Earticle

A black hole attack is one of the most serious attacks in mobile ad hoc networks. A malicious node can act as if it has a valid route to a destination and then respond with a false Route Reply (RREP) message to the source, when it receives a Route Request (RREQ). Then the malicious node absorbs data packets destined for the destination. We propose an Encrypted Verification Method (EVM) that effectively detects a black hole attack. It takes two steps. First, every node examines its neighbors by inspecting their data transmission behaviors. Second, a detection node that receives an RREP from the suspicious node sends an encrypted verification message directly to the destination along the path included in the RREP for verification. The approach not only pins down the black hole nodes, but also reduces control overhead significantly. We prove by resorting to simulation that the EVM is highly dependable against the black hole attack.

Cloud storage is now an important development trend in information technology. However, information security has become an important problem to impede it for commercial application, such as data confidentiality, integrity, and availability. In this paper, we propose designated verifier provable data possession (DV-PDP). In public clouds, DV-PDP is a matter of crucial importance when the client cannot perform the remote data possession checking. We study the DV-PDP system security model and use ECC-based homomorphism authenticator to design DV-PDP scheme. The scheme removed expensive bilinear computing. Moreover in DV-PDP scheme, the cloud storage server is stateless and independent from verifier, which is an important secure property in PDP schemes. Through security analysis and performance analysis, our scheme is provable secure and high efficiency.

In recent, various types of cloud services such as Web-based cloud and mobile cloud that can store and access documents and multimedia files from a wide variety of client environment are getting rapidly increased. However, the problem is that if a network failure or a security failure occurs due to an intended or unintended accident, we would experience considerable damages. Since cloud services have high portion of virtualization that implies one of the physical hypervisor platforms operating on more than two organizational data, the risks are always present in cloud services at the aspect of security issues. In this paper, we analyze the security threats and security technologies for secured cloud services. We also provide the security requirements for cloud services which help to make a research direction to the new types of security threats.

Accompanying to the growing utilization and dependency on the internet and the ICT (Information and Communication Technology), the threat by hacking, malicious code and virus are rising as serious problems. Especially, the single server which is hosted by professional hosting companies is exposed to diverse attack, and then abused as malicious server. Even though responsibility for the security problem on the singe server is not to hosting company but to single server user, almost of users have little security awareness about the single server security. Thus, in this paper, we first survey the cause of increase of a single server, and then investigate reasons inducing vulnerable points of the single server. By inquiry with questionnaires about security awareness and necessity of security reinforcement for a single server, this paper suggests countermeasures for security of the single server including technical measures with low burden.

The Block cipher BM–128 which is proved to be suitable to the applications in the wireless communication systems are proposed in this paper. It is developed based on SDDO which is constructed from CSPN. BM-128 also eliminates the weak keys without the complex round key proceduce and meet the requirements of NESSIE. Design shall meet all the security requirements to protect applications against the well-known threats. In addition, BM-128 evaluated to have higher performance than the other algorithms when they are used in cheap hardware.

In order to improve the effect of remote video monitoring system, a new image mosaic technology based on fuzzy cellular automata corner detection is presented. Firstly, the edge feature points from two images are extracted by fuzzy cellular automata; secondly the corner feature points are extracted by corner detection method based on geometry feature of corner; thirdly, the corresponding feature point pairs are got by the cross-correlation of the gray scale around the corner feature points; finally the images can be stitched by matched corner feature point pairs. The experiment of remote viewing image mosaic in substation shows that this method can achieve image mosaic effectively and it will be benefit to improve the safety and reliability of substation operation.

Now most software systems in cloud platform use Multi - Tenancy architecture. A single software system serves for multiple client organization. All customers’ data will not be stored in only one node. So the system needs higher data security mechanism. This paper wants to build a data security monitoring model in cloud platform for large enterprises. The model can set the authentication, logging, fine-grained access control, dynamic data filtering strategy and data audit to realize the security protection for enterprises data. The model proposed by this paper uses multi-tenancy SaaS(Software as Service) application architecture, RBAC (Role-Based policies Access Control) model and operation in the context of environmental perception to realize the data access control. It using PMI framework to provide accession management services for enterprise users.

In this work, we propose new streaming video service model using steganographic data-hiding algorism has been presented in the paper, in which it is fit for streaming video data to hide information related in copyright and authentication of video data. Secret information is encrypted by session key generated with symmetric key by pseudo-random number; shared by sender and receiver, that increases confidentiality. To share the secret key with video streaming server and customer, the server encrypts the secret key with customer’s public key and sends it to customer. In the future work, we plan to optimize adaptive threshold and appropriate a period of time T, so that those are fit for streaming video service user’s propensity.

To provide secure and efficient access control methods in cloud computing environments, many system models have been proposed that employ attribute-based encryption and proxy re-encryption schemes. Most of these access control schemes are based on the user’s authentication information and access privileges. However, when users request access privileges through non-secure environments such as mobile devices and wireless networks, we need to be able to restrict access requests, depending on the user’s context-aware information. To achieve this, in this paper we propose an access restriction scheme for access to cloud data that is based on context-aware information.

In recent years, cloud computing has become a major mode to address SMEs inefficient and help improve their competitiveness. As cloud providers have priority access to data, so it is difficult to guarantee the confidentiality and integrity of users’ data. For this reason this paper proposed a model to solve the problem of data security in cloud computing. The model adopts efficient encryption mechanisms to protect users’ data. As the encrypted data is difficult to retrieve, we present a method of cipher text retrieval. Experimental results show that the model can better ensure data confidentiality and integrity.

This paper is based on the (α, k)-anonymity models by introducing the individualized privacy-sensitive factor then computing the individualized privacy preservation demand degree of each sensitive value to realize the individualized service of each sensitive value. It combining with the top-down local codes and the sensitive attribute generalization anonymous technology proposes a method based on the attribute classification tree to realize the individualized (α, k)- anonymity models. At last, the results of simulation show that this method could complete the anonymilization and meet the demand of individualized privacy preservation, and the information loss is lower than the original one.

In view of the shortcoming and the insufficiency of the traditional video monitoring system is complex, the power and the cost is higher, cost a lot of human resources. This paper design a moving objects detection system on the basis of the traditional video monitoring system in moving target detection algorithm, which applied to special environment conditions. The design in this paper uses ARM processor as the hardware platform and embedded operation system as software platform, uses the algorithm combined the background subtraction method and the frame difference, realizes fast image recognition of moving objects. This system alarms, saves the moving object images, and sends the images to the monitor by mail. The experiment simulation results show that the system detects moving objects fast, accurate, stable, good real-time performance, so it can be applied to unmanned environment monitoring etc and has good market prospects.

As smart appliances have developed rapidly, much convenience and information have been brought to people. However, as smart appliances become popular, conversely the problems of information security increase actually and the cognition of the information security decreases gradually. With the advance of smart appliances, one of the most developing systems is SNS (Social Network System). SNS exchanges much information through interaction and sharing with a lot of people. In this system, to improve the cognition of information security, it is required to develop a SNG (Social Network Game) adding edutainment on information security. This study aims to develop a novel card-based security information game connected with SNS, promote the awareness of the importance of private information management, and ultimately reduce the problems of information security by improving the cognition of the information security.

Most of people, who have no solid background of information security, are prone to be attacked by hackers. Furthermore, although they often receive the news of hacking cases, they do not know what the hacking-principles are and how they can protect themselves against the hacking attacks. Also, the learning contents for information security suitable for them have not been yet developed sufficiently because most of the existing information security learning contents have mainly been developed for computer experts or students major in computer security. Therefore, we created a principle-based learning scenario about typical four cases of hacking attacks and simulation game in this paper. Then, we proposed the customized information security contents for hacking-principle learning on the web.

The bumper is an important part of a vehicle safety performance evaluation. In this paper, a domestic A- class car bumper as the object of study.CAE model was established by using HyperMesh software, and the finite element method is applied to solve the calculation of the model. The bumper were studied in C- NCAP and E.C.E R42 two different standards. The bumper is optimized by changing the structure size of the way. Appropriate to increase the thickness of the metal bar bumper can improve its safety performance, while its weight changed little.

Generally, if a user wants to use numerous different network services, he/she must register himself/herself to every service providing server. It is not easy task for users to remember these different identities and passwords for each server. To solve the problem, various multi-server authentication schemes have been proposed. Recently, Wang et al. proposed a smartcard based multi-server authentication scheme. They claimed that their scheme is secure against impersonation attack, server spoofing attack and offline dictionary attack, and provides forward secrecy. However, through careful analysis, we find that Wang et al.’s scheme is still vulnerable to password guessing attack with stolen smartcard. Furthermore, we propose an enhanced smartcard based multi-server authentication scheme to cope with the security problem in Wang et al.’s scheme. The proposed scheme is suitable for use in distributed multi-server architecture since it provides mutual authentication, efficiency and security.

In this paper, we propose a multiple watermarking algorithm which embeds an integrated watermark into content using traditional watermarking algorithm. The integrated watermark consists of multiple watermark information and it is useful to trace illegal distribution. The information is generated by using Dot Code A, which can express multiple user information with error correction. An orthogonal transform and code division multiplexing technology are used to spread Dot Code A. This also ensures the algorithm is robust. The embedding range of the AC coefficients is within [-0.5, -0.3] and [0.3, 0.5] in the discrete cosine transform domain. At an embedding strength of 0.7, the signal-to-noise ratio of the test audio is over 53 dB, and we are able to extract the Dot Code A from the watermarked audio exactly.

In this paper, Underground Mining Safety Production Management System based on the 4A idea has been put forward. Firstly, the safety status assessment and accident early warning indicator hierarchy has been established based on the analysis of the safety indicator in underground mining operation. Secondly, aimed at the hierarchy that established, the method for assessing it has been researched by using Fuzzy Analytical Hierarchy Process and. Thirdly, from the actual demand of safety management, the logic and architecture of Underground Mining Safety Production Management System has been designed. By using, java and SQL Server, the system, which contains the hierarchy and assessment method mentioned above, has been realized and also has been applied to two iron mine successfully. The application of the system not only improves the information level and systematic of mining safety management, but also improves the efficiency. Ultimately the purpose of reducing loss and improving benefit has been reached.

In current wireless intrusion prevention system (WIPS), the mobile devices are classified into one of three or four categories by classification algorithm for preventing wireless intrusion. But such a classification mechanism has difficulty to delicate control the wireless access of mobile device to an access point because of its simple classification. And it cannot estimate potential security threats arising from security vulnerability of mobile device itself. In this paper we improve mobile device classification for preventing wireless intrusion. In the proposed algorithm, the mobile devices are classified into nine categories. To do this we utilize the security related events of the device from the mobile device management (MDM) and authorization server.

In this paper, we investigated the problem of copyright infringement in the peer-to-peer (P2P) environment, and proposed a system for piracy tracking. Even though the BitTorrent P2P software is a very efficient way to transfer files, it has become the main tool used to pirate copyrighted materials. Thus, we studied the bit torrent packet itself in order to detect the destination and source of the piracy. The torrent meta-file which has hash values of the pieces of the shared content is also analyzed to identify copyrighted material. As a result, we proposed a tracking system for copyright protection against BitTorrent piracy. Our system consists of hash database, feature database, protocol analyzer, torrent meta-file crawler, and copyright identifier. In this tracking system, the content is identified by three ways. The first way is to use the info hash in the hash DB. The second way is to use the piece hash value in the hash DB. Last way is to use the feature of the content that is able to identify if the content is slightly changed from original. If the proposed system is installed on the ISP network, it is able to protect the content from BitTorrent distribution.

This paper presents a proposal for a large-scale lecture authentication algorithm for an electronic attendance system. The utilization rate for existing electronic attendance systems is low. Because it couldn't solve the problems that occur by special conditions of university such as vicarious attendance, bottlenecking during attendance check-in, and attendees departure at intermission. The most important things are not the authentication problems or errors on the technical issues. Instead, issues are related to attempts to check attendance simultaneously by a number of students, failure to prevent vicarious attendance, and the uncertainties of students remaining in the classroom following check-in. The authentication algorithm of the proposed system uses smartphone in attendance check. So it will save time and prevent bottlenecks as large numbers of students will not need to stand in line to check-in their attendance in the wall-mounted attendance device. And, it will minimize, if not eliminate, students who might leave at intermission. Because the instructor can verify attendance many times with the simplicity of the attendance check verification procedure and the short authentication time. Thus, the proposed algorithm will facilitate the implementation of a smart electronic attendance system in the construction of the smart campus.

This paper takes intelligent security car as the research background, aiming to find a image encryption algorithm to realize the car in the image secure transmission of wireless transmission network based on open protocols, with good safety and high real-time. this passage is based on the analysis of the existing encryption algorithms of traditional and new image, select the digital image encryption technology based on chaotic system, And put forward a Multiple chaotic image encryption method which is fit for this project, After analysis and test, the algorithm satisfies the requirements of safety and real-time.

The SMART Highway project combines road construction with advanced technology and vehicle telecommunication. A Vehicular Ad hoc Network (VANET) is the core technology of the SMART Highway, whose transport operation is based on road vehicle. The VANET is a next-generation networking technology that enables wireless communication between vehicles or between vehicles and a Road Side Unit (RSU). In the VANET system, a vehicle accident is likely to cause a serious disaster. Therefore, some information on safety is essential to serve as the key exchange protocol for communication between vehicles. However, the key exchange scheme of the general network proposed for a fast-moving communication environment is unsuitable for vehicles. In this paper, the initial communication from the RSU is passed only with group keys. Then the key value in the communication is updated when the vehicle itself uses Bloom filters to verify the proposed method. In the proposed VANET scheme, the distributed operations are focused on the RSU and more secure group communication can be achieved by minimizing the number of key exchanges. Accordingly, communication between multiple vehicles more efficient and secure key exchange at the vehicle certification by signcryption and vehicle certification method that uses a counting bloom filter for more efficient certification is proposed.

In this paper, we proposed the attribute binding based enhanced user authentication. User authentication is a simple process that is used to determine if an identity is real. Age restricted commerce such as lottery, online gaming, wine & spirits, tobacco, social networking, wireless and others are not invulnerable to the risks associated with identity theft and fraud. And, as this dynamic industry continues to grow, only assessing if a customer is of age will no longer be sufficient. Determining a minimum age needs to be combined with gaining a deeper insight into the validity of an identity along with fraud patters to help protect customer privacy, meet compliance and prevent fraud. The suggested model in this paper can be used to protect the child effectively in the internet environments.

In the process of transmitting Business E-commerce information, there are various risks that can put it at stake at any time. So in this article, for the purpose of ensuring the security of the devices, operating systems and data transaction, elaborate the security of Business E-commerce from the aspect of VLAN, application layer, session layer, dynamic password, symmetric key encryption and encryption of communication stack. In order to do that, we need to strengthen and improve education, publicity, and security awareness of enterprises; using multiple networks and cryptographic techniques to protect the security of information; strengthening risk analysis and prevention to reduce systemic risks; perfection of E-commerce legislation; using security strategies which protect the interests of both parties.

Non-Adjacent Form (NAF) is a canonical form of signed binary representation of integers. Joye-Yen proposed a left-to-right analogue of NAF (FAN). It is known that NAF and FAN can be generated by applying a sliding window method with width-2 to the Booth encoding in right-to-left and left-to-right direction, respectively. In this article, we derive some properties of Booth encoding such as pattern, classication, extension, adjacency, and length.

In this paper, we proposed the model which can support fraud detection in ICT application service. Fraud detection service monitors and analyzes user activity and behavior at the application level (rather than at the system, database or network level) and watches what transpires inside and across accounts, using any channel available to a user. It also analyzes behavior among related users, accounts or other entities, looking for organized criminal activity, corruption or misuse. This model can be used in e-banking, e- payment, e-government and enterprise remote access, etc.

In this paper a pixel value differencing steganography based on the maximum difference of the neighboring pixel values have been proposed. There are four variants such as five, six, seven and eight neighbor differencing. In five neighbor differencing method the maximum difference amongst the five neighboring pixels such as upper, left, right, bottom and upper-right corner are used to take embedding decision. In six neighbor differencing method the maximum difference amongst the six neighboring pixels such as upper, left, right, bottom, upper-right corner, and upper-left corner are used to take embedding decision. In seven neighbor differencing method the maximum difference amongst the seven neighboring pixels such as upper, left, right, bottom, upper-right corner, upper-left corner and bottom-left corner are used to take embedding decision. In eight neighbor differencing method the maximum difference amongst all the eight neighboring pixels are used to take embedding decision. The message extraction process is very simple and does not require any knowledge of the original image. The experimental results show that the distortion is the minimum in five neighbor differencing. But the theoretical studies reveal that the hiding capacity is the highest in eight neighbor differencing.

Face Recognition technology is a very important biological feature Recognition technology. Face Recognition is more and more researchers' attention, especially the principal Component Analysis method (Principle Component Analysis, PCA) after the application of Face Recognition, Face Recognition application domain expands unceasingly in daily life, such as immigration, entrance guard system, the Olympic security, airport security checks, etc. Although the face recognition system has better recognition effect has been achieved, but still by illumination, posture, facial expression change, hairstyle, with or without glasses, and the influence of various factors such as aging. Therefore, in this paper, the study of face recognition technology, has important theory significance and practical application value.A face recognition method that based on KPCA and SVM is proposed in this paper.