Pub Date : 2017-10-31DOI: 10.14257/ijsia.2017.11.10.04
S. Zaidi, Samreen Hussain
Information security is one of the main challenges faced today in purview of the increase in trend of online purchases. Many ciphering schemes are available that provide data encryption. But the strength of stream ciphers available is very squat as compared to block ciphers. To ensure better security, block ciphers are used in various ways for streaming application at the cost of increased computational load. This paper discusses the implementation of AES-128 in output feedback (OFB) mode for real-time streaming applications. The target performance parameter for the implementation of the algorithm is speed as well as reduced memory resources. Implementation techniques for various blocks of the algorithm have been discussed for achieving the target performance. The implementation is functionally tested on Virtex – 6 FPGA. The performance achieved in terms of latency, speed, memory resources and other logic resources is also presented. This shows the effectiveness of the proposed hardware implementation for real-time streaming cipher applications.
{"title":"Fast Hardware Implementation of AES-128 Algorithm in Streaming Output Feedback Mode for Real Time Ciphering","authors":"S. Zaidi, Samreen Hussain","doi":"10.14257/ijsia.2017.11.10.04","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.10.04","url":null,"abstract":"Information security is one of the main challenges faced today in purview of the increase in trend of online purchases. Many ciphering schemes are available that provide data encryption. But the strength of stream ciphers available is very squat as compared to block ciphers. To ensure better security, block ciphers are used in various ways for streaming application at the cost of increased computational load. This paper discusses the implementation of AES-128 in output feedback (OFB) mode for real-time streaming applications. The target performance parameter for the implementation of the algorithm is speed as well as reduced memory resources. Implementation techniques for various blocks of the algorithm have been discussed for achieving the target performance. The implementation is functionally tested on Virtex – 6 FPGA. The performance achieved in terms of latency, speed, memory resources and other logic resources is also presented. This shows the effectiveness of the proposed hardware implementation for real-time streaming cipher applications.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":"31 5","pages":"35-44"},"PeriodicalIF":0.0,"publicationDate":"2017-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41278247","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-31DOI: 10.14257/ijsia.2017.11.10.01
Shin-Yan Chiou
Cloud storage is widely used and has become prevalent over the past decade. It has very desirable properties such as scalability, fault tolerance, robustness, and data availability and accessibility. Several Cloud index structures have been proposed for equality queries, range queries, or other purposes. However, Cloud system is fraught with security risks and many security issues still exist in Cloud system. For solving these security issues, in our paper, we propose a secure and balanced storage system for Cloud system. The system offers load balance, secrecy, integrity, and robustness for data protection. It is efficient, reliant, resilient and scalable.
{"title":"A Secure Distributed Cloud Storage System Achieving Data Secrecy and Load Balance","authors":"Shin-Yan Chiou","doi":"10.14257/ijsia.2017.11.10.01","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.10.01","url":null,"abstract":"Cloud storage is widely used and has become prevalent over the past decade. It has very desirable properties such as scalability, fault tolerance, robustness, and data availability and accessibility. Several Cloud index structures have been proposed for equality queries, range queries, or other purposes. However, Cloud system is fraught with security risks and many security issues still exist in Cloud system. For solving these security issues, in our paper, we propose a secure and balanced storage system for Cloud system. The system offers load balance, secrecy, integrity, and robustness for data protection. It is efficient, reliant, resilient and scalable.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":" ","pages":"1-14"},"PeriodicalIF":0.0,"publicationDate":"2017-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46920135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-31DOI: 10.14257/ijsia.2017.11.10.02
S. K. Srivastava, B. Mishra, B. Mishra
{"title":"Two Time Delay Quarantine Model for the Transmission of Worms in Wireless Network","authors":"S. K. Srivastava, B. Mishra, B. Mishra","doi":"10.14257/ijsia.2017.11.10.02","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.10.02","url":null,"abstract":"","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":"11 1","pages":"15-24"},"PeriodicalIF":0.0,"publicationDate":"2017-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41520685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-31DOI: 10.14257/ijsia.2017.11.10.05
M. Babar, Shahid Azeem, F. Arif
For the last few decades, security in software has gained too much attention by the industries. Developing secure software needs to emphasis on the functional and non-functional requirements both. Functional requirements are taken into account during the early stages of development while unfortunately the non-functional requirements are either ignored or less considered which results in the high cost of maintenance after delivery of the software. This article presents a detailed and comprehensive survey with regard to the integration of security non-functional requirements into architectural design. This paper thoroughly analyzes the existing approaches which are dealing the non-functional requirements at architecture level. The architectural design can be integrated with general non-functional requirements, but the scope of this particular article is only the security related non-functional requirements. The approaches which are comprehensively described and analyzed are use case/misuse cases, goal-based analysis, scenario-based, reused-based, pattern-based, and aspect-based. We have evaluated each approach by some parameters which are described based on the existing literature and comparison has been made between the current approaches thorough proper evaluation.
{"title":"Integration of Security Non-Functional Requirements and Architectural Design: A Comparative Analysis","authors":"M. Babar, Shahid Azeem, F. Arif","doi":"10.14257/ijsia.2017.11.10.05","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.10.05","url":null,"abstract":"For the last few decades, security in software has gained too much attention by the industries. Developing secure software needs to emphasis on the functional and non-functional requirements both. Functional requirements are taken into account during the early stages of development while unfortunately the non-functional requirements are either ignored or less considered which results in the high cost of maintenance after delivery of the software. This article presents a detailed and comprehensive survey with regard to the integration of security non-functional requirements into architectural design. This paper thoroughly analyzes the existing approaches which are dealing the non-functional requirements at architecture level. The architectural design can be integrated with general non-functional requirements, but the scope of this particular article is only the security related non-functional requirements. The approaches which are comprehensively described and analyzed are use case/misuse cases, goal-based analysis, scenario-based, reused-based, pattern-based, and aspect-based. We have evaluated each approach by some parameters which are described based on the existing literature and comparison has been made between the current approaches thorough proper evaluation.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":"11 1","pages":"45-54"},"PeriodicalIF":0.0,"publicationDate":"2017-10-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49134228","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To satisfy the security requirements of patients’ privacy and data’s security for health Internet of Things (IoT), various authentication schemes are proposed as guaranteed countermeasures. In particular, Wang et al. built an identity-based authentication scheme with extended Chebyshev chaotic maps. Nevertheless, considering service misuse attack and Denial-of-Service attack, Wang et al.’s method works inadequately. Also it is insufficient to provide efficient password change phase, fast error detection and session key agreement. As a remedy, we propose a novel dynamic identity authenticated key agreement scheme. Our scheme achieves resistance to the known attacks in order to meet the desirable security requirements. Furthermore, the presented scheme practically enables both user revocation/re-registration and biometric information protection, which are significant features ignored by most previous schemes. We confirm the effectiveness of our scheme via comprehensive comparisons in terms of resistance, functionality and performance.
{"title":"Design of a Secure Dynamic Identity Authentication Scheme for Health Internet of Things","authors":"Chengqi Wang, Xiao Zhang, Lijia Xie, Zhiming Zheng","doi":"10.14257/IJSIA.2017.11.9.04","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.9.04","url":null,"abstract":"To satisfy the security requirements of patients’ privacy and data’s security for health Internet of Things (IoT), various authentication schemes are proposed as guaranteed countermeasures. In particular, Wang et al. built an identity-based authentication scheme with extended Chebyshev chaotic maps. Nevertheless, considering service misuse attack and Denial-of-Service attack, Wang et al.’s method works inadequately. Also it is insufficient to provide efficient password change phase, fast error detection and session key agreement. As a remedy, we propose a novel dynamic identity authenticated key agreement scheme. Our scheme achieves resistance to the known attacks in order to meet the desirable security requirements. Furthermore, the presented scheme practically enables both user revocation/re-registration and biometric information protection, which are significant features ignored by most previous schemes. We confirm the effectiveness of our scheme via comprehensive comparisons in terms of resistance, functionality and performance.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":"11 1","pages":"41-58"},"PeriodicalIF":0.0,"publicationDate":"2017-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42969424","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-30DOI: 10.14257/IJSIA.2017.11.9.05
Vidhya Sathish, P. Khader
The blooming of intrusion instance trace notified as grim threat as per internet industry is concerned. To overcome, detection methodologies are designed by adopting an extensive intense research in the internet industry. Based on the consideration of challenging task and performance existence of contemporary computational methodologies, the objective of this Proposed Research has developed the enhanced hybrid strategy by combining the Support Vector Machine approach from classifier-based techniques and the Grey Wolf Optimizer from evolutionary techniques to optimize the support vector machine parameter towards the accurate classification of Host based intrusions with high detection accuracy and minimal false leads.
{"title":"Improved Detecting Host Based Intrusions Based On Hybrid SVM Using Grey Wolf Optimizer","authors":"Vidhya Sathish, P. Khader","doi":"10.14257/IJSIA.2017.11.9.05","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.9.05","url":null,"abstract":"The blooming of intrusion instance trace notified as grim threat as per internet industry is concerned. To overcome, detection methodologies are designed by adopting an extensive intense research in the internet industry. Based on the consideration of challenging task and performance existence of contemporary computational methodologies, the objective of this Proposed Research has developed the enhanced hybrid strategy by combining the Support Vector Machine approach from classifier-based techniques and the Grey Wolf Optimizer from evolutionary techniques to optimize the support vector machine parameter towards the accurate classification of Host based intrusions with high detection accuracy and minimal false leads.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":" ","pages":"59-72"},"PeriodicalIF":0.0,"publicationDate":"2017-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49368506","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-30DOI: 10.14257/ijsia.2017.11.9.02
A. Mansour, M. Fouad
This paper proposes a novel hybrid encryption algorithm that utilizes the natural language phonetics significantly. The encryption process is based on two major aspects. The first is the phonetic difference between languages and their mapping into Human Machine interface tools such as the computer keyboard. The second aspect is the embedded ciphering process as a mean of private key exchange (PKE). Such a key will be used to determine all the ciphering parameters. The presented encryption protocol is an end-to-end process and the choices of languages and machine interface is completely user dependant. The creation of ciphering parameters such as the indicator, the key, the array and the operation are also user defined. This work explores several examples for each choice using the Arabic language as a model for the phonetic intermediate language. The keyboard character mapping is used based on the location of characters in the multilingual keyboard. Both fixed location mapping and variable location shifting are introduced.
{"title":"Cryptography Protocol: A Novel Multilingual Adaptive Encryption Technique with Phonetic Based Ciphering","authors":"A. Mansour, M. Fouad","doi":"10.14257/ijsia.2017.11.9.02","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.9.02","url":null,"abstract":"This paper proposes a novel hybrid encryption algorithm that utilizes the natural language phonetics significantly. The encryption process is based on two major aspects. The first is the phonetic difference between languages and their mapping into Human Machine interface tools such as the computer keyboard. The second aspect is the embedded ciphering process as a mean of private key exchange (PKE). Such a key will be used to determine all the ciphering parameters. The presented encryption protocol is an end-to-end process and the choices of languages and machine interface is completely user dependant. The creation of ciphering parameters such as the indicator, the key, the array and the operation are also user defined. This work explores several examples for each choice using the Arabic language as a model for the phonetic intermediate language. The keyboard character mapping is used based on the location of characters in the multilingual keyboard. Both fixed location mapping and variable location shifting are introduced.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":"11 1","pages":"13-22"},"PeriodicalIF":0.0,"publicationDate":"2017-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48288168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-30DOI: 10.14257/ijsia.2017.11.9.01
A. Siahaan
Steganography has no protection to make the information hidden is safe from theft. This technique only tries to store information in the image purely. There are many ways to steal information from pixels stored in RGB colors. Bit-Plane Complexity Segmentation (BPCS) is one of the steganography technique is often performed to conceal data. But in BPCS method, a used pattern is not a classified anymore. It breaks down and changes the plain text structure into square information. BPCS has two types of area, informative and noise-like region. This division depends on the threshold value. The noise-like region is the only area that can store confidential information. It is an 8 x 8 matrix pattern. The plain text is turned into bits and finally kept in the matrix. Converting the bit-plane information is a technique for increasing the security of the vessel image. Vernam cipher can easily be occupied to modify the bit-plane structure with the predetermined blocks conjugation. The cipher block contains a new set of unbreakable characters. It increases the security level.
{"title":"Vernam Conjugated Manipulation of Bit-plane Complexity Segmentation","authors":"A. Siahaan","doi":"10.14257/ijsia.2017.11.9.01","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.9.01","url":null,"abstract":"Steganography has no protection to make the information hidden is safe from theft. This technique only tries to store information in the image purely. There are many ways to steal information from pixels stored in RGB colors. Bit-Plane Complexity Segmentation (BPCS) is one of the steganography technique is often performed to conceal data. But in BPCS method, a used pattern is not a classified anymore. It breaks down and changes the plain text structure into square information. BPCS has two types of area, informative and noise-like region. This division depends on the threshold value. The noise-like region is the only area that can store confidential information. It is an 8 x 8 matrix pattern. The plain text is turned into bits and finally kept in the matrix. Converting the bit-plane information is a technique for increasing the security of the vessel image. Vernam cipher can easily be occupied to modify the bit-plane structure with the predetermined blocks conjugation. The cipher block contains a new set of unbreakable characters. It increases the security level.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":" ","pages":"1-12"},"PeriodicalIF":0.0,"publicationDate":"2017-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45279862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-30DOI: 10.14257/ijsia.2017.11.9.06
Sepideh Bahri-Laleh, M. Balafar, M. Feizi-Derakhshi
This paper introduces a novel approach based on a stream cipher to encrypt RGB images. In this regard, a Particle Swarm Optimization (PSO) based algorithm is used to generate the keystream for encryption. Red, green and blue channels of the RGB image are shown as texts and then a stream cipher is used to encrypt the resultant image. A method named PSO Key Generation Color image Encryption (PKGCE) algorithm uses 3 character code tables for each of the 3 channels of RGB image in order to encode the keys and the plain texts showing correspondent channel of the RGB image. A zigzag operation is done on the resultant image in each of the channels to provide more security in a way that the start point of the zigzag path is dependent on the key and channel size. The main advantages of this algorithm over the previously ones, are less number of keys needed to be stored and distributed and also the appropriate speed of the algorithm. Experimental results and the comparison of the proposed algorithm with other encryption algorithms are discussed in detail.
{"title":"A stream cipher method for RGB image encryption using PSO base key generation","authors":"Sepideh Bahri-Laleh, M. Balafar, M. Feizi-Derakhshi","doi":"10.14257/ijsia.2017.11.9.06","DOIUrl":"https://doi.org/10.14257/ijsia.2017.11.9.06","url":null,"abstract":"This paper introduces a novel approach based on a stream cipher to encrypt RGB images. In this regard, a Particle Swarm Optimization (PSO) based algorithm is used to generate the keystream for encryption. Red, green and blue channels of the RGB image are shown as texts and then a stream cipher is used to encrypt the resultant image. A method named PSO Key Generation Color image Encryption (PKGCE) algorithm uses 3 character code tables for each of the 3 channels of RGB image in order to encode the keys and the plain texts showing correspondent channel of the RGB image. A zigzag operation is done on the resultant image in each of the channels to provide more security in a way that the start point of the zigzag path is dependent on the key and channel size. The main advantages of this algorithm over the previously ones, are less number of keys needed to be stored and distributed and also the appropriate speed of the algorithm. Experimental results and the comparison of the proposed algorithm with other encryption algorithms are discussed in detail.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":"11 1","pages":"73-94"},"PeriodicalIF":0.0,"publicationDate":"2017-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.14257/ijsia.2017.11.9.06","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42974763","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-09-30DOI: 10.14257/IJSIA.2017.11.9.03
Shin-Yan Chiou, Chia-Chun Lin
While the Internet allows licensees to easily disseminate digital content, it also facilitates misappropriation of such content along with violations of personal privacy. Digital rights management (DRM) measures were developed to address such problems. However, DRM can only be used to verify data correctness from software, but cannot be used to verify software soundness from data. In addition, although trusted platform modules (TPM) can be used to achieve system security, such measures to not provide DRM protection. We thus propose a version request system not only achieves DRM functions, but can also conduct version requests for software from data. In this system’s version checking restrictions, only a secure operation system and application can store the cryptography component’s secret key, which is then used to protect and manage the right object (RO).
{"title":"A Monitor System for Software Version Request in Offline Environments","authors":"Shin-Yan Chiou, Chia-Chun Lin","doi":"10.14257/IJSIA.2017.11.9.03","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.9.03","url":null,"abstract":"While the Internet allows licensees to easily disseminate digital content, it also facilitates misappropriation of such content along with violations of personal privacy. Digital rights management (DRM) measures were developed to address such problems. However, DRM can only be used to verify data correctness from software, but cannot be used to verify software soundness from data. In addition, although trusted platform modules (TPM) can be used to achieve system security, such measures to not provide DRM protection. We thus propose a version request system not only achieves DRM functions, but can also conduct version requests for software from data. In this system’s version checking restrictions, only a secure operation system and application can store the cryptography component’s secret key, which is then used to protect and manage the right object (RO).","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":"11 1","pages":"23-40"},"PeriodicalIF":0.0,"publicationDate":"2017-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48271739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: