Visible to the public Biblio

Found 118 results

Filters: Keyword is information technology  [Clear All Filters]
2022-06-06
Rasmi Al-Mousa, Mohammad.  2021.  Generic Proactive IoT Cybercrime Evidence Analysis Model for Digital Forensics. 2021 International Conference on Information Technology (ICIT). :654–659.
With the widespread adoption of Internet of Things (IoT) applications around the world, security related problems become a challenge since the number of cybercrimes that must be identified and investigated increased dramatically. The volume of data generated and handled is immense due to the increased number of IoT applications around the world. As a result, when a cybercrime happens, the volume of digital data needs to be dealt with is massive. Consequently, more effort and time are needed to handle the security issues. As a result, in digital forensics, the analysis phase is an important and challenging phase. This paper proposes a generic proactive model for the cybercrime analysis process in the Internet of Things. The model is focused on the classification of evidences in advance based on its significance and relation to past crimes, as well as the severity of the evidence in terms of the probability occurrence of a cybercrime. This model is supposed to save time and effort during the automated forensic investigation process.
2022-05-24
Qin, Yishuai, Xiao, Bing, Li, Yaodong, Yu, Jintao.  2021.  Structure adjustment of early warning information system based on timeliness. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:2742–2747.
Aimed at the high requirement of timeliness in the process of information assurance, this paper describes the average time delay of information transmission in the system, and designs a timeliness index that can quantitatively describe the ability of early warning information assurance. In response to the problem that system capability cannot meet operational requirements due to enemy attacks, this paper analyzes the structure of the early warning information system, Early warning information complex network model is established, based on the timeliness index, a genetic algorithm based on simulated annealing with special chromosome coding is proposed.the algorithm is used to adjust the network model structure, the ability of early warning information assurance has been improved. Finally, the simulation results show the effectiveness of the proposed method.
2022-05-05
Zhang, Qiao-Jia, Ye, Qing, Li, Liang, Liu, Si-jie, Chen, Kai-qiang.  2021.  An efficient selective encryption scheme for HEVC based on hyperchaotic Lorenz system. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:683—690.
With the wide application of video information, the protection of video information from illegal access has been widely investigated recently. An efficient selective encryption scheme for high efficiency video coding (HEVC) based on hyperchaotic Lorenz system is proposed. Firstly, the hyperchaotic Lorenz system is discretized and the generated chaotic state values are converted into chaotic pseudorandom sequences for encryption. The important syntax elements in HEVC are then selectively encrypted with the generated stream cipher. The experimental results show that the encrypted video is highly disturbed and the video information cannot be recognized. Through the analysis of objective index results, it is shown that the scheme is both efficient and security.
2022-04-26
Al–Sewadi, Hamza A.A., Al-Shnawa, Ruqa A., Rifaat, Mohammed M..  2021.  Signature Verification Time Reduction for GOST Digital Signature Algorithm. 2021 International Conference on Communication Information Technology (ICICT). :279–283.

Although many digital signature algorithms are available nowadays, the speed of signing and/or verifying a digital signature is crucial for different applications. Some algorithms are fast for signing but slow for verification, but others are the inverse. Research efforts for an algorithm being fast in both signing and verification is essential. The traditional GOST algorithm has the shortest signing time but longest verification time compared with other DSA algorithms. Hence an improvement in its signature verification time is sought in this work. A modified GOST digital signature algorithm variant is developed improve the signature verification speed by reducing the computation complexity as well as benefiting from its efficient signing speed. The obtained signature verification execution speed for this variant was 1.5 time faster than that for the original algorithm. Obviously, all parameters' values used, such as public and private key, random numbers, etc. for both signing and verification processes were the same. Hence, this algorithm variant will prove suitable for applications that require short time for both, signing and verification processes. Keywords— Discrete Algorithms, Authentication, Digital Signature Algorithms DSA, GOST, Data Integrity

AlQahtani, Ali Abdullah S., Alamleh, Hosam, El-Awadi, Zakaria.  2021.  Secure Digital Signature Validated by Ambient User amp;\#x2019;s Wi-Fi-enabled devices. 2021 IEEE 5th International Conference on Information Technology, Information Systems and Electrical Engineering (ICITISEE). :159–162.

In cyberspace, a digital signature is a mathematical technique that plays a significant role, especially in validating the authenticity of digital messages, emails, or documents. Furthermore, the digital signature mechanism allows the recipient to trust the authenticity of the received message that is coming from the said sender and that the message was not altered in transit. Moreover, a digital signature provides a solution to the problems of tampering and impersonation in digital communications. In a real-life example, it is equivalent to a handwritten signature or stamp seal, but it offers more security. This paper proposes a scheme to enable users to digitally sign their communications by validating their identity through users’ mobile devices. This is done by utilizing the user’s ambient Wi-Fi-enabled devices. Moreover, the proposed scheme depends on something that a user possesses (i.e., Wi-Fi-enabled devices), and something that is in the user’s environment (i.e., ambient Wi-Fi access points) where the validation process is implemented, in a way that requires no effort from users and removes the "weak link" from the validation process. The proposed scheme was experimentally examined.

2022-04-18
Shammari, Ayla Al, Maiti, Richard Rabin, Hammer, Bennet.  2021.  Organizational Security Policy and Management during Covid-19. SoutheastCon 2021. :1–4.
Protection of an organization's assets and information technology infrastructure is always crucial to any business. Securing and protecting businesses from cybersecurity threats became very challenging during the Covid-19 Pandemic. Organizations suddenly shifted towards remote work to maintain continuity and protecting against new cyber threats became a big concern for most business owners. This research looks into the following areas (i) outlining the shift from In-person to online work risks (ii) determine the cyber-attack type based on the list of 10 most prominent cybersecurity threats during the Covid-19 Pandemic (iii) and design a security policy to securing business continuity.
2022-02-10
Masood, Raziqa, Pandey, Nitin, Rana, Q. P..  2020.  DHT-PDP: A Distributed Hash Table based Provable Data Possession Mechanism in Cloud Storage. 2020 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO). :275–279.
The popularity of cloud storage among data users is due to easy maintenance, and no initial infrastructure setup cost as compared to local storage. However, although the data users outsource their data to cloud storage (a third party) still, they concern about their physical data. To check whether the data stored in the cloud storage has been modified or not, public auditing of the data is required before its utilization. To audit over vast outsourced data, the availability of the auditor is an essential requirement as nowadays, data owners are using mobile devices. But unfortunately, a single auditor leads to a single point of failure and inefficient to preserve the security and correctness of outsourced data. So, we introduce a distributed public auditing scheme which is based on peer-to-peer (P2P) architecture. In this work, the auditors are organized using a distributed hash table (DHT) mechanism and audit the outsourced data with the help of a published hashed key of the data. The computation and communication overhead of our proposed scheme is compared with the existing schemes, and it found to be an effective solution for public auditing on outsourced data with no single point of failure.
2022-02-07
Nurwarsito, Heru, Iskandar, Chairul.  2021.  Detection Jellyfish Attacks Against Dymo Routing Protocol on Manet Using Delay Per-Hop Indicator (Delphi) Method. 2021 3rd East Indonesia Conference on Computer and Information Technology (EIConCIT). :385–390.
Mobile Ad Hoc Network (MANET) is one of the types of Ad-hoc Network which is comprised of wireless in a network. The main problem in this research is the vulnerability of the protocol routing Dymo against jellyfish attack, so it needs detection from a jellyfish attack. This research implements the DELPHI method to detect jellyfish attacks on a DYMO protocol which has better performance because the Delay Per-Hop Indicator (DELPHI) gathers the amount of hop and information delay from the disjoint path and calculates the delays per-hop as an indicator of a jellyfish attack. The evaluation results indicate an increase in the end-to-end delay average, start from 112.59s in 10 nodes increased to 143.732s in 30 nodes but reduced to 84,2142s in 50 nodes. But when the DYMO routing did not experience any jellyfish attacks both the delivery ratio and throughput are decreased. The delivery ratio, where decreased from 10.09% to 8.19% in 10 nodes, decreased from 20.35% to 16.85%, and decreased from 93.5644% to 82.825% in 50 nodes. As for the throughput, for 10 nodes decreased from 76.7677kbps to 68.689kbps, for 30 nodes decreased from 100kbps to 83.5821kbps and for 50 nodes decreased from 18.94kbps to 15.94kbps.
Zang, Shiping, Zhao, Dongyan, Hu, Yi, Hu, Xiaobo, Gao, Ying, Du, Pengcheng, Cheng, Song.  2021.  A High Speed SM3 Algorithm Implementation for Security Chip. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:915–919.
High throughput of crypto circuit is critical for many high performance security applications. The proposed SM3 circuit design breaks the inherent limitation of the conventional algorithm flow by removing the "blocking point" on the critical path, and reorganizes the algebraic structure by adding four parallel compensation operations. In addition, the round expansion architecture, CSA (Carry Save Adder) and pre-calculation are also used in this design. Due to the optimization at both the algorithm level and the circuit level, the synthesized circuit of this design can reach maximum 415MHz operating clock frequency and 6.4Gbps throughput with SMIC 40nm high performance technology. Compared with the conventional implementation method, the throughput performance of the proposed SM3 circuit increases by 97.5% and the chip area of SM3 algorithm area is only increased by 16.2%.
2022-02-04
Al-Turkistani, Hilalah F., Aldobaian, Samar, Latif, Rabia.  2021.  Enterprise Architecture Frameworks Assessment: Capabilities, Cyber Security and Resiliency Review. 2021 1st International Conference on Artificial Intelligence and Data Analytics (CAIDA). :79–84.

Recent technological advancement demands organizations to have measures in place to manage their Information Technology (IT) systems. Enterprise Architecture Frameworks (EAF) offer companies an efficient technique to manage their IT systems aligning their business requirements with effective solutions. As a result, experts have developed multiple EAF's such as TOGAF, Zachman, MoDAF, DoDAF, SABSA to help organizations to achieve their objectives by reducing the costs and complexity. These frameworks however, concentrate mostly on business needs lacking holistic enterprise-wide security practices, which may cause enterprises to be exposed for significant security risks resulting financial loss. This study focuses on evaluating business capabilities in TOGAF, NIST, COBIT, MoDAF, DoDAF, SABSA, and Zachman, and identify essential security requirements in TOGAF, SABSA and COBIT19 frameworks by comparing their resiliency processes, which helps organization to easily select applicable framework. The study shows that; besides business requirements, EAF need to include precise cybersecurity guidelines aligning EA business strategies. Enterprises now need to focus more on building resilient approach, which is beyond of protection, detection and prevention. Now enterprises should be ready to withstand against the cyber-attacks applying relevant cyber resiliency approach improving the way of dealing with impacts of cybersecurity risks.

Chand, Ravinesh, Valluri, Maheswara Rao, Khan, MGM.  2021.  Digital Signature Scheme over Lattices. 2021 25th International Conference on Circuits, Systems, Communications and Computers (CSCC). :71–78.
With the rapid advancements in information technology, data security has become an indispensable component. Cryptography performs a significant role in establishing information security. Computational problems have been utilized extensively by cryptographers to construct digital signature schemes. Digital signature schemes offer security services such as confidentiality, authenticity, integrity, and non-repudiation of a message. This paper proposes a modification of the Dilithium signature scheme that is secure against unforgeability attack based on the hardness of lattice problems such as Learning With Errors and Short Integer Solution over lattices. Using the rejection sampling technique, data is sampled from a uniform distribution to generate keys that are expanded into a matrix. The keys are hashed and signed by the sender to generate a message, which is then accepted by the receiver upon verification. Finally, the security analysis for the proposed signature scheme is provided with a strong emphasis on the security of the secret key. We prove that the attacker cannot forge a signature on a message, and recommended parameters are proposed.
Xu, Wei, Liang, Hao, Ge, Yunhan.  2021.  Research on Data Security Protection System Based on SM Algorithm. 2021 International Conference on Information Science, Parallel and Distributed Systems (ISPDS). :79–82.
As the rapid development of information technology and networks, there have been several new challenges to data security. For security needs in the process of data transmission and storage, the data security protection mechanism based on SM algorithm is studied. In addition, data cryptographic security protection system model composed of cryptographic infrastructure, cryptographic service nodes and cryptographic modules is proposed. As the core of the mechanism, SM algorithm not only brings about efficient data encryption and decryption, but ensures the security, integrity and non-repudiation of data transmission and storage. Secure and controllable key management is implemented by this model, which provides easy-to-expandable cryptographic services, and brings efficient cryptographic capabilities applicable for multiple scenarios.
2022-01-31
Al-Qtiemat, Eman, Jafar, Iyad.  2021.  Intelligent Cache Replacement Algorithm for Web Proxy Caching based on Multi-level K-means Clustering. 2021 IEEE Jordan International Joint Conference on Electrical Engineering and Information Technology (JEEIT). :278—282.
Proxy web caching is usually employed to maximize the efficiency and utilization of the network and the origin servers while reducing the request latency. However, and due to the limited cache size, some replacement policy has to be enforced in order to decide on the object(s) to be evicted from the cache once it is full. This paper introduces the use of the K-mean clustering to categorize the objects in the cache into groups of different priorities. This categorization is then used for replacement purposes such that the object(s) of lowest priority are chosen for eviction. The proposed improved the hit rate and the byte hit rate of the cache when compared to conventional and intelligent web proxy caching algorithms.
2022-01-25
Boris, Ryabko, Nadezhda, Savina.  2021.  Development of an information-theoretical method of attribution of literary texts. 2021 XVII International Symposium "Problems of Redundancy in Information and Control Systems" (REDUNDANCY). :70–73.
We propose an information-theoretical method of attribution of literary texts, developed within the framework of information theory and mathematical statistics. Using the proposed method, the following two problems of disputed authorship in Russian and Soviet literature were investigated: i) the problem of false attribution of some novels to Nekrasov and ii) the problem of dubious attribution of two novels to Bulgakov. The research has shown the high efficiency of the data-compression method for attribution of literary texts.
Santoso, Dylan Juliano, Angga, William Silvano, Silvano, Frederick, Anjaya, Hanzel Edgar Samudera, Maulana, Fairuz Iqbal, Ramadhani, Mirza.  2021.  Traditional Mask Augmented Reality Application. 2021 International Conference on Information Management and Technology (ICIMTech). 1:595—598.
The industrial revolution 4.0 has become a challenge for various sectors in mastering information technology, one of which is the arts and culture sector. Cultural arts that are quite widely spread and developed in Indonesia are traditional masks. Traditional masks are one of the oldest and most beautiful cultures in Indonesia. However, with the development of the era to the digital world in the era of the industrial revolution 4.0, this beloved culture is fading due to the entry of foreign cultures and technological developments. Many young people who succeed the nation do not understand this cultural art, namely traditional masks. So those cultural arts such as traditional masks can still keep up with the development of digital technology in industry 4.0, we conduct research to use technology to preserve this traditional mask culture. The research uses the ADDIE method starting with Analyze, Design, Develop, Implement, and Evaluate. We took some examples of traditional masks such as Malangan masks, Cirebon masks, and Panji masks from several regions in Indonesia. This research implements marker-based Augmented reality technology and makes a traditional mask book that can be a means of augmented reality.
2022-01-10
Babrekar, Devika, Patel, Darsh, Patkar, Sachin, Lobo, Vivian Brian.  2021.  Blockchain-based Digital Locker using BigchainDB and InterPlanetary File System. 2021 6th International Conference on Communication and Electronics Systems (ICCES). :950–956.
Our identity as a human being is determined by the documents, not by appearance or physicality. The most important thing to prove the identity of humans is to show a government-issued document. Generally, from birth to death humans are recognized by documents because they are born with a birth certificate and they die with a death certificate. The main problem with these documents is that, they can be falsified or manipulated by others. Moreover in this digital era, they are stored in a centralized manner, which is prone to a cyber threat. This study aims to develop a blockchain environment to create, verify, and securely share documents in a decentralized manner. With the help of bigchainDB, interplanetary file system (IPFS), and asymmetric encryption, this research work will prototype the proposed solution called blockchain-based digital locker, which is similar to the DigiLocker released by the Department of Electronics and Information Technology (DeitY), Govt. of India. BigchainDB will help in treating each document as an asset by making it immutable with the help of IPFS and asymmetric encryption, where documents can not only be shared but also verified.
2021-12-20
Yang, SU.  2021.  An Approach on Attack Path Prediction Modeling Based on Game Theory. 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). 5:2604–2608.
Considering the lack of theoretical analysis for distributed network under APT (advanced persistent threat) attacks, a game model was proposed to solve the problem based on APT attack path. Firstly, this paper analyzed the attack paths of attackers and proposed the defensive framework of network security by analyzing the characteristics of the APT attack and the distributed network structure. Secondly, OAPG(an attack path prediction model oriented to APT) was established from the value both the attacker and the defender based on game theory, besides, this paper calculated the game equilibrium and generated the maximum revenue path of the attacker, and then put forward the best defensive strategy for defender. Finally, this paper validated the model by an instance of APT attack, the calculated results showed that the model can analyze the attacker and defender from the attack path, and can provide a reasonable defense scheme for organizations that use distributed networks.
Petrenkov, Denis, Agafonov, Anton.  2021.  Anomaly Detection in Vehicle Platoon with Third-Order Consensus Control. 2021 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT). :0463–0466.
The development of autonomous connected vehicles, in particular, moving as a platoon formation, has received great attention in recent years. The autonomous movement allows to increase the efficiency of the transportation infrastructure usage, reduce the fuel consumption, improve road safety, decrease traffic congestion, and others. To maintain an optimal spacing policy in a platoon formation, it is necessary to exchange information between vehicles. The Vehicular ad hoc Network (VANET) is the key component to establish wireless vehicle-to-vehicle communications. However, vehicular communications can be affected by different security threats. In this paper, we consider the third-order consensus approach as a control strategy for the vehicle platoon. We investigate several types of malicious attacks (spoofing, message falsification) and propose an anomaly detection algorithm that allows us to detect the malicious vehicle and enhance the security of the vehicle platoon. The experimental study of the proposed approach is conducted using Plexe, a vehicular network simulator that permits the realistic simulation of platooning systems.
2021-10-12
Sharma, Rohit, Pawar, Siddhesh, Gurav, Siddhita, Bhavathankar, Prasenjit.  2020.  A Unique Approach towards Image Publication and Provenance using Blockchain. 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT). :311–314.
The recent spurt of incidents related to copyrights and security breaches has led to the monetary loss of several digital content creators and publishers. These incidents conclude that the existing system lacks the ability to uphold the integrity of their published content. Moreover, some of the digital content owners rely on third parties, results in lack of ability to provide provenance of digital media. The question that needs to be addressed today is whether modern technologies can be leveraged to suppress such incidents and regain the confidence of creators and the audience. Fortunately, this paper presents a unique framework that empowers digital content creators to have complete control over the place of its origin, accessibility and impose restrictions on unauthorized alteration of their content. This framework harnesses the power of the Ethereum platform, a part of Blockchain technology, and uses S mart Contracts as a key component empowering the creators with enhanced control of their content and the corresponding audience.
2021-09-16
Liu, Zixuan, Yu, Jie.  2020.  Design and Analysis of a New RFID Security Protocol for Internet of Things. 2020 5th International Conference on Information Science, Computer Technology and Transportation (ISCTT). :16–18.
As the core of the third information revolution, the Internet of things plays an important role in the development of the times. According to the relevant investigation and research, we can find that the research on the Internet of things is still in the stage of LAN and private network, and its open advantages have not been fully utilized[1]. In this context, RFID technology as the core technology of the Internet of things, the security protocol plays an important role in the normal use of the technology. With the continuous development of Internet information technology, the disadvantages of security protocol become more and more obvious. These problems seriously affect the popularity of Internet of things technology. Therefore, in the future work, the relevant staff need to continue to strengthen research, according to the future development plan, effectively play the advantages of technology, and further promote its development.
2021-08-11
Nazarenko, Maxim A..  2020.  What is Mobile Operation System Quality? 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT QM IS). :145—147.
There are some modern mobile operation systems. The main two of them are iOS and Android. However, in the past, there were two more commonly used ones: Windows Mobile and Symbian. Each of these systems has its own pros and cons, whereas none of them is the best or the worst one in different criterions. In this paper the main criterions of operation system quality are discussed. The paper defines what the mobile operating system quality is.
2021-07-07
Wang, Guodong, Tian, Dongbo, Gu, Fengqiang, Li, Jia, Lu, Yang.  2020.  Design of Terminal Security Access Scheme based on Trusted Computing in Ubiquitous Electric Internet of Things. 2020 IEEE 9th Joint International Information Technology and Artificial Intelligence Conference (ITAIC). 9:188–192.
In the Ubiquitous Electric Internet of Things (UEIoT), the terminals are very easy to be accessed and attacked by attackers due to the lack of effective monitoring and safe isolation methods. Therefore, in the implementation of UEIoT, the security protection of terminals is particularly important. Therefore, this paper proposes a dual-system design scheme for terminal active immunity based on trusted computing. In this scheme, the terminal node in UEIoT is composed of two parts: computing part and trusted protection part. The computing component and the trusted protection component are logically independent of each other, forming a trusted computing active immune dual-system structure with both computing and protection functions. The Trusted Network Connection extends the trusted state of the terminal to the network, thus providing a solution for terminal secure access in the UEIoT.
2021-06-24
Abirami, R., Wise, D. C. Joy Winnie, Jeeva, R., Sanjay, S..  2020.  Detecting Security Vulnerabilities in Website using Python. 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC). :844–846.
On the current website, there are many undeniable conditions and there is the existence of new plot holes. If data link is normally extracted on each of the websites, it becomes difficult to evaluate each vulnerability, with tolls such as XS S, SQLI, and other such existing tools for vulnerability assessment. Integrated testing criteria for vulnerabilities are met. In addition, the response should be automated and systematic. The primary value of vulnerability Buffer will be made of predefined and self-formatted code written in python, and the software is automated to send reports to their respective users. The vulnerabilities are tried to be classified as accessible. OWASP is the main resource for developing and validating web security processes.
Dang, Tran Khanh, Truong, Phat T. Tran, Tran, Pi To.  2020.  Data Poisoning Attack on Deep Neural Network and Some Defense Methods. 2020 International Conference on Advanced Computing and Applications (ACOMP). :15–22.
In recent years, Artificial Intelligence has disruptively changed information technology and software engineering with a proliferation of technologies and applications based-on it. However, recent researches show that AI models in general and the most greatest invention since sliced bread - Deep Learning models in particular, are vulnerable to being hacked and can be misused for bad purposes. In this paper, we carry out a brief review of data poisoning attack - one of the two recently dangerous emerging attacks - and the state-of-the-art defense methods for this problem. Finally, we discuss current challenges and future developments.
2021-05-25
Alnsour, Rawan, Hamdan, Basil.  2020.  Incorporating SCADA Cybersecurity in Undergraduate Engineering Technology Information Technology Education. 2020 Intermountain Engineering, Technology and Computing (IETC). :1—4.

The purpose of this paper is threefold. First, it makes the case for incorporating cybersecurity principles into undergraduate Engineering Technology Education and for incorporating Industrial Control Systems (ICS) principles into undergraduate Information Technology (IT)/Cybersecurity Education. Specifically, the paper highlights the knowledge/skill gap between engineers and IT/Cybersecurity professionals with respect to the cybersecurity of the ICS. Secondly, it identifies several areas where traditional IT systems and ICS intercept. This interception not only implies that ICS are susceptible to the same cyber threats as traditional IT/IS but also to threats that are unique to ICS. Subsequently, the paper identifies several areas where cybersecurity principles can be applied to ICS. By incorporating cybersecurity principles into Engineering Technology Education, the paper hopes to provide IT/Cybersecurity and Engineering Students with (a) the theoretical knowledge of the cybersecurity issues associated with administering and operating ICS and (b) the applied technical skills necessary to manage and mitigate the cyber risks against these systems. Overall, the paper holds the promise of contributing to the ongoing effort aimed at bridging the knowledge/skill gap with respect to securing ICS against cyber threats and attacks.