Instant Messenger (IM) becomes one of the most popular applications in mobile technology and
communication. A lot of users around the world installed it for daily activities. Current IM found security
lacks both in authentication and encryption matters. Various IM growing today still not apply an efficient
method in authentication and encryption process, conventional security methods and client-server
architecture system have to risk too many users for attacking server such as compromising, cracking
password or PINs by Unauthorized people. Common IM services lack native encryption to protect
information being transmitted over the public network and still used high computation in the mobile
environment, this problem needs efficient security methods. Then, in public IM also found various
messages with fake users, it occurs because public IM carry out the separate system in authentication and
encryption process, strong authentication need to solve this issue in messenger environment. The
tremendous growth of mobile IM user needs efficient and secure communication way. This paper proposes
a new efficient method for securing message both in encryption and authentication within the end-to-end
model. In this research, security method proposes new algorithms based on Elliptic Curve (EC) works in
Peer to Peer (P2P) architecture than a conventional client-server model. The result shows this method
produces efficient time in authentication and encryption process while applying in a mobile environment.
Besides, it is compatible with the mobile phone which has a limitation of computation capabilities and
resources.
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
Implementing High Grade Security in Cloud Application using Multifactor Auth...IJwest
As a high
-
speed internet foundation is being developed and people are informationized, most
of the tasks are engaged in internet field so there is
a risk that any private data like personal information or
applications for managing money can be wiretapped or eavesdropped. The consolidation of One Time
Passwords (OTPs) and Hash encryption algorithms are used to evolve a more secured password
-
protected
web sites and data storage systems. The new outlined scheme had higher security, small system overhead
and is easy to implement.
Comprehensive survey on security problems and key technologies of the interne...RSIS International
Internet of things (IoT) is a collection of many
interconnected objects, services, humans, and devices that can
communicate, share data, and information to achieve a common
goal in different areas and applications. The vision of IoT is to
enable devices to collaborate with each other on the Internet. IoT
security focuses on authentication and access control protocols.
IoT security is the area with protection connected devices and
networks. There are many key challenges in designing a secure
IoT: Privacy, Authentication, Access Control, Trust,
Confidentiality, Mobile Security, etc. Attacks on IoT security
devices are physical attacks, side channel attacks, cryptanalysis
attacks, software attacks, network attacks. This paper describes
Security Problems of IoT, Security issues and Key Technologies
of IoT.
Malware threat analysis techniques and approaches for IoT applications: a reviewjournalBEEI
Internet of things (IoT) is a concept that has been widely used to improve business efficiency and customer’s experience. It involves resource constrained devices connecting to each other with a capability of sending data, and some with receiving data at the same time. The IoT environment enhances user experience by giving room to a large number of smart devices to connect and share information. However, with the sophistication of technology has resulted in IoT applications facing with malware threat. Therefore, it becomes highly imperative to give an understanding of existing state-of-the-art techniques developed to address malware threat in IoT applications. In this paper, we studied extensively the adoption of static, dynamic and hybrid malware analyses in proffering solution to the security problems plaguing different IoT applications. The success of the reviewed analysis techniques were observed through case studies from smart homes, smart factories, smart gadgets and IoT application protocols. This study gives a better understanding of the holistic approaches to malware threats in IoT applications and the way forward for strengthening the protection defense in IoT applications.
Implementing High Grade Security in Cloud Application using Multifactor Auth...IJwest
As a high
-
speed internet foundation is being developed and people are informationized, most
of the tasks are engaged in internet field so there is
a risk that any private data like personal information or
applications for managing money can be wiretapped or eavesdropped. The consolidation of One Time
Passwords (OTPs) and Hash encryption algorithms are used to evolve a more secured password
-
protected
web sites and data storage systems. The new outlined scheme had higher security, small system overhead
and is easy to implement.
Comprehensive survey on security problems and key technologies of the interne...RSIS International
Internet of things (IoT) is a collection of many
interconnected objects, services, humans, and devices that can
communicate, share data, and information to achieve a common
goal in different areas and applications. The vision of IoT is to
enable devices to collaborate with each other on the Internet. IoT
security focuses on authentication and access control protocols.
IoT security is the area with protection connected devices and
networks. There are many key challenges in designing a secure
IoT: Privacy, Authentication, Access Control, Trust,
Confidentiality, Mobile Security, etc. Attacks on IoT security
devices are physical attacks, side channel attacks, cryptanalysis
attacks, software attacks, network attacks. This paper describes
Security Problems of IoT, Security issues and Key Technologies
of IoT.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Security Aspects of the Information Centric Networks ModelCSCJournals
With development of internet and the enormous growth of contents over networks, that motivated the researchers to proposed new paradigm model called Information Centric Networks ICN , the most features of ICN model is based on the content itself, instead, of the server located the contents over internet. This new model has a lot of challenges such as, mobility of contents, naming, replications, cashing, communications, and the security issue to secure the contents, customer, and providers. In this paper we will focus on ICN Model and propose solutions of security to protect the network elements, since the security is based on the packet itself rather than the host-centric.
June 2021 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
The Internet of Things (IoT) alludes to the continually developing system of physical articles that component an
IP address for web availability, and the correspondence that happens between these items and other Web
empowered gadgets and frameworks. The security issues of the Internet of Things (IoT) are straight forwardly
identified with the wide utilization of its framework. IoT securities and enhancing the design and several
elements of this work showcases various security issues with respect to IoT and thinks of solutions for the issues
under the advancements included. Here we are going to do a study of all the security issues existing in the
Internet of Things (IoT) alongside an examination of the protection issues that an end-client might confront as
an outcome of the spread of IoT. Most of the overview is centred around the security emerging out of the data
trade innovations utilized as a part of Internet of Things. As a piece of IoTs, genuine concerns are raised over
access of individual data relating to gadget and individual protection. This review tells about the security and
protection issues of IoT.
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Cloud Security and Data Integrity with Client Accountability FrameworkIDES Editor
The Cloud based services provide much efficient
and seamless ways for data sharing across the cloud. The fact
that the data owners no longer possess data makes it very
difficult to assure data confidentiality and to enable secure
data sharing in the cloud. Despite of all its advantages this
will remain a major limitation that acts as a barrier to the
wider deployment of cloud based services. One of the possible
ways for ensuring trust in this aspect is the introduction of
accountability feature in the cloud computing scenario. The
Cloud framework requires promotion of distributed
accountability for such dynamic environment[1]. In some
works, there‘s an accountable framework suggested to ensure
distributed accountability for data sharing by the generation
of only a log of data access, but without any embedded feedback
mechanism for owner permission towards data
protection[2].The proposed system is an enhanced client
accountability framework which provides an additional client
side verification for each access towards enhanced security of
data. The integrity of content of data which resides in the
cloud service provider is also maintained by secured
outsourcing. Besides, the authentication of JAR(Java Archive)
files are done to ensure file protection and to maintain a safer
environment for data sharing. The analysis of various
functionalities of the framework depicts both the
accountability and security feature in an efficient manner.
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICEEditor IJMTER
Practical requirements for securely demonstrating identities between two handheld
devices are an important concern. The adversary can inject a Man-In- The-Middle (MITM) attack to
intrude the protocol. Protocols that employ secret keys require the devices to share private
information in advance, in which it is not feasible in the above scenario. Apart from insecurely
typing passwords into handheld devices or comparing long hexadecimal keys displayed on the
devices’ screen, many other human-verifiable protocols have been proposed in the literature to solve
the problem. Unfortunately, most of these schemes are unsalable to more users. Even when there are
only three entities attempt to agree a session key, these protocols need to be rerun for three times.
So, in the existing method a bipartite and a tripartite authentication protocol is presented using a
temporary confidential channel. Besides, further extend the system into a transitive authentication
protocol that allows multiple handheld devices to establish a conference key securely and efficiently.
But this method detects only the outsider attacks. Method does not consider the insider attacks. So,
in the proposed method trust score based method is introduced which computes the trust values for
the nodes and provide the security. The trust score is computed has a positive influence on the
confidence with which an entity conducts transactions with that node. Network the behavior of the
node will be monitored periodically and its trust value is also updated .So depending on the behavior
of the node in the network trust relation will be established between two nodes.
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSIJCNCJournal
Internet of things (IoT) is the integration of computer-based systems and the physical world in which things
interact with each other. Due to heterogeneity and resource-constrained feature of IoT devices, there are
many privacy and security challenges resulting in many threat vulnerabilities in IoT environments. After
reviewing and analyzing the recent IoT security, privacy, and authentication protocols, we will withdraw
research gaps focused on the elimination of human factors in IoT authentication. In order to fill these
research gaps, this paper proposes a privacy-preserving machine authenticated key agreement based on
IoT, denoted as IoTMAKA. IoTMAKA uses dynamic identity and machine fingerprint to provide security and
privacy. Security analysis shows that IoTMAKA provides anonymity and untraceability, provides freshness,
and is secure against passive and active attacks. IoTMAKA reduces communication overheads by 20% and
computational overheads by 25% on average as compared to the previous related works.
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analyzed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin AlgorithmEditor IJMTER
As per the recent studies, the volatile growth has been seen in the use of mobile devices as
the supporting technology for accessing Internet based services, as well as for personal
communication needs in networking. Various studies indicate that it is impossible to utilize strong
cryptographic functions for implementing security protocols on mobile devices. Our research negates
this. Explicitly, a performance analysis focused on the most commonly used cryptographic protocols
based on the location address (latitude & longitude) of the user for mobile applications and projected
provably secure authentication protocol that is more efficient than any of the prevailing
authentication protocol is being used by the network security methods. Understanding the use of
public key cryptography which makes potential use of discrete logarithms problem. The security of
ECC depends on the difficulty of Elliptic Curve Discrete Logarithm. To provide secure
communication for mobile devices, authenticated protocol is an important primitive for establishing
trusted connection. In this paper, it has been shown that the location based system using improved
Rabin Algorithm provides a better security and acquires much less energy consumption than the
existing authentication protocols.
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Scientific Review SR
A pervasive network architecture that interconnect heterogeneous objects, devices, technologies and services called
Internet of Things has prompted a drastic change in demand of smart devices which in turn has increased the rate of
data exchange. These smart devices are built with numerous sensors which collect information from other interacting
devices, process it and send it to remote locations for storage or further processing. Although this mechanism of data
processing and sharing has contributed immensely to the information world, it has recently posed high security risk
on privacy and data confidentiality. This paper therefore analyses different security threats to data at different
architectural layers of Internet of Things, possible countermeasures and other in-depth security measures for Internet
of Things. The paper identifies device authentication on IoT network to be of paramount impo rtance in securing IoT
systems. This paper also suggests some essential technologies of security such as encryption for securing IoT
devices and the data shared over IoT network
IMPROVE SECURITY IN SMART CITIES BASED ON IOT, SOLVE CYBER ELECTRONIC ATTACKS...IJNSA Journal
Smart cities are expected to significantly improve people's quality of life, promote sustainable development, and enhance the efficiency of operations. With the implementation of many smart devices, c problems have become a serious challenge that needs strong treatments, especially the cyber-attack, which most countries suffer from it.
My study focuses on the security of smart city systems, which include equipment like air conditioning, alarm systems, lighting, and doors. Some of the difficulties that arise daily may be found in the garage. This research aims to come up with a simulation of smart devices that can be and reduce cyber attach. Use of Cisco Packet tracer Features Simulated smart home and c devices are monitored. Simulation results show that smart objects can be connected to the home portal and objects can be successfullymonitored which leads to the idea of real-life implementation and see. In my research make manysolutions for attachingissues,which was great, and apply some wirelessprotocol.
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...IJECEIAES
‘Internet of Things (IoT)’emerged as an intelligent collaborative computation and communication between a set of objects capable of providing on-demand services to other objects anytime anywhere. A large-scale deployment of data-driven cloud applications as well as automated physical things such as embed electronics, software, sensors and network connectivity enables a joint ubiquitous and pervasive internet-based computing systems well capable of interacting with each other in an IoT. IoT, a well-known term and a growing trend in IT arena certainly bring a highly connected global network structure providing a lot of beneficial aspects to a user regarding business productivity, lifestyle improvement, government efficiency, etc. It also generates enormous heterogeneous and homogeneous data needed to be analyzed properly to get insight into valuable information. However, adoption of this new reality (i.e., IoT) by integrating it with the internet invites a certain challenges from security and privacy perspective. At present, a much effort has been put towards strengthening the security system in IoT still not yet found optimal solutions towards current security flaws. Therefore, the prime aim of this study is to investigate the qualitative aspects of the conventional security solution approaches in IoT. It also extracts some open research problems that could affect the future research track of IoT arena.
Securing mobile cloud using finger print authenticationIJNSA Journal
Mobile cloud computing becomes part of mobile users daily life transactions. Mobile devices with Internet
capabilities have increased the use of mobile clouding computing. Due to hardware limitations in mobile
devices, these devices can't install and run applications require heavy CPU processing or extensive
memory. Cloud computing allows mobile users to synchronize their data with remote storage and utilize
applications require heavy CPU processing or extensive memory such as Microsoft Office or Adobe
Photoshop, as they run in a desktop computer.
Bluetooth is an essential wireless standard for short-distance and low-power wireless networks. Health
departments’ contact-tracing applications depended on Bluetooth technology to prevent infectious diseases
from spreading, especially COVID-19. The security threats of the Bluetooth-based contact-tracing
applications increased because an adversary can use them as surveillance tools that violate the user’s
privacy and revealpersonal information. The Bluetooth standard mainly depends on the device address in
its authenticated pairing mechanism (Secure Simple Pairing), which can collect with off-the-shelf
hardware and software and leads to a tracking attack. To avoid the risk of tracking based on this security
vulnerability in the Bluetooth protocol, we suggest a novel authentication protocol based on a non-
interactive zero-knowledge scheme to substitute the authentication protocol used in the Bluetooth standard.
The new protocol can replace the authentication protocol in the Bluetooth stack without any modification
in the device pairing flow. Finally, we prove the security of our proposed scheme against the man-in-the-
middle attack and tracking attack. A performance comparison with the authentication algorithm in the BLE
standard shows that our method mitigates the tracking attack with low communication messages. Our
results help enhance the contact-tracing application’s security in which Bluetooth access is available.
In this abstract, we analyze the state of the art of end-to-end security Instant Messaging applications.
This includes the applications' network architectures, current and future challenges, and potential legal and social impact.
The Proposed Development of Prototype with Secret Messages Model in Whatsapp ...IJECEIAES
Development of prototype at data security through secret messages is needed for disguising the messages sent in smartphone chatting application, WhatsApp (WA) Chat. We propose a model to disguise a plaintext message which is first encrypted by cryptosystem to change the plaintext message to ciphertext. Plaintext or plainimage entering the smartphone system is changed into encrypted text; receiver then can read the message by using similar key with the sender. The weakness of this proposal is the message random system is not planted directly in the chatting application; therefore message removing process from cryptosystem to WA application is still needed. The strength of using this model is the messages sent will not be easily re-encrypted by hacker and can be used at client computing section.
A Novel Security Approach for Communication using IOTIJEACS
The Internet of Things (IOT) is the arrangement of physical articles or "things" introduced with equipment, programming, sensors, and framework accessibility, which enables these things to accumulate and exchange data. Here outlining security convention for the Internet of Things, and execution of this relating security convention on the inserted gadgets. This convention will cover the honesty of messages and verification of every customer by giving a productive confirmation component. By this venture the protected correspondence is executed on implanted gadgets.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Security Aspects of the Information Centric Networks ModelCSCJournals
With development of internet and the enormous growth of contents over networks, that motivated the researchers to proposed new paradigm model called Information Centric Networks ICN , the most features of ICN model is based on the content itself, instead, of the server located the contents over internet. This new model has a lot of challenges such as, mobility of contents, naming, replications, cashing, communications, and the security issue to secure the contents, customer, and providers. In this paper we will focus on ICN Model and propose solutions of security to protect the network elements, since the security is based on the packet itself rather than the host-centric.
June 2021 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Security Issues and Challenges in Internet of Things – A ReviewIJERA Editor
The Internet of Things (IoT) alludes to the continually developing system of physical articles that component an
IP address for web availability, and the correspondence that happens between these items and other Web
empowered gadgets and frameworks. The security issues of the Internet of Things (IoT) are straight forwardly
identified with the wide utilization of its framework. IoT securities and enhancing the design and several
elements of this work showcases various security issues with respect to IoT and thinks of solutions for the issues
under the advancements included. Here we are going to do a study of all the security issues existing in the
Internet of Things (IoT) alongside an examination of the protection issues that an end-client might confront as
an outcome of the spread of IoT. Most of the overview is centred around the security emerging out of the data
trade innovations utilized as a part of Internet of Things. As a piece of IoTs, genuine concerns are raised over
access of individual data relating to gadget and individual protection. This review tells about the security and
protection issues of IoT.
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Cloud Security and Data Integrity with Client Accountability FrameworkIDES Editor
The Cloud based services provide much efficient
and seamless ways for data sharing across the cloud. The fact
that the data owners no longer possess data makes it very
difficult to assure data confidentiality and to enable secure
data sharing in the cloud. Despite of all its advantages this
will remain a major limitation that acts as a barrier to the
wider deployment of cloud based services. One of the possible
ways for ensuring trust in this aspect is the introduction of
accountability feature in the cloud computing scenario. The
Cloud framework requires promotion of distributed
accountability for such dynamic environment[1]. In some
works, there‘s an accountable framework suggested to ensure
distributed accountability for data sharing by the generation
of only a log of data access, but without any embedded feedback
mechanism for owner permission towards data
protection[2].The proposed system is an enhanced client
accountability framework which provides an additional client
side verification for each access towards enhanced security of
data. The integrity of content of data which resides in the
cloud service provider is also maintained by secured
outsourcing. Besides, the authentication of JAR(Java Archive)
files are done to ensure file protection and to maintain a safer
environment for data sharing. The analysis of various
functionalities of the framework depicts both the
accountability and security feature in an efficient manner.
SURVEY OF TRUST BASED BLUETOOTH AUTHENTICATION FOR MOBILE DEVICEEditor IJMTER
Practical requirements for securely demonstrating identities between two handheld
devices are an important concern. The adversary can inject a Man-In- The-Middle (MITM) attack to
intrude the protocol. Protocols that employ secret keys require the devices to share private
information in advance, in which it is not feasible in the above scenario. Apart from insecurely
typing passwords into handheld devices or comparing long hexadecimal keys displayed on the
devices’ screen, many other human-verifiable protocols have been proposed in the literature to solve
the problem. Unfortunately, most of these schemes are unsalable to more users. Even when there are
only three entities attempt to agree a session key, these protocols need to be rerun for three times.
So, in the existing method a bipartite and a tripartite authentication protocol is presented using a
temporary confidential channel. Besides, further extend the system into a transitive authentication
protocol that allows multiple handheld devices to establish a conference key securely and efficiently.
But this method detects only the outsider attacks. Method does not consider the insider attacks. So,
in the proposed method trust score based method is introduced which computes the trust values for
the nodes and provide the security. The trust score is computed has a positive influence on the
confidence with which an entity conducts transactions with that node. Network the behavior of the
node will be monitored periodically and its trust value is also updated .So depending on the behavior
of the node in the network trust relation will be established between two nodes.
PRIVACY-PRESERVING MACHINE AUTHENTICATED KEY AGREEMENT FOR INTERNET OF THINGSIJCNCJournal
Internet of things (IoT) is the integration of computer-based systems and the physical world in which things
interact with each other. Due to heterogeneity and resource-constrained feature of IoT devices, there are
many privacy and security challenges resulting in many threat vulnerabilities in IoT environments. After
reviewing and analyzing the recent IoT security, privacy, and authentication protocols, we will withdraw
research gaps focused on the elimination of human factors in IoT authentication. In order to fill these
research gaps, this paper proposes a privacy-preserving machine authenticated key agreement based on
IoT, denoted as IoTMAKA. IoTMAKA uses dynamic identity and machine fingerprint to provide security and
privacy. Security analysis shows that IoTMAKA provides anonymity and untraceability, provides freshness,
and is secure against passive and active attacks. IoTMAKA reduces communication overheads by 20% and
computational overheads by 25% on average as compared to the previous related works.
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analyzed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.
A Location Based Cryptosystem For Mobile Devices Using Improved Rabin AlgorithmEditor IJMTER
As per the recent studies, the volatile growth has been seen in the use of mobile devices as
the supporting technology for accessing Internet based services, as well as for personal
communication needs in networking. Various studies indicate that it is impossible to utilize strong
cryptographic functions for implementing security protocols on mobile devices. Our research negates
this. Explicitly, a performance analysis focused on the most commonly used cryptographic protocols
based on the location address (latitude & longitude) of the user for mobile applications and projected
provably secure authentication protocol that is more efficient than any of the prevailing
authentication protocol is being used by the network security methods. Understanding the use of
public key cryptography which makes potential use of discrete logarithms problem. The security of
ECC depends on the difficulty of Elliptic Curve Discrete Logarithm. To provide secure
communication for mobile devices, authenticated protocol is an important primitive for establishing
trusted connection. In this paper, it has been shown that the location based system using improved
Rabin Algorithm provides a better security and acquires much less energy consumption than the
existing authentication protocols.
Architectural Layers of Internet of Things: Analysis of Security Threats and ...Scientific Review SR
A pervasive network architecture that interconnect heterogeneous objects, devices, technologies and services called
Internet of Things has prompted a drastic change in demand of smart devices which in turn has increased the rate of
data exchange. These smart devices are built with numerous sensors which collect information from other interacting
devices, process it and send it to remote locations for storage or further processing. Although this mechanism of data
processing and sharing has contributed immensely to the information world, it has recently posed high security risk
on privacy and data confidentiality. This paper therefore analyses different security threats to data at different
architectural layers of Internet of Things, possible countermeasures and other in-depth security measures for Internet
of Things. The paper identifies device authentication on IoT network to be of paramount impo rtance in securing IoT
systems. This paper also suggests some essential technologies of security such as encryption for securing IoT
devices and the data shared over IoT network
IMPROVE SECURITY IN SMART CITIES BASED ON IOT, SOLVE CYBER ELECTRONIC ATTACKS...IJNSA Journal
Smart cities are expected to significantly improve people's quality of life, promote sustainable development, and enhance the efficiency of operations. With the implementation of many smart devices, c problems have become a serious challenge that needs strong treatments, especially the cyber-attack, which most countries suffer from it.
My study focuses on the security of smart city systems, which include equipment like air conditioning, alarm systems, lighting, and doors. Some of the difficulties that arise daily may be found in the garage. This research aims to come up with a simulation of smart devices that can be and reduce cyber attach. Use of Cisco Packet tracer Features Simulated smart home and c devices are monitored. Simulation results show that smart objects can be connected to the home portal and objects can be successfullymonitored which leads to the idea of real-life implementation and see. In my research make manysolutions for attachingissues,which was great, and apply some wirelessprotocol.
A Comprehensive Survey on Exiting Solution Approaches towards Security and Pr...IJECEIAES
‘Internet of Things (IoT)’emerged as an intelligent collaborative computation and communication between a set of objects capable of providing on-demand services to other objects anytime anywhere. A large-scale deployment of data-driven cloud applications as well as automated physical things such as embed electronics, software, sensors and network connectivity enables a joint ubiquitous and pervasive internet-based computing systems well capable of interacting with each other in an IoT. IoT, a well-known term and a growing trend in IT arena certainly bring a highly connected global network structure providing a lot of beneficial aspects to a user regarding business productivity, lifestyle improvement, government efficiency, etc. It also generates enormous heterogeneous and homogeneous data needed to be analyzed properly to get insight into valuable information. However, adoption of this new reality (i.e., IoT) by integrating it with the internet invites a certain challenges from security and privacy perspective. At present, a much effort has been put towards strengthening the security system in IoT still not yet found optimal solutions towards current security flaws. Therefore, the prime aim of this study is to investigate the qualitative aspects of the conventional security solution approaches in IoT. It also extracts some open research problems that could affect the future research track of IoT arena.
Securing mobile cloud using finger print authenticationIJNSA Journal
Mobile cloud computing becomes part of mobile users daily life transactions. Mobile devices with Internet
capabilities have increased the use of mobile clouding computing. Due to hardware limitations in mobile
devices, these devices can't install and run applications require heavy CPU processing or extensive
memory. Cloud computing allows mobile users to synchronize their data with remote storage and utilize
applications require heavy CPU processing or extensive memory such as Microsoft Office or Adobe
Photoshop, as they run in a desktop computer.
Bluetooth is an essential wireless standard for short-distance and low-power wireless networks. Health
departments’ contact-tracing applications depended on Bluetooth technology to prevent infectious diseases
from spreading, especially COVID-19. The security threats of the Bluetooth-based contact-tracing
applications increased because an adversary can use them as surveillance tools that violate the user’s
privacy and revealpersonal information. The Bluetooth standard mainly depends on the device address in
its authenticated pairing mechanism (Secure Simple Pairing), which can collect with off-the-shelf
hardware and software and leads to a tracking attack. To avoid the risk of tracking based on this security
vulnerability in the Bluetooth protocol, we suggest a novel authentication protocol based on a non-
interactive zero-knowledge scheme to substitute the authentication protocol used in the Bluetooth standard.
The new protocol can replace the authentication protocol in the Bluetooth stack without any modification
in the device pairing flow. Finally, we prove the security of our proposed scheme against the man-in-the-
middle attack and tracking attack. A performance comparison with the authentication algorithm in the BLE
standard shows that our method mitigates the tracking attack with low communication messages. Our
results help enhance the contact-tracing application’s security in which Bluetooth access is available.
In this abstract, we analyze the state of the art of end-to-end security Instant Messaging applications.
This includes the applications' network architectures, current and future challenges, and potential legal and social impact.
The Proposed Development of Prototype with Secret Messages Model in Whatsapp ...IJECEIAES
Development of prototype at data security through secret messages is needed for disguising the messages sent in smartphone chatting application, WhatsApp (WA) Chat. We propose a model to disguise a plaintext message which is first encrypted by cryptosystem to change the plaintext message to ciphertext. Plaintext or plainimage entering the smartphone system is changed into encrypted text; receiver then can read the message by using similar key with the sender. The weakness of this proposal is the message random system is not planted directly in the chatting application; therefore message removing process from cryptosystem to WA application is still needed. The strength of using this model is the messages sent will not be easily re-encrypted by hacker and can be used at client computing section.
E-Commerce Privacy and Security SystemIJERA Editor
The Internet is a public networks consisting of thousand of private computer network connected together. Private computer network system is exposed to potential threats from anywhere on the public network. In physical world, crimes often leave evidence finger prints, footprints, witnesses, video on security comes and so on. Online a cyber –crimes, also leaves physical, electronic evidence, but unless good security measures are taken, it may be difficult to trace the source of cyber crime. In certain e-commerce-related areas, such as networking, data transfer and data storage, researchers applied scanning and testing methods, modeling analysis to detect potential risks .In the Security system ,Questions are related to online security in which given options are Satisfied, Unsatisfied ,Neutral, Yes, No. and weak password , Strong password. it is revealed that it is quite difficult, if not impossible, to suggest that which online security is best. Online security provide the flexibility, efficiency of work, provide the better security of net banking . The main feature of the research that the data is safe in banking management for long time and open any account after along time. The Future scope of the study of Security is use to reduce threats. Security is used in the long run results in the reduction of number of branches, saying rentals of related and properties. If the better Security operate than net banking and e-marketing will be increase.
E-Commerce Privacy and Security SystemIJERA Editor
The Internet is a public networks consisting of thousand of private computer network connected together. Private computer network system is exposed to potential threats from anywhere on the public network. In physical world, crimes often leave evidence finger prints, footprints, witnesses, video on security comes and so on. Online a cyber –crimes, also leaves physical, electronic evidence, but unless good security measures are taken, it may be difficult to trace the source of cyber crime. In certain e-commerce-related areas, such as networking, data transfer and data storage, researchers applied scanning and testing methods, modeling analysis to detect potential risks .In the Security system ,Questions are related to online security in which given options are Satisfied, Unsatisfied ,Neutral, Yes, No. and weak password , Strong password. it is revealed that it is quite difficult, if not impossible, to suggest that which online security is best. Online security provide the flexibility, efficiency of work, provide the better security of net banking . The main feature of the research that the data is safe in banking management for long time and open any account after along time. The Future scope of the study of Security is use to reduce threats. Security is used in the long run results in the reduction of number of branches, saying rentals of related and properties. If the better Security operate than net banking and e-marketing will be increase.
In the ever-evolving world of web app development services, staying ahead of security threats is more critical than ever. As technology advances, so do the tactics of cybercriminals.
Design and development of non server peer 2 peer secure communication using j...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
E-Mail Systems In Cloud Computing Environment Privacy,Trust And Security Chal...IJERA Editor
In this paper, SMCSaaS is proposed to secure email system based on Web Service and Cloud Computing
Model. The model offers end-to-end security, privacy, and non-repudiation of PKI without the associated
infrastructure complexity. The Proposed Model control risks in Cloud Computing like Insecure Application
Programming Interfaces, Malicious Insiders, Data Loss Shared Technology Vulnerabilities, or Leakage,
Account, Service, Traffic Hijacking and Unknown Risk Profile
This report analysis web security password authentication based on single- block hash function, written by Shi-Qi Wang, Jing-Ya Wang and Yong-Zhen Li and presented at the 2013 International Conference on Electronic Engineering and Computer Science. To analyze an algorithm means to study the specification of the Algorithm and come to a conclusion about how the implementation of that algorithm will perform in general. Here, the amount of resources necessary to execute the algorithm is determined and its equivalent running time (time complexity) or efficiency of the algorithm.
A review of some of the available literature provides insights into various web security and user identity authentication mechanisms, single- block hash function algorithm, its types, design and functions.
The key findings include:
The Single- Block Hash Function Algorithm has variable input length and fixed out length
The flow chart in figure 1 of the studies shows that the algorithm is Message Digest Method 5 (MD 5)
MD5 algorithm appends padding bits, appends length bits, initialize MD buffer and process each 512- bit block.
In processing each 512- bit block, a total of 64 operations are performed in 4 stages and each stage undergoes 16 iterations.
Collision Resistance Scenario: MD 5 has a very weak collision resistance and its therefore not recommended for encryption. However, MD 5 can withstand tamper with and replay. Running Time (Time Complexity): The time complexity of MD 5 is O(n), where n represents the size of the input data. it is considered relatively fast and efficient than the traditional password but slower than modern hash functions.
Many researchers research to use Single-Block hash algorithm to realize the Web user ID authentication
MD 5 solves deficiency of the traditional username-password authentication or digital signature to realize Web user’s identity authentication
The information presented in this report has been gathered from secondary sources and has been prepared for submission as Information Security Course at AAMUSTED.
Android Based Total Security for System AuthenticationIJERA Editor
In this Paper [5], A highly severe menace to any computing device is the impersonation of an authenticate user. The most frequent computer authentication scheme is to use alphanumerical usernames and passwords. But the textual passwords are prone to dictionary attacks, eves dropping, shoulder surfing and social engineering. As such, graphical passwords have been introduced as an alternative to the traditional authentication process. Though the graphical password schemes provide a way of making more user friendly passwords, while increasing the level of security, they are vulnerable to shoulder surfing. To address this problem, text can be used in combination with the colors and images to generate the session passwords, thereby making a stronger authentication means. In general, session passwords are those that can be used only once and for every new session, a new password is engendered. This paper [7] describes a method of implementing two factor authentication using mobile phones. The proposed method guarantees that authenticating to services, such as online banking or ATM machines, is done in a very secure manner. The proposed system involves using a mobile phone as a software token for One Time Password generation. The generated One Time Password is valid for only a short user defined period of time and is generated by factors that are unique to both, the user and the mobile device itself. Additionally, an SMS-based mechanism is implemented as both a backup mechanism for retrieving the password and as a possible mean of synchronization. The proposed method has been implemented and tested. Initial results show the success of the proposed method.
Design and Development of an E-Commerce Security Using RSA CryptosystemAM Publications,India
E-commerce has presented a new way of doing transactions all over the world using internet. The success of ecommerce depends greatly on how its information technology is used. Over the years the rate at which ecommerce sensitive information is sent over the internet and network has increased drastically. It is for this reason that every company wants to ensure that its ecommerce information is secured. There is need for ecommerce information transmitted via the internet and computer networks to be protected. There is substantial growth in the areas of credit card fraud and identity theft because the internet is a public network with thousands of millions of users. Amongst users are crackers or hackers that carry out the credit card fraud and identity theft in numerous ways facilitated by poor internet security; a concern regarding the exchange of money securely and conveniently over the internet increases. The criticality, danger, and higher priority importance of any e-commerce money transfer makes it a hot area of research interest in modern computer science and informatics. E-commerce industry is slowly addressing security issues on their internal networks but security protection for the consumers is still in its infancy, thus posing a barrier to the development of e-commerce. There is a growing need for technological solutions to globally secure ecommerce transaction information by using appropriate data security technology. The technology solution proposed for solving this security problem is the RSA cryptosystem. This research paper focuses on securing ecommerce information sent through the computer network and internet using RSA cryptography. It elucidates the implementation of RSA algorithm and shows that ecommerce security powered with RSA cryptography is very important in ecommerce transaction. While many attacks exist, the system has proven to be very secure
I want you to Read intensively papers and give me a summary for ever.pdfamitkhanna2070
I want you to Read intensively papers and give me a summary for every paper and the linghth for
each paper is 2 pages or more. In the summary, you need to provide some of your own ideas.
Research Interests: Privacy-Aware Computing,Wireless and Mobile Security,Fog
Computing,Mobile Health and Safety, Cognitive Radio Networking,Algorithm Design and
Analysis.
You should select papers from the following conferences:
IEEE INFOCOM, IEEE Symposium on security and privacy, ACM CCS, USENIX Security.
Solution
PRIVACY AWARE COMPUTING
Introduction
With the increasing public concerns of security and personal data privacy worldwide, security
and privacy become an important research area. This research area is very broad and covers
many application domains.
The security and privacy aware computing research group actually focuses on
(1) privacy-preserved computing,
(2) Video surveillance, and
(3) secure biometric system.
Now let us briefly discuss the above three groups.
Privacy-preserved Computing
Concerns on the data privacy have been increasing worldwide. For example, Apple was
reportedly fined by South Korea’s telecommunications regulator for allegedly collecting and
storing private location data of iPhone users. The privacy concerns raised by both end-users and
government authorities have been hindering the deployment of many valuable IT services, such
as data mining and analysis, data outsourcing, and mobile location-aware computing.
soo, in response to the growing necessity of protecting data privacy, our research group has been
focusing on developing innovative solutions towards information services --- to support these
services while preserving users’ personal privacy.
Video Surveillance
With the growing installation of surveillance video cameras in both private and public areas, the
closed-circuit TV (CCTV) has been evolved from a single camera system to a multiple camera
system; and has recently been extended to a large-scale network of cameras.
One of the objectives of a camera network is to monitor and understand security issues in the
area under surveillance. While the camera network hardware is generally well-designed and
roundly installed, the development of intelligent video analysis software lags far behind. As
such, our group has been focusing on developing video surveillance algorithms such as face
tracking, person re-identification, human action recognition.
Our goal is to develop an intelligent video surveillance system.
Secure Biometric System
With the growing use of biometrics, there is a rising concern about the security and privacy of
the biometric data. Recent studies show that simple attacks on a biometric system, such as hill
climbing, are able to recover the raw biometric data from stolen biometric template. Moreover,
the attacker may be able to make use of the stolen face template to access the system or cross-
match across databases. Our group has been working on face template protection, multimodality
template protection, and .
A Review of Information Security from Consumer’s Perspective Especially in On...Dr. Amarjeet Singh
In the current internet technology, most of the transactions to banking system are effective through online transaction. Predominantly all these e-transactions are done through e-commerce web sites with the help of credit/debit cards, net banking and lot of other payable apps. So, every online transaction is prone to vulnerable attacks by the fraudulent websites and intruders in the network. As there are many security measures incorporated against security vulnerabilities, network thieves are smart enough to retrieve the passwords and break other security mechanisms. At present situation of digital world, we need to design a secured online transaction system for banking using multilevel encryption of blowfish and AES algorithms incorporated with dual OTP technique. The performance of the proposed methodology is analyzed with respect to number of bytes encrypted per unit time and we conclude that the multilevel encryption provides better security system with faster encryption standards than the ones that are currently in use.
OneTK: Key Distribution Center at Cloud Providers towards End to End, Securit...Editor IJMTER
Using End to End Connection in packet Switching networks for providing higher
security in Cloud Computing. In cloud computing a major role is provide security to services that
may be PaaS( Platform as a Service), SaaS( Software as a Service) , CaaS( Communication as a
Service) , IaaS( Infrastructure as a Services) , MaaS ( Monitoring as a Service)n, XaaS( X: Platform,
Software, Monitoring, Infrastructure). Cloud computing provides wide range of services. Large,
Small and medium businesses are depending on out sourcing of data services and computation on
cloud this is mainly deals with SaaS. The cloud provides a very high efficient service for the business
organizations. These business organizations trust cloud service providers on their data security. But
providing security is highly risk in cloud through the third party, especially in private cloud services.
Existing data security methods are not so effective. By using this End to End Connection and Session
Keys and attempts is to be covered secularism in the area of Cloud computing users.
A new approach for securing the data from cloud. OTK – “One Time Key Distribution File” is a
service that protects unauthorized file downloading form the cloud.
A Secure and Robust Cloud-based Prototype for Online Transaction using Androi...IJMTST Journal
The current scenario of mobile application based payment processes requires web or mobile channel which can be applicable for authenticating the identity of a remote user. Most of the current activities such as online banking, online shopping, etc. are configured with mobile devices. Since the applicability of m-commerce included various financial transactions along with personal details sharing, therefore, the vulnerability of performing attacks and threats by users have increased. The current research trend highlights that multi-factorial authentication techniques can be reinstalled on other devices, for overcoming this situation. This study introduces an android application based multi-level security model which is very lightweight, user-friendly, and distributed application to overcome the security issues in m-commerce platforms. Each module is made up of several supportive modules performing various operations and contributing to the performance enhancement of the proposed system. The performance evaluation of the proposed system ensures cost effectiveness regarding resource allocation and highly secure environment for online transactions using a trusted third party.
Amazon products reviews classification based on machine learning, deep learni...TELKOMNIKA JOURNAL
In recent times, the trend of online shopping through e-commerce stores and websites has grown to a huge extent. Whenever a product is purchased on an e-commerce platform, people leave their reviews about the product. These reviews are very helpful for the store owners and the product’s manufacturers for the betterment of their work process as well as product quality. An automated system is proposed in this work that operates on two datasets D1 and D2 obtained from Amazon. After certain preprocessing steps, N-gram and word embedding-based features are extracted using term frequency-inverse document frequency (TF-IDF), bag of words (BoW) and global vectors (GloVe), and Word2vec, respectively. Four machine learning (ML) models support vector machines (SVM), logistic regression (RF), logistic regression (LR), multinomial Naïve Bayes (MNB), two deep learning (DL) models convolutional neural network (CNN), long-short term memory (LSTM), and standalone bidirectional encoder representations (BERT) are used to classify reviews as either positive or negative. The results obtained by the standard ML, DL models and BERT are evaluated using certain performance evaluation measures. BERT turns out to be the best-performing model in the case of D1 with an accuracy of 90% on features derived by word embedding models while the CNN provides the best accuracy of 97% upon word embedding features in the case of D2. The proposed model shows better overall performance on D2 as compared to D1.
Design, simulation, and analysis of microstrip patch antenna for wireless app...TELKOMNIKA JOURNAL
In this study, a microstrip patch antenna that works at 3.6 GHz was built and tested to see how well it works. In this work, Rogers RT/Duroid 5880 has been used as the substrate material, with a dielectric permittivity of 2.2 and a thickness of 0.3451 mm; it serves as the base for the examined antenna. The computer simulation technology (CST) studio suite is utilized to show the recommended antenna design. The goal of this study was to get a more extensive transmission capacity, a lower voltage standing wave ratio (VSWR), and a lower return loss, but the main goal was to get a higher gain, directivity, and efficiency. After simulation, the return loss, gain, directivity, bandwidth, and efficiency of the supplied antenna are found to be -17.626 dB, 9.671 dBi, 9.924 dBi, 0.2 GHz, and 97.45%, respectively. Besides, the recreation uncovered that the transfer speed side-lobe level at phi was much better than those of the earlier works, at -28.8 dB, respectively. Thus, it makes a solid contender for remote innovation and more robust communication.
Design and simulation an optimal enhanced PI controller for congestion avoida...TELKOMNIKA JOURNAL
In this paper, snake optimization algorithm (SOA) is used to find the optimal gains of an enhanced controller for controlling congestion problem in computer networks. M-file and Simulink platform is adopted to evaluate the response of the active queue management (AQM) system, a comparison with two classical controllers is done, all tuned gains of controllers are obtained using SOA method and the fitness function chose to monitor the system performance is the integral time absolute error (ITAE). Transient analysis and robust analysis is used to show the proposed controller performance, two robustness tests are applied to the AQM system, one is done by varying the size of queue value in different period and the other test is done by changing the number of transmission control protocol (TCP) sessions with a value of ± 20% from its original value. The simulation results reflect a stable and robust behavior and best performance is appeared clearly to achieve the desired queue size without any noise or any transmission problems.
Improving the detection of intrusion in vehicular ad-hoc networks with modifi...TELKOMNIKA JOURNAL
Vehicular ad-hoc networks (VANETs) are wireless-equipped vehicles that form networks along the road. The security of this network has been a major challenge. The identity-based cryptosystem (IBC) previously used to secure the networks suffers from membership authentication security features. This paper focuses on improving the detection of intruders in VANETs with a modified identity-based cryptosystem (MIBC). The MIBC is developed using a non-singular elliptic curve with Lagrange interpolation. The public key of vehicles and roadside units on the network are derived from number plates and location identification numbers, respectively. Pseudo-identities are used to mask the real identity of users to preserve their privacy. The membership authentication mechanism ensures that only valid and authenticated members of the network are allowed to join the network. The performance of the MIBC is evaluated using intrusion detection ratio (IDR) and computation time (CT) and then validated with the existing IBC. The result obtained shows that the MIBC recorded an IDR of 99.3% against 94.3% obtained for the existing identity-based cryptosystem (EIBC) for 140 unregistered vehicles attempting to intrude on the network. The MIBC shows lower CT values of 1.17 ms against 1.70 ms for EIBC. The MIBC can be used to improve the security of VANETs.
Conceptual model of internet banking adoption with perceived risk and trust f...TELKOMNIKA JOURNAL
Understanding the primary factors of internet banking (IB) acceptance is critical for both banks and users; nevertheless, our knowledge of the role of users’ perceived risk and trust in IB adoption is limited. As a result, we develop a conceptual model by incorporating perceived risk and trust into the technology acceptance model (TAM) theory toward the IB. The proper research emphasized that the most essential component in explaining IB adoption behavior is behavioral intention to use IB adoption. TAM is helpful for figuring out how elements that affect IB adoption are connected to one another. According to previous literature on IB and the use of such technology in Iraq, one has to choose a theoretical foundation that may justify the acceptance of IB from the customer’s perspective. The conceptual model was therefore constructed using the TAM as a foundation. Furthermore, perceived risk and trust were added to the TAM dimensions as external factors. The key objective of this work was to extend the TAM to construct a conceptual model for IB adoption and to get sufficient theoretical support from the existing literature for the essential elements and their relationships in order to unearth new insights about factors responsible for IB adoption.
Efficient combined fuzzy logic and LMS algorithm for smart antennaTELKOMNIKA JOURNAL
The smart antennas are broadly used in wireless communication. The least mean square (LMS) algorithm is a procedure that is concerned in controlling the smart antenna pattern to accommodate specified requirements such as steering the beam toward the desired signal, in addition to placing the deep nulls in the direction of unwanted signals. The conventional LMS (C-LMS) has some drawbacks like slow convergence speed besides high steady state fluctuation error. To overcome these shortcomings, the present paper adopts an adaptive fuzzy control step size least mean square (FC-LMS) algorithm to adjust its step size. Computer simulation outcomes illustrate that the given model has fast convergence rate as well as low mean square error steady state.
Design and implementation of a LoRa-based system for warning of forest fireTELKOMNIKA JOURNAL
This paper presents the design and implementation of a forest fire monitoring and warning system based on long range (LoRa) technology, a novel ultra-low power consumption and long-range wireless communication technology for remote sensing applications. The proposed system includes a wireless sensor network that records environmental parameters such as temperature, humidity, wind speed, and carbon dioxide (CO2) concentration in the air, as well as taking infrared photos.The data collected at each sensor node will be transmitted to the gateway via LoRa wireless transmission. Data will be collected, processed, and uploaded to a cloud database at the gateway. An Android smartphone application that allows anyone to easily view the recorded data has been developed. When a fire is detected, the system will sound a siren and send a warning message to the responsible personnel, instructing them to take appropriate action. Experiments in Tram Chim Park, Vietnam, have been conducted to verify and evaluate the operation of the system.
Wavelet-based sensing technique in cognitive radio networkTELKOMNIKA JOURNAL
Cognitive radio is a smart radio that can change its transmitter parameter based on interaction with the environment in which it operates. The demand for frequency spectrum is growing due to a big data issue as many Internet of Things (IoT) devices are in the network. Based on previous research, most frequency spectrum was used, but some spectrums were not used, called spectrum hole. Energy detection is one of the spectrum sensing methods that has been frequently used since it is easy to use and does not require license users to have any prior signal understanding. But this technique is incapable of detecting at low signal-to-noise ratio (SNR) levels. Therefore, the wavelet-based sensing is proposed to overcome this issue and detect spectrum holes. The main objective of this work is to evaluate the performance of wavelet-based sensing and compare it with the energy detection technique. The findings show that the percentage of detection in wavelet-based sensing is 83% higher than energy detection performance. This result indicates that the wavelet-based sensing has higher precision in detection and the interference towards primary user can be decreased.
A novel compact dual-band bandstop filter with enhanced rejection bandsTELKOMNIKA JOURNAL
In this paper, we present the design of a new wide dual-band bandstop filter (DBBSF) using nonuniform transmission lines. The method used to design this filter is to replace conventional uniform transmission lines with nonuniform lines governed by a truncated Fourier series. Based on how impedances are profiled in the proposed DBBSF structure, the fractional bandwidths of the two 10 dB-down rejection bands are widened to 39.72% and 52.63%, respectively, and the physical size has been reduced compared to that of the filter with the uniform transmission lines. The results of the electromagnetic (EM) simulation support the obtained analytical response and show an improved frequency behavior.
Deep learning approach to DDoS attack with imbalanced data at the application...TELKOMNIKA JOURNAL
A distributed denial of service (DDoS) attack is where one or more computers attack or target a server computer, by flooding internet traffic to the server. As a result, the server cannot be accessed by legitimate users. A result of this attack causes enormous losses for a company because it can reduce the level of user trust, and reduce the company’s reputation to lose customers due to downtime. One of the services at the application layer that can be accessed by users is a web-based lightweight directory access protocol (LDAP) service that can provide safe and easy services to access directory applications. We used a deep learning approach to detect DDoS attacks on the CICDDoS 2019 dataset on a complex computer network at the application layer to get fast and accurate results for dealing with unbalanced data. Based on the results obtained, it is observed that DDoS attack detection using a deep learning approach on imbalanced data performs better when implemented using synthetic minority oversampling technique (SMOTE) method for binary classes. On the other hand, the proposed deep learning approach performs better for detecting DDoS attacks in multiclass when implemented using the adaptive synthetic (ADASYN) method.
The appearance of uncertainties and disturbances often effects the characteristics of either linear or nonlinear systems. Plus, the stabilization process may be deteriorated thus incurring a catastrophic effect to the system performance. As such, this manuscript addresses the concept of matching condition for the systems that are suffering from miss-match uncertainties and exogeneous disturbances. The perturbation towards the system at hand is assumed to be known and unbounded. To reach this outcome, uncertainties and their classifications are reviewed thoroughly. The structural matching condition is proposed and tabulated in the proposition 1. Two types of mathematical expressions are presented to distinguish the system with matched uncertainty and the system with miss-matched uncertainty. Lastly, two-dimensional numerical expressions are provided to practice the proposed proposition. The outcome shows that matching condition has the ability to change the system to a design-friendly model for asymptotic stabilization.
Implementation of FinFET technology based low power 4×4 Wallace tree multipli...TELKOMNIKA JOURNAL
Many systems, including digital signal processors, finite impulse response (FIR) filters, application-specific integrated circuits, and microprocessors, use multipliers. The demand for low power multipliers is gradually rising day by day in the current technological trend. In this study, we describe a 4×4 Wallace multiplier based on a carry select adder (CSA) that uses less power and has a better power delay product than existing multipliers. HSPICE tool at 16 nm technology is used to simulate the results. In comparison to the traditional CSA-based multiplier, which has a power consumption of 1.7 µW and power delay product (PDP) of 57.3 fJ, the results demonstrate that the Wallace multiplier design employing CSA with first zero finding logic (FZF) logic has the lowest power consumption of 1.4 µW and PDP of 27.5 fJ.
Evaluation of the weighted-overlap add model with massive MIMO in a 5G systemTELKOMNIKA JOURNAL
The flaw in 5G orthogonal frequency division multiplexing (OFDM) becomes apparent in high-speed situations. Because the doppler effect causes frequency shifts, the orthogonality of OFDM subcarriers is broken, lowering both their bit error rate (BER) and throughput output. As part of this research, we use a novel design that combines massive multiple input multiple output (MIMO) and weighted overlap and add (WOLA) to improve the performance of 5G systems. To determine which design is superior, throughput and BER are calculated for both the proposed design and OFDM. The results of the improved system show a massive improvement in performance ver the conventional system and significant improvements with massive MIMO, including the best throughput and BER. When compared to conventional systems, the improved system has a throughput that is around 22% higher and the best performance in terms of BER, but it still has around 25% less error than OFDM.
Reflector antenna design in different frequencies using frequency selective s...TELKOMNIKA JOURNAL
In this study, it is aimed to obtain two different asymmetric radiation patterns obtained from antennas in the shape of the cross-section of a parabolic reflector (fan blade type antennas) and antennas with cosecant-square radiation characteristics at two different frequencies from a single antenna. For this purpose, firstly, a fan blade type antenna design will be made, and then the reflective surface of this antenna will be completed to the shape of the reflective surface of the antenna with the cosecant-square radiation characteristic with the frequency selective surface designed to provide the characteristics suitable for the purpose. The frequency selective surface designed and it provides the perfect transmission as possible at 4 GHz operating frequency, while it will act as a band-quenching filter for electromagnetic waves at 5 GHz operating frequency and will be a reflective surface. Thanks to this frequency selective surface to be used as a reflective surface in the antenna, a fan blade type radiation characteristic at 4 GHz operating frequency will be obtained, while a cosecant-square radiation characteristic at 5 GHz operating frequency will be obtained.
Reagentless iron detection in water based on unclad fiber optical sensorTELKOMNIKA JOURNAL
A simple and low-cost fiber based optical sensor for iron detection is demonstrated in this paper. The sensor head consist of an unclad optical fiber with the unclad length of 1 cm and it has a straight structure. Results obtained shows a linear relationship between the output light intensity and iron concentration, illustrating the functionality of this iron optical sensor. Based on the experimental results, the sensitivity and linearity are achieved at 0.0328/ppm and 0.9824 respectively at the wavelength of 690 nm. With the same wavelength, other performance parameters are also studied. Resolution and limit of detection (LOD) are found to be 0.3049 ppm and 0.0755 ppm correspondingly. This iron sensor is advantageous in that it does not require any reagent for detection, enabling it to be simpler and cost-effective in the implementation of the iron sensing.
Impact of CuS counter electrode calcination temperature on quantum dot sensit...TELKOMNIKA JOURNAL
In place of the commercial Pt electrode used in quantum sensitized solar cells, the low-cost CuS cathode is created using electrophoresis. High resolution scanning electron microscopy and X-ray diffraction were used to analyze the structure and morphology of structural cubic samples with diameters ranging from 40 nm to 200 nm. The conversion efficiency of solar cells is significantly impacted by the calcination temperatures of cathodes at 100 °C, 120 °C, 150 °C, and 180 °C under vacuum. The fluorine doped tin oxide (FTO)/CuS cathode electrode reached a maximum efficiency of 3.89% when it was calcined at 120 °C. Compared to other temperature combinations, CuS nanoparticles crystallize at 120 °C, which lowers resistance while increasing electron lifetime.
In place of the commercial Pt electrode used in quantum sensitized solar cells, the low-cost CuS cathode is created using electrophoresis. High resolution scanning electron microscopy and X-ray diffraction were used to analyze the structure and morphology of structural cubic samples with diameters ranging from 40 nm to 200 nm. The conversion efficiency of solar cells is significantly impacted by the calcination temperatures of cathodes at 100 °C, 120 °C, 150 °C, and 180 °C under vacuum. The fluorine doped tin oxide (FTO)/CuS cathode electrode reached a maximum efficiency of 3.89% when it was calcined at 120 °C. Compared to other temperature combinations, CuS nanoparticles crystallize at 120 °C, which lowers resistance while increasing electron lifetime.
A progressive learning for structural tolerance online sequential extreme lea...TELKOMNIKA JOURNAL
This article discusses the progressive learning for structural tolerance online sequential extreme learning machine (PSTOS-ELM). PSTOS-ELM can save robust accuracy while updating the new data and the new class data on the online training situation. The robustness accuracy arises from using the householder block exact QR decomposition recursive least squares (HBQRD-RLS) of the PSTOS-ELM. This method is suitable for applications that have data streaming and often have new class data. Our experiment compares the PSTOS-ELM accuracy and accuracy robustness while data is updating with the batch-extreme learning machine (ELM) and structural tolerance online sequential extreme learning machine (STOS-ELM) that both must retrain the data in a new class data case. The experimental results show that PSTOS-ELM has accuracy and robustness comparable to ELM and STOS-ELM while also can update new class data immediately.
Electroencephalography-based brain-computer interface using neural networksTELKOMNIKA JOURNAL
This study aimed to develop a brain-computer interface that can control an electric wheelchair using electroencephalography (EEG) signals. First, we used the Mind Wave Mobile 2 device to capture raw EEG signals from the surface of the scalp. The signals were transformed into the frequency domain using fast Fourier transform (FFT) and filtered to monitor changes in attention and relaxation. Next, we performed time and frequency domain analyses to identify features for five eye gestures: opened, closed, blink per second, double blink, and lookup. The base state was the opened-eyes gesture, and we compared the features of the remaining four action gestures to the base state to identify potential gestures. We then built a multilayer neural network to classify these features into five signals that control the wheelchair’s movement. Finally, we designed an experimental wheelchair system to test the effectiveness of the proposed approach. The results demonstrate that the EEG classification was highly accurate and computationally efficient. Moreover, the average performance of the brain-controlled wheelchair system was over 75% across different individuals, which suggests the feasibility of this approach.
Adaptive segmentation algorithm based on level set model in medical imagingTELKOMNIKA JOURNAL
For image segmentation, level set models are frequently employed. It offer best solution to overcome the main limitations of deformable parametric models. However, the challenge when applying those models in medical images stills deal with removing blurs in image edges which directly affects the edge indicator function, leads to not adaptively segmenting images and causes a wrong analysis of pathologies wich prevents to conclude a correct diagnosis. To overcome such issues, an effective process is suggested by simultaneously modelling and solving systems’ two-dimensional partial differential equations (PDE). The first PDE equation allows restoration using Euler’s equation similar to an anisotropic smoothing based on a regularized Perona and Malik filter that eliminates noise while preserving edge information in accordance with detected contours in the second equation that segments the image based on the first equation solutions. This approach allows developing a new algorithm which overcome the studied model drawbacks. Results of the proposed method give clear segments that can be applied to any application. Experiments on many medical images in particular blurry images with high information losses, demonstrate that the developed approach produces superior segmentation results in terms of quantity and quality compared to other models already presented in previeous works.
Automatic channel selection using shuffled frog leaping algorithm for EEG bas...TELKOMNIKA JOURNAL
Drug addiction is a complex neurobiological disorder that necessitates comprehensive treatment of both the body and mind. It is categorized as a brain disorder due to its impact on the brain. Various methods such as electroencephalography (EEG), functional magnetic resonance imaging (FMRI), and magnetoencephalography (MEG) can capture brain activities and structures. EEG signals provide valuable insights into neurological disorders, including drug addiction. Accurate classification of drug addiction from EEG signals relies on appropriate features and channel selection. Choosing the right EEG channels is essential to reduce computational costs and mitigate the risk of overfitting associated with using all available channels. To address the challenge of optimal channel selection in addiction detection from EEG signals, this work employs the shuffled frog leaping algorithm (SFLA). SFLA facilitates the selection of appropriate channels, leading to improved accuracy. Wavelet features extracted from the selected input channel signals are then analyzed using various machine learning classifiers to detect addiction. Experimental results indicate that after selecting features from the appropriate channels, classification accuracy significantly increased across all classifiers. Particularly, the multi-layer perceptron (MLP) classifier combined with SFLA demonstrated a remarkable accuracy improvement of 15.78% while reducing time complexity.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
Courier management system project report.pdfKamal Acharya
It is now-a-days very important for the people to send or receive articles like imported furniture, electronic items, gifts, business goods and the like. People depend vastly on different transport systems which mostly use the manual way of receiving and delivering the articles. There is no way to track the articles till they are received and there is no way to let the customer know what happened in transit, once he booked some articles. In such a situation, we need a system which completely computerizes the cargo activities including time to time tracking of the articles sent. This need is fulfilled by Courier Management System software which is online software for the cargo management people that enables them to receive the goods from a source and send them to a required destination and track their status from time to time.
Quality defects in TMT Bars, Possible causes and Potential Solutions.PrashantGoswami42
Maintaining high-quality standards in the production of TMT bars is crucial for ensuring structural integrity in construction. Addressing common defects through careful monitoring, standardized processes, and advanced technology can significantly improve the quality of TMT bars. Continuous training and adherence to quality control measures will also play a pivotal role in minimizing these defects.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Vaccine management system project report documentation..pdfKamal Acharya
The Division of Vaccine and Immunization is facing increasing difficulty monitoring vaccines and other commodities distribution once they have been distributed from the national stores. With the introduction of new vaccines, more challenges have been anticipated with this additions posing serious threat to the already over strained vaccine supply chain system in Kenya.
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
2. TELKOMNIKA ISSN: 1693-6930
Efficient Data Security for Mobile Instant Messenger (Putra Wanda)
1427
Various IM growing today still not apply the efficient method in authentication and
encryption process, conventional security methods and client-server architecture system have a
risk to many users for attacking server such as compromising, cracking password or leakage of
PINs. Unauthorized people may able to crack the simple passwords and build attack on it, PINs
leakage issue not only in mobile devices but in wearable devices [7]. several studies have tried
to solve the problems with conventional public-key cryptography (PKC) implemented to give
user authentication [18], model of the ranking algorithm using a transitional Bayesian inference
model [8]
But solving that issue with PKC architecture is not strong enough while implemented in
a client-server model with vast users. As we know, public-key computations need large memory
and long time enough, for this problem algorithm choice become a solution to alleviate
computation overhead. Computational overhead is one of the main concerns for the public key
model. So that in this paper we propose a method to solve the problem of computational
overhead. Currently, most of IM doesn’t implement an efficient method for securing data while
transmitting via a public network. Therefore a novel approach needed in data security by digital
signature and encryption method which have good security level, low computational, fastly
encryption.
Therefore, this paper proposes a novel approach focused on the efficient method in
securing message both in encryption and authentication within the end-to-end model. In this
research, security method proposes new algorithms based on Elliptic Curve (EC) scheme with
the specific curve. This model computed within the specific curve, with prime selected p-256 for
achieving efficient computation. This model is Peer to Peer (P2P) architecture than using
conventional client-server model. In this method, end-to-end authentication phase will make
each of data become validated among users. Then, encryption process uses to achieve data
privacy simultaneously. This is a novel approach with Curve computing concept in securing
mobile communication environment
2. Related Work
Several ways to secure instant messaging based on A research in 2011, a paper
proposed a secure module for the instant messaging which adds other “secure module” and
apply a hash algorithm to secure the path in transceiver and routing modules. On the paper, the
hash algorithm is helping secure network conversation and it will result in a private environment
data transmitting along sender and receiver in IM message. While sending, the application
disguises the text in the network that a process it protected toward the attackers. It will secure
the system.
In this approach, a secure architecture divided into four modules; chat module,
transceiver module, secure module, and a routing module. In this research, secure module
applied the hash algorithm. The main function of the hash algorithm is to convert into a hash
value. Purpose of encryption is to make sure unauthorized person cannot view the original data
or information through the network. IM application in securing IM has developed and tested [9].
Another authentication for security method called group authentication, which
authenticates all users on a line. It is particular design to support applications with group
oriented. Propose a special type of authentication, called group authentication which designed
for group-oriented applications. The proposed method is no longer a one-to-one type of
authentication but in this approach, it is a many-to-many type of authentication. Group
authentication can authenticate multiple users [10].
Besides, authentication agent needs to secure data on the internet, it like the system
designed for e-Shopping. In its model, an agent creates connectivity anytime, anywhere, any-
device-basis in providing the customer the specific goods. But Internet being heterogeneous
and nonsecure medium; privacy, authenticity, integrity, and non-repudiation are the key
requirements to addressed by such systems where face to face interaction is impossible. Most
of the systems don’t provide the required level of security service so that many problems exist in
the systems like denying, losing, misusing, stealing double spending etc. This approach address
all the security service problems to an e-shopping system using Elliptic Curve Cryptosystem
(ECC) [11].
3. ISSN: 1693-6930
TELKOMNIKA Vol. 16, No. 3, June 2018: 1426-1434
1428
3. Mobile Security Overview
Nowadays, various methods have proposed for securing mobile internet from threats,
such as by Business Diversification, Platform Diverse, Terminal Security etc. [12]. Terminal
security is a problem that solved in mobile Internet and is also the most concerned by users.
Mobile internet terminal securities mean includes the traditional terminal protection, mobile
terminal security management, terminal access control and other [13].
IM is one of the most important applications in Mobile Internet. Based on a review of
several papers, the most popular IM products: Skype Messenger, Facebook Instant Messenger,
Yahoo Messenger, Google Talk Instant Messenger, eBuddy, Whatsapps instant messaging
and SimpPro are still vulnerable to security violations. They allow users to transfer clear text in
chat sessions that risk in IM communication, it will give an opportunity eavesdropper for
changing a message. Some IM application still sends the message to sender and receiver over
the internet in a plaintext. The following table will show format of the text while transmitting.
Table 1. List of Instant Message Encryption Web Based
Messenger Text conversation over the internet Text conversation android browser
Skype App Encrypted Message -
WhatsApp Encrypted Message -
Yahoo App Plaintext -
Gmail Messenger Encrypted Message Encrypted Message
Facebook Messenger Plaintext -
Google Talk Plaintext -
The table shows how to risk the message that sends over the internet [14]. Based on
the paper, vulnerable aspect can cause a program to sniff and change the packet that sends via
public networks. As we know, the main concept of security defined that s Confidentiality: How
an information still in secrecy while transmitting over a network. Authentication will ensure that
the people using the application which sending a message are the authorized users of that
system. Then, Non-Repudiation systems able to ensures that neither sender nor the receiver
can deny communication while they exchange a message [15].
4. Our Approach
There are possibilities of making the algorithm more efficient and secure in a public-key
cryptosystem. Elliptic Curve Cryptography has become one of the latest trends in the field of
public-key cryptography. EC Cryptography promises a faster and more secure method of
encryption compared to any other standard public-key cryptosystem. Elliptic curve widely used
in security, various aspect successfully applied this algorithm for achieving high-level security
such as internet protocol, image processing until securing service for Session Initiation
Protocol [16].
One of the methods which used to authenticate message while transmitting via the
public internet is Digital Signature. It can use to help authenticate the HTML script, message
text etc. Digital signatures can help build secure and efficient internet application. Wider
adoption of digital signatures would be possible to make the method for securing IM message
while running a chat in a session efficiently [17].
4.1. Security model
While many methods have proposed in client-server communication architecture, in this
paper, we use two schemas for securing IM data in Peer to Peer architecture, authentication,
and cryptography process. Authentication ensures that the people using the application which
sent a message to authorized people [15]. Cryptography use to create a random text for
avoiding unauthorized people compromise data while transmitting over the internet.
This study will use Elliptic Curve concept for designing authentication and cryptography
algorithm efficiently. This model, each user generates a key pair with specific algorithms
before initiating a communication between them. Generating process produces private key and
public key, the key is a key air which used along with a communication session. The key
pair will be erased after communicating finished completely.
4. TELKOMNIKA ISSN: 1693-6930
Efficient Data Security for Mobile Instant Messenger (Putra Wanda)
1429
4.1.1. Authentic process
Each of user will own a key pair consists of a private key and public key. The private
key will be saved for signing and decrypting message while public key used for verifying and
encrypting the message. In the authentication process, each user sent a public key by peer to
peer communication, this model may able to fasten keys transaction between them.
Authentication process will use a key pair. The key pair own private key and public key,
the private key will sign the message (M) while sending a message over the internet and the
public key will verify the message. In this process, generating key pair session will apply Elliptic
Curve concept in that algorithm.
4.1.2. Crypto process
Crypto process is an encryption and decryption process which will use to change
plaintext into ciphertext, this process will get the key pair that generated. Key pair includes a
private key and public key, receiver’s public key will encrypt the message (M) and receiver’s
private key will decrypt a ciphertext.
At the sender, for instance, Alice, the private key will sign M message and M has to add
a hash function as a message digest. Combination of hash value and sign will produce Message
signature (S). S as a secure message will be exchanged via the public internet. An example, Bob
is M receiver. When the receiver gets M in the application, Alice’s Public key will verify M
message. It will use a hash function for comparing the M value. If the value is compatible, so S is
a valid Message from Alice and vice-versa. This cryptography will result in communication of IM
be fastly and fulfill the level of security. The proposed model illustrated in Figure 1.
M Sign Verify M
Alice Private Key
Alice Bob
Encrypt Decrypt
S
Alice Public Key
Bob Public Key Bob Private Key
Peer to Peer Communcation
Figure 1. Efficient security model in IM communication
When Alice wants to make a chat with Bob, Alice will send a message (M). While M message
sends to Bob, ECC schema will encrypt it become ciphertext and generate its signature. Bob will
decrypt the ciphertext with his private key and verify the signature with the public key of Alice.
Since the Bob knows Alice’s public key, it can verify whether Alice sends the message indeed.
In this paper, each data exchange use key pair per session used for a session data
transaction in mobile IM system. Key pair will guard user along a session information transaction
after a session is finished, the system will automatically delete the key pair so that other session
cannot use to sign or encrypt a message when they start another session.
4.2. Designed algorithms
In this paper, we make several algorithms to reach efficient security for data transaction
in mobile IM. Two types algorithms in our model, encryption-decryption algorithm and signature
algorithm. Then, when the receiver wants to read the original message, he will use decryption
process. Decryption process will use the following algorithm. While sending a message, a user
will sign it with ECC algorithm to give authentication. Signing process will use the following
algorithm. After receiving a signature message, the receiver will verify it with public key based on
ECC algorithm to check the validation of signature. Verifying process will use the following
algorithm.
5. ISSN: 1693-6930
TELKOMNIKA Vol. 16, No. 3, June 2018: 1426-1434
1430
Algorithm 1. Encryption
Input: Message (M)
Output: Ciphertext (M’)
S1: Choose public key Q=dP based Elliptic
Curve
S2: Choose a point of P (in Elliptic Curve)
S3: Choose a prime number p
S4: Choose a random k ∈{2,…,p-1} and compute
kQ dan kP.
Ciphertext: M’=[kP, M ⊕ X(kQ)]
Algorithm 2. Decryption
Input: Message ciphertext (M’)
Output: Message plaintext (M)
S1: Read a private key d for Elliptic Curve E
S2: Read the value of kP and compute d(kP).
S3: read binary number of M2
Decryption: M=[M2 ⊕ X(d(kP))]
Algorithm 3. Signing Message
Input: Message (M)
Output: Message Signature (S)
S1: Choose random integer k for Elliptic Curve E
S2: Choose base point P for Elliptic Curve E
S3: Compute kP
S4 : Compute r=x1 mod n
S5 : Compute s=k-1
{h(m)+dr} mod n
Signature of M=(r,s)
Algorithm 4. Verifying signature of Message
Input: Message Signature (S)
Output: Valid or Invalid
S1: Choose the public key Q
S2: r and s is in [1, n-1] interval
S3 : Compute w=s-1
mod n dan h(m).
S4: Apply a Hash (SHA-256) for M
S5 : Compute u1=h(m)w mod n and u2=rw mod
S6 : Compute u1P+u2Q=(x1, y1) and v=x1 mod n.
If v=r then Signature is Valid
Each of user will always run two processes when exchange messages each other.
The process includes Authentic process and crypto process. The authentic process steps to
sign or verify the message and crypto process is a step when user will encrypt or decrypt the
message in a data exchange. To reach efficient message security in mobile IM, we use several
parameters in ECC algorithm. The mobile device hasn’t a good resource for running heavy
computation for all security. So that, in this paper we make ECC algorithm to give good level
security aspect and low-level computation overhead in a mobile device.
4. Result
This paper will show the efficient level of above algorithm to give security in mobile IM.
there are three indicators that will use to test efficient level include computation time, ciphertext
length and signature length. To measure the efficient levels, testing uses more specification in
the android emulator with different resources. Encryption time is period for converting a plaintext
into ciphertext and Decryption time is vice versa. Encryption process uses a various length of
key based ECC parameters. The result of encryption and decryption show in Figure 2.
Figure 2 shows the difference of time which uses to encryption and decryption with
various os key length. In this research, as more little time in running the process, as more
efficient the key length. The result of this testing shows that key lengths which 224 and 256-bit
size is the most effective than another size of key length.
Figure 2. Encryption-decryption time based on key length
6. TELKOMNIKA ISSN: 1693-6930
Efficient Data Security for Mobile Instant Messenger (Putra Wanda)
1431
On the other hand, time of signing process uses to give a signature and verification of a
message. In the testing report, this study produced different time with various of key length.
Using of Elliptic Curve in this process has produced efficient time and resource computation,
Elliptic Curve concept with key length 224 and 256 bit own good level of signing and verifying
process. Therefore, these key size is preferable for implementing in mobile IM. Another aspect
of the testing part is the signature length of the message. It is the random character of a
message after hash processing finished. Signature length will affect the use of internal memory
in the mobile device. The result of signature length shown in Figure 3.
Figure 3. Length of message signature with Elliptic Curve
Figure 3 describes that the length of digital signature affected by key length used in the
signing of the message. Testing result show as more key length used to sign the message, as
more length of a digital signature of that message. Based on above testing, key length with 256
bit which produces 72 bit of digital signature is the most preferable in mobile IM to reach both
efficient security and good strength.
6. Analysis
In this research, we propose a secure communication model with Elliptic Curve concept
with both authentication message and encryption-decryption process while exchange data over
the public internet. In the first step, one of the most important aspects of security called
authentication where an entity should be identified before or during the communication. This
avoids any type of attack or malicious activity by which a malicious user and identifies himself
as the real user while communication occurs. This study use designed algorithm based on
Elliptic Curve basic within formula
Algorithm build based on various parameter in NIST recommendation prime curves
includes p-256, and value of while is the size of the underlying field, therefore
new equation for designing algorithm with new curve ( ):
This model computed within the above curve, with prime selected p-256 based on NIST
recommendation curve [24]. This curve is used to achieve fast and secure implementations of
Digital Signature for the curve P-256, providing 128-bits of security, on low-cost and low-power
when testing in available hardware. The curve used to compute key generation and encryption
process, generation is an important phase that generates a key pair in a communication
session. The sender will be encrypting the message with receiver’s public key and the receiver
will decrypt the message with the private key in the same curve. This is a novel approach to
securing mobile communication environment. This application runs in peer-to-peer architecture
chat so that the message will be more private than client-server architecture. Then, this method
will update key pair (public key and private key) of each user when they want to build a session
chat in the IM environment.
7. ISSN: 1693-6930
TELKOMNIKA Vol. 16, No. 3, June 2018: 1426-1434
1432
6.1. Peer to peer secure chat
Security in mobile IM message will be held between sender and receiver using the
designed algorithm. Peer to Peer architecture more precise and fast in IM environment, then it
may able to elevate the level of data privacy for users.
In this architecture, each of session generate a key pair consist of public key and private
key that used by sender and receiver, environment will delete the key pair when a
communication session finished completely, the key pair will only valid for one session, when
sender or receiver isn’t active, the key pair will be deleted so that unauthorized people can't use
the key pair. The schema avoids unauthorized people to compromise the data.
6.2. Efficient security with curve computing
In this research, using of Elliptic Curve concept for designing new algorithm in mobile IM
has more advantage such as shorter key size, less computational overhead, less memory
space. Based on the study, mobile devices consumed less power in running security process
both in authentication and encryption process. In another hand, Elliptic Curve is known as for
high-security level. it is easy to implement both in hardware and software. Since EC has
enormous feature for providing security and high-efficiency application. Designing specific
algorithms for mobile IM have achieved efficient computation and good security level.
This study uses a curve computing in building the security algorithm and this is a novel
approach in mobile IM security. Based on our result, implementation of Elliptic Curve in mobile
IM produced efficient time with using little resources in running the security process like to run
encryption-decryption and to generate a digital signature. In another hand, this research uses
designed algorithms that show the effective result in generating and confirm the sign so that it
can cut the power in computation and it is very compatible when applying in a current mobile
device that owns limit hardware resources. Many researchers put his effort to develop
cryptographic algorithm and protocol based on Elliptic Curve. This feature makes ECC very
popular among the many cryptographic systems.
7. Comparison Result
Various research conducted in IM security and algorithms before, those papers
proposed securing data or communication architecture in IM environment. Yusof et al. proposed
a secure architecture divided into four modules; chat module, transceiver module, secure
module, and a routing module. In this research, secure module applied the hash algorithm. The
main function of the hash algorithm is to convert into a hash value. Purpose of encryption is to
make sure unauthorized person cannot view the original data or information through the
network. IM application for securing IM has developed and tested for security analysis [19].
Marc et al proposed a simple security mechanism to protect Peer to Peer applications
against various of vulnerabilities when transmitting over the public network. The protocol
overhead tested to assess its impact on device performance, an important requisite on limited
devices. This method implemented the modifications of the JXME protocols to solve the most
glaring vulnerabilities, providing basic protection against simple spoofing and replay attacks in
the network [20-21].
A model of work proposed a security framework based on JXTA architecture The main
features of the in this work include a modular approach which may cater to set of scenarios, an
effective secure key distribution and a hybrid authenticity scheme which balances the need for
important information at end-user level and simplicity at the lower middleware layers. This
model designed in Peer to Peer application, design focused on scalability or overall
performance issues [22]. Each of study produced different overhead in computing process,
overhead consist of cryptography time and overall time used in computation process. Overhead
in this research formulated by:
Various research in securing Peer to Peer communication especially in IM environment has
been conducted. Based on above formula, more different overhead in computing process
shown in Table 2:
8. TELKOMNIKA ISSN: 1693-6930
Efficient Data Security for Mobile Instant Messenger (Putra Wanda)
1433
Table 2. Comparison Result in Computing Overhead
Research Activity Interval time (s) Hash Size (byte) Overhead (%)
Yusof et al. Generate Hash 1 50 56.4 %
(SHA) 5 250 44.5 %
Marc et al. Generate Hash 1 50 47 %
(JXME Protocol) 5 250 44.3 %
Joan et al. Secure Login 1 - 51 %
(JXTA Overlay) 5 - 46 %
This approach Generate Hash 1 50 42.1 %
(Elliptic Curve Computing) 5 250 38 %
Our study with designed algorithms based on Elliptic Curve concept produced more
efficient result both in authentication and cryptography process. Curve Computing are
possibilities of making the algorithm more efficient and secure in public-key cryptosystem and
promises a faster and more secure method of encryption.
In another hand, an experiment conducted in Windows and Linux environment for
analyzing Elliptic Curve Cryptosystem (ECC) as an asymmetric block cipher algorithm and a set
of symmetric block cipher algorithms namely Triple-Data Encryption Standard (T-DES),
Advanced Encryption Standard (AES), and Blowfish. Performance evaluation based on CPU
execution time is shown in Figure 4
Figure 4. Performance Comparison of symmetric and asymmetric block ciphe algorithms
In this study, Elliptic Curve Cryptosystem (ECC) as an asymmetric block cipher
algorithm and three symmetric block ciphers: Triple-DES, AES, and Blowfish were presented.
This experiment runs in Java environment with Cryptography Architecture (JCA) and Java
Cryptography Extension (JCE). Based on CPU execution time, ECC outperform the other three
algorithms in all tests and under the computing environment [23].
8. Conclusion and Future Work
Common mobile IM services lack native encryption to protect information being
transmitted over the public network and still used high computation, this problem should be
addressed with efficient security methods. In this study, we propose an efficient method with
Elliptic Curve concept. It has designed new algorithm with designed Curve for building security
model in mobile IM environment. Security model based on Elliptic Curve (EC) works in Peer to
Peer (P2P) architecture rather than a conventional client-server model. In this method, end-to-
end authentication phase will make each of data become validated among users. Then,
encryption process uses to achieve data privacy between them.
The result shows this method produces efficient time in authentication and encryption
process while applying in a mobile environment. This paper recommends Elliptic Curve for using
9. ISSN: 1693-6930
TELKOMNIKA Vol. 16, No. 3, June 2018: 1426-1434
1434
in mobile IM security with key length 256 bit within curve . It has produced
efficient in time to each of security process include generating key, signing, verifying, encryption
and decryption. Therefore, this security method suitable to mobile IM environment. Besides, EC
algorithm outperform others cryptography algorithms both symmetric and asymmetric block
cipher algorithms. Besides, it is compatible with a mobile phone which has the limitation of
computation capabilities and resources. This research still testing in text format, so that it next
time probably will use other data format. Then, to increase authentication level, it needs to add
SHA-3 (Keccak) algorithm in Elliptic Curve Cryptography.
References
[1] T Sutikno, D Stiawan, IMI Subroto. Fortifying Big Data infrastructures to Face Security and Privacy
Issues. TELKOMNIKA (Telecommunication Computing Electronics and Control). 2014; 12(4): 751-
752.
[2] O Nait Hamoud, T Kenaza, Y Challal. Security in device-to-device communications: a survey. in IET
Networks, 2018; 7(1):14-22.
[3] Mehdi Dadkhah, Tole Sutikno, Shahaboddin Shamshirband, Social Network Applications and Free
Online Mobile Numbers: Real Risk, International Journal of Electrical and Computer Engineering
(IJECE), 2015: 5(2):175-176
[4] M Al-Qurishi, M Al-Rakhami, A Alamri, M Alrubaian, SMM Rahman, MS Hossain. Sybil Defense
Techniques in Online Social Networks: A Survey. in IEEE Access; 2017; 5:1200-1219.
[5] C. Anglano, M. Canonico, M. Guazzone, Forensic analysis of Telegram Messenger on Android
smartphones, Digital Investigation, Elsevier; 2017; 23: 31-49,
[6] S Park, K Cho, BG Lee. What makes smartphone users satisfied with the mobile instant messenger?:
Social presence, flow, and self-disclosure. Int. J. Multimed. Ubiquitous Eng. 2014; 9(11) :315–324.
[7] C Wang, X Guo, Y Chen, Y Wang, B Liu. Personal PIN Leakage from Wearable Devices. In IEEE
Transactions on Mobile Computing; 2018; 17(3): 646-660.
[8] B Rashidi, C Fung, A Nguyen, T Vu, E Bertino. Android User Privacy Preserving Through
Crowdsourcing. in IEEE Transactions on Information Forensics and Security, 2018; 13(3): 773-787.
[9] M Yusof, A Abidin. A secure private instant messenger. in Proc. 17
th
Ascia-Pacific Conference on
Communications, 2011; 821-825.
[10] L Ham. Group Authentication. IEEE Trans. Vehicular Technology; 2013; 62(9).
[11] L Ham. Agent Based Secured e-Shopping Using Elliptic Curve Cryptography. International Journal of
Advanced Science and Technology; 2012; 38.
[12] Y Zhu, L Yan, J Li. Mobile Internet Information Security Analysis and Countermeasures.
TELKOMNIKA (Telecommunication Computing Electronics and Control). 2016: 14(3A): 333~337
[13] Dadkhah M, Sutikno T. Phishing or hijacking? Forgers hijacked DU journal by copying content of
another authenticate journal. Indonesian Journal of Electrical Engineering and Informatics (IJEEI).
2015; 3(3): 119-120.
[14] NB Al Barghuthi, H Said. Social networks IM forensics: Encryption analysis. J. Commun. 2013; 8(11):
708–715.
[15] Forouzan, A Behrouz. Cryptography and Network Security. Singapore. Mc Graw-Hill Education
(Asia), 2008
[16] M Azrour, M Ouanan, Y Farhaou, SIP Authentication Protocols Based on Elliptic Curve
Cryptography: Survey and comparison. Indonesian Journal of Electrical Engineering and Computer
Science 2016: 4(1): 231-239
[17] N Harigopal KB Ponnapalli, A Saxena. A Digital Signature Architecture for Web Apps. J. ComSoc.
2013; 13.
[18] L Harn, J Ren. Generalized Digital Certificate for User Authentication and Key Establishment for
Secure Communications. IEEE Trans. Wireless Comm. 2011; 10(7): 2372-2379.
[19] M Yusof, A Abidin. A secure private instant messenger. in Proc. 17
th
Ascia-Pacific Conference on
Communications, 2011; 821-825.
[20] M Domingo-Prieto, J. Arnedo-Moreno. Lightweight Security for JXME-Proxied Relay Authentication.
2011 14th International Conference on Network-Based Information Systems, Tirana, 2011: 104-111.
[21] M Domingo-Prieto, J Arnedo-Moreno, J Herrera-Joancomart´, J Prieto-Bl´ azquez. Towards secure
mobile P2P applications using JXME. Journal of Internet Services and Information Security (JISIS),
2012; 2(1):1-21
[22] J Arnedo-Moreno, K Matsuo, L Barolli, F Xhafa. Secure Communication Setup for a P2P-Based
JXTA-Overlay Platform. in IEEE Transactions on Industrial Electronics; 2011; 58(6): 2086-2096
[23] NA Kofahim. An Empirical Study to Compare the Performance of some Symmetric and Asymmetric
Ciphers. International Journal of Security and Its Applications. 2013;7(5):1-16.
[24] M Adalier. Efficient and Secure Elliptic Curve Cryptography Implementation of Curve P-256, National
Institute of Standards and Technology (NIST) Article, 2017.