Earticle

The major problem is the absence of effective techniques for network protocol security monitoring, measurement and prediction. This is due to the emerging complex network protocols whose patterns are not readily determined by current tools and methods. Current tools and methods cannot handle the complex topology or patterns of traffic for accurate prediction of network protocol behavior for a wide range of time-scales. This includes the problem of effective data mining and characterization of network protocol topology structures, due to emerging global technologies and multiple protocols that interacting across different network protocol layers. The research develops new efficient techniques for network protocol characterization, monitoring and data measurement. This includes the development of new mechanisms, tools and methods for protocol measurements, characterization and accurate prediction of network protocol behavior in a wide range of network multiple-protocol environments that interact across different network protocol layers. The research presents innovative approaches for effective and efficient management, security, resilience, testing, analysis, design and implementation of network protocols in multiple network environments.

The Common Criteria evaluation and certification is one of the most commonly used process to improve the trust in the security of evaluated products. Nevertheless this methodology has a lot of problems and side-effects that lead to limitations of which the end-user should be aware. The aim of this paper is to develop some of these limits.

A wireless multihop ad hoc network is emerging as an important area for new developments in the ubiquitous network. Although ad hoc network is attractive solution, there are still some challenges in robustness and security issues. In this paper, we have depicted a secure framework for multipath routing in wireless multihop network, which is complete solution for end-to-end security for multpath wireless multihop network. We have analyzed the performance the proposed framework.

This paper deals with an add-on for biometric security systems, especially for the finger-print recognition technology. This added part of such systems is the liveness detection. Our method is based on detection of optical characteristics of the finger surface (skin). The main idea is to detect the movements of papillary lines, but some another optical information could be extracted, what is outlined at the end.

Currently stealth malware is becoming a major threat to the PC computers. Process hiding is the technique commonly used by stealth malware to evade detection by anti-malware scanners. On the defensive side, previous host-based approaches will be defeated once the privileged stealth malware controls a lower reach of the system. The virtual machine (VM) based solutions gain tamper resistance at the cost of losing the OS-level process view. Moreover, existing VM-based approaches cannot introspect the preinstalled OS which is just the protecting concern for PC users. In this paper, we present a new VM-based approach called Libra which accurately reproduces the software environment of the underlying preinstalled OS within the Libra VM and provides an OS-level semantic view of the processes. With our new local-booting technology, Libra VM just boots from the underlying host OS but not a newly installed OS image. Thus, Libra provides a way to detect the existing process-hiding stealth malware in the host OS. In addition, instead of depending on the guest information which is subvertable to the privileged guest malware, Libra adopts a unique technique to implicitly construct the Trusted View of Process List (TVPL) from within the virtualized hardware layer. Our evaluation results with real-world hiding-process rootkits, which are widely used by stealth malware, demonstrate its practicality and effectiveness.

Since the rapid development of the Internet, many advertisers would want to introduce their goods on web sites. For achieving fair network advertisement payment, one of payment systems may need to evaluate the number of visited clients for particular web pages. However, advertisers fear that web servers inflate the number of metering. Also, web servers fear to receive a forged witness from a malicious client. If one of the above situations happened, the payment of network advertisement is unfair. In this paper, we propose a user-efficiency and fair web metering scheme for ubiquitous environments, where clients can use various intelligent devices to obtain their desired services at any time and any place.

In the coming pervasive society, Radio Frequency Identification(RFID) Tags will be affixed within every product and object including human. This technology is anticipated to be a major technology which will be utilized by several pervasive services where these tags will be used to identify various objects. However, the use of RFID tags may create new threats to the security and privacy of individuals holding RFID tags. Therefore, widespread deployment of RFID systems preserving users’ privacy and data integrity is a major security challenge of the coming year. That is why research related to privacy preserving authentication is growing. And the envision is that: RFID systems can intermingle into human lives if they can offer practical, low cost and secured mechanisms for tag authentication which has been in the midst of researcher’s interest for almost a decade. One extension of RFID authentication is RFID tag searching. Any RFID authentication protocol which provides adequate security and privacy can be used for RFID tag searching. However, when the number of tags within a system will increase, the overall data collection cost will also increase. Therefore, more efficient tag searching method is needed. RFID search protocol can play a major role for tag searching which has not been given much attention so far. But we firmly believe that in near future tag searching will be a significant issue. In this paper we propose a lightweight and serverless RFID tag searching protocol. This protocol can search a particular tag efficiently without server’s intervention. Furthermore they are secured against major security threats.

This paper gives an overview of various standard lifecycle development processes. It then provides a roadmap for developing security-critical projects using Rational Unified Process as a framework for development. The Security Quality Requirements Engineering (SQUARE) methodology provides a way to address security issues early in the development lifecycle. SQUARE can be more effective when it fits into an organization’s existing development process. Hence this paper describes a way to fit the SQUARE methodology into the Rational Unified Process.

International software providers have entered China market in recent years. One typical example is MSN. As an indigenous IT products, QQ provides almost the same functions as MSN and competes with MSN for years. Market survey indicates that QQ dominates the local instance message market. Why QQ could win the battle with MSN in China market? In this paper, we investigate the detailed designs of MSN vs. QQ, focusing in particular on their privacy protection. We find that, in general, users’ privacy concern level is low in China. Users show inclination to be connected with strangers in virtual community. They may trade off certain level of privacy protection to gain the chance of visiting by strangers. Moreover, in the position of control could mitigate users’ privacy concern. Indigenous IT products, such as QQ, understand and leverage users’ behavior. By lowering privacy protection and providing various control tools, QQ successfully caters to the need of young generation in China, which is main Internet users in China. Such results shed light on how to survive in China market for international IT product providers.

Intrusion detection is the means to identify the intrusive behaviors and provide useful information to intruded systems to respond fast and to avoid or reduce damages. In recent years, learning machine technology is often used as a detection method in anomaly detection. In this research, we use support vector machine as a learning method for anomaly detection, and use LibSVM as the support vector machine tool. By using this tool, we get rid of numerous and complex operations and do not have to use external tools for finding parameters as needed by using other algorithms such as the genetic algorithm. Experimental results show that high average detection rates and low average false positive rates in anomaly detection are achieved by our proposed approach.

This paper shows the efficiency and the flexibility of the interpretation function-based method [8, 9, 11] through the analysis of some famous cryptographic protocols. In fact, by using the notion of interpretation function, this method gives general and sufficient conditions allowing to guarantee the secrecy property of cryptographic protocols. This result holds under a large class of equational theories, that makes the approach flexible and general. Moreover, the approach does not only help to prove the secrecy property, but also helps a lot to discover protocols weaknesses and to correct them. These advantages are discussed and illustrated by cases study of some protocols that are analyzed in different equational theories.

Personalized Multimedia (PMM) services are the emerging area in multimedia technology. A PMMservice is a multimedia service provided according to the users personal profile which typically includes individual preferences, keeping the technical constraints of mobile device in use and the operating environment. We have proposed in [2], a transaction-based authentication scheme for PMM applications using cognitive agents. The proposed approach dynamically deploys authentication challenges based on mobile transaction sensitivity and users transaction time behaviors. This paper provides performance analysis of the authentication scheme in terms of authentication delay and cost. The performance analysis shows that, there is a considerable reduction in security cost compared to regular session based authentication schemes. By combining transaction based authentication with behavior analysis authentication attacks can be effectively identified.