At least one author of each accepted paper is required to register for the conference and present the paper. All submissions will be blind-reviewed. Papers must be anonymous, with no author names, affiliations, acknowledgements, or obvious references. A submitted paper should begin with a title, a short abstract, and a list of keywords. Clear instructions for the preparation of a final proceedings version will be sent to the authors of accepted papers. Authors are strongly recommended to submit their papers in the standard LNCS format see the Springer web page.
ProvSec Workshop Contact Us.
- Kept (The Gemini Men).
- Call for paper.
- Call for Papers.
- The mystery of steganography – Increment: Security!
- Final year IEEE Projects, IEEE Projects - , IEEE Software Projects, IEEE MatLab Projects?
Call for Papers Download short pdf version General Information Provable security is an essential tool for analyzing security of modern cryptographic primitives. Conference Topics All aspects of provable security in constructing and analyzing cryptographic primitives, including but are not limited to: - Provably secure asymmetric primitives - Provably secure symmetric primitives - Tightness of security reductions - Provable security in post-quantum cryptography - Privacy and anonymity technologies - Cryptographic protocol verifier - Theory and practice of game-hopping proof techniques - Secure hash functions - Provable security in the real-world security systems - Secure key management - Refinement of proof techniques - Provably Secure cryptographic protocols and applications - Security notions, approaches and paradigms - Steganography - Lightweight cryptography - Lattice-based cryptography Publication and Awards The conference proceedings will be published by Springer-Verlag in the Lecture Notes in Computer Science series see www.
Short Papers The authors of near-miss papers papers with merit, which have not passed the bar of acceptance unfortunately will have a chance to present their work as short papers at the conference. Important Dates Paper submission deadline 17 June Extended to 30 June , UTC Notification of Acceptance 3 August Camera-ready deadline 15 August Conference date 25 - 28 October Instructions for authors Submitted papers must be original, unpublished, and not submitted to another conference or journal for consideration for publication.
The permutation phase shuffles pixel locations of each grapheme. Finally, the substitution phase modifies pixel intensity values of the corresponding permutated grapheme utilizing the chaotic logarithmic map. Experimental results indicate that the proposed CLM poses interesting characteristics such as wide range chaotic behaviour, robust chaos, s-unimodality, and high sensitivity to a small change in initial condition.
In addition, statistical results indicate the superior permutation and substitution properties of the proposed encryption scheme over other image encryption schemes of the same structure. In this paper, we propose and develop DroidMD, a scalable self-improvement based tool, based on auto optimization of signature set, which detect malicious apps in the market at source code level.
A prototype has been developed tested and implemented to detect malware in applications. We implement and evaluate our approach on almost 30, applications including 27, benign and 3, malware applications. DroidMD detects malware in different applications at partial level and full level. It analyzes only the applications code, which increase its reliability. DroidMD detected similar malware code fragments in different malware families and also victim source code files from benign applications.
Additionally, DroidMD detects similar code fragments which were injected into many applications, which can be the indication of malware. Our evaluation of DroidMD demonstrates that our approach is very efficient in detecting malware at large scale with high accuracy of Keywords : Mobile security; Mobile software; Malware detection; Code clones; Android apps reusability; Android evolution. This challenge can be overcome at least partially by developing systematically risk- driven security objectives and controls for the target system, and determining how to offer sufficient evidence of its security performance via metrics.
The target system of our investigation is an Android platform utilized for public safety and security mobile networks.
We develop and analyse the security objectives and controls for these systems based on a technological risk analysis. In addition, we investigate how effective and efficient security metrics can be developed for the target system, and describe implementation details of enhanced security controls for authentication, authorization, and integrity objectives. Our analysis includes implementation details of selected security controls and a discussion of their security effectiveness. It also includes conceptualization and description of adaptive security for an Android platform which can improve the flexibility and effectiveness of these security controls and end-users confidence in service providers.
Keywords : Android; security objectives; security metrics; security effectiveness; risk analysis. Due to this, there is a constant need to come up with new copyright protection algorithms and also new watermarking tools to suit users needs. This paper provides a survey on various video watermarking tools available in the market.
This paper summarizes the basic concepts in video watermarking, new attacks and latest applications of video watermarking which are evolving. Each tool has been described highlighting its pros and cons for its applicability. The challenges involved in watermarking of video content have also been detailed. Organizations are striving to find methods to protect their data and network from the existing and emerging threats. Defense and monitoring system have become an essential part of all organizations who want to secure their data against network threats.
This paper presents a categorical survey on the various research techniques taken for improving the performance of open-source Intrusion Detection System, Snort de facto in the field of intrusion detection and prevention. The pros and cons of all the techniques have been presented. A novel parallel architecture has been proposed to increase the performance of Snort-IDS in a high speed network. Many Intrusion Detection Systems IDS have been developed and improved to prevent not allowed access from malicious intruders.
Developing and evaluating accurate IDS involve the use of varied datasets that collect most relevant features and real data from up-to-date types of attacks to real hardware and software scenarios. Unfortunately, there are only a few complete datasets available for public use, due to privacy and security reasons. This paper describes and optimizes a new dataset available called CICIDS, which overcomes issues mentioned above, and provides researchers data to test with their new IDS developments, with updated real-life attacks.
This may require multiple attempts by the user to gain access to the underlying service and results in frustration to the users. The proposed approach is sustainable against segmentation scheme, replay attacks and different types of attacks which can be possible with keyloggers. A statistical significance of the proposed approach is also discussed in the paper. Operating systems and applications need to be updated on time to ensure the security of the system, but it is neither feasible nor possible to remove every single vulnerability on a system.
In this research work, time-based analysis strategy has been proposed to prioritize the machines in terms of their risk factor so as to handle riskier one first. Further, the proposed technique was applied on attack nodes hosts to find the approximate time to exploit the systems which can be further used to prioritize hosts and attack paths according to their risk of being exploited.
Additionally, the proposed methodology can be advantageous in a finding minimal set of machines that needs attention to ensure complete network security. To the best of authors knowledge, this is the first time that attack paths have been analyzed and prioritized using the time to compromise scheme. Keywords : Attack graph analysis; Attack path time; Vulnerability analysis; Time to compromise model.
Many vulnerabilities rise from invalid inputs. An invalid input is considered as a form of a successful attack if it is processed by the website code or back-end database. Based on this assumption, we proposed a list of indicators that tested invalid inputs are processed. A tool is developed to implement this model. We tested the model through evaluating several websites selected randomly. Our tool has no special credentials or access to any of the tested websites. We found many SQL injection vulnerabilities based on our proposed model. Upon the manual investigation of the web pages that showed such vulnerabilities, we found few instances of false positives.
We believe that this can provide a systematic and automated approach to test websites for vulnerabilities related to improper input validation. Keywords : SQL-injection attacks; security; web applications; software testing. Transactions across the whole network are visible to all participating nodes. However, some transactions may contain sensitive information such as business contracts and financial reports, or even personal health records.
To protect user privacy, the architecture of distributed multi-channel ledger with membership service as a critical component can be adopted. We make a step towards such vision by proposing a multi-channel membership service architecture that combines two promising technologies, distributed ledger and Intel Software Guard Extensions SGX. With SGX remote attestation and isolated execution features, each distributed node can be enrolled as a trusted entity to a specific channel or a set of channels. Multiple channels help to separate different applications and provide better flexibility to participants of transactions.
We propose security properties for membership service in distributed ledger and illustrate how SGX capabilities help to achieve these properties in each phase of membership service, including member registration, enrollment, multi-channel formation, transaction signing and verifying, transaction auditing, as well as certificate renewal and revocation. Our security analysis and performance evaluation show that the SGX enabled membership service could enhance the support of privacy preservation, and defense capabilities against adversarial attacks, with scalability and cost effectiveness.
Previous studies on site selection of emergency rescue centers mainly focused on timeliness with a view to minimizing rescue time. Its deficiency is that satisfactory solution or optimal solution for the shortest rescue time is accompanied by huge rescue costs, which does not match with the actual decision goal. This article comprehensively considers timeliness of emergency rescue and cost constraints.
Based on the transportation costs from the rescue center to the disaster site and the cost of setting up the rescue center, golden rescue time 72 hours after the earthquake is taken into account. The penalty cost caused by losing the golden rescue time is considered, thereby quantifying timeliness as another dimension of cost. Based on this, problem is solved using K-means clustering algorithm and fruit fly algorithm FOA. With the purpose of minimizing the weighted sum of construction costs, transportation costs and penalty costs of emergency rescue centers, suitable location is selected for establishment of emergency rescue center.
The K-means clustering analysis and fruit fly optimization algorithm are used to simplify and solve the original model, which can solve complex problems. Keywords : major emergency response; earthquake rescue; site selection and layout optimization; K-means clustering analysis; fruit fly algorithm. Effective and early intrusion detection is a crucial basis for computer security. Although of considerable work has been focused on masquerade detection for more than a decade, achieving a high level of accuracy and a comparatively low degree of false alarm rate is still a big challenge.
In this paper, we present an extensive empirical study in the area of user behavior profiling based masquerade detection using six of different existed machine learning methods in Azure Machine Learning AML studio. In order to surpass previous studies on this subject, we used four free and publicly available datasets with seven data configurations are implemented from them.
Moreover, eight well-known masquerade detection evaluation metrics are used to assess methods performance against each data configuration. Finally, intensive quantitative and ROC curves analyses of results are provided at the end of this paper. Keywords : masquerade detection; anomaly-based detection; machine learning; intrusion detection; computer security.
Till now, existing MCFAs mainly work in the time domain. These improvements can be achieved without overhead in measurement complexity. In homomorphic encryption, ciphertext data in encrypted format should be sent to the cloud, the computations are made on the ciphertext, and the result of this computation is a ciphertext form itself.
If the result of the computation is decrypted, then the correct plaintext result must be obtained. Maintaining the secrecy and privacy of data, generally in cloud scenario, has become a intense challenge for present day's practical applications. However, transfering private data to any third party consists of large amount risks of disclosure of private data while computation.
This problem can be addressed by performing computations on encrypted data without decrypting it. In this paper, we propose a fully homomorphic encryption framework which is lightweight in nature and utilizing symmetric key.
Keep in touch
Analysis of the scheme confirms that our proposed system is efficient and practical to adopt it in various cloud computation applications. Further, to prove the novelty, we present the implementation results and given the comparative analysis of our scheme with significant state-of-the-art. However, penetration testing is more challenging when conducted on MCC applications. These applications use offloading, and thus another layer of complexity in generating, selecting and executing test cases, which implies and requires an MCC applications penetration testing offloading-awareness model.
To overcome these challenges, a penetration testing model for mobile cloud computing applications is designed. This model defines the process of penetration testing over MCC applications including penetration test preparation, test case generation, selection and execution processes. Key components of this offloading-awareness model are state management and mobile agent while other components are adapted from previous penetration testing models for the web, cloud or mobile applications.
This model will enable penetration testers to tackle the mobile cloud computing complexity and uniqueness. Currently, we are preparing the evaluation of the model against these MCC applications. Keywords : mobile cloud computing; penetration testing; offloading; mobile agent; offloading-awareness model.
The default browser configuration is often not adequate to stop or minimize information leakage to the attacker. In this paper, a novel model framework to bridge the gap between default and recommended configuration is proposed. The framework is developed using machine learning algorithm, as huge set of browser configuration states need to be classified into different security levels.
A prototype browser add-on is developed using the framework to assess browser security level and modify it to increase security level if required. Although user or key delegation has been widely discussed for ABE, it cannot solve all the key management problems. In this paper, we give a time-based key management scheme for ABE, providing the ABE scheme has piecewise key generation and ciphertext delegation, based on the revocation scheme in In detail, we introduce a public time-related key generated by KDS, which stores the beginning time of the currently valid secret key for each user.
For any ciphertext, user must download a time-related key which is generated later than the ciphertext, and use the timerelated key along with the user private key to decrypt the ciphertext successfully. The user private key must be generated at the time stored in the time-related key, so any user cannot use outdated or revoked private keys to decrypt new ciphertexts, and ciphertext delegation is used to renew any ciphertext up to the current time. In this paper, we propose a trust dependent routing scheme to select secure most routes in such network, which focuses on evaluating any neighboring entity through direct and indirect trust opinion.
Trust assessment is carried out on neighbors by various trust metrics, namely, packet delivery ratio, delay, throughput, topology, energy, and control packets. At later stage, this is further enhanced to meet the dynamic challenges of Mobile Ad-hoc Network MANET and also tested with various network density and probable security threats.
This has challenged modern approaches and solutions to threat detection and potentially rendered some of these obsolete even before they are able to find applicability. However, while this has been the case, little attention has been paid to whether or not such supporting flow features still present an effective means of reaching accurate conclusions regarding imminent or occurrent cyber threat incidents, especially in the face of a rapidly evolving and adapting 21st century cyber threat landscape.
This research is therefore a necessary pilot study to a larger research that aims to develop a state-of-the-art detection solution against a newly uncovered category of cyber threats known as subversive cyber threats. The goal of this pilot study being to reinvestigate four of the more commonly used supporting flow features in modern threat detection solutions, viz. The study adopts the methodology of data simulation with descriptive infographic analysis using the recent UNSW-NB15 cybersecurity dataset.
At present, the techniques based on moving target defense mainly focus on the single parameter hopping and rarely refer to the hopping of multiple parameters in multiple layers. With the background of database security, this paper constructs a layer-crossing, multi-parameter and dynamic security model over moving target defense. The model selects seven parameters which belong to different layers in the database connection, and through mathematical modeling of the attack behavior and the reconnection time of the legitimate users, this model obtains the two functions of the successful attack probability and the average reconnection time to the hopping intervals of the seven parameters.
Then through mathematical analysis to the two functions, this paper comes to the conclusion that it is impossible to let the successful attack probability and the average reconnection time take the minimum values at the same time. Finally, combined with specific scenarios, this paper gives the specific expressions of the two functions above and the optimal hopping interval of each parameter under different scenarios. Compared to actual application, this paper mainly focuses on the theoretical study of the security model, so the model and methods proposed in this paper are not only applicable to the security of database system, but also applicable to other information systems.
Keywords : Moving target defense; layer-crossing; multi-parameter; security model; optimization analysis. This research explores a proposed hybrid learning framework to model and visualise the host-based normal and attack network behaviours. The framework consists of two major learning components: the Self-Organizing Map SOM is employed to recognize the network flow clusters and to visualise them on a two-dimensional space; and the Association Rule Mining ARM algorithm is deployed to analyse and interpret the traffic behaviours within clusters.
Sequential patterns of the flows are also analysed and visualised through the sequences of clusters or neurons on the trained SOM maps. The proposed framework is evaluated on six SSH traffic sets to measure and understand how successful it is at extracting and interpreting the patterns representing normal and attack behaviours. The visualized patterns demonstrate that the SSH brute force attacks behave similarly to each other but differently than the SSH normal traffic. The proposed framework sheds light on how learning systems could be designed to model and visualise network behaviours in terms of data extraction and representation.
Over time each module of software is tested and identified for loopholes using various vulnerability discovery models VDMs that exist. In this paper, based on hazard rate function approach, we have developed a unified framework to capture the behavior of various vulnerability trends during the discovery process. The utility of the proposed approach helps in identifying and studying different discovery scenarios various distribution functions under one canopy.
Furthermore, we also discuss a method called normalized criteria distance, which compares different sets of VDMs using a set of comparison criteria in order to rank and select the best model from among VDMs. The proposal has been supplemented with validation done on real life vulnerability discovery data sets. With the progressing wireless technologies, the malicious activities are also increased with a rapid pace. But to secure the data communication in such environment, we need to have intrusion detection mechanism in use. Several mechanisms are introduced for the intrusion detection purpose.
These existing algorithms are also capable of incorporating adaptive features but lack in the complexity and usability issues. Moreover, the real time adaptive learning is a missing link in these algorithms. In this paper, we have proposed a model of intrusion detection that deals with the learning mechanism on network probe data and identifies the intrusion by detecting the outliers with Logistic Regression. We have used Euclidean distance for outlier detection. The results show that our model is less complex in terms of time consumption and efficiently detects the intrusions.
Keywords : intrusion; outliers; learning; profile; classification; Euclidean; threshold. They can be used for personal identification, healthcare applications, financial applications etc. Smart cards contain an embedded circuit that stores and processes a large amount of data. One of the key function performed by the circuit is the cryptographic operation namely encryption.
Since these devices are resource constrained, low-cost implementations of cryptographic algorithms are desirable. AES is one of the standard encryption algorithm proposed by NIST and is proved to be a suitable candidate for secure and lightweight implementations on hardware compared to its other symmetric counterparts. This work proposes a novel low-cost implementation of AES algorithm using time-shared architectures for contactless smart card applications. The proposed architecture reuses the primitives in a twofold mechanism leading to a novel resource efficient architecture on an FPGA platform.
It generates a series of if-then rules based on the homogeneity of class distribution. In a society where data spreads everywhere for knowledge discovery, the privacy of the data respondents is likely to be leaked and abused. Based on this concern, we propose an overview of the rapidly evolving research results focusing on privacy preserving decision tree induction. The research results are summarized according to the characteristics of related privacy preservation techniques, which include data perturbation, cryptography, and data anonymization. In addition, we demonstrate the comparison between the merits and demerits of these methods considering the specific property of decision tree induction.
At last, we conclude the future trend of privacy preserving techniques. Keywords : decision tree; privacy preservation; ensemble; differential privacy. However, when it comes to credential information such as the login and password, they are most likely to be intrusively utilized without necessarily been detected. Hence, the security policy of cloud computing has to manage both access control and viral analysis so that to guarantee security properties of tenants and organizations.
The Information flow is considered as the communication essence between users and systems. The information flow control mechanisms monitor the propagation of information to secure the program execution and the information handled by these programs during their execution. The main purpose of this paper is to enhance the security properties by formulating them in a dynamic way through analyzing the behavior of entities and associate them with a trust level and security class.
For this reason, we have implemented a security policy which the main role is to create a template, in order to guarantee the security properties namely the confidentiality, integrity and availability CIA. Keywords : Cloud computing; Security; Security properties; Information flowrncontrol; Security policy; Access control model; Security policy template.
Best Fake Address
Due to the ever increasing amount of data generated in cloud-IoT environment, securing these systems becomes crucial. This paper proposes a robust remote user authentication scheme for cloud-IoT services. Formal and informal security analysis proves that the scheme is resilient to potential attacks. Now cloud becomes a popular medium for storing terabytes of data, but poor availability, reliability and security are its major obstacles. Cloud Federation is the future paradigm of computing which can reduce cost, data theft and avoid vendor lock-in. Cloud providers are now collaborating and create a federation for increasing revenue and building trust among customers and indirectly federation also helps in better resource utilization of every service providers.
To enhance reliability and availability of data in the cloud traditionally replication techniques were applied but because of its excessive storage consumption erasure codes are now used. In the proposed framework all collaborating service providers share their storage resources and use Single Sign-On Federated Identity management model which will reduce the overhead of maintaining multiple credentials and strengthen the authentication process. Initially, files are encrypted with the secret key created with client id, session token and a random number which improves the security of data after that user select the service level for backup files based on which erasure codes are applied, which will reduce storage overhead and enhance the security of the backup data in the Cloud Federation.
The private signing key of the bitcoin owner is the key component to enable a bitcoin transaction. If the signing key of a bitcoin is stolen, the theft who possesses the key can make a transaction of the bitcoin. In this paper, based on the distance-based encryption DBE , we propose an enhanced version of bitcoin in order to protect the signing key. Our approach is based on our two-factor authentication, where the signing key cannot be retrieved without being identified via the password and biometric authentication scheme, and the user is only required to enter his password and fingerprint or other biometric information such as a factual image to retrieve the key.
By doing this, we can effectively improve the bitcoin security and provide stronger authentication. An attractive feature of our scheme is that one of encryption schemes is asymmetric, in the sense that the decryption key biometric information is not stored in the device. We also provide the security model and proof to justify the security of our scheme. Keywords : Authentication; Encryption; Bitcoin; Blockchain. The images are useful in proving anything in the court of law by showing them as an evidence of the event, getting insurance of a mishappening, getting appreciation, or for conveying personal lifestyle to their friends through social media.
Image Forgery has become much prominent nowadays and is being done either for fun or for an intention. In this paper, a method to detect copy move forgery is presented by combining the two features namely, Zernike Moments and Auto color correlogram. The Zernike moment checks the shape of the objects in the block. The Auto color correlogram checks for distance of each color pixel taking into account the 64 colors.
These two features combine together to identify the regions for which copy-move forgery exists. Thus, the method detects the presence of copy-move forgery in the image along with the localization of the forged region.
The method out-performs the existing methods which are also based on the probability approach. DHKE is a method to exchange the keys securely, based on the discrete logarithm problem. Various techniques have been proposed to resist the MITM attack including digital signatures. DNA Cryptography builds on the concepts of biomolecular computations which is considered as one of the emerging directions in the Cryptography. The proposed methodology also includes an encryption technique based on DNA based Codebook, secret sharing and DNA Cryptography to exchange parameters securely. The security analysis of the proposed scheme is evaluated by theoretical analysis.
Formal analysis of the proposed protocol is done using Scyther and all the modeled claims are validated and positive results are obtained. To meet scalability and high availability requirements, it is desirable that an access control scheme is decentralized in nature. Proposing a blockchain-based cryptographically decentralized access control scheme for dynamic hierarchies that is consistent with the standard centralized hierarchical access control model is the main focus of this paper.
Towards this, we propose a new decentralized key assignment scheme for a dynamic hierarchy of mutually distrustful security classes. We use blockchain transactions, consensus and validation mechanisms as tools to achieve cryptographic decentralization of hierarchical access control. Important highlight of the paper is that the proposed decentralized scheme does not compromise on performance and storage requirements of the standard centralized hierarchical key assignment schemes.
In particular, the proposed scheme requires symmetric decryption operations for key derivation, is secure under strong key indistinguishability and features efficient dynamic update operations without any trusted third-party. Proposed is the first hierarchical key assignment scheme that features all the aforementioned properties. Every unusual behavioural pattern in a social network can be spotted as an anomaly which provides useful information.
In this paper, a new method is proposed to identify anomaly based on community detection AD-C for the social network graph.
- Radar Vulnerability to Jamming (Artech House Radar Library).
- More Efficient Provably Secure Steganography!
- On the Improvement of the Understanding / The Ethics / Correspondence.
Our model is made up of weighting in pre-processing step and three principle processes, including community detection, auxiliary community detection and node filtering. AD-C method offers a flexible framework for anomaly detection, which can be employed in different stages of its related algorithms. The experiments are conducted on two social media datasets, including Facebook and Flickr datasets. Experimental results indicate more efficiency in comparison to other anomaly methods as baselines in terms of the F-score. Also, the results indicate that applying the proposed steps lead to increased accuracy of the community detection methods.
Revanesh, V. Sridhar, John M. It currently focuses on various properties such as, clustering, authentication, routing, security, reliability, and resource usage. Among these security in WSN is a critical issue because sensor nodes are set up in hostile environments. In this paper, a cluster based routing algorithm is performed through adaptive lightweight cryptographic scheme. In this lightweight cryptographic scheme, pseudorandom bit sequence is created using Elliptic Curve Cryptography algorithm. To construct a path, we consider node degree, node residual energy, valid distance and node mobility.
A lightweight encryption approach is concerned for secure data transmission using RC6 block cipher algorithm. Once the simulation tests evaluated on NS3. The results also indicate that our proposed work guaranties secure packet transmission by providing high security over the selected route. The increase in number of users and the service providers cause massive data transmission. The secure data storage in cloud server is a major issue. The isolation of sensitive attributes in the customer profile and the uploading of encrypted data to the multi-server-based cloud are the major issues in the existing applications.
Initially, the normalization based on the hide and visibility metric assignment to the fields in the dataset used to isolate the sensitive and normal attributes in the customer profile. Then, the data encryption is performed through proliferate ElGamal algorithm sequentially and stored into the cloud. The RSDM serves as the base for sensitive data isolation.
Then, the access control policy is designed to control the profile-viewing ability of bank employees to assure the security. The proposed work decrypts the data associated with the denormalized profile for integrity.
Cryptography - Wikipedia
The comparative analysis between the proposed RSDM-ACPAR with the existing sensitive data prediction models regarding the encryption time, policy generation time, execution time and the access time shows the effectiveness of proposed work in sensitive data-based applications. To address this issue, we combine two previously proposed approaches to introduce a new compressed and distributed MIKEY mode applied to a collaborative Internet of Things context.
A set of third parties is used to discharge the constrained nodes from heavy computational operations. Doing so, the MIKEY pre-shared mode is used in the constrained part of network, while the public key mode is used in the unconstrained part of the network. Furthermore, to mitigate the communication cost we introduce a new header compression scheme that reduces the size of MIKEYs header from 12 Bytes to 3 Bytes in the best compression case. To assess our approach, we performed a detailed security analysis using a formal validation tool i.
In addition, we performed an energy evaluation of both communicational and computational costs. The obtained results show that our proposed mode is energy preserving whereas its security properties are preserved untouched. Such messages start exerting influence on mental status, and ultimately physical condition of a person. Emails are one of the popularly used sources, for communicating personal and official messages.
Typically, sentiment analysis of these emails includes classifying them into positive, negative and neutral messages. Identifying the sentiments of emails using an efficient and effective algorithm is very important and useful step in the domain of email forensics.
In this work, support vector machine, k-nearest neighbour, and neural network back-propagation algorithms are used to classify the sentiments of email into positive, negative and neutral categories using self-curated email dataset. This dataset is a combination of Enrons email dataset and publically available messages converted into emails.
This paper presents a comparative study of classification approaches for email analysis. Finally, it is concluded that the neural network with the back-propagation training algorithm provides the best results considering the accuracy and the memory requirements with the little compromise on the time required to recognize the sentiment of a given email. If an attacker is able to obtain the binary-code of an application, it is possible to reverse-engineer the source code, uncover vulnerabilities, craft exploits, and patch together code-segments to produce code-reuse attacks.
These issues are particularly concerning when the application is an operating system because they open the door to privilege-escalation and exploitation techniques that provide kernel-level access. This paper describes ExOShim: a line, lightweight shim layer, using Intels commodity virtualization features, that prevents memory disclosures by rendering all kernel code execute-only. This technology, when combined with non-deterministic refresh and load-time diversity, prevents disclosure of kernel code on time-scales that facilitate kernel-level exploit development.
Call for Papers
Additionally, it utilizes self-protection and hiding techniques to guarantee its operation even when the attacker gains full root access. The proof-of-concept prototype described here has been demonstrated on a bit microkernel. It is evaluated using metrics that quantify its code size and complexity, associated run-time performance costs, and its effectiveness in thwarting information leakage. ExOShim provides complete execute-only protection for kernel code at a runtime performance overhead of only 0.
The concepts are general and could also be applied to other operating systems. Keywords : virtualization; operating systems; security; memory disclosure;. One of such networks is an intermittently connected mobile networks. In these networks the conventional routing algorithms like AODV fails as they develop an end- to end path form source to destination. Generally we may go with spreading type of flood based routing methods for this type of networks. We are suffering with a lot disturbances with these routings and they deliver the packet with the high probability due to wastage of energy.
In turn performance of the network goes down. In this paper we proposed an efficient way of routing by a spray and focus algorithm in order improve the overall performance by reducing of delays for message transmission. Keywords : Ad hoc networks; delay tolerant networks; intermittent connectivity. Yamini, R. Its counter method to reveal hidden secret information is called as adaptive image steganalysis. In the proposed method, the colour correlations between pixels are used to identify the adaptive region of the image by real time adaptive colour image segmentation.
Bi-cubic interpolation method is applied on these colour adaptive regions to extract the features from the selected region. These features are considered for classification using support vector machine classifier, to distinguish between stego and cover images. Reversible two least significant bit LSB technique is used to identify and to retrieve the hidden content from the payload locations. The accuracy is measured using Matthew's correlation coefficient calculation. The results of real-time adaptive colour image segmentation outperform the methods, normalised cut segmentation, MX-quadtree segmentation and watershed segmentation.
Keywords : adaptive steganalysis; steganography; stego images; F-score; Matthew's correlation coefficient; bi-cubic interpolation method; reversible two LSB; support vector machine; SVM. Not much heed is given to consumption pattern of various testing resources. Due to stiff market rivalry, developers need to develop latest versions of software in multiple releases. Apart from being beneficial, it also turns to be challengeable as revision in the code creates hindrances in updating the software.
Testers may find it difficult to rectify a detected fault resulting in imperfect debugging or error generation. Testing phase is affected by many factors which may change at any time, concept called as change point. In this work, we propose detection and correction based general scheme for modeling multi-release of software under the realistic environment of imperfect debugging, error generation, change point and testing effort. Recently, Jonathan et al presents two PAKE protocols which make the communication reduce to one-round. At the same time Jonathans protocols achieve the mutual authentication and agreement the session key by constructing smooth projective hash functions.
Based on these motivations, this paper firstly put forwards a framework one-round PAKE protocols. And then we propose a provably secure and flexible one-round PAKE scheme based on chaotic maps. Comparison with Jonathans two protocols, the results show that our one-round PAKE scheme can not only refrain from consuming modular exponential computing and scalar multiplication, but is also robust to resist various attacks, especially for KCI attack.
Finally we also give the provable security of our scheme. Using public auditability, we can check the behaviour of data in the cloud. The auditing protocol must measure less communication cost incurred by the auditor and the cloud server. Third Party Auditor is responsible for the authentication of secret files in cloud system on behalf of the data owner.
This paper describes an auditing system for secure cloud storage systems using privacy preservation scheme. The data auditability technique allows the user to make the data integrity check using a third party. The public auditability system permits the TPA to check the cloud information without downloading the original data from the user. This process involves profiling the data and evaluating the impact of inadequate quality data which results in the performance of the organization. To match the high bandwidthrnnetwork, hardware-based rather than software-based NIDS is necessarilyrnrequired.
In this paper, a system on chip SoC -based Ethernet packet detectorrnthat supports an automatic ruleset generator is proposed. The proposed rulesetrngenerator automatically constructs the whitelist ruleset from the collectedrnEthernet packets. The network header of the Ethernet packets are compared to thern whitelist rulesets within 0. This real-time packet filtering feature is useful in protecting highlyrnsecure network systems like the industrial control systems.
This scheme formed by some share keys that can share access the secret key using their share keys at the same time. Many techniques of information security and secret sharing have been developing over the last years. This research focuses on the counting-based secret sharing scheme. This work introduces a new algorithm to improve the generation of share keys by increasing the size of the secret key for generating an unlimited number of share keys.
We achieved that by expanding the size of the secret key and repeating its value. The paper shows interesting results as analysis and comparisons among the proposed expansion options of the secret key. Keywords : secret sharing; secret key; share key; information security; generation; shares generation. Through the research on the characteristics of malicious webpages analysis and detection, the texture image feature used to express the similarity of malicious webpagess URL binary files is extracted; besides, the host information features and URL information features are extracted.
The "texture image" feature is integrated with host information features and URL information features, and a deep learning method of BiLSTM is used to analyze and detect malicious webpages. Nowadays finding association rules among these data may lead to privacy issues, in turn to leakage of sensitive information that may reveal the facts about an individual.
In this paper an algorithm is proposed for hiding the sensitive association rules by minimizing the ghost rules and lost rules. These traditional algorithms may lack in hiding the association rules due to its computational complexity,hiding failure,lost rules and ghost rules. The performance of this approach has been improved by using a modified un-realization algorithm for hiding the sensitive association rules.
The main challenge of steganography resides in the discretion of the concealment, it must not modify the cover image to an extent that might arise the suspicion of eavesdroppers. Data is hidden in the details coefficients, which are divided into smooth and complex areas. The performance of the proposed work is tested through experiments on a variety of images and comparison with literature. We obtain a good imperceptibility and embedding rate that respect the complexity of the cover image. We also reach a high level of security by using a correcting procedure that preserves the histogram in the smooth area.
The hackers employ polymorphic mechanisms to masquerade the attack payload and evade the detection techniques. Nonetheless, the classical LDA approach that is based on the l2-norm maximization is very sensitive to outliers. This involves publishing command and control C2 logic in the form of smart contracts to the blockchain and then calling the functions of the smart contract for sending and receiving commands and keeping track of the state of bots.
We call this technique Botract derived by merging two words: bot and contract. In addition to describing how hackers can exploit smart contracts for C2, we also explain why is it difficult to disarm Botract given the distributed nature of the blockchain and the persistent nature of smart contracts deployed on top of them. Next, we describe the architecture for deploying blockchain-based botnets and implement a proof-of-concept using isolated testnet environments. Our goal is to prove the feasibility of our approach, hoping to create awareness among the community on the importance of auditing smart contracts on the blockchain and defending against these botnets before they become widespread.
Keywords : smart contract; blockchain; security; botnets; Ethereum. However, the development of these new technologies makes users' privacy vulnerable. The threats on private data may arise from service providers themselves voluntarily or by inadvertence. As a result, the data owner would like to ensure that the collected data are securely stored and accessed only by authorized users.
Our model combines two promising paradigms for data privacy, which are Attribute-Based Encryption ABE and blockchain, to strengthen the data-owner privacy protection. We propose a new scheme of ABE that is, in one hand, suitable to resource-constrained devices by externalizing the computing capabilities, thanks to Fog computing paradigm and, in the other hand, combined with a blockchain-based protocol to overcome a single point of trust and to enhance data-owner access control.
Since each node in MANET is free to move independently, they can change their links to other nodes frequently. Secure communication among nodes in mobile adhoc networks is a major concern. In this paper, first we reviewed some significant existing KM schemes and compared based on various criterias and design parameters. Next, we have proposed a scheme for pairwise Key Agreement with updation of key pre-distribution shares while new nodes are getting added to the MANET.
Further, we have given our simulation results and performed a comparative analysis based on different simulations parameters. Future research issues are also discussed at the end of the paper. Keywords : Mobile adhoc network; Security; Key management; Key predistribution; Symmetric key management. Due to these developments, every nation and its people are communicating with each other. All this internet application requires video and audio, hence so there is a requirement to improve the security, privacy and confidentiality of transmitted the sensitive information over internet applications is the biggest issue.
The major key challenges in any type of steganography are the security of hidden information, very good recovery of both secret and original data, perceptibility, and robustness. The proposed algorithm resolves all the key issues in the existing steganography transmitted data through internet protocol which is built on the latest reversible video crypto steganography approach. Furthermore, to increase the perceptibility, robustness, and security of hidden data, anti-forensic detection approach and different types of attacks are applied on stego video during transmission which does not disturb the original stego video and secret data.
Theoretical analysis and simulation result obtain through Lab View shows the effectiveness of the proposed novel technique which maintains good recovery of both original and secret data without any distortion with larger data conceal capacity as compared to any existing techniques. In this scenario different service provider offers services for its users to share their personal sensitive information, resources and identity via distributed open network. And attackers can easily pick this information from the open network due to lack of cross verification of the legality of peers.
Almost no researcher claims with conviction about a foolproof secure authentication scheme for the said purpose. In this regard, a robust authentication scheme is presented for the distributed computing environment which not only offers a secure cross verification of user validity but can also protect personal sensitive information and secure sharing of associated resources. The performance and security analysis at the end of this paper shows that the scheme is best among all available in the recent literature.
All the narratives show that the scheme can easily be implemented in the recent era for the said purpose. These processors resemble application specific integrated circuits ASICs and digital signal processors DSPs from the performance and flexibility point of view, respectively. In other words ASIP makes compromise between performance and flexibility criteria.
The SHA-3 hashing algorithm has been introduced as the safest and the newest algorithm in as a global standard. In this paper a processor with specific instruction set is designed and implemented with regard to variant execution steps of this algorithm. The implemented processor has Firstly, the binary image sequence of human body in surveillance video is acquired by background modeling method based on visual background extraction ViBe. Then, the simple multi-scale algorithm is constructed by combining the aspect ratio, motion trajectory and video continuous interframe motion acceleration of the minimum circumscribed rectangle of the binarized image.
The human target behavior is judged, and then the normal behavior of the human bodystanding, walking, jogging, and abnormal behaviorcalling for help, falling, throwing, squatting, and sudden running are identified. The experimental results show that the human body moving target recognition by ViBe combined with simple multi-scale algorithm for abnormal behavior detection has good real-time performance and high accuracy.
Keywords : pedestrian recognition;anomalous behavior detection; ViBe algorithm;simple multi-scale algorithm. Experiments show that the algorithm effectively extends the key space of chaotic systems, has good encryption effect and security, and can resist several common attacks. The framework showed efficacy in detecting a new version of Zeus botnet, by building the classifier on an older version, compared to the machine learning approach used in the current research.
Keywords : Zeus; network; security; machine learning; botnet. It plays a key role in big data and outsourcing computation scenarios. In this paper, we show that the privacy-preserving multi-keyword ranked search scheme over encrypted cloud data [IEEE TPDS, , 25 1 , ] is flawed, because the introduced similarity scores do not represent the true similarities between indexing vectors and a querying vector.