Hana'a M. Salman

Bio: Hana'a M. Salman is an academic researcher from University of Technology, Iraq. The author has contributed to research in topics: Authentication & Eigenface. The author has an hindex of 2, co-authored 11 publications receiving 14 citations.

A Natural Language Steganography Technique for Text Hiding Using LSB's

Abstract: Steganography is the art of hiding, and transmitting information using apparently innocent carrier without expose any suspicion. This paper present a natural language steganography technique, which is different from all the natural language steganography technique, that uses structure of the sentence constituents in natural language text in order to insert a secret hidden information, or all others techniques, which hide information by modifying the appearance of text elements, such as lines, words, or characters. The proposal technique use the secret hidden text information to generated the stego-cover carrier text by using algorithms depend on natural language processing, particularly text generation field. A survey for natural language terminology, techniques, and tools for text processing, a natural language steganography technique and its difficulties to implement methods like LSB's is presented. The results shows that, the proposal technique is, a successful one in implementing methods like, LSB's for natural language bit steganography .

A survey of cloud based secured web application

Abstract: Cloud computing is a schema for allowingappropriate onrequest network access to a shared pool of configurable computing resources, that can be rapidlydelivered and released by minimal management effort or service provider.In cloud computing, you need a Web browser to access to everything needed to run your business from the required applications, services, and infrastructure. Many web developers are not security-aware. As a result, there exist many web sites on the Internet that are vulnerable. More and more Web-based enterprise applications deal with sensitive financial and medical data, which, if compromised, in addition to downtime can mean millions of dollars in damages. It is crucial to protect these applications from malicious attacks. In this paper we present a comprehensive survey of cloud based secure web application in the literature .The goal of this paper is to present a comparison of various previous methods proposed in the literature and a comparison between Python to other used programming languages.

A Content-Based Authentication Using Digital Speech Data

Abstract: A watermarking technique for speech content and speaker authentication scheme, which is based on using abstracts of speech features relevant to semantic meaning and combined with an ID for the speaker is proposed in this paper. The ID which, represents the watermark for the speaker, is embedded using spread spectrum technique. While the extracted abstracts of speech features are used to represents the watermark for the speech, is embedded in the original speech file using secret key. The abstracts speech feature is implemented using B-spline curve interpolation. The paper provides a background knowledge for the concept of speaker watermarking and content-fragile watermarking based on digital speech data. Then, the suggested feature based authentication scheme is develop and the results from the evaluation are presented. It shows that the suggested scheme is successful for combining speech and speaker watermark authentication.

Smart Door for Handicapped People via Face Recognition and Voice Command Technique

Abstract: Smart home indicates an application for different technological implementations, it could indicate any system which controls the door lock and several other devices. Facial identification which is an important section to achieve surveillance and safety, especially for handicapped people, can be considered as one of the ways that deal with biometrics and performed to identify facial images via utilizing fundamental features of the face. A Raspberry Pi-based face recognition system using conventional face detection and recognition techniques is going to be supplied, so the method in which image-built biometrics uses a Raspberry Pi is described. The aim of the paper here can be considered as transferring face recognition to a level in which the system can replace the utilizing of RF I-Cards and a password to access any system of security and making the system alive and protect the door from being open by hackers, especially by using the picture of an authorized person, we make the raspberry pi turn off and cannot turn on only by a command from the authorized person's mobile. The result of the presented proposal is a system that uses face recognition by utilizing OpenCV, Raspberry Pi, and it functions on an application of Android, and this system percentage becomes 99.63%. It should be cost-effective, of high performance, secured, and easy to use, which can be used in any smart home application.

Principal Component Analysis Based Wavelet Transform

Abstract: The principal component analysis (PCA) is a valuable statistical means, implemented in time domain that has found application in many fields such as face recognition and image compression, and is a common technique for finding patterns in data of high dimension. This paper investigates the ability to implement PCA in frequency domain, by using the wavelet transform (WT), and evaluate its effectiveness based on face recognition as a means to find patterns in data. The basic idea of frequency domain implementation of the PCA refers to the correlation implementation using wavelet transform. The Min-max is invoked to increase wavelet based eigenface robustness to variations in facial geometry and illumination. Two face images are contrast in terms of their correlation distance. A threshold is used to restrict the impostor face image from being identified. Experimental results point up the effectiveness of a new method in either using varying (noisy images, unknown images, face expressions, illumine, and scales ).

State of the art automated black-box web application vulnerability testing

Abstract: Black-box web application vulnerability scanners are automated tools that probe web applications for security vulnerabilities In order to assess the current state of the art, we obtained access to eight leading tools and carried out a study of: (i) the class of vulnerabilities tested by these scanners, (ii) their effectiveness against target vulnerabilities, and (iii) the relevance of the target vulnerabilities to vulnerabilities found in the wild To conduct our study we used a custom web application vulnerable to known and projected vulnerabilities, and previous versions of widely used web applications containing known vulnerabilities Our results show the promise and effectiveness of automated tools, as a group, and also some limitations In particular, "stored" forms of Cross Site Scripting (XSS) and SQL Injection (SQLI) vulnerabilities are not currently found by many tools Because our goal is to assess the potential of future research, not to evaluate specific vendors, we do not report comparative data or make any recommendations about purchase of specific tools

Privacy-preserving public auditing for secure cloud storage

Abstract: IT has moved into next generation with cloud computing being realized. The way application software and databases are stored has been changed. Now they are stored in cloud data centers in which security is a concern from client point of view. The new phenomenon which is used to store and manage data without capital investment has brought many security challenges which are not thoroughly understood. This paper focuses on the security and integrity of data stored in cloud data servers. The data integrity verification is done by using a third party auditor who is authorized to check integrity of data periodically on behalf of client. The client of the data gets notifications from third party auditor when data integrity is lost. Not only verification of data integrity, the proposed system also supports data dynamics. The work that has been done in this line lacks data dynamics and true public auditability. The auditing task monitors data modifications, insertions and deletions. The proposed system is capable of supporting both public auditability and data dynamics. The review of literature has revealed the problems with existing systems and that is the motivation behind taking up this work. Merkle Hash Tree is used to improve block level authentication. In order to handle auditing tasks simultaneously, bilinear aggregate signature is used. This enables TPA to perform auditing concurrently for multiple clients. Hence here I are presenting the evaluation of multi user based TPA system. The experiments reveal that the proposed system is very efficient and also secure.

Secure Transmission of Password Using Speech Watermarking

Abstract: Internet is one of the most valuable resources for information communication and retrievals. Most multimedia signals today are in digital formats. The digital data can be duplicated and edited with great ease which has led to a need for data integrity and protection of digital data. The security requirements such as integrity or data authentication can be met by implementing security measures using digital watermarking techniques. In this paper a blind speech watermarking algorithm that embeds the watermark signal data in the musical (sequence) host signal by using frequency masking is used. A different logarithmic approach is proposed. In this regard a logarithmic function is first applied to watermark data. Then the transformed signal is embedded to the converted version of host signal which is obtained by applying Fast Fourier transform method. Finally using inverse Fast Fourier Transform and antilogarithmic function watermark signal is retrieved.