract: Vehicular Ad-hoc Network (VANET) is taking more
attention in automotive industry due to the safety concern of human
lives on roads. Security is one of the safety aspects in VANET. To be
secure, network availability must be obtained at all times since
availability of the network is critically needed when a node sends any
life critical information to other nodes. However, it can be expected
that security attacks are likely to increase in the coming future due to
more and more wireless applications being developed and deployed
onto the well-known expose nature of the wireless medium. In this
respect, the network availability is exposed to many types of attacks.
In this paper, Denial of Service (DOS) attack on network availability
is presented and its severity level in VANET environment is
elaborated. A model to secure the VANET from the DOS attacks has
been developed and some possible solutions to overcome the attacks
have been discussed.
Abstract: Assassination of politicians, school mass murders, purported suicides, aircraft crash, mass shootings by police, sinking of sea ferries, mysterious car accidents, mass fire deaths and horrificterror attacks are some of the cases that bring forth scientific and legal conflicts. Questions about truth, justice and human rights are raised by both victims and perpetrators/offenders as they seek to understand why and how it happened to them. This kind of questioning manifests itself in medical-criminological-legalpsychological and scientific realms. An agreement towards truthinvestigations for possible legal-political-psychological transitory issues such as prosecution, victim-offender mediation, healing, reconciliation, amnesty, reparation, restitution, and policy formulations is seen as one way of transforming these conflicts. Forensic scientists and pathologists in particular have formed professional groups where the complexities between legal truth and scientific truth are dramatized and elucidated within the anatomy of courtrooms. This paper focuses on how pathological truth and legal truth interact with each other in Kenya’s criminal justice system.
Abstract: It is well-known that in wireless local area networks,
authenticating nodes by their MAC addresses is not secure since it is
very easy for an attacker to learn one of the authorized addresses and
change his MAC address accordingly. In this paper, in order to
prevent MAC address spoofing attacks, we propose to use
dynamically changing MAC addresses and make each address usable
for only one session. The scheme we propose does not require any
change in 802.11 protocols and incurs only a small performance
overhead. One of the nice features of our new scheme is that no third
party can link different communication sessions of the same user by
monitoring MAC addresses therefore our scheme is preferable also
with respect to user privacy.
Abstract: This paper discusses a new heavy tailed distribution based data hiding into discrete cosine transform (DCT) coefficients of image, which provides statistical security as well as robustness against steganalysis attacks. Unlike other data hiding algorithms, the proposed technique does not introduce much effect in the stegoimage-s DCT coefficient probability plots, thus making the presence of hidden data statistically undetectable. In addition the proposed method does not compromise on hiding capacity. When compared to the generic block DCT based data-hiding scheme, our method found more robust against a variety of image manipulating attacks such as filtering, blurring, JPEG compression etc.
Abstract: Nowadays, keyless entry systems are widely adopted
for vehicle immobilizer systems due to both advantages of security and
convenience. Keyless entry systems could overcome brute-force key
guessing attack, statistics attack and masquerade attack, however,
they can't prevent from thieves stealing behavior. In this paper, we
proposed a new architecture try to improve the existent flaws. The
integration of the keyless entry system and the fingerprint
identification technology is more suitable to implement on the
portable transponder to achieve higher security needs. We also adopt
and modify AES security protocol for life expectancy and security of
the portable transponder. In addition, the identification of a driver's
fingerprint makes the service of automatic reinstatement of a driver's
preferences become possible. Our design can satisfy not only the three
kinds of previous illegal attacks, but also the stealing situation.
Furthermore, many practical factors, such as costs, life expectancy and
performance, have been well considered in the design of portable
transponder.
Abstract: Intrusion detection systems (IDS)are crucial components
of the security mechanisms of today-s computer systems.
Existing research on intrusion detection has focused on sequential
intrusions. However, intrusions can also be formed by concurrent
interactions of multiple processes. Some of the intrusions caused
by these interactions cannot be detected using sequential intrusion
detection methods. Therefore, there is a need for a mechanism that
views the distributed system as a whole. L-BIDS (Lattice-Based
Intrusion Detection System) is proposed to address this problem. In
the L-BIDS framework, a library of intrusions and distributed traces
are represented as lattices. Then these lattices are compared in order
to detect intrusions in the distributed traces.
Abstract: Flow field around hypersonic vehicles is very
complex and difficult to simulate. The boundary layers are squeezed
between shock layer and body surface. Resolution of boundary layer,
shock wave and turbulent regions where the flow field has high
values is difficult of capture. Detached eddy simulation (DES) is a
modification of a RANS model in which the model switches to a
subgrid scale formulation in regions fine enough for LES
calculations. Regions near solid body boundaries and where the
turbulent length scale is less than the maximum grid dimension are
assigned the RANS mode of solution. As the turbulent length scale
exceeds the grid dimension, the regions are solved using the LES
mode. Therefore the grid resolution is not as demanding as pure LES,
thereby considerably cutting down the cost of the computation. In
this research study hypersonic flow is simulated at Mach 8 and
different angle of attacks to resolve the proper boundary layers and
discontinuities. The flow is also simulated in the long wake regions.
Mesh is little different than RANS simulations and it is made dense
near the boundary layers and in the wake regions to resolve it
properly. Hypersonic blunt cone cylinder body with frustrum at angle
5o and 10 o are simulated and there aerodynamics study is performed
to calculate aerodynamics characteristics of different geometries. The
results and then compared with experimental as well as with some
turbulence model (SA Model). The results achieved with DES
simulation have very good resolution as well as have excellent
agreement with experimental and available data. Unsteady
simulations are performed for DES calculations by using duel time
stepping method or implicit time stepping. The simulations are
performed at Mach number 8 and angle of attack from 0o to 10o for
all these cases. The results and resolutions for DES model found
much better than SA turbulence model.
Abstract: The last two decades witnessed some advances in the development of an Arabic character recognition (CR) system. Arabic CR faces technical problems not encountered in any other language that make Arabic CR systems achieve relatively low accuracy and retards establishing them as market products. We propose the basic stages towards a system that attacks the problem of recognizing online Arabic cursive handwriting. Rule-based methods are used to perform simultaneous segmentation and recognition of word portions in an unconstrained cursively handwritten document using dynamic programming. The output of these stages is in the form of a ranked list of the possible decisions. A new technique for text line separation is also used.
Abstract: Because of the great advance in multimedia
technology, digital multimedia is vulnerable to malicious
manipulations. In this paper, a public key self-recovery block-based
video authentication technique is proposed which can not only
precisely localize the alteration detection but also recover the missing
data with high reliability. In the proposed block-based technique,
multiple description coding MDC is used to generate two codes (two
descriptions) for each block. Although one block code (one
description) is enough to rebuild the altered block, the altered block
is rebuilt with better quality by the two block descriptions. So using
MDC increases the ratability of recovering data. A block signature is
computed using a cryptographic hash function and a doubly linked
chain is utilized to embed the block signature copies and the block
descriptions into the LSBs of distant blocks and the block itself. The
doubly linked chain scheme gives the proposed technique the
capability to thwart vector quantization attacks. In our proposed
technique , anyone can check the authenticity of a given video using
the public key. The experimental results show that the proposed
technique is reliable for detecting, localizing and recovering the
alterations.
Abstract: The proliferation of web application and the pervasiveness of mobile technology make web-based attacks even more attractive and even easier to launch. Web Application Firewall (WAF) is an intermediate tool between web server and users that provides comprehensive protection for web application. WAF is a negative security model where the detection and prevention mechanisms are based on predefined or user-defined attack signatures and patterns. However, WAF alone is not adequate to offer best defensive system against web vulnerabilities that are increasing in number and complexity daily. This paper presents a methodology to automatically design a positive security based model which identifies and allows only legitimate web queries. The paper shows a true positive rate of more than 90% can be achieved.
Abstract: One main drawback of intrusion detection system is the
inability of detecting new attacks which do not have known
signatures. In this paper we discuss an intrusion detection method
that proposes independent component analysis (ICA) based feature
selection heuristics and using rough fuzzy for clustering data. ICA is
to separate these independent components (ICs) from the monitored
variables. Rough set has to decrease the amount of data and get rid of
redundancy and Fuzzy methods allow objects to belong to several
clusters simultaneously, with different degrees of membership. Our
approach allows us to recognize not only known attacks but also to
detect activity that may be the result of a new, unknown attack. The
experimental results on Knowledge Discovery and Data Mining-
(KDDCup 1999) dataset.
Abstract: Prior research evidenced that unimodal biometric
systems have several tradeoffs like noisy data, intra-class variations,
restricted degrees of freedom, non-universality, spoof attacks, and
unacceptable error rates. In order for the biometric system to be more
secure and to provide high performance accuracy, more than one
form of biometrics are required. Hence, the need arise for multimodal
biometrics using combinations of different biometric modalities. This
paper introduces a multimodal biometric system (MMBS) based on
fusion of whole dorsal hand geometry and fingerprints that acquires
right and left (Rt/Lt) near-infra-red (NIR) dorsal hand geometry (HG)
shape and (Rt/Lt) index and ring fingerprints (FP). Database of 100
volunteers were acquired using the designed prototype. The acquired
images were found to have good quality for all features and patterns
extraction to all modalities. HG features based on the hand shape
anatomical landmarks were extracted. Robust and fast algorithms for
FP minutia points feature extraction and matching were used. Feature
vectors that belong to similar biometric traits were fused using
feature fusion methodologies. Scores obtained from different
biometric trait matchers were fused using the Min-Max
transformation-based score fusion technique. Final normalized scores
were merged using the sum of scores method to obtain a single
decision about the personal identity based on multiple independent
sources. High individuality of the fused traits and user acceptability
of the designed system along with its experimental high performance
biometric measures showed that this MMBS can be considered for
med-high security levels biometric identification purposes.
Abstract: This paper presents a distributed intrusion
detection system IDS, based on the concept of specialized
distributed agents community representing agents with the
same purpose for detecting distributed attacks. The semantic of
intrusion events occurring in a predetermined network has been
defined. The correlation rules referring the process which our
proposed IDS combines the captured events that is distributed
both spatially and temporally. And then the proposed IDS tries
to extract significant and broad patterns for set of well-known
attacks. The primary goal of our work is to provide intrusion
detection and real-time prevention capability against insider
attacks in distributed and fully automated environments.
Abstract: Efficient storage, transmission and use of video information are key requirements in many multimedia applications currently being addressed by MPEG-4. To fulfill these requirements, a new approach for representing video information which relies on an object-based representation, has been adopted. Therefore, objectbased watermarking schemes are needed for copyright protection. This paper proposes a novel blind object watermarking scheme for images and video using the in place lifting shape adaptive-discrete wavelet transform (SA-DWT). In order to make the watermark robust and transparent, the watermark is embedded in the average of wavelet blocks using the visual model based on the human visual system. Wavelet coefficients n least significant bits (LSBs) are adjusted in concert with the average. Simulation results shows that the proposed watermarking scheme is perceptually invisible and robust against many attacks such as lossy image/video compression (e.g. JPEG, JPEG2000 and MPEG-4), scaling, adding noise, filtering, etc.
Abstract: Anxiety is a common disorder that attacks many people in society and often accompanied by physiological sensations such as tachycardia, chest pain, shortness of breath, insensitivity and etc. The purpose of this study is to characterize the putative anxiolytic-like effects of DEV (dichloromethane extracts of valerian) using the elevated plus maze (EPM) in rats. DEV was dissolved in DMSO and orally administered at different doses to adult male wistar rats, 0.5, 1.5 and 3 hours before behavioral evaluation in an EPM respectively. Control rats were treated with an equal volume of DMSO. Single treatment of DEV (at 0.1,0.2. 0.3, and 0.4 g/kg) significantly increased time-spent and arm entries into open arms of EPM versus control groups (p
Abstract: Quantum cryptography offers a way of key agreement,
which is unbreakable by any external adversary. Authentication is
of crucial importance, as perfect secrecy is worthless if the identity
of the addressee cannot be ensured before sending important information.
Message authentication has been studied thoroughly, but no
approach seems to be able to explicitly counter meet-in-the-middle
impersonation attacks. The goal of this paper is the development of
an authentication scheme being resistant against active adversaries
controlling the communication channel. The scheme is built on top
of a key-establishment protocol and is unconditionally secure if built
upon quantum cryptographic key exchange. In general, the security
is the same as for the key-agreement protocol lying underneath.
Abstract: As the Internet technology has developed rapidly, the
number of identities (IDs) managed by each individual person has
increased and various ID management technologies have been
developed to assist users. However, most of these technologies are
vulnerable to the existing hacking methods such as phishing attacks
and key-logging. If the administrator-s password is exposed, an
attacker can access the entire contents of the stolen user-s data files in
other devices. To solve these problems, we propose here a new ID
management scheme based on a Single Password Protocol. The paper
presents the details of the new scheme as well as a formal analysis of
the method using BAN Logic.
Abstract: Recently, Jia et al. proposed a remote user authentication scheme using bilinear pairings and an Elliptic Curve Cryptosystem (ECC). However, the scheme is vulnerable to privileged insider attack at their proposed registration phase and to forgery attack at their proposed authentication phase. In addition, the scheme can be vulnerable to server spoofing attack because it does not provide mutual authentication between the user and the remote server. Therefore, this paper points out that the Jia et al. scheme is vulnerable to the above three attacks.
Abstract: Buildings are one of the valuable assets to provide
people with shelters for work, leisure and rest. After years of
attacks by weather, buildings will deteriorate which need proper
maintenance in order to fulfill the requirements and satisfaction of
the users. Poorly managed buildings not just give a negative image
to the city itself, but also pose potential risk hazards to the health
and safety of the general public. As a result, the management of
maintenance projects has played an important role in cities like
Hong Kong where the problem of urban decay has drawn much
attention. However, most research has focused on managing new
construction, and little research effort has been put on maintenance
projects. Given the short duration and more diversified nature of
work, repair and maintenance works are found to be more difficult
to monitor and regulate when compared with new works. Project
participants may face with problems in running maintenance
projects which should be investigated so that proper strategies can
be established. This paper aims to provide a thorough analysis on
the problems of running maintenance projects. A review of
literature on the characteristics of building maintenance projects
was firstly conducted, which forms a solid basis for the empirical
study. Results on the problems and difficulties of running
maintenance projects from the viewpoints of industry practitioners
will also be delivered with a view to formulating effective
strategies for managing maintenance projects successfully.