Pub Date : 2019-10-09DOI: 10.1504/IJICS.2019.10020760
J. Al-Saraireh
Database management is considered an essential component of many information systems to store data. Some database system contains secure data; these data are protected by using encryption techniques. The query performance is affected by encryption techniques. Therefore; should be a balance between the security and performance. A new technique in this research work has been proposed to enhance the query performance over the encrypted fields in a database system. This technique is based on producing a unique hash value for each secure data and transforms the SQL query into an appropriate formula to be executed over the hash value fields. The proposed approach has eliminated any statistical relationship between encrypted and hash value fields. The time of execution encryption/decryption is reduced to enhance the performance of the query over encrypted secure data in the proposed technique. A set of experiments are carried out, and the results indicate that the performance of SQL-query is enhanced by reducing the average response time to 14 compared with others related approaches.
{"title":"A novel approach for query over encrypted data in database","authors":"J. Al-Saraireh","doi":"10.1504/IJICS.2019.10020760","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10020760","url":null,"abstract":"Database management is considered an essential component of many information systems to store data. Some database system contains secure data; these data are protected by using encryption techniques. The query performance is affected by encryption techniques. Therefore; should be a balance between the security and performance. A new technique in this research work has been proposed to enhance the query performance over the encrypted fields in a database system. This technique is based on producing a unique hash value for each secure data and transforms the SQL query into an appropriate formula to be executed over the hash value fields. The proposed approach has eliminated any statistical relationship between encrypted and hash value fields. The time of execution encryption/decryption is reduced to enhance the performance of the query over encrypted secure data in the proposed technique. A set of experiments are carried out, and the results indicate that the performance of SQL-query is enhanced by reducing the average response time to 14 compared with others related approaches.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114054622","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-09DOI: 10.1504/ijics.2019.10024486
Xiaolei Wang, Yuexiang Yang
Serious concerns have been raised about user's privacy leak in mobile apps, and many detection approaches are proposed. To evade detection, new mobile malware starts to mimic privacy-related behaviours of benign apps, and mix malicious privacy leak with benign ones to reduce the chance of being observed. Since prior proposed approaches primarily focus on the privacy leak discovery, these evasive techniques will make differentiating between malicious and benign privacy disclosures difficult during privacy leak analysis. In this paper, we propose PrivacyContext to identify malicious privacy leak using context. PrivacyContext can be used to purify privacy leak detection results for automatic and easy interpretation by filtering benign privacy disclosures. Experiments show PrivacyContext can perform an effective and efficient static privacy disclosure analysis enhancement and identify malicious privacy leak with 92.73% true positive rate. Evaluation also indicates that to keep the accuracy of privacy disclosure classification, our proposed contexts are all necessary.
{"title":"PrivacyContext: identifying malicious mobile privacy leak using program context","authors":"Xiaolei Wang, Yuexiang Yang","doi":"10.1504/ijics.2019.10024486","DOIUrl":"https://doi.org/10.1504/ijics.2019.10024486","url":null,"abstract":"Serious concerns have been raised about user's privacy leak in mobile apps, and many detection approaches are proposed. To evade detection, new mobile malware starts to mimic privacy-related behaviours of benign apps, and mix malicious privacy leak with benign ones to reduce the chance of being observed. Since prior proposed approaches primarily focus on the privacy leak discovery, these evasive techniques will make differentiating between malicious and benign privacy disclosures difficult during privacy leak analysis. In this paper, we propose PrivacyContext to identify malicious privacy leak using context. PrivacyContext can be used to purify privacy leak detection results for automatic and easy interpretation by filtering benign privacy disclosures. Experiments show PrivacyContext can perform an effective and efficient static privacy disclosure analysis enhancement and identify malicious privacy leak with 92.73% true positive rate. Evaluation also indicates that to keep the accuracy of privacy disclosure classification, our proposed contexts are all necessary.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125841461","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-09DOI: 10.1504/IJICS.2019.10024485
Henry Carter, Patrick Traynor
Outsourced secure multiparty computation (SMC) protocols allow resource-constrained devices to execute input-private computation with great efficiency. Unfortunately, existing outsourced SMC protocols require that all parties know the function being evaluated, precluding applications where the function itself must remain private. We develop the first linear-complexity protocols for outsourcing private function evaluation (PFE), SMC protocols that provide input and function privacy. Assuming a semi-honest function holder, we build on existing two-party PFE constructions to develop outsourced protocols that are secure against a semi-honest, covert, or malicious outsourcing server and malicious mobile participants. To do this, we develop a garbling technique for combining public and private sub-circuits in a single computation. This allows us to apply auxiliary checks for malicious behaviour using only free-XOR gates. These protocols demonstrate the feasibility of outsourced PFE and provide a first step towards privacy-preserving applications for use in cloud computing.
{"title":"OPFE: Outsourcing Computation for Private Function Evaluation","authors":"Henry Carter, Patrick Traynor","doi":"10.1504/IJICS.2019.10024485","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10024485","url":null,"abstract":"Outsourced secure multiparty computation (SMC) protocols allow resource-constrained devices to execute input-private computation with great efficiency. Unfortunately, existing outsourced SMC protocols require that all parties know the function being evaluated, precluding applications where the function itself must remain private. We develop the first linear-complexity protocols for outsourcing private function evaluation (PFE), SMC protocols that provide input and function privacy. Assuming a semi-honest function holder, we build on existing two-party PFE constructions to develop outsourced protocols that are secure against a semi-honest, covert, or malicious outsourcing server and malicious mobile participants. To do this, we develop a garbling technique for combining public and private sub-circuits in a single computation. This allows us to apply auxiliary checks for malicious behaviour using only free-XOR gates. These protocols demonstrate the feasibility of outsourced PFE and provide a first step towards privacy-preserving applications for use in cloud computing.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131786823","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-27DOI: 10.1504/ijics.2019.10023472
Mohammed Amine Yagoub, O. Kazar, Mounir Beggas
The cloud computing has been envisioned as the next generation architecture of information technology enterprise. The Internet is indispensable in present days to provide and maintain the data. Such applications can be used by the end-user via the cloud communications without any configuration. Moreover, the user's data files can be accessed from any other computer using the Internet services. The security goal is to save data from threat and vulnerability which is handled by various approaches. The data should be encrypted prior to be transmitted and stored. We aim to propose a solution such that we will encrypt the whole data along with the cryptographic key. This contribution provides a new architecture that combines, obfuscation technique, hybrid encryption algorithms and the homomorphic encryption approaches. The proposed security architecture based on multi-agent system for cloud computing communications and storage environment that takes into account the most known security gaps.
{"title":"A multi-agent system approach based on cryptographic algorithm for securing communications and protecting stored data in the cloud-computing environment","authors":"Mohammed Amine Yagoub, O. Kazar, Mounir Beggas","doi":"10.1504/ijics.2019.10023472","DOIUrl":"https://doi.org/10.1504/ijics.2019.10023472","url":null,"abstract":"The cloud computing has been envisioned as the next generation architecture of information technology enterprise. The Internet is indispensable in present days to provide and maintain the data. Such applications can be used by the end-user via the cloud communications without any configuration. Moreover, the user's data files can be accessed from any other computer using the Internet services. The security goal is to save data from threat and vulnerability which is handled by various approaches. The data should be encrypted prior to be transmitted and stored. We aim to propose a solution such that we will encrypt the whole data along with the cryptographic key. This contribution provides a new architecture that combines, obfuscation technique, hybrid encryption algorithms and the homomorphic encryption approaches. The proposed security architecture based on multi-agent system for cloud computing communications and storage environment that takes into account the most known security gaps.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129172723","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-27DOI: 10.1504/IJICS.2019.10018795
Hamza Khemissa, Djamel Tandjaoui, S. Bouzefrane
E-health applications are one of the most promising applications in the context of internet of things (IoT). Nevertheless, resource constraints and security issues in IoT are the main barriers for their deployment. Among security issues, authentication and data confidentiality are required to secure e-health applications. In this paper, we propose a new authentication and key agreement scheme for e-health applications in the context of IoT. This scheme allows a sensor node, a gateway node, and a remote user to authenticate each other and secure the collection of health-related data. The proposed scheme is based on lightweight symmetric cryptography since it uses nonces, exclusive-or operations, and simple hash functions. Besides, it takes into consideration the sensors location to provide an efficient authentication. To assess the proposed scheme, we conduct a theoretical and an automated security analysis using AVISPA tool. The results show that our scheme preserves the security properties, and ensures resilience against different types of attacks. In addition, we evaluate and compare both communication and computational costs with some existing authentication schemes. The obtained results prove that it provides authentication with low energy cost.
{"title":"An efficient authentication and key agreement scheme for e-health applications in the context of internet of things","authors":"Hamza Khemissa, Djamel Tandjaoui, S. Bouzefrane","doi":"10.1504/IJICS.2019.10018795","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10018795","url":null,"abstract":"E-health applications are one of the most promising applications in the context of internet of things (IoT). Nevertheless, resource constraints and security issues in IoT are the main barriers for their deployment. Among security issues, authentication and data confidentiality are required to secure e-health applications. In this paper, we propose a new authentication and key agreement scheme for e-health applications in the context of IoT. This scheme allows a sensor node, a gateway node, and a remote user to authenticate each other and secure the collection of health-related data. The proposed scheme is based on lightweight symmetric cryptography since it uses nonces, exclusive-or operations, and simple hash functions. Besides, it takes into consideration the sensors location to provide an efficient authentication. To assess the proposed scheme, we conduct a theoretical and an automated security analysis using AVISPA tool. The results show that our scheme preserves the security properties, and ensures resilience against different types of attacks. In addition, we evaluate and compare both communication and computational costs with some existing authentication schemes. The obtained results prove that it provides authentication with low energy cost.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127758856","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-27DOI: 10.1504/ijics.2019.10023477
I. B. Venkateswarlu, Jagadeesh Kakarla
Login will be the critical step for most of the web users for the user authentication. As hackers utilizing a variety of techniques to steal the passwords, it is recommended to offer secured transmission of passwords to the servers from the client system. Current web developers are using common traditional hashing techniques for securing passwords over the network. However, hashing techniques are vulnerable to several attacks like brute-force attack, dictionary attack, and birthday attack. This paper implemented password security with an easy and robust transposition based encryption technique using an extended ADFGVX cipher. The proposed cipher uses two 7 × 6 Polybius squares for encryption to accommodate common characters of the password along with the random key for encryption. Finally, this study considered four metrics for performance evaluation and compared the proposed method with the state-of-art techniques. It is found that the proposed method performed excellently regarding complexity for cracking password and satisfactorily concerning execution time.
{"title":"Password security by encryption using an extended ADFGVX cipher","authors":"I. B. Venkateswarlu, Jagadeesh Kakarla","doi":"10.1504/ijics.2019.10023477","DOIUrl":"https://doi.org/10.1504/ijics.2019.10023477","url":null,"abstract":"Login will be the critical step for most of the web users for the user authentication. As hackers utilizing a variety of techniques to steal the passwords, it is recommended to offer secured transmission of passwords to the servers from the client system. Current web developers are using common traditional hashing techniques for securing passwords over the network. However, hashing techniques are vulnerable to several attacks like brute-force attack, dictionary attack, and birthday attack. This paper implemented password security with an easy and robust transposition based encryption technique using an extended ADFGVX cipher. The proposed cipher uses two 7 × 6 Polybius squares for encryption to accommodate common characters of the password along with the random key for encryption. Finally, this study considered four metrics for performance evaluation and compared the proposed method with the state-of-art techniques. It is found that the proposed method performed excellently regarding complexity for cracking password and satisfactorily concerning execution time.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132109031","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-27DOI: 10.1504/IJICS.2019.10023077
Ahmed A. Elngar
Along with the large-scale proliferation of IoT-networks and information technology, users can obtain the information resources conveniently via intelligent device. Therefore authentication mechanism is a fundamental tool for ensuring secure communications and the validity of communicating party. Specially, focusing on healthcare applications based on IoT-networks.This paper proposes an efficient authentication model called 'Elngar authentication model' (EAM)-based IoT medical data system for anonymous users using elliptic curves cryptosystem (ECC) which achieves mutual authentication and forward security. Specifically, this paper certify the legitimacy of the proposed via employing BAN-logic, which is one of the important formal methods. Further, the performance comparison shows that EAM model is more suitable for IoT medical applications where efficiency and security concerned.
{"title":"An efficient user authentication model for IOT-based healthcare environment","authors":"Ahmed A. Elngar","doi":"10.1504/IJICS.2019.10023077","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10023077","url":null,"abstract":"Along with the large-scale proliferation of IoT-networks and information technology, users can obtain the information resources conveniently via intelligent device. Therefore authentication mechanism is a fundamental tool for ensuring secure communications and the validity of communicating party. Specially, focusing on healthcare applications based on IoT-networks.This paper proposes an efficient authentication model called 'Elngar authentication model' (EAM)-based IoT medical data system for anonymous users using elliptic curves cryptosystem (ECC) which achieves mutual authentication and forward security. Specifically, this paper certify the legitimacy of the proposed via employing BAN-logic, which is one of the important formal methods. Further, the performance comparison shows that EAM model is more suitable for IoT medical applications where efficiency and security concerned.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134276412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-27DOI: 10.1504/ijics.2019.10023471
Jiaying Li, Baowen Zhang
Attribute-based access control (ABAC) needs a large number of policies to function by using attributes of visitors, resources, environmental conditions, etc. Efficient policy administration is vital for implementation of ABAC models. In this paper, an ontology-based approach is proposed to build up an ABAC model, which is named as an ontology-based ABAC model, OABACM. Underlying relationships among things such as attributes hierarchies in OABACM are identified and described in OABACM, which if treated improperly can directly lead to problems in policy administration. In addition, policy representation and reasoning mechanism are discussed within OABACM and inherent logical properties of this model are formalised in rules. With proper reasoners, these properties can be utilised to logically improve access policy administration by reducing policy redundancy and detecting policy conflicts. In experiments, a sample ontology is created and several enterprise access examples are tested upon OABACM, which validates the effects of our model on policy administration.
{"title":"An ontology-based approach to improve access policy administration of attribute-based access control","authors":"Jiaying Li, Baowen Zhang","doi":"10.1504/ijics.2019.10023471","DOIUrl":"https://doi.org/10.1504/ijics.2019.10023471","url":null,"abstract":"Attribute-based access control (ABAC) needs a large number of policies to function by using attributes of visitors, resources, environmental conditions, etc. Efficient policy administration is vital for implementation of ABAC models. In this paper, an ontology-based approach is proposed to build up an ABAC model, which is named as an ontology-based ABAC model, OABACM. Underlying relationships among things such as attributes hierarchies in OABACM are identified and described in OABACM, which if treated improperly can directly lead to problems in policy administration. In addition, policy representation and reasoning mechanism are discussed within OABACM and inherent logical properties of this model are formalised in rules. With proper reasoners, these properties can be utilised to logically improve access policy administration by reducing policy redundancy and detecting policy conflicts. In experiments, a sample ontology is created and several enterprise access examples are tested upon OABACM, which validates the effects of our model on policy administration.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114972102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-27DOI: 10.1504/ijics.2019.10023470
B. Khan, R. F. Olanrewaju, F. Anwar, R. N. Mir, Athaur Rahman Najeeb
Increasing proliferation of IoT has led to an evolution of various devices for realising the smart features of ubiquitous applications. However, the inclusion of such a massive pool of devices with different computational capabilities, network protocols, hardware configurations, etc. also causes a higher number of security threats. Security professionals, organisations, and researchers are consistently investigating the security problems associated with IoT ecosystem and are coming up with different forms of solution sets. This paper presents a snapshot of the existing research work being carried out towards the security of IoT and assesses their strengths and weaknesses. The paper also explores the current research trend and presents the latest security methods being implemented and outlines the open research issues associated with it. The paper contributes to offering an accurate picture of the effectiveness of the existing security system in IoT.
{"title":"A critical insight into the effectiveness of research methods evolved to secure IoT ecosystem","authors":"B. Khan, R. F. Olanrewaju, F. Anwar, R. N. Mir, Athaur Rahman Najeeb","doi":"10.1504/ijics.2019.10023470","DOIUrl":"https://doi.org/10.1504/ijics.2019.10023470","url":null,"abstract":"Increasing proliferation of IoT has led to an evolution of various devices for realising the smart features of ubiquitous applications. However, the inclusion of such a massive pool of devices with different computational capabilities, network protocols, hardware configurations, etc. also causes a higher number of security threats. Security professionals, organisations, and researchers are consistently investigating the security problems associated with IoT ecosystem and are coming up with different forms of solution sets. This paper presents a snapshot of the existing research work being carried out towards the security of IoT and assesses their strengths and weaknesses. The paper also explores the current research trend and presents the latest security methods being implemented and outlines the open research issues associated with it. The paper contributes to offering an accurate picture of the effectiveness of the existing security system in IoT.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"94 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122360729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-27DOI: 10.1504/IJICS.2019.10013935
B. Youssef, M. Nada, B. Regragui
Cloud environments are becoming easy targets for intruders looking for possible vulnerabilities to exploit as many enterprise applications and data are moving into cloud platforms. The use of current generation of IDS have various limitations on their performance making them not effective for cloud computing security and could generate a huge number of false positive alarms. Analysing intrusion based on attack patterns and risk assessment has demonstrated its efficiency in reducing the number of false alarms and optimising the IDS performances. However, the use of the same value of likelihood makes the approach lacks of real risk value determination. This paper intended to present a new probabilistic and behavioural approach for likelihood determination to quantify attacks in cloud environment, with the main task to increase the efficiency of IDS and decrease the number of alarms. Experimental results show that our approach is superior to the state-of-the-art approaches for intrusion detection in cloud.
{"title":"Behavioural analysis approach for IDS based on attack pattern and risk assessment in cloud computing","authors":"B. Youssef, M. Nada, B. Regragui","doi":"10.1504/IJICS.2019.10013935","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10013935","url":null,"abstract":"Cloud environments are becoming easy targets for intruders looking for possible vulnerabilities to exploit as many enterprise applications and data are moving into cloud platforms. The use of current generation of IDS have various limitations on their performance making them not effective for cloud computing security and could generate a huge number of false positive alarms. Analysing intrusion based on attack patterns and risk assessment has demonstrated its efficiency in reducing the number of false alarms and optimising the IDS performances. However, the use of the same value of likelihood makes the approach lacks of real risk value determination. This paper intended to present a new probabilistic and behavioural approach for likelihood determination to quantify attacks in cloud environment, with the main task to increase the efficiency of IDS and decrease the number of alarms. Experimental results show that our approach is superior to the state-of-the-art approaches for intrusion detection in cloud.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116761138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: