Earticle

Based on research about network mobility, this paper analyzes the security requirements of internet of things and wireless network based on 6LoWPAN, and designs the security architecture based on 6LoWPAN network, especially for the frequent mobile handoff access and data multi-hop forwarding. The access authentication scheme and data encryption method are designed and implemented based on 6LoWPAN mobile switching. Through comparing with non-symmetric encryption and symmetric encryption, AES pre-shared key encryption scheme is determined to use for 6LoWPAN, and is compared with typical cryptographic algorithms on internet of things platform and Contiki operate system. In experiment, the lightweight security of IoT mobile communication is realized on CC2530 nodes, including the advanced encryption standard, the payload encryption of network data packet and wireless nodes access authentication. Security architecture for mobile switching scenarios are verified, the feasibility of proposed scheme is confirmed.

All links in mobile ad-hoc networks are wireless and works independently, as there is no fixed infrastructure. In mobile ad-hoc network, network topology may change rapidly. The basic reason is the mobility of nodes, so it requires more security. This paper basically discusses the black hole attack, collaborative black hole attack & the technique to detect and isolate these types of attack. The collaboration of two proposed techniques i.e. fake route request with fake destination ID and multipath routing is implemented that helps in detection of black hole attack. These attacks may lead to the degradation of performance of the network. The algorithm implemented will improve the packet delivery by 25% and delay factor by 50% as compared to the conventional techniques. We also compared the results such as routing overheads, packet loss, energy consumption and throughput.

In this paper, two Cortex-A9 processors and microblaze processor are used to build a multiprocessor embedded system. The whole system is connected AXI Interconnect, and the shared memory is used as a communication mechanism. Embedded multiprocessor system is mapped into FPGA, and the feasibility and practicability of the system are verified. Simulation result Indicate that shared memory provides very high performance and low latency access from both processors compared with the DDR memory.

With the development of trusted network, the research of trusted evaluation mechanism of user behavior is a hotpot in the network security. In order to solve the problems of subjectivity, limitations and static in traditional trusted network user behavior evaluation models, we have to find a real-time and dynamic evaluation method for user behavior. In this paper, the authors construct a real-time evaluation mechanism based on double evidence classification of user behavior (DEC-UB). The evaluation mechanism includes the process classification and characteristic classification of user behavior evidence, which makes the user behavior evidence of any time can be directly involved in the trust evaluation, and the evaluation result is more comprehensive and accurate. Simulation experiments have evaluated the three kinds of user behaviors based on the DEC-UB, and compared them with the other two kinds of trust evaluation methods of user behavior, the results show that the proposed methods can evaluate the user's behavior comprehensively, accurately and dynamically in complex network environments, and the results are more realistic.

AMI (Advanced Metering Infrastructure) is one of the ways to build a smart grid environment, this is the automated power metering. We design the mutual authentication on the AMI environment verify the both sides, and provide a secure communication channel. This paper is a study of AMI Security in Penta Security System, which is provided in real AMI deployment environment. We have used the technique such as PKI with DTLS, certificates for implementing secure AMI. The study will be used for equipment validation study in IoT environment.

There always appears high packet loss rate in Network Intrusion Detection System (NIDS), especially when the network traffic is high. To address this problem, we have proposed the methods to identifying multimedia packets and processing them in a particular way thus received good results. On this basis, this paper propose a solution that uses a multimedia list structure based on the original list in NIDS. This multimedia list structure can let NIDS reduce the matching times to multimedia packets significantly by shortening the average searching length of OTN nodes dramatically. In addition, this paper also introduce the method of dynamic sorting to the multimedia list in order to shorten the time of rule matching. So this solution can further improve the detection efficiency of NIDS by speeding up the processing efficiency of NIDS to multimedia packets. Various experiments have shown that the packet loss rate of NIDS can be reduced on a large scale and the security of NIDS is not reduced by using the multimedia list.

It goes without saying that the use of FIDO based services, especially financial areas is becoming more and more widespread these days. FIDO services are adapting a variety of service areas such as easy payment, money transfer, ATM withdrawal/savings, and single sign-on, etc. Because FIDO service uses standard public key cryptography techniques to provide stronger authentication and securely saves a user’s bio-information in the smartphone. But when registered, FIDO only confirms the match between pre–enrolled fingerprints and the one on the registration process. In other words, FIDO is not able to verify the person’s identity. The user has to register his/her biometric information in each sites. It is our purpose to solve these problems by implementing FIDO and PKI technologies adapted in current FIDO service and accredited certification system. The proposed secure biometric authentication framework provides the centralized biometric authentication framework in Fintech environment that a variety of services need the interoperability of user’s biometric information in order to protect user’s privacy and increase convenience of customers.

In cloud computing, cloud users can upload their data to cloud storage server in order to save local storage and access their data from anywhere. However, cloud storage service also brings serious security issues. Cloud users should be convinced of the correctness of their data stored remotely in the cloud. Thus, a reliable auditing scheme is desired to help cloud users check the integrity of their remote data. In this paper, we first propose an efficient cloud auditing scheme for multi-cloud storage systems, which can also preserve the privacy. Then, we extend our auditing scheme to support dynamic auditing and batch auditing for both multiple cloud users and multiple cloud service providers (CSPs), which makes the scheme more practical and efficient. Security analysis shows that our auditing scheme is provably secure. Our experiments indicate that our solution is efficient and significantly relieves the computation burden of both third party auditor (TPA) and CSP.

A quantum key distribution protocol with traditional Bob has been proposed recently by Boyer et al. using single-particle state. In this paper, a semi-quantum key distribution protocol is described, in which Einstein-Podolsky-Rosen (EPR) pairs of particles are utilized to generate a secret key in remote places. This extends the quantum key distribution protocol with traditional Bob where the single-qubit channel is replaced by the entangled EPR-pair channel. And quantum Alice is able to do any quantum operations, preparing quantum states and performing quantum measurement, but traditional Bob is not able to prepare and measure a particle in the computational basis, reflect the particles. Furthermore, entanglement states are used in our protocol. The analysis shows that our protocol is secure, which can avoid the beam splitter attack automatically, and the proposed protocol is more efficient than Boyer’s scheme.

This paper proposes a new lightweight cipher VAYU. VAYU has a balanced Feistel structure. VAYU cipher supports 64 bit plaintext and 128/80 bit key length and it has a total of 31 rounds. It needs only 1290 GEs for 128 bit key length. It also results in minimal memory size as compared to all other existing lightweight ciphers. This paper discusses the security analysis of VAYU cipher design which is adequate against linear and differential cryptanalysis, Biclique attack, zero correlation attack, algebraic attack. VAYU cipher design will be best suitable for applications like IoT, smart Wireless Sensor networks. VAYU cipher uses two F-functions with substitution box, which results in a high diffusion mechanism.

Most health problems of building structures are accumulative damages which are difficult to detect, and it is more difficult to monitor the structure health due to the complexity of the practical structure and the environment noise, and the existing methods need lots of data for model training but it is very complicated to mark the data in practice. In order to solve above problems, the wireless sensor network is configured and the sparse encoding method is adopted to monitor the bridge structure health, and meanwhile the sparse encoding algorithm is adopted for training on the basis of the characteristic extraction of many unlabeled instances, thus to compress data dimensionality and preprocess unlabeled data. Then, the deep learning algorithm is adopted to predict the bridge structure health monitoring type, and meanwhile Hessian optimization is improved on the basis of the linear conjugate gradient in order to replace uncertain Hessian matrix by positive semidefinite Gaussian - Newton curvature matrix for secondary objective combination, thus to improve the efficiency of the deep learning algorithm. The experiment result shows that the security detection of the bridge structure based on deep learning algorithm can monitor the high-accuracy structure health conditions under the sparse encoding of the environment noise.

Now the network has become the main source of the information where people gain from. However there are various network information, include healthy and helpful information, at the same time; also include the bad and useless information. How to protect the security and quickly and exactly find the user need from this vast information has become the hot research. This article use the improve vector space model to filter bad information and use the semantic web technology to build a computer ontology. Aim at this area to information retrieval, through this ontology to handle users’ input, thus to improve the recall level and the precision rate.

Preserving privacy is a challenge and requires the management of access control, which may be based on role, purpose or trust. There are many recent advances of access control models have been developed to avoid unauthorized users access to the privacy. However, there are still issues that impede the development of effective access control. The issue highlight in this paper is inappropriate access and use of sensitive attributes by authorized users. Therefore, it is critical to design an efficient access control model based on trust to protect sensitive attributes from untrusted user. In this paper, we propose a new access control model based on trust called role performance trust-based access control to permit trusted user access to sensitive attributes. Subsequently, we also propose a comprehensive policy to permit user access sensitive attributes based on two trust metrics namely user experience and behaviour. To evaluate the trustworthiness of authorized user, we propose a quantification method to measure those metrics. Based on the results, role performance trust-based access control may significantly permit or prohibit access to personal information, especially sensitive attributes by authorized users. This model is capable to solve the issue of authorized user without trust to access sensitive attributes.

Anomaly detection under Cloud computing environment plays an important role in detecting anomalous virtual machines (VMs) before real failures occur. In order to accurately characterize the new trend of VMs' performance, new samples are collected, detected, and selectively added into the training sample set. The newly added samples are used for updating the detection model, so as to improve detection accuracy. However, increasing number of training samples causes both much storage space and CPU time. To overcome this challenge, this article proposes an anomaly detection algorithm based on online learning Lagrangian SVM (termed OLLSVM) for detecting anomalous VMs. Online learning includes incremental learning and decremental learning. Single-sample and batch incremental learning algorithms are designed to update the detection model when adding a single sample or a set of samples. Similarly, single-sample and batch decremental learning algorithms are designed for deleting a single sample or a set of samples. The strategies for selecting sample(s) to be added or deleted are also designed. This article conducts experiments on Cloud datasets and KDD Cup datasets. The experimental results show that, compared with traditional Lagrangian SVM (LSVM) which retrains the detection model each time when adding or deleting sample(s), OLLSVM achieves almost similar high detection accuracy but much higher time efficiency.

This study aimed to examine the effect of the ease of the transaction, the consumer interest, and the level of system security against acts of fraud on online shopping. Ease of transaction is measured from the transaction speed, high accuracy, high volume transaction, highly correlated, and ease of access are high. Measurement of consumer interests is including motivation, perception, learning, and memory. System security level measured from the privacy, integrity, autentication, availability, and access control.Sample selection is done by using purposive sampling method. The research data were collected from students of the Faculty of Economics, University of Trisakti. The samples used were 100 accounting students from semesters 1 to 9. The analysis technique used is multiple regression in SPSS version 23. The results showed that the factors such as the ease of transactions, consumer interest, and the security level of the system is partially measured by the transaction speed, high accuracy, high volume transaction are highly correlated. Meanwhile, ease of access is high, motivation, perception, learning and memory does not have a significant effect on the action of cheating but the privacy, integrity, autentication, availability. The access control can influence the actions of fraud significantly. Influence ease of transactions, consumer interest, and the security level of positive and significant impact on fraud actions simultaneously.

Aiming at lack of the initiative to coordinate in the coal mine security emergency management, the easy consequence in coal mine accident, the security emergency management of the coupling coordination degree is put forward based on hierarchical network analysis process (ANP) and order parameter method. According to the literatures at home and abroad, the coupling coordination of emergency management processes in coal mine security is summarized; whose measure index system includes five sub-systems, eleven order parameters and thirty-three secondary indexes. With super decision software to determine the weight of each index, the four steps of prevention, preparation, response and recovery of coal mine security emergency management are calculated by using the order parameter method. The results show that the coordination is the highest between the coal mine security emergency management preparation and response of the two parts of the sub-system, while the overall coordination of the system is relatively low.

Security is an important problem in wireless sensor networks. Intrusion detection system is one of the most common methods of network security, for which more and more people have shown solicitude. In this paper, a dynamic random password authentication (DRPA) method is proposed for the identity authentication of communication nodes, which can detect and prevent malicious behavior at each stage of the network operation. This paper introduces the method of automatic generation of random passwords. When a user wants to communicate, the password will be verified to confirm whether it is a normal user or a malicious user. The password’s generation and verification process is very suitable for wireless sensor networks. By using NS2, the simulation experiments are carried out and the results show that this method is superior to the other methods.

In this paper, we suggest improvements of security in IEEE 11073:20601 protocol and the structure of its agent for protecting user’s healthcare information safely. Current IEEE 11073:20601 standard does not provide any method to ensure security of data exchange, and it assumes that data exchange is secured by other means. The suggested improvements include mechanism to enhance security in exchanging and storing data in PHD. While providing those advantages, it also satisfies availability by effective encoding rules and data protecting algorithm.

The paper presents a new Image Encryption Algorithm. First of all, we utilize the common plane analysis process and Logistic to generate seven groups of chaotic sequence of different range value, and then, the order of the "exclusive or" of Scrambling Figures in the plane analysis of 8 groups different information content was determined by the generated Chaotic sequences with different range values and the information in Bit Plane Analysis. We use 7 groups of different values of every Logistic and select the corresponding pixels of different groups to process ‘exclusive or’ operation, in the end we will get encrypted image. Decryption is the inverse process of encryption. This Algorithm implementation is simple, and due to the generated different chaotic sequence, this algorithm has large key spaces. Other than that, the experiment verifies that new Image Encryption Algorithm is free from the histogram, plain text attack, etc.

With the rapid development of wireless communication, mobile network, and embedded system technologies, android-based mobile devices show a number of useful functions and then they are attacked by hackers for obtaining some useful information. In this paper, an efficient static anomaly detection framework is shown for android-based mobile phones to improve their security. The proposed framework uses support vector machine to perform the anomaly detection and exploits the cloud computing platform to reduce the impact on android-based mobile phones. Experimental results show that the proposed framework is better than existing anomaly detection frameworks in terms of the detection precision and the detection time.

A number of security protocols have been designed for mobile transactions using Near Field Communication technology in the last few years. However, the component architectures of these protocols are rarely implemented in Java for further evaluation. In this paper, we briefly discuss our previously proposed mobile transaction authentication protocol and extend our work by presenting its Java implementation. This implementation provides a detailed analysis based on a number of factors with respect to the security considerations of the protocol, particularly in its design stage. Thus, it provides a broad verification as well as step-by-step evaluation of the protocol specifications from its implementation point of view.

The paper established TBRI（Trust-Based RBAC in IoT）model，calculation of trust value as the core in TBRI. It established groups, objects’ access threshold, objects’ influence and object evaluation, in order to realize accuracy calculation and prevent hackers obtain trust value through malicious repeated operation. Because the subjects in the Internet of things can be used as objects at the same time, TBRI use different trust value calculation formula to enhance the credibility of the trust value.

As the information was being overloaded from time to time, a significant technique should be accomplished by several search engines that exists will use from the databases to eradicate the replicas of data which was available in articles and to present the outcomes of the search to users in terms of percentage of the amount of the data copied from the original file. Plagiarism is the process of bestowing one’s creative ideas as our individual conception. It is does not meant that anybody cannot use other’s considerations or workings, anybody can use their data by giving the actual credit the original users by stating their names in literature or in references and also by giving special note on acknowledgements. Copying the content of the others work is mainly considered to be a big crime in terms of research and in terms of the owning the idea of the others. The main idea of this work is to identify the extent of the data that was being copied or to identify the amount of data that was being copied from other peoples work or their own credited work. Performance of plagiarizing a document is not limited to word files or pdf files, it is possible to plagiarize even images and other files too. Hence, we were focused on finding the plagiarism in word files which includes academics and research articles.

With the popularity of high fidelity and portable recording device, it becomes very easy for the attacker to spoof speaker verification system by voice playback. In this paper, it found that there exists obvious difference in the scale-factors, a parameter of MP3 codec, when the original and playback voices are compressed by MP3. So, a detection algorithm for the playback voice is proposed. The experimental results show that the detection accuracy of the proposed algorithm can reach to 99.51% for 4 different types of eavesdropping devices. Meanwhile, the algorithm is integrated into the speaker verification system based on GMM-UBM. The equal error rate (EER) of the system has dropped 32% and the system's ability to resist playback attack is improved.

The design of the remote user authentication scheme for access to the service server is a very important issue in a multi-server environment. In particular, it is essential for mutual authentication and key agreement process between the user and the server. Proposed so far many schemes are focused to increase safety, reduce the communication time and calculation cost. On the other hand, there is a limit to overcome a variety of attacks. In recent years, Jain et al'.s proposed the authentication scheme, such as mutual authentication and session key establishment, smart card-based multi-server authentication scheme to withstand a variety of attacks. In this paper, I analyze that Jain et al'.s scheme is not secure against user impersonation attack, man-in-the-middle attack, DoS attack, reply attack etc.

The architecture of a class of time-varying neural networks can be determined by simply adopting that of the conventional neural networks, while the weights are allowed to vary with time. The challenge lies how to select the weights, when applying a time-varying neural network. In this paper, we use the iterative learning methodology for training time-varying neural networks, and the neural networks are proposed for modeling and identification of discrete-time time-varying nonlinear systems. Time-varying dynamical neural networks (DNNs) are presented by the architecture of conventional high-order DNNs with connection weights varying with time. Both conventional DNNs and time-varying DNNs are used to identify time-varying systems. The weights are updated by least squares integral learning algorithm with dead-zones. For time-varying case, iterative learning and its improved algorithms are used to update connection weights. The identification error is ensured to converge to the bound, which is proportional to the approximation error.

With the development of cloud computing technology, more and more users have outsourced their data to cloud platform. To protect the safety of these data, some encryption methods are usually used. But it is very difficult question that how to effective retrieval and to use the encrypted data, we propose a multi-attribute keyword retrieval mechanism for encrypted cloud data. In this mechanism, we first define the local feature attributes of the keywords and the global feature attributes of the document. Then, we construct the mapping relationship between keywords and document attributes according to the basic principle of inverted index algorithm and establish the security index. Based on the above steps, we improve the weight of the key words and calculate the similarity score of the document by combining the multi-attribute score function. Experiments show that this mechanism not only can effectively improve the accuracy of the data retrieval, but also can greatly reduce the bandwidth consumption of system.

Network security situation prediction is of great significance for the use of the Internet, and it is the focus of production and life issues. Under the guidance of the model combination forecasting method, In this paper, based on the Kalman filtering model a new method of network security prediction is presented, which is based on the theory of decision entropy. In this method, the Kalman state equation and measurement equation are constructed according to the key attributes of the network security state, and then combined with the decision entropy theory to predict the future state of network security. The experimental results show that the proposed method has high prediction accuracy and is suitable for the state prediction of network security.

Computer network vulnerability analysis is a method of analysis and evaluation of network security beforehand. The attacks method has occurred in the network, the previous network status change as input information, calculated by the model analysis. Forecasting network node may be network attacks given the current security level value network, network security reinforcement measures taken before the danger. Administrators can proactively identify network security issues, to take measures in advance to avoid information leakage, financial losses, ensure the safety of individuals and countries. Therefore, vulnerability analysis computer network is very important. Based on the properties of attack graph shows the method of attack graphs to Bayesian network transformation, using the new algorithm to eliminate loops attribute attack graph optimization, building the Bayesian attribute attack graph model used to evaluate the network itself security situation. In this model, based on Bayes formula for calculating the probability of a new node probability calculation formula and attack paths occur for calculating network vulnerability assessment of the quantitative indicators. The model not only can visually process description of cyber attacks, but also into the Bayesian network probabilistic thinking of possible network attack path prediction and assessment.

Face-recognition is becoming common among the section of study in computer-vision, while it is also one of the very effective programs of comprehension and image-analysis. It may be employed for both ID and confirmation. At the moment, there are lots of means of front watch face-recognition. Nicely when just one instant picture per course can be obtained nevertheless, a handful of them can perhaps work. In this paper, we discuss the different face recognition techniques and find a better method for pose variation, non-uniform motion blur and Illumination by using a Reference face graph for face recognition. One example image' problem and two generalized eigenface algorithms are proposed. Face-recognition has been analyzed thoroughly; nevertheless, real world face-recognition stays a job that is difficult. The interest in unconstrained useful face-recognition is increasing using the surge of online media, for example, video-surveillance video, and internet sites wherever encounter evaluation is of substantial significance. Face-recognition is approached by us within data theory's framework. We identify an unfamiliar encounter utilizing an exterior Reference Face Graph (RFG). There is an RFG produced by evaluating it towards the encounters within the built RFG and acknowledgement of the given encounter is attained. Centrality steps are used to recognize encounters that were unique within the Reference Face Graph.