International Journal of Computer Network and Information Security (IJCNIS)

IJCNIS Vol. 9, No. 7, Jul. 2017

Cover page and Table of Contents: PDF (size: 174KB)

Table Of Contents

REGULAR PAPERS

Malware-Free Intrusions: Exploitation of Built-in Pre-Authentication Services for APT Attack Vectors

By Aaron Zimba Zhaoshun Wang

DOI: https://doi.org/10.5815/ijcnis.2017.07.01, Pub. Date: 8 Jul. 2017

Advanced Persistent Threat (APT) actors seek to maintain an undetected presence over a considerable duration and therefore use a myriad of techniques to achieve this requirement. This stealthy presence might be sought on the targeted victim or one of the victims used as pawns for further attacks. However, most of the techniques involve some malicious software leveraging the vulnerability induced by an exploit or leveraging the ignorance of the benign user. But then, malware generates a substantial amount of noise in form of suspicious network traffic or unusual system calls which usually do not go undetected by intrusion detection systems. Therefore, an attack vector that generates as little noise as possible or none at all is especially attractive to ATP threat actors as this perfectly suits the objective thereof. Malware-free intrusions present such attack vectors and indeed are difficult to detect because they mimic the behavior of normal applications and add no extra code for signature detection or anomaly behavior. This paper explores malware-free intrusions via backdoors created by leveraging the available at pre-authentication system tools availed to the common user. We explore two attack vectors used to implant the backdoor and demonstrate how such is accessible over the network via remote access while providing the highest level of system access. We further look at prevention, detection and mitigation measures which can be implemented in the case of compromise.

[...] Read more.
Performance Analysis of Rectangular and circular Shape Building Deployment for an Indoor Visible Light Communication System

By Ram Sharma A. Charan Kumari

DOI: https://doi.org/10.5815/ijcnis.2017.07.02, Pub. Date: 8 Jul. 2017

The LED (Light emitting diode) based lighting systems are gaining popularity for its dual use i.e. for energy efficient lighting systems as well as for indoor optical wireless communication systems. Although, Visible light spectrum has the capability to provide very large system bandwidth (in THz), yet these systems have the limitation on account of limited modulation bandwidth. Besides, Visible light communication (VLC) systems also suffer due to multi-path propagation resulting in further depletion of system bandwidth due to pulse broadening. Therefore, one of the deployment objective of a visible light communication (VLC) system is to reduce the root mean square (RMS) delay parameter besides minimizing the number of LEDs. Hence, performance analysis of two geometrical shape structures mainly rectangular and circular models are explored for ubiquitous indoor coverage using hyper- heuristics evolutionary algorithm(HypEA) under spatial receiver mobility. Therefore, it is possible to achieve lower RMS delay spread and hence multi- fold increase in the overall system bandwidth without the use of complex system techniques like OFDM- MIMO etc.

[...] Read more.
Trust Establishment in SDN: Controller and Applications

By Bassey Isong Tebogo Kgogo Francis Lugayizi

DOI: https://doi.org/10.5815/ijcnis.2017.07.03, Pub. Date: 8 Jul. 2017

Software Defined Networks (SDNs) is a network technology developed to deal with several limitations faced by the current traditional networks. However, SDN itself is confronted with security challenges which emanates specifically from its platform, given the explosive growth in network attacks and threats. Though many solutions have been developed and proposed, the continual lack of trust between the SDN controller and the applications running atop the control plane poses a great security challenge. SDN controller can easily be attacked by malicious/compromised applications which can result in network failure as the controller represents a single point of failure. Though trust mechanisms to certify network devices exist, mechanisms to certify management applications are still not well developed. Therefore, this paper proposes a novel direct trust establishment framework between an OpenFlow-based SDN controller and applications. The objective is to ensure that SDN controller is protected and diverse applications that consumes network resources are always trusted throughout their lifetime. Additionally, the paper introduce the concept of trust access matrix and application identity to ensure efficient control of network resources. We believe that, if the proposed trust model is adopted in the OpenFlow architecture, it could go a long way to improve the security of the SDN.

[...] Read more.
Detection of Wormhole, Blackhole and DDOS Attack in MANET using Trust Estimation under Fuzzy Logic Methodology

By Ashish Kumar Khare J. L. Rana R. C. Jain

DOI: https://doi.org/10.5815/ijcnis.2017.07.04, Pub. Date: 8 Jul. 2017

Mobile ad-hoc communication is a spontaneous network because the topology is not stationary but self-organized. This requires that during the time MANET it operational, all the processes regarding discovering the topology, delivery of data packets and internal management communications must be taken care by the node(s) themselves. This implies the criteria for selection of Cluster Head (CH) and the routing related protocols are to be integrated into mobile node(s).The very facts that MANET is challenging and innovative areas of wireless networks, makes it more vulnerable in term of routing and flooding attacks. In this paper, a node trust calculation methodology is proposed which calculate the trust value of each node and applies fuzzy logic to detect wormhole, Black-hole (Routing attack) and distributed denial of service attack (DDOS/Flooding) in dynamic environment.

[...] Read more.
Comparative Performance Analysis between nRF24L01+ and XBEE ZB Module Based Wireless Ad-hoc Networks

By Himadri Nath Saha Shashwata Mandal Shinjan Mitra Soham Banerjee Urmi Saha

DOI: https://doi.org/10.5815/ijcnis.2017.07.05, Pub. Date: 8 Jul. 2017

Among the common wireless communication modules like Bluetooth and Wi-Fi, XBee modules are embedded solutions providing wireless communication standard with self-healing mesh networks, which has longer range than Bluetooth and lower power consumption than Wi-Fi. An alternative to the XBee radio modules is nRF24L01+ radio modules which are cheap and powerful, highly integrated, ultra-low power (ULP) 2Mbps RF transceiver ICs for the 2.4GHz ISM (Industrial, Scientific, and Medical) band. In this paper, performances of nRF24L01+ modules have been analyzed and compared with that of XBee ZB modules in wireless ad-hoc networks. The performance metrics for the analytical study are - 1) Throughput measurement, 2) Mesh routing recovery time and 3) Power consumption. This work has revolved around an open source library released by the developer, tmrh20 which builds a complete TCP/IP suite on top of the nRF24L01+ modules.

[...] Read more.
K-MLP Based Classifier for Discernment of Gratuitous Mails using N-Gram Filtration

By Harjot Kaur Er. Prince Verma

DOI: https://doi.org/10.5815/ijcnis.2017.07.06, Pub. Date: 8 Jul. 2017

Electronic spam is a highly concerning phenomenon over the internet affecting various organisations like Google, Yahoo etc. Email spam causes several serious problems like high utilisation of memory space, financial loss, degradation of computation speed and power, and several threats to authenticated account holders. Email spam allows the spammers to deceit as a legitimate account holder of the organisations to fraud money and other useful information from the victims. It is necessary to control the spreading of spam and to develop an effective and efficient mechanism for defence. In this research, we proposed an efficient method for characterising spam emails using both supervised and unsupervised approaches by boosting the algorithm’s performance. This study refined a supervised approach, MLP using a fast and efficient unsupervised approach, K-Means for the detection of spam emails by selecting best features using N-Gram technique. The proposed system shows high accuracy with a low error rate in contrast to the existing technique. The system also shows a reduction in vague information when MLP was combined with K-Means algorithm for selecting initial clusters. N-Gram produces 100 best features from the group of data. Finally, the results are demonstrated and the output of the proposed technique is examined in contrast to the existing technique.

[...] Read more.
Reciprocity based Energy Efficient Cooperative Routing Protocol for WSNs

By Prasanna Shete R. N. Awale

DOI: https://doi.org/10.5815/ijcnis.2017.07.07, Pub. Date: 8 Jul. 2017

Prolonging network lifetime by salvaging the energy of low battery capacity nodes is a prime concern in Wireless Sensor Networks. Energy efficient routing protocols try to improve the node lifetime by restricting their participation in the routing process. This leads to selfish node behavior causing disruption of inherent network cooperation. This paper proposes an elegant routing mechanism based on direct reciprocity principle, named energy efficient cooperative ad hoc on-demand distance vector (EECoAODV). Proposed protocol correctly differentiates between inherently selfish nodes that use the energy of other nodes to relay their packets, but refuse to reciprocate; and the energy critical nodes that have turned non-cooperative for their own survival. Selfish nodes are punished and eliminated from the routing process thus prolonging the battery capacity of energy critical nodes to improve the overall network performance. EECoAODV is implemented in Qualnet simulator and its performance is compared with conventional AODV and reinforcement based state-action-reward-action (SARSA) routing mechanism. Results show that EECoAODV improves the lifetime of energy critical nodes and thus delivers improved packet delivery ratio than SARSA-AODV and conventional AODV.

[...] Read more.