Earticle

Networks are protected using many firewalls and encryption software’s. But many of them are not sufficient and effective. Therefore an intrusion detection system (IDS) is required that monitors the network, detects misbehavior or anomalies and notifies other nodes in the network to avoid or punish the misbehaving nodes. Numerous schemes have been proposed for Intrusion Detection and Response Systems, for Ad hoc networks. The ultimate goal of the security solutions for wireless networks is to provide security services, such as authentication, confidentiality, integrity, anonymity, and availability, to mobile users. In this paper, we examine the vulnerabilities of wireless networks and argue that we must include intrusion detection in the security architecture for mobile computing environment. We propose an mIDS (Mobile Intrusion Detection System) suitable for multi-hop ad-hoc wireless networks, which detects nodes misbehavior, anomalies in packet forwarding, such as intermediate nodes dropping or delaying packets. mIDS does rely on overhearing packet transmissions of neighboring nodes. Simple rules are designed to identify the misbehavior nodes. A special node called a monitor node carries out the process of identifying the misbehavior node.

In the context of computer systems, an intrusion is generally considered to be a harmful endeavor to prevent others from legitimate use of that system, to obtain data which is not normally available to the intruder, or to plant data or disrupt data already existent on the machines. Traditionally intrusion detection has relied on two data sources: various log files which record user’s activity, and network traffic which contains potential threats. This research presents a system which we call IDEA; the Intrusion DEtection Automata system. We utilize a third source of data for intrusion detection in the form of an instrumented process. Open source software is recompiled using a modified compiler we have created, and the resulting executable program generates the data as it runs. An external monitoring facility then checks the behavior of the program against known good execution paths. These paths are specified either using a domain specific language and hand-written rules, or by running the software in a learning mode and capturing the normal behavior for later comparison.

This paper presents a unified threat model for assessing threat in web applications. We extend the threat tree model with more semantic and context information about threat to form the new model which is used to analyze and evaluate threat in the software design stage. We utilize historical statistical information contained in this model to design threat mitigation schemes. The threat assessing results and mitigation schemes can be used to direct secure coding and testing. This makes it possible to design threat-resistant web applications by means of detecting and mitigating threat in the early software design stage.

This article focuses on cryptographic Key Management Systems (KMS) for SCADA systems environments. It first gives a generic view on the constraints, requirements and desired technical properties in SCADA contexts. Then, the most widespread solutions are presented, before discussing how they meet such conditions. The work done by different initiatives on this issue is also introduced. Finally, perspectives and research directions are proposed in consequence. The article aims at presenting open issues on the area, to foster discussion and research, according to the authors’ view.

Memory forensics is growing concern. For effective evidence retrieval, it is important to take snapshot timely. With proper modification of guest OS, VMM is powerful tool for timely snapshot. In this paper, we propose an incident-driven memory snapshot for full-virtualized OS using interruptive debugging techniques. We modify debug register handler to invoke snapshot facility of VMM. Software interrupt or signal are generated in register handler. Then, we can take snapshot asynchronously when debug register is changed. On guest OS, we apply three kinds of interruptive debugging techniques: driver supplied callback function, DLL injection. IDT (interruption descriptor table) is modified by driver supplied callback function, which makes it possible to cope with vulnerability exploitation. DLL injection is applied to insert security check function into a resource access function. Proposed system is implemented XEN virtual machine monitor and KVM (Kernel Virtual machine).

This study proposes a pre-deployment key management scheme that requires a few memory capacities and CPU computations to address secure data transmissions in Wireless Sensor Networks (WSNs). The proposed scheme exploits threshold key management mechanisms by Lagrange Interpolation polynomial generating a key set for sensor nodes, and uses symmetric and irreversible cryptography schemes to encrypt transmitted data by the generated keys with Message Authentication Code (MAC). The sensor nodes merely have to aggregate and encrypt received data without complicated cryptography operations. The proposed approach can achieve rapid and efficient secure data transmissions with low communications, and is proper to be implemented on large-scale sensor networks.

Eelectronic device technology has been monopolized by binary system for many years. The circs not only makes it impossible to break through the existing technology bottleneck, but also brings a lot of potential safety problems. Aiming at this question, a new electronic communication technology is presented in this paper. The technology quantifies the time axis and the voltage axis synchronously, uses the quantified time dot as the address of the communication, and realizes the transmission of the multi-system [1] data via transmitting the multi-steps voltage quantification. The technology solves the bottleneck problem of the speed, circuit and electromagnetism in the electronic communication, changes the binary system coding mode and communication connection form of the electronic device, reduces the transmission quantity of the redundant information, advances the security of electronic system and network, debases the complexity of the devices connection, enhances the rate of the processing and the transmission, simplifies the transformation between the difference protocols. The experimental results approve the validity and the robustness of the technology.

Password authentication has been adopted as one of the most commonly used solutions in network environments to protect resources from unauthorized access. Recently, Khan et al. proposed an efficient fingerprint-based remote user authentication scheme with smart cards [15], in which a password/verification table is not required on the remote server, and users are allowed to choose and update their passwords freely. In this paper, we show that their scheme is vulnerable to the parallel session attack. Furthermore, their scheme is susceptible to the impersonation attack provided that the information stored in the smart card is disclosed by an adversary. We also propose an improved scheme which is immune to the presented attacks.

One of the main features of information flow control is to ensure the enforcement of privacy and regulated accessibility. However, most information flow control models that have been proposed do not provide substantial assurance to enforce end-to-end confidentiality policies or they are too restrictive, overprotected, and inflexible. We present a model for discretionary access controls that is in harmony with the object oriented paradigm. The model uses access rights applied to object attributes and methods, thus allowing considerable flexibility without compromising system security by leaking sensitive information. Models based on message filtering intercept every message exchanged among objects to control the flow of information. We present an algorithm which enforces message filtering based on the defined access rights.

Nowadays, technologies of information security have been attached more and more importance to and it's a critical problem to take measures to ensure the reliability of related trustworthy software such as secure operating systems (SOSs). Thereafter, it's always necessary for such systems to be taken complete and rigorous security test and evaluation among development team and/or by third-party security certification organization. However, such software testing is usually time consuming, cost consuming and boresome and thus technologies of software testing automation have alluring application foreground in that field. In this paper, methods and technologies about how to test a SOS automatically are discussed in breadth and in depth at first. Then least privilege is studied and the corresponding modules of security enhancement are added to Linux based on Linux Kernel Modules (LKM). Finally, a prototype of automatic security testing as to such least privilege mechanism is implemented and the results are analyzed.

Privacy of personal information is an area of growing concern and importance. The heart of the conflict is between commercial value and respect for an individual’s right to privacy. This tradeoff is of economic value and the issue of privacy is an economic problem that justifies the emergence of the economics of privacy as an important discipline, combining efforts of regulation, technology, and business efficiency. In this survey paper, we look into work done by eminent researchers on the economic aspects of privacy and privacy’s relationship with people, technology, and regulation.