IJCNIS Vol. 10, No. 5, May. 2018
Cover page and Table of Contents: PDF (size: 189KB)
REGULAR PAPERS
For solving the crimes committed on digital materials, they have to be copied. An evidence must be copied properly in valid methods that provide legal availability. Otherwise, the material cannot be used as an evidence. Image acquisition of the materials from the crime scene by using the proper hardware and software tools makes the obtained data legal evidence. Choosing the proper format and verification function when image acquisition affects the steps in the research process. For this purpose, investigators use hardware and software tools. Hardware tools assure the integrity and trueness of the image through write-protected method. As for software tools, they provide usage of certain write-protect hardware tools or acquisition of the disks that are directly linked to a computer. Image acquisition through write-protect hardware tools assures them the feature of forensic copy. Image acquisition only through software tools do not ensure the forensic copy feature. During the image acquisition process, different formats like E01, AFF, DD can be chosen. In order to provide the integrity and trueness of the copy, hash values have to be calculated using verification functions like SHA and MD series. In this study, image acquisition process through hardware-software are shown. Hardware acquisition of a 200 GB capacity hard disk is made through Tableau TD3 and CRU Ditto. The images of the same storage are taken through Tableau, CRU and RTX USB bridge and through FTK imager and Forensic Imager; then comparative performance assessment results are presented.
[...] Read more.Recent advancements in the field of wireless communication results in the improvement of Wireless Sensor Networks (WSNs) having low powered, low cost and smallest multi-operational sensing units called Sensor Nodes (SNs). The limited battery life of these SNs is the major issue of WSNs. The dissipation of SN energy for transmitting information of one SN to Base Station (BS) is the major cause of depletion of SN energy. Also, SNs energy is in direct relation with battery lifetime of WSNs. Due to which WSN is affected in terms of scalability, a lifetime of network and energy efficiency. Many routing protocols have been proposed to overcome this issue and clustering is the most dominant scheme in which the whole network is divided into small clusters. This clustering scheme is based on the principle of divide and conquers along with data aggregation. In this paper, authors propose a new routing protocol i.e. Energy Aware Cluster Based Multi-hop (EACBM) which uses the principle of clustering and multi-hop communication pattern for transferring information to BS. So that minimum SNs energy is consumed and hence increases the lifetime of WSN. It also uses the concept of sub-clustering to cover those areas of SNs where CH cannot reach to gather information or which cannot take part in any clustering process due to its far away position. Simulation results show that energy efficiency is greatly optimized by reducing the number of transmission distance between CH and BS via multi-hopping. It also shows how network lifetime, packets transmitted to BS and CH and number of dead SNs is affected by scaling i.e. by different network sizes (100*100m2; 500*500m2 and 1000*1000m2) in EACBM by comparing it with SEP, LEACH, CEEC and LEFCA routing protocols.
[...] Read more.Providing security to mobile devices by means of password authentication using robust cryptographic techniques is vitally important today, because they protect sensitive data. Especially for pattern locking systems of Android, there is a lack of security awareness in the people about various pre-computation attacks such as dictionary attacks, rainbow tables and brute-forcing. Hash functions such as SHA-1 are not secure for pattern authentication, because they suffer from dictionary attacks. The latest OS versions of Android such as Marshmallow make use of salted hash functions for pattern locks, but they do need additional hardware support such as TEE (Trusted Execution Environment) and a Gatekeeper function. If random salts are used for pattern passwords, they are also vulnerable, because the stored salt may be compromised and consequently the passwords can be speculated using brute-forcing. To avoid such a security breaches on pattern passwords, many methodologies have been proposed so far such as an elliptic curve based salt generation techniques. But security is never easy to obtain 100%. The attacker may perform brute-forcing successfully on pattern password hashes by gaining some information about the application. Brute-forcing becomes harder always by using longer salts and passwords and by stretching the execution time of hash generation. Therefore the current research addresses these difficulties and finds a solution to these problems by extending the existing salt generation scheme, by generating a dynamic 128-bit pepper (or a long salt) value for SHA-1 hashes to avoid such attacks without using an added hardware, for mobile computers using elliptic curves. The current scheme employs genetic algorithms to generate the pepper and finally makes brute-forcing even harder for the cryptanalysts. A comparison of this new hashing technique, with the existing techniques such as SHA-1 and salted SHA-1 with respect to brute-force analysis, Strict Avalanche Criterion and execution times is also presented in this paper.
[...] Read more.Applications of computer security issues are limited to the operating systems and gadgets used within the computers and all other devices integrated with supercomputers. With the growing number of users, software developers face the software piracy which could affect the computer systems. Currently, the major problem for computers in the different industries is software piracy. Despite many computer security techniques, we have proposed a software watermark design based on return-oriented programming (ROP). Here, the new design of the software watermark is considered as a method in which secure Hash algorithm plays an important role to enhance the performance of the computer security. In this method, we focused on gadgets analysis gadgets categories and a large number of gadgets. In this analysis, we selected Sjeng benchmark and ROP with different approaches. As a theoretical result, resilience and stealthy are compared with existing results. This approach can be useful to improve the application of the computer security laws with legal procedures depended on the proposed computer security algorithms and analysis.
[...] Read more.With spread of digitalization in India, the government initiated many welfare schemes for citizens as a part of e-governance. To ensure security, it is made mandatory to link Aadhaar card of beneficiaries with different schemes. The government also proposed to link UIDAI with DigiLocker to lead India towards the paperless economy. Due to this, worries related to security concern arise. Once UIDAI connected with DigiLocker, a resident can share personal data with other agencies. It generates enormous amount of Data and it may cause misuse of personal data. It is very important to keep data secure with controlled and authenticated access. It is a challenge to manage and secure this amount of data. In this paper, we propose a framework and model to secure personal data using proper authentication process. Availability of the documents should be verified by the owner and post verification, the document should be accessible for the limited time. Failing which revalidation is required.
[...] Read more.This paper examined the handovers in cellular networks from both functional and informational security point of view. The aim was to find out if the security goals of confidentiality, integrity and availability (CIA) are preserved during handovers. Whereas functional security is concerned with the proper operation of the handover procedures, informational security deals with confidentiality and integrity of the handover process. The global system for mobile communication provides data and voice communication services by partitioning coverage areas into hexagonal cells. Since mobility is a prime feature of cellular networks, handovers become significant for the continuity of ongoing calls. However, if these handovers are not handled carefully, session hijacking, masquerading and denial of service can be launched by transmitting at the correct timeslot and frequency. The results of the security investigation of the current handover techniques, methods, procedures, schemes and criteria revealed that the CIA triad was not assured during the handover period. The root cause of these attacks is high latency between handover request and handover execution. To address these shortcomings, this paper proposes an authenticated multi-factor neuro fuzzy handover protocol with low latency for both homogenous and heterogeneous cellular environments.
[...] Read more.Information is by far the most precious thing in almost every field. Everything we do in the present-day world generated some data and most of the data are vulnerable to unwanted threats. The organizations and agencies are becoming more and more dependent on their digitized information systems. Also, the general public is slowly getting cyber- conscious and thus they also fear for the leak and tampering of their secured information. Today’s information systems are under the constant threats of manipulation and overriding by various criminal organizations. Thus, the information in today’s world is kept under the password authentication. These passwords are a combination of a string of alphanumeric and special characters. Also, the key used to encrypt the information are exposed to either both or one of the parties. To overcome this vulnerability, an encryption technique is proposed where the key will be generated and transmitted using TPM and the final encrypted text will be stored in the image format by segregating the text data into the 3-channelled image, i.e., RGB.
[...] Read more.