Showing papers in "International Journal of Information Security and Privacy in 2020"
TL;DR: A clustering-based outlier detection (CBOD) approach is proposed for classifying normal and intrusive patterns and appears to be promising in terms of DR, FAR and ACC.
Abstract: Intrusion detection systems (IDS) play a vital role in protecting information systems from intruders. Anomaly-based IDS has established its effectiveness in identifying new and unseen attacks. It learns the normal usage pattern of a network and any event that significantly deviates from the normal behavior is signaled as an intrusion. The crucial challenge in anomaly-based IDS is to reduce false alarm rate. In this article, a clustering-based outlier detection (CBOD) approach is proposed for classifying normal and intrusive patterns. The proposed scheme operates in three modules: an improved hybrid feature selection phase that extracts the most relevant features, a training phase that learns the normal pattern in the training data by forming clusters, and a testing phase that identifies outliers in the testing data. The proposed method is applied for NSL-KDD benchmark dataset and the experimental results yielded a 97.84% detection rate (DR), a 1.88% false alarm rate (FAR), and a 97.96% classification accuracy (ACC). This proposal appears to be promising in terms of DR, FAR and ACC.
36 citations
TL;DR: This study provides a live traffic analysis method with a neural network for live DDoS detection in SDN environments based on a Neural Network based Traffic Flow Classifier (TFC-NN).
Abstract: Software defined networking (SDN) is a networking paradigm that allows for the easy programmability of network devices by decoupling the data plane and the control plane. On the other hand, Distributed Denial of Service (DDoS) attacks remains one of the major concerns for organizational network infrastructures and Cloud providers. In this article, the authors propose a Neural Network based Traffic Flow Classifier (TFC-NN) for live DDoS detection in SDN environments. This study provides a live traffic analysis method with a neural network. The training of the TFC-NN model is performed by a labelled dataset constructed from SDN normal traffic and an-under DDoS traffic. The study also provides a live mitigation process combined with the live TFC-NN-based DDoS detection. The approach is deployed and evaluated on an SDN architecture based on different performance metrics with different under-DDoS attack scenarios.
11 citations
TL;DR: The result shows that perceived usefulness, perceived ease of use, compatibility and cost affect the behavioral intention of the consumers to use IoT enabled devices in India.
Abstract: The purpose of this study is to identify the factors that impact on the behavioral intention of the Indian consumers to use devices embedded with the internet of things (IoT). While identifying the factors, due attention has been given on the security and privacy issues. With the inputs from the studies of available literature and with the help of technology adoption model (TAM) and of innovation diffusion theory (IDT), some hypotheses have been formulated and a conceptual model has been developed. The hypotheses have been tested and the conceptual model has been validated statistically with the help of survey works using 232 usable respondents. The result shows that perceived usefulness, perceived ease of use, compatibility and cost affect the behavioral intention of the consumers to use IoT enabled devices in India.
9 citations
TL;DR: A model by which the features are selected on the basis of mutual information gain among correlated features, which leads to a reduced feature set which provides quick learning and thus produces a better IDS that would secure the data in the cloud.
Abstract: Cloud computing, also known as on-demand computing, provides different kinds of services for the users. As the name suggests, its increasing demand makes it prone to various intruders affecting the privacy and integrity of the data stored in the cloud. To cope with this situation, intrusion detection systems (IDS) are implemented in the cloud. An effective IDS constitutes of less time-consuming algorithm with less space complexity and higher accuracy. To do so, the number of features are reduced while maintaining minimal loss of information. In this paper, the authors have proposed a model by which the features are selected on the basis of mutual information gain among correlated features. To achieve this, they first group the features according to the correlativity. Then from each group, the features with the highest mutual information gain in their respective groups are selected. This led them to a reduced feature set which provides quick learning and thus produces a better IDS that would secure the data in the cloud.
9 citations
TL;DR: This article explores how user perceptions of privacy affect user sentiment by analyzing over five million user-submitted text reviews and star ratings collected over a four-year period.
Abstract: Mobile devices and third-party applications are used by over 4.5 billion people worldwide. Third-party applications often request or even require authorized access to personal information through mobile device components. Application developers explain the need for access in their privacy policies, yet many users are concerned about the privacy implications of allowing access to their personal information. This article explores how user perceptions of privacy affect user sentiment by analyzing over five million user-submitted text reviews and star ratings collected over a four-year period. The authors use supervised machine learning to classify privacy and non-privacy-related reviews. The authors then use natural language processing sentiment analysis to compare differences between the groups. Additionally, the article explores various aspects of both privacy and non-privacy-related reviews using self-reported measurements such as star rating and helpfulness tags.
7 citations
TL;DR: The proposed methodology presented a secure privacy preserving data sharing with encryption technique called dynamic unidirectional proxy re-encryption (PRE) with cipher text policy attribute-based encryption that ensures the privacy, integrity, and security of the data while retrieving through the cloud.
Abstract: Cloud computing is an emergent computing paradigm; however, data security is a significant issue in recent time while outsourcing the data to the cloud preventing users to upload their data on cloud. The data forwarded to cloud can be protected using some cryptographic techniques based on identity, attributes, and prediction. But these algorithms lack their performance when a revoked user collude with cloud; therefore, it becomes essential to develop a secure data sharing framework with some enhanced cryptographic techniques. The proposed methodology presented a secure privacy preserving data sharing with encryption technique called dynamic unidirectional proxy re-encryption (PRE) with cipher text policy attribute-based encryption. The technique ensures the privacy, integrity, and security of the data while retrieving through the cloud. The framework is implemented in the cloud sim with java language. Experimental results proved that proposed frame work attains reasonable results compared to traditional methods.
7 citations
TL;DR: The research simulates and analyzes the effectiveness of the proposed data aggregation and data access mechanism for a typical IoT system and shows that IoTp scheme is efficient and lightweight mechanism for data collection and dataAccess, suitable for the resource constrained IoT ecosystems.
Abstract: Many emerging fields are adopting Internet of Things technologies to incorporate smartness in respective areas. Several IoT based application area produces large volumes of real time data. Data aggregated through sensor nodes may contain highly sensitive information. An effective and successful IoT system must protect sensitive data from revealing to unauthorized persons. In this article, the authors present an efficient privacy-preserving mechanism called Internet of Things privacy (IoTp). The research simulates and analyzes the effectiveness of the proposed data aggregation and data access mechanism for a typical IoT system. Proposed IoTp scheme ensures privacy at data collection, data store and data access phases of the IoT system. The authors have compared proposed work with existing model. Results show that IoTp scheme is efficient and lightweight mechanism for data collection and data access. It is suitable for the resource constrained IoT ecosystems.
7 citations
TL;DR: Simulation results show that considering closest anchors for estimation of the location reduces localization error significantly as compared to considering all the anchors.
Abstract: Localization problem has gained a significant attention in the field of wireless sensor networks in order to support location-based services or information such as supporting geographic routing protocols, tracking events, targets, and providing security protection techniques. A number of variants of DV-Hop-based localization algorithms have been proposed and their performance is measured in terms of localization error. In all these algorithms, while determining the location of a non-anchor node, all the anchor nodes are taken into consideration. However, if only the anchors close to the node are considered, it will be possible to reduce the localization error significantly. This paper explores the effect of the close anchors in the performance of the DV-Hop-based localization algorithms and an improvement is proposed by considering only the closest anchors. The simulation results show that considering closest anchors for estimation of the location reduces localization error significantly as compared to considering all the anchors.
6 citations
TL;DR: A novel two-stage automobile insurance fraud detection system is proposed that initially extracts a test set from the original imbalanced insurance dataset and applies a genetic algorithm based optimized fuzzy c-means clustering on the remaining data set for undersampling the majority samples by eliminating the outliers among them.
Abstract: A novel two-stage automobile insurance fraud detection system is proposed that initially extracts a test set from the original imbalanced insurance dataset. A genetic algorithm based optimized fuzzy c-means clustering is then applied on the remaining data set for undersampling the majority samples by eliminating the outliers among them. Thereafter, the detection of the fraudulent claims occurs in two stages. In the first stage, each insurance record is passed to the clustering module that identifies the claim as genuine, malicious, or suspicious. The genuine and malicious samples are removed and only the suspicious instances are further scrutinized in the second stage by four trained supervised classifiers − Decision Tree, Support Vector Machine, Group Method for Data Handling and Multi-Layer Perceptron individually for final decision making. Extensive experiments and comparative analysis with another recent approach using a real-world automobile insurance dataset justifies the effectiveness of the proposed system.
5 citations
TL;DR: This work contributes to identifying the minimum feature set for malware detection employing a rough set dependent feature significance combined with Ant Colony Optimization (ACO) as the heuristic-search technique.
Abstract: Malware is a malicious program that can cause a security breach of a system. Malware detection and classification is one of the burning topics of research in information security. Executable files are the major source of input for static malware detection. Machine learning techniques are very efficient in behavioral-based malware detection and need a dataset of malware with different features. In windows, malware can be detected by analyzing the portable executable (PE) files. This work contributes to identifying the minimum feature set for malware detection employing a rough set dependent feature significance combined with Ant Colony Optimization (ACO) as the heuristic-search technique. A malware dataset named claMP with both integrated features and raw features was considered as the benchmark dataset for this work. The analytical results prove that 97.15% and 92.8% data size optimization has been achieved with a minimum loss of accuracy for claMP integrated and raw datasets, respectively.
5 citations
TL;DR: An effective anonymization approach, multi-level clustering-based anonymization to anonymize physical activity data is presented, which improves time complexity by reducing the clustering time drastically and preserves the utility as much as the conventional approaches.
Abstract: Publishing physical activity data can facilitate reproducible health-care research in several areas such as population health management, behavioral health research, and management of chronic health problems. However, publishing such data also brings high privacy risks related to re-identification which makes anonymization necessary. One of the challenges in anonymizing physical activity data collected periodically is its sequential nature. The existing anonymization techniques work sufficiently for cross-sectional data but have high computational costs when applied directly to sequential data. This article presents an effective anonymization approach, multi-level clustering-based anonymization to anonymize physical activity data. Compared with the conventional methods, the proposed approach improves time complexity by reducing the clustering time drastically. While doing so, it preserves the utility as much as the conventional approaches.
TL;DR: This article highlights security issues in current wireless networks such as mobile ad-hoc network and IoT-supported networks and it also proposes a security-based S-RAID protocol design for security control in cluster based wireless networks.
Abstract: With rapid growth of internet users and frequently emerging communication technology, the issues of using web as a worldwide platform and the requirement to design the smart applications to coordinate, discuss, register, and outline gradually emerges. Information transmission through a wireless network involves the radio signals, the arrangement of information packets, and the network topology. As each segment is correlated to each other, it is very essential to employ security mechanism in these components and real security control must be connected on them. Thus, security plays a critical factor in wireless network. This article highlights security issues in current wireless networks such as mobile ad-hoc network and IoT-supported networks and it also proposes a security-based S-RAID protocol design for security control in cluster based wireless networks. Simulation results show proficiency and better transmission rate of the proposal when it was compared with other similar approaches.
TL;DR: This article worked to detect the anomalous patterns using an exponential function and then proceeds to find the category of cyberbullying to which user belongs using subtractive clustering and fuzzy c-means clustering.
Abstract: Cyberbullying is the online fight between individuals or groups, and it can be viewed like harassment, rumor, denigration, exclusion, etc. Social networks are the main source of cyberbullying as various types of users interact with each other through text, audio, video, and images. One set of users uses the social media for the benefit of the whole society and the other set of users uses the social media for destructive purpose in the form of spreading rumors, harassment or to threaten others, etc., which is also called anomalous behavior. This article worked to detect the anomalous patterns using an exponential function and then proceeds to find the category of cyberbullying to which user belongs using subtractive clustering and fuzzy c-means clustering. The identification of category helps to find the extent to which these messages are harmful and based on which the culprit is apprehended or entrapped. State-of-the-art studies are focused on the detection of cyberbullying but this article captured different categories of cyberbullying.
TL;DR: PFCM detects the-noise-based-fuzzy-means-gravitational-based conquers-through-the-passionate-ness-of-constraintsﻴ’s-coincidentﻷ coincident-clusterﻵesproblemソ ofﻅpossibilisticﻢ fuzzyc-mean-me
Abstract: Security incidents such as denial of service (DoS), scanning, malware code injection, viruses, worms, and password cracking are becoming common in a cloud environment that affects companies and may produce a financial loss if not detected in time. Such problems are handled by presenting an intrusion detection system (IDS) into the cloud. The existing cloud IDSs affect low detection accuracy, high false detection rate, and execution time. To overcome this problem, in this article, a gravitational search algorithm-based fuzzy inference system (GSA-FIS) is developed as intrusion detection. In this approach, fuzzy parameters are optimized using GSA. The proposed consist of two modules namely; possibilistic fuzzy c-means (PFCM) based clustering, training based on the GSA-FIS, and testing process. Initially, the incoming data is pre-processed and clustered with the help of PFCM. PFCM detects the noise of fuzzy c-means clustering (FCM), then conquers the coincident cluster problem of possibilistic fuzzy c-means (PCM) and eradicate the row sum constraints of fuzzy possibilistic c-means clustering (FPCM). After the clustering process, the clustered data is given to the optimized fuzzy inference system (OFIS). Here, normal and abnormal data are identified by the fuzzy score, while the training is done by the GSA through optimizing the entire fuzzy system. In this approach, four types of abnormal data are detected namely- probe, remote to local (R2L), user to root (U2R), and DoS. Simulation results show that the performance of the proposed GSA-FIS based IDS outperforms that of the different schemes in terms of precision, recall and F-measure. KEywORDS Cloud Computing, DOS, Fuzzy Inference System, Gravitational Search Algorithm, Intrusion Detection System, Possibilistic Fuzzy C-Means, Probe, R2L
TL;DR: A correct-by-construction specification of RBAC using the Event-B formal method is proposed, which defines closely the model properties with the behavior aspect ofRBAC as guards of events, which allows applying a priori verifications and avoids the combinatorial explosion problem.
Abstract: Controlling access to data is one of the primary purposes of security, especially when it comes to dealing with safety critical systems. In such systems, it is of paramount importance to rigorously define access control models. In this article, a correct-by-construction specification of RBAC using the Event-B formal method is proposed. The specification defines closely the model properties with the behavior aspect of RBAC as guards of events, which allows applying a priori verifications. Accordingly, the resulted specification is correct-by-construction and avoids the combinatorial explosion problem. As well, a number of refinement operations are performed leading to a specification with several abstraction levels, where each level implements selected RBAC entities. The approach is illustrated by an instantiation of a healthcare system.
TL;DR: Results showed that CIF out performs the existing approaches to DDoS attacks and false positives are false and positiverates are positive, according to KEywoRDS.
Abstract: Distributed denial of service (DDoS) attacks have become a serious danger against the availability of services in cloud computing environment. Current defending mechanisms cannot detect DDoS attacks with high accuracy. This is mainly due to the fact that the unrealistic value of the studied variables was used. In view of this problem, the authors propose a novel approach called confidence intervalbased filtering (CIF) to detect DDoS attacks. The proposed approach is implemented using VMware and JAVA applications. The simulation results showed that CIF outperforms the existing approaches in terms of detection rate and false negative and positive rates with an acceptable computation time. KEywoRDS CI, CIF, Cloud Computing, DDoS Attack, Security, Studied Variable, Unrealistic Value, VMware
TL;DR: This paper will be comparing a few methods that have been proposed and published in various papers along with a newly proposed method to reduce the impact of denial of service attack and checking the viability of these methods over various layers of the network.
Abstract: Denial of service attack is one of the most devastating and ruinous attacks on the internet. The attack can be performed by flooding the victim's machine with any kind of packets. Throughout all these years many methods have been proposed to reduce the impact, but with machines of higher capabilities coming in, the attack has also become more potent, and these proposals are either less effective or less efficient. A DoS attack exhausts the victim's resources affecting the availability of the resource. This paper will be comparing a few methods that have been proposed and published in various papers along with a newly proposed method. The comparison of the methods is done on a number of parameters including resource utilization, reaction time, worst case scenarios, etc. This paper also checks the viability of these methods over various layers of the network. Concluding with the best aspects of all the papers and the best among these for the current real conditions.
TL;DR: The authors compare these tools using the CSIC dataset in order to examine the state-of-practice in database protection from SQL Injection attacks, identifying the main characteristics and implementation details needed for IDSs to successfully detect such attacks.
Abstract: Databases are widely used by organizations to store business-critical information, which makes them one of the most attractive targets for security attacks. SQL Injection is the most common attack to webpages with dynamic content. To mitigate it, organizations use Intrusion Detection Systems (IDS) as part of the security infrastructure, to detect this type of attack. However, the authors observe a gap between the comprehensive state-of-the-art in detecting SQL Injection attacks and the state-of-practice regarding existing tools capable of detecting such attacks. The majority of IDS implementations provide little or no protection against SQL Injection attacks, with exceptions like the tools Bro and ModSecurity. In this article, the authors compare these tools using the CSIC dataset in order to examine the state-of-practice in database protection from SQL Injection attacks, identifying the main characteristics and implementation details needed for IDSs to successfully detect such attacks. The experiments indicate that signature-based IDS provide the greatest coverage against SQL Injection.
TL;DR: Widespread use of Android Malware, Data Flow Analysis, Data Leakage, Gradient Boosting Tree, Malware Families, Smartphones, Source-Sink Pair, Static Analysis has resulted in significant growth in the number of incidents of security attack.
Abstract: Widespread use of Android-based applications on the smartphones has resulted in significant growth of security attack incidents. Malware-based attacks are the most common attacks on Android-based smartphones. To forestall malware from attacking the users, a much better understanding of Android malware and its behaviour is required. In this article, an approach to classify and characterise the malicious behaviour of Android applications using static features, data flow analysis, and machine learning techniques has been proposed. Static features like hardware components, permissions, Android components and inter-component communication along with unique source-sink pairs obtained from data flow analysis have been used to extract the features of the Android applications. Based on the features extracted, the malicious behaviour of the applications has been classified to their respective malware family. The proposed approach has given 95.19% accuracy rate and F1 measure of 92.19302 with the largest number of malware families classified as compared to previous work. KeywoRD Android Malware, Data Flow Analysis, Data Leakage, Gradient Boosting Tree, Malware Families, Smartphones, Source-Sink Pair, Static Analysis
TL;DR: A new steganographic scheme using a reference image along with the cover image has been proposed that enhances the robustness and security by increasing the obscurity of the hidden message and employs an additional dictionary-based encoding module to increase the hiding capacity as well as security.
Abstract: In the modern digital era, the privacy of personal communication is a serious concern to all netizens. A better way to preserve privacy could be to hide the secret message inside some innocent looking digital object such as image, audio, video, etc., which is known as steganography. A new steganographic scheme using a reference image along with the cover image has been proposed in this article. It enhances the robustness and security by increasing the obscurity of the hidden message. It also employs an additional dictionary-based encoding module to increase the hiding capacity as well as security. Experiments show that bit changes in the reference image are very few and undetectable to human perception, it also evades common statistical tests. Evaluation of standard quality parameters such as MSE, PSNR, UIQI, SSIM along with chi-squared statistics based embedding probability testing has been performed. When dictionary-based encoding is applied it further improves the quality parameters.
TL;DR: Internet of Things, Key Alternating Cipher, Lightweight Cryptography, Resource Constrained Devices, Security, Software Efficiency, Tweakable Block Cipher
Abstract: Internet of things (IoT) is a global network of uniquely addressable interconnected things, based on standard communication protocols. As the number of devices connected to the IoT escalates, they are becoming a likely target for hackers. Also, the limited resources of IoT devices makes the security on top of the actual functionality of the device. Therefore, the cryptographic algorithm for such devices has to be devised as small as possible. To tackle the resource constrained nature of IoT devices, this article presents a lightweight cryptography algorithm based on a single permutation and iterated Even-Mansour construction. The proposed algorithm is implemented in low cost microcontrollers, thus making it suitable for a wide range of IoT nodes.
TL;DR: The authors are focusing mainly on preventive measures of different types of DDoS attacks using multiple IPtables rules and Windows firewall advance security settings configuration, which would be feasibly free on any PC.
Abstract: In the new era of computers, everyone relies on the internet for basic day-to-day activities to sophisticated and secret tasks. The cyber threats are increasing, not only theft and manipulation of someone's information, but also forcing the victim to deny other requests. A DDoS (Distributed Denial of Service) attack, which is one of the serious issues in today's cyber world needs to be detected and their advance towards the server should be blocked. In the article, the authors are focusing mainly on preventive measures of different types of DDoS attacks using multiple IPtables rules and Windows firewall advance security settings configuration, which would be feasibly free on any PC. The IPtables when appropriately selected and implemented can establish a relatively secure barrier for the system and the external environment.
TL;DR: An SMS encryption mechanism using a post quantic cryptosystem quasi-cyclic MDPC and an electronic signature of the OTPs is proposed and an implementation and a security analysis of the proposal are performed.
Abstract: Many financial institutions interact with their customers via short message services (SMS), which is today one of the fastest and most powerful means of communicating information around the world. This information can sometimes be an access code such as the unique password (OTP) for two-factor authentication (2FA) or banking information and personal identities. All this data is confidential, and it is a major disadvantage to send them since an SMS service does not provide data encryption during network transmission and on mobile. Recently, OTPs via SMS have suffered from strong attacks that intercept messages. In order to avoid attacks and offer effective content security to 2FA credentials sent via SMS, the authors propose an SMS encryption mechanism using a post quantic cryptosystem quasi-cyclic MDPC and an electronic signature of the OTPs. Finally, this article performs an implementation and a security analysis of the proposal.
TL;DR: An aggregate searchable encryption with result privacy (ASE-RP) that includes ASearch() algorithm that performs aggregate operation (i.e. Count *) on the implicitly searched ciphertexts (for the conjunctive query) and outputs an encrypted result.
Abstract: With searchable encryption (SE), the user is allowed to extract partial data from stored ciphertexts from the storage server, based on a chosen query of keywords. A majority of the existing SE schemes support SQL search query, i.e. 'Select * where (list of keywords).' However, applications for encrypted data analysis often need to count data matched with a query, instead of data extraction. For such applications, the execution of SQL aggregate query, i.e. 'Count * where (list of keywords)' at server is essential. Additionally, in case of semi-honest server, privacy of aggregate result is of primary concern. In this article, the authors propose an aggregate searchable encryption with result privacy (ASE-RP) that includes ASearch() algorithm. The proposed ASearch() performs aggregate operation (i.e. Count *) on the implicitly searched ciphertexts (for the conjunctive query) and outputs an encrypted result. The server, due to encrypted form of aggregate result, would not be able to get actual count unless having a decryption key and hence ASearch() offers result privacy.
TL;DR: The authors discuss their experiment of simulating a proposed key exchange protocol by implementing it in a sample e-commerce application on a mobile device and compares its performance with other protocols proposed by other researchers for comparison.
Abstract: In this article, the authors discuss their experiment of simulating a proposed key exchange protocol by implementing it in a sample e-commerce application on a mobile device. The article compares its performance with other protocols. The authors also implemented similar industry standard key exchange protocols among other similar protocols proposed by other researchers for comparison. The authors consider different parameters such as number of operations required for key exchange, key exchange time and battery usage. The authors also consider different network bandwidth and mobile devices in their experiment.
TL;DR: Cryptographic protocols are the backbone of the backbone ofﻷ digitalﻴ society and face challenges in detecting new logical attacks and violating some security properties.
Abstract: Cryptographic protocols form the backbone of digital society. They are concurrent multiparty communication protocols that use cryptography to achieve security goals such as confidentiality, authenticity, integrity, etc., in the presence of adversaries. Unfortunately, protocol verification still represents a critical task and a major cost to engineer attack-free security protocols. Model checking and SAT-based techniques proved quite effective in this context. This article proposes an efficient automatic model checking approach that exemplifies a security property violation. In this approach, a protocol verification is abstracted as a compact planning problem, which is efficiently solved by a state-of-the-art SAT solver. The experiments performed on some real-world cryptographic protocols succeeded in detecting new logical attacks, violating some security properties. Those attacks encompass both “type flaw” and “replay” attacks, which are difficult to tackle with the existing planning-based approaches. KeywoRdS Cryptography, Formal Verification, Logical Attacks, Model Checking, PDDL, Planning, SAT Solvers, Security Protocols