Visible to the public Computer Communication and Informatics (ICCCI) - Coimbatore, India

SoS Newsletter- Advanced Book Block

Computer Communication and Informatics (ICCCI) -India


The International Conference on Computer Communication and Informatics (ICCCI), 2014 was held 3-5 January 2014 in Coimbatore, India. The presentations and papers cited here focus on security-related research.

  • Abd El-Aziz, A.A.; Kannan, A., "JSON Encryption," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1,6, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921719 JavaScript Object Notation (JSON) is a lightweight data-interchange format. It is easy for humans to read and write. It has a data format that is inter-changeable with a programming language's built-in data structures that eliminates translation time and reduces complexity and processing time. Moreover, JSON has the same strengths of XML. Therefore, it's better to shift form XML security to JSON security. In this paper, we will present how to shift from XML encryption to JSON encryption.
    Keywords: Arrays; Encryption; Standards; XML; JSON; JSON Encryption; JSON Security; XML; XML Encryption; XML Security (ID#:14-3262)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921719&isnumber=6921705
  • Sridharan, Srivatsan; Shrivastava, Himanshu, "Excogitation of Secure Data Authentication Model For Wireless Body Area Network," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1, 7, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921738 This paper outlines the implementation of a secure data authentication model for the wireless body area network using a single private key exchanged during the time of configuration. The need for secure data exchange grows rapidly due the fact that the data exchanged are confined to the details of the ailing patient. Recent researchers have proposed a secure system for WBAN, but there is a huge demand to incorporate the security parameters into it. A system in place must ensure security with the use of limited amount of resources. This paper tries to address these issues of security considering the fact of limited availability of resources like power, bandwidth, thereby helping to achieve, more secure and time-efficient system in place for the effective online health monitoring scheme using WBAN. Also the security system for WBAN is proposed with low computational complexity for the secure transaction using a key utilized cryptographic encryption algorithm.
    Keywords: Authentication; Body area networks; Encryption; Monitoring; Servers; Authentication; Encryption; Key Exchange; Security (ID#:14-3263)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921738&isnumber=6921705
  • Patil, Anita; Pandit, Rakesh; Patel, Sachin, "Implementation of Security Framework For Multiple Web Applications," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp. 1, 7, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921787 Single sign-on (SSO) is an identity management technique that provides users the ability to use multiple Web services with one set of credentials. However, when the authentication server is down or unavailable, users cannot access Web services, even if the services are operating normally. Therefore, enabling continuous use is important in single sign on. In this paper, we present security framework to overcome credential problems of accessing multiple web application. We explain system functionality with authorization and Authentication. We consider these methods from the viewpoint of continuity, security and efficiency makes the framework highly secure.
    Keywords: Authentication; Authorization; Computers; Encryption; Informatics; Servers; Identity Management System; MD5; OpenID; proxy signature; single sign-on (ID#:14-3264)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921787&isnumber=6921705
  • Nilesh, Dudhatra; Nagle, Malti, "The New Cryptography Algorithm With High Throughput," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1 ,5, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921739 The Cryptography is very good area for research now a days. As we know that security is very primary requirement for the any business. And for that we need very strong and unbreakable algorithm which provides high security. For that we need encryption and decryption algorithm which is having very high security with very good throughput. If we look at the real world, there are lots of organizations that are having very large database with high security. As per security concern, some encryption and decryption algorithms are working behind confidential information like DES, 3DES, AES and Blowfish. In this paper at first new cryptography (Encryption and Decryption) algorithm has been generated and new cryptography (Encryption and Decryption) algorithm has been compared by using some components like throughput of key generation, to generate Encryption text and to generate Decryption text. If any brute force attacks are applied on this algorithm, how much security is provided by this algorithm is included. In this algorithm some arithmetic and logical mathematical operations are performed.
    Keywords: Ciphers; Computers; Encryption; Three-dimensional displays; Throughput; 3DES; AES; Blowfish; Cryptography; DES; Decryption; Encryption; Security (ID#:14-3265)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921739&isnumber=6921705
  • Khan, Aarfa; Shrivastava, Shweta; Richariya, Vineet, "Normalized Worm-hole Local Intrusion Detection Algorithm(NWLIDA)," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1,6, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921748 A Mobile Ad-Hoc Network (MANET) is a arrangement of wireless mobile nodes which forms a temporary network for the communication without the access point, high availability of wireless devices in everyday is a measure factor in the success of infrastructure-less networks. MANET is dealing with both kinds of attacks, active and passive attacks at all the layers of network model. The lack in security measures of their routing protocols is alluring a number of attackers to intrude the network. A particular type of attack; known as Wormhole, which is launched by creation of tunnels and it results in complete disruption of routing paths on MANET. This paper presents a technique NWLID: Normalized Wormhole Local Intrusion detection Algorithm which is the modified version of Local Intrusion Detection Routing Security over mobile adhoc Network which has an intermediate neighbor node discovery mechanism, packet drop calculator, individual node receiving packet estimator followed by isolation technique for the confirmed Wormhole nodes. Result shows the effect of wormhole attack on normal behavior and improvement of performance after the application of proposed scheme. The effectiveness of NWLID algorithm is evaluated using ns2 network simulator.
    Keywords: Computers; Grippers; Mobile ad hoc networks; Peer-to-peer computing; Routing; Security; Throughput; Ad-hoc Network; Adjoining Node; Black hole; Isolation; Preclusion Ration; Security; Wormhole Tunnel Detection (ID#:14-3266)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921748&isnumber=6921705
  • Balachandar, R.; Manojkumar, S., "Towards Reliable And Secure Resource Scheduling In Clouds," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp. 1, 5, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921757 Delivering the hosted services via the internet is called cloud computing. It is attractive to business owners as it eliminates the requirement for users to plan ahead for provisioning and allows enterprises to start from the small and increase resources only when there is a rise in service demand. Central component that manages the allocation of virtual resources for a cloud infrastructure's physical resources is known as the cloud scheduler. Currently available schedulers do not consider users' security and privacy requirements and properties of entire cloud infrastructure. These results in major security, privacy and resilience concerns. The ability of cloud infrastructure is to support the internet scale critical applications. Without strong assurance, organizations should not outsource their critical applications to the cloud. It is one of the challenging problems to address. In this paper, we propose a secure and reliable cloud scheduler which consider both user requirements and infrastructure properties and supported by trustworthy data enabling the scheduler to make the right decision. We focus on assuring users that their virtual resources are hosted using physical resources that match their requirements without getting users involved with understanding the details of the cloud infrastructure. We present our prototype that implements the proposed cloud scheduler which is built on OpenStack.
    Keywords: Cloud computing; Computational modeling; Computers; Physical layer; Privacy; Security; Servers; Access Control; Cloud Computing; Cloud Infrastructure; Open source; Trustworthiness (ID#:14-3267)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921757&isnumber=6921705
  • Sam Suresh J.; Manjushree A.; Eswaran P., "Differential Power Analysis (DPA) Attack On Dual Field ECC Processor For Cryptographic Applications," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1,5, 3-5 Jan. 2014 doi: 10.1109/ICCCI.2014.6921775 Exchange of private information over a public medium must incorporate a method for data protection against unauthorized access. To enhance the data security against the DPA attack in network communication, a dual field ECC processor supporting all finite field operations is proposed. The ECC processor performs hardware designs in terms of functionality, scalability, performance and power consumption. A unified scheme is introduced to accelerate EC arithmetic functions. The hardware is optimized by a very compact Galois field arithmetic unit with fully pipelined technique. A key-blinded technique is designed against power analysis attacks.
    Keywords: Algorithm design and analysis; Computers; Elliptic curve cryptography; Elliptic curves; Hardware; DPA; Dual fields; ECC; Galois field; Public key cryptography (ID#:14-3268)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921775&isnumber=6921705
  • Beigh, Bilal Maqbool; Peer, M.A., "Performance Evaluation Of Different Intrusion Detection System: An Empirical Approach," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp. 1, 7, 3-5 Jan. 2014, doi: 10.1109/ICCCI.2014.6921740 Easy connectivity to a large number of networks is the main reason towards the development of security measures in the field of networking. People as well as organizations are very keen to share their resources online. But sharing the valuable information over the network may not be safe as it may be hacked by their rivals, to either destroy them or to make their own benefits from this data. The technique / system which protect our data from theft or intrusions, we call that as Intrusion Detection System. Though there are many intrusion detection systems available in the market, however users are not well familiar with the performance of different intrusion detection system or are confused with the results provided by companies. In this paper, we will make an attempt to provide a better view of performance of different intrusion detection techniques implemented under same conditions (DARPA 1999 Dataset) and with same parameters for implementation (i.e Data set will be used DARPA 1999 for experimentation). Lastly we will provide some results which will be fruitful for user in accordance to the performance.
    Keywords: Computers; Engines; Informatics; Intrusion detection; Libraries; Probes; Dataset; IDS; intrusion detection; performance; policy; security (ID#:14-3269)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921740&isnumber=6921705
  • Dongre, Kirti A.; Thakur, Roshan Singh; Abraham, Allan, "Secure Cloud Storage Of Data," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1,5, 3-5 Jan. 2014.doi: 10.1109/ICCCI.2014.6921741 Cloud computing is one of the upcoming technologies that will upgrade generation of Internet. The data stored in the smart phones is increased as more applications are deployed and Executed. If the phone is damaged or lost then the information stored in it gets lost. If the cloud storage can be integrated for regular data backup of a mobile user so that the risk of data lost can be minimized. The user can stored data in the server and retrieve them at anytime and from anywhere. The data might be uncovered by attack during the retrieval or transmission of data using wireless cloud storage without proper authentication and protection. So to avoid this in this paper we design a mechanism that provides a security requirement for data storage of mobile phones.
    Keywords: Cloud computing; Computers; Customer relationship management; Encryption; Mobile communication; Servers; Cloud storage; SQL; encryption (ID#:14-3270)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921741&isnumber=6921705
  • Raghu, I; Sreelatha Reddy, V., "Key binding with fingerprint feature vector," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1, 5, 3-5 Jan. 2014 doi: 10.1109/ICCCI.2014.6921835 In modern world to secure data is a big task. Cryptographic systems have been widely used in many information security applications. One main challenge that these systems have faced has been how to protect private keys from attackers. A biometric cryptosystem that can be used to effectively protect private keys and to retrieve them only when legitimate users enter their biometric data. In biometric applications, it is widely known that a fingerprint can discriminate between persons better than other biometric modalities. In this paper, we propose a fingerprint based biometric encryption model using BCH and the combination of BCH and RS Coding. Experimental results showed that 128-bit private keys were securely encrypted with fingerprint feature vector and successfully retrieved at verification with FRR is 0.7% and FAR is 0%.
    Keywords: Discrete wavelet transforms; Encoding; Encryption; Feature extraction; Fingerprint recognition; Vectors; BCH and RS Coding; DWT; WP; biometrics; cryptographic key; fingerprint; wavelets transforms (ID#:14-3272)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921835&isnumber=6921705
  • Thangadurai, K.; Sudha Devi, G., "An Analysis of LSB Based Image Steganography Techniques," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp. 1, 4, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921751 Steganography refers to information or a file that has been concealed inside a digital picture, video or audio file. If a person views the object in which the information is hidden inside, he or she will have no indication that there is any hidden information. So the person will not try to decrypt the information. Steganography can be divided into Text Steganography, Image Steganography, Audio/Video Steganography. Image Steganography is one of the common methods used for hiding the information in the cover image. LSB is very efficient algorithm used to embed the information in a cover file. This paper presents the detail knowledge about the LSB based image steganography and its applications to various file formats. In this paper we also analyze the available image based steganography along with cryptography technique to achieve security.
    Keywords: Art; Computer science; Computers; Cryptography; Gray-scale; Image color analysis; Informatics; Cover Image; Cryptography; GIF; LSB; Message Hiding; PNG; Steganography (ID#:14-3273 )
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921751&isnumber=6921705
  • Doe, Nina Pearl; Suganya V., "Secure Service To Prevent Data Breaches In Cloud," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1, 6, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921755 Cloud Computing is a computing paradigm shift where computing is moved away from personal computers or an individual server to a cloud of computers. Its flexibility, cost-effectiveness, and dynamically re-allocation of resources as per demand make it desirable. At an unprecedented pace, cloud computing has simultaneously transformed business and government, and created new security challenges such as data breaches, data loss, account hijacking and denial of service. Paramount among these security threats is data breaches. The proposed work is to prevent data breaching threat by way of providing user authentication through one-time password system and challenge response, risk assessment to identify and prevent possible risks, encryption using enhanced elliptic curve cryptography where a cryptographically secure random number generation is used to make the number unpredictable, data integrity using MD5 technique, and key management. The platform for deployment of the application is Google App Engine.
    Keywords: Cloud computing; Computational modeling; Elliptic curve cryptography; Elliptic curves; Encryption; MD5; authentication; cloud computing; elliptic curve cryptography; risk assessment; security issues (ID#:14-3274)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921755&isnumber=6921705
  • Arockiam, L.; Monikandan, S., "Efficient Cloud Storage Confidentiality To Ensure Data Security," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1, 5, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921762 Cloud computing provides an enormous amount of virtual storage to the users. Cloud storage mainly helps to small and medium scale industries to reduce their investments and maintenance of storage servers. Cloud storage is efficient for data storage. Users' data are sent to the cloud is to be stored in the public cloud environment. Data stored in the cloud storage might mingle with other users' data. This will lead to the data protection issue in cloud storage. If the confidentiality of cloud data is broken, then it will cause loss of data to the industry. Security of cloud storage is ensured through confidentiality parameter. To ensure the confidentiality, the most common used technique is encryption. But encryption alone doesn't give maximum protection to the data in the cloud storage. To have efficient cloud storage confidentiality, this paper uses encryption and obfuscation as two different techniques to protect the data in the cloud storage. Encryption is the process of converting the readable text into unreadable form using an algorithm and a key. Obfuscation is same like encryption. Obfuscation is a process which disguises illegal users by implementing a particular mathematical function or using programming techniques. Based on the type of data, encryption and obfuscation can be applied. Encryption can be applied to alphabets and alphanumeric type of data and obfuscation can be applied to a numeric type of data. Applying encryption and obfuscation techniques on the cloud data will provide more protection against unauthorized usage. Confidentiality could be achieved with a combination of encryption and obfuscation.
    Keywords: Cloud computing; Databases; Encryption; Memory; Cloud Storage; Confidentiality; Data Protection; Encryption; Obfuscation (ID#:14-3275)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921762&isnumber=6921705
  • Singha, Thockchom Birjit; Jain, Lakshay; Kant, Bikash, "Negligible Time-Consuming RC5 Remote Decoding Technique," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp. 1 4, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921832 Remote decoding techniques based solely on polling waste a considerable amount of time in the bit-reading process, which is undesirable. Better techniques involving interrupts have been proposed, but, these still waste some amount of precious execution time. In this paper, we propose a technique which consumes negligible time (few ms) in the bit reading process, thus, utilizing all the available time for execution of the main task.
    Keywords: Algorithm design and analysis; Computers; Decoding; Delays; Flowcharts; Informatics; Protocols; IEEE 802.3; IEEE 802.4;Interrupt service routine (ISR); Interrupts; Polling; RC5 Protocol; Remote decoding (ID#:14-3276)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921832&isnumber=6921705
  • Gupta, Piyush Kumar; Roy, Ratnakirti; Changder, Suvamoy, "A Secure Image Steganography Technique With Moderately Higher Significant Bit Embedding," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1,6, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921726 Steganography is a process to hide secret data into a cover media in an imperceptible manner. In the spatial domain of image steganography, the most common technique is Least Significant Bit Replacement (LSBR). However, LSBR is extremely sensitive to compression attacks involving truncation of LSBs. As a possible solution to the drawback of the traditional LSBR scheme, this paper proposes an image steganography technique that embeds secret data in the moderately higher significant bits such as 4th or 5th bit of a pixel. The proposed method uses a color image as a cover and according to pixel values; three groups of pixels are maintained. These groups are used for selecting the candidate pixels for 4th or 5th bit embedding. It also implements an optimal pixel adjustment process (OPAP) to minimize the visual distortion due to embedding. In addition to the OPAP, a method for randomly dispersing the secret data bits is also implemented making it harder for an adversary to detect hidden information. The experimental results for proposed method showed high values for Peak Signal to Noise Ratio (PSNR) signifying High stego-image fidelity.
    Keywords: Computers; Image coding; Informatics; Media; PSNR; Payloads; Visualization; Image Steganography; Moderately Higher Significant Bit Embedding (MHSBE);Optimal Pixel Adjustment Process (OPAP); RGB image (ID#:14-3277)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921726&isnumber=6921705
  • Vanitha, M.; Kavitha, C., "Secured Data Destruction In Cloud Based Multi-Tenant Database Architecture," Computer Communication and Informatics (ICCCI), 2014 International Conference on, pp.1, 6, 3-5 Jan. 2014. doi: 10.1109/ICCCI.2014.6921774 Cloud computing falls into two general categories. Applications being delivered as service and hardware and data centers that provides those services [1]. Cloud storage evolves from just a storage model to a new service model where data is being managed, maintained, and stored in multiple remote severs for back-up reasons. Cloud platform server clusters are running in network environment and it may contain multiple users' data and the data may be scattered in different virtual data centers. In a multi-user shared cloud computing platform users are only logically isolated, but data of different users may be stored in same physical equipment. These equipments can be rapidly provisioned, implemented, scaled up or down and decommissioned. Current cloud providers do not provide the control or at least the knowledge over the provided resources to their customers. The data in cloud is encrypted during rest, transit and back-up in multi tenant storage. The encryption keys are managed per customer. There are different stages of data life cycle Create, Store, Use, Share, Archive and Destruct. The final stage is overlooked [2], which is the complex stage of data in cloud. Data retention assurance may be easier for the cloud provider to demonstrate while the data destruction is extremely difficult. When the SLA between the customer and the cloud provider ends, today in no way it is assured that the particular customers' data is completely destroyed or destructed from the cloud provider's storage. The proposed method identifies way to track individual customers' data and their encryption keys and provides solution to completely delete the data from the cloud provider's multi-tenant storage architecture. It also ensures deletion of data copies as there are always possibilities of more than one copy of data being maintained for back-up purposes. The data destruction proof shall also be provided to customer making sure that the owner's data is completely removed.
    Keywords: Cloud computing; Computer architecture; Computers; Encryption; Informatics; Public key; attribute based encryption; data retention; encryption; file policy (ID#:14-3278)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6921774&isnumber=6921705

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.