Pub Date : 2017-05-31DOI: 10.14257/ijsia.2017.11.5.05
Preeti Thakur, Devesh Kumar Srivastava
Virtual Machine is a combined form of operating system and application. Virtualization provides the facility to run multiple operating systems on a single physical machine. These multiple operating systems are called guest operating systems. In server Virtualization many virtual machines (VMs) can run on one server including its own server. These VMs can be migrated from one server to another. As VM image will be downloaded to create a new virtual machine on the guest operating system it has some security problems. Unauthorized access can create the security issues like Malware injection. Due to which there is a need of scheme capable of providing encryption, malware detection, automatic patching to restore the image. In this paper an algorithm is proposed which is capable of providing solution to the above issues.
{"title":"An Algorithm to Secure Virtual Machine Image in Cloud Environment","authors":"Preeti Thakur, Devesh Kumar Srivastava","doi":"10.14257/ijsia.2017.11.5.05","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.5.05","url":null,"abstract":"Virtual Machine is a combined form of operating system and application. Virtualization provides the facility to run multiple operating systems on a single physical machine. These multiple operating systems are called guest operating systems. In server Virtualization many virtual machines (VMs) can run on one server including its own server. These VMs can be migrated from one server to another. As VM image will be downloaded to create a new virtual machine on the guest operating system it has some security problems. Unauthorized access can create the security issues like Malware injection. Due to which there is a need of scheme capable of providing encryption, malware detection, automatic patching to restore the image. In this paper an algorithm is proposed which is capable of providing solution to the above issues.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46505970","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-05-31DOI: 10.14257/IJSIA.2017.11.5.07
Huaijin Liu, Yonghong Chen, D. Agrawal
In order to meet the need of scalability of vehicular ad hoc network (VANET), when using the roadside unit (RSU) for message authentication and broadcast, many studies have paid little attention to the message transmission delay and the communication overhead caused by the signature. For the sake of guaranteeing the reliability of the message and improve the efficiency of message transmission, this paper proposes a secure and efficient message delivery scheme for VANET. The scheme firstly uses the opp-dir dissemination model to propagate the message to solve the problem of message transmission delay. Then, the message is signed by the aggregate MAC technique to ensure the reliability of the message. Extensive experiments validate that the proposed scheme can reduce the message transmission delay and communication overhead, improve the message delivery ratio.
{"title":"A Secure and Efficient Message Delivery Scheme for VANET","authors":"Huaijin Liu, Yonghong Chen, D. Agrawal","doi":"10.14257/IJSIA.2017.11.5.07","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.5.07","url":null,"abstract":"In order to meet the need of scalability of vehicular ad hoc network (VANET), when using the roadside unit (RSU) for message authentication and broadcast, many studies have paid little attention to the message transmission delay and the communication overhead caused by the signature. For the sake of guaranteeing the reliability of the message and improve the efficiency of message transmission, this paper proposes a secure and efficient message delivery scheme for VANET. The scheme firstly uses the opp-dir dissemination model to propagate the message to solve the problem of message transmission delay. Then, the message is signed by the aggregate MAC technique to ensure the reliability of the message. Extensive experiments validate that the proposed scheme can reduce the message transmission delay and communication overhead, improve the message delivery ratio.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47205067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-05-31DOI: 10.14257/IJSIA.2017.11.5.01
Yasir Hamid, Ludovic Journax, F. Shah, M. Sugumaran
Recognizing intrusions quickly and precisely is vital to the proficient operation of computer networks. Precisely describing critical classes of intrusions extraordinarily encourages their recognizable proof; be that as it may, the nuances and complexities of anomalous activities can without much of a stretch complicate the procedure. Due to the inherent capability of the signal processing to discover the novel and obscure attacks, they have been pretty popular for Network Intrusion Detection, and the nearness of the self-comparability in the system activity propels the appropriateness for the application Wavelets. In this work we first subject the network data to dimension reduction using Stochastic Neighbor Embedding (SNE) and then preform the wavelet decomposition of the data. The classification results of the pre-processed data using Gaussian SVM over different bandwidths uphold the claim that the proposed system has appreciably improved detection coverage for all the attack groups and the normal data as well, and at the same time minimized the false alarms. (Coiflets), Biorthogonal wavelets, Harmonic wavelets, Legendre wavelets, M-band wavelets and Composite wavelets.
{"title":"A Coalesce of SNE-Wavelet-SVM Technique for Network Intrusion Detection","authors":"Yasir Hamid, Ludovic Journax, F. Shah, M. Sugumaran","doi":"10.14257/IJSIA.2017.11.5.01","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.5.01","url":null,"abstract":"Recognizing intrusions quickly and precisely is vital to the proficient operation of computer networks. Precisely describing critical classes of intrusions extraordinarily encourages their recognizable proof; be that as it may, the nuances and complexities of anomalous activities can without much of a stretch complicate the procedure. Due to the inherent capability of the signal processing to discover the novel and obscure attacks, they have been pretty popular for Network Intrusion Detection, and the nearness of the self-comparability in the system activity propels the appropriateness for the application Wavelets. In this work we first subject the network data to dimension reduction using Stochastic Neighbor Embedding (SNE) and then preform the wavelet decomposition of the data. The classification results of the pre-processed data using Gaussian SVM over different bandwidths uphold the claim that the proposed system has appreciably improved detection coverage for all the attack groups and the normal data as well, and at the same time minimized the false alarms. (Coiflets), Biorthogonal wavelets, Harmonic wavelets, Legendre wavelets, M-band wavelets and Composite wavelets.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43136683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-05-31DOI: 10.14257/IJSIA.2017.11.5.06
R. Jain, S. Madan, B. Garg, Y. Kapila, Abhishek Gupta
Cryptography as we know it, is among the most discussed topics in the security world. Any transaction, financial or social, any data, corporate or private is not secure in an environment such as the cloud, where everything is connected to everything. The only way to save anything or to make a transaction securely is to make it meaningless to the rest of the world. It can be made meaningless when converted to some other form and this some other form can only be obtained through encryption. In this paper we discuss various techniques of homomorphic encryption applied on cloud computing and the need of security over the cloud by citing relevant statistics. We then propose and implement a secure E-voting system using the paillier encryption scheme. The main goal of this research is to design a secure voting system using the internet platform to communicate between the voting system and voters.
{"title":"E-Voting System using Homomorphic Encryption in a Cloud Based Environment","authors":"R. Jain, S. Madan, B. Garg, Y. Kapila, Abhishek Gupta","doi":"10.14257/IJSIA.2017.11.5.06","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.5.06","url":null,"abstract":"Cryptography as we know it, is among the most discussed topics in the security world. Any transaction, financial or social, any data, corporate or private is not secure in an environment such as the cloud, where everything is connected to everything. The only way to save anything or to make a transaction securely is to make it meaningless to the rest of the world. It can be made meaningless when converted to some other form and this some other form can only be obtained through encryption. In this paper we discuss various techniques of homomorphic encryption applied on cloud computing and the need of security over the cloud by citing relevant statistics. We then propose and implement a secure E-voting system using the paillier encryption scheme. The main goal of this research is to design a secure voting system using the internet platform to communicate between the voting system and voters.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48994736","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-05-31DOI: 10.14257/ijsia.2017.11.5.02
Amjad Mahfuth, S. Yussof, Asmidar Abu Bakar, N. Ali, Waleed Abdallah
Human behavior is considered as one of the main threats in an organization. Owing to the fact that human element is the weakest link in security area, it is crucial to provide an ideal information security culture within an organization in order to guide the employees’ perception, attitudes and security behavior. Furthermore, this culture can protect an organization against many information security threats posed by the employees. In this paper, we have proposed a conceptual model exploring the factors influencing the information security culture. Those factors are Security Awareness, Security Knowledge, Belief, Top Management, Security Policy, Security Behavior , Information Security Training, Security Risk Analysis and Assessment, Security Compliance, Ethical and Legal, Trust, Technology, Change Management, People, Information Security, Security Responsibility, Process, Strategy and Environment. The aim of the conceptual model would help the researchers to develop effective solutions and to provide a suitable background for information security culture across an organization. The study recommends researchers to conduct many studies in this area to focus on and investigate each of identified factors in the conceptual model in order to improve information security culture in organizations.
{"title":"A Conceptual Model for Exploring the Factors Influencing Information Security Culture","authors":"Amjad Mahfuth, S. Yussof, Asmidar Abu Bakar, N. Ali, Waleed Abdallah","doi":"10.14257/ijsia.2017.11.5.02","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.5.02","url":null,"abstract":"Human behavior is considered as one of the main threats in an organization. Owing to the fact that human element is the weakest link in security area, it is crucial to provide an ideal information security culture within an organization in order to guide the employees’ perception, attitudes and security behavior. Furthermore, this culture can protect an organization against many information security threats posed by the employees. In this paper, we have proposed a conceptual model exploring the factors influencing the information security culture. Those factors are Security Awareness, Security Knowledge, Belief, Top Management, Security Policy, Security Behavior , Information Security Training, Security Risk Analysis and Assessment, Security Compliance, Ethical and Legal, Trust, Technology, Change Management, People, Information Security, Security Responsibility, Process, Strategy and Environment. The aim of the conceptual model would help the researchers to develop effective solutions and to provide a suitable background for information security culture across an organization. The study recommends researchers to conduct many studies in this area to focus on and investigate each of identified factors in the conceptual model in order to improve information security culture in organizations.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.14257/ijsia.2017.11.5.02","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45960626","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-30DOI: 10.14257/IJSIA.2017.11.4.07
Rizwan Ur Rahman, D. Tomar, A. V. Jijin
Application Layer Distributed Denial of Service (App-DDoS) attack has become a major threat to web security. Attack detection is difficult as they mimic genuine user request. This paper proposes a clustering based correlation approach for detecting application layer DDoS attack on HTTP protocol. Proposed approach has two main modules ----Flow monitoring module and User behavior monitoring module. Flow monitor is responsible to analyze data flow information. User behavior monitor analyses end user behavior. Proposed approach is capable to detect three main attacks on HTTP protocol, i.e. HTTP-GET attack, HTTP-POST attack and Slow Read attack. It is also possible to detect hybrid type of DDoS attacks which uses a mixture network and application layer DDoS techniques. Comparative analysis of clustering algorithms on generated dataset is also done to demonstrate the effectiveness of detection approach.
{"title":"Application Layer DDOS Attack Detection Using Hybrid Machine Learning Approach","authors":"Rizwan Ur Rahman, D. Tomar, A. V. Jijin","doi":"10.14257/IJSIA.2017.11.4.07","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.4.07","url":null,"abstract":"Application Layer Distributed Denial of Service (App-DDoS) attack has become a major threat to web security. Attack detection is difficult as they mimic genuine user request. This paper proposes a clustering based correlation approach for detecting application layer DDoS attack on HTTP protocol. Proposed approach has two main modules ----Flow monitoring module and User behavior monitoring module. Flow monitor is responsible to analyze data flow information. User behavior monitor analyses end user behavior. Proposed approach is capable to detect three main attacks on HTTP protocol, i.e. HTTP-GET attack, HTTP-POST attack and Slow Read attack. It is also possible to detect hybrid type of DDoS attacks which uses a mixture network and application layer DDoS techniques. Comparative analysis of clustering algorithms on generated dataset is also done to demonstrate the effectiveness of detection approach.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41601823","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-30DOI: 10.14257/ijsia.2017.11.4.04
Morkat M. Yilwatda, J. A. Enokela, N. Goshwe
It is possible today to automate a growing number of speaker-recognition tasks with such technologies as voice or speaker verification and voice identification. These systems have been applied to real-world security applications. They have, however, been undergoing modifications due to the poor level of security architecture that they provide to users. Hence there is the need, as has been done in this work, to develop a more efficient, user friendly and complex security system that can curtail illegal intrusion into special facilities. The system described in this paper uses matrix keypad which is interfaced with a microcontroller for first level security validation to monitor and control the execution of desired tasks within the keypad and voice recognition (KVR) system. A voice recognition Integrated Circuit is used for second level security verification. A tristate buffer is also employed to logically isolate the buses of the digital signal processing (DSP) chip and those of the microcontroller. From the research, tests were conducted for both noiseless and noisy environments and the recommended distance between the user and microphone in a noiseless environment using electrets type condenser microphone is 1.0 cm to 16 cm while under noisy condition it was found to be 1.0 cm to 6.0 cm. These results depend on the sensitivity of the microphone and the environmental conditions at the time. It can be deduced from the research that integrating the keypad and voice recognition design can help to optimize the security level of the system and by implication help in controlling unwanted intrusion into the special facilities such as museum, military armory, financial institution, etc.
{"title":"Implementation of a Two-Level Security Door Access Using Keypad and Voice Recognition","authors":"Morkat M. Yilwatda, J. A. Enokela, N. Goshwe","doi":"10.14257/ijsia.2017.11.4.04","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.4.04","url":null,"abstract":"It is possible today to automate a growing number of speaker-recognition tasks with such technologies as voice or speaker verification and voice identification. These systems have been applied to real-world security applications. They have, however, been undergoing modifications due to the poor level of security architecture that they provide to users. Hence there is the need, as has been done in this work, to develop a more efficient, user friendly and complex security system that can curtail illegal intrusion into special facilities. The system described in this paper uses matrix keypad which is interfaced with a microcontroller for first level security validation to monitor and control the execution of desired tasks within the keypad and voice recognition (KVR) system. A voice recognition Integrated Circuit is used for second level security verification. A tristate buffer is also employed to logically isolate the buses of the digital signal processing (DSP) chip and those of the microcontroller. From the research, tests were conducted for both noiseless and noisy environments and the recommended distance between the user and microphone in a noiseless environment using electrets type condenser microphone is 1.0 cm to 16 cm while under noisy condition it was found to be 1.0 cm to 6.0 cm. These results depend on the sensitivity of the microphone and the environmental conditions at the time. It can be deduced from the research that integrating the keypad and voice recognition design can help to optimize the security level of the system and by implication help in controlling unwanted intrusion into the special facilities such as museum, military armory, financial institution, etc.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49392167","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-30DOI: 10.14257/IJSIA.2017.11.4.02
Weipeng Guo, Yonghong Chen
Base on the similarities between WSNs intrusion detection and artificial immune system. This paper utilizes the benefits of one of the Danger Theory based AIS intrusion detection algorithms, namely the Dendritic Cell Algorithm (DCA) to design a distributed and hierarchical intrusion detection model for WSN. Beside, because of the shortcomings of DCA about its Dendritic Cell (DC) evaluation mechanism and lymph decision mechanism, the false alarm rate is high. Therefore, this paper puts forward an improved Dendritic Cell Algorithm reference to the idea of data fusion theory. In this algorithm, we firstly define a scoring function to evaluate the DC context in DC part. And then in lymph part, we fuse multiple DCs’ evaluation through Dempster rule to make global decision. The experimental results show that the improved DCA based IDS proposed can effectively improve the accuracy rate without depending on the MCAV threshold and show advantages in flexibility and adaptability.
{"title":"An Improved Dendritic Cell Algorithm Based Intrusion Detection System for Wireless Sensor Networks","authors":"Weipeng Guo, Yonghong Chen","doi":"10.14257/IJSIA.2017.11.4.02","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.4.02","url":null,"abstract":"Base on the similarities between WSNs intrusion detection and artificial immune system. This paper utilizes the benefits of one of the Danger Theory based AIS intrusion detection algorithms, namely the Dendritic Cell Algorithm (DCA) to design a distributed and hierarchical intrusion detection model for WSN. Beside, because of the shortcomings of DCA about its Dendritic Cell (DC) evaluation mechanism and lymph decision mechanism, the false alarm rate is high. Therefore, this paper puts forward an improved Dendritic Cell Algorithm reference to the idea of data fusion theory. In this algorithm, we firstly define a scoring function to evaluate the DC context in DC part. And then in lymph part, we fuse multiple DCs’ evaluation through Dempster rule to make global decision. The experimental results show that the improved DCA based IDS proposed can effectively improve the accuracy rate without depending on the MCAV threshold and show advantages in flexibility and adaptability.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45868097","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-30DOI: 10.14257/IJSIA.2017.11.4.01
Gurpreet Kour Sodhi, G. S. Gaba
The communication sector suffers from serious security related threats. The technique presented in this paper is a step towards providing security to the confidential data. The work is based on generating a unique key through DNA and random number generator. Each random sequence produced by Blum Blum Shub random number generator is the result of a seed value which makes the sequence unique and reproducible. The final security key obtained is unique and upon being tested using NIST randomness evaluation tests, it is concluded that the key generated retains its uniqueness to a high level, thus providing efficient security mechanism. Thus, it is possible to integrate it with any security system used in communication sector.
{"title":"DNA and Blum Blum Shub Random Number Generator Based Security Key Generation Algorithm","authors":"Gurpreet Kour Sodhi, G. S. Gaba","doi":"10.14257/IJSIA.2017.11.4.01","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.4.01","url":null,"abstract":"The communication sector suffers from serious security related threats. The technique presented in this paper is a step towards providing security to the confidential data. The work is based on generating a unique key through DNA and random number generator. Each random sequence produced by Blum Blum Shub random number generator is the result of a seed value which makes the sequence unique and reproducible. The final security key obtained is unique and upon being tested using NIST randomness evaluation tests, it is concluded that the key generated retains its uniqueness to a high level, thus providing efficient security mechanism. Thus, it is possible to integrate it with any security system used in communication sector.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44375337","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-04-30DOI: 10.14257/IJSIA.2017.11.4.06
Juan Gutiérrez-Cárdenas
Steganography is the art or science of hiding information into a carrier in such a way that the hidden data could not be detected at first sight. Steganography techniques have broadened their scope of action, from hiding information into picture media, to audio steganography and to the field of network steganography. All these methods entail a potential threat to the information security policies of any business; having into the data leakage threats its likely focus. In this scenario, business corporations cannot remain blind to these types of threats and should consider adequate policies and prevention techniques to avoid these risks. We have analyzed in this article the potential dangers that an organization could face in the light of these types of steganography techniques along with a review of current commercial software vendors to analyze their offers and mishaps on Data Leakage Prevention regarding steganography risks.
{"title":"Steganography and Data Loss Prevention: An overlooked risk?","authors":"Juan Gutiérrez-Cárdenas","doi":"10.14257/IJSIA.2017.11.4.06","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.4.06","url":null,"abstract":"Steganography is the art or science of hiding information into a carrier in such a way that the hidden data could not be detected at first sight. Steganography techniques have broadened their scope of action, from hiding information into picture media, to audio steganography and to the field of network steganography. All these methods entail a potential threat to the information security policies of any business; having into the data leakage threats its likely focus. In this scenario, business corporations cannot remain blind to these types of threats and should consider adequate policies and prevention techniques to avoid these risks. We have analyzed in this article the potential dangers that an organization could face in the light of these types of steganography techniques along with a review of current commercial software vendors to analyze their offers and mishaps on Data Leakage Prevention regarding steganography risks.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-04-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48785488","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: