Earticle

In this paper we present empirical results obtained from Java implementation of Elliptic curve Cryptosystem (ECC) as an asymmetric block cipher algorithm and a set of symmetric block cipher algorithms namely Triple-Data Encryption Standard (T-DES), Advanced Encryption Standard (AES), and Blowfish. Performance evaluation based on CPU execution time is presented under WinXP and Linux. We used in our implementation Java programming language, Java Cryptography Architecture (JCA) and Java Cryptography Extension (JCE). The evaluation of the performance of these algorithms is done for secret key generation and encryption and decryption operations. Results indicated that ECC outperforms the other encryption/decryption algorithms considered in this study regarding the security strength, speed, and key size of ECC. Also, ECC’s performance advantage increases as security needs increases for newly emerging applications.

As a security primitive, key establishment plays the most crucial role in the designing of the security mechanism in the wireless sensor networks (WSNs). Unfortunately, the resource limitation of sensor nodes poses a great challenge for designing an efficient and effective key establishment scheme for WSNs. In this paper, we propose an effective key predistribution scheme using double keyed-hash chain schemes. In the proposed scheme, there are two key pools: upward key pools and downward key pools, and the key ring in each sensor is picked from these two key pools. The proposed scheme is analyzed based on connectivity, resistance against attacks, memory consumption and communication overhead. Comparing with the EG scheme and the q-composite scheme, our scheme performs better in terms of network resilience to node capture with little additional overhead cost.

Malware stands for malicious software. It is software that is designed with a harmful intent. A malware detector is a system that attempts to identify malware using Application Programming Interface (API) call graph technique and/or other techniques. Matching the API call graph using graph matching algorithm have NP-complete problem and is slow because of computational complexity .In this study, a malware detection system based on API call graph is proposed. Each malware sample is represented as data dependent API call graph. After transforming the input sample into a simplified data dependent graph, graph matching algorithm is used to calculate similarity between the input sample and malware API call graph samples stored in a database. The graph matching algorithm is based on Longest Common Subsequence (LCS) algorithm which is used on the simplified graphs. Such strategy reduces the computation complexity by selecting paths with the same edge label in the API call graph. Experimental results on 85 samples demonstrate 98% detection rate and 0% false positive rate for the proposed malware detection system.

Wireless readers are used more and more widespread recently, it brings higher design requirements for RFID protocols. In this paper, a mutual RFID authentication protocol for wireless reader that can meet lightweight encryption function structure protection is proposed, this protocol only requires O(1) work to identify and authenticate a tag in the server. The security properties of the proposed protocol are analyzed as well by comparing with the related RFID authentication protocols.

In SQLIA, attacker injects an input in the query in order to change the structure of the query intended by the programmer and therefore, gain access to the data in the underlying database. Due to the significance of the stored data, web application’s security against SQLIA is vital. In this paper we propose a new technique based on static analysis and runtime validation for detection and prevention of SQLIAs. In this technique user inputs in SQL queries are removed and some information is gathered in order to make the detection easier and faster at runtime. Our experiments show that our proposed technique is fast, it has a low error rate and its detection rate is nearly 100%.

The cyber-attacks represent one of the most dangerous secret weapons. Intrusion detection system is an important tool to protect our systems and networks against the various forms of attacks. The purpose of this paper is to build a fast and high performance hybrid hierarchical intrusion detection system called NFPHIDS that possesses the following characteristics: have a short training time, detect the low frequent attacks, give a high detection rate for frequent attacks, and give a low false alarm rate. NFPHIDS contains two levels. The first one includes four fast classifiers Random Forest, Simple Cart, Best first decision tree, Naive Bayes used for their excellent performance on the detection of respectively Normal behavior and DOS, Probe, R2L, and U2R. Only five outputs of the first level are selected, and used as inputs of the second level that contains Naïve Bayes as final classifier. The experimentation on KDD99 shows the high performance of our model compared to the results obtained by some well-known classifiers.

Today the scale, complexity and intensity of Denial of Service attacks has increased many folds. These attacks have moved from simple flooding based attacks to sophisticated Application based attacks as well as Protocol specific attacks.The challenge is to develop detection algorithms that can distinguish between the attacks like the new pulsating denial of service and legitimate traffic like Flash events. The presence of self-similarity in computer network traffic has introduced a newer dimension in techniques being developed for anomaly detection in aggregated network traffic.We propose use of wavelets to distinguish between legitimate flash events and pulsating distributed denial of service attacks and generating images to show point-of-presence of the attack.The detection methodology has also been tested on KDD Dataset.

Nowadays, code injection is one of the most dangerous cyber attacks. Shellcode is a mali-cious code which is used in this type of attack. Processor emulation at network level is one of the best proposed methods against code injection attacks. Multiple run-time heuristics have been discussed in previous researches. However, none of them can detect those shellcodes in which hard-coded addresses are used. This type of shellcode cannot be used against ASLR-enabled Windows. Howbeit, older versions of Windows have still too many users. In addition, there are several hard-coded address contained shellcodes in public shellcode repositories which can be used easily by dummy hackers. In this paper, we propose a robust run-time heu-ristic for detecting this type of shellcode. Our objective is to augment the collection of the ex-isting run-time heuristics. The experimental results show that our new heuristic can effective-ly detect every shellcode in which hard-coded addresses are used.

This paper is written for intelligent CCTV (Closed-Circuit Television) which has been important in the aspect of industrial value and social security these days. Because the intelligent CCTV can identify behavior and object automatically, and it has been used extensively. With spread use, the performance of the intelligent CCTV has been important. But a standard method to measure the performance of the intelligent CCTV is absence, therefore this paper is described about methods for implementing and measuring of the intelligent CCTV performance.

Security threats on modern smartphones are increased rapidly with the excessive numbers of the users. According to the reports, it is exposed that most security issues are introduced from usage of malicious applications. Operating systems with the permission model, such as Android, accept us to install third-party applications. This leads attackers enable to inject exploits into a clean application, so that an application apparently works as normal but executes malicious functions in the background. Therefore, we introduce with analysis of the method to prevent an installation of malicious applications using permissions using Maximum Severity Rating (MSR) classification. Then, the method to enhance an ability to perceive warning signs in the procedure of an application installation and comparison of its effectiveness with existing method is introduced. Overall, the processes assist the users to make a better decision with detailed information.

Recently, smart devices for various services have been developed using converged telecommunications, and the market for near field communication (NFC) mobile services is expected to grow rapidly. This property makes the standard suitable for mobile coupon applications. However, mCoupons differ significantly from paper-based coupons because unprotected data can be easily copied or modified without significant cost by anyone. A high number of uncontrolled copies of coupons can result in a significant loss. In this paper, we proposed a secure mCoupon authentication scheme that is protected against illegal use in smart poster environment based on low-cost NFC to using limited resources.

A social networking service (SNS) is an open service that enables its users to communicate freely without being constrained by time or space. In an SNS, users can share various types of content (such as pictures and videos) with government agencies, celebrities, and many other users online. If a person is able to access the content of another user, that content is automatically downloaded and stored in the “Temporary Internet Files” folder in the SNS user's PC. Moreover, the content stored in this folder remains there even when the content owner removes it from his SNS. Thus, the stored content is vulnerable to an invasion of privacy due to malicious user abuse. To address this possibility, we propose a content reuse prevention scheme based on digital right management (DRM) techniques to solve the problem of the unwanted reuse of stored content in a malicious user’s “Temporary Internet Files” folder.

Web services have become major targets of DDoS attacks that can inflict the most serious damage in terms of availability. The DDoS attack is one of the most serious threat to Internet services and further there is no perfect solution to defend against variously modified attacks to heterogeneous Internet services. To solve the problems, several defense mechanisms against DDoS attacks have been proposed in the literature. However it is not easy for a security manager to select solutions suited for his service environments. Under the respect, this paper is intended to classify DDoS defense systems based on the functional design method. Also we show various experimental results of DDoS defense systems by using our proposed classification of defense systems and performance metrics.

As the Internet technology evolves, the number of users enjoying not only communication services but also broadcast services through communication networks increases and the issues on quality of user experience (QoE) are on the rise. The convergent services are usually provided in an end-to-end manner via multiple heterogeneous carriers' network. Thus, a quality-of-service (QoS) management plan on the interworking section between carriers is needed because each carrier focuses on the QoS management within its own network boundaries. In this paper, we analyze the related standard documents and cases of other nations to set up a classification model of providers and scheme for QoS management among providers. With the results of the analysis, we provide a policy direction for the QoS interworking and management among providers in South Korea.

As the Internet technology evolves, the number of users enjoying not only communication services but also broadcast services through communication networks increases and the issues on quality of user experience (QoE) are on the rise. The convergent services are usually provided in an end-to-end manner via multiple heterogeneous carriers' network. Thus, a quality-of-service (QoS) management plan on the interworking section between carriers is needed because each carrier focuses on the QoS management within its own network boundaries. In this paper, we analyze the related standard documents and cases of other nations to set up a classification model of providers and scheme for QoS management among providers. With the results of the analysis, we provide a policy direction for the QoS interworking and management among providers in South Korea.

An extended warranty, sometimes called a service agreement, a service contract, or a maintenance agreement, is a prolonged warranty offered to consumers. Studying the extended warranty is extremely important for business investors and policymakers for effective warranty planning. However, measuring, forecasting and tracking the global diffusion of extended warranty have not been researched. This study uses model based on the knowledge of traditional diffusion theory as well as artificial neural networks. Additionally, it integrates the two into a hybrid model in order to study extended warranty growth. A count of greenery warranty can be used as a reliable measure of extended warranty growth in all the models. Our study demonstrates that a logistic Neural Network model, if properly calibrated, can create a very flexible response function to forecast the extended warranty claims. The logistic neural network successfully modeled both the usual and environmental influences in the warranty data, while the traditional formulation could only model the usual warranty claims. Logistic, artificial neural network and logistic neural network analysis are carried out on the green warranty presenting to a warranty repair department.

In order to accurately detect the various sizes of vehicle license plates which are included in input image, we introduce hierarchical approach and overlapped partitioning technique in this paper. The proposed approach firstly attempts the license plate detection for entire image. If detection is failed, the image is partitioned into 3 overlapped rectangular areas and the license plate detection is attempted again. If detection is failed again, the image is partitioned into 7 overlapped rectangular areas and license plate detection is attempted. The method to use for detecting license plate in each step is the edge-based projection technique.

Unauthorized copying and distribution of digital audio has been greatly facilitated by the wide availability of low-cost personal computers, portable devices, network access, and audio recording and editing software. One possible solution for copyright protection is audio watermarking. In this paper, we propose an effective and robust audio watermarking algorithm that employs both the discrete wavelet transform and the discrete cosine transform. The algorithm involves, first, pre-processing of the binary watermark image and then embedding it into the original audio by quantization of coefficients. Experiments on audio recordings of many different music styles confirm the robustness of the algorithm against a wide range of Stirmark attacks such as noise addition, compression, and filtering, as well as other common attacks.

Intrusion detection data often have some characteristics such as nonlinearity, higher dimension, much redundancy and noise, and partial continuous-attribute. This paper presents a new ensemble algorithm to improve intrusion detection precision. Firstly, it generates multiple training subsets in difference by using bootstrap technology. Then using neighborhood rough sets with different radiuses to make attribute reduction in these subsets, obtained the training subsets with greater difference, while Particle Swarm Optimization is used to optimize parameters of support vector machine in order to get base classifiers with greater difference and higher precision. Finally, the above base classifiers were integrdinedd by weighted synthesis method. The result of the emulation experiment in KDD99 data set indicates that this algorithm can effectively improve intrusion detection precision ,and it has higher generalization and stability.

This paper studied the fractional order chaos of PMSM system. The process that PMSM system change into chaos with the variation of fractional order is revealed by bifurcation analysis. According to the stability theory, the stability of equilibrium point of PMSM system is analysed. In the same way, some representative track point of the system is analysed and by doing this the essence of chaotic operation is revealed. Then the adaptive synchronization of PMSM system is studied. A controller with an adaptive changing rate is designed and its feasibility is theoretically proved. Introduced the implementation method of chaotic masking. Then apply the adaptive synchronization of PMSM system in secure communication and the effect is very good.

When low level services suffer attacks, the high level services that depend on them will suffer from indirect threats. Most evaluation methods do not consider dependency relationships among services, lack the evaluation upon indirect threats, do not discuss the composition of multiple source threats. Upon these problems, an evaluation method that based on dependency analysis is presented. First, dependency relationships among services are identified from the management information of operating system and the monitoring records of network communication. Afterwards, the direct threats imposed by attacks on services and the indirect threats that transfer along dependency relationships are evaluated, and the threats that come from multiple attacks are composed by means of nonlinear composition. Finally, according to threat degrees and service values, the threat situation of the whole service architecture is evaluated. Experiment shows that the method can evaluate the threat imposed by multiple attacks on network service architecture more comprehensively and deeply.

Sensor networks are ad hoc mobile networks that include sensor nodes with limited computational and communication capabilities. They have become an economically viable monitoring solution for a wide variety of applications. Obviously, security threats need to be addressed and, taking into account its limited resources, the use of lightweight authentication is strongly recommended. In this paper, a lightweight authentication model for wireless sensor networks composed of a key management and an authentication protocol is presented. It is based on the use of trusted primitives with very low computational requirements, which obtains better results than other proposals in the literatures.

So far, the Elliptic Curve Cryptosystem(ECC) provides the highest strength-per-bit of any cryptosystem. The fast implementation of elliptic curve cryptosystem key algorithms, namely, Scalar Multiplication, is studied in this paper. The limitation of the traditional fixed point comb method is analyzed, and on the basis of the study improvement strategy of fixed-base comb algorithm of this proposed, thus the speed of the whole system can be improved. Through the analysis of Power Analysis Attacks, and on the basis of comb fixed point method, resist power analysis attack methods is analyzed, and the further corresponding improved algorithm is put forward. Through the performance comparison analysis, the improved algorithm can get higher power analysis attack resistance.

In order to discover the network vulnerability timely and solve the very serious problems of network security, this paper puts forward the attack graph which is based on intrusion detection method. The method uses the generation global network attack graph algorithm to build network initial attack graph, and call attack graph optimization algorithm to remove global attack graph unreasonable path, and achieve the goal of simply attack graph. Finally, management personnel get the basis which is computed nodes in each state attack graph algorithms degree of loss to optimize the network security. Experiments show that the intrusion detection method is reasonable and effective, and has the advantages of simple and easy.

Malware authors evade the signature based detection by packing the original malware using custom packers. In this paper, we present a static heuristics based approach for the detection of packed executables. We present 1) the PE heuristics considered for analysis and taxonomy of heuristics; 2) a method for computing the score using power distance based on weights and risks assigned to the defined heuristics; and 3) classification of packed executable based on the threshold obtained with the training data set, and the results achieved with the test data set. The experimental results show that our approach has a high detection rate of 99.82% with a low false positive rate of 2.22%. We also bring out difficulties in detecting packed DLL, CLR and Debug mode executables via header analysis.

Student plagiarism is epidemic in universities. In computer programming education process, it is very common that students copy or modify other’s code as their own work. Because every course having numerous assignments, detected plagiarism will be very difficult and extremely time consuming. How to prevent the plagiarism in programming course is an important problem in education. This paper analyzes and expatiates the reasons and the methods about the code’s plagiarism, and thinks there are two phases in preventing this plagiarism: one is preventing plagiarism from occur, the other is to detect cases of plagiarism when the preventative measures fail. Preventing plagiarism methods mainly include the valid course assignment design and to forbid the electronic copy. This paper describes a code’s editor software which has been implemented use Java. When the preventative measures fail, this paper describes an automatic tool to help instructor find the suspicious targets. These phases’ aim is to cut down the plagiarism and improve the ability of the student’ programming

The intermittent attacking behavior of pulsing denial of service (PDoS) attacks poses a real challenge to the existing DoS detection methods. In this paper, an adaptive method is presented to meet this challenge. Three features distinguish this method from others. (i) No assumption is made on the distribution of the traffic samples. (ii) Automatic adjustment of the detection threshold according to the traffic conditions. (iii) Timely detection of the end of a PDoS attack. Simulation results validate the efficacy of the proposed method in source-end detection of PDoS attacks. They show (i) the minimum malicious traffic that can be detected by the proposed method is about 20% of the background traffic, under the requirements for detection delays of the start and the end of a PDoS attack are within 3 observation periods; (ii) the proposed method is more sensitive to pulsing SYN flooding traffic than it is to pulsing UDP flooding traffic.

This paper introduces a few research studies being conducted that are using multicore embedded systems, highlighting the challenges and questions relevant to R&D (Research and Development) in computer systems architecture, focusing on design aspects and optimization of embedded systems that needs to run security solutions or cryptographical algorithms using hardware acceleration, aiming for good performance, code optimizations, and the lowest energy consumption. Another aspects are the design of dedicated processors for specific purposes, multicore systems and GPUs for security solutions and specific applications requiring high performance, with the possibility to work with FPGAs or embedded platforms with embedded multicore paradigm.

There has been a recent surge in the popularity of social networking services (SNSs) and SNSs have grown rapidly, as has the variety of information shared through SNSs. However, SNSs raise concerns about the security and privacy of users because the information written by the user might be exposed in the SNS. Many studies have addressed this issue, but previous research has lacked methods that can be applied efficiently in the SNS environment. In this paper, we propose a method for the efficient protection of privacy in SNS based on access control

Since smartwork can provide a flexible and convenient mode of work for employees, many companies are preparing to adopt smartwork systems for their work environments. In addition, many companies are supporting a “SmartWork Center” to increase the staff’s work efficiency. However, in a smartwork center, most users use public devices and work in open network environments. As a result, there can be security vulnerabilities such as the leakage of secret data, invasion of privacy, viruses, and the spread of malware. Therefore, in this paper, we proposed Security management architecture for the construction of a secure smartwork center.