Biblio

Accessing the secured data through the network is a major task in emerging technology. Data needs to be protected from the network vulnerabilities, malicious users, hackers, sniffers, intruders. The novel framework has been designed to provide high security in data transaction through computer network. The implant of network amalgamation in the recent trends, make the way in security enhancement in an efficient manner through the machine learning algorithm. In this system the usage of the biometric authenticity plays a vital role for unique approach. The novel mathematical approach is used in machine learning algorithms to solve these problems and provide the security enhancement. The result shows that the novel method has consistent improvement in enhancing the security of data transactions in the emerging technologies.

Living in the age of digital transformation, companies and individuals are moving to public and private clouds to store and retrieve information, hence the need to store and retrieve data is exponentially increasing. Existing storage technologies such as DAS are facing a big challenge to deal with these huge amount of data. Hence, newer technologies should be adopted. Storage Area Network (SAN) is a distributed storage technology that aggregates data from several private nodes into a centralized secure place. Looking at SAN from a security perspective, clearly physical security over multiple geographical remote locations is not adequate to ensure a full security solution. A SAN security framework needs to be developed and designed. This work investigates how SAN protocols work (FC, ISCSI, FCOE). It also investigates about other storages technologies such as Network Attached Storage (NAS) and Direct Attached Storage (DAS) including different metrics such as: IOPS (input output per second), Throughput, Bandwidths, latency, cashing technologies. This research work is focusing on the security vulnerabilities in SAN listing different attacks in SAN protocols and compare it to other such as NAS and DAS. Another aspect of this work is to highlight performance factors in SAN in order to find a way to improve the performance focusing security solutions aimed to enhance the security level in SAN.

This project enhances the security in which Ad Hoc On-Demand Distance Vector (AODV) routing protocol for MANETs with the game theoretical approach. This is achieved by using public key and private key for encryption and decryption processes. Proactive and reactive method is implemented in the proposed system. Reactive method is done in identification process but in proactive method is used to identify the nodes and also block the hackers node, then change the direction of data transmission to good nodes. This application can be used in military, research, confidential and emergency circumferences.

Despite bringing many benefits of global network configuration and control, Software Defined Networking (SDN) also presents potential challenges for both digital forensics and cybersecurity. In fact, there are various attacks targeting a range of vulnerabilities on vital elements of this paradigm such as controller, Northbound and Southbound interfaces. In addition to solutions of security enhancement, it is important to build mechanisms for digital forensics in SDN which provide the ability to investigate and evaluate the security of the whole network system. It should provide features of identifying, collecting and analyzing log files and detailed information about network devices and their traffic. However, upon penetrating a machine or device, hackers can edit, even delete log files to remove the evidences about their presence and actions in the system. In this case, securing log files with fine-grained access control in proper storage without any modification plays a crucial role in digital forensics and cybersecurity. This work proposes a blockchain-based approach to improve the security of log management in SDN for network forensics, called SDNLog-Foren. This model is also evaluated with different experiments to prove that it can help organizations keep sensitive log data of their network system in a secure way regardless of being compromised at some different components of SDN.

A noble multi-factor authentication (MFA) algorithm is developed for the security enhancement of the Cryptocurrency (CR). The main goal of MFA is to set up extra layer of safeguard while seeking access to a targets such as physical location, computing device, network or database. MFA security scheme requires more than one method for the validation from commutative family of credentials to verify the user for a transaction. MFA can reduce the risk of using single level password authentication by introducing additional factors of authentication. MFA can prevent hackers from gaining access to a particular account even if the password is compromised. The superfluous layer of security introduced by MFA offers additional security to a user. MFA is implemented by using time-based onetime password (TOTP) technique. For logging to any entity with MFA enabled, the user first needs username and password, as a second factor, the user then needs the MFA token to virtually generate a TOTP. It is found that MFA can provide a better means of secured transaction of CR.

The rapid development of mobile networks has revolutionized the way of accessing the Internet. The exponential growth of mobile subscribers, devices and various applications frequently brings about excessive traffic in mobile networks. The demand for higher data rates, lower latency and seamless handover further drive the demand for the improved mobile network design. However, traditional methods can no longer offer cost-efficient solutions for better user quality of experience with fast time-to-market. Recent work adopts SDN in LTE core networks to meet the requirement. In these software defined LTE core networks, scalability and security become important design issues that must be considered seriously. In this paper, we propose a scalable channel security scheme for the software defined LTE core network. It applies the VxLAN for scalable tunnel establishment and MACsec for security enhancement. According to our evaluation, the proposed scheme not only enhances the security of the channel communication between different network components, but also improves the flexibility and scalability of the core network with little performance penalty. Moreover, it can also shed light on the design of the next generation cellular network.

Having an effective security level for Embedded System (ES), helps a reliable and stable operation of this system. In order to identify, if the current security level for a given ES is effective or not, we need a proactive evaluation for this security level. The evaluation of the security level for ESs is not straightforward process, things like the heterogeneity among the components of ES complicate this process. One of the productive approaches, which overcame the complexity of evaluation for Security, Privacy and Dependability (SPD) is the Multi Metrics (MM). As most of SPD evaluation approaches, the MM approach bases on the experts knowledge for the basic evaluation. Regardless of its advantages, experts evaluation has some drawbacks, which foster the need for less experts-dependent evaluation. In this paper, we propose a framework for security measurability as a part of security, privacy and dependability evaluation. The security evaluation based on Multi Metric (MM) approach as being an effective approach for evaluations, thus, we call it MM framework. The art of evaluation investigated within MM framework, based also on systematic storing and retrieving of experts knowledge. Using MM framework, the administrator of the ES could evaluate and enhance the S-level of their system, without being an expert in security.

Recently, Jung et al. [1] proposed a data access privilege scheme and claimed that their scheme addresses data and identity privacy as well as multi-authority, and provides data access privilege for attribute-based encryption. In this paper, we show that this scheme, and also its former and latest versions (i.e. [2] and [3] respectively) suffer from a number of weaknesses in terms of finegrained access control, users and authorities collusion attack, user authorization, and user anonymity protection. We then propose our new scheme that overcomes these shortcomings. We also prove the security of our scheme against user collusion attacks, authority collusion attacks and chosen plaintext attacks. Lastly, we show that the efficiency of our scheme is comparable with existing related schemes.

Enhancing the security and resilience of interdependent infrastructures is crucial. In this paper, we establish a theoretical framework based on Markov decision processes (MDPs) to design optimal resiliency mechanisms for interdependent infrastructures. We use MDPs to capture the dynamics of the failure of constituent components of an infrastructure and their cyber-physical dependencies. Factored MDPs and approximate linear programming are adopted for an exponentially growing dimension of both state and action spaces. Under our approximation scheme, the optimally distributed policy is equivalent to the centralized one. Finally, case studies in a large-scale interdependent system demonstrate the effectiveness of the control strategy to enhance the network resilience to cascading failures.

Security Evaluation and Management (SEM) is considerably important process to protect the Embedded System (ES) from various kinds of security's exploits. In general, SEM's processes have some challenges, which limited its efficiency. Some of these challenges are system-based challenges like the hetero-geneity among system's components and system's size. Some other challenges are expert-based challenges like mis-evaluation possibility and experts non-continuous availability. Many of these challenges were addressed by the Multi Metric (MM) framework, which depends on experts' or subjective evaluation for basic evaluations. Despite of its productivity, subjective evaluation has some drawbacks (e.g. expert misevaluation) foster the need for considering objective evaluations in the MM framework. In addition, the MM framework is system centric framework, thus, by modelling complex and huge system using the MM framework a guide is needed indicating changes toward desirable security's requirements. This paper proposes extensions for the MM framework consider the usage of objective evaluations and work as guide for needed changes to satisfy desirable security requirements.

The Mobile Ad-hoc Networks (MANET) are suffering from network partitioning when there is group mobility and thus cannot efficiently provide connectivity to all nodes in the network. Autonomous Mobile Mesh Network (AMMNET) is a new class of MANET which will overcome the weakness of MANET, especially from network partitioning. However, AMMNET is vulnerable to routing attacks such as Blackhole attack in which malicious node can make itself as intragroup, intergroup or intergroup bridge router and disrupt the network. In AMMNET, To maintain connectivity, network survivability is an important aspect of reliable communication. Maintaning security is a challenge in the self organising nature of the topology. To address this weakness proposed approach measured the performance of the impact of security enhancement on AMMNET with the basis of bait detection scheme. Modified bait approach that will prevent blackhole node entering into the network and helps to maintain the reliability of the network. The proposed scheme uses the idea of Wumpus World concept from Artificial Intelligence. Modified bait scheme will prevent the blackhole attack and secures network.

Turbo code has been one of the important subjects in coding theory since 1993. This code has low Bit Error Rate (BER) but decoding complexity and delay are big challenges. On the other hand, considering the complexity and delay of separate blocks for coding and encryption, if these processes are combined, the security and reliability of communication system are guaranteed. In this paper a secure decoding algorithm in parallel on General-Purpose Graphics Processing Units (GPGPU) is proposed. This is the first prototype of a fast and parallel Joint Channel-Security Coding (JCSC) system. Despite of encryption process, this algorithm maintains desired BER and increases decoding speed. We considered several techniques for parallelism: (1) distribute decoding load of a code word between multiple cores, (2) simultaneous decoding of several code words, (3) using protection techniques to prevent performance degradation. We also propose two kinds of optimizations to increase the decoding speed: (1) memory access improvement, (2) the use of new GPU properties such as concurrent kernel execution and advanced atomics to compensate buffering latency.

Hadoop has become increasingly popular as it rapidly processes data in parallel. Cloud computing gives reliability, flexibility, scalability, elasticity and cost saving to cloud users. Deploying Hadoop in cloud can benefit Hadoop users. Our evaluation exhibits that various internal cloud attacks can bypass current Hadoop security mechanisms, and compromised Hadoop components can be used to threaten overall Hadoop. It is urgent to improve compromise resilience, Hadoop can maintain a relative high security level when parts of Hadoop are compromised. Hadoop has two vulnerabilities that can dramatically impact its compromise resilience. The vulnerabilities are the overloaded authentication key, and the lack of fine-grained access control at the data access level. We developed a security enhancement for a public cloud-based Hadoop, named SEHadoop, to improve the compromise resilience through enhancing isolation among Hadoop components and enforcing least access privilege for Hadoop processes. We have implemented the SEHadoop model, and demonstrated that SEHadoop fixes the above vulnerabilities with minimal or no run-time overhead, and effectively resists related attacks.

Information technology is continually changing, discoveries are made every other day. Cyber-physical systems consist of both physical and computational elements and are becoming more and more popular in today's society. They are complex systems, used in complex applications. Therefore, security is a critical and challenging aspect when developing cyber-physical systems. In this paper, we present a solution for ensuring data confidentiality and security by combining some of the most common methods in the area of security - cryptography and steganography. Furthermore, we use hierarchical access to information to ensure confidentiality and also increase the overall security of the cyber-physical system.