Biblio
With the rapid development of the Internet, preserving the security of confidential data has become a challenging issue. An effective method to this end is to apply steganography techniques. In this paper, we propose an efficient steganography algorithm which applies edge detection and MPC algorithm for data concealment in digital images. The proposed edge detection scheme partitions the given image, namely cover image, into blocks. Next, it identifies the edge blocks based on the variance of their corner pixels. Embedding the confidential data in sharp edges causes less distortion in comparison to the smooth areas. To diminish the imposed distortion by data embedding in edge blocks, we employ LSB and MPC algorithms. In the proposed scheme, the blocks are split into some groups firstly. Next, a full tree is constructed per group using the LSBs of its pixels. This tree is converted into another full tree in some rounds. The resultant tree is used to modify the considered LSBs. After the accomplishment of the data embedding process, the final image, which is called stego image, is derived. According to the experimental results, the proposed algorithm improves PSNR with at least 5.4 compared to the previous schemes.
A database is an organized collection of data. Though a number of techniques, such as encryption and electronic signatures, are currently available for the protection of data when transmitted across sites. Database security refers to the collective measures used to protect and secure a database or database management software from illegitimate use and malicious threats and attacks. In this paper, we create 6 types of method for more secure ways to store and retrieve database information that is both convenient and efficient. Confidentiality, integrity, and availability, also known as the CIA triad, is a model designed to guide policies for information security within the database. There are many cryptography techniques available among them, ECC is one of the most powerful techniques. A user wants to the data stores or request, the user needs to authenticate. When a user who is authenticated, he will get key from a key generator and then he must be data encrypt or decrypt within the database. Every keys store in a key generator and retrieve from the key generator. We use 256 bits of AES encryption for rows level encryption, columns level encryption, and elements level encryption for the database. Next two method is encrypted AES 256 bits random key by using 521 bits of ECC encryption and signature for rows level encryption and column level encryption. Last method is most secure method in this paper, which method is element level encryption with AES and ECC encryption for confidentiality and ECC signature use for every element within the database for integrity. As well as encrypting data at rest, it's also important to ensure confidential data are encrypted in motion over our network to protect against database signature security. The advantages of elements level are difficult for attack because the attacker gets a key that is lose only one element. The disadvantages need to thousands or millions of keys to manage.
Emerging computing relies heavily on secure backend storage for the massive size of big data originating from the Internet of Things (IoT) smart devices to the Cloud-hosted web applications. Structured Query Language (SQL) Injection Attack (SQLIA) remains an intruder's exploit of choice to pilfer confidential data from the back-end database with damaging ramifications. The existing approaches were all before the new emerging computing in the context of the Internet big data mining and as such will lack the ability to cope with new signatures concealed in a large volume of web requests over time. Also, these existing approaches were strings lookup approaches aimed at on-premise application domain boundary, not applicable to roaming Cloud-hosted services' edge Software-Defined Network (SDN) to application endpoints with large web request hits. Using a Machine Learning (ML) approach provides scalable big data mining for SQLIA detection and prevention. Unfortunately, the absence of corpus to train a classifier is an issue well known in SQLIA research in applying Artificial Intelligence (AI) techniques. This paper presents an application context pattern-driven corpus to train a supervised learning model. The model is trained with ML algorithms of Two-Class Support Vector Machine (TC SVM) and Two-Class Logistic Regression (TC LR) implemented on Microsoft Azure Machine Learning (MAML) studio to mitigate SQLIA. This scheme presented here, then forms the subject of the empirical evaluation in Receiver Operating Characteristic (ROC) curve.
Theft or loss of a mobile device could be an information security risk as it can result in loss of con fidential personal data. Traditional cryptographic algorithms are not suitable for resource constrained and handheld devices. In this paper, we have developed an efficient and user friendly tool called “NCRYPT” on Android platform. “NCRYPT” application is used to secure the data at rest on Android thus making it inaccessible to unauthorized users. It is based on lightweight encryption scheme i.e. Hummingbird-2. The application provides secure storage by making use of password based authentication so that an adversary cannot access the confidential data stored on the mobile device. The cryptographic key is derived through the password based key generation method PBKDF2 from the standard SUN JCE cryptographic provider. Various tools for encryption are available in the market which are based on AES or DES encryption schemes. Ihe reported tool is based on Hummingbird-2 and is faster than most of the other existing schemes. It is also resistant to most of attacks applicable to Block and Stream Ciphers. Hummingbird-2 has been coded in C language and embedded in Android platform with the help of JNI (Java Native Interface) for faster execution. This application provides choice for en crypting the entire data on SD card or selective files on the smart phone and protect p ersonal or confidential information available in such devices.
The trend towards Cloud computing infrastructure has increased the need for new methods that allow data owners to share their data with others securely taking into account the needs of multiple stakeholders. The data owner should be able to share confidential data while delegating much of the burden of access control management to the Cloud and trusted enterprises. The lack of such methods to enhance privacy and security may hinder the growth of cloud computing. In particular, there is a growing need to better manage security keys of data shared in the Cloud. BYOD provides a first step to enabling secure and efficient key management, however, the data owner cannot guarantee that the data consumers device itself is secure. Furthermore, in current methods the data owner cannot revoke a particular data consumer or group efficiently. In this paper, we address these issues by incorporating a hardware-based Trusted Platform Module (TPM) mechanism called the Trusted Extension Device (TED) together with our security model and protocol to allow stronger privacy of data compared to software-based security protocols. We demonstrate the concept of using TED for stronger protection and management of cryptographic keys and how our secure data sharing protocol will allow a data owner (e.g, author) to securely store data via untrusted Cloud services. Our work prevents keys to be stolen by outsiders and/or dishonest authorised consumers, thus making it particularly attractive to be implemented in a real-world scenario.