International Journal of Wireless and Microwave Technologies (IJWMT)

IJWMT Vol. 14, No. 6, Dec. 2024

Cover page and Table of Contents: PDF (size: 596KB)

Table Of Contents

REGULAR PAPERS

Dynamic Interactive Honeypot for Web Application Security

By Yinebeb T. Abewa Solomon Z. Melese

DOI: https://doi.org/10.5815/ijwmt.2024.06.01, Pub. Date: 8 Dec. 2024

Web application honeypots are security tools used to act as a decoy server. Over the past decades, various researches have been done on the topic. Security breaches can cause simple individual user account impersonation to bank database breaches and illegal transactions. Cybersecurity faces the daily challenge of adapting to attackers' evolving methods, including zero-day attacks. This makes intrusion detection and prevention tools unable to detect these attacks. The existing trend within the honeypot technology relies on a predefined and static level of interaction either low, medium, or high. This approach fails to account for the unpredictable nature of attack vectors and makes web application honeypots ineffective against sophisticated attacks. Application logging and request fingerprinting also have no proven methods to employ within a honeypot. A dynamic level of interaction makes the web application honeypot technology better by presenting scalable and manageable control over the attackers. We develop a modular and dynamically interactive web application honeypot capable of detecting broken access control, standard query language injection, cross-site scripting, and path traversal attack targets for web apps. We also incorporate a robust logging and fingerprinting module capable of tracing attacker requests. The proposed web application honeypot achieves an average response time of 523 milliseconds, a throughput of 105 requests per second, and an average engagement of 769.38 seconds. Improving the web application Honeypot helps organizations keep themselves ahead of attackers by empowering the significance of Honeypot. Developing a web application honeypot with a newly designed approach helps other scholars and researchers extend their work.

[...] Read more.
Blockchain-enabled Data Integrity in Wireless Sensor Networks

By Yahye Adam Omar

DOI: https://doi.org/10.5815/ijwmt.2024.06.02, Pub. Date: 8 Dec. 2024

Wireless sensor networks (WSNs) are widely used across various fields, facilitating the gathering of critical data for monitoring physical and environmental conditions. However, traditional WSNs encounter cybersecurity challenges, including weak node authentication, limited fault tolerance, insufficient detection of malicious nodes, and insecure data integrity management. Given these vulnerabilities, it is essential to develop effective solutions to address WSN cybersecurity issues. A key concern that requires special focus is ensuring robust data integrity management to resolve trust-related problems in WSNs. Most current existing solutions rely on centralized systems, which are vulnerable to tampering and offer no proper data integrity management or traceability for the data gathered from sensors.
In this paper, we present an architecture based on blockchain technology to ensure secure data transmission and effective data integrity management for data collected from WSN devices. By employing the decentralized and immutable nature of blockchain, the integration of WSN and blockchain technology provides a robust infrastructure that features tamper-resistant for better decision-making process. The results show that the proposed architecture offers secure data storage and provides strong performance, capable of scaling to accommodate large WSNs through the use of blockchain. This study also identifies the most common challenges in integrating blockchain with WSNs and provides appropriate solutions to fully harness the benefits of blockchain applications in these networks.

[...] Read more.
Secure Communication in Wireless Body Area Networks with ECC-Based Key Management and Renewal Protocols

By Yusuf Taofeek Waziri Onomza Victor Olalere Morufu Noel Moses Dogonyaro

DOI: https://doi.org/10.5815/ijwmt.2024.06.03, Pub. Date: 8 Dec. 2024

Wireless body area networks (WBANs) are employed to monitor and collect physiological data using wearable and implantable sensor nodes for remote medical applications. Due to the sensitive nature of the data transmitted over open wireless channels, robust security measures are critical. WBANs are particularly susceptible to threats such as eavesdropping, man-in-the-middle attacks, node capture, and replay attacks. Moreover, the constrained nature of sensor nodes and duplicate occurrence of keys makes it challenging for cryptographic key management protocols to function efficiently without increasing the computational and storage overhead of the security protocol. This work proposes a secure and efficient key management protocol designed for key establishment, revocation, and renewal of compromised keys in WBANs. The protocol leverages elliptic curve cryptography (ECC) and integrates a keychain hash function mechanism to eliminate the reuse of keys and execute key computations efficiently. Furthermore, it utilizes an authentication method based on authentication tables, which reduces the number of messages exchanged and minimizes computational overhead. To guarantee the protocol's robustness, a formal validation using BAN logic was conducted, validating that the protocol meets key security requirements, which include, confidentiality, integrity, and authentication. An informal security analysis further demonstrates the protocol's resilience against impersonation, eavesdropping, man-in-the-middle, replay, and injection attacks. A performance evaluation of the protocol’s computational and storage costs was also carried out. The results show that while our protocol incurs lower computational costs compared to some related works, it exhibits slightly higher costs compared to others. In terms of storage overhead, our protocol outperforms most existing solutions. Future work will focus on optimizing the protocol and exploring further efficiency improvements in its implementation within a WBAN testbed.

[...] Read more.
Enhanced Phishing URLs Detection using Feature Selection and Machine Learning Approaches

By Dharmaraj R. Patil Rajnikant B. Wagh Vipul D. Punjabi Shailendra M. Pardeshi

DOI: https://doi.org/10.5815/ijwmt.2024.06.04, Pub. Date: 8 Dec. 2024

Phishing threats continue to compromise online security by using deceptive URLs to lure users and extract sensitive information. This paper presents a method for detecting phishing URLs that employs optimal feature selection techniques to improve detection system accuracy and efficiency. The proposed approach aims to enhance performance by identifying the most relevant features from a comprehensive set and applying various machine learning algorithms, including Decision Trees, XGBoost, Random Forest, Extra Trees, Logistic Regression, AdaBoost, and K-Nearest Neighbors. Key features are selected from an extensive feature set using techniques such as information gain, information gain ratio, and chi-square (χ2). Evaluation results indicate promising outcomes, with the potential to surpass existing methods. The Extra Trees classifier, combined with the chi-square feature selection method, achieved an accuracy, precision, recall, and F-measure of 98.23% using a subset of 28 features out of a total of 48. Integrating optimal feature selection not only reduces computational demands but also enhances the effectiveness of phishing URL detection systems.

[...] Read more.
IoMT Survey: Device, Architecture, Communication Protocols, Application and Security

By Dina Riyadh Ibrahim Mohammed Younis Thanoun

DOI: https://doi.org/10.5815/ijwmt.2024.06.05, Pub. Date: 8 Dec. 2024

The technology-based lifestyle has led to a rise in people suffering from obesity, which in turn has led to the emergence of many chronic diseases such as elevated blood sugar and blood pressure, this give researchers a good reasons to develop Internet of Things networks, as the entry of technical innovations has led to Artificial intelligence in the medical field has revolutionized the provision of medical services and facilitated the lives of patients, from monitoring blood sugar levels to using remote surgery techniques, as it has saved a lot of effort and money for both the doctor and the patient at the same time, but these advantages open a wide scope for many problems as well. This survey studied the medical Internet of Things network in terms of presenting the definition, structure, types of devices used, their applications, and some of the communication protocols used in it. The attacks that the medical Internet of Things network may be exposed to were also classified based on the concerns they cause, and the solutions proposed by the researchers were presented. On the other hand, the previous works of the researchers were classified according to the types of devices used, communication protocols, and network security. In each of the mentioned parts, what the researchers have done and their contributions in this field were discussed, analyzed, and a review of the proposed future works in the used literature was presented.

[...] Read more.