Pub Date : 2017-07-31DOI: 10.14257/IJSIA.2017.11.7.03
Qian Liping, Wang Lidong
It is very common for Internet users to query a search engine when retrieving web information. Sensitive data about search engine user’s intentions or behavior can be inferred from his query phrases and the webpages he visits subsequently. In order to protect contents of communications from being eavesdropped, a search engine can adopt HTTPS-by-default to provide bidirectional encryption to protect its users’ privacy. Since the majority of webpages indexed in search engine’s results pages are still on HTTP-enabled websites and the contents of these webpages can be observed by attackers once the user click on the indexed web-links. We propose a novel approach for attacking secure search through correlating analysis of encrypted search with unencrypted webpages the user visits subsequently. We show that a simple weighted TF-DF mechanism is sufficient for selecting guessing phrase candidates. Imitating search engine users, by querying these candidates and enumerating webpages indexed in results pages, we can hit the definite query phrases and meanwhile reconstruct user’s web-surfing trails through DNS-based URLs comparison and flow feature statistics-based network traffic analysis. In the experiment including 180 Chinese and English search phrases, we achieved 67.78% hit rate at first guess and 96.11% hit rate within three guesses. Our empirical research shows that HTTPS traffic can be correlated and de-anonymized through HTTP traffic and secure search of search engine is not always secure unless HTTPS-by-default enabled everywhere.
{"title":"Attacking HTTPS Secure Search Service through Correlation Analysis of HTTP Webpages Accessed","authors":"Qian Liping, Wang Lidong","doi":"10.14257/IJSIA.2017.11.7.03","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.7.03","url":null,"abstract":"It is very common for Internet users to query a search engine when retrieving web information. Sensitive data about search engine user’s intentions or behavior can be inferred from his query phrases and the webpages he visits subsequently. In order to protect contents of communications from being eavesdropped, a search engine can adopt HTTPS-by-default to provide bidirectional encryption to protect its users’ privacy. Since the majority of webpages indexed in search engine’s results pages are still on HTTP-enabled websites and the contents of these webpages can be observed by attackers once the user click on the indexed web-links. We propose a novel approach for attacking secure search through correlating analysis of encrypted search with unencrypted webpages the user visits subsequently. We show that a simple weighted TF-DF mechanism is sufficient for selecting guessing phrase candidates. Imitating search engine users, by querying these candidates and enumerating webpages indexed in results pages, we can hit the definite query phrases and meanwhile reconstruct user’s web-surfing trails through DNS-based URLs comparison and flow feature statistics-based network traffic analysis. In the experiment including 180 Chinese and English search phrases, we achieved 67.78% hit rate at first guess and 96.11% hit rate within three guesses. Our empirical research shows that HTTPS traffic can be correlated and de-anonymized through HTTP traffic and secure search of search engine is not always secure unless HTTPS-by-default enabled everywhere.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45198639","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-07-31DOI: 10.14257/IJSIA.2017.11.7.06
F. Zhao, H. Liang, X. L. Wu, D. Ding
This paper presents a novel region-based active contour model for image segmentation in a variational level set formulation. We define a local discriminant criterion on the basis of the global and local region-based active contour model. The objective function in this model is thereafter minimized via level set method. By introducing the local discriminant criterion to separate background and foreground in local regions, our model not only achieves accurate segmentation results, but also is robust to initialization. Extensive experiments are reported to demonstrate that our method holds higher segmentation accuracy and more initialization robustness, compared with the global region-based and local region-based methods. Experimental results for synthetic images and real medical images show desirable performances of our method.
{"title":"Region-based Active Contour Segmentation Model with Local Discriminant Criterion","authors":"F. Zhao, H. Liang, X. L. Wu, D. Ding","doi":"10.14257/IJSIA.2017.11.7.06","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.7.06","url":null,"abstract":"This paper presents a novel region-based active contour model for image segmentation in a variational level set formulation. We define a local discriminant criterion on the basis of the global and local region-based active contour model. The objective function in this model is thereafter minimized via level set method. By introducing the local discriminant criterion to separate background and foreground in local regions, our model not only achieves accurate segmentation results, but also is robust to initialization. Extensive experiments are reported to demonstrate that our method holds higher segmentation accuracy and more initialization robustness, compared with the global region-based and local region-based methods. Experimental results for synthetic images and real medical images show desirable performances of our method.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47911503","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-06-30DOI: 10.14257/IJSIA.2017.11.6.01
Ting Cai, J. Wang
How to achieve both cross-domain authorization and access control in a multi-domain environment and ensuring local autonomy and security are hot research field of network security. Due to the centralized management, traditional access control has been unable to meet the security needs of cross-domain interoperability under a distributed environment. In this article, we introduce three types of inter-domain role relations, such as transitive mapping, non-transitive mapping and restricted access, extend the standard single-domain RBAC model to a multi-domain interoperable environment, and establish a role-based access control model based on multi-domain interoperability (MIRBAC). Compared with the prior studies, MIRBAC model supports separation of duties constraint under multi-domain environments, the security and management flexibility of interdomain authorization is greatly improved. Moreover, based on MIRBAC model, we further research detection method of security violation during interoperability, propose a complete security conflict detection algorithm according to various conflict types caused by implementing interoperability activities, and conduct computational complexity analysis and case analysis of our proposed algorithm. Finally, we develop a prototype system based on the definitions of our proposed model to conduct experimental studies to demonstrate the feasibility and performance of our approach.
{"title":"MIRBAC: A Role-Based Access Control Model for Multi-Domain Interoperability","authors":"Ting Cai, J. Wang","doi":"10.14257/IJSIA.2017.11.6.01","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.6.01","url":null,"abstract":"How to achieve both cross-domain authorization and access control in a multi-domain environment and ensuring local autonomy and security are hot research field of network security. Due to the centralized management, traditional access control has been unable to meet the security needs of cross-domain interoperability under a distributed environment. In this article, we introduce three types of inter-domain role relations, such as transitive mapping, non-transitive mapping and restricted access, extend the standard single-domain RBAC model to a multi-domain interoperable environment, and establish a role-based access control model based on multi-domain interoperability (MIRBAC). Compared with the prior studies, MIRBAC model supports separation of duties constraint under multi-domain environments, the security and management flexibility of interdomain authorization is greatly improved. Moreover, based on MIRBAC model, we further research detection method of security violation during interoperability, propose a complete security conflict detection algorithm according to various conflict types caused by implementing interoperability activities, and conduct computational complexity analysis and case analysis of our proposed algorithm. Finally, we develop a prototype system based on the definitions of our proposed model to conduct experimental studies to demonstrate the feasibility and performance of our approach.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45342525","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-06-30DOI: 10.14257/IJSIA.2017.11.6.04
Chi Guo-tai, Zhao Zhichong, Mohammad Zoynul Abedin
The main criteria to establish the credit risk evaluation index system is the indicators default identification ability. There is mutual influence between indices, a single index which has the default identification ability, but if put this indicator into the index system, and it will no longer have the default identification ability because of the impact of other indicators. This study therefore deletes the indicators of repeated information using colinearity diagnostics, and determines the order of indicators into the index evaluation system by calculating the score statistic of every indicator. We established credit risk evaluation index system of small businesses, including 14 indicators, such as cash ratio, the corporate credit situation nearly 3 years, by extracting the related data of 28 regional commercial bank branches of China, and the judgment accuracy of default and non default samples is 99.0%.
{"title":"Credit Risk Rating System of Small Enterprises Based on the Index Importance","authors":"Chi Guo-tai, Zhao Zhichong, Mohammad Zoynul Abedin","doi":"10.14257/IJSIA.2017.11.6.04","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.6.04","url":null,"abstract":"The main criteria to establish the credit risk evaluation index system is the indicators default identification ability. There is mutual influence between indices, a single index which has the default identification ability, but if put this indicator into the index system, and it will no longer have the default identification ability because of the impact of other indicators. This study therefore deletes the indicators of repeated information using colinearity diagnostics, and determines the order of indicators into the index evaluation system by calculating the score statistic of every indicator. We established credit risk evaluation index system of small businesses, including 14 indicators, such as cash ratio, the corporate credit situation nearly 3 years, by extracting the related data of 28 regional commercial bank branches of China, and the judgment accuracy of default and non default samples is 99.0%.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67048481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-06-30DOI: 10.14257/IJSIA.2017.11.6.05
Mayada J. AlMeghari
In this globalized world, the Internet services and uses are growing exponentially. Hence, the data stores contain a huge amount of business data used for decision-making and for financial analysis at sensitive organizations called Data Warehouses (DWs). DW is necessary for financial and business information making them an attractive purpose for hackers. The achievement of security issues in DW is very important for a proper and secure continuation of DW system work. This paper presents a new framework for implementing security issues in DWs named Data Warehouse Signature (DWS), which is distributed in two models: DWSend model and DWReceive model. The DWS framework solves one of the common security problems such as unavailability in network by using parallel computing through a middleware named View Manager Layer (VML). This framework ensures the security issues, such as Confidentiality, Integrity, and Availability (CIA) and it also reaches high performance in Average Execution Time (AET) evaluated in experimental studies. The execution of a large query result as blocks of a number of records in parallel computing saves more time than serial computing. The high performance has a limited increase in executor's numbers because there are time complexity factors, such as transmission time, separation and collection time. This paper presents a mathematical model used when the organization applies the DWS framework in DW systems to get the adequate number of executors joined in VML middleware to reach the high performance.
{"title":"Data Warehouse Signature: High Performance Evaluation for Implementing Security Issues in Data Warehouses through a New Framework","authors":"Mayada J. AlMeghari","doi":"10.14257/IJSIA.2017.11.6.05","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.6.05","url":null,"abstract":"In this globalized world, the Internet services and uses are growing exponentially. Hence, the data stores contain a huge amount of business data used for decision-making and for financial analysis at sensitive organizations called Data Warehouses (DWs). DW is necessary for financial and business information making them an attractive purpose for hackers. The achievement of security issues in DW is very important for a proper and secure continuation of DW system work. This paper presents a new framework for implementing security issues in DWs named Data Warehouse Signature (DWS), which is distributed in two models: DWSend model and DWReceive model. The DWS framework solves one of the common security problems such as unavailability in network by using parallel computing through a middleware named View Manager Layer (VML). This framework ensures the security issues, such as Confidentiality, Integrity, and Availability (CIA) and it also reaches high performance in Average Execution Time (AET) evaluated in experimental studies. The execution of a large query result as blocks of a number of records in parallel computing saves more time than serial computing. The high performance has a limited increase in executor's numbers because there are time complexity factors, such as transmission time, separation and collection time. This paper presents a mathematical model used when the organization applies the DWS framework in DW systems to get the adequate number of executors joined in VML middleware to reach the high performance.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45270983","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-06-30DOI: 10.14257/IJSIA.2017.11.6.02
Cheng Miao, Liyan Sun, Li Yang
The frequent occurrence of coal mine emergent events caused great impact on the social order and economic stability. In order to effectively prevent the occurrence of coal mine emergent events, it is necessary to focus on upgrading the level of emergency capability. This paper proposes the evaluation model of emergency capability of coal mine emergent events by the multistage fuzzy quality synthetic evaluation method. The evaluation weights are determined by AHP, the multistage fuzzy comprehensive appraisal on emergency capability is made by the fuzzy mathematics method, the rank status of emergency capability of coal mine emergent events is determined according to the empirical analysis results. Finally, an empirical analysis is made, the results of first grade fuzzy comprehensive evaluation show that emergency rescue capability is good and others are general, the results of second grade show that coal enterprises emergency capability is general, the average score is 74.445 less than 80 which indicates that the overall situation of emergency capability of coal mine emergent events is general.
{"title":"Evaluation Research on Emergency Capability of Emergent Events in Chinses Coal Mine","authors":"Cheng Miao, Liyan Sun, Li Yang","doi":"10.14257/IJSIA.2017.11.6.02","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.6.02","url":null,"abstract":"The frequent occurrence of coal mine emergent events caused great impact on the social order and economic stability. In order to effectively prevent the occurrence of coal mine emergent events, it is necessary to focus on upgrading the level of emergency capability. This paper proposes the evaluation model of emergency capability of coal mine emergent events by the multistage fuzzy quality synthetic evaluation method. The evaluation weights are determined by AHP, the multistage fuzzy comprehensive appraisal on emergency capability is made by the fuzzy mathematics method, the rank status of emergency capability of coal mine emergent events is determined according to the empirical analysis results. Finally, an empirical analysis is made, the results of first grade fuzzy comprehensive evaluation show that emergency rescue capability is good and others are general, the results of second grade show that coal enterprises emergency capability is general, the average score is 74.445 less than 80 which indicates that the overall situation of emergency capability of coal mine emergent events is general.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42621860","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-06-30DOI: 10.14257/IJSIA.2017.11.6.06
Rolando Ramos-Frías, Miguel Vargas-Lombardo
String matching algorithms are an important element used in several computer science�bb fields. These algorithms process strings of characters to find coincidences. The amount�of processing required for modern applications that use string matching algorithms has�increased over the years and new algorithms and solutions have been developed. In this�paper we present a state of the art for the various types of string matching algorithms;�and also review recent implementations done in GPU.
{"title":"A Review of String Matching Algorithms and Recent Implementations using GPU","authors":"Rolando Ramos-Frías, Miguel Vargas-Lombardo","doi":"10.14257/IJSIA.2017.11.6.06","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.6.06","url":null,"abstract":"String matching algorithms are an important element used in several computer science\u0000bb fields. These algorithms process strings of characters to find coincidences. The amount\u0000of processing required for modern applications that use string matching algorithms has\u0000increased over the years and new algorithms and solutions have been developed. In this\u0000paper we present a state of the art for the various types of string matching algorithms;\u0000and also review recent implementations done in GPU.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48695436","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-06-30DOI: 10.14257/IJSIA.2017.11.6.03
M. Dar, J. Parvez
Android has become an active area of research owing to its vast range of applications called apps. Traditional security protocols which are complex are not feasible for such systems due to the limitation of resources. However, Elliptic Curve Cryptography has been considered as a viable cryptographic technique due to its low computational overhead. In this paper we study the application of ECC on a popular Android operating system. Practical implementation of the ECC operations has been performed using Android library. Android operating system has been used to develop custom security protocols on a Smartphone. The performance benchmarking of the proposed protocols has also been carried out.
{"title":"Security Enhancement in Android using Ellipic Curve Cryptography","authors":"M. Dar, J. Parvez","doi":"10.14257/IJSIA.2017.11.6.03","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.6.03","url":null,"abstract":"Android has become an active area of research owing to its vast range of applications called apps. Traditional security protocols which are complex are not feasible for such systems due to the limitation of resources. However, Elliptic Curve Cryptography has been considered as a viable cryptographic technique due to its low computational overhead. In this paper we study the application of ECC on a popular Android operating system. Practical implementation of the ECC operations has been performed using Android library. Android operating system has been used to develop custom security protocols on a Smartphone. The performance benchmarking of the proposed protocols has also been carried out.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45659537","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-05-31DOI: 10.14257/IJSIA.2017.11.5.03
Anis Prasla, Sabah Mohammad, J. Fiaidhi
For decades software licensing has been relaying on copyright registration and the declaration of this copyright at the software to be accepted and downloaded by the users. In this case the software developer need to work closely with legal departments and rely on the copyright laws where such laws enforcement vary from one country to other. The complexity of enforcing this licensing model largely come from the robust way of formulating the end-user license agreement (EULA) and the existence of a backend server that can monitor the usage of the software. Obviously the enforcement of this model may prove to be legally impossible as there will be many users who do not care about the software license as well as there will be an associated expenses with using the backend server. In this paper, a new method and a prototype for licensing mobile application that are uploaded on public cloud. In this method the users of the mobile app starts by using a declarative form of the License but they need to provide user specific data including the mobile unique device id, operating system and brand. The method also includes activating the application on the computing device using the device specific information. This licensing model protects software piracy and license vulnerability issues. The developed prototype for this type of licensing model has been applied for android applications as there are tons of Android apps on application stores at different domains. Experimental results show the process of integrating the licensing library with any android applications is easy without changing the existing application code and avoiding lengthy development efforts to secure mobile apps with fully licensed app and no legal overhead.
{"title":"Mobile App User Licensing with Little or No Backend Server","authors":"Anis Prasla, Sabah Mohammad, J. Fiaidhi","doi":"10.14257/IJSIA.2017.11.5.03","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.5.03","url":null,"abstract":"For decades software licensing has been relaying on copyright registration and the declaration of this copyright at the software to be accepted and downloaded by the users. In this case the software developer need to work closely with legal departments and rely on the copyright laws where such laws enforcement vary from one country to other. The complexity of enforcing this licensing model largely come from the robust way of formulating the end-user license agreement (EULA) and the existence of a backend server that can monitor the usage of the software. Obviously the enforcement of this model may prove to be legally impossible as there will be many users who do not care about the software license as well as there will be an associated expenses with using the backend server. In this paper, a new method and a prototype for licensing mobile application that are uploaded on public cloud. In this method the users of the mobile app starts by using a declarative form of the License but they need to provide user specific data including the mobile unique device id, operating system and brand. The method also includes activating the application on the computing device using the device specific information. This licensing model protects software piracy and license vulnerability issues. The developed prototype for this type of licensing model has been applied for android applications as there are tons of Android apps on application stores at different domains. Experimental results show the process of integrating the licensing library with any android applications is easy without changing the existing application code and avoiding lengthy development efforts to secure mobile apps with fully licensed app and no legal overhead.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"46776393","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-05-31DOI: 10.14257/IJSIA.2017.11.5.04
R. Regan, J. Manickam
Commucation being a mode of sending and receiving understanding is gaining extra popularity in today’s world. Today wireless systems are increasingly getting used for primary conversation and undertaking to hold electronic knowledge transmissions comfortable. Almost always, it's problematic to implement mighty security in small-footprint devices having low processing power, low memory capacity and utilising unreliable, low bandwidth. Impersonation attack may be very common in these days in wireless network, but the principal hindrance is the security. There is lots of solution provided by different researcher but still faces research challenge. Impersonation attacks are also known as spoofing attacks. The attacker assumes the identification of one more node in the network, as a result receiving messages directed to the node it fakes. As a rule this would be some of the first steps to intervene a network with the intention of accomplishing further assaults to disrupt operation. In this paper we describe the causes of Wireless impersonation attack, their vulnerable effects and various defense mechanisms for defending this attack.
{"title":"A Survey on Impersonation Attack in Wireless Networks","authors":"R. Regan, J. Manickam","doi":"10.14257/IJSIA.2017.11.5.04","DOIUrl":"https://doi.org/10.14257/IJSIA.2017.11.5.04","url":null,"abstract":"Commucation being a mode of sending and receiving understanding is gaining extra popularity in today’s world. Today wireless systems are increasingly getting used for primary conversation and undertaking to hold electronic knowledge transmissions comfortable. Almost always, it's problematic to implement mighty security in small-footprint devices having low processing power, low memory capacity and utilising unreliable, low bandwidth. Impersonation attack may be very common in these days in wireless network, but the principal hindrance is the security. There is lots of solution provided by different researcher but still faces research challenge. Impersonation attacks are also known as spoofing attacks. The attacker assumes the identification of one more node in the network, as a result receiving messages directed to the node it fakes. As a rule this would be some of the first steps to intervene a network with the intention of accomplishing further assaults to disrupt operation. In this paper we describe the causes of Wireless impersonation attack, their vulnerable effects and various defense mechanisms for defending this attack.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43816973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: