This volume contains papers presented at The 2013 International Conference on Security & Management (SAM’13). Their inclusion in this publication does not necessarily constitute endorsements by editors or by the publisher.
Additional Info
  • Publisher: Laxmi Publications
  • Language: English
  • ISBN : 978-93-84872-15-1
  • Chapter 1

    Most Successful Vulnerability Discoverers: Motivation and Methods Price 2.99  |  2.99 Rewards Points

    In this paper, we investigate the factors that motivate and enable successful vulnerability discovery and the role of vulnerability markets. This is done by studying the career, motivation and methods of the most successful vulnerability discoverers. Vulnerability discovery takes considerable expertise. Some vulnerabilities, if exploited, can cause enormous damage to an organization, a segment of the economy, or even national security. Software developers, security organizations and government agencies are continuously engaged in efforts to prevent improper disclosure of vulnerabilities that can lead to zero-day exploitations. We observe that a major percentage of vulnerabilities are discovered by individuals external to software development organizations. We identify the top vulnerability discoverers throughout the past 12 years, and examine their motivation and methods. We observe that financial reward is a major motivation, especially to discoverers in Eastern Europe. The paper studies the actual vulnerability market, rather than the hypothetical markets often studied in recent literature.

  • Chapter 2

    Using Client-Side JavaScript to Mitigate Drive-by-Downloads Price 2.99  |  2.99 Rewards Points

    The prevalence of web-based malware distribution has exploded in recent years, with malicious enterprises continuously devising new ways of exploiting vulnerabilities. Security professionals have found themselves in an arms race in an attempt to contain the spread of malware. Drive-bydownloads, as coined by Google in 2007, is a particularly insidious form of malware distribution that uses browser exploits to automatically install malware on unsuspecting enduser machines. To gain maximum exposure, developers of drive-by-download malware have continuously infiltrated unsuspecting websites that are trusted by many users, and have recruited these websites into their malware distribution network without the consent or knowledge of the website owners. Websites that have been hacked in this manner often go unnoticed for long periods of time by their owners who are oblivious to the malware that their websites are serving. Often, website developers will include third-party widgets, or other features that introduce vulnerabilities to their website that often lead to these types of attacks on their websites. There are many server-side solutions that scan and protect websites from such attacks. In this paper, we propose a JavaScript solution that could be applied directly into the website code in an effort to add security enhancements from the client-side perspective.

  • Chapter 3

    Secure NAND Flash Architecture Resilient to Strong Fault-Injection Attacks Using Algebraic Manipulation Detection Code Price 2.99  |  2.99 Rewards Points

    Multi-level cell (MLC) NAND flash memories are widely used because of their high data transfer rate, large storage density and long mechanical durability. Linear error correcting codes (ECC) such as Reed-Solomon (RS) codes and Bose-Chaudhuri-Hocquenghem (BCH) codes are often used for error correction. Although linear codes can efficiently detect and correct random errors, they are not sufficient for protecting NAND flash memories used in cryptographic devices against malicious fault injection attacks. In this paper, we will present an architecture based on the combination of RS codes and Algebraic Manipulation Detection (AMD) codes which can correct any four byte errors and detect any malicious injected errors with a high probability under the strong attack model. This proposed architecture can significantly improve the security level of the MLC NAND flash memories used in cryptographic devices at the cost of only slightly larger latency and area overhead.

  • Chapter 4

    Fingerprinting Malware using Bioinformatics Tools Building a Classifier for the Zeus Virus Price 2.99  |  2.99 Rewards Points

    This paper describes an exploratory research project which creates a classifier to distinguish artifacts containing content specific to a known computer virus, given a training set of samples of variants of that virus and using local alignments between the artifacts as its information source. A bioinformatics tool, BLAST, finds the local alignments between a digital artifact and a repository of representatives of the virus. The classification is driven by a comparison of the local alignments to determined alignment fingerprints of the virus representatives. Project methods include the creation of “synthetic DNA” representations of digital artifacts, representative selection for a set of computer viruses, alignment fingerprint creation for those representatives, and using the representatives, fingerprints and alignments in a classification scheme. The project examined Zeus Trojan viruses and had a 91% correct identification rate of verified Zeus viruses and a 3% false positive rate.

  • Chapter 5

    Combination of Fingerprint and Password system Price 2.99  |  2.99 Rewards Points

    Growing remote access by mobile device and smartphone makes security importance to increase but these days password or pattern security system is too simple to be abused by unauthorized person. Cause of fake and falsify using biometrics can’t provide perfect solution. In this thesis to solve this kind of problem we research how to improve security by consolidating finger recognization and password system.

  • Chapter 6

    A Biometric Authentication System That Automatically Generates Feature Points Price 2.99  |  2.99 Rewards Points

    Recently, personal information in the mobile devices have been threatened as the popularization of mobile devices because of the lack attention to the information. The purpose of our research is to develop the reliable and convenient authentication system for mobile devices. In this paper, the development of the biometric authentication system, which generates feature points from freehand pattern and uses the points as the anchors for drawing pattern and points for detecting pen speed, is introduced using the experimental results.

  • Chapter 7

    A Biometric Security Model with Identities Detection and Local Feature-level Fusion Price 2.99  |  2.99 Rewards Points

    The paper presents an innovative solution for biometric security systems design in order to enhance the identification applications performance and also to reduce their complexity. The proposed model is relying on a special kind of classifiers called detectors and it is suitable especially for various security requirements applications. The model also includes a local feature-level fusion for each of the integrated biometrics. The designed system is useful especially for medical database remote access control in which different users have different authorization levels, and their precise identification need more optimized solution (either from the execution time and recognition accuracy points of view).

  • Chapter 8

    Framework for Next Generation Digital Forensics Models Price 2.99  |  2.99 Rewards Points

    Digital Forensics is a fairly new discipline, which due to the heavy overlap with the computer science and information technology is now categorized within the computer science field. On the other hand, the legal side of digital forensics is mainly coming from the traditional forensics procedures and the law. Therefore, the current models are modeling the process of digital investigation to be compliant with law and traditional investigations. In this work, we attempt to examine the forensics as a scientific discipline, in addition to the traditional view, and analyze the past and future trends of its models. Furthermore, key characteristics of a framework for next generation uniform models that are adaptable to computer science discipline are identified.

  • Chapter 9

    Distributed Snort Network Intrusion Detection System with Load Balancing Approach Price 2.99  |  2.99 Rewards Points

    As we enjoy the conveniences that the Internet or computer networks have brought to us, the problems are getting larger, especially network security problems. A Network Intrusion Detection System (NIDS) is one of the critical components in a network nowadays. It can monitor and analyze activities of network users, and then uses knowledge of attack patterns to identify and prevent such attacks. It can minimize damages that will be caused by attacks. This paper uses Snort, which is one of the most commonly used NIDS in industry. The paper presents an approach of Distributed Snort NIDS, which can coordinate multiple sensors across the Local Area Network to optimize usage of computational resources. The approach implements a Balance Control System (BCS) for each subnet, which monitors CPU usage of a particular Snort NIDS and, when the Snort IDS’s CPU usage is too high, delegates analysis work to lightly loaded IDS host.

  • Chapter 10

    An Integrated Approach to Defence Against Degrading Application-Layer DDoS Attacks Price 2.99  |  2.99 Rewards Points

    Application layer Distributed Denial of Service (DDoS) attacks are recognized as one of the most damaging attacks on the Internet security today. In our recent work [1], we have shown that unsupervised machine learning can be effectively utilized in the process of distinguishing between regular (human) and automated (web/botnet crawler) visitors to a web site. We have also shown that with a slightly higher level of sophistication in the design of some web/botnet crawlers, their detection could become particularly challenging, requiring additional vigilance and investigation on the part of the site’s defense team. In this paper, we demonstrate an application of time series analysis in order to perform a further fine-tuned detection of suspicious visitors to a web site. Additionally, we propose a novel application-layer DDoS detection system that integrates the use of our combined unsupervised learning and time-domain webvisitor classifier with the use of standardized challenge-response tests. 

  • Chapter 11

    QR Code Steganography Price 2.99  |  2.99 Rewards Points

    QR codes, also known as matrix codes, are basically two dimensional barcodes embedded with data that can be decoded quickly for information. In this work, we present a novel use of QR codes. We show that QR codes can be used for covert communication using steganography. We also show in complete detail how to build QR code symbols with a hidden payload and how to extract this hidden information in two ways: with and without a shared secret key. An interesting feature of our research is that we present a technique to convert innocuous QR codes into carriers for malicious messages and malware using simple, everyday tools and software. Communicating secret messages in plain sight creates a credible threat to our national security. We hope that our work brings this issue to light and enhances counterterrorism education.

  • Chapter 12

    Dynamic Analysis of Malicious Code and Response System Price 2.99  |  2.99 Rewards Points

    Malicious code detection and removal is critical to the security of a computer system. Virus scanners rely on a database of known signatures for viruses and malware for detection. This research paper presents novel methodologies and tools to detect any malicious code present on windows based machine dynamically, and can be used as a preventive measure to protect the system from being infected. Malicious code analysis can be static and dynamic. Dynamic code analysis has a greater edge over static code analysis as the instructions are analyzed at runtime. Thus polymorphic malware can also be detected. The work presented in this paper uses a newly designed dynamic code technique in conjunction with a developed minifilter driver for malware detection. It runs in a virtual environment to perform the analysis, thus making it impossible for malwares to detect the presence of the developed tool. The minifilter driver is used to monitor the windows API calls, registry changes and used to generate reports which are used to analyze a program as malware or normal. These reports can be analyzed to categorize a program as normal or malware. The developed tool is tested using Symantec malware database and compared with other pre-existing tools to evaluate its effectiveness.

  • Chapter 13

    Security Standards and Best Practices for Quantum Key Distribution Price 2.99  |  2.99 Rewards Points

    Quantum Key Distribution (QKD) systems combine cryptographic primitives with quantum information theory to produce a theoretic unconditionally secure cryptographic key. However, real-world implementations of QKD systems are far from ideal and significantly differ from the theoretic model. In this paper, a content analysis of the published literature is conducted to determine if established security and cryptographic standards and practices are addressed in real world, practical QKD implementations. The research reveals that the published, real-world QKD implementations examined do not take advantage of established security and cryptographic standards and best practices .

  • Chapter 14

    Detecting the Insider Threat: Going Beyond the Network Layer Price 2.99  |  2.99 Rewards Points

    Intrusion detection is difficult to accomplish when utilizing the current detection methodologies when considering the database and authorized insiders. It is a common understanding that current methodologies focus on the network architecture, which is not an adequate solution when considering the insider threat. Recent findings suggest that many have attempted to address this concern with the utilization of various detection methodologies in the areas of database authorization, security policy management and behavior analysis yet have not been able to find an adequate solution to achieve the level of detection that is required.

  • Chapter 15

    Java Design Pattern Obfuscation Price 2.99  |  2.99 Rewards Points

    Software reverse engineering (SRE) consists of analyzing the design and implementation of software, where, typically, we assume that the executable file is available, but not the source code. SRE has many legitimate uses, including analysis of software when no source code is available and probing code for security vulnerabilities. Attackers also use SRE to search for weaknesses in closed-source software and to hack software activation mechanisms, or otherwise change the intended function of software. In this project, we develop and analyze a technique to obfuscate design patterns. We show that our technique can defeat design pattern detection tools, thereby making reverse engineering attacks more difficult.

  • Chapter 16

    A Synthetic Solution Scheme for SOA Security Assurance Price 2.99  |  2.99 Rewards Points

    Due to the changes of architecture, tradition security mechanism can’t fulfill SOA security requirements. So it is the high time to design a comprehensive security assurance system of models and solutions that fulfill SOA and SOA-based applications’ security requirement without hurting SOA’s loose coupling and high scalability features. Based on the in-depth research of tiered SOA security, this paper provides a comprehensive solution and analyzes SOA security assurance on three levels: strategy, service solution, testing. Firstly this paper proposes a new security assurance model for the overall architecture, and then proposes a new framework as a practical application solution for modeling and evaluating reliability on single service, service pool and service composition. At last, compared with traditional application-oriented system integration testing, this paper proposes the strategies of integration test and test responsibilities division for SOA systems.

  • Chapter 17

    Mandatory Access Control for Web Applications and Workflows Price 2.99  |  2.99 Rewards Points

    Despite the fact that mandatory protection has proven its efficiency for the Operating System level, mandatory access control is missing for Web-based applications. This paper proposes a novel approach of mandatory access control supporting both Web applications and Workflows. A general architecture includes a dedicated reference monitor that can be easily integrated into any Web server plus external components that ease the administration of the mandatory protection. An integration is proposed for the Microsoft IIS Web server. Although the proposed protection approach is not dedicated to Workflow environments, the experiments onto a real Workflow environment shows that it is possible to solve the problem of computing a safe mandatory policy. Indeed, our approach enables to compute and control the mandatory policy for a dedicated Webbased Workflow environment. A correctness approach is proposed showing that the protection safely enforces the required mandatory policy. Performance results show the low overhead of our solution. As far as we know, our solution is the first approach providing an efficient MAC solution that covers both Web-based applications and workflows.

  • Chapter 18

    Decision Support for Assessment of IT-Security Risks Price 2.99  |  2.99 Rewards Points

    IT-security risks can have a great impact on organizations and can cause high financial damage. To address security issues and avoid problems, knowledge about risks is vital. Therefore, a risk assessment process, which addresses security of IT-systems, is essential. However, risk assessment methods based on qualitative or quantitative approaches involve some difficulties and limitations. Therefore, in this research, we propose a risk assessment method based on semi-quantitative approach. The method provides decision support for security experts during evaluation of IT-security risks and enables assessment of threats both at a detailed level and as a whole. Imprecise information is captured from expert judgment and expressed numerically in interval form. The method is applied to a scenario in order to demonstrate its usage. We utilize a decision tool to present the outcomes. Moreover, sensitivity analysis is performed to point out most critical values.

  • Chapter 19

    Creating Stronger Yet Easily Pronounceable Passwords Price 2.99  |  2.99 Rewards Points

    This paper addresses the issue of secure passwords. Security is often a balance between usability and security. For eg, strong passwords can be hard to remember. Computer users are forced by system administrators to change their passwords relatively frequently and to provide a strong password every time. This requirement can lead users to resort to various unsafe strategies, to name a few: reusing the same strong password for many accounts, changing just one simple thing in an existing password, providing a relatively simple password with just a few extra special characters (thus creating a rather weak password), and writing down passwords and storing them in insecure locations. This paper presents a strategy to create a strong password that is memorable with a rather small amount of effort.

  • Chapter 20

    A Flexible Role-Based Delegation Model with Dynamic Delegation Role Structure Price 2.99  |  2.99 Rewards Points

    As information systems became widely used by organizations and enterprises, resource sharing and collaboration of work have been pervasive. As a natural way to realize this, delegation has become the routine rather than the exception. However, traditional delegation models have encountered various issues in meeting the growing and diverse requirements. Some of them fail to provide sufficient delegation functionalities, while others are cumbersome to apply and manage practically. Therefore it is imperative to have a flexible delegation model that provides fine-grained control according to different scenarios. Meanwhile, such a model should be easy to apply and maintain. Therefore, we develop a flexible delegation model based on role-based access control which supports fine-grained delegation control at both role and permission levels. Moreover, the proposed model introduces a dynamic delegation role structure to deal with different types of delegation requests. Finally, a prototype was implemented to demonstrate the feasibility of the model.

  • Chapter 21

    A User-Centric Privacy-Aware Protection System Price 2.99  |  2.99 Rewards Points

    Nowadays it is increasingly important to protect private information from unintended and unauthorized use. Traditional access control models generally lack the support for privacy protection. Some studies have been done in the area of integrating privacy control with XML access control. However, often the focus is placed on organization-specific privacy policies. And how to handle user consent and user preferences are often not addressed. In this paper, we describe our approach based on XACML to integrating XML data access control and privacy control with user consent, preferences and break-glass access procedure considered. We also present a prototype system being developed in the context of health care systems to demonstrate the feasibility of our approach.

  • Chapter 22

    Performance Evaluation of Asymmetric Encryption Algorithms in Embedded Platforms used in WSN Price 2.99  |  2.99 Rewards Points

    This paper presents the performance evaluation of asymmetric cryptographic algorithms oriented to embedded platforms used in Wireless Sensor Networks (WSN). The RSA algorithms, ECC and MQQ were evaluated on three different platforms: ARM, MSP430 and AVR Atmega128 platforms. We have used the processing time as evaluation criteria. We used the SimpleScalar tool, MSPsim and Avrorafor our simulations analysis. The MQQ algorithm achieved the best results in most of the evaluated criteria. In the ARM platform, the MQQ algorithm obtained a processing time 230 times lower than the time of the RSA algorithm. The ECC algorithm has also shown effectiveness in the platforms evaluated, since in MSP430 platform was 4 times faster than RSA algorithm. Finally, we show that MQQ is a promising algorithm for embedded systems used in WSN, but the ECC algorithm is the most recommended by standardized and have already gone through safety testing.

  • Chapter 23

    Implementing the ECC Brainpool curve generation procedure using open source software Price 2.99  |  2.99 Rewards Points

    Elliptic Curve Cryptography (ECC) began to be used almost 30 years ago. Since then, ECC has been applied to an increasing number of fields (information encryption, digital signatures, integer factorization, etc.). However, one practical problem still arises when an organization decides to implement an ECC solution: what elliptic curve is the most adequate in the deployment scenario? This contribution analyses the most important features of the elliptic curve generation procedure defined by the ECC Brainpool consortium. In addition to that, this paper describes the Java application that we have implemented following the Brainpool specifications. This application can be used for generating new elliptic curves that fulfil the security requirements defined by Brainpool. Finally, we provide the test results offered by our  implementation, so interested readers can understand how much time it takes to generate elliptic curves suitable for cryptographic purposes that conform to the Brainpool specification.

  • Chapter 24

    Power and Electromagnetic Analysis Attack on a Smart Card Implementation of CLEFIA Price 2.99  |  2.99 Rewards Points

    CLEFIA is a 128-bit block cipher developed by Sony Corporation in 2007. Since then, many papers related to security evaluations of CLEFIA have been published. However, these have mainly analyzed its mathematical weaknesses. In this study, we perform power and electromagnetic analysis attacks on a software implementation of CLEFIA. We implemented the CLEFIA algorithm with a 128-bit key length on a 8-bit AVR processor-based smart card. Our experimental results show that we successfully derived a 128-bit master key by attacking three rounds. We compare the results of using the two different side channel information (power and electromagnetic). In addition, we demonstrates the effectiveness of using a low-pass filter.

  • Chapter 25

    Prime Base, Prime Moduli PRN Generator Price 2.99  |  2.99 Rewards Points

    This paper presents an algorithm, which utilizes successive multiplications by a prime base and two stages of congruencing in order to generate a pseudorandom number (PRN) for use in encryption. The algorithm has advantages in oneway communication devices because only two prime numbers have to be known in order to decode the sequence. The efficiency of the algorithm stems from there being only a single multiplication tap. The code is determined by first generating the sequence in n of sn = zn(mod p) where p and z are primes. Then sn (mod 2) gives the binary sequence which can be used as a PRN code.

  • Chapter 26

    Verifiable Symmetric Searchable Encryption for Multiple Groups of Users Price 2.99  |  2.99 Rewards Points

    We present an efficient method for providing group level hierarchical access control over keywords in a multi-user searchable encryption scheme under the Semi-Honest-but-Curious model. We achieve this using a shared global index stored on the cloud and efficient key-regression techniques on the client side. Our method extends the multiuser searchable encryption model of Curtmola et. al. [1] to multiple groups of users. Moreover, our method provides verifiability of search results, and we show that our system is non-adaptively secure.

  • Chapter 27

    Verifiable Dynamic Multi-Secret Sharing Scheme Price 2.99  |  2.99 Rewards Points

    Secret sharing schemes are primarily used in cryptosystems for distributing shares of a secret among a set of entities in such a way that the secret can be reconstructed only with certain combination of shares. These schemes are mainly used in applications where there is no single trusted entity. In this paper we propose a Verifiable Dynamic Multi-Secret Sharing scheme with cheater detection mechanism. The proposed scheme has advantages of Lin-Yen’s scheme in which each participant has only one secret share for reconstructing multiple secrets. In addition, proposed scheme does not require any secure channel between any participant and the dealer during secret share distribution phase. Analysis shows that the proposed scheme is as secure as the scheme which uses secure channel for distribution of share.

  • Chapter 28

    Towards An Efficient Protocol for Privacy and Authentication in Wireless Networks Price 2.99  |  2.99 Rewards Points

    We envision a scenario for security of wireless networks that include and integrate nodes of all different capabilities, including tiny sensors or similarly battery-powered, resourceconstrained tiny nodes. However, the existing Wireless Protected Access (WPA) protocol may not be suitable for such resourceconstrained, low-end nodes as the protocol could be too demanding since its existing authentication and privacy mechanisms can cause many inconveniences due their complexity in computation and key management. In this work, we propose an efficient protocol for authentication and privacy in wireless networks using identity-based encryption(IBE) techniques. Specifically, we propose an enhanced or extended version of the WPA protocol by incorporating IBE based authentication methods in the existing WPA protocol at the link layer level. The enhanced WPA protocol can be used for small and resource-constrained wireless devices to integrate them in existing wireless networks.

  • Chapter 29

    A Robust User Authentication Scheme for Multi- Server Environment Using Smart Cards Price 2.99  |  2.99 Rewards Points

    Remote user authentication is a very important ingredient procedure for the network system service to authenticate whether a remote user is legal through any insecure channel. Recently, Hsiang-Shih proposed a dynamic ID based remote user authentication scheme for multi-server environment as an improved scheme over Liao and Wang’s scheme, and asserted that their scheme can escape from masquerade attack, server spoofing attack, etc. In this paper, we show that Hsiang and Shih’s scheme still suffers from the insider's attack and masquerade attack. To mend the problem, we offer a procedure to improve Hsiang- Shih’s scheme. Our scheme is suitable for applications with higher security requirement.

  • Chapter 30

    Secure Wireless Fax Module Price 2.99  |  2.99 Rewards Points

    Fax machine is still widely accepted as a legal document and a backup form of rudimentary communication. This acceptance has also left room for improvement/introduction of new communication mediums and techniques. This paper presents a secure fax module that uses GPRS/EDGE as its medium of communication. The system has two tier of encryption/security for securing all forms of data, first at the application layer (AES256) and second at the transport layer with TLS 1.1. The module is built on a customized PCB with a GSM modem; the central processor for the unit is C54x DSP. A secure fax management server with a static-IP processes all the required security information and registers each individual module against its public key, the Client Management System (CSM) connecting modules across the IP cloud. The system is cost effective commercial-off-the-self (COTS) based module and greatly reduces the operational expenditure (OPEX) by removing international termination cost for fax calls. This paper presents the complete SDLC for the secure fax module.

  • Chapter 31

    Elliptic Curve Cryptography Coprocessor for Mobile Ad-Hoc Networks Price 2.99  |  2.99 Rewards Points

    This paper investigates the design of an Elliptic Curve Cryptography (ECC) co-processor in an embedded system. The goal of this work is to create a general purpose module to greatly augment a network node’s performance, thereby making it practical to implement secure ECC-based network protocols in potentially vulnerable ad-hoc networks. Specifically, the techniques presented here employ hybrid computing, where a CPU and several custom hardware modules are implemented together on the same chip. The proposed system was implemented on an FPGA utilizing Xilinx’s MicroBlaze processor, and is compared to other implementations found in the literature.

  • Chapter 32

    ​​​​​​​Securing RTP Packets using Persistent Packet Key Encryption Scheme for Real-time Multimedia Applications Price 2.99  |  2.99 Rewards Points

    Most of the existing encryption methods use the same key to secure different RTP payloads during a given session. However, the use of the session key cannot guarantee protection against brute force attacks that can be done after transmission using the captured RTP data for the real- time multimedia streams. This paper deals with the packet key methods where Diffie-Hellman key exchange procedures repeat only for the RTP packets that are selected based on the key change rate. This paper proposes a persistent packet key encryption scheme that uses the same packet key for a certain period and changes the key for the next period. The key change schedule is controlled by the key change rate. The persistent packet key encryption scheme aims to improve latency for encryption and decryption compared with the full packet key encryption scheme where the packet key changes every packet. The main goal of this paper is to propose the packet key scheme that is significantly more secure than the session key scheme while satisfying the latency requirements for the real-time multimedia transmission.

  • Chapter 33

    Using Secure Multi-party Computation when Pocessing Distributed Health Data Price 2.99  |  2.99 Rewards Points

    Patient related health data are typically located at different general practices and hospitals. When processing and analyzing such data, the provided infrastructure and toolset has to take into consideration legal, security and privacy issues. The combination of secure multi-party computations (SMC) algorithms, encryption, public key infrastructure (PKI), certificates, and a certificate authority (CA) is used to implement an infrastructure and a toolset for statistical analysis of health data. The general practices and hospitals are considered nodes in a computing graph, and at each node a sub-process performs the local part of the computation. The described approach tries to support a wide range of possible SMC algorithms and computing graphs.

  • Chapter 34

    A New Quasigroup Based Random Number Generator Price 2.99  |  2.99 Rewards Points

    We propose a pseudo-random number generator based on qausigroups that meets the statistical analytic performance of those based on SHA-1, AES and RC4. We present the algorithm and heuristic results based on NIST-STS package.

  • Chapter 35

    A Systems Engineering Approach for Assured Cyber Systems Price 2.99  |  2.99 Rewards Points

    Systems Engineering (SE) has gained favor as a means to tame the complexity of modern systems, specifically the design, analysis, and development of complex systems. This paper describes a SE approach for system assurance of modern Information Technology (IT) centric “cyber systems”. In this paper, we discuss recent trends in information security towards the establishment of security patterns and identify key security patterns for the development of cyber systems. Specifically, this paper provides a cursory review of security patterns and highlights the utilization of key cyber patterns during the SE development process for a given cyber system. SE functional decomposition and system integration activities are described as they pertain to meeting formal system assurance claims resulting in secure and assured cyber systems.

  • Chapter 36

    A Self-Protecting Security Framework for CDA Documents Price 2.99  |  2.99 Rewards Points

    Clinical Document Architecture (CDA) is a standard for the exchange of electronic medical records. This paper describes a self-protecting security framework for protecting the security and privacy of CDA documents. The framework extends a CDA document with markups from XML based security standards including eXtensible Access Control Markup Language, XML Encryption, and XML Signature. This integrated structure uses a CDA document as the container while access control policies, digital signatures, and encrypted data are all embedded within the same CDA document in a fine-grained manner. The paper also describes an initial prototype implementation of this self-protecting security framework for CDA documents.

  • Chapter 37

    Multi-Applications Secure Mobile Platform Price 2.99  |  2.99 Rewards Points

    This paper describes the concept of Multi- Applications Secure Mobile Platform based on Javacardchip and applets stored in it. Javacard chip is used as pluggable secure module providing subscribers additional mobile services in mobile phones. Special security features of Javacard chip make multiapplications secure mobile platform a secure runtime environment for Javacard applets implementing various security functions. Various Javacard applets run simultaneously on the platform supporting various mobile security services. Multi-applications secure mobile platform is implemented by following our optimized design approach. It fully supports the functions of various mobile services with increased efficiency and optimal use of a Javacard chip space.

  • Chapter 38

    Multi-Vendor PayWord with Payment Approval Price 2.99  |  2.99 Rewards Points

    One of the most well known micropayment scheme is the PayWord scheme. It is designed to be onevendor, so if we apply it for multiple vendors, it does not protect against double spending. We extended the PayWord scheme, it supports shopping at multiple vendors without an on-line broker or an on-line secure database. The proposed credit-based system uses one hash chain, hence besides the secret signature key only the seed and a random value should be securely stored. Our scheme is analyzed in applied pi calculus, we prove that it fulfills payment approval, secure payment authorization, secrecy of payment information and unreusability.
     

  • Chapter 39

    Social Networks Steganography using Unions of Lucas Sequences Price 2.99  |  2.99 Rewards Points

    Since their introduction, social network sites such as Google+, Facebook, Linkedin and Twitter have attracted millions of users, many of whom have integrated these sites into their daily practices. The above networks assist their users to connect with each other based on shared interests, political views, or activities. Sites also vary in the extent to which they incorporate new information and
    communication tools, such as mobile connectivity, blogging, and photo or video sharing. The ability of photo sharing gives users the opportunity to use these services to exchange secret information using steganographic methods. In this paper, we examine these possibilities and we propose a unique and safe steganographic method using unions of Lucas sequences.

  • Chapter 40

    Inter-Cloud Trust Model Security: Issues and Challenges Price 2.99  |  2.99 Rewards Points

    Cloud Computing is a new networking technology, which provides a pool of highly scalable and easily accessible virtualized resources, such as development platforms or services, hardware, software, and is capable of hosting end user applications. A major concern in the Cloud is security; some agree that the Cloud is a secure and trusted system, while others seem to think differently. This paper will survey few major security issues and challenges for Cloud Computing, and investigate the trust models in the Inter Cloud environment area.

  • Chapter 41

    Securing the Bolts before the Horse has Bolted: A new Perspective on Managing Collaborative Assurance Price 2.99  |  2.99 Rewards Points

    We suggest that the bureaucratic response to leaks, e.g. wiki-leaks, has frequently been to add more controls in an effort to securitize the spaces in which the breach has occurred or may occur in the future. We argue that the result of these info/techno-socio controls is to create a socioinfo/ techno ecology less capable of problem solving. These coordinating rules and controls (CRC) take time / bandwidth to administer and, sometimes deliberately, make things difficult. Often, they do so by simultaneously creating a climate of fear, where adherence to process is rewarded and innovative dissent is punished. Controls may therefore impinge upon the collaborative social influence (CSI) networks necessary for innovation, adaptation and problem solving – so breaches may actually increase. We take a network perspective to security based upon ambidexterity between CRC and CSI networks and creating assuredness / trust to enable a secure and healthy organisational ecology.

  • Chapter 42

    Anonymous Retrieval of k-NN POI in Location Based Services (LBS) Price 2.99  |  2.99 Rewards Points

    LBS is a type of location information service accessible through mobile device with the aid of mobile network and mobile device position. Through LBS users can receive information on nearest neighbor (NN) point of interest (POI). LBS need user location and data profile to customize these services. Due to privacy and security concerns, users may be reluctant sharing this information. Without this information, it will be difficult to customize these services. Previous solutions offered to process such queries anonymously either imposed too much computation on the user, involve costly transmission, or discloses too much database information. In this paper, we propose idea that allows user to specify and receive exactly k NN (number of POI desired) from LBS with lower transmission cost, minimal user computation, and minimal amount of database information disclosed. We propose two algorithms, first one returns approximate k NN, while the second returns exact k NN.

  • Chapter 43

    Cyber-security Defense in Large-scale M2M System Actual Issues and Proposed Solutions Price 2.99  |  2.99 Rewards Points

    Today’s Machine-to-Machine (M2M) market is growing rapidly and it is estimated to be massively deployed in the years to come. However, the massive deployment of M2M solutions will introduce tremendous challenges in its communication requirements. One of them is in the field of cyber-security defense. This paper outlines our view on M2M communication for cyber-security, particularly our vision in mutual authentication between device and M2M Operator according to actual issues in common standardization bodies such as ETSI and 3GPP. We here present in detail such actual issues related to the extremely large number of devices connected in the constraint nature of M2M system, affecting the burden of high communication process as well as high communication cost. Furthermore, we present our framework for cyber-security modeling and purpose the suggested solutions tailored to the issues in order to achieve the trust and cyber-security goal in the large-scale M2M realm.

  • Chapter 44

    Pictorial Presentation of Computer Behavior and Fault Detection Automation Using Genetic Algorithm Price 2.99  |  2.99 Rewards Points

    In recent years, several approaches were developed to detect unknown malcodes including both worms and viruses using machine learning techniques. This paper introduces a novel algorithm to monitor the computer behavior through the computer counters. Pictorial presentation of the computer counters is adopted for both feature selection and online monitoring to detect the presence of both viruses and denial of service attacks. The proposed algorithm applies both genetic algorithm (GA) and best correlated record (BCR) in the calibration phase to identify a reference vector that represents the monitoredcounters during regular operation. A correlation technique is implemented in the monitoring phase to automate the process of computer fault detection at real time. The proposed algorithm has been tested on two different environments with different types of attack to evaluate its performance and validity. Results show that the system is able to early detect the attack with minimum false alarm rate.

  • Chapter 45

    Correlation Analysis of Cyber Threat Information in Heterogeneous Security Systems Price 2.99  |  2.99 Rewards Points

    Recently The internet is widely used. As a result, cyber attacks are continuously changed and increased. Various security systems are used to protect internal network, servers and PCs. The KISA(Krcert/CC) operates a variety of security systems to prevent and protect against cyber attacks. For example, there are systems for detecting and preventing DoS/DDoS attacks, managing cyber threats, trapping spam emails, and preventing botnet damages. In this paper, we analyze cyber threat information that were detected through heterogeneous security systems. Then we propose a new correlation analysis method using gradient measurement for more effective monitoring. Finally we present results of continuity and redundancy of source IP address in several security systems.

  • Chapter 46

    Towards a Service Migration Architecture for Service Availability Price 2.99  |  2.99 Rewards Points

    This paper presents our work-in-progress towards system architecture to support service migration in a devastating attack scenario. In our design, service migration is a security mechanism that transfers critical services from a compromised platform to other clean, healthy platforms. The architecture is to ensure that critical services will be continuously provided even the underlying platform has been damaged. Any system with the specified design can provide a level of guarantee that the critical services will be available in spite of malicious attacks and security incidents. We specify the components of such service migration-based system architecture and describe the functions of those components.

  • Chapter 47

    FAPA: A Model to Prevent Flooding Attacks in Clouds Price 2.99  |  2.99 Rewards Points

    Several schemes and a variety of intrusion detection systems are available in the market for DoS or flooding attacks. In this paper, we propose a model for the prevention of DoS attacks for clouds called FAPA (Flooding Attack Prevention Architecture). Based on the characteristics of attacks, our FAPA model uses a Learning Phase, Validation checking and Compatibility checking through its hypervisor to prevent flooding attacks. The central idea is to extract an extensive set of traffic behavior, which will describe the usual traffic flow for each session initiated by legitimate customers. Compatibility checking of the traffic from different customer sessions and associative rules will be used to find abnormalities. From those abnormalities, the system will automatically be aware of any phenomenon and precautions can be taken. Lastly, we show how our FAPA model can prevent different types of flooding attacks. Our goal is to design a model that allows a dynamic response that can adapt to prevent any type of flooding attack.

  • Chapter 48

    Mobile Root Exploit Detection based on System Events Extracted from Android Platform Price 2.99  |  2.99 Rewards Points

    Recently, the number of attacks by malicious application has significantly increased, targeting Android platform mobile terminal such as Samsung Galaxy Note I/II and Galaxy Tab 10.1, etc. The malicious application can be distributed and installed on user’s mobile devices through open market after masquerading as a common normal application. An attacker inserts malicious code into an application, which might threaten privacy by root exploit. Once the root exploit attack is successful, malicious code can collect and steal private data stored in mobile terminal, for example, SMS messages, contacts list and public key certificate for banking. To protect the private information from the malicious exploit attack, several response mechanisms such as malicious code detection, rooting attack detection and countermeasure method are required. To meet this end, this paper investigates mobile root exploits for Android based mobile devices. Based on that, this paper proposes countermeasure system that enables to extract and collect events related to root exploit attacks occurring from mobile terminal, which contributes to active protection from malicious mobile attacks.

  • Chapter 49

    ASNM: Advanced Security Network Metrics for Attack Vector Description Price 2.99  |  2.99 Rewards Points

    In this paper we propose a method for the extraction of data from network flow and a contextual separation of partial connections using a set of network metrics that create a signature defining the connection behavior. We begin with the definition of the input dataset of captured communication and the process of extraction metrics from separated connections. Then we define the set of metrics included in the final behavioral signature. The second part of the article describes experiments performed with a stateof- the-art set of network metrics with comparison to our proposed experimental set. The paper concludes with the
    results of our experiments.

  • Chapter 50

    Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment Price 2.99  |  2.99 Rewards Points

    Cloud computing environments offer malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

  • Chapter 51

    A High-Throughput and Low-Complexity Secure Linear Network Coding Protocol Price 2.99  |  2.99 Rewards Points

    A new scheme providing security against passive attackers in linear network coding is proposed. Through- put efficiency, low algorithm complexity, and high adaptability/applicability are the major design factors that are considered in this security protocol. A bijective permutation map defined over the code field is utilized to generate the randomness that is required for masking the plain information symbols. The input arguments of the permutation map are some of the plain data symbols and one random symbol that is chosen by the source node. It is shown that as long as the attacker does not have access to all the independent channels, he can not obtain any linear combination of the plain information symbols. Reducing data throughput by only one unit compared to the non-secure network code, and avoiding the use of complex transformations such as cryptographic algorithms or hash functions are the main advantages of the proposed security protocol.

  • Chapter 52

    A practical study of the problems of current Internet routing tables Price 2.99  |  2.99 Rewards Points

    The phenomenal growth of the Internet amazes even the creators of this worldwide network. Apart from the constantly changing data protocols and services that the Internet has to adapt to, the sheer volume of users has been one of the biggest challenges the Internet is coping with. This paper is directed towards the study of Internet scale routing tables in a lab environment to understand the dynamics of route processing by routers, and the effect of increasing the number of routing table entries on the overall performance of the router in terms of packet forwarding. This study is an effort to simulate an Internet scale network in the lab to shed light on some of the practical problems of the Internet routing table size and its performance and the security implications.

  • Chapter 53

    Private Proximity Testing for Location Based Services Price 2.99  |  2.99 Rewards Points

    Over time privacy attacks on the Internet and Internet–attached systems have grown sophisticated and attacks have become more automated and can cause greater amounts of damage. Thus, a wide range of technologies and tools, complex protocols and applications are needed to counter the growing threat. This paper deals with the implementation and analysis of private proximity testing in the context of Location Based Services (LBS). The protocol states that Alice and Bob can investigate their proximity by exchanging set of encrypted messages via the server. The approach is novel since the server will not be able to track either Alice or Bob.

  • Chapter 54

    DROP-FAST: Defending against DDoS Attacks using Cloud Technology Price 2.99  |  2.99 Rewards Points

    DDoS attacks continue to be a major threat to network security. Several new types of attacks such as Layer-
    7 attacks (e.g., HTTP flood, Slowloris, RUDY, etc.) have emerged. We propose a novel DDoS defense mechanism called DROP-FAST. Our mechanism provides distributed DDoS defense utilizing multiple replicas of the protected server throughout a cloud infrastructure. DROP-FAST is dynamic and can adapt by controlling the number of replicas on cloud based on attack strength. Main server is isolated from network using replica servers. Service quality features such as response time, incoming traffic load, and load sharing are improved due to distribution of attack and replication of the main server throughout the cloud. We describe our mechanism in detail and discuss improvements made over previously existing related works. We set up an experiment that shows significant improvement of the traffic load on the main server as a result of utilizing DROP-FAST mechanism.

  • Chapter 55

    Simplified Network Traffic Visualization for Real-Time Security Analysis Price 2.99  |  2.99 Rewards Points

    Although traditional methods of network security analysis used in investigating network traffic and log files are essential to mitigating malicious network activity, these methods alone cannot keep up with constant increases in malevolent network traffic. Many visualization tools have been created as a supplement to traditional analysis and intrusion detection systems. Even though these tools are useful, each tool tends to have a niche use. Also, many network administrators fill dual roles as administrators and security analysts and have little time to learn different complex visualization tools. We therefore observe a need for a simple out-of-the-box solution for general network security visualization. We hope to fill this need with our tool called VNR, which in addition to its simplicity embeds transport layer data within visualizations allowing for better intra-host analysis. VNR can also be used for real-time or auditing purposes by configuring the amount of data visualized within specific time frames.

  • Chapter 56

    Challenges of Kerberos Variance with High QoS Expectations Price 2.99  |  2.99 Rewards Points

    This paper presents modelling approaches for performability evaluation of high Quality of Service (QoS) of Kerberos servers which dynamically renew keys under pseudosecure conditions in order to significantly reduce the chances of potential intruders. Since the proposed approaches involve temporary interruption to link/server access, it has implications in terms of performance degradation. Analytical methods are used to evaluate the cost in terms of the degradation of system performance. Unlike previous studies, the failures of the servers are considered together with link/server interruptions for renewals. Therefore the model presented considers the system for exact performability evaluation. In this study, the existing authentication protocols are considered in an unusual fashion. The performance degradations that may be caused by service interruptions are discussed with a new framework to model the interactions between the network and the authentication servers. Numerical results are provided in order to analyse the effects of renewal times, times between renewals and failures of the server.

  • Chapter 57

    Port Knocking- An Additional Layer of Security for SSH and HTTPS Price 2.99  |  2.99 Rewards Points

    The availability of communication resources remote access of e-mails and data is increasingly required and desirable by users. This, however, implies security of user data and e-mails. The vulnerability of the system depends on the ability to scan the system for an open port and on the service running on the open port. Such open ports are entry points for attacks. Masking of open ports and services on the system, using port knocking technique, provides a simple and reliable method.In this paper, we discuss a complete practical approach of securing SSH and HTTPS (Web based email access) using available open source software. We wish also to share our experiences so that enterprise level secure systems can be deployed just by use of free and open source (FOSS) software.

  • Chapter 58

    Implementation of Boneh Protocol 3 in Location Based Services (LBS) to Provide Proximity Services Price 2.99  |  2.99 Rewards Points

    In recent years, smartphones have taken over as the pocket technology of choice. More than a half of smartphone owners use a location based information service of some kind. And a core component of Location Based Services (LBS) is proximity testing of users. These services determine if two mobile users are close to each other without requiring them to disclose their exact locations. In this paper, we present Boneh Protocol 3 which supports private proximity testing by using location tags. We study the use of “location tags” generated from the physical environment in order to strengthen the security of proximity testing in Boneh Protocol 3. In this paper, we attempt to provide a realistic assessment of proximity testing for location-based services by implementing Boneh Protocol 3. We used Android platform for an implementation of Boneh protocol 3.

  • Chapter 59

    Privacy-Aware Proximity Based Service Using Hide and Crypt Protocol: Implementation Price 2.99  |  2.99 Rewards Points

    Proximity based services are location based services (LBS) in which the service adaptation depends on the comparison between a given threshold value and the distance between a user and other (possibly moving)entities. While privacy preservation in LBS has lately received much attention, very limited work has been done on privacy-aware proximity based services. This paper describes the main privacy threats that the usage of these services can lead to, and explains the implementation of a privacy preserving protocol, Hide&Crypt. The use of simple and well-known encryption algorithms is also mentioned which is used to hide messages between users.

  • Chapter 60

    The 2013 NECCDC - Lessons Learned Price 2.99  |  2.99 Rewards Points

    After having run the 2010 NECCDC at the University of Maine, we had an opportunity to run the 2013 NECCDC at the University of Maine. In the process, we rediscovered some lessons we had learned the first time along with a number of new lessons. We feel that the NECCDC and similar cyber defense competitions are very important for motivating students and for bringing the academic cyber defense community together. We are committed to making sure that the competitions are well supported and continue to improve. We also realized that our past system of basically having each hosting institution essentially build the competition from scratch does not contribute to keeping the competition of high quality and improving. This article serves as a how-to for staging the NECCDC or a similar competition.

  • Chapter 61

    Experiences with the Promise and Potential of Service-Learning in an Online Information Security Curriculum Price 2.99  |  2.99 Rewards Points

    Service-learning has been reported as offering the promise of both enhanced educational experiences and valuable community services to various constituencies. More specifically, positive outcomes have been reported when service-learning components have been incorporated into information security courses. The effects of incorporation of service-learning into online information security curriculum have not been fully explored. The aim of this project was to elucidate such affects. A service-learning component for an online information security course was designed and implemented with support provided by the Maine Campus Compact and the Davis Educational Foundation. The purpose of this paper is to share the reported promise and potential of service-learning in information security curricula and report on experiences with transforming an online introductory information security course to include a servicelearning component.

  • Chapter 62

    Visualizing Cybersecurity Events Price 2.99  |  2.99 Rewards Points

    The old adage “a picture is worth a 1,000 words” is relevant to cybersecurity because professionals must deal with large amounts of data in a very short period. It is also relevant to cybersecurity educators who must convey the complexity of cybersecurity events to students and to members of the general public who might have little or no background in cybersecurity. Fortunately, there are many fine tools now available for visualization and there will be more such tools in the future. This paper discusses some of the tools that are available and highlights some work that deserves to be better known by cybersecurity educators.

  • Chapter 63

    XSS Cookie Injection Covert Channel Price 2.99  |  2.99 Rewards Points

    This paper describes a method of covert communication by way of HTTP Cookie injection using Cross-site scripting into vulnerable website’s. Website’s susceptible to Cross-site scripting can be used as a medium for covert communication using Cookies as the message carrier between two or more nodes. Due to the necessity of Cookies in Web development and the format options of a Cookie, this covert channel offers a variation of implementation techniques which can achieve reasonably high data rates.

  • Chapter 64

    Composite Covert Channels through EVE Online Price 2.99  |  2.99 Rewards Points

    Online gaming has frequently been analyzed as a potential medium for covert communications. However, massivelymultiplayer online role-playing games offer considerable advantages over other multiplayer game systems, allowing them to be manipulated for the purpose of leaking information with greater security and efficiency. This paper discusses the use of EVE Online for the construction of a covert channel combining aspects of both behavior channels and storage channels to hide the transmission of encoded data to another user.

  • Chapter 65

    SSDP Covert Channel Price 2.99  |  2.99 Rewards Points

    A network covert channel provides a means of confidentiality with the intent to allow two nodes to communicate on a network with stealth. Simple Service Discovery Protocol is an Internet Protocol Suite that is capable of both discovering and advertising network services. This paper describes a method of using this discovery protocol as a means of sending covert messages between two nodes through steganography.

  • Chapter 66

    Integrative Security for JavaEE Web Applications Price 2.99  |  2.99 Rewards Points

    This paper presents such a security framework which is optimized for web applications with an Enterprise Java Bean backend and Java Server Faces as a presentation layer and highly uses Context and Dependency Injection. All mentioned standards are part of the Java Enterprise Edition specification Java EE 6. The mentioned fine granular multi level role based access model is highly customizable and is provided out of the box with additional features. The security framework provides a tight integration with tools and concepts for different scopes ranging from menu creation, UI component authorization to page authorization. Advanced and wide scale enterprise applications benefit from the documentation tools provided for the security concept itself as well as different pre configured reports about the role based access control model. The framework is implemented in a Java library available with a GPL-licence for free download and it is currently in use for several enterprise web applications.

  • Chapter 67

    HPA Lab: An Open-Source Educational Tool to Explore Host Protected Areas Under Linux Price 2.99  |  2.99 Rewards Points

    Disk areas, data streams, and CPU modes not normally seen by the user or operating system are vulnerable to abuse by hackers and might be used as vectors of a cyberattack. The Host (or Hidden) Protected Area (HPA) is one such hidden area. This poster discusses the vulnerabilities of these hidden areas and introduces HPA Lab, a new open-source education tool to explore HPAs under Linux.

  • Chapter 68

    An Automatic Botnet Detection and Notification System in Taiwan Price 2.99  |  2.99 Rewards Points

    An automatic Botnet detection and notification system is developed by National Center for High-Performance Computing (NCHC) in Taiwan to efficiently inform users of malware infections on their computers. Due to the involvement with manual work in current notification flow, the notification time may last for 48 to 60 hours. By the aid of our notification system, the infected bot can be notified within 15 minutes (adjustable). As a result, our Botnet detection and notification system can effectively restrain the scale of Botnet.

  • Chapter 69

    Design and Implementation of broker system for protect privacy information Price 2.99  |  2.99 Rewards Points

    The Korean government has been enacted personal information act to protect privacy information. By this act, User's privacy information that stored in database must be encrypted[1]. Typical, to connect with web services and database, the database connection information must be stored on the web server. If already running database security solution’s to protect database, the web server should be has permission to access databases in the security solutions. Due to the nature of web services, the information retrieved by access granted servers are not encrypted. In this paper, we proposed more secure web service connecting databases by eliminating connection information on web server and by limiting database query string. In proposed system, web servers did not know database server information. The User Information Broker(UIB) system has access policy which includes mapping information between web server and query.

  • Chapter 70

    Feature Reduction for Optimum SMS Spam Filtering Using Domain Knowledge Price 2.99  |  2.99 Rewards Points

    Most of the work done towards content-based SMS spam filtering has suggested the use of Bag of Words, word or character n-gram models, which can result on a huge number of features. In this paper, we study the possibility of using the minimal number of optimal features to classify SMS spam messages by introducing new features based on domain knowledge. Our experimental studies show that, by using our smaller set of features along with lighter models, the results achieved outperform BoW approaches that use dozens of features. The goal of our study is to enhance the performance of SMS classification when applied in a limited resource mobile devices.

  • Chapter 71

    Investigation of System Performance of Quantum Cryptography Key Distribution in Network Security Price 2.99  |  2.99 Rewards Points

    For the past decade progress in quantum cryptography changed the status of quantum key distribution (QKD) from laboratory to the practical innovation technology. Quantum cryptography is an emerging technology in which two parties can secure network communications by applying the phenomena of quantum physics. Quantum cryptography applies the uncertainty principle and the no-cloning theorem of quantum mechanics to provide ultra-secure encryption key distribution between two parties. Conventional secret-key cryptography techniques require the communication of a secret key prior to message exchange, and does not detect eavesdropping, and quantum principles can be used to detect eavesdropping probabilistically when it occurs. But there are challenges, and limitations to implement practical quantum cryptography such as detector performance for measuring photons, or optical sources which, enforce by the state-ofthe- art components crucial for the system performance of quantum cryptography, and fiber optical distance range affect the system performance of quantum cryptography. The research presents a guideline to improve the system performance of the quantum cryptography.

  • Chapter 72

    Multi-disciplinary Approach to Cyber Security Education Price 2.99  |  2.99 Rewards Points

    A multidisciplinary approach to cybersecurity education facilitates sound critical and analytic thinking and good communication. Students are introduced to a broader perspective and learn to think more openly and within alternative systems of thought. They are better prepared to recognize and assess assumptions, implications and practical consequences.

  • Chapter 73

    A Load Service Structure Using a P2P Network Based Reputation System in Ad-hoc Networks Price 2.99  |  2.99 Rewards Points

    This paper presents a method for load services in computer networks with a new reputation system to check available host reputation to avoid free-riding problems in P2P network file sharing. Fuzzy logic control method is applied to transfer loads for load balancing, instead of the fixed threshold level methods. The purpose of this new system structures is to provide efficient ways in building communication and accessing resources in ad-hoc computer network systems. This helps users to find data easily and securely.

  • Chapter 74

    DES Based Educational Encryption System Price 2.99  |  2.99 Rewards Points

    We present a simple encryption system that uses the main features of the Data Encryption Standard (DES) to be used mainly for educational purposes. The proposed Educational Data Encryption System (E-DES) is meant to facilitate the process of teaching cryptography and data encryption techniques in classrooms. The proposed cipher, which uses the same general Feistel structure, presents some improvements on the existing DES. It uses 1024 bit initial key and 128 bit data block size. In addition, the F function itself is modified n E-DES, where an AES like substitution is used to replace the DES substitution. Consequently, the proposed encryption system provides more security to the plain data by adding more diffusion through the encryption process. In addition, the sizes of the data block and the round keys ensure a high resilience to information leak (almost similar to AES).

  • Chapter 75

    Android Malware Detection Using Library API Call Tracing and Semantic-Preserving Signal Processing Techniques Price 2.99  |  2.99 Rewards Points


    We propose to develop a new malware detection mechanism for Android-based mobile devices based upon library API call tracing and signal processing techniques. By tracing and utilizing library API calls we can capture the intentions/behaviors of an application at a higher level. Also, signal processing techniques, such as a wavelet-based transformation, may have the advantage of enhanced flexibility, effective malware detection, reduced runtime overhead, and capability to detect hidden intrusive patterns compared to the other pattern classification techniques, and may enhance the detection capability even for evolving and varying malwares. A dynamic approach will be developed and investigated in this project.

About the Author

Professor of Computer Science view complete profile

Tags