IJCNIS Vol. 7, No. 9, Aug. 2015
Cover page and Table of Contents: PDF (size: 624KB)
REGULAR PAPERS
Two essential problems are still posed in terms of Radio Frequency Identification (RFID) systems, including: security and limitation of resources. Recently, Li et al.'s proposed a mutual authentication scheme for RFID systems in 2014, it is based on Quasi Cyclic-Moderate Density Parity Check (QC-MDPC) McEliece cryptosystem. This cryptosystem is designed to reducing the key sizes. In this paper, we found that this scheme does not provide untraceability and forward secrecy properties. Furthermore, we propose an improved version of this scheme to eliminate existing vulnerabilities of studied scheme. It is based on the QC-MDPC McEliece cryptosystem with padding the plaintext by a random bit-string. Our work also includes a security comparison between our improved scheme and different code-based RFID authentication schemes. We prove secrecy and mutual authentication properties by AVISPA (Automated Validation of Internet Security Protocols and Applications) tools. Concerning the performance, our scheme is suitable for low-cost tags with resource limitation.
[...] Read more.In this paper a few methods for anomaly detection in computer networks with the use of time series methods are proposed. The special interest was put on Brown's exponential smoothing, seasonal decomposition, naive forecasting and Exponential Moving Average method. The validation of the anomaly detection methods has been performed using experimental data sets and statistical analysis which has shown that proposed methods can efficiently detect unusual situations in network traffic. This means that time series methods can be successfully used to model and predict a traffic in computer networks as well as to detect some unusual or unrequired events in network traffic.
[...] Read more.A zero-day attack poses a serious threat to the Internet security as it exploits zero-day vulnerabilities in the computer systems. Attackers take advantage of the unknown nature of zero-day exploits and use them in conjunction with highly sophisticated and targeted attacks to achieve stealthiness with respect to standard intrusion detection techniques. Thus, it's difficult to defend against such attacks. Present research exhibits various issues and is not able to provide complete solution for the detection and analysis of zero-day attacks. This paper presents a novel hybrid system that integrates anomaly, behavior and signature based techniques for detecting and analyzing zero-day attacks in real-time. It has layered and modular design which helps to achieve high performance, flexibility and scalability. The system is implemented and evaluated against various standard metrics like True Positive Rate (TPR), False Positive Rate (FPR), F-Measure, Total Accuracy (ACC) and Receiver Operating Characteristic (ROC) curve. The result shows high detection rate with nearly zero false positives. Additionally, the proposed system is compared with Honeynet system.
[...] Read more.As intrusion detection techniques based on malicious traffic signature are unable to detect unknown attacks, the methods derived from characterizing the behavior of the normal traffic are appropriate in case of detecting unseen intrusions. Based on such a technique, one class Support Vector Machine (SVM) is employed in this research to learn http regular traffic characteristics for anomaly detection. First, suitable features are extracted from the normal and abnormal http traffic; then the system is trained by the normal traffic samples. To detect anomaly, the actual traffic (including normal and abnormal packets) is compared to the deduced normal traffic. An anomaly alert is generated if any deviation from the regular traffic model is inferred. Examining the performance of the proposed algorithm using ISCX data set has delivered high accuracy of 89.25% and low false positive of 8.60% in detecting attacks on port 80. In this research, online step speed has reached to 77 times faster than CPU using GPU for feature extraction and OpenMp for parallel processing of packets.
[...] Read more.One day IPv6 is going to be the default protocol used over the internet. But till then we are going to have the networks which IPv4, IPv6 or both networks. There are a number of migration technologies which support this transition like dual stack, tunneling & header translation. In this paper we are improving the efficiency of IPv6 tunneling mechanism, by compressing the IPv6 header of the tunneled packet as IPv6 header is of largest length of 40 bytes. Here the tunnel is a multi hop wireless tunnel and results are analyzed on the basis of varying bandwidth of wireless network. Here different network performance parameters like throughput, End-to-End delay, Jitter, and Packet delivery ratio are taken into account and the results are compared with uncompressed network. We have used Qualnet 5.1 Simulator and the simulation results shows that using header compression over multi hop IPv6 tunnel results in better network performance and bandwidth savings than uncompressed network.
[...] Read more.The Ad-Hoc networks are the kind of wireless networks that their configuration is done automatically and also the nodes are moving with a certain speed. For this reason the created paths (routes) are often unstable and these paths are usually broken by switching nodes. In this respect, choosing the right path and routing mechanism become more diverse in these networks.
In this research by applying some changes to the AODV routing protocols, two new protocols are presented: The first protocol is SAODV, which is a protocol for multi-path which finds the minimum length path between source and destination nodes and then sequentially sends the packets in these paths. The second protocol is SMAODV, which is a verified version of the first one but it finds multi-paths with minimum length for sending the control packets by the use of webpage rank algorithm and a smart mechanism for determining the amount of sending packets. This would cause the energy at any point in the network nodes with minimum variance and increase the network lifetime. The results of simulations in the NS-2 network simulator also verify that our proposed methods have better efficiency than the basic AODV protocol, and improve the network performance and decrease the end-to-end delay of receipt packets.
Underwater Wireless Sensor Networks (UWSNs) explore aquatic environment to facilitate various underwater surveillance applications. However, UWSN unique features also impose new challenges such as limited bandwidth, huge propagation delay, mobile nature of nodes and high error rates. UWSNs deployment in unattended environment further exacerbates their vulnerabilities to the attacks. These challenges make security solutions proposed for Wireless Sensor Network (WSN) impractical to be applicable for UWSN. This paper analyzes the problem of security and mobility in UWSN and proposes Cluster based Key management Protocol (CKP), a new key management protocol for hierarchical networks where sensor nodes form cluster around more capable nodes. CKP also proposes a new communication architecture that handles mobility efficiently and minimizes the impact of a node compromisation to itself. CKP provides confidentiality, authentication, integrity and freshness. The performance evaluation demonstrates that the CKP is energy and storage-efficient. Further, we investigate the survivability and the security of the CKP against various security threats in order to evaluate its effectiveness.
[...] Read more.The primary concern for the deployment of MANET is to promote flexibility, mobility and portability. This mobility causes dynamic change in topology and poses challenges for designing routing algorithms. In the past few years, many ad hoc network protocols have been developed and research is still going on. It becomes quite difficult to say which protocols may perform well under different network scenarios such as varying network size, mobility of nodes and network load etc. This paper analyzes the performance of proactive protocols like DSDV, OSLR, reactive protocols like AODV, DSR and hybrid protocol such as ZRP. The analysis guides us to the evaluation of various performance metrics such as throughput, packet delivery fraction, normalized routing load and average end to end delay under different scenarios such as varying network size, speed of the node and pause time. The focus of this paper is to have quantitative analysis to guide which protocol to choose for specified network and goal.
[...] Read more.