Biblio

Mobile Ad Hoc Network (MANET) technology provides intercommunication between different nodes where no infrastructure is available for communication. MANET is attracting many researcher attentions as it is cost effective and easy for implementation. Main challenging aspect in MANET is its vulnerability. In MANET nodes are very much vulnerable to attacks along with its data as well as data flowing through these nodes. One of the main reasons of these vulnerabilities is its communication policy which makes nodes interdependent for interaction and data flow. This mutual trust between nodes is exploited by attackers through injecting malicious node or replicating any legitimate node in MANET. One of these attacks is blackhole attack. In this study, the behavior of blackhole attack is discussed and have proposed a lightweight solution for blackhole attack which uses inbuilt functions.

Networking system does not liable on static infrastructure that interconnects various nodes in identical broadcast range dynamically called as Mobile Ad-hoc Network. A Network requires adaptive connectivity due to this data transmission rate increased. In this paper, we designed developed a dynamic cluster head selection to detect gray hole attack in MANETs on the origin of battery power. MANETs has dynamic nodes so we delivered novel way to choose cluster head by self-stabilizing election algorithm followed by MD5 algorithm for security purposes. The Dynamic cluster based intrusion revealing system to detect gray hole attack in MANET. This Architecture enhanced performance in terms of Packet delivery ratio and throughput due to dynamic cluster based IDS, associating results of existing system with proposed system, throughput of network increased, end to end delay and routing overhead less compared with existing system due to gray hole nodes in the MANET. The future work can be prolonged by using security algorithm AES and MD6 and also by including additional node to create large network by comparing multiple routing protocol in MANETs.

Traditional privacy-preserving data disclosure solutions have focused on protecting the privacy of individual's information with the assumption that all aggregate (statistical) information about individuals is safe for disclosure. Such schemes fail to support group privacy where aggregate information about a group of individuals may also be sensitive and users of the published data may have different levels of access privileges entitled to them. We propose the notion ofεg-Group Differential Privacy that protects sensitive information of groups of individuals at various defined privacy levels, enabling data users to obtain the level of access entitled to them. We present a preliminary evaluation of the proposed notion of group privacy through experiments on real association graph data that demonstrate the guarantees on group privacy on the disclosed data.

The main goal of introducing an identity-based cryptosystem and certificateless cryptosystem was avoiding certificates' management costs. In turn, the goal of introducing a certificate-based cryptosystem was to solve the certificate revocation problem. In this paper, we propose a new digital Implicit and Explicit Certificates-Based Hess's Signature (IE-CBHS) scheme that combines the features of a standard public key infrastructure (PKI) and certificate-based cryptosystem. Our IE-CBHS scheme is an efficient certificates-based signature. The security analysis proves that the scheme is secure against two game attacks in the random oracle model. The security is closely related to the difficulty of solving the computational Diffie–Hellman and discrete logarithm problems. The IE-CBHS scheme, when compared with other signature schemes, has similar efficiency and is both more flexible and more useful in practice. It is possible to revoke the explicit certificate and use that fact during digital signature verification. Thus, our scheme is useful in applications where typical mechanisms of standard PKI are used. One of many important security features is resistance to denial of signature verification attack. Also, it is impossible for a trusted authority to recreate a partial private key, even with cooperation with the signer.

Rootkits detecting in the Windows operating system is an important part of information security monitoring and audit system. Methods of hided process detection were analyzed. The software is developed which implements the four methods of hidden process detection in a user mode (PID based method, the descriptor based method, system call based method, opened windows based method) to use in the monitoring and audit systems.

Packet classification is a core function in network and security systems; hence, hardware-based solutions, such as packet classification accelerator chips or Ternary Content Addressable Memory (T-CAM), have been widely adopted for high-performance systems. With the rapid improvement of general hardware architectures and growing popularity of multi-core multi-threaded processors, software-based packet classification algorithms are attracting considerable attention, owing to their high flexibility in satisfying various industrial requirements for security and network systems. For high classification speed, these algorithms internally use large tables, whose size increases exponentially with the ruleset size; consequently, they cannot be used with a large rulesets. To overcome this problem, we propose a new software-based packet classification algorithm that simultaneously supports high scalability and fast classification performance by merging partition decision trees in a search table. While most partitioning-based packet classification algorithms show good scalability at the cost of low classification speed, our algorithm shows very high classification speed, irrespective of the number of rules, with small tables and short table building time. Our test results confirm that the proposed algorithm enables network and security systems to support heavy traffic in the most effective manner.

Improving e-government services by using data more effectively is a major focus globally. It requires Public Administrations to be transparent, accountable and provide trustworthy services that improve citizen confidence. However, despite all the technological advantages on developing such services and analysing security and privacy concerns, the literature does not provide evidence of frameworks and platforms that enable privacy analysis, from multiple perspectives, and take into account citizens' needs with regards to transparency and usage of citizens information. This paper presents the VisiOn (Visual Privacy Management in User Centric Open Requirements) platform, an outcome of a H2020 European Project. Our objective is to enable Public Administrations to analyse privacy and security from different perspectives, including requirements, threats, trust and law compliance. Finally, our platform-supported approach introduces the concept of Privacy Level Agreement (PLA) which allows Public Administrations to customise their privacy policies based on the privacy preferences of each citizen.

The Internet of Things (IoT) era envisions billions of interconnected devices capable of providing new interactions between the physical and digital worlds, offering new range of content and services. At the fundamental level, IoT nodes are physical devices that exist in the real world, consisting of networking, sensor, and processing components. Some application examples include mobile and pervasive computing or sensor nets, and require distributed device deployment that feed information into databases for exploitation. While the data can be centralized, there are advantages, such as system resiliency and security to adopting a decentralized architecture that pushes the computation and storage to the network edge and onto IoT devices. However, these devices tend to be much more limited in computation power than traditional racked servers. This research explores using the Cassandra distributed database on IoT-representative device specifications. Experiments conducted on both virtual machines and Raspberry Pi's to simulate IoT devices, examined latency issues with network compression, processing workloads, and various memory and node configurations in laboratory settings. We demonstrate that distributed databases are feasible on Raspberry Pi's as IoT representative devices and show findings that may help in application design.

Policy design is an important part of software development. As security breaches increase in variety, designing a security policy that addresses all potential breaches becomes a nontrivial task. A complete security policy would specify rules to prevent breaches. Systematically determining which, if any, policy clause has been violated by a reported breach is a means for identifying gaps in a policy. Our research goal is to help analysts measure the gaps between security policies and reported breaches by developing a systematic process based on semantic reasoning. We propose SEMAVER, a framework for determining coverage of breaches by policies via comparison of individual policy clauses and breach descriptions. We represent a security policy as a set of norms. Norms (commitments, authorizations, and prohibitions) describe expected behaviors of users, and formalize who is accountable to whom and for what. A breach corresponds to a norm violation. We develop a semantic similarity metric for pairwise comparison between the norm that represents a policy clause and the norm that has been violated by a reported breach. We use the US Health Insurance Portability and Accountability Act (HIPAA) as a case study. Our investigation of a subset of the breaches reported by the US Department of Health and Human Services (HHS) reveals the gaps between HIPAA and reported breaches, leading to a coverage of 65%. Additionally, our classification of the 1,577 HHS breaches shows that 44% of the breaches are accidental misuses and 56% are malicious misuses. We find that HIPAA's gaps regarding accidental misuses are significantly larger than its gaps regarding malicious misuses.

Explosive naval mines pose a threat to ocean and sea faring vessels, both military and civilian. This work applies deep neural network (DNN) methods to the problem of detecting minelike objects (MLO) on the seafloor in side-scan sonar imagery. We explored how the DNN depth, memory requirements, calculation requirements, and training data distribution affect detection efficacy. A visualization technique (class activation map) was incorporated that aids a user in interpreting the model's behavior. We found that modest DNN model sizes yielded better accuracy (98%) than very simple DNN models (93%) and a support vector machine (78%). The largest DNN models achieved textless;1% efficacy increase at a cost of a 17x increase of trainable parameter count and computation requirements. In contrast to DNNs popularized for many-class image recognition tasks, the models for this task require far fewer computational resources (0.3% of parameters), and are suitable for embedded use within an autonomous unmanned underwater vehicle.

Wireless sensor networks are the most prominent set of recently made sensor nodes. They play a numerous role in many applications like environmental monitoring, agriculture, Structural and industrial monitoring, defense applications. In WSN routing is one of the absolutely requisite techniques. It enhance the network lifetime. This can be gives additional priority and system security by using bio inspired algorithm. The combination of bio inspired algorithms and routing algorithms create a way to easy data transmission and improves network lifetime. We present a new metaheuristic hybrid algorithm namely firefly algorithm with Localizability aided localization routing protocol for encircle monitoring in wireless area. This algorithm entirely covers the wireless sensor area by localization process and clumping the sensor nodes with the use of LAL (Localizability Aided Localization) users can minimize the time latency, packet drop and packet loss compared to traditional methods.

This paper presents our results from identifying anddocumenting false positives generated by static code analysistools. By false positives, we mean a static code analysis toolgenerates a warning message, but the warning message isnot really an error. The goal of our study is to understandthe different kinds of false positives generated so we can (1)automatically determine if an error message is truly indeed a truepositive, and (2) reduce the number of false positives developersand testers must triage. We have used two open-source tools andone commercial tool in our study. The results of our study haveled to 14 core false positive patterns, some of which we haveconfirmed with static code analysis tool developers.

MANETs have been focusing the interest of researchers for several years. The new scenarios where MANETs are being deployed make that several challenging issues remain open: node scalability, energy efficiency, network lifetime, Quality of Service (QoS), network overhead, data privacy and security, and effective routing. This latter is often seen as key since it frequently constrains the performance of the overall network. Location-based routing protocols provide a good solution for scalable MANETs. Although several location-based routing protocols have been proposed, most of them rely on error-free positions. Only few studies have focused so far on how positioning error affects the routing performance; also, most of them consider outdated solutions. This paper is aimed at filling this gap, by studying the impact of the error in the position of the nodes of two location-based routing protocols: DYMOselfwd and AODV-Line. These protocols were selected as they both aim at reducing the routing overhead. Simulations considering different mobility patterns in a dense network were conducted, so that the performance of these protocols can be assessed under ideal (i.e. error-less) and realistic (i.e. with error) conditions. The results show that AODV-Line builds less reliable routes than DYMOselfwd in case of error in the position information, thus increasing the routing overhead.

Power is increasingly the limiting factor in High Performance Computing (HPC) at Exascale and will continue to influence future advancements in supercomputing. Recent processors equipped with on-board hardware counters allow real time monitoring of operating conditions such as energy and temperature, in addition to performance measures such as instructions retired and memory accesses. An experimental memory study presented on modern CPU architectures, Intel Sandybridge and Haswell, identifies a metric, TORo\_core, that detects bandwidth saturation and increased latency. TORo-Core is used to construct a dynamic policy applied at coarse and fine-grained levels to modulate per-core power controls on Haswell machines. The coarse and fine-grained application of dynamic policy shows best energy savings of 32.1% and 19.5% with a 2% slowdown in both cases. On average for six MPI applications, the fine-grained dynamic policy speeds execution by 1% while the coarse-grained application results in a 3% slowdown. Energy savings through frequency reduction not only provide cost advantages, they also reduce resource contention and create additional thermal headroom for non-throttled cores improving performance.

Mobile ad-hoc networks (MANETs) are decentralized and self-organizing communication systems. They have become pervasive in the current technological framework. MANETs have become a vital solution to the services that need flexible establishments, dynamic and wireless connections such as military operations, healthcare systems, vehicular networks, mobile conferences, etc. Hence it is more important to estimate the trustworthiness of moving devices. In this research, we have proposed a model to improve a trusted routing in mobile ad-hoc networks by identifying malicious nodes. The proposed system uses Reinforcement Learning (RL) agent that learns to detect malicious nodes. The work focuses on a MANET with Ad-hoc On-demand Distance Vector (AODV) Protocol. Most of the systems were developed with the assumption of a small network with limited number of neighbours. But with the introduction of reinforcement learning concepts this work tries to minimize those limitations. The main objective of the research is to introduce a new model which has the capability to detect malicious nodes that decrease the performance of a MANET significantly. The malicious behaviour is simulated with black holes that move randomly across the network. After identifying the technology stack and concepts of RL, system design was designed and the implementation was carried out. Then tests were performed and defects and further improvements were identified. The research deliverables concluded that the proposed model arranges for highly accurate and reliable trust improvement by detecting malicious nodes in a dynamic MANET environment.

Although several methods have been proposed for the detection of resampling operations in multimedia signals and the estimation of the resampling factor, the fundamental limits for this forensic task leave open research questions. In this work, we explore the effects that a downsampling operation introduces in the statistics of a 1D signal as a function of the parameters used. We quantify the statistical distance between an original signal and its downsampled version by means of the Kullback-Leibler Divergence (KLD) in case of a wide-sense stationary 1st-order autoregressive signal model. Values of the KLD are derived for different signal parameters, resampling factors and interpolation kernels, thus predicting the achievable hypothesis distinguishability in each case. Our analysis reveals unexpected detectability in case of strong downsampling due to the local correlation structure of the original signal. Moreover, since existing detection methods generally leverage the cyclostationarity of resampled signals, we also address the case where the autocovariance values are estimated directly by means of the sample autocovariance from the signal under investigation. Under the considered assumptions, the Wishart distribution models the sample covariance matrix of a signal segment and the KLD under different hypotheses is derived.

Detection of insider threats relies on monitoring individuals and their interactions with organizational resources. Identification of anomalous insiders typically relies on supervised learning models that use labeled data. However, such labeled data is not easily obtainable. The labeled data that does exist is also limited by current insider threat detection methods and undetected insiders would not be included. These models also inherently assume that the insider threat is not rapidly evolving between model generation and use of the model in detection. Yet there is a large body of research that illustrates that the insider threat changes significantly after some types of precipitating events, such as layoffs, significant restructuring, and plant or facility closure. To capture this temporal evolution of user-system interactions, we use an unsupervised learning framework to evaluate whether potential insider threat events are triggered following precipitating events. The analysis leverages a bipartite graph of user and system interactions. The approach shows a clear correlation between precipitating events and the number of apparent anomalies. The results of our empirical analysis show a clear shift in behaviors after events which have previously been shown to increase insider activity, specifically precipitating events. We argue that this metadata about the level of insider threat behaviors validates the potential of the approach. We apply our method to a dataset that comprises interactions between engineers and software components in an enterprise version control system spanning more than 22 years. We use this unlabeled dataset and automatically detect statistically significant events. We show that there is statistically significant evidence that a subset of users diversify their committing behavior after precipitating events have been announced. Although these findings do not constitute detection of insider threat events per se, they do identify patterns of potentially malicious high-risk insider behavior. They reinforce the idea that insider operations can be motivated by the insiders' environment. Our proposed framework outperforms algorithms based on naive random approaches and algorithms using volume dependent statistics. This graph mining technique has potential for early detection of insider threat behavior in user-system interactions independent of the volume of interactions. The proposed method also enables organizations without a corpus of identified insider threats to train its own anomaly detection system.

In this paper, we present the design of Intelligent Security Lock prototype which acts as a smart electronic/digital door locking system. The design of lock device and software system including app is discussed. The paper presents idea to control the lock using mobile app via Bluetooth. The lock satisfies comprehensive security requirements using state of the art technologies. It provides strong authentication using face recognition on app. It stores records of all lock/unlock operations with date and time. It also provides intrusion detection notification and real time camera surveillance on app. Hence, the lock is a unique combination of various aforementioned security features providing absolute solution to problem of security.