International Conferences: The Third International Conference on Computer, Communication, Control and Information Technology (C3IT), 2015, India

	International Conferences: The Third International Conference on Computer, Communication, Control and Information Technology (C3IT), 2015, India

The Third International Conference on Computer, Communication, Control and Information Technology (C3IT),2015, was held 7-8 Feb. 2015 at Adisaptagram, Hooghly, WestBengal, India. C3IT’s are to bring together leading academicians, scientists and researchers to exchange their innovative ideas, experiences and research outcomes about research advances in all areas of computer, communication, control and information technology between multinational participants and improve international cooperation and collaborative research in these fields. 

Haider, R., "Language-Based Security Analysis Of Database Applications," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 4, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060109
Abstract: In today's information-age, databases are at the heart of information systems. Unauthorized leakage of confidential database information, while computed by the associated database applications, may put the system at risk. Language-based information flow analysis is a promising field of research to detect possible information leakage in any software systems. So far, researchers pay little attention to the case of applications embedding database languages. In this paper, we address the need of proper analysis of data manipulation languages, and we overview the possible extension of language-based approaches to the case of information systems supporting databases at the back-end.
Keywords: authorisation; database languages; database management systems; confidential database information; data manipulation language; database language; information system; language-based information flow analysis; language-based security analysis; unauthorized leakage; Abstracts; Context; Database languages; Databases; Information systems; Security; Semantics; Database Query Languages; Information System; Language-based Information Flow; Static Analysis (ID#: 15-5144)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060109&isnumber=7060104

Datta, B.; Tat, S.; Bandyopadhyay, S.K., "Robust High Capacity Audio Steganography Using Modulo Operator," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 5, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060146
Abstract: A secure audio steganography technique is introduced in this paper. Here modulo operator is used for hiding target string. The embedding as well as extracting process is of two steps which provides more robustness in this method. During preprocessing the hexadecimal equivalent of target string is calculated by taking four bits at a time. That increases capacity of cover media. Modulo operator is used during embedding and the adjustment is done in such a way so that the distortion becomes less which increases imperceptibility. The quality of experimental result is analyzed by SNR and also compared with standard LSB and HLLAS technique. Bits per sample is also calculated which shows more efficiency of the proposed technique.
Keywords: audio coding; distortion; steganography; SNR; audio steganography technique security; modulo operator; target string hexadecimal equivalent preprocessing; target string hiding;Conferences;Cryptography;Media;Receivers;Robustness;Signal to noise ratio; Standards; Audio Steganography; Cover Audio; Hexadecimal; Modulo Operator; Post-processing; Pre-processing; Stego Audio (ID#: 15-5145)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060146&isnumber=7060104

Mishra, M.K.; Mukhopadhyay, S.; Biswas, G.P., "Architecture And Secure Implementation For Video Conferencing Technique," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp.1,6, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060168
Abstract: With rapid development of various multimedia technologies, ample amount of multimedia data are generated and transmitted for different usage including commercial, medical, military etc, and if they are not well protected, the data may be accessed by opponents or unauthorized users. Thus, security and privacy protection of the important messages have become important issues, and a number of techniques based on selective, entropy-based and/or complete encryption are developed. In this paper, we consider some existing cryptographic techniques namely trusted third-party, RSA, GDH.2, RC4 etc. and integrated themselves in such a way that an overall securiy protection to the video conferencing is achieved. Both the required block diagrams and the protools of the proposed scheme are provided, and a security and performance analysis show that it is well secured, computation-efficient and applicable for real life operations.
Keywords: cryptographic protocols; data protection; public key cryptography; teleconferencing; video communication;GDH.2;RC4;RSA;cryptographic protocol; data privacy protection; data security; entropy-based encryption; group Diffie Hellman key agreement ;multimedia technology; trusted third-party; video conferencing technique secure implementation; Ciphers; Encryption; Standards; Streaming media; Video coding;GDH.2;H.264/AVC;RC4;group public key; video conference; video encryption (ID#: 15-5146)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060168&isnumber=7060104

Chowdhury, P.; Ray, S.; Mukherjee, D., "An Embedded Monitoring Unit For A Lead-Acid Battery With Reference To A PV System," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 3, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060119
Abstract: Most significant Balance of System (BOS) unit for monitoring health of a Photovoltaic (PV) system is the power Conditioner unit. Here, authors propose incorporation of an additional controller unit for monitoring all possible states of the Battery-bank leading to an enhanced energy security mechanism for small decentralized PV applications.
Keywords: battery storage plants condition monitoring; energy security; photovoltaic power systems; PV system; Pb; balance of system unit; battery bank; controller; decentralized PV applications; embedded monitoring unit; enhanced energy security mechanism; health monitoring; lead-acid battery; photovoltaic system; Batteries; Discharges (electric);Light emitting diodes; Monitoring; Security; System-on-chip; Voltage control; Battery; Depth of Discharge (DOD);Energy Security; Energy Security Enhancing Mechanism (ESEM);Run Time to Empty (RTTE); State of Charge (ID#: 15-5147)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060119&isnumber=7060104

Amin, R.; Biswas, G.P., "Anonymity Preserving Secure Hash Function Based Authentication Scheme For Consumer USB Mass Storage Device," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 6, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060190
Abstract: A USB (Universal Serial Bus) mass storage device, which makes a (USB) device accessible to a host computing device and enables file transfers after completing mutual authentication between the authentication server and the user. It is also very popular device because of it's portability, large storage capacity and high transmission speed. To protect the privacy of a file transferred to a storage device, several security protocols have been proposed but none of them is completely free from security weaknesses. Recently He et al. proposed a multi-factor based security protocol which is efficient but the protocol is not applicable for practical implementation, as they does not provide password change procedure which is an essential phase in any password based user authentication and key agreement protocol. As the computation and implementation of the cryptographic one-way hash function is more trouble-free than other existing cryptographic algorithms, we proposed a light weight and anonymity preserving three factor user authentication and key agreement protocol for consumer mass storage devices and analyzes our proposed protocol using BAN logic. Furthermore, we have presented informal security analysis of the proposed protocol and confirmed that the protocol is completely free from security weaknesses and applicable for practical implementation.
Keywords: cryptographic protocols; file organisation; BAN logic; USB device; anonymity preserving secure hash function based authentication scheme; anonymity preserving three factor user authentication; authentication server; consumer USB mass storage device; consumer mass storage devices; cryptographic algorithms; cryptographic one-way hash function; file transfers; host computing device; informal security analysis; key agreement protocol; multifactor based security protocols; password based user authentication; password change procedure; storage capacity; universal serial bus mass storage device; Authentication; Cryptography; Protocols; Servers; Smart cards; Universal Serial Bus; Anonymity; Attack; File Secrecy; USB MSD; authentication (ID#: 15-5148)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060190&isnumber=7060104

Das, S.; Dey, H.; Ghosh, R., "An Approach To Assess The Optimality Of Refining RC4," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 6, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060139
Abstract: Though RC4 has proved itself as a simple, fast and robust stream cipher and it is trusted by many organizations, a number of researchers claimed that RC4 has some weakness and bias in its internal states. To increase its security, some guidelines recommended discarding some initial bytes like N, 2N or more from the RC4 key-stream (N is 256, generally). In this paper, the authors tried to find out the optimum number of bytes that is to be discarded to have a more secured RC4, by analyzing some variants of it. All the algorithms, including the original one, are analyzed by the NIST Statistical Test Suite and it has been found that it is not necessary discarding more and more number of bytes to increase the security of RC4.
Keywords: cryptography; statistical analysis; trusted computing; NIST statistical test suite; RC4 key stream;RC4 refining optimality;trusted robust stream cipher; Algorithm design and analysis; Ciphers; Generators; Hardware;NIST;NIST test suite;RC4 security; key stream generator; modified RC4; stream cipher (ID#: 15-5149)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060139&isnumber=7060104

Barman, S.; Samanta, D.; Chattopadhyay, S., "Revocable Key Generation From Irrevocable Biometric Data For Symmetric Cryptography," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 4, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060182
Abstract: Crypto-biometric system (CBS) is a combination of biometrie with cryptography to enhance network security. Biometrie is the most trustworthy measure to identify a person uniquely using his or her behavioral and physiological characteristics. Cryptography is an effective concern to the security of information. The security of cryptography depends on the strength of cryptographic key and strength of key depends on the length of key. In the traditional cryptography, key is generated randomly and it is very difficult to remember as the key is not linked with user. To address this limitation of cryptography, CBS uses biometrie data of user to bind key with its owner and as the key is linked with user's biometrie data, user does not need to remember the key. As biometrie data is irrevocable, it becomes useless when compromised and as a result the biometrie based key becomes also useless. In this approach, fingerprint features are used to generate key for cryptographic application. The key is revocable and easy to revoke when required. In our experiment, FVC2004 fingerprint database is used to investigate the result.
Keywords: cryptography; fingerprint identification; CBS; FVC2004 fingerprint database; behavioral and physiological characteristics; biometric based key; biometric data; crypto-biometric system; cryptographic application; cryptographic key; fingerprint feature; information security; irrevocable biometric data; network security; revocable key generation; symmetric cryptography; Bioinformatics; Cryptography; Databases; Feature extraction; Fingerprint recognition; Iris recognition (ID#: 15-5150)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060182&isnumber=7060104

Haider, R., "Language-Based Security Analysis Of Database Applications," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 4, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060109
Abstract: In today's information-age, databases are at the heart of information systems. Unauthorized leakage of confidential database information, while computed by the associated database applications, may put the system at risk. Language-based information flow analysis is a promising field of research to detect possible information leakage in any software systems. So far, researchers pay little attention to the case of applications embedding database languages. In this paper, we address the need of proper analysis of data manipulation languages, and we overview the possible extension of language-based approaches to the case of information systems supporting databases at the back-end.
Keywords: authorisation; database languages; database management systems; confidential database information; data manipulation language; database language; information system; language-based information flow analysis; language-based security analysis; unauthorized leakage; Abstracts; Context; Database languages; Databases; Information systems; Security; Semantics; Database Query Languages; Information System; Language-based Information Flow; Static Analysis (ID#: 15-5151)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060109&isnumber=7060104

Mahto, D.; Yadav, D.K., "Enhancing Security Of One-Time Password Using Elliptic Curve Cryptography With Biometrics For E-Commerce Applications," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 6, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060172
Abstract: Security of one-time password (OTP) is essential because nowadays most of the e-commerce transactions are performed with the help of this mechanism. OTP is used to counter replay attack/eavesdropping. Replay attack or eavesdropping is one type of attacks on network-connected computing environment or isolated computing environment. For achieving 112 bits of security level, Rivest Shamir and Adleman (RSA) algorithm needs key size of 2048 bits, while Elliptic Curve Cryptography (ECC) needs key size of 224-255 bits. Another issue with most of the existing implementation of security models is storage of secret keys. Cryptographic keys are often kept in en-secured way that can either be guessed/social-engineered or obtained through brute force attacks. This becomes a weak link and leads integrity issues of sensitive data in a security model. To overcome the above problem, biometrics is combined with cryptography for developing strong security model. This paper suggests an enhanced security model of OTP system using ECC with palm-vein biometrie. This model also suggests better security with lesser key size than other prevalent public key crypto-model. The cryptographic keys are also not required to memorize or keep anywhere, these keys are generated as and when needed.
Keywords: authorisation; biometrics (access control);electronic commerce; public key cryptography; ECC; OTP; cryptographic keys; e-commerce; eavesdropping; elliptic curve cryptography; isolated computing environment; network-connected computing environment; one-time password; palm-vein biometrics; replay attack; security model; Biological system modeling; Biometrics (access control); Elliptic curve cryptography; Elliptic curves; Veins; Biometrics; Elliptic Curve Cryptography (ECC); One-Time Password; Online Banking; Palm Vein (ID#: 15-5152)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060172&isnumber=7060104

Ghosh, P.; Mitra, R., "Proposed GA-BFSS And Logistic Regression Based Intrusion Detection System," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp.1,6, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060117
Abstract: Enormous growth in Internet Technology accelerates sharing of limitless data, service and resources. But along with the innumerable benefits of Internet, a number of serious issues have also taken birth regarding data security, system security and user privacy. A numbers of intruders attempt to gain unauthorized access into computer network. Intrusion Detection System (IDS) is a stronger strategy to provide security. In this paper, we have proposed an efficient IDS by selecting relevant futures from NSL-KDD dataset and using Logistic Regression (LR) based classifier. To decrease memory space and learning time, a feature selection method is required. In this paper we have selected a number of feature sets, using the approach of Genetic Algorithm (GA), with our proposed fitness score based on Mutual Correlation. From the number of feature sets, we have selected the fittest set of features using our proposed Best Feature Set Selection (BFSS) method. After selecting the most relevant features from NSL-KDD data set, we used LR based classification. Thus, an efficient IDS is created by applying the concept of GA with BFSS for feature selection and LR for classification to detect network intrusions.
Keywords: feature selection; genetic algorithms; pattern classification; regression analysis; security of data; BFSS; GA; IDS; LR classifier; best feature set selection method; genetic algorithm; intrusion detection system; logistic regression; mutual correlation; Biological cells; Genetic algorithms; Intrusion detection; Logistics; Sociology; Statistics; Training; BFSS; GA; Gradient Descent; IDS; LR; Mutual Correlation; NSL-KDD (ID#: 15-5153)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060117&isnumber=7060104

Mondai, S.; Setua, S.K., "Extending Trust In Enterprise Systems," Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1, 6, 7-8 Feb. 2015. doi: 10.1109/C3IT.2015.7060169
Abstract: Modern enterprises are facing more and more uncertainties and challenges from insecurity and context sensitivity. In view of information security, an enterprise is considered as a collection of assets and their interrelationships and how users use their rights to access the enterprise. These interrelationships may be built into the enterprise information infrastructure, as in the case of connection of hardware elements in network architecture, or in the installation of software or in the information assets. As a result, access to one element may enable access to another if they are connected. An enterprise may specify the conditions on how to access certain assets in certain mode (read, write etc.) as policies. The interconnection of assets, along with specified policies, may lead to vulnerabilities in the enterprise information system if misused. This paper presents a formal methodology for detection of vulnerabilities and threats to enterprise information systems.
Keywords: enterprise resource planning; information systems; security of data; enterprise information infrastructure; enterprise information system; information security; Additives; Authorization; Availability; Databases; Information systems; Permission; Enterprise information security; Policies; Security parameters; Vulnerability (ID#: 15-5154)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7060169&isnumber=7060104

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.