Cyber Security, Cyber Warfare, and Digital Forensics (CyberSec) - Beirut, Lebanon

---

The 2014 Third International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), was held April 29 2014-May 1 2014 at Beirut, Lebanon.  The twelve papers published from it are cited here.

 

Watney, M., "Challenges Pertaining To Cyber War Under International Law," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.1,5, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913962 State-level intrusion in the cyberspace of another country seriously threatens a state's peace and security. Consequently many types of cyberspace intrusion are being referred to as cyber war with scant regard to the legal position under international law. This is but one of the challenges facing state-level cyber intrusion. The current rules of international law prohibit certain types of intrusion. However, international law does not define which intrusion fall within the prohibited category of intrusion nor when the threshold of intrusion is surpassed. International lawyers have to determine the type of intrusion and threshold on a case-by-case basis. The Tallinn Manual may serve as guideline in this assessment, but determination of the type of intrusion and attribution to a specific state is not easily established. The current rules of international law do not prohibit all intrusion which on statelevel may be highly invasive and destructive. Unrestrained cyber intrusion may result in cyberspace becoming a battle space in which state(s) with strong cyber abilities dominate cyberspace resulting in resentment and fear among other states. The latter may be prevented on an international level by involving all states on an equal and transparent manner in cyberspace governance.

Keywords: law; security of data; Tallinn Manual; cyber war; cyberspace governance; cyberspace intrusion; international law; legal position; state-level cyber intrusion; Computer crime; Cyberspace; Force; Law; Manuals; Cyber war; Estonia; Stuxnet; challenges; cyberspace governance; cyberspace state-level intrusion; international law (ID#: 14-3392)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913962&isnumber=6913961

 

Holm, E.; Mackenzie, G., "The Importance Of Mandatory Data Breach Notification To Identity Crime," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.6,11, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913963 The relationship between data breaches and identity crime has been scarcely explored in current literature. However, there is an important relationship between the misuse of personal identification information and identity crime as the former is in many respects the catalyst for the latter. Data breaches are one of the ways in which this personal identification information is obtained by identity criminals, and thereby any response to data breaches is likely to impact the incidence of identity crime. Initiatives around data breach notification have become increasingly prevalent and are now seen in many State legislatures in the United States and overseas. The Australian Government is currently in the process of introducing mandatory data breach notification laws. This paper explores the introduction of mandatory data breach notification in Australia, and lessons learned from the experience in the US, particularly noting the link between data breaches and identity crime. The paper proposes that through the introduction of such laws, identity crimes are likely to be reduced.

Keywords: {computer crime; law; Australia; US; identity crime; mandatory data breach notification laws; personal identification information; Australia; Data privacy; Educational institutions; Government; Law; Privacy; Security; data breaches; identity crime; mandatory breach reporting; privacy (ID#: 14-3393)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913963&isnumber=6913961

 

Mohamed, I.A.; Bt Abdul Manaf, A., "An enhancement of traceability model based-on scenario for digital forensic investigation process," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.12,15, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913964 Digital forensic investigation process is about identifying and tracing the cause of the incident, whereby traceability is very important process during the investigation by searching for the evidence. However, the traceability model of digital forensic investigation process is enhanced based on scenario with proven literature and justification.

Keywords: digital forensics; program diagnostics; digital forensic investigation process; incident cause identification; incident cause tracing; traceability model based-on scenario enhancement; Adaptation models; Computational modeling; Conferences; Digital forensics; Educational institutions; Materials; Safety; Evidence; Forensic; Scenario; traceability (ID#: 14-3394)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913964&isnumber=6913961

 

Geepalla, E., "Comparison Between Alloy and Timed Automata for Modelling And Analysing Of Access Control Specifications," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.16,21, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913965 This paper presents a comparative study between Alloy and Timed Automata for modelling and analysing of access control specifications. In particular, this paper compares Alloy and Timed Automata for modelling and analysing of Access Control specifications in the context of Spatio-Temporal Role Based Access Control (STRBAC) from capability and performance points of view. To conduct the comparison study the same case study (SECURE bank system) is specified using Alloy and Timed Automata. In order to transform the specification of the Secure Bank system into Alloy and Timed Automata this paper makes use of our earlier methods AC2Alloy and AC2Uppaal respectively. The paper then identifies the most important advantages and disadvantages of Alloy and Timed Automata for modelling and analysing of access control specifications.

Keywords: authorisation; automata theory; bank data processing; directed graphs; formal specification;AC2Alloy method;AC2Uppaal method; SECURE bank system; STRBAC; access control specification analysis ;access control specification modelling; directed graph; spatio-temporal role based access control; timed automata; Access control; Analytical models; Automata; Clocks; Computational modeling; Metals; Object oriented modeling (ID#: 14-3395)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913965&isnumber=6913961

 

Yusoff, M.N.; Mahmod, R.; Dehghantanha, A.; Abdullah, M.T., "An Approach For Forensic Investigation in Firefox OS," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.22,26, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913966 The advancement of smartphone technology has attracted many companies in developing mobile operating system. Mozilla Corporation recently released Linux-based open source operating system, named Firefox OS. The emergence of Firefox OS has created new challenges, concentrations and opportunities for digital investigators. In general, Firefox OS is designed to allow smartphones to communicate directly with HTML5 applications using JavaScript and newly introduced WebAPI. However, the used of JavaScript in HTML5 applications and solely no OS restriction might lead to security issues and potential exploits. Therefore, forensic analysis for Firefox OS is urgently needed in order to investigate any criminal intentions. This paper will present an approach and methodology in forensically sound manner for Firefox OS.

Keywords: Internet; Java; Linux; application program interfaces; digital forensics; hypermedia markup languages; mobile computing; public domain software; smart phones; Firefox OS; HTML5 applications; JavaScript; Linux-based open source operating system; Mozilla Corporation; OS restriction; WebAPI; criminal intentions; digital investigation; forensic analysis; forensic investigation; mobile operating system; potential exploits; security issues; smartphone technology; Forensics; Google; Mobile communication; Operating systems; Security; Smart phones; Firefox OS; Forensic Method; Mobile forensics; digital investigation (ID#: 14-3396)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913966&isnumber=6913961

 

Yusoff, M.N.; Mahmod, R.; Abdullah, M.T.; Dehghantanha, A., "Mobile Forensic Data Acquisition in Firefox OS," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.27,31, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913967 Mozilla Corporation has recently released a Linux-based open source operating system, namely Firefox OS. The arrival of this Firefox OS has created new challenges, concentrations and opportunities for digital investigators. Currently, Firefox OS is still not fully supported by most of the existing mobile forensic tools. Even when the phone is detected as Android, only pictures from removable card was able to be captured. Furthermore, the internal data acquisition is still not working. Therefore, there are very huge opportunities to explore the Firefox OS on every stages of mobile forensic procedures. This paper will present an approach for mobile forensic data acquisition in a forensically sound manner from a Firefox OS running device. This approach will largely use the UNIX dd command to create a forensic image from the Firefox OS running device.

Keywords: Linux; data acquisition; image forensics; mobile computing; public domain software; Android phone; Firefox OS; Linux-based open source operating system; Mozilla Corporation ;UNIX dd command; digital investigators; forensic image; internal data acquisition; mobile forensic data acquisition; Data acquisition; Flash memories; Forensics; GSM; Mobile communication; Smart phones; Firefox OS; Mobile forensic; data acquisition (ID#: 14-3397)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913967&isnumber=6913961

 

Rjaibi, N.; Gannouni, N.; Ben Arfa, L.; Ben Aissa, A., "Modeling the Propagation Of Security Threats: An E-Learning Case Study," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on , vol., no., pp.32,37, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913968 In this paper, we propose a novel linear model for modeling the propagation of security threats among the system's architectural components which is the Threats Propagation model (TP). Our model is based on the Mean Failure Cost cyber-security model (MFC) and applied to an e-learning system. The Threats propagation model (TP) enables to show if a threat can propagate to other e-learning systems components. Then, it provides an efficient diagnostic about the most critical threats in order to make the best decision and to establish the suitable countermeasures to avoid them. Our proposed model is useful to implement a safe and secure e-learning environment.

 keywords: {computer aided instruction; security of data; MFC;e-learning system; linear model; mean failure cost cyber-security model; secure e-learning environment; security threat propagation modeling; system architectural components; Analytical models; Electronic learning; Malware; Servers; Shape; Vectors; Countermeasures; Critical security threats; E-learning; The Mean Failure Cost; Threats propagation model (ID#: 14-3398)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913968&isnumber=6913961

 

Hassan, Z.Z.; Elgarf, T.A.; Zekry, A., "Modifying Authentication Techniques In Mobile Communication Systems," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.38,44, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913969 Milenage algorithm applies the block cipher Rijnadael (AES) with 128 bit key and 128 bit block size. This algorithm is used in the 3GPP authentication and key generation functions (f1, f1*, f2, f3, f4, f5 and f5*) for mobile communication systems (GSM/UMTS/LTE). In this paper a modification of Milenage algorithm is proposed through a dynamic change of S-box in AES depending on secret key. To get a new secret key for every authentication process we add the random number (RAND) transmitted from the authentication center (AUC) to the contents of the fixed stored secret key (Ki) and thus the initialization of the AES will be different each new authentication process. For every change in secret key a new S-box is derived from the standard one by permuting its rows and columns with the help of a new designed PN sequence generator. A complete simulation of modified Milenage and PN sequence generator is done using Microcontroller (PIC18F452). Security analysis is applied using Avalanche test to compare between the original and modified Milenage. Tests proved that the modified algorithm is more secure than the original one due to the dynamic behavior of S-box with every change of the secret key and immunity against linear and differential cryptanalysis using Avalanche tests. This makes the modified Milenage more suitable for the applications of authentication techniques specially for mobile communication systems.

 Keywords: 3G mobile communication; cryptography; microcontrollers; telecommunication security; 3GPP authentication function; AES;AUC;GSM system; Global System for Mobile Communication; LTE system; Long-Term Evolution; Milenage algorithm;PIC18F452 microcontroller; RAND; Rijnadael block cipher; UMTS system; Universal Mobile Telecommunication System; advanced encryption standard; authentication center; authentication techniques; avalanche test; key generation function; mobile communication system; random number; secret key; security analysis; Authentication; Ciphers; Generators; Heuristic algorithms; Long Term Evolution; Mobile communication; Vectors; AES; Authentication vector (AV); Dynamic S-BOX and PN Sequence Generator(LFSR); F1∗; F2; F3; F4; F5; F5∗); Modified MILENAGE Algorithm for AKA Functions (F1} (ID#: 14-3399)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913969&isnumber=6913961

 

Jasim Mohammad, O.K.; Abbas, S.; El-Horbaty, E.-S.M.; Salem, A.-B.M., "Statistical Analysis For Random Bits Generation On Quantum Key Distribution," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.45,51, April 29 2014-May 1 2014

doi: 10.1109/CyberSec.2014.6913970 Recently, Quantum cryptography researchers utilize the quantum keys, in order to provide a more trusted environment for both key distribution and management processes. The quantum keys are generated based on quantum mechanics phenomena. However, all events for the quantum key generation rely on exchanging photons between parties over limited distances. So, in this paper, random tests algorithms, such as NIST and DIEHARD, are implemented to test and evaluate the randomness rates for quantum keys generation. After then, the initialized vector, which is the seed of the symmetric encryption algorithms, is established based on specific analysis to be a key for the algorithms. The paper utilizes the (BB84) quantum key distribution (QKD) protocol based on two different innovated modes, the raw and privacy modes.

Keywords: cryptographic protocols; quantum cryptography; statistical analysis; DIEHARD algorithm; NIST algorithm; QKD protocol; key distribution process; key management process; privacy mode; quantum cryptography; quantum key distribution; quantum mechanics phenomenon; random bits generation; random tests algorithm; raw mode; statistical analysis; Algorithm design and analysis ;Encryption; NIST; Photonics; Privacy; Protocols; binary distribution; cryptographic analysis; pseudo random number; quantum key distribution; random number generator; statistical test (ID#: 14-3400)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913970&isnumber=6913961

 

Kebande, V.R.; Venter, H.S., "A Cognitive Approach For Botnet Detection Using Artificial Immune System In The Cloud," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.52,57, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913971 The advent of cloud computing has given a provision for both good and malicious opportunities. Virtualization itself as a component of Cloud computing, has provided users with an immediate way of accessing limitless resource infrastructures. Botnets have evolved to be the most dangerous group of remote-operated zombie computers given the open cloud environment. They happen to be the dark side of computing due to the ability to run illegal activities through remote installations, attacks and propagations through exploiting vulnerabilities. The problem that this paper addresses is that botnet technology is advancing each day and detection in the cloud is becoming hard. In this paper, therefore, the authors' presents an approach for detecting an infection of a robot network in the cloud environment. The authors proposed a detection mechanism using Artificial Immune System (AIS). The results show that this research is significant.

Keywords: artificial immune systems; cloud computing; invasive software; virtualisation; AIS; artificial immune system; botnet detection; cloud computing; cognitive approach; directed graph network; resource infrastructure access; virtualization; Cloud computing; Computers; Detectors; Immune system; Monitoring; Pattern matching; Artificial immune system; Botnet; Cloud; Detection; Negative selection (ID#: 14-3401)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913971&isnumber=6913961

 

El Zouka, H.A.; Hosni, M.M., "On the Power Of Quantum Cryptography And computers," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.58,63, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913972 It is well known that threats and attacks to information on the digital network environment are growing rapidly, putting extra pressure on individuals and businesses to protect their privacy and intellectual property. For this reason, many cryptographic security protocols have been developed over the past decades in an attempt to protect the privacy between communicating parties and to reduce the risk of malicious attacks. However, most of the cryptographic algorithms developed so far are based on mathematical models and suffer from many security defects, such as: a brute force attack, factorization problem, and many others. Thus, most of these proposed cryptographic systems are not proven to be completely secure against the main threats of modern networking technologies and computing systems. In this paper, a security framework model for quantum cryptography system which is based on the physical properties of light particles is proposed and all security requirements to assist in ensuring confidentiality between communicating parties are incorporated. The research work in this paper is based on a series of experiments which have been advocated recently by some agencies and researchers who used the quantum technology as a more effective method for solving the key distribution problem. The results of the proposed method is demonstrated and validated by experimental results.

Keywords: cryptographic protocols; data privacy; quantum cryptography; brute force attack; communicating parties; computers; computing systems; cryptographic algorithms; cryptographic security protocols; cryptographic systems; digital network environment; factorization problem; intellectual property; key distribution problem; malicious attacks; mathematical models; modern networking technologies; privacy; putting extra pressure; quantum cryptography system; quantum technology; security defects; security framework model; security requirements; Ciphers; Encryption; Optical fibers; Photonics; Public key; Cryptanalysis; Cryptography; Quantum Key Distribution; Quantum Technology; Security Protocols (ID#: 14-3402)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913972&isnumber=6913961

 

Kaddour, M.; Tmazirte, N.A.; El-Najjar, M.E.; Naja, Z.; Moubayed, N., "Autonomous Integrity Monitoring For GNSS Localization Using Informational Approach And Iono-Free Measurements," Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2014 Third International Conference on, pp.64,69, April 29 2014-May 1 2014. doi: 10.1109/CyberSec.2014.6913973 The Receiver Autonomous Integrity Monitoring (RAIM) is used to improve positioning system safety. This paper proposes a new RAIM approach to detect and exclude multi-faults of GNSS measurements before position estimation. The new approach uses the information filter for position estimation and information test to faults diagnosis. This test is based on exponential convergence of the information filter measured using the mutual information. Results with real data of GNSS measurements (C/A code and L1 phase) show the benefits of the proposed approach in improving the GNSS receiver integrity positioning.

Keywords: Global Positioning System; estimation theory; fault diagnosis; radio receivers; radiotelemetry; C-A code; GNSS localization; GNSS measurement;L1 phase; RAIM approach; autonomous integrity monitoring; fault diagnosis; informational approach; ionofree measurement; multifault detection; mutual information; position estimation; positioning system safety; receiver autonomous integrity monitoring approach; Global Positioning System; Information filters; Mutual information; phase measurement; Pollution measurement; Receivers; Satellites; GNNS localization; Information Filter; Information theory; Mutual Information (ID#: 14-3403)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6913973&isnumber=6913961

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Information Assurance and Cyber Security (CIACS) - Pakistan

---

2014 Conference on Information Assurance and Cyber Security (CIACS) was held 12-13 June 2014 at Rawalpindi, Pakistan.  Sponsored by the Department of Information Security (IS Department) at Military College of Signals, NUST, Pakistan,  CIACS is a forum of academic and professional research, the conference includes 5 regular papers and 5 short papers that have been selected through double blind review process from a total of 65 high quality technical paper submissions, thereby having an acceptance rate of about 7.69% for regular papers and 15.38% for short papers. The papers collected in these proceedings cover topics like Authentication and Access Control, Botnets, Cryptography and Cryptanalysis, Data Security and Privacy, Digital Signatures, Information Hiding, Key Management, Secure Programming, Cloud Security, Computer Security, Database Security, Distributed Systems Security, Internet Security, Operating Systems Security, Physical Security, Social Networks Security, Web Services Security, Wireless Networks Security, Cyber Crime and Social Implications, Cyber Laws, Information Security Auditing and Management, Information Security Strategy, Security Standards and Best Practices, Cloud Forensics, Computer Emergency Response Team (CERT), Digital Forensics, Ethical Hacking, Future of Information Security, Incident Response, Malware Detection and Analysis, Penetration Testing and Vulnerability Assessment.

 

Zahid, A.; Masood, R.; Shibli, M.A., "Security of Sharded Nosql Databases: A Comparative Analysis," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp.1, 8, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861323 NoSQL databases are easy to scale-out because of their flexible schema and support for BASE (Basically Available, Soft State and Eventually Consistent) properties. The process of scaling-out in most of these databases is supported by sharding which is considered as the key feature in providing faster reads and writes to the database. However, securing the data sharded over various servers is a challenging problem because of the data being distributedly processed and transmitted over the unsecured network. Though, extensive research has been performed on NoSQL sharding mechanisms but no specific criterion has been defined to analyze the security of sharded architecture. This paper proposes an assessment criterion comprising various security features for the analysis of sharded NoSQL databases. It presents a detailed view of the security features offered by NoSQL databases and analyzes them with respect to proposed assessment criteria. The presented analysis helps various organizations in the selection of appropriate and reliable database in accordance with their preferences and security requirements.

Keywords: SQL; security of data; BASE; NoSQL sharding mechanisms; assessment criterion ;security features; sharded NoSQL databases; Access control; Authentication; Distributed databases; Encryption; Servers; Comparative Analysis; Data and Applications Security; Database Security; NoSQL; Sharding  (ID#: 14-3382)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861323&isnumber=6861314

 

Sajjad, S.M.; Yousaf, M., "Security Analysis of IEEE 802.15.4 MAC in the Context of Internet of Things (IoT)," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp.9,14, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861324 A paradigm in which household substances around us with embedded computational competences and capable of producing and distributing information is referred to as Internet of Things (IoT). IEEE 802.15.4 presents power efficient MAC layer for Internet of Things (IoT). For the preservation of privacy and security, Internet of Things (IoT) needs stern security mechanism so as to stop mischievous communication inside the IoT structure. For this purpose security weaknesses of the MAC protocol of IEEE 802.15.4 and their most important attacks have to be examined. Also security charter of IEEE 802.15.4 is to be analyzed in order to ascertain their limitations with regard to Internet of Things (IoT). Various ranges of attacks taking place in the Contention Free Period (CFP) in addition to Contention Access Period (CAP) of the super-frame structure needs to be explored and discussed. In view of the shortlisted weaknesses we would be arriving at the conclusion that the IEEE 802.15.4 security charter may be harmonized in accordance with the requirements of the Internet of Things. The missing functionalities may be incorporated in the upper layers of Internet of Things (IoT) Architecture.

Keywords: {Internet of Things; Zigbee; access protocols; computer network security; CAP; CFP; IEEE 802.15.4 MAC protocol; IEEE 802.15.4 security charter; Internet of Things; IoT; contention access period; contention free period; security mechanism; IEEE 802.15 Standards; Internet of Things; Payloads; Protocols; Radiation detectors; Security; Synchronization; IEEE 802.15.4;Internet of Things; IoT IETF Standardization; IoT Protocol Stack; Security (ID#: 14-3383)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861324&isnumber=6861314

 

Mahmood, A.; Akbar, A.H., "Threats in End To End Commercial Deployments Of Wireless Sensor Networks And Their Cross Layer Solution," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp.15,22, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861325 Commercial Wireless Sensor Networks (WSNs) can be accessed through sensor web portals. However, associated security implications and threats to the 1) users/subscribers 2) investors and 3) third party operators regarding sensor web portals are not seen in completeness, rather the contemporary work handles them in parts. In this paper, we discuss different kind of security attacks and vulnerabilities at different layers to the users, investors including Wireless Sensor Network Service Providers (WSNSPs) and WSN itself in relation with the two well-known documents i.e., “Department of Homeland Security” (DHS) and “Department of Defense (DOD)”, as these are standard security documents till date. Further we propose a comprehensive cross layer security solution in the light of guidelines given in the aforementioned documents that is minimalist in implementation and achieves the purported security goals.

Keywords: {telecommunication security; wireless sensor networks; Department of Defense; Department of Homeland Security; WSNSP; cross layer security solution; cross layer solution; end to end commercial deployments; security attacks; security goals; sensor web portals; standard security documents; wireless sensor network service providers; Availability; Mobile communication; Portals; Security; Web servers; Wireless sensor networks; Wireless sensor network; attacks; commercial; security; sensor portal; threats; web services (ID#: 14-3384)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861325&isnumber=6861314

 

Waqas, A.; Yusof, Z.M.; Shah, A.; Khan, M.A., "ReSA: Architecture for Resources Sharing Between Clouds," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp.23, 28, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861326 Cloud computing has emerged as paradigm for hosting and delivering services over the Internet. It is evolved as a key computing platform for delivering on-demand resources that include infrastructures, software, applications, and business processes. Mostly, clouds are deployed in a way that they are often isolated from each other. These implementations cause lacking of resources collaboration between different clouds. For example, cloud consumer requests some resource and that is not available at that point in time. Client satisfaction is important for business as denying the client may be expensive in many ways. To fulfill the client request, the cloud may ask the requested resource from some other cloud. In this research paper we aim to propose a trust worthy architecture named ReSA (Resource Sharing Architecture) for sharing on-demand resources between different clouds that may be managed under same or different rules, policies and management.

Keywords: cloud computing; resource allocation; security of data; software architecture; Internet; ReSA; Resource Sharing Architecture; client request; client satisfaction; cloud computing; resources collaboration; service delivery; service hosting; trust worthy architecture; Cloud computing; Computational modeling; Computer architecture; Resource management; Software as a service; Standards organizations; cloud architecture; cloud computing; federated clouds; resource collaboration; resource management (ID#: 14-3385)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861326&isnumber=6861314

 

Arshad, A.; Kundi, D.-e.-S.; Aziz, A., "Compact Implementation of SHA3-512 on FPGA," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp. 29, 33, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861327 In this work we present a compact design of newly selected Secure Hash Algorithm (SHA-3) on Xilinx Field Programable Gate Array (FPGA) device Virtex-5. The design is logically optimized for area efficiency by merging Rho, Pi and Chi steps of algorithm into single step. By logically merging these three steps we save 16 % logical resources for overall implementation. It in turn reduced latency and enhanced maximum operating frequency of design. It utilizes only 240 Slices and has frequency of 301.02 MHz. Comparing the results of our design with the previously reported FPGA implementations of SHA3-512, our design shows the best throughput per slice (TPS) ratio of 30.1.

Keywords: cryptography; field programmable gate arrays; logic design; Chi step; FPGA; Pi step; Rho step;SHA3-512;TPS;Virtex-5;Xilinx field programable gate array device; area efficiency; compact implementation; cryptographic hash function; latency reduction; maximum operating frequency enhancement; secure hash algorithm; throughput-per-slice ratio; Algorithm design and analysis; Arrays; Clocks; Field programmable gate arrays; Hardware; Signal processing algorithms;Throughput;Cryptography;FPGA;SHA3;Security; Xilinx (ID#: 14-3386)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861327&isnumber=6861314

 

Chattha, N.A., "NFC — Vulnerabilities and Defense," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp.35,38, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861328 Near Field Communication (NFC) has been in use for quite some time by many users in mobile devices. Its use is increasing by the rapid increase in the availability of the NFC enabled devices in the market. It enables data transfer by bringing the two devices in close proximity, about 3-5 inches. It is designed for integration with mobile phones, which can communicate with other phones (peer-to-peer) or read information on tags and cards (reader). An NFC device can also be put in card emulation mode, to offer compatibility with other contactless smart card standards. This enables NFC enabled smart-phones to replace traditional contactless plastic cards used in public transport ticketing, access control, ATMs and other similar applications. NFC is a new and innovative technology with futuristic uses, but technology comes at a price both in terms of financial effects as well as the maintenance costs. The most pertinent concern would be that how much vulnerable the new technology is. There had already been instances where the security of NFC has been put to questions. It is vulnerable to numerous kinds of attacks. This research paper will list down the basic working principles of NFC, the protocols involved, vulnerabilities reported so far and possible countermeasures against the weaknesses.

Keywords: near-field communication; protocols; radiofrequency identification; smart cards; smart phones; telecommunication security; NFC enabled devices; NFC enabled smart-phones; NFC security; card emulation mode; contactless smart card standards; data transfer; mobile devices; mobile phones; near field communication; protocols; radio frequency identification; Emulation; Mobile handsets; Peer-to-peer computing; Protocols; Radio frequency; Radiofrequency identification; Security; NFC; NFC security; Near Field Communication; RFID; Radio Frequency Identification (ID#: 14-3387)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861328&isnumber=6861314

 

Javid, T.; Riaz, T.; Rasheed, A., "A Layer2 Firewall For Software Defined Network," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp.39,42, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861329 The software defined networking is an emerging three layer architecture which defines data, control, and application planes. Data and control planes implement forwarding and routing functions, respectively. Application plane contains communicating processes. This paper presents a layer2 fire-wall implementation using an example tree topology with one controller, three switches, and four hosts. Our implementation uses POX controller at control plane of the architecture. The modified code successfully controlled flow of packets between hosts according to firewall rules.

Keywords: firewalls; POX controller; example tree topology; forwarding function; layer2 firewall implementation; routing function; software defined networking; three layer architecture; Computer architecture; Control systems ;Firewalls (computing); Flowcharts; Network topology; Ports (Computers);Topology; Firewall; Mininet; OpenFlow; POX; SDN (ID#: 14-3388)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861329&isnumber=6861314

 

Durrani, A., "Analysis and Prevention Of Vulnerabilities In Cloud Applications," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp.43, 46, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861330 Cloud computing has emerged as the single most talked about technology of recent times. Its aim, to provide agile information technology solutions and infrastructure is the primary reason for its popularity. It enables the organizations to ensure that their resources are utilized efficiently, development process is enhanced and investments or costs incurred to buy technological resources are reduced. At the same time Cloud computing is being scrutinized in the security world due to the various vulnerabilities and threats that it poses to the user data or resources. This paper highlights the vulnerabilities that exist in applications available on the cloud and aims to make an analysis of different types of security holes found in these applications by using open source vulnerability assessment tools. It identifies the security requirements pertinent to these applications and makes an assessment whether these requirements were met by them by testing two of these applications using the vulnerability tools. It also provides remedial measures for the security holes found in these applications and enables the user to select a secure provider for themselves while at the same time enabling the cloud provider to improve their services and find a competitive edge in the market.

Keywords: cloud computing; security of data; agile information technology solutions; cloud applications; cloud computing; development process enhancement; open source vulnerability assessment tools; resource utilization; security holes; security requirements; vulnerability analysis; vulnerability prevention; Cloud computing; Electronic mail; Encryption; Linux; Organizations; Servers; Kali Linux; Vega; Vmware; cloud computing; degaussing; deployment models; multi client environment (ID#: 14-3389)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861330&isnumber=6861314

 

Butt, M.I.A., "BIOS Integrity and Advanced Persistent Threat," Information Assurance and Cyber Security (CIACS), 2014 Conference on, pp.47,50, 12-13 June 2014. doi: 10.1109/CIACS.2014.6861331 Basic Input Output System (BIOS) is the most important component of a computer system by virtue of its role i.e., it holds the code which is executed at the time of startup. It is considered as the trusted computing base, and its integrity is extremely important for smooth functioning of the system. On the contrary, BIOS of new computer systems (servers, laptops, desktops, network devices, and other embedded systems) can be easily upgraded using a flash or capsule mechanism which can add new vulnerabilities either through malicious code, or by accidental incidents, and deliberate attack. The recent attack on Iranian Nuclear Power Plant (Stuxnet) [1:2] is an example of advanced persistent attack. This attack vector adds a new dimension into the information security (IS) spectrum, which needs to be guarded by implementing a holistic approach employed at enterprise level. Malicious BIOS upgrades can also cause denial of service, stealing of information or addition of new backdoors which can be exploited by attackers for causing business loss, passive eaves dropping or total destruction of system without knowledge of user. To address this challenge a capability for verification of BIOS integrity needs to be developed and due diligence must be observed for proactive resolution of the issue. This paper explains the BIOS Integrity threats and presents a prevention strategy for effective and proactive resolution.

Keywords: {computer network security; data integrity; firmware; trusted computing; BIOS integrity; Iranian Nuclear Power Plant; Stuxnet; advanced persistent threat; basic input output system; information security spectrum; roots of trust; Biological system modeling; Hardware; Organizations; Security; Servers; Vectors; Advanced Persistent Threat (APT); BIOS Integrity Measurement; Original Equipment Manufacturer (OEM);Roots of Trust (RoTs);Trusted Computing (ID#: 14-3390)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861331&isnumber=6861314

 

Ullah, R.; Nizamuddin; Umar, A.I.; ul Amin, N., "Blind signcryption scheme based on elliptic curves," Information Assurance and Cyber Security (CIACS), 2014 Conference on , vol., no., pp.51,54, 12-13 June 2014

doi: 10.1109/CIACS.2014.6861332

Abstract: In this paper blind signcryption using elliptic curves cryptosystem is presented. It satisfies the functionalities of Confidentiality, Message Integrity, Unforgeability, Signer Non-repudiation, Message Unlink-ability, Sender anonymity and Forward Secrecy. The proposed scheme has low computation and communication overhead as compared to existing blind Signcryption schemes and best suited for mobile phone voting and m-commerce.

 keywords: {public key cryptography; blind signcryption scheme; communication overhead; confidentiality; elliptic curves cryptosystem; forward secrecy; m-commerce; message integrity; message unlink-ability; mobile phone voting; sender anonymity; signer nonrepudiation; unforgeability; Digital signatures; Elliptic curve cryptography; Elliptic curves; Equations; Mobile handsets; Anonymity; Blind Signature; Blind Signcryption; Elliptic curves; Signcryption}, (ID#: 14-3391)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6861332&isnumber=6861314

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Information Security for South Africa

---

The conference on Information Security for South Africa (ISSA), 2014, was held 13-14 August 2014 at Johannesburg, South Africa.  The 2014 conference was held under the auspices of the University of Johannesburg Academy for Computer Science and Software Engineering, the University of South Africa School of Computing and the University of Pretoria Department of Computer Science.  The works cited here are more technical and general in nature and do not include many excellent papers focused on the unique issues of South Africa.

 

Valjarevic, Aleksandar; Venter, Hein S.; Ingles, Melissa, "Towards a Prototype For Guidance And Implementation Of A Standardized Digital Forensic Investigation Process," Information Security for South Africa (ISSA), 2014, pp.1,8, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950488 Performing a digital forensic investigation requires a standardized and formalized process to be followed. There currently is neither an international standard formalizing such process nor does a global, harmonized digital forensic investigation process exist. Further, there exists no application that would guide a digital forensic investigator to efficiently implement such a process. This paper proposes the implementation of such a prototype in order to cater for this need. A comprehensive and harmonized digital forensic investigation process model has been proposed by the authors in their previous work and this model is used as a basis of the prototype. The prototype is in the form of a software application which would have two main functionalities. The first functionality would be to act as an expert system that can be used for guidance and training of novice investigators. The second functionality would be to enable reliable logging of all actions taken within the processes proposed in a comprehensive and harmonized digital forensic investigation process model. Ultimately, the latter functionality would enable the validation of use of a proper process. The benefits of such prototype include possible improvement in efficiency and effectiveness of an investigation due to the fact that clear guidelines will be provided when following the process for the course of the investigation. Another benefit includes easier training of novice investigators. The last, and possibly most important benefit, includes that higher admissibility of digital evidence as well as results and conclusions of digital forensic investigations will be possible due to the fact that it will be easier to show that the correct standardized process was followed.

Keywords: Analytical models; Cryptography; Irrigation; ISO/IEC 27043; digital forensic investigation process model; digital forensics; harmonization; implementation prototype  standardization (ID#: 14-3404)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950488&isnumber=6950479

 

Trenwith, Philip M.; Venter, Hein S., "A Digital Forensic Model For Providing Better Data Provenance In The Cloud," Information Security for South Africa (ISSA), 2014, pp.1,6, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950489 The cloud has made digital forensic investigations exceedingly difficult due to the fact that data may be spread over an ever-changing set of hosts and data centres. The normal search and seizure approach that digital forensic investigators tend to follow does not scale well in the cloud because it is difficult to identify the physical devices that data resides on. In addition, the location of these devices is often unknown or unreachable. A solution to identifying the physical device can be found in data provenance. Similar to the tags included in an email header, indicating where the email originated, a tag added to data, as it is passed on by nodes in the cloud, identifies where the data came from. If such a trace can be provided for data in the cloud it may ease the investigating process by indicating where the data can be found. In this research the authors propose a model that aims to identify the physical location of data, both where it originated and where it has been as it passes through the cloud. This is done through the use of data provenance. The data provenance records will provide digital investigators with a clear record of where the data has been and where it can be found in the cloud.

Keywords: Cloud computing; Computational modeling; Computers; Digital forensics; Open systems; Protocols; Servers; Cloud Computing; Digital Forensic Investigation; Digital Forensics; annotations; bilinear pairing technique; chain of custody; data provenance (ID#: 14-3405)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950489&isnumber=6950479

 

Mpofu, Nkosinathi; van Staden, Wynand JC, "A Survey Of Trust Issues Constraining The Growth Of Identity Management-as-a-Service(IdMaaS)," Information Security for South Africa (ISSA), 2014, pp.1,6, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950490 Identity management-as-a-service (IdMaaS) is a cloud computing service where the identity management function is moved to the cloud, streamlining the responsibilities of the computing or IT departments of organisations. IdMaaS's attractiveness leans on reduced cost of ownership, least to no capital investment, scalability, self-service, location independence and rapid deployment, however, its growth has been impeded by issues most of which are related to security, privacy and trust. Most organisations view identities as passports to key computing resources (hardware, software and data) as such they view identity management as a core IT function which must remain within the perimeter of sphere of control. This paper primarily aims to discuss IdMaaS and highlight the major trust issues in current existing cloud computing environments affecting the growth of IdMaaS by describing IdMaaS and surveying the trust issues that pose threats to its growth. Highlighting the trust issues hampering the growth of IdMaaS will lay a foundation for subsequent research efforts directed at addressing trust issues and therefore enhancing the growth of IdMaaS. Consequently the growth of IdMaaS will open up a new entrepreneurial avenue for service providers, at the same time enabling IdMaaS consumers to realise the benefits which come along with cloud computing. In future, we will analyse and evaluate the extent of impact posed by each trust issue to IdMaaS.

Keywords: Authentication; Authorization; Availability; Cloud computing; identity management; identity management-as- as-service; trust (ID#: 14-3406)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950490&isnumber=6950479

 

Mumba, Emilio Raymond; Venter, H.S., "Mobile Forensics Using The Harmonised Digital Forensic Investigation Process," Information Security for South Africa (ISSA), 2014pp. 1, 10, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950491 Mobile technology is among the fastest developing technologies that have changed the way we live our daily lives. Over the past few years, mobile devices have become the most popular form of communication around the world. However, bundled together with the good and advanced capabilities of the mobile technology, mobile devices can also be used to perform various activities that may be of malicious intent or criminal in nature. This makes mobile devices a valuable source of digital evidence. For this reason, the technological evolution of mobile devices has raised the need to develop standardised investigation process models and procedures within the field of digital forensics. This need further supports the fact that forensic examiners and investigators face challenges when performing data acquisition in a forensically sound manner from mobile devices. This paper, therefore, aims at testing the harmonised digital forensic investigation process through a case study of a mobile forensic investigation. More specifically, an experiment was conducted that aims at testing the performance of the harmonised digital forensic investigation process (HDFIP) as stipulated in the ISO/IEC 27043 draft international standard through the extraction of potential digital evidence from mobile devices.

Keywords: ISO standards; Performance evaluation; Harmonised Digital Forensic Investigation Process (HDFIP); ISO/IEC 27043;mobile device; mobile forensics (ID#: 14-3407)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950491&isnumber=6950479

 

Schnarz, Pierre; Fischer, Clemens; Wietzke, Joachim; Stengel, Ingo, "On a Domain Block Based Mechanism To Mitigate Dos Attacks On Shared Caches In Asymmetric Multiprocessing Multi Operating Systems," Information Security for South Africa (ISSA), 2014, pp.1, 8, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950494 Asymmetric multiprocessing (AMP) based multi-OSs are going to be established in future to enable parallel execution of different functionalities while fulfilling requirements for real-time, reliability, trustworthiness and security. Especially for in-car multimedia systems, also known as In-Vehicle Infotainment (IVI) systems, the composition of different OS-types onto a system-on-chip (SoC) offers a wide variety of advantages in embedded system development. However, the asymmetric paradigm, which implies the division and assignment of every hardware resource to OS-domains, is not applicable to every part of a system-on-chip (SoC). Caches are often shared between multiple processors on multi processor SoCs (MP-SoC). According to their association to the main memory, OSs running on the processor cores are naturally vulnerable to DoS attacks. An adversary who has compromised one of the OS-domains is able to attack an arbitrary memory location of a co-OS-domain. This introduces performance degradations on victim's memory accesses. In this work a method is proposed which prohibits the surface for interference, introduced by the association of cache and main memory. Therefore, the contribution of this article is twofold. It introduces an attack vector, by deriving an algorithm from the cache way associativity, to affect the co-OSs running on the same platform. Using this vector it is shown that the mapping of contiguous memory blocks intensifies the effect. Subsequently, a memory mapping method is proposed which mitigates the interference effects of cache coherence. The approach is evaluated by a proof-of-concept implementation, which illustrates the performance impact of the attack and the countermeasure, respectively. The method enables a more reliable implementation of AMP-based multi-OSs on MP-SoCs using shared caches without the need to modify the hardware layout.

Keywords: Computer architecture; Computer crime; Hardware; Interference; Program processors; System-on-chip; Vectors (ID#: 14-3408)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950494&isnumber=6950479

 

Wrench, Peter M.; Irwin, Barry V.W., "Towards a Sandbox For The Deobfuscation And Dissection of PHP Malware," Information Security for South Africa (ISSA), 2014, pp. 1, 8, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950504 The creation and proliferation of PHP-based Remote Access Trojans (or web shells) used in both the compromise and post exploitation of web platforms has fuelled research into automated methods of dissecting and analysing these shells. Current malware tools disguise themselves by making use of obfuscation techniques designed to frustrate any efforts to dissect or reverse engineer the code. Advanced code engineering can even cause malware to behave differently if it detects that it is not running on the system for which it was originally targeted. To combat these defensive techniques, this paper presents a sandbox-based environment that aims to accurately mimic a vulnerable host and is capable of semi-automatic semantic dissection and syntactic deobfuscation of PHP code.

Keywords: Arrays; Databases; Decoding; Malware; Process control; Semantics; Software; Code deobfuscation; Reverse engineering; Sandboxing (ID#: 14-3409)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950504&isnumber=6950479

 

Ophoff, Jacques; Robinson, Mark, "Exploring End-User Smartphone Security Awareness Within A South African Context," Information Security for South Africa (ISSA), 2014, pp.1, 7, 13-14 Aug. 2014

doi: 10.1109/ISSA.2014.6950500 International research has shown that users are complacent when it comes to smartphone security behaviour. This is contradictory, as users perceive data stored on the ‘smart’ devices to be private and worth protecting. Traditionally less attention is paid to human factors compared to technical security controls (such as firewalls and antivirus), but there is a crucial need to analyse human aspects as technology alone cannot deliver complete security solutions. Increasing a user's knowledge can improve compliance with good security practices, but for trainers and educators to create meaningful security awareness materials they must have a thorough understanding of users' existing behaviours, misconceptions and general attitude towards smartphone security.

Keywords: Androids; Context; Humanoid robots; Portable computers; Security; Awareness and Training in Security; Mobile Computing Security; Smartphone (ID#: 14-3410)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950500&isnumber=6950479

 

Hauger, Werner K.; Olivier, Martin S., "The Role Of Triggers In Database Forensics," Information Security for South Africa (ISSA), 2014, pp.1, 7, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950506 An aspect of database forensics that has not received much attention in the academic research community yet is the presence of database triggers. Database triggers and their implementations have not yet been thoroughly analysed to establish what possible impact they could have on digital forensic analysis methods and processes. Conventional database triggers are defined to perform automatic actions based on changes in the database. These changes can be on the data level or the data definition level. Digital forensic investigators might thus feel that database triggers do not have an impact on their work. They are simply interrogating the data and metadata without making any changes. This paper attempts to establish if the presence of triggers in a database could potentially disrupt, manipulate or even thwart forensic investigations. The database triggers as defined in the SQL standard were studied together with a number of database trigger implementations. This was done in order to establish what aspects might have an impact on digital forensic analysis. It is demonstrated in this paper that some of the current database forensic analysis methods are impacted by the possible presence of certain types of triggers in a database. Furthermore, it finds that the forensic interpretation and attribution processes should be extended to include the handling and analysis of database triggers if they are present in a database.

Keywords: Databases; Dictionaries; Forensics; Irrigation; Monitoring; Reliability; database forensics; database triggers; digital forensic analysis; methods; processes (ID#: 14-3411)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950506&isnumber=6950479

 

Savola, Reijo M.; Kylanpaa, Markku, "Security Objectives, Controls And Metrics Development For An Android Smartphone Application," Information Security for South Africa (ISSA), 2014, pp.1, 8, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950501 Security in Android smartphone platforms deployed in public safety and security mobile networks is a remarkable challenge. We analyse the security objectives and controls for these systems based on an industrial risk analysis. The target system of the investigation is an Android platform utilized for public safety and security mobile network. We analyse how a security decision making regarding this target system can be supported by effective and efficient security metrics. In addition, we describe implementation details of security controls for authorization and integrity objectives of a demonstration of the target system.

Keywords: Authorization; Libraries; Monitoring; Android; risk analysis; security effectiveness; security metrics; security objectives (ID#: 14-3412)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950501&isnumber=6950479

 

Haffejee, Jameel; Irwin, Barry, "Testing Antivirus Engines To Determine Their Effectiveness As A Security Layer," Information Security for South Africa (ISSA), 2014, pp.1, 6, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950496 This research has been undertaken to empirically test the assumption that it is trivial to bypass an antivirus application and to gauge the effectiveness of antivirus engines when faced with a number of known evasion techniques. A known malicious binary was combined with evasion techniques and deployed against several antivirus engines to test their detection ability. The research also documents the process of setting up an environment for testing antivirus engines as well as building the evasion techniques used in the tests. This environment facilitated the empirical testing that was needed to determine if the assumption that antivirus security controls could easily be bypassed. The results of the empirical tests are also presented in this research and demonstrate that it is indeed within reason that an attacker can evade multiple antivirus engines without much effort. As such while an antivirus application is useful for protecting against known threats, it does not work as effectively against unknown threats.

Keywords: Companies; Cryptography; Engines; Malware; Payloads; Testing; Antivirus; Defense; Malware (ID#: 14-3413)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950496&isnumber=6950479

 

van Staden, Wynand JC, "An Investigation Into Reducing Third Party Privacy Breaches During The Investigation Of Cybercrime," Information Security for South Africa (ISSA), 2014, pp.1,6, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950503 In this article we continue previous work in which a framework for preventing or limiting a privacy breach of a third party during the investigation of cybercrime. The investigations may be conducted internally (by the enterprise), or externally (by a third party, or a law enforcement agency) depending on the jurisdiction and context of the case. In many cases, an enterprise will conduct an internal investigation against some allegation of wrongdoing by an employee, or a client. In these cases maintaining the privacy promise made to other clients or customers is an ideal that the enterprise may wish to honour, especially if the image or brand of the enterprise may be impacted when the details of the process followed during the investigation becomes clear. The article reports on the results of the implementation of the privacy breach detection - it also includes lessons learned, and proposes further steps for refining the breach detection techniques and methods for future digital forensic investigation.

Keywords: Business; Context; Digital forensics; Electronic mail; Indexes; Postal services; Privacy; Cybercrime; Digital Forensics; Privacy; Privacy Breach; Third Party Privacy (ID#: 14-3414)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950503&isnumber=6950479

 

Mirza, Abdul; Senekane, Makhamisa; Petruccione, Francesco; van Niekerk, Brett, "Suitability of Quantum Cryptography For National Facilities," Information Security for South Africa (ISSA), 2014, pp.1, 7, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950513 Quantum cryptography, or more accurately Quantum Key Distribution (QKD), provides a secure mechanism to exchange encryption keys which can detect potential eavesdroppers. However, this is a relatively new technology in terms of implementation, and there are some concerns over possible attacks. This paper describes QKD and provides an overview of the implementations in South Africa. From this, a basic vulnerability assessment is performed to determine the suitability of QKD for use in critical national facilities. While there are vulnerabilities, some of these can be easily mitigated through proper design and planning. The implementation of QKD as an additional layer to the encryption process may serve to improve the security between national key points.

Keywords: Cryptography; Educational institutions; Quantum mechanics; TV; critical infrastructure protection; quantum cryptography; quantum key distribution; vulnerability assessment (ID#: 14-3415)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950513&isnumber=6950479

 

du Plessis, Warren P., "Software-Defined Radio (SDR) As A Mechanism For Exploring Cyber-Electronic Warfare (EW) Collaboration," Information Security for South Africa (ISSA), 2014, pp.1,6, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950516 Cyber is concerned with networks of systems in all their possible forms. Electronic warfare (EW) is focused on the many different uses of the electromagnetic spectrum (EMS). Given that many networks make use of the EMS (wireless networks), there is clearly large scope for collaboration between the cyber-warfare and EW communities. Unfortunately, such collaboration is complicated by the significant differences between these two realms. Software-defined radio (SDR) systems are based on interfaces between the EMS and computers and thus offer tremendous potential for encouraging cyber-EW collaboration. The concept of SDR is reviewed along with some hardware and software SDR systems. These are then used to propose a number of projects where SDR systems allow collaboration between the cyber and EW realms to achieve effects which neither realm could achieve alone.

Keywords: Bandwidth; Collaboration; Computers; Hardware; Protocols; Software; Standards; Electronic warfare (EW); cyber; electromagnetic spectrum (EMS); software-defined radio (SDR) (ID#: 14-3416)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950516&isnumber=6950479

 

Tekeni, Luzuko; Thomson, Kerry-Lynn; Botha, Reinhardt A., "Concerns Regarding Service Authorization By IP Address Using Eduroam," Information Security for South Africa (ISSA), 2014, pp.1,6, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950495 Eduroam is a secure WLAN roaming service between academic and research institutions around the globe. It allows users from participating institutions secure Internet access at any other participating visited institution using their home credentials. The authentication credentials are verified by the home institution, while authorization is done by the visited institution. The user receives an IP address in the range of the visited institution, and accesses the Internet through the firewall and proxy servers of the visited institution. However, access granted to services that authorize via an IP address of the visited institution may include access to services that are not allowed at the home institution, due to legal agreements. This paper looks at typical legal agreements with service providers and explores the risks and countermeasures that need to be considered when using eduroam.

Keywords: IEEE Xplore; Servers; Authorization; IP-Based; Service Level Agreement; eduroam (ID#: 14-3417)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950495&isnumber=6950479

 

Mouton, Francois; Malan, Mercia M.; Leenen, Louise; Venter, H.S., "Social Engineering Attack Framework," Information Security for South Africa (ISSA), 2014, pp.1,9, 13-14 Aug. 2014. doi: 10.1109/ISSA.2014.6950510 The field of information security is a fast growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and the human element is thus a weak link. A social engineering attack targets this weakness by using various manipulation techniques in order to elicit sensitive information. The field of social engineering is still in its infancy stages with regards to formal definitions and attack frameworks. This paper proposes a social engineering attack framework based on Kevin Mitnick's social engineering attack cycle. The attack framework addresses shortcomings of Mitnick's social engineering attack cycle and focuses on every step of the social engineering attack from determining the goal of an attack up to the successful conclusion of the attack. The authors use a previously proposed social engineering attack ontological model which provides a formal definition for a social engineering attack. The ontological model contains all the components of a social engineering attack and the social engineering attack framework presented in this paper is able to represent temporal data such as flow and time. Furthermore, this paper demonstrates how historical social engineering attacks can be mapped to the social engineering attack framework. By combining the ontological model and the attack framework, one is able to generate social engineering attack scenarios and to map historical social engineering attacks to a standardised format. Scenario generation and analysis of previous attacks are useful for the development of awareness, training purposes and the development of countermeasures against social engineering attacks.

Keywords: Ash; Buildings; Data models; Electronic mail; Information security; Vectors; Bidirectional Communication; Indirect Communication; Mitnick's Attack Cycle; Ontological Model; Social Engineering; Social Engineering Attack; Social Engineering Attack Framework; Unidirectional Communication (ID#: 14-3418)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6950510&isnumber=6950479

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---

Signal Propagation and Computer Technology (ICSPCT) - India

---

The 2014 International Conference on Signal Propagation and Computer Technology (ICSPCT) was held 12-13 July 2014 at Ajmer, India.  The technical program of IEEE ICSPCT 2014 consists of 21 Session’s: 13 Signal Propagation, 9 Computer Technology, and 2 Engineering Professionals. The organizers received more than 650 paper submissions from 10 countries, of which 155 papers were accepted.  The Science of Security-related papers are cited here.

 

Prakash, G.L.; Prateek, M.; Singh, I., "Data Encryption And Decryption Algorithms Using Key Rotations For Data Security In Cloud System," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on , vol., no., pp.624,629, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884895 Outsourcing the data in cloud computing is exponentially generating to scale up the hardware and software resources. How to protect the outsourced sensitive data as a service is becomes a major data security challenge in cloud computing. To address these data security challenges, we propose an efficient data encryption to encrypt sensitive data before sending to the cloud server. This exploits the block level data encryption using 256 bit symmetric key with rotation. In addition, data users can reconstruct the requested data from cloud server using shared secret key. We analyze the privacy protection of outsourced data using experiment is carried out on the repository of text files with variable size. The security and performance analysis shows that the proposed method is highly efficient than existing methods performance.

Keywords: {cloud computing; cryptography; data protection; outsourcing; block level data encryption; cloud computing; cloud server; data decryption algorithms; data outsourcing; data security; hardware resources; key rotations; performance analysis; privacy protection; shared secret key; software resources; text files; variable size; Algorithm design and analysis; Computational modeling; Encoding; Encryption; Servers; Software; Data Block; Decryption; Encryption; Key Rotation; Outsource; Security (ID#: 14-3366)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884895&isnumber=6884878

 

Duhan, N.; Saneja, B., "A Two Tier Defense Against SQL Injection," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.415,420, 12-13 July 2014

doi: 10.1109/ICSPCT.2014.6884906 In recent years with increase in ubiquity and popularity of web based applications, information systems are frequently migrated to the web, which will jeopardize security and privacy of the users. One of the most easiest and hazardous security attacks confronted by these systems is SQL injection attacks (SQLIAs). SQL injection attack is a method that can insert any malevolent query into the original query statement. In this paper, we demonstrate an efficient approach for Securing Web Application from SQL injection, which incorporates the combination of client side validation and identity based cryptography. To affirm the technique we examine it on some prototype web applications generated by web developer tools which ensure that our approach is secure and efficient and also hypothesis testing is done to validate the results.

Keywords: Internet; SQL; client-server systems; cryptography; data privacy; SQL injection attacks; Web based applications; Web developer tools; client side validation; hazardous security attacks; identity based cryptography; information systems; malevolent query; original query statement; two-tier defense; user privacy; user security; Cryptography; Educational institutions; IP networks ;Information filters; Libraries; Injection attack; SQL Injection; SQL Query; SQLIAs; Web application (ID#: 14-3367)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884906&isnumber=6884878

 

Chatterjee, S.; Gupta, A.K.; Mahor, V.K.; Sarmah, T., "An Efficient Fine Grained Access Control Scheme Based On Attributes For Enterprise Class Applications," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.273,278, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884907 Fine-grained access control is used to assign unique access privilege to a particular user for accessing any particular enterprise class application for which he/she is authorized. The existing mechanisms for restricting access of users to resources are mostly static and not fine grained. Those are not well-suited for the enterprise class applications where information access is dynamic and ad-hoc in nature. As a result, we need to design an effective fine grained access as well as authorization control scheme to control access to objects by evaluating rules against the set of attributes given both for the users and application objects. In this paper, we propose a new fine grained access and authorization control scheme based on attributes which is suitable for large enterprise class applications. The strengths of our proposed scheme based on attributes are that it provides fine grained access control with its authorization architecture and policy formulation based on attribute based access tree. In comparison with the role based access control (RBAC) approach, in this scenario there is no need to explicitly define any roles. Here, based on user access tree any user can get access to any particular application with full granularity.

Keywords: authorisation; business data processing; RBAC; attribute based access tree; authorization architecture; authorization control scheme; efficient fine grained access control scheme; enterprise class applications; policy formulation; role based access control; unique access privilege; user access tree; Cryptography; Logic gates; Safety (ID#: 14-3368)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884907&isnumber=6884878

 

Sanadhya, S.; Agrawal, N.; Singh, S., "Pheromone Base Swarm Approach For Detecting Articulation User Node In Social Networking," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.461,465, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884910 Modern world is living in the `aeon' of virtual community, where people connect to each other through any kind of relationship. Social networking is platform where people share emotions, activities, area of interest etc. Communities in social network are deployed in user nodes with connecting people, it may seem that there is some user which is common among many communities. These user node is a kind of `social articulation points (SAP)' which is like a bridge between communities. In this paper with the help of `ant colony optimization' (ACO) we are proposing `pheromone based swarm approach for articulation user' (PSAP) to find articulation user point in a social network. ACO is meta-heuristic which helps to solve combinational problems such as TSP, Graph color, job shop Network routing, machine learning etc. Hence social networking may be a new platform with ant colony optimization, to solve complex task in social phenomena.

Keywords: {ant colony optimisation; combinatorial mathematics; social sciences; ACO; PSAP; SAP; TSP; ant colony optimization; articulation user node detection; combinational problems ;graph color; job shop network routing; machine learning; meta-heuristic; pheromone base swarm approach; social articulation points; social networking; social phenomena; user nodes; virtual community; Cities and towns; Context; Instruments; Signal processing algorithms; ACO; SAP; Swarm-Intelligence; user rank matrices (ID#: 14-3369)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884910&isnumber=6884878

 

Singh, B.; Singh, D.; Singh, G.; Sharma, N.; Sibbal, V., "Motion Detection For Video Surveillance," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.578,584, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884919 Motion detection is one of the key techniques for automatic video analysis to extract crucial information from scenes in video surveillance systems. This paper presents a new algorithm for MOtion DEtection (MODE) which is independent of illumination variations, bootstrapping, dynamic variations and noise problems. MODE is pixel based non-parametric method which requires only one frame to construct the model. The foreground/background detection starts from second frame onwards. It employs new object tracking method which detects and remove ghost objects rapidly while preserving abandon objects from decomposing into background. The algorithm is tested on public available video datasets consisting of challenging scenarios by using only one set of parameters and proved to outperform other state-of-art motion detection techniques.

Keywords: feature extraction; motion estimation; object tracking; video surveillance; MODE; automatic video analysis; bootstrapping; dynamic variations; foreground-background detection; illumination variations; information extraction; motion detection; noise problems; object tracking method; state-of-art motion detection techniques; video datasets; video surveillance systems; Computational modeling; Training; Uncertainty; Background Subtraction; Background modelling; Motion Detection; Video Surveillance (ID#: 14-3370)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884919&isnumber=6884878

 

Mewara, B.; Bairwa, S.; Gajrani, J., "Browser's Defenses Against Reflected Cross-Site Scripting Attacks," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on , vol., no., pp.662,667, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884928 Due to the frequent usage of online web applications for various day-to-day activities, web applications are becoming most suitable target for attackers. Cross-Site Scripting also known as XSS attack, one of the most prominent defacing web based attack which can lead to compromise of whole browser rather than just the actual web application, from which attack has originated. Securing web applications using server side solutions is not profitable as developers are not necessarily security aware. Therefore, browser vendors have tried to evolve client side filters to defend against these attacks. This paper shows that even the foremost prevailing XSS filters deployed by latest versions of most widely used web browsers do not provide appropriate defense. We evaluate three browsers - Internet Explorer 11, Google Chrome 32, and Mozilla Firefox 27 for reflected XSS attack against different type of vulnerabilities. We find that none of above is completely able to defend against all possible type of reflected XSS vulnerabilities. Further, we evaluate Firefox after installing an add-on named XSS-Me, which is widely used for testing the reflected XSS vulnerabilities. Experimental results show that this client side solution can shield against greater percentage of vulnerabilities than other browsers. It is witnessed to be more propitious if this add-on is integrated inside the browser instead being enforced as an extension.

Keywords: online front-ends; security of data; Google Chrome 32;Internet Explorer 11; Mozilla Firefox 27;Web based attack; Web browsers; XSS attack; XSS filters; XSS-Me; online Web applications; reflected cross-site scripting attacks; Browsers; Security; Thyristors; JavaScript; Reflected XSS;XSS-Me; attacker; bypass; exploit; filter (ID#: 14-3371)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884928&isnumber=6884878

 

Sinha, R.; Uppal, D.; Singh, D.; Rathi, R., "Clickjacking: Existing Defenses And Some Novel Approaches," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.396,401, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884934 With the growth of information technology, World Wide Web is experiencing a rapid increase in online social networks' users. A serious threat to the integrity of these users' data which has come into picture these days is Clickjacking. Many server side and client side defense mechanisms are available for clickjacking but many attackers are still exploiting popular online social networks like Facebook and Twitter so that a user clicks on a spam link and it leads to unwanted posts flooding on his Facebook wall, from which arises the need of a powerful methodology at tester, host and user levels to assuage clickjacking. This paper aims at discussing various tools, techniques and methods available to detect, prevent or reduce clickjacking attacks along with the extent of usefulness and shortcoming of each approach. Later, we have summarized the results and provided an analysis of what needs to be done in the field of web security to encounter and remove clickjacking from the host as well as the developer side. Lastly, we have tested and suggested on how clickjacking defenses can be improved at server side and during development.

Keywords: security of data; social networking (online);Facebook; Twitter; Web security; World Wide Web; clickjacking; information technology; online social networks; spam link; user data integrity; Browsers; Clickjacking; aspect oriented programming; framebusting; iframe; likejacking; user interface randomization; user interface redressing (ID#: 14-3372)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884934&isnumber=6884878

 

Vamsi, P.R.; Kant, K., "Sybil Attack Detection Using Sequential Hypothesis Testing in Wireless Sensor Networks," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.698,702, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884945 Sybil attack poses a serious threat to geographic routing. In this attack, a malicious node attempts to broadcast incorrect location information, identity and secret key information. A Sybil node can tamper its neighboring nodes for the purpose of converting them as malicious. As the amount of Sybil nodes increase in the network, the network traffic will seriously affect and the data packets will never reach to their destinations. To address this problem, researchers have proposed several schemes to detect Sybil attacks. However, most of these schemes assume costly setup such as the use of relay nodes or use of expensive devices and expensive encryption methods to verify the location information. In this paper, the authors present a method to detect Sybil attacks using Sequential Hypothesis Testing. The proposed method has been examined using a Greedy Perimeter Stateless Routing (GPSR) protocol with analysis and simulation. The simulation results demonstrate that the proposed method is robust against detecting Sybil attacks.

Keywords: {network theory (graphs);routing protocols; statistical testing; telecommunication security; wireless sensor networks; GPSR protocol; Sybil attack detection; encryption methods; geographic routing ;greedy perimeter stateless routing; location information; malicious node; network traffic; sequential hypothesis testing; wireless sensor networks; Acoustics; Actuators; Bandwidth; IEEE 802.11 Standards; Optimization; Robustness; Wireless sensor networks; Sequential hypothesis testing; Sybil attack; geographic routing; wireless sensor networks (ID#: 14-3373)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884945&isnumber=6884878

 

Agarwal, A.K.; Srivastava, D.K., "Ancient Kaṭapayādi System Sanskrit Encryption Technique Unified," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.279,282, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884947 Computers today, generate enormous amount of data/information with each moment passing by. With the production of such huge amount of information comes its indispensable part of information security. Encryption Algorithms today drastically increase the file size. Hence the secure transmission of data requires extra bandwidth. Here in this paper we propose a system AKS - SETU, which is also the abbreviation to the title of this paper. Using the ancient technique of encryption from Sanskrit, AKS - SETU not only encrypts the information but also attempts on decreasing of the file size. AKS - SETU performs Sanskrit encryption, which we propose to be termed as Sanscryption.

Keywords: cryptography; natural language processing; AKS-SETU; Sanscryption; ancient Kaṭapaya̅di system Sanskrit encryption technique unified; encryption algorithms; file size; information security; secure data transmission; Barium; Cryptography; Electronic publishing; Encyclopedias; Internet; Encryption; Information security; Kaṭpayādi system; Sanscryption; Sanskrit (ID#: 14-3374)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884947&isnumber=6884878

 

Kulkarni, P.; Kulkarni, S.; Mulange, S.; Dand, A.; Cheeran, A.N., "Speech Recognition Using Wavelet Packets, Neural Networks and Support Vector Machines," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.451,455, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884949 This research article presents two different methods for extracting features for speech recognition. Based on the time-frequency, multi-resolution property of wavelet transform, the input speech signal is decomposed into various frequency channels. In the first method, the energies of the different levels obtained after applying wavelet packet decomposition instead of Discrete Fourier Transforms in the classical Mel-Frequency Cepstral Coefficients (MFCC) procedure, make the feature set. These feature sets are compared to the results from MFCC. And in the second method, a feature set is obtained by concatenating different levels, which carry significant information, obtained after wavelet packet decomposition of the signal. The feature extraction from the wavelet transform of the original signals adds more speech features from the approximation and detail components of these signals which assist in achieving higher identification rates. For feature matching Artificial Neural Networks (ANN) and Support Vector Machines (SVM) are used as classifiers. Experimental results show that the proposed methods improve the recognition rates.

Keywords: feature extraction; neural nets; speech recognition; support vector machines; time-frequency analysis; wavelet transforms; ANN;MFCC procedure; SVM; artificial neural networks; feature extraction; frequency channels; input speech signal decomposition; mel-frequency cepstral coefficients; multiresolution property; speech recognition; support vector machines; time-frequency property; wavelet packet decomposition; wavelet packets; wavelet transform; Artificial neural networks; Mel frequency cepstral coefficient; Speech recognition; Time-frequency analysis; Artificial Neural Networks; Feature Extraction; Support Vector Machines; Wavelet Packet Transform (ID#: 14-3375)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884949&isnumber=6884878

 

Gupta, M.K.; Govil, M.C.; Singh, G., "An Approach To Minimize False Positive In SQLI Vulnerabilities Detection Techniques Through Data Mining," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.407,410, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884962 Dependence on web applications is increasing very rapidly in recent time for social communications, health problem, financial transaction and many other purposes. Unfortunately, the presence of security weaknesses in web applications allows malicious user's to exploit various security vulnerabilities and become the reason of their failure. Currently, SQL Injection (SQLI) attacks exploit most dangerous security vulnerabilities in various popular web applications i.e. eBay, Google, Facebook, Twitter etc. Research on taint based vulnerability detection has been quite intensive in the past decade. However, these techniques are not free from false positive and false negative results. In this paper, we propose an approach to minimize false positive in SQLI vulnerability detection techniques using data mining concepts. We have implemented a prototype tool for PHP, MySQL technologies and evaluated it on six real world applications and NIST Benchmarks. Our evaluation and comparison results show that proposed technique detects SQLI vulnerabilities with low percentage of false positives.

Keywords: Internet; SQL; data mining; security of data; social networking (online);software reliability; Facebook; Google; MySQL technology; PHP; SQL injection attack; SQLI vulnerability detection techniques; Twitter; data mining; eBay; false positive minimization; financial transaction; health problem; social communications; taint based vulnerability detection; Computers; Software; SQLI attack; SQLI vulnerability; false positive; input validation; sanitization; taint analysis (ID#: 14-3376)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884962&isnumber=6884878

 

Singh, A.K.; Kumar, A.; Nandi, G.C.; Chakroborty, P., "Expression Invariant Fragmented Face Recognition," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp. 184, 189, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884987 Fragmented face recognition suggests a new way to recognize human faces with most discriminative facial components such as: Eyes, Nose and Mouth. An experimental study has been performed on 360 different subjects which confirms that more than 80% features of the full face lies within these fragmented components. The framework intends to process each component independently in order to find its corresponding match score. Final score is obtained by calculating weighted majority voting (WMV) of each component matched score. Three different feature extraction techniques like Eigenfaces, Fisher-faces and Scale Invariant Feature Transform (SIFT) are applied on full faces and fragmented face database (ORL Dataset). It has been observed from the classification accuracy that the strength of local features (SIFT) leads to achieve an encouraging recognition rate for fragmented components whereas the global features (Eigenfaces, Fisherfaces) increases misclassification error rate. This selection of optimal subset of face minimizes the comparison time and it also retains the correct classification rate irrespective of changing in facial expression. A standard Japanese Female facial expression dataset (JAFFE) has been used to investigate the major impact on Fragmented feature components. we have obtained a promising classification accuracy of 98.7% with this proposed technique.

Keywords: face recognition; feature extraction; image classification; transforms; visual databases; Fisher-faces; JAFFE; ORL dataset; SIFT; WMV; classification accuracy; discriminative facial components; eigenfaces; expression invariant fragmented face recognition; eyes; feature extraction techniques; fragmented face database; global features; local features; mouth; nose; scale invariant feature transform; standard Japanese female facial expression dataset; weighted majority voting; Databases; Mouth; Nose; Principal component analysis; EigenFaces; Face Recognition; Facial Landmark Localization; FisherFaces; Scale Invariant Feature Transformation; Weighted Majority Voting (ID#: 14-3377)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884987&isnumber=6884878

 

Pandey, A.; Srivastava, S., "An Approach For Virtual Machine Image Security," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.616,623, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6884997 Cloud security being the main hindrance in adoption of cloud computing has some most vulnerable security concerns as: virtualization, data and storage. Here, to provide virtualization security, the components of virtualization (such as hypervisors, virtual machines, and virtual machine images) must be secured using some improvised security mechanisms. Amongst all components, Virtual machine images (VM images) are considered to be the fundamental of whole cloud security. Hence must be secured from every possible attack. In this paper, a security protocol is proposed to mainly protect the VM images from two of the possible attacks. One is the channel attack like man-in-the-middle attack (MITM attack) and second is the attack by a malicious executing environment. It is using a concept of symmetric key's component distribution providing an integrity based confidentiality and self-protection. This protection is based on an encapsulated mobile agent. Here one key component is generated and distributed in a secure manner and the other key component is derived by host platform itself using its own available resource configuration information. In order to verify the validity of this approach in overcoming different kind of security attacks, BAN logic based formal representation is presented.

Keywords: cloud computing; data protection; image processing; protocols; virtual machines; BAN logic based formal representation; MITM attack; VM images; channel attack; cloud computing; cloud security; encapsulated mobile agent; hypervisors; integrity based confidentiality; malicious executing environment; man-in-the-middle attack; resource configuration information; security attacks; security protocol; self-protection; symmetric key component distribution; virtual machine image security; virtualization security; Elasticity; Home appliances; Operating systems; Servers; Virtualization; BAN logic; cloud computing; mobile agent; self-protection approach; virtual machine image security (ID#: 14-3378)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6884997&isnumber=6884878

 

Sharma, M.; Chaudhary, A.; Mathuria, M.; Chaudhary, S.; Kumar, S., "An Efficient Approach For Privacy Preserving In Data Mining," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.244,249, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6885001 In many organizations large amount of data are collected. These data are sometimes used by the organizations for data mining tasks. However, the data collected may contain private or sensitive information which should be protected. Privacy protection is an important issue if we release data for the mining or sharing purpose. Privacy preserving data mining techniques allow publishing data for the mining purpose while at the same time preserve the private information of the individuals. Many techniques have been proposed for privacy preservation but they suffer from various types of attacks and information loss. In this paper we proposed an efficient approach for privacy preservation in data mining. Our technique protects the sensitive data with less information loss which increase data usability and also prevent the sensitive data for various types of attack. Data can also be reconstructed using our proposed technique.

Keywords: data mining; data protection; data mining; data usability; information loss; privacy preservation; privacy protection; sensitive data protection; Cancer; Cryptography; Databases; Human immunodeficiency virus; Irrigation; Data mining; K- anonymity; Privacy preserving; Quasi-identifier; Randomization; Sensitive data (ID#: 14-3379)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6885001&isnumber=6884878

 

Nandy, A.; Pathak, A.; Chakraborty, P.; Nandi, G.C., "Gait Identification Using Component Based Gait Energy Image Analysis," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.380,385, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6885005 In the modern era of computer vision technology, gait biometric trait increases the proliferation of human identification in video surveillance situation. This paper intends to discuss the robustness of gait identification irrespective of small fluctuation in subject's walking pattern. The Gait Energy Image (GEI) is computed on silhouette gait sequences obtained from OU-ISIR standard gait database. The advantage of working with GEI is to preserve the shape and motion information into a single averaged gait image with fewer dimensions. The three independent components such as head node, body torso and leg region are separated from subject's GEI in accordance to body segment ratio. The local biometric feature has been computed from the shape centroid to the boundary points of each segment. The normality testing of feature for each region of GEI body frame ascertains the discriminative power of each segment. The similarity measurement between gallery and probe gait energy image has been computed by cosine distance, correlation distance and Jaccard distance. The performance efficiency of different distance based metrics is measured by several error metrics.

Keywords: biometrics (access control); computer vision; gait analysis; image motion analysis; image recognition;image segmentation; video surveillance; GEI body frame region; Jaccard distance; OU-ISIR standard gait database; body segment ratio; body torso; component based gait energy image analysis; computer vision technology; correlation distance; cosine distance; discriminative power; distance based metrics; error metrics; gait biometric trait; gait identification; gallery image; human identification; independent components; leg region; local biometric feature; motion information; normality feature testing; performance efficiency; probe gait energy image; shape centroid; shape preserving; silhouette gait sequences; similarity measurement; single averaged gait image; subject walking pattern; video surveillance situation; Image segmentation; Indexes; Robot sensing systems; Standards; Body Centroid; Body Segmentation; Correlation Distance; Cosine Distance; Euclidean Distance; Gait Energy Image; Human Gait; Jaccard Distance; OU-ISIR Gait Database (ID#: 14-3380)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6885005&isnumber=6884878

 

Pande, D.; Sharma, C.; Upadhyaya, V., "Object Detection And Path Finding Using Monocular vision," Signal Propagation and Computer Technology (ICSPCT), 2014 International Conference on, pp.376,379, 12-13 July 2014. doi: 10.1109/ICSPCT.2014.6885028 This project consists of a prototype of an autonomous robot that picks up the desired object (red can) solely based on camera vision. A robotic clamp and a camera are mounted on it. All the information is transferred wirelessly up to distances of 100 ft. The processing of the image is done on an external computer using software like OpenCV, Python and Microsoft Visual Studio. Using samples and regression analysis, the distance of any pixel and the width of any object can be found. After obstacle detection, a suitable path is chosen. All movement is controlled by PIC microcontroller with the help of RF transmitter-receiver modules. It is best suited for non-textured, flat surfaces with little or no movement in the foreground.

Keywords: collision avoidance; microcontrollers; mobile robots; object detection; regression analysis; robot vision; Microsoft; OpenCV; PIC microcontroller; Python; RF transmitter-receiver modules; autonomous robot; camera vision; monocular vision; object detection; path finding; regression analysis; robotic clamp; visual studio; Clamps; I EEE 802.11 Standards; Portable computers; Radio frequency; Robots; Autonomous robot; Compute Vision; Image processing; Monocular Vision; Path Finding (ID#: 14-3381)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6885028&isnumber=6884878

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---