Copyright: 2019 International Journal of Network Security. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, kindly consult the publisher's website.
{"title":"Differentially Private Transmission Control Protocol Synchronize Packet Counts","authors":"N. Mkuzangwe, F. Nelwamondo","doi":"10.6633/IJNS.201909","DOIUrl":"https://doi.org/10.6633/IJNS.201909","url":null,"abstract":"Copyright: 2019 International Journal of Network Security. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, kindly consult the publisher's website.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"29 1","pages":"835-842"},"PeriodicalIF":0.0,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73329061","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-07-31DOI: 10.5121/IJNSA.2019.11403
Bin Zhao
Millions of developers and third-party organizations have flooded into the Android ecosystem due to Android’s open-source feature and low barriers to entry for developers. .However, that also attracts many attackers. Over 90 percent of mobile malware is found targeted on Android. Though Android provides multiple security features and layers to protect user data and system resources, there are still some overprivileged applications in Google Play Store or third-party Android app stores at wild. In this paper, we proposed an approach to map system level behavior and Android APIs, based on the observation that system level behaviors cannot be avoidedbut sensitive Android APIs could be evaded.To the best of our knowledge, our approach provides the first work to decompose Android application behaviors based on system-level behaviors. We then map system level behaviors and Android APIs through System Call Dependence Graphs. The study also shows that our approach can effectively identify potential permission abusing, with an almost negligible performance impact.
由于Android的开源特性和较低的准入门槛,数以百万计的开发者和第三方组织涌入了Android生态系统,但这也吸引了许多攻击者。超过90%的手机恶意软件都是针对Android的。尽管Android提供了多种安全功能和层来保护用户数据和系统资源,但在Google Play Store或第三方Android应用商店中仍然存在一些过度特权的应用程序。在本文中,我们提出了一种映射系统级行为和Android api的方法,基于观察到系统级行为无法避免,而敏感的Android api可以逃避。据我们所知,我们的方法提供了基于系统级行为分解Android应用程序行为的第一个工作。然后,我们通过系统调用依赖图映射系统级行为和Android api。研究还表明,我们的方法可以有效地识别潜在的权限滥用,而对性能的影响几乎可以忽略不计。
{"title":"System Call Dependence Graph Based Behavior Decomposition of Android Applications","authors":"Bin Zhao","doi":"10.5121/IJNSA.2019.11403","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11403","url":null,"abstract":"Millions of developers and third-party organizations have flooded into the Android ecosystem due to Android’s open-source feature and low barriers to entry for developers. .However, that also attracts many attackers. Over 90 percent of mobile malware is found targeted on Android. Though Android provides multiple security features and layers to protect user data and system resources, there are still some overprivileged applications in Google Play Store or third-party Android app stores at wild. In this paper, we proposed an approach to map system level behavior and Android APIs, based on the observation that system level behaviors cannot be avoidedbut sensitive Android APIs could be evaded.To the best of our knowledge, our approach provides the first work to decompose Android application behaviors based on system-level behaviors. We then map system level behaviors and Android APIs through System Call Dependence Graphs. The study also shows that our approach can effectively identify potential permission abusing, with an almost negligible performance impact.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"7 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82839248","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-07-31DOI: 10.5121/ijnsa.2019.11402
Ashraf Afifi
This paper suggests chaotic confusion-diffusion image encryption based on the Henon map. The proposed chaotic confusion-diffusion image encryption utilizes image confusion and pixel diffusion in two levels. In the first level, the plainimage is scrambled by a modified Henon map for n rounds. In the second level, the scrambled image is diffused using Henon chaotic map. Comparison between the logistic map and modified Henon map is established to investigate the effectiveness of the suggested chaotic confusion-diffusion image encryption scheme. Experimental results showed that the suggested chaotic confusion-diffusion image encryption scheme can successfully encrypt/decrypt images using the same secret keys. Simulation results confirmed that the ciphered images have good entropy information and low correlation between coefficients. Besides the distribution of the gray values in the ciphered image has random-like behavior. . KEYWORDS
{"title":"A Chaotic Confusion-Diffusion Image Encryption Based on Henon Map","authors":"Ashraf Afifi","doi":"10.5121/ijnsa.2019.11402","DOIUrl":"https://doi.org/10.5121/ijnsa.2019.11402","url":null,"abstract":"This paper suggests chaotic confusion-diffusion image encryption based on the Henon map. The proposed chaotic confusion-diffusion image encryption utilizes image confusion and pixel diffusion in two levels. In the first level, the plainimage is scrambled by a modified Henon map for n rounds. In the second level, the scrambled image is diffused using Henon chaotic map. Comparison between the logistic map and modified Henon map is established to investigate the effectiveness of the suggested chaotic confusion-diffusion image encryption scheme. Experimental results showed that the suggested chaotic confusion-diffusion image encryption scheme can successfully encrypt/decrypt images using the same secret keys. Simulation results confirmed that the ciphered images have good entropy information and low correlation between coefficients. Besides the distribution of the gray values in the ciphered image has random-like behavior. . KEYWORDS","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"47 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84302319","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-07-31DOI: 10.5121/ijnsa.2019.11401
I. Pikrammenos, Panagiotis Tolis, Panagiotis Perakis
This paper suggests chaotic confusion-diffusion image encryption based on the Henon map. The proposed chaotic confusion-diffusion image encryption utilizes image confusion and pixel diffusion in two levels. In the first level, the plainimage is scrambled by a modified Henon map for n rounds. In the second level, the scrambled image is diffused using Henon chaotic map. Comparison between the logistic map and modified Henon map is established to investigate the effectiveness of the suggested chaotic confusion-diffusion image encryption scheme. Experimental results showed that the suggested chaotic confusion-diffusion image encryption scheme can successfully encrypt/decrypt images using the same secret keys. Simulation results confirmed that the ciphered images have good entropy information and low correlation between coefficients. Besides the distribution of the gray values in the ciphered image has random-like behavior.
{"title":"Authentication Mechanism Enhancement Utilising Secure Repository for Passwordless Handshake","authors":"I. Pikrammenos, Panagiotis Tolis, Panagiotis Perakis","doi":"10.5121/ijnsa.2019.11401","DOIUrl":"https://doi.org/10.5121/ijnsa.2019.11401","url":null,"abstract":"This paper suggests chaotic confusion-diffusion image encryption based on the Henon map. The proposed chaotic confusion-diffusion image encryption utilizes image confusion and pixel diffusion in two levels. In the first level, the plainimage is scrambled by a modified Henon map for n rounds. In the second level, the scrambled image is diffused using Henon chaotic map. Comparison between the logistic map and modified Henon map is established to investigate the effectiveness of the suggested chaotic confusion-diffusion image encryption scheme. Experimental results showed that the suggested chaotic confusion-diffusion image encryption scheme can successfully encrypt/decrypt images using the same secret keys. Simulation results confirmed that the ciphered images have good entropy information and low correlation between coefficients. Besides the distribution of the gray values in the ciphered image has random-like behavior.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"394 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76554674","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-07-31DOI: 10.5121/IJNSA.2019.11406
Ashraf Afifi, E. A. Zanaty
In this paper, we introduce a set of new kernel functions derived from the generalized Legendre polynomials to obtain more robust and higher support vector machine (SVM) classification accuracy. The generalized Legendre kernel functions are suggested to provide a value of how two given vectors are like each other by changing the inner product of these two vectors into a greater dimensional space. The proposed kernel functions satisfy the Mercer’s condition and orthogonality properties for reaching the optimal result with low number support vector (SV). For that, the new set of Legendre kernel functions could be utilized in classification applications as effective substitutes to those generally used like Gaussian, Polynomial and Wavelet kernel functions. The suggested kernel functions are calculated in compared to the current kernels such as Gaussian, Polynomial, Wavelets and Chebyshev kernels by application to various non-separable data sets with some attributes. It is seen that the suggested kernel functions could give competitive classification outcomes in comparison with other kernel functions. Thus, on the basis test outcomes, we show that the suggested kernel functions are more robust about the kernel parameter change and reach the minimal SV number for classification generally.
{"title":"Generalized Legendre Polynomials for Support Vector Machines (SVMS) Classification","authors":"Ashraf Afifi, E. A. Zanaty","doi":"10.5121/IJNSA.2019.11406","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11406","url":null,"abstract":"In this paper, we introduce a set of new kernel functions derived from the generalized Legendre polynomials to obtain more robust and higher support vector machine (SVM) classification accuracy. The generalized Legendre kernel functions are suggested to provide a value of how two given vectors are like each other by changing the inner product of these two vectors into a greater dimensional space. The proposed kernel functions satisfy the Mercer’s condition and orthogonality properties for reaching the optimal result with low number support vector (SV). For that, the new set of Legendre kernel functions could be utilized in classification applications as effective substitutes to those generally used like Gaussian, Polynomial and Wavelet kernel functions. The suggested kernel functions are calculated in compared to the current kernels such as Gaussian, Polynomial, Wavelets and Chebyshev kernels by application to various non-separable data sets with some attributes. It is seen that the suggested kernel functions could give competitive classification outcomes in comparison with other kernel functions. Thus, on the basis test outcomes, we show that the suggested kernel functions are more robust about the kernel parameter change and reach the minimal SV number for classification generally.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"78 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75082807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-07-31DOI: 10.5121/IJNSA.2019.11404
M. Kumari, V. Pawar, Pawan Kumar
In today’s day and age when everything is done with the aid of computing technology, the need for confidential communication has drastically increased. Not only the sensitive data such as top intelligent secrets of our nation but personal information of common people needs to be secure. Several combinations of cryptography and steganography techniques in different ways are used by researchers over the past to protect the data being transmitted. Cryptography uses mathematical algorithms to convert the data into an incomprehensible form and Steganography, on the other hand hides the data in a carrier such as image, data, audio or video. Cryptography provides necessary mechanisms for providing accountability, accuracy and confidentiality in public communication mediums such as the Internet and steganography is used in other fields such as copyright, preventing e-document forging etc. We are of the opinion that this security mechanism can further be increased by incorporating the use of Huffman coding in order to reduce the data length. This paper is an effort in the direction to hide, secure and compress the data. It explains the executed procedure by applying various encryption techniques one by one and our aim is to get the best security out of the existing ones. The proposed technique is implemented in MATLAB2016a and the results shown in this paper that our technique is better approach then the conventional techniques.
{"title":"A Novel Image Encryption Scheme with Huffman Encoding and Steganography Technique","authors":"M. Kumari, V. Pawar, Pawan Kumar","doi":"10.5121/IJNSA.2019.11404","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11404","url":null,"abstract":"In today’s day and age when everything is done with the aid of computing technology, the need for confidential communication has drastically increased. Not only the sensitive data such as top intelligent secrets of our nation but personal information of common people needs to be secure. Several combinations of cryptography and steganography techniques in different ways are used by researchers over the past to protect the data being transmitted. Cryptography uses mathematical algorithms to convert the data into an incomprehensible form and Steganography, on the other hand hides the data in a carrier such as image, data, audio or video. Cryptography provides necessary mechanisms for providing accountability, accuracy and confidentiality in public communication mediums such as the Internet and steganography is used in other fields such as copyright, preventing e-document forging etc. We are of the opinion that this security mechanism can further be increased by incorporating the use of Huffman coding in order to reduce the data length. This paper is an effort in the direction to hide, secure and compress the data. It explains the executed procedure by applying various encryption techniques one by one and our aim is to get the best security out of the existing ones. The proposed technique is implemented in MATLAB2016a and the results shown in this paper that our technique is better approach then the conventional techniques.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"53 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80733661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-31DOI: 10.5121/IJNSA.2019.11301
Lifeng Cao, J. Ou, Amir H. Chinaei
Role-Based Access Control (RBAC) is the most commonly used model on web applications. The advantages of RBAC are the ease of understanding, applying and managing privileges. The static RBAC model cannot alter access permission in real-time without human involvement and therefore the model suffers from increasing false negative (and/or false positive) outcomes. Hence, the Attribute-Based Access Control (ABAC) model has been proposed to introduce dynamicity and minimize human involvement in order to enhance security. WordPress is a very popular Role-Based content management system. To our best knowledge, no solution to merge from RBAC to ABAC model for WordPress applications has been found. Our contribution is a WordPress plug-in that we have developed to build ABAC upon the existing RBAC setups. In this journey, we have investigated various scenarios by studying different application categories to come up with an enhanced automatic model that adds real-time grant and revoke feature to WordPress.
{"title":"ENHANCING THE WORDPRESS SYSTEM:FROM ROLE TO ATTRIBUTE-BASED ACCESS CONTROL","authors":"Lifeng Cao, J. Ou, Amir H. Chinaei","doi":"10.5121/IJNSA.2019.11301","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11301","url":null,"abstract":"Role-Based Access Control (RBAC) is the most commonly used model on web applications. The advantages of RBAC are the ease of understanding, applying and managing privileges. The static RBAC model cannot alter access permission in real-time without human involvement and therefore the model suffers from increasing false negative (and/or false positive) outcomes. Hence, the Attribute-Based Access Control (ABAC) model has been proposed to introduce dynamicity and minimize human involvement in order to enhance security. WordPress is a very popular Role-Based content management system. To our best knowledge, no solution to merge from RBAC to ABAC model for WordPress applications has been found. Our contribution is a WordPress plug-in that we have developed to build ABAC upon the existing RBAC setups. In this journey, we have investigated various scenarios by studying different application categories to come up with an enhanced automatic model that adds real-time grant and revoke feature to WordPress.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"20 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79056182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Vehicular Ad Hoc Networks (VANETs) are based on network technology where cars act as mobile nodes to form a communication network. In VANETs, routing protocols have a significance regarding the overall network performance since they determine the way of sending and receiving packets between mobile nodes. Most of the protocols proposed for VANETs are adapted from Mobile ad hoc networks (MANETs) routing protocols. However, due to the specific characteristics of VANETs, especially high mobility, and dynamic topology, the routing protocols in ad hoc networks do not adapt immediately to VANETs. Therefore, secure routing of Vehicular ad hoc networks (VANETs) against attacks, which are of various types, is still a challenging issue. This paper is going to present a synthesis of the most relevant protocols that have addressed the secure routing issue in VANETs. It also establishes a comparison regarding the offered features and the studied performance aspects through which it is notified that a security mechanism depends not only on the level of efficiency but also on the network constraints.
{"title":"SURVEY ON SECURE ROUTING IN VANETS","authors":"Afef Slama, Ilhem Lengliz","doi":"10.2139/ssrn.3416335","DOIUrl":"https://doi.org/10.2139/ssrn.3416335","url":null,"abstract":"Vehicular Ad Hoc Networks (VANETs) are based on network technology where cars act as mobile nodes to form a communication network. In VANETs, routing protocols have a significance regarding the overall network performance since they determine the way of sending and receiving packets between mobile nodes. Most of the protocols proposed for VANETs are adapted from Mobile ad hoc networks (MANETs) routing protocols. However, due to the specific characteristics of VANETs, especially high mobility, and dynamic topology, the routing protocols in ad hoc networks do not adapt immediately to VANETs. Therefore, secure routing of Vehicular ad hoc networks (VANETs) against attacks, which are of various types, is still a challenging issue. This paper is going to present a synthesis of the most relevant protocols that have addressed the secure routing issue in VANETs. It also establishes a comparison regarding the offered features and the studied performance aspects through which it is notified that a security mechanism depends not only on the level of efficiency but also on the network constraints.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"66 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88780898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-31DOI: 10.5121/IJNSA.2019.11302
Shaker El-Sappagh, A. Mohammed, Tarek Ahmed AlSheshtawy
In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.
在网络安全框架中,入侵检测是一个基准部分,是保护PC机免受多线程攻击的基本手段。入侵检测中的一个大问题是大量的假警报;这个问题促使一些专家根据数据挖掘发现最小化错误警报的解决方案,这是在大数据(例如KDD CUP 99)中使用的分析过程中的一个考虑因素。本文对入侵检测中处理虚假警报的各种数据挖掘分类进行了综述。在KDD CUP 99上对多个数据挖掘过程进行了测试,结果表明,该过程不是单个过程,可以揭示所有的攻击类别,具有较高的准确率和无误报的特点。多层感知器的最佳准确率为92%;然而,基于规则的模型的最佳训练时间是4秒。结论是,应对多种网络攻击应采用不同的程序。
{"title":"CLASSIFICATION PROCEDURES FOR INTRUSION DETECTION BASED ON KDD CUP 99 DATA SET","authors":"Shaker El-Sappagh, A. Mohammed, Tarek Ahmed AlSheshtawy","doi":"10.5121/IJNSA.2019.11302","DOIUrl":"https://doi.org/10.5121/IJNSA.2019.11302","url":null,"abstract":"In network security framework, intrusion detection is one of a benchmark part and is a fundamental way to protect PC from many threads. The huge issue in intrusion detection is presented as a huge number of false alerts; this issue motivates several experts to discover the solution for minifying false alerts according to data mining that is a consideration as analysis procedure utilized in a large data e.g. KDD CUP 99. This paper presented various data mining classification for handling false alerts in intrusion detection as reviewed. According to the result of testing many procedure of data mining on KDD CUP 99 that is no individual procedure can reveal all attack class, with high accuracy and without false alerts. The best accuracy in Multilayer Perceptron is 92%; however, the best Training Time in Rule based model is 4 seconds . It is concluded that ,various procedures should be utilized to handle several of network attacks.","PeriodicalId":93303,"journal":{"name":"International journal of network security & its applications","volume":"21 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2019-05-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74186101","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: