Pub Date : 2019-05-31DOI: 10.5121/IJNSA.2019.11304
Shaker El-Sappagh, El-Sappagh Mohammed, Tarek Ahmed AlSheshtawy
Intrusion detection is one of the standard stages to protect computers in network security framework from several attacks. False alarms problem is critical in intrusion detection, which motivates many researchers to discover methods to minify false alarms. This paper proposes a procedure for classifying the type of intrusion according to multi-operations and multi-layer classifier for handling false alarms in intrusion detection. The proposed system is tested using on KDDcup99 benchmark. The performance showed that results obtained from three consequent classifiers are better than a single classifier. The accuracy reached 98% based on 25 features instead of using all features of KDDCup99 dataset.
{"title":"MULTI-LAYER CLASSIFIER FOR MINIMIZING FALSE INTRUSION","authors":"Shaker El-Sappagh, El-Sappagh Mohammed, Tarek Ahmed AlSheshtawy","doi":"10.5121/IJNSA.2019.11304","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11304","url":null,"abstract":"Intrusion detection is one of the standard stages to protect computers in network security framework from several attacks. False alarms problem is critical in intrusion detection, which motivates many researchers to discover methods to minify false alarms. This paper proposes a procedure for classifying the type of intrusion according to multi-operations and multi-layer classifier for handling false alarms in intrusion detection. The proposed system is tested using on KDDcup99 benchmark. The performance showed that results obtained from three consequent classifiers are better than a single classifier. The accuracy reached 98% based on 25 features instead of using all features of KDDCup99 dataset.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"72 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86296602","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-31DOI: 10.5121/IJNSA.2019.11305
Shaheen Saad Al-Kaabi, S. Belhaouari
Cryptography defines different methods and technologies used in ensuring communication between two parties over any communication medium is secure, especially in presence of a third part. This is achieved through the use of several methods, such as encryption, decryption, signing, generating of pseudo-random numbers, among many others. Cryptography uses a key, or some sort of a password to either encrypt or decrypt a message that needs to be kept secret. This is made possible using two classes of key-based encryption and decryption algorithms, namely symmetric and asymmetric algorithms. The best known and the most widely used public key system is RSA. This algorithm comprises of three phases, which are the key generation phase, encryption phase, and the decryption phase. Owing to the advancement in computing technology, RSA is prone to some security risks, which makes it less secure. The following paper preview different proposals on different methods used to enhance the RSA algorithm and increase its security. Some of these enhancements include combining the RSA algorithm with Diffie-Hellman or ElGamal algorithm, modification of RSA to include three or four prime numbers, offline storage of generated keys, a secured algorithm for RSA where the message can be encrypted using dual encryption keys, etc.
{"title":"METHODS TOWARD ENHANCING RSA ALGORITHM : A SURVEY","authors":"Shaheen Saad Al-Kaabi, S. Belhaouari","doi":"10.5121/IJNSA.2019.11305","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11305","url":null,"abstract":"Cryptography defines different methods and technologies used in ensuring communication between two parties over any communication medium is secure, especially in presence of a third part. This is achieved through the use of several methods, such as encryption, decryption, signing, generating of pseudo-random numbers, among many others. Cryptography uses a key, or some sort of a password to either encrypt or decrypt a message that needs to be kept secret. This is made possible using two classes of key-based encryption and decryption algorithms, namely symmetric and asymmetric algorithms. The best known and the most widely used public key system is RSA. This algorithm comprises of three phases, which are the key generation phase, encryption phase, and the decryption phase. Owing to the advancement in computing technology, RSA is prone to some security risks, which makes it less secure. The following paper preview different proposals on different methods used to enhance the RSA algorithm and increase its security. Some of these enhancements include combining the RSA algorithm with Diffie-Hellman or ElGamal algorithm, modification of RSA to include three or four prime numbers, offline storage of generated keys, a secured algorithm for RSA where the message can be encrypted using dual encryption keys, etc.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"52 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90550074","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-03-31DOI: 10.5121/IJNSA.2019.11203
Hiten Choudhury
Universal Mobile Telecommunication System (UMTS) is a popular 3G standard for mobile telecommunication networks. ‘Vulnerability of the subscriber’s identity privacy and the need to eliminate this vulnerability’, is an established security issue in UMTS. This vulnerability continues to exist up to various extents in the descendent networks of UMTS, like LTE. Several solutions suggesting improvements to the identity privacy in UMTS is present in the literature. In this paper, we look into select few of these solutions, with the expectation that researcher envisioning to work in this area will get a direction in devising an efficient mechanism in improving identity privacy in UMTS, its descendants and future mobile networks.
{"title":"A Review of Selected Proposals for Improving Identity Privacy in UMTS","authors":"Hiten Choudhury","doi":"10.5121/IJNSA.2019.11203","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11203","url":null,"abstract":"Universal Mobile Telecommunication System (UMTS) is a popular 3G standard for mobile telecommunication networks. ‘Vulnerability of the subscriber’s identity privacy and the need to eliminate this vulnerability’, is an established security issue in UMTS. This vulnerability continues to exist up to various extents in the descendent networks of UMTS, like LTE. Several solutions suggesting improvements to the identity privacy in UMTS is present in the literature. In this paper, we look into select few of these solutions, with the expectation that researcher envisioning to work in this area will get a direction in devising an efficient mechanism in improving identity privacy in UMTS, its descendants and future mobile networks.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"4 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87893004","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-03-31DOI: 10.5121/IJNSA.2019.11205
F. Masoodi, Shadab Alam, Shams Tabrez Siddiqui
The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures
{"title":"Security & Privacy Threats, Attacks and Countermeasures in Internet of Things","authors":"F. Masoodi, Shadab Alam, Shams Tabrez Siddiqui","doi":"10.5121/IJNSA.2019.11205","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11205","url":null,"abstract":"The idea to connect everything to anything and at any point of time is what vaguely defines the concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also facilitating interaction among these connected things. Though the term IoT was introduced in 1999 but has drawn significant attention during the past few years, the pace at which new devices are being integrated into the system will profoundly impact the world in a good way but also poses some severe queries about security and privacy. IoT in its current form is susceptible to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide security assurance for the data exchange because data is vulnerable to some attacks by the attackers at each layer of IoT. The IoT has a layered structure where each layer provides a service. The security needs vary from layer to layer as each layer serves a different purpose. This paper aims to analyze the various security and privacy threats related to IoT. Some attacks have been discussed along with some existing and proposed countermeasures","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"61 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86636345","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-03-31DOI: 10.5121/IJNSA.2019.11202
Huda H.Al.ghuraify, Ali A.Al-bakry, Ahmad T. Al-jayashi
Recently, the mode of living became more complicated without computer systems. The techniques of camouflage information have acquired a vital role with the requirement of intensifying trade of multimedia content. Steganography is the technique that utilizes disguise in a way that prohibits unauthorized access from suspicion of the existence of confidential information exchanged during communication channels between the connected parties. In this paper, an integrated image steganographic system is designed to conceal images, messages or together where the mainly deliberate the improvement of embedding capacity through embedding text with image simultaneously. For that purpose, used matrix partition to partition the secret image then embedded each partition separately after scrambling each pixel by replacing msb instead of lsb to provide the second level of security furthermore to steganography. The simulation results clarify the better performance of the proposed algorithms.
{"title":"Dual Security Using Image Steganography Based Matrix Partition","authors":"Huda H.Al.ghuraify, Ali A.Al-bakry, Ahmad T. Al-jayashi","doi":"10.5121/IJNSA.2019.11202","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11202","url":null,"abstract":"Recently, the mode of living became more complicated without computer systems. The techniques of camouflage information have acquired a vital role with the requirement of intensifying trade of multimedia content. Steganography is the technique that utilizes disguise in a way that prohibits unauthorized access from suspicion of the existence of confidential information exchanged during communication channels between the connected parties. In this paper, an integrated image steganographic system is designed to conceal images, messages or together where the mainly deliberate the improvement of embedding capacity through embedding text with image simultaneously. For that purpose, used matrix partition to partition the secret image then embedded each partition separately after scrambling each pixel by replacing msb instead of lsb to provide the second level of security furthermore to steganography. The simulation results clarify the better performance of the proposed algorithms.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"30 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90830969","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-03-31DOI: 10.5121/IJNSA.2019.11204
Giau Ho Kim, Son Hai Le, Trung Manh Nguyen, Vu Thi Ly, T. N. Kim, Nguyen Van Cuong, T. N. Trung, Ta Minh Thanh
File System is an important component of a secure operating system. The need to build data protection systems is extremely important in open source operating systems, high mobility hardware systems, and miniaturization of storage devices that make systems available. It is clear that the value of the data is much larger than the value of the storage device. Computers access protection mechanism does not work if the thief retrieves the hard drive from the computer and reads data from it on another computer. Encrypted File System (EFS) is a secure level of operating system kernel. EFS uses cryptography to encrypt or decrypt files and folders when they are being saved or retrieved from a hard disk. EFS is often integrated transparently in operating system There are many encrypted filesystems commonly used in Linux operating systems. However, they have some limitations, which are the inability to hide the structure of the file system. This is a shortcoming targeted by the attacker, who will try to decrypt a file to find the key and then decrypt the entire file system. In this paper, we propose a new architecture of EFS called KVEFS which is based on cryptographic algorithms, FUSE library and key-value store. Our method makes EFS portable and flexible; Kernel size will not increase in Operating System.
{"title":"KVEFS: Encrypted File System Based on Distributed Key-Value Stores and FUSE","authors":"Giau Ho Kim, Son Hai Le, Trung Manh Nguyen, Vu Thi Ly, T. N. Kim, Nguyen Van Cuong, T. N. Trung, Ta Minh Thanh","doi":"10.5121/IJNSA.2019.11204","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11204","url":null,"abstract":"File System is an important component of a secure operating system. The need to build data protection systems is extremely important in open source operating systems, high mobility hardware systems, and miniaturization of storage devices that make systems available. It is clear that the value of the data is much larger than the value of the storage device. Computers access protection mechanism does not work if the thief retrieves the hard drive from the computer and reads data from it on another computer. Encrypted File System (EFS) is a secure level of operating system kernel. EFS uses cryptography to encrypt or decrypt files and folders when they are being saved or retrieved from a hard disk. EFS is often integrated transparently in operating system There are many encrypted filesystems commonly used in Linux operating systems. However, they have some limitations, which are the inability to hide the structure of the file system. This is a shortcoming targeted by the attacker, who will try to decrypt a file to find the key and then decrypt the entire file system. In this paper, we propose a new architecture of EFS called KVEFS which is based on cryptographic algorithms, FUSE library and key-value store. Our method makes EFS portable and flexible; Kernel size will not increase in Operating System.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"160 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73798717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-03-01DOI: 10.1016/S1353-4858(19)30038-8
Rory Duncan
{"title":"How to secure your supply chain","authors":"Rory Duncan","doi":"10.1016/S1353-4858(19)30038-8","DOIUrl":"https://doi.org/10.1016/S1353-4858(19)30038-8","url":null,"abstract":"","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"98 1","pages":"18-19"},"PeriodicalIF":0.0,"publicationDate":"2019-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85764585","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-03-01DOI: 10.1016/S1353-4858(19)30035-2
Jessica Canada
{"title":"Is reputational damage worse than a regulator's fine?","authors":"Jessica Canada","doi":"10.1016/S1353-4858(19)30035-2","DOIUrl":"https://doi.org/10.1016/S1353-4858(19)30035-2","url":null,"abstract":"","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"26 1","pages":"11-12"},"PeriodicalIF":0.0,"publicationDate":"2019-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84001797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-01-31DOI: 10.5121/IJNSA.2019.11101
M. Kedziora, Paulina Gawin, Michał Szczepanik, I. Józwiak
This research paper is focused on the issue of mobile application malware detection by Reverse Engineering of Android java code and use of Machine Learning algorithms. The malicious software characteristics were identified based on a collected set of total number of 1958 applications (including 996 malware applications). During research a unique set of features was chosen, then three attribute selection algorithms and five classification algorithms (Random Forest, K Nearest Neighbors, SVM, Nave Bayes and Logistic Regression) were examined to choose algorithms that would provide the most effective rate of malware detection.
{"title":"Malware Detection Using Machine Learning Algorithms and Reverse Engineering of Android Java Code","authors":"M. Kedziora, Paulina Gawin, Michał Szczepanik, I. Józwiak","doi":"10.5121/IJNSA.2019.11101","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11101","url":null,"abstract":"This research paper is focused on the issue of mobile application malware detection by Reverse Engineering of Android java code and use of Machine Learning algorithms. The malicious software characteristics were identified based on a collected set of total number of 1958 applications (including 996 malware applications). During research a unique set of features was chosen, then three attribute selection algorithms and five classification algorithms (Random Forest, K Nearest Neighbors, SVM, Nave Bayes and Logistic Regression) were examined to choose algorithms that would provide the most effective rate of malware detection.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"30 5 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79185942","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: