International Journal of Computer Network and Information Security (IJCNIS)

IJCNIS Vol. 4, No. 12, Nov. 2012

Cover page and Table of Contents: PDF (size: 127KB)

Table Of Contents

REGULAR PAPERS

Software Activation Using Multithreading

By Jianrui Zhang Mark Stamp

DOI: https://doi.org/10.5815/ijcnis.2012.12.01, Pub. Date: 8 Nov. 2012

Software activation is an anti-piracy technology designed to verify that software products have been legitimately licensed. Activation should be quick and simple while simultaneously being secure and protecting customer privacy. The most common form of software activation is for the user to enter a legitimate product serial number. However, software activation based on serial numbers appears to be weak, since cracks for many programs are readily available on the Internet. Users can employ such cracks to bypass software activation.
Serial number verification logic usually executes sequentially in a single thread. Such an approach is relatively easy to break since attackers can trace the code to understand how the logic works. In this paper, we develop a practical multi-threaded verification design. Our results show that by proper use of multi-threading, the amount of traceable code in a debugger can be reduced to a low percentage of the total and the traceable code in each run can differ as well. This makes it significantly more difficult for an attacker to reverse engineer the code as a means of bypassing a security check. Finally, we attempt to quantify the increased effort needed to break our verification logic.

[...] Read more.
Swarm Flooding Attack against Directed Diffusion in Wireless Sensor Networks

By Ibrahim S. I. Abuhaiba Huda B. Hubboub

DOI: https://doi.org/10.5815/ijcnis.2012.12.02, Pub. Date: 8 Nov. 2012

The objective of this paper is to study the vulnerabilities of sensor networks, design, and implement new approaches for routing attack. As one of the cornerstones of network infrastructure, routing systems are facing more threats than ever; they are vulnerable by nature and challenging to protect.
We present a new attack, Swarm Flooding Attack, against Directed Diffusion based WSNs, which targets the consumption of sensors computational resources, such as bandwidth, disk space, or processor time. Two variants of swarm attack have been introduced: Bee and Ant. Both approaches are inspired from the natural swarming difference between bees and ants. In all cases, the strategy used to mount an attack is the same. An attack consists of a set of malicious user queries represented by interests that are inserted into the network. However, the two forms of attack vary in the synchronization aspects among attackers. These types of attacks are hard to defend against as illustrated. For each of the proposed attack models, we present analysis, simulation, and experimental measurements. We show that the system achieves maximal damage on system performance represented by many metrics.

[...] Read more.
Threshold Based Kernel Level HTTP Filter (TBHF) for DDoS Mitigation

By Mohamed Ibrahim AK Lijo George Kritika Govind S. Selvakumar

DOI: https://doi.org/10.5815/ijcnis.2012.12.03, Pub. Date: 8 Nov. 2012

HTTP flooding attack has a unique feature of interrupting application level services rather than depleting the network resources as in any other flooding attacks. Bombarding of HTTP GET requests to a target results in Denial of Service (DoS) of the web server. Usage of shortened Uniform Resource Locator (URL) is one of the best ways to unknowingly trap users for their participation in HTTP GET flooding attack. The existing solutions for HTTP attacks are based on browser level cache maintenance, CAPTCHA technique, and usage of Access Control Lists (ACL). Such techniques fail to prevent dynamic URL based HTTP attacks. To come up with a solution for the prevention of such kind of HTTP flooding attack, a real time HTTP GET flooding attack was generated using d0z-me, a malicious URL shortener tool. When user clicked the shortened URL, it was found that the user intended web page was displayed in the web browser. But simultaneously, an avalanche of HTTP GET requests were generated at the backdrop to the web server based on the scripts downloaded from the attacker. Since HTTP GET request traffic are part of any genuine internet traffic, it becomes difficult for the firewall to detect such kind of attacks. This motivated us to propose a Threshold Based Kernel Level HTTP Filter (TBHF), which would prevent internet users from taking part in such kind of Distributed Denial of Service (DDoS) attacks unknowingly. Windows Filtering Platform (WFP), which is an Application Programming Interface (API), was used to develop TBHF. The proposed solution was tested by installing TBHF on a victim machine and generating the DDoS attack. It was observed that the TBHF completely prevented the user from participating in DDoS attack by filtering out the malicious HTTP GET requests while allowing other genuine HTTP GET requests generated from that system.

[...] Read more.
Performance of TCP Vegas, Bic and Reno Congestion Control Algorithms on Iridium Satellite Constellations

By M.Nirmala Ramachandra.V.Pujeri

DOI: https://doi.org/10.5815/ijcnis.2012.12.04, Pub. Date: 8 Nov. 2012

Satellite networking is different from wired or wireless networks. The behavior and the performance of TCP/IP in normal wireless network as well as in wired network are different from one another. The TCP/IP protocol was not designed to perform well over high-latency or noisy channels so its performance over satellite networks are totally different. Each satellite networks/constellations have different properties. The deployment height, motion, direction, link capacity – all differ from one satellite constellations to another. So, certainly the behavior of TCP/IP will considerably differ from one satellite constellations than another.
The Performance of three different TCP Congestion algorithms, Vegas, Reno and Bic are taken for evaluation on the simulated satellite network Iridium and the performance of the three algorithms under the satellites constellation is measured using suitable metrics.
It is observed that, irrespective of the high end to end delay, the behavior of TCP/IP under Satellite network is somewhat resembling a high latency wired network. TCP under satellite network is not like that of a mobile ADHOC network. The observation resulted that the overall performance of Vegas was good in Iridium constellations. These reasons should be explored for designing a better congestion control algorithm exclusively for Satellite Networks.

[...] Read more.
Risk Management Strategies for the Use of Cloud Computing

By Chiang Ku Fan Chen-Mei Fan Chiang Tong Liang Kao

DOI: https://doi.org/10.5815/ijcnis.2012.12.05, Pub. Date: 8 Nov. 2012

Cloud computing may lead to both cost-efficiency and flexibility, but it also inevitably triggers a certain degree of loss exposure. Unfortunately, there is little objective, scientific research focused on identifying and evaluating the loss exposure that results from cloud computing. In this study, a modified Delphi method and the analytic network process were employed to identify and evaluate risks of cloud computing. This research finds all solutions for "contract or agreements", "cross-cloud compatibility" and "social engineering" can only reduce the risks of recurrence (risk frequency) but not eliminate recurrences. In other words, risk is inevitable, but risks with severe consequences may be heavy burdens. Purchasing insurance, if possible, is also strongly recommended.

[...] Read more.
Need of Removing Delivered Message Replica from Delay Tolerant Network - A Problem Definition

By Harminder Singh Bindra A.L Sangal

DOI: https://doi.org/10.5815/ijcnis.2012.12.06, Pub. Date: 8 Nov. 2012

Recent wireless networks observe number of deployments in various conditions where they come across different intensities of link disconnection. On the basis of extent of the operating circumstances these networks are termed as Intermittently Connected Networks (ICNs). The prevailing TCP/IP protocol cannot be operational in ICNs thus providing number of new stimulating problems that are appealing the focus of the researchers. The multi-copy routing schemes achieve higher delivery probability as compared to the single copy routing scheme. This improvement is achieved at the cost of higher resource utilization i.e. multi-copy routing protocols requires more buffer space, more bandwidth, incur more overheads and consume other vital network resources. Contribution of this work is the deletion of useless replicas of the messages which are already delivered to the intended destination. We evaluate our proposed method by simulation, on four major DTNs routing algorithms: Epidemic, Spray and Wait, ProPHET and MaxProp.

[...] Read more.
Security Mechanisms to Decrease Vulnerability of Ad-hoc Routing Protocols

By G.Sunayana Sukrutharaj.M Lalitha rani.N M.B.Kamakshi

DOI: https://doi.org/10.5815/ijcnis.2012.12.07, Pub. Date: 8 Nov. 2012

Many proposed routing protocols for ad hoc networks operate in an ad hoc fashion, as on demand routing protocols often have low overhead and faster reaction time than other types of routing based on periodic protocols. Dynamic nature of ad-hoc networks leads to challenges in securing the network. Due to the vulnerable nature of ad-hoc networks there are many security threats. One of the solutions to the problem is ARAN – Authenticated routing protocol which is a secure protocol and provides Integrity, Availability, Confidentiality, Authenticity, Non repudiation, Authorization & Anonymity. But an authenticated selfish node can interfere this protocol and disturb the network by dropping packets. However varieties of attacks targeting routing protocols have been identified. By attacking, the routing protocol attacker can absorb network traffic, inject them in the path between source and destination and thus control 0network traffic. Therefore many secure routing protocols have been developed that deal with these attacks. This paper analyzes the security aspects of one commonly used secure routing protocol ARAN.

[...] Read more.
Text Steganography Using Quantum Approach in Regional Language with Revised SSCE

By Indradip Banerjee Souvik Bhattacharyya Gautam Sanyal

DOI: https://doi.org/10.5815/ijcnis.2012.12.08, Pub. Date: 8 Nov. 2012

In this contribution we present a work of text steganography. Maintain the security of the secret information has been a great challenge in our day to day life. Sender can send messages habitually through a communication channel like Internet, draws the attention of third parties, hackers and crackers, perhaps causing attempts to break and expose the unusual messages. Steganography is a talented province which is used for secured data transmission over any public media. Extensive amount of research work has been established by different researchers on steganography. In this paper, a text steganography procedure has been designed with the help of a Regional language of India i.e. Gujarati language. Here the quantum approach also incorporates for increasing the security level. A Revised SSCE code (SSCE - Secret Steganography Code for Embedding) has been implemented in this work to upgrade the level of security. Text steganography together with Revised SSCE code & quantum approach based on the use of two specific and two special characters in Gujarati language and mapping technique of quantum gate truth table have been used.

[...] Read more.