Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356398
Lamya Alqaydi, C. Yeun, E. Damiani
Establishing a secure connection is a must nowadays since a lot of transactions are being done online. For instance, it can vary from buying items from small shops into buying extremely expensive equipment online. Hence, the need for securing the sessions and e-commerce is highly required. Furthermore, any government entity will require its communication to be secured from eavesdropping and Man in The Middle (MITM) attacks. Web Threats are spreading around the world and becoming more aggressive every year. Secure Socket Layer (SSL) and Transport Layer Security (TLS) were established as a standard to encrypt the communication between the client and the server. Everyday new vulnerabilities and loopholes in the internet protocols are being discovered. Hence an enhancement to the TLS protocol is a must. This need rises since most transactions and confidential communication is done through the network. Then information security researchers and developers have to test, develop, verify and enhance the security of the network. Throughout this report a study of the TLS protocol will be highlighted and its relative security. Later, a proposed method to test different TLS protocols will be explained. Future work will include developing a prototype that will be used to test different TLS protocol versions.
{"title":"Security enhancements to TLS for improved national control","authors":"Lamya Alqaydi, C. Yeun, E. Damiani","doi":"10.23919/ICITST.2017.8356398","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356398","url":null,"abstract":"Establishing a secure connection is a must nowadays since a lot of transactions are being done online. For instance, it can vary from buying items from small shops into buying extremely expensive equipment online. Hence, the need for securing the sessions and e-commerce is highly required. Furthermore, any government entity will require its communication to be secured from eavesdropping and Man in The Middle (MITM) attacks. Web Threats are spreading around the world and becoming more aggressive every year. Secure Socket Layer (SSL) and Transport Layer Security (TLS) were established as a standard to encrypt the communication between the client and the server. Everyday new vulnerabilities and loopholes in the internet protocols are being discovered. Hence an enhancement to the TLS protocol is a must. This need rises since most transactions and confidential communication is done through the network. Then information security researchers and developers have to test, develop, verify and enhance the security of the network. Throughout this report a study of the TLS protocol will be highlighted and its relative security. Later, a proposed method to test different TLS protocols will be explained. Future work will include developing a prototype that will be used to test different TLS protocol versions.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"306 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123470388","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356364
Daehee Kim, Jaekeun Yun, Sungjun Kim
In this paper, we propose a hybrid public key authentication scheme for wireless sensor networks whose goal is to minimize energy consumption while providing public key authentication. To accomplish this goal, we employ the certificate based public key authentication scheme and the Merkle hash tree based public key authentication scheme depending on the number of sensor nodes. The simulation result shows that our proposed scheme outperforms the existing public key authentication scheme in terms of energy consumption.
{"title":"Hybrid public key authentication for wireless sensor networks","authors":"Daehee Kim, Jaekeun Yun, Sungjun Kim","doi":"10.23919/ICITST.2017.8356364","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356364","url":null,"abstract":"In this paper, we propose a hybrid public key authentication scheme for wireless sensor networks whose goal is to minimize energy consumption while providing public key authentication. To accomplish this goal, we employ the certificate based public key authentication scheme and the Merkle hash tree based public key authentication scheme depending on the number of sensor nodes. The simulation result shows that our proposed scheme outperforms the existing public key authentication scheme in terms of energy consumption.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126251571","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356353
Messaouda Boumaraf, Fatiha Merazka
In recent years, chaos-based cryptosystems have drawn more and more attention in many disciplines in particular speech encryption. In this paper, we propose speech encryption scheme based on chaos maps for AMR-WB G.722.2 Codec. To increase the security level, we combine chaos maps logistic and Hénon for shuffling and scrambling speech in order to have a hybrid chaotic key generator. The proposed algorithm evaluated with both Perceptual Evaluation of Speech Quality (PESQ) and Enhanced Modified Bark Spectral Distortion (EMBSD) measure confirm the efficiency of our proposed cryptosystem scheme.
{"title":"Speech encryption based on hybrid chaotic key generator for AMR-WB G.722.2 codec","authors":"Messaouda Boumaraf, Fatiha Merazka","doi":"10.23919/ICITST.2017.8356353","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356353","url":null,"abstract":"In recent years, chaos-based cryptosystems have drawn more and more attention in many disciplines in particular speech encryption. In this paper, we propose speech encryption scheme based on chaos maps for AMR-WB G.722.2 Codec. To increase the security level, we combine chaos maps logistic and Hénon for shuffling and scrambling speech in order to have a hybrid chaotic key generator. The proposed algorithm evaluated with both Perceptual Evaluation of Speech Quality (PESQ) and Enhanced Modified Bark Spectral Distortion (EMBSD) measure confirm the efficiency of our proposed cryptosystem scheme.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"33 6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125736145","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356387
Ahana Roy, Aspen Olmsted
Data privacy is becoming an increasing concern in industries where huge data repositories are dealt with. Most of them need to share private data across distinct organizations. In this paper, we propose a modification to an existing framework wherein data sharing across distributed databases is handled without compromising the sensitive nature of information. This paper focuses on replacing an inner join with semi-join reducer technique in one of the distributed sites of an existing query execution model. We will demonstrate how transmitting redundant data can be eliminated deploying a reducer technique which ultimately results in minimization of communication cost.
{"title":"Distributed query processing and data sharing","authors":"Ahana Roy, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356387","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356387","url":null,"abstract":"Data privacy is becoming an increasing concern in industries where huge data repositories are dealt with. Most of them need to share private data across distinct organizations. In this paper, we propose a modification to an existing framework wherein data sharing across distributed databases is handled without compromising the sensitive nature of information. This paper focuses on replacing an inner join with semi-join reducer technique in one of the distributed sites of an existing query execution model. We will demonstrate how transmitting redundant data can be eliminated deploying a reducer technique which ultimately results in minimization of communication cost.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126908701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356459
Wren Chan, Aspen Olmsted
Cryptocurrency platforms such as Bitcoin and Ethereum have become more popular due to decentralized control and the promise of anonymity. Ethereum is particularly powerful due to its support for smart contracts which are implemented through Turing complete scripting languages and digital tokens that represent fungible tradable goods. It is necessary to understand whether de-anonymization is feasible to quantify the promise of anonymity. Cryptocurrencies are increasingly being used in online black markets like Silk Road and ransomware like CryptoLocker and WannaCry. In this paper, we propose a model for persisting transactions from Ethereum into a graph database, Neo4j. We propose leveraging graph compute or analytics against the transactions persisted into a graph database.
{"title":"Ethereum transaction graph analysis","authors":"Wren Chan, Aspen Olmsted","doi":"10.23919/ICITST.2017.8356459","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356459","url":null,"abstract":"Cryptocurrency platforms such as Bitcoin and Ethereum have become more popular due to decentralized control and the promise of anonymity. Ethereum is particularly powerful due to its support for smart contracts which are implemented through Turing complete scripting languages and digital tokens that represent fungible tradable goods. It is necessary to understand whether de-anonymization is feasible to quantify the promise of anonymity. Cryptocurrencies are increasingly being used in online black markets like Silk Road and ransomware like CryptoLocker and WannaCry. In this paper, we propose a model for persisting transactions from Ethereum into a graph database, Neo4j. We propose leveraging graph compute or analytics against the transactions persisted into a graph database.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115060083","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356429
Shahlaa Mashhadani, Hiba Al-kawaz, N. Clarke, S. Furnell, Fudong Li
Digital forensics has become a fundamental requirement for law enforcement due to the growing volume of cyber and computer-assisted crime. Whilst existing commercial tools have traditionally focused upon string-based analyses (e.g., regular expressions, keywords), less effort has been placed towards the development of multimedia-based analyses. Within the research community, more focus has been attributed to the analysis of multimedia content; they tend to focus upon highly specialised specific scenarios such as tattoo identification, number plate recognition, suspect face recognition and manual annotation of images. Given the ever-increasing volume of multimedia content, it is essential that a holistic Multimedia-Forensic Analysis Tool (M-FAT) is developed to extract, index, analyse the recovered images and provide an investigator with an environment with which to ask more abstract and cognitively challenging questions of the data. This paper proposes such a system, focusing upon a combination of object and facial recognition to provide a robust system. This system will enable investigators to perform a variety of forensic analyses that aid in reducing the time, effort and cognitive load being placed on the investigator to identify relevant evidence.
{"title":"A novel multimedia-forensic analysis tool (M-FAT)","authors":"Shahlaa Mashhadani, Hiba Al-kawaz, N. Clarke, S. Furnell, Fudong Li","doi":"10.23919/ICITST.2017.8356429","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356429","url":null,"abstract":"Digital forensics has become a fundamental requirement for law enforcement due to the growing volume of cyber and computer-assisted crime. Whilst existing commercial tools have traditionally focused upon string-based analyses (e.g., regular expressions, keywords), less effort has been placed towards the development of multimedia-based analyses. Within the research community, more focus has been attributed to the analysis of multimedia content; they tend to focus upon highly specialised specific scenarios such as tattoo identification, number plate recognition, suspect face recognition and manual annotation of images. Given the ever-increasing volume of multimedia content, it is essential that a holistic Multimedia-Forensic Analysis Tool (M-FAT) is developed to extract, index, analyse the recovered images and provide an investigator with an environment with which to ask more abstract and cognitively challenging questions of the data. This paper proposes such a system, focusing upon a combination of object and facial recognition to provide a robust system. This system will enable investigators to perform a variety of forensic analyses that aid in reducing the time, effort and cognitive load being placed on the investigator to identify relevant evidence.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114895939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-01DOI: 10.23919/ICITST.2017.8356449
Yichen Ma, Fuyao Wang, Zhuozheng Wang
For the purpose of optimizing laboratory management, a set of intelligent laboratory management system based on Internet of things is described in this paper. The hardware platform of this system is STM32 micro-controller, adopts WIFI intelligent power module, RFID-RC522 card reader, using Android/Java language to develop raspberry 3. When the students get to the laboratory and put their student cards on, the system would read the student information in the cloud database and find the student's course information, recorded in the STM32 micro-controller and display the information on the raspberry3. According to the information, the system would sign the data in the cloud database. Achieved an efficient laboratory intelligent information management system based on Internet of things.
{"title":"Intelligent laboratory management system based on Internet of Things","authors":"Yichen Ma, Fuyao Wang, Zhuozheng Wang","doi":"10.23919/ICITST.2017.8356449","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356449","url":null,"abstract":"For the purpose of optimizing laboratory management, a set of intelligent laboratory management system based on Internet of things is described in this paper. The hardware platform of this system is STM32 micro-controller, adopts WIFI intelligent power module, RFID-RC522 card reader, using Android/Java language to develop raspberry 3. When the students get to the laboratory and put their student cards on, the system would read the student information in the cloud database and find the student's course information, recorded in the STM32 micro-controller and display the information on the raspberry3. According to the information, the system would sign the data in the cloud database. Achieved an efficient laboratory intelligent information management system based on Internet of things.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133255095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-04DOI: 10.23919/ICITST.2017.8356407
Shuaiyi Bu, Shuxin Yang, Haoming Ji
Cloud computing has garnered increasing attention from researchers who have presented much work on performing massive computing tasks efficiently. Many security vulnerabilities have simultaneously occurred; therefore dealing with security problems in cloud computing has become an urgent issue. The purpose of this paper is to create a cloud computing framework based on the Map Reduce platform, a Google cloud-computing platform, and solve some security problems in the process of distributed computation. Inspired by SMC (Secure Multi-Party Computation), a protocol naturally suitable for distributed computation, we adopted homomorphic encryption, which could be used for processing a large amount of data securely in cloud computation. We also find that order preserving encryption(OPE), an encryption algorithm put forward in 2004, can be used in our secure framework. Cognizant of the applicability of SMC and OPE in cloud computing, we combine them with Map Reduce to design a security framework of distributed computation. Our major contributions consist of designing an innovative cloud computation framework in security based on Map Reduce, applying the order preserving encryption(OPE) algorithm, homomorphic encryption, and constructing a real distributed computation platform.
{"title":"Distributed computing framework in security: Case study of encryption method","authors":"Shuaiyi Bu, Shuxin Yang, Haoming Ji","doi":"10.23919/ICITST.2017.8356407","DOIUrl":"https://doi.org/10.23919/ICITST.2017.8356407","url":null,"abstract":"Cloud computing has garnered increasing attention from researchers who have presented much work on performing massive computing tasks efficiently. Many security vulnerabilities have simultaneously occurred; therefore dealing with security problems in cloud computing has become an urgent issue. The purpose of this paper is to create a cloud computing framework based on the Map Reduce platform, a Google cloud-computing platform, and solve some security problems in the process of distributed computation. Inspired by SMC (Secure Multi-Party Computation), a protocol naturally suitable for distributed computation, we adopted homomorphic encryption, which could be used for processing a large amount of data securely in cloud computation. We also find that order preserving encryption(OPE), an encryption algorithm put forward in 2004, can be used in our secure framework. Cognizant of the applicability of SMC and OPE in cloud computing, we combine them with Map Reduce to design a security framework of distributed computation. Our major contributions consist of designing an innovative cloud computation framework in security based on Map Reduce, applying the order preserving encryption(OPE) algorithm, homomorphic encryption, and constructing a real distributed computation platform.","PeriodicalId":440665,"journal":{"name":"2017 12th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"212 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134429458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: