1) The document describes a study that proposes using Diffie-Hellman key exchange to enable mutual authentication in WiMAX networks and prevent man-in-the-middle attacks.
2) Currently, WiMAX authentication exposes the network to risks like eavesdropping and jamming because it only authenticates the base station and not the subscriber station.
3) The study models using Diffie-Hellman key exchange in WiMAX so that both the base station and subscriber station authenticate each other by each deriving the same shared secret key before communication. This prevents man-in-the-middle attacks from interfering with management messages.
Secured Source Anonymous Message Authentication Using Wireless Sensor Networkiosrjce
Â
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Elliptic Curve for Secure Group Key Management in Distributed Networkijceronline
Â
Group communication emphasis an important security criterion in the design of a distributed network. All the members of the group must agree to a common session key. The management of this session key refers to the group key management which is based on some group key agreement protocol. In this paper we propose a group key management method for secure group communication in a distributed network. Frequent change in group membership, and managing the key distribution for new members are the two main problems to be faced in group communication that too with minimal computation and communication overhead. Our system uses the concept of Elliptic curve Cryptography that provide same level of security as that of other cryptosysytems with reduced key size. This results in less re-keying and re-distribution operations, thus reducing computation and communication overheads respectively
AN EVALUATION OF ENERGY EFFICIENT SOURCE AUTHENTICATION METHODS FOR FALSE DA...ijsptm
Â
The false data injection attack is a major security threat in Wireless Sensor Network (WSN) since is
degrades the network capability. The bandwidth efficient cooperative authentication (BECAN) scheme is
used for filtering the false data injection attack. It is used to save energy of sensor nodes in WSN by early
detection and filtering of maximum possible injected false data. Source authentication is a critical security
requirement in wireless sensor networks to identify attacker nodes that injects false data. Solutions based
on Elliptic Curve Cryptography (ECC) have been used for source authentication, but they suffer from
severe energy depletion. This results in high computational and communication overheads. Bloom filter
based Symmetric-key source authentication scheme exhibits low authentication overhead .This avoids the
inherent problems associated with public key cryptography based schemes. The current work demonstrates
the efficiency of bloom filter based source authentication using BECAN scheme by comparing ECC and
Bloom filter based methods in terms of energy consumption
INFRINGEMENT PRECLUSION SYSTEM VIA SADEC: STEALTHY ATTACK DETECTION AND COUNT...ijp2p
Â
In this paper we are providing a implementation details about simulated solution of stealthy packet drop
attack. Stealthy packet drop attack is a suite of four attack types, includes colluding collision, packet
misrouting, identity delegation and power control. Stealthy packet drop attacks disrupts the packet from
reaching to itâs destination through malicious behaviour. These attacks can be easily breakdown the
multi-hop wireless ad-hoc networks. Most widely preferred method for detecting attacks in wireless
network is behaviour based detection method. In this method a normal network overhears
communication from its neighbourhood. Here we are implementing a SADEC protocol which is
proposed solution of stealthy packet drop attacks. SADEC overlaid the base line local monitoring. In
base line local monitoring each neighbour maintains additional information about routing path also it
adds some checking responsibility to all its neighbours. SADEC proves more efficient than baseline local
monitoring to mitigate successfully all the stealthy attack types.
Secured Source Anonymous Message Authentication Using Wireless Sensor Networkiosrjce
Â
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
Elliptic Curve for Secure Group Key Management in Distributed Networkijceronline
Â
Group communication emphasis an important security criterion in the design of a distributed network. All the members of the group must agree to a common session key. The management of this session key refers to the group key management which is based on some group key agreement protocol. In this paper we propose a group key management method for secure group communication in a distributed network. Frequent change in group membership, and managing the key distribution for new members are the two main problems to be faced in group communication that too with minimal computation and communication overhead. Our system uses the concept of Elliptic curve Cryptography that provide same level of security as that of other cryptosysytems with reduced key size. This results in less re-keying and re-distribution operations, thus reducing computation and communication overheads respectively
AN EVALUATION OF ENERGY EFFICIENT SOURCE AUTHENTICATION METHODS FOR FALSE DA...ijsptm
Â
The false data injection attack is a major security threat in Wireless Sensor Network (WSN) since is
degrades the network capability. The bandwidth efficient cooperative authentication (BECAN) scheme is
used for filtering the false data injection attack. It is used to save energy of sensor nodes in WSN by early
detection and filtering of maximum possible injected false data. Source authentication is a critical security
requirement in wireless sensor networks to identify attacker nodes that injects false data. Solutions based
on Elliptic Curve Cryptography (ECC) have been used for source authentication, but they suffer from
severe energy depletion. This results in high computational and communication overheads. Bloom filter
based Symmetric-key source authentication scheme exhibits low authentication overhead .This avoids the
inherent problems associated with public key cryptography based schemes. The current work demonstrates
the efficiency of bloom filter based source authentication using BECAN scheme by comparing ECC and
Bloom filter based methods in terms of energy consumption
INFRINGEMENT PRECLUSION SYSTEM VIA SADEC: STEALTHY ATTACK DETECTION AND COUNT...ijp2p
Â
In this paper we are providing a implementation details about simulated solution of stealthy packet drop
attack. Stealthy packet drop attack is a suite of four attack types, includes colluding collision, packet
misrouting, identity delegation and power control. Stealthy packet drop attacks disrupts the packet from
reaching to itâs destination through malicious behaviour. These attacks can be easily breakdown the
multi-hop wireless ad-hoc networks. Most widely preferred method for detecting attacks in wireless
network is behaviour based detection method. In this method a normal network overhears
communication from its neighbourhood. Here we are implementing a SADEC protocol which is
proposed solution of stealthy packet drop attacks. SADEC overlaid the base line local monitoring. In
base line local monitoring each neighbour maintains additional information about routing path also it
adds some checking responsibility to all its neighbours. SADEC proves more efficient than baseline local
monitoring to mitigate successfully all the stealthy attack types.
A LIGHT WEIGHT PROTOCOL TO PROVIDE LOCATION PRIVACY IN WIRELESS BODY AREA NET...IJNSA Journal
Â
Location privacy is one of the major security problems in a Wireless Body Area Networks (WBANs). An eavesdropper can keep track of the place and time devices are communicating. To make things even worse, the attacker does not have to be physically close to the communicating devices, he can use a device with a stronger antenna. The unique hardware address of a mobile device can often be linked to the identity of the user operating the device. This represents a violation of the userâs privacy. The user should decide when his/her location is revealed and when not. In this paper, we first categorize the type of eavesdroppers for WBANs, and then we propose a new scheme to provide the location privacy in Wireless Body Area Networks (WBANs).
Now-a-days the usage of internet increases tremendously so, there is a need of security for the data. Cryptography
is a process of scrambling the data into unknown format which provides security to the data. Modern cryptography is mainly based on mathematical theory and computer science practice. Cryptography process is
done with the help of encryption and decryption. The basic two ideas behind the cryptography technique are substitution and transposition. This paper presents a multistage encryption algorithm. At the end of each stage an intermediate cipher is produced. The key is generated by using SEEDED SDES algorithm. Final cipher text is derived from the local binary pattern (LBP).
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLESIJNSA Journal
Â
Signcryption is a cryptographic primitive which performs encryption and signature in a single logical step with the cost lower than signature-then-encryption approach. Recently, Li et al. [35] proposed the first provable secure identity based signcryption without random oracles. In their scheme sender signs the ciphertext. However, in [11] Boyen showed that non-repudiation is easily achieved if the sender sign the plaintext rather than ciphertext. In this paper we proposed an identity based signcryption scheme without random oracles, which provides the non-repudiation with respect to plaintext. We also proposed an identity based public verifiable signcryption scheme with third party verification in the standard model.
DEFEATING MITM ATTACKS ON CRYPTOCURRENCY EXCHANGE ACCOUNTS WITH INDIVIDUAL US...IJNSA Journal
Â
Presented herein is a User-SpecificKey Scheme based on Elliptic Curve Cryptography that defeats man-inthe-middle attacks on cryptocurrency exchange accounts. In this scheme, a separate public and private key pair is assigned to every account and the public key is shifted either forward or backward on the elliptic curve by a difference of the account userâs password. When a user logs into his account, the server sends the shifted public key of his account. The user computes the actual public key of his account by reverse shifting the shifted public key exactly by a difference of his password. Alternatively, shifting can be applied to the userâs generator instead of the public key. Described in detail is as to how aman-in-the-middle attack takes place and how the proposed scheme defeats the attack. Provided detailed security analysis in both the cases of publickey shifting and generator shifting. Further, compared the effectiveness of another three authentication schemes in defending passwords against MITM attacks.
NETWORK SECURITY
UNIT - 1
Services, mechanisms and attacks, The OSI security architecture, A model for network security. 6 Hrs
UNIT - 2
SYMMETRIC CIPHERS: Symmetric Cipher Model, Substitution Techniques, Transposition Techniques, Simplified DES, Data encryption standard (DES), The strength of DES, Differential and Linear Cryptanalysis, Block Cipher Design Principles and Modes of Operation, Evaluation Criteria for Advanced Encryption Standard, The AES Cipher. 7 Hrs
UNIT - 3
Principles of Public-Key Cryptosystems, The RSA algorithm, Key Management, Diffie - Hellman Key Exchange, Elliptic Curve Arithmetic, Authentication functions, Hash Functions. 6 Hrs
UNIT - 4
Digital signatures, Authentication Protocols, Digital Signature Standard. 7 Hrs
UNIT - 5
Web Security Consideration, Security socket layer (SSL) and Transport layer security, Secure Electronic Transaction. 6 Hrs
UNIT - 6
Intruders, Intrusion Detection, Password Management. 6 Hrs
UNIT - 7
MALICIOUS SOFTWARE: Viruses and Related Threats, Virus Countermeasures. 7 Hrs
UNIT - 8
Firewalls Design Principles, Trusted Systems. 6 Hrs
TEXT BOOK:
1. Cryptography and Network Security, William Stalling, Pearson Education, 2003.
REFERENCE BOOKS:
1. Cryptography and Network Security, Behrouz A. Forouzan, TMH, 2007.
2. Cryptography and Network Security, Atul Kahate, TMH, 2003.
A SECURE KEY COMPUTATION PROTOCOL FOR SECURE GROUP COMMUNICATION WITH PASSWOR...cscpconf
Â
Providing security in group communication is more essential in this new network environment. Authentication and Confidentiality are the major concerns in secure group
communication. Our proposed approach uses an authenticated group key transfer protocol that relies on trusted key generation center (KGC). KGC computes group pair for each
individual and transport the pair of values to all group members in a secured manner. Password based authentication mechanism is used to avoid the illegal member access in a
group Also, the proposed approach facilitates efficient key computation technique such that only authorized group members will be able to computer and retrieve the secret key and unauthorized members cannot retrieve the key. The proposed algorithm is more efficient and relies on NP class. In addition, the distribution of key is also safe and secure. Moreover, the pair generated for the computation of key is also very strong since the cryptographic techniques are used which provides efficient computation.
A secure key computation protocol for secure group communication with passwor...csandit
Â
Providing security in group communication is more essential in this new network
environment. Authentication and Confidentiality are the major concerns in secure group
communication. Our proposed approach uses an authenticated group key transfer protocol
that relies on trusted key generation center (KGC). KGC computes group pair for each
individual and transport the pair of values to all group members in a secured manner.
Password based authentication mechanism is used to avoid the illegal member access in a
group Also, the proposed approach facilitates efficient key computation technique such that
only authorized group members will be able to computer and retrieve the secret key and
unauthorized members cannot retrieve the key. The proposed algorithm is more efficient and
relies on NP class. In addition, the distribution of key is also safe and secure. Moreover, the
pair generated for the computation of key is also very strong since the cryptographic
techniques are used which provides efficient computation.
PREVENTION METHOD OF FALSE REPORT GENERATION IN CLUSTER HEADS FOR DYNAMIC EN-...ijcsit
Â
Wireless sensor networks collect data through collaborative communication between sensor nodes. sensor nodes of wireless sensor networks are deployed in open environments. Hence, an attacker can easily compromise the node. An attacker can compromise a node to generate false reports and inject into the network. This causes unnecessary energy consumption in the process of transmitting false alarm messages and false data reports to the system. If the attacker keeps repeatedly attacking thereby causing problems such as reduction in the entire network life or disabling the networks. Yu and Guan proposed a dynamic en-route filtering scheme to detect and drop these false reports before reaching to the Base station. In the dynamic en-route filtering, the energy waste of the intermediate nodes occurs until it is detected early. In this paper, we propose a method to save the energy of the intermediate nodes by searching for the compromised node and blocking the reports generated at that node. When verifying a false report at the verification node, it can know report information. The base station is able to find the cluster of compromised nodes using that information. In particular, the base station can know the location of the node that has been compromised, we can block false alarms and energy losses by blocking reports
generated in that cluster.
Filtering Unwanted Messages from Online Social Networks (OSN) using Rule Base...IOSR Journals
Â
Online Social Networks (OSNs) are today one of the most popular interactive medium to share,
communicate, and distribute a significant amount of human life information. In OSNs, information filtering can
also be used for a different, more responsive, function. This is owing to the fact that in OSNs there is the
possibility of posting or commenting other posts on particular public/private regions, called in general walls.
Information filtering can therefore be used to give users the ability to automatically control the messages
written on their own walls, by filtering out unwanted messages. OSNs provide very little support to prevent
unwanted messages on user walls. For instance, Facebook permits users to state who is allowed to insert
messages in their walls (i.e., friends, defined groups of friends or friends of friends). Though, no content-based
partialities are preserved and therefore it is not possible to prevent undesired communications, for instance
political or offensive ones, no matter of the user who posts them. To propose and experimentally evaluate an
automated system, called Filtered Wall (FW), able to filter unwanted messages from OSN user walls
A LIGHT WEIGHT PROTOCOL TO PROVIDE LOCATION PRIVACY IN WIRELESS BODY AREA NET...IJNSA Journal
Â
Location privacy is one of the major security problems in a Wireless Body Area Networks (WBANs). An eavesdropper can keep track of the place and time devices are communicating. To make things even worse, the attacker does not have to be physically close to the communicating devices, he can use a device with a stronger antenna. The unique hardware address of a mobile device can often be linked to the identity of the user operating the device. This represents a violation of the userâs privacy. The user should decide when his/her location is revealed and when not. In this paper, we first categorize the type of eavesdroppers for WBANs, and then we propose a new scheme to provide the location privacy in Wireless Body Area Networks (WBANs).
Now-a-days the usage of internet increases tremendously so, there is a need of security for the data. Cryptography
is a process of scrambling the data into unknown format which provides security to the data. Modern cryptography is mainly based on mathematical theory and computer science practice. Cryptography process is
done with the help of encryption and decryption. The basic two ideas behind the cryptography technique are substitution and transposition. This paper presents a multistage encryption algorithm. At the end of each stage an intermediate cipher is produced. The key is generated by using SEEDED SDES algorithm. Final cipher text is derived from the local binary pattern (LBP).
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLESIJNSA Journal
Â
Signcryption is a cryptographic primitive which performs encryption and signature in a single logical step with the cost lower than signature-then-encryption approach. Recently, Li et al. [35] proposed the first provable secure identity based signcryption without random oracles. In their scheme sender signs the ciphertext. However, in [11] Boyen showed that non-repudiation is easily achieved if the sender sign the plaintext rather than ciphertext. In this paper we proposed an identity based signcryption scheme without random oracles, which provides the non-repudiation with respect to plaintext. We also proposed an identity based public verifiable signcryption scheme with third party verification in the standard model.
DEFEATING MITM ATTACKS ON CRYPTOCURRENCY EXCHANGE ACCOUNTS WITH INDIVIDUAL US...IJNSA Journal
Â
Presented herein is a User-SpecificKey Scheme based on Elliptic Curve Cryptography that defeats man-inthe-middle attacks on cryptocurrency exchange accounts. In this scheme, a separate public and private key pair is assigned to every account and the public key is shifted either forward or backward on the elliptic curve by a difference of the account userâs password. When a user logs into his account, the server sends the shifted public key of his account. The user computes the actual public key of his account by reverse shifting the shifted public key exactly by a difference of his password. Alternatively, shifting can be applied to the userâs generator instead of the public key. Described in detail is as to how aman-in-the-middle attack takes place and how the proposed scheme defeats the attack. Provided detailed security analysis in both the cases of publickey shifting and generator shifting. Further, compared the effectiveness of another three authentication schemes in defending passwords against MITM attacks.
NETWORK SECURITY
UNIT - 1
Services, mechanisms and attacks, The OSI security architecture, A model for network security. 6 Hrs
UNIT - 2
SYMMETRIC CIPHERS: Symmetric Cipher Model, Substitution Techniques, Transposition Techniques, Simplified DES, Data encryption standard (DES), The strength of DES, Differential and Linear Cryptanalysis, Block Cipher Design Principles and Modes of Operation, Evaluation Criteria for Advanced Encryption Standard, The AES Cipher. 7 Hrs
UNIT - 3
Principles of Public-Key Cryptosystems, The RSA algorithm, Key Management, Diffie - Hellman Key Exchange, Elliptic Curve Arithmetic, Authentication functions, Hash Functions. 6 Hrs
UNIT - 4
Digital signatures, Authentication Protocols, Digital Signature Standard. 7 Hrs
UNIT - 5
Web Security Consideration, Security socket layer (SSL) and Transport layer security, Secure Electronic Transaction. 6 Hrs
UNIT - 6
Intruders, Intrusion Detection, Password Management. 6 Hrs
UNIT - 7
MALICIOUS SOFTWARE: Viruses and Related Threats, Virus Countermeasures. 7 Hrs
UNIT - 8
Firewalls Design Principles, Trusted Systems. 6 Hrs
TEXT BOOK:
1. Cryptography and Network Security, William Stalling, Pearson Education, 2003.
REFERENCE BOOKS:
1. Cryptography and Network Security, Behrouz A. Forouzan, TMH, 2007.
2. Cryptography and Network Security, Atul Kahate, TMH, 2003.
A SECURE KEY COMPUTATION PROTOCOL FOR SECURE GROUP COMMUNICATION WITH PASSWOR...cscpconf
Â
Providing security in group communication is more essential in this new network environment. Authentication and Confidentiality are the major concerns in secure group
communication. Our proposed approach uses an authenticated group key transfer protocol that relies on trusted key generation center (KGC). KGC computes group pair for each
individual and transport the pair of values to all group members in a secured manner. Password based authentication mechanism is used to avoid the illegal member access in a
group Also, the proposed approach facilitates efficient key computation technique such that only authorized group members will be able to computer and retrieve the secret key and unauthorized members cannot retrieve the key. The proposed algorithm is more efficient and relies on NP class. In addition, the distribution of key is also safe and secure. Moreover, the pair generated for the computation of key is also very strong since the cryptographic techniques are used which provides efficient computation.
A secure key computation protocol for secure group communication with passwor...csandit
Â
Providing security in group communication is more essential in this new network
environment. Authentication and Confidentiality are the major concerns in secure group
communication. Our proposed approach uses an authenticated group key transfer protocol
that relies on trusted key generation center (KGC). KGC computes group pair for each
individual and transport the pair of values to all group members in a secured manner.
Password based authentication mechanism is used to avoid the illegal member access in a
group Also, the proposed approach facilitates efficient key computation technique such that
only authorized group members will be able to computer and retrieve the secret key and
unauthorized members cannot retrieve the key. The proposed algorithm is more efficient and
relies on NP class. In addition, the distribution of key is also safe and secure. Moreover, the
pair generated for the computation of key is also very strong since the cryptographic
techniques are used which provides efficient computation.
PREVENTION METHOD OF FALSE REPORT GENERATION IN CLUSTER HEADS FOR DYNAMIC EN-...ijcsit
Â
Wireless sensor networks collect data through collaborative communication between sensor nodes. sensor nodes of wireless sensor networks are deployed in open environments. Hence, an attacker can easily compromise the node. An attacker can compromise a node to generate false reports and inject into the network. This causes unnecessary energy consumption in the process of transmitting false alarm messages and false data reports to the system. If the attacker keeps repeatedly attacking thereby causing problems such as reduction in the entire network life or disabling the networks. Yu and Guan proposed a dynamic en-route filtering scheme to detect and drop these false reports before reaching to the Base station. In the dynamic en-route filtering, the energy waste of the intermediate nodes occurs until it is detected early. In this paper, we propose a method to save the energy of the intermediate nodes by searching for the compromised node and blocking the reports generated at that node. When verifying a false report at the verification node, it can know report information. The base station is able to find the cluster of compromised nodes using that information. In particular, the base station can know the location of the node that has been compromised, we can block false alarms and energy losses by blocking reports
generated in that cluster.
Filtering Unwanted Messages from Online Social Networks (OSN) using Rule Base...IOSR Journals
Â
Online Social Networks (OSNs) are today one of the most popular interactive medium to share,
communicate, and distribute a significant amount of human life information. In OSNs, information filtering can
also be used for a different, more responsive, function. This is owing to the fact that in OSNs there is the
possibility of posting or commenting other posts on particular public/private regions, called in general walls.
Information filtering can therefore be used to give users the ability to automatically control the messages
written on their own walls, by filtering out unwanted messages. OSNs provide very little support to prevent
unwanted messages on user walls. For instance, Facebook permits users to state who is allowed to insert
messages in their walls (i.e., friends, defined groups of friends or friends of friends). Though, no content-based
partialities are preserved and therefore it is not possible to prevent undesired communications, for instance
political or offensive ones, no matter of the user who posts them. To propose and experimentally evaluate an
automated system, called Filtered Wall (FW), able to filter unwanted messages from OSN user walls
Comparison of TCP congestion control mechanisms Tahoe, Newreno and VegasIOSR Journals
Â
The widely used reliable transport protocol TCP, is an end to end protocol designed for the wireline
networks characterized by negligible random packet losses. This paper represents exploratory study of TCP
congestion control principles and mechanisms. Modern implementations of TCP contain four intertwined
algorithms: slow start, congestion avoidance, fast retransmit, and fast recovery. In addition to the standard
algorithms used in common implementations of TCP, this paper also describes some of the more common
proposals developed by researchers over the years. We also study, through extensive simulations, the
performance characteristics of four representative TCP schemes, namely TCP Tahoe, New Reno and Vegas
under the network conditions of bottleneck link capacities for wired network
The Performance Analysis of a Fettling Shop Using SimulationIOSR Journals
Â
Fettling shop is the product finishing shop of casting products.After the knockout, the casting is taken
to the fettling shop for doing the fettling work. The fettling process includes cutting, shot blasting, grinding and
painting. In all these process the sand and extra metal on the castings are removed. The project titled âThe
performance analysis of a fettling shop using simulationâ is based on a fettling shop of a casting industry. The
main aim of the project is the performance analysis of the fettling shop. This project is a simulation based
project and is done using a simulation tool called arena. The main concepts related with the performance
analysis are Bottleneck analysis, Productivity analysis and System improvement analysis.
A Study on the Relationship between Nutrition Status and Physical Fitness of ...IOSR Journals
Â
Abstract: Nutritional status during school age is a major determinant of nutritional and health status in adult
life. Many studies showed that under nutrition and anaemia had an adverse impact on performance and
consequently led to reduction in wages for persons employed in manual labour.
The past three decades have witnessed the emergence of over nutrition as a problem in school-age children in
developed countries and in affluent urban segments in developing countries. The main determinants of
performance are physical fitness and skill. Longitudinal studies have shown that the lifestyle and physical
fitness during childhood and adolescence were major determinants of lifestyle, physical fitness and freedom
from non-communicable diseases in adult life.
Optimized Traffic Signal Control System at Traffic Intersections Using VanetIOSR Journals
Â
Abstract: Traditional Automated traffic signal control systems normally schedule the vehicles at intersection in
a pre timed slot manner. This pre-timed controller approach fails to minimize the waiting time of vehicles at the
traffic intersection as it doesnât consider the arrival time of vehicles. To overcome this problem an adaptive and
intelligent traffic control system is proposed in such a way that a traffic signal controller with wireless radio
installed at the intersection and it is considered as an infrastructure. All the vehicles are equipped with onboard
location, speed sensors and a wireless radio to communicate with the infrastructure thereby VANET is formed.
Once the vehicles enter into the boundary of traffic area, they broadcast their positional information as data
packet with their encapsulated ID in it. The controller at the intersection receives the transmitted packets from
all the legs of intersection and then stores it in a temporary log file. Now the controller runs Platooning
algorithm to group the vehicles approximately in equal size of platoons. The platoons are formed on the basis of
data disseminated by the vehicles. Then the controller runs Oldest Job First algorithm which treats platoons as
jobs. The algorithm schedules jobs in conflict free manner and ensures all the jobs utilize equal processing time
i.e the vehicles of each platoons cross the intersection at equal delays. The proposed approach is evaluated
under various traffic volumes and the performance is analyzed.
Keywords Conflict graphs, online job scheduling, traffic signal control, vehicular ad hoc network (VANET)
simulation, vehicle-actuated traffic signal control, Websterâs algorithm.
Cutting Strategies for Casting Die Manufacturing on CNC Milling MachineIOSR Journals
Â
Manufacturing of dies has been presenting greater requirements of geometrical accuracy,
dimensional precision and surface quality as well as decrease in costs and manufacturing times. Although
proper cutting parameter values are utilized to obtain high geometrical accuracy and surface quality, there may
exist geometrical discrepancy between the designed and the manufactured surface profile of the die cavities. In
milling process; cutting speed, step over and feed are the main cutting parameters and these parameters affect
geometrical accuracy and surface quality of the casting die cavities. In this paper, effects of the cutting
parameters on geometrical error have been examined on a representative die cavity profile. To remove
undesired volume in the die cavities, available cutting strategies are investigated. Finish option for roughing
and finish option for finishing are optimized to reduce the Machining time of the cutting process thereby
decreasing the cost of cutting process. The cutting parameters considered are Cut Feed, Step Depth, Spindle
Speed for both roughing and finishing, scan type for roughing and lace type for finishing.3D model and
manufacturing process is done in parametric modeling software Pro/Engineer wildfire5.0.
Video Encryption and Decryption with Authentication using Artificial Neural N...IOSR Journals
Â
Abstract :Multimedia data security is becoming important with the continuous increase of digital communications on internet. With the rapid development of various multimedia technologies, more and more multimedia data are generated and transmitted in the medical, commercial, and military fields, which may include some sensitive information which should not be accessed by or can only be partially exposed to the general users. . The encryption algorithms developed to secure text data are not suitable for multimedia application because of the large data size and real time constraint. Therefore, there is a great demand for secured data storage and transmission techniques. Information security has traditionally been ensured with data encryption and authentication techniques. The secrecy of communication is maintained by secret key exchange. In effect the strength of the algorithm depends solely on the length of the key. The presented work aims at secure video transmission using randomness in encryption algorithm, thereby creating more confusion to obtain the original data. The security of the original cipher has been enhanced by addition of impurities to misguide the cryptanalyst. Since the encryption process is one way function, the artificial neural networks are best suited for this purpose as they possess features like high security, no distortion and its ability to perform for non linear input-output characteristics, In the presented work the need for key exchange is also eliminated, which is otherwise a perquisite for most of the algorithms used today. The proposed work finds its application in medical imaging systems, military image database communication and confidential video conferencing, and similar such application. The results are obtained through the use of MATLAB 7.14.0 Keywords: Artificial Neural networks, Back propagation algorithm, video encryption and decryption, cipher and decipher.
Puzzle Based Approach for Solving Denial of Service Attack in Mobile WIMAXpijans
Â
Mobile WiMAX or IEEE 802.16e gives the access of Broadband Wireless even when the station is moving.
But, as always Wireless environment is more open to threats; various threats exist over Mobile WiMAX like
âDowngrade Attackâ, âKey Space Vulnerabilityâ and âInitial Network Vulnerabilityâ, and âDenial of
Service (DoS)â. In this paper we are proposing solution for one of the main Threat which is Denial of
Service attack. Proposed solution is based on Puzzle approach. As, of more critical environment of MobileWiMAX we have Proposed use of Time Stamp and Nonce Variable for providing the more secure
environment prone to DoS. As, DoS mainly exist in two forms which have been mentioned further, proposed
work in Literature provides the solution for either of these but our proposed solution will be an attempt to
overcome from
THE PHYSICAL INFRASTRUCTURE. WIRELESS NETWORKS REPRESENT AN IMPORTANT EXAMPLE
OF SUCH SCENARIOS WHERE CAPTURING AND FORGING PACKETS ARE RELATIVELY EASY.
ATTACKS AGAINST NETWORKED SYSTEMS ARE BECOMING MORE COMPLEX AND FOR MOBILE
WIMAX IT IS MORE CRITICAL AS WELL AS MORE IMPORTANT TO HANDLE BECAUSE IT
SUPPORTS SUBSCRIBER STATIONS MOVING AT VEHICULAR SPEEDS AND THEREBY SPECIFIES A
SYSTEM FOR COMBINED FIXED AND MOBILE BROADBAND WIRELESS ACCESS.
Mutual authentication between base and subscriber station can improve the sec...CSCJournals
Â
High throughput broadband connection over long distance is greatly demanded in the present web application. IEEE 802.16/WiMax technology is one of the latest additions on internet broadband. When wireless devices are connected to the broadband wireless access, security comes on the front line to ensure the communication safe and protected from any kind of attacks or threats. Strong and effective security must be confirmed to make the wireless environment reliable and risk less. Base station authentication is an important part of WiMax security which must be confirmed to make the environment more secure. This paper derived the technique to secure the environment by confirming the authentication of base station.
The IEEE 802.16 standard, commonly known as WiMAX, is the latest technology that
has promised to offer broadband wireless access over long distance. Since 2001, WiMAX has
evolved from 802.16 to 802.16d standard for fixed wireless access and to the new IEEE 802.16e
standard with mobility support. With the growing popularity of WiMAX the security risks have
increased many folds. In this paper we will give an overview of security architecture of WiMAX. We
propose some possible security improvements and solutions to eliminate the vulnerabilities. Finally,
we will have a look at improvement reported in multi hop WiMAX networks.
This paper discuss various wireless networks and their security, for each type, structure and related threats are described and how different techniques are applied to achieve security goals starting by general case
SECURED TEXT MESSAGE TRANSMISSION IN A WIRELESS COMMUNICATION SYSTEM WITH THE...caijjournal
Â
A broad variety of wireless data applications and services depend on security. This paper presents a
simulation-based study of a wireless communication system using a secured Vigenere cipher and the RSA
cryptographic algorithms on text message transmission. The system under consideration uses 1/2-rated
CRC channel coding and BPSK digital modulation over an Additive White Gaussian noise (AWGN)
channel. To address security concerns, a text message is encrypted at the transmitter with the Vigenere
cipher and RSA before being decrypted and compared for different levels of SNR at the receiver end. To
carry out the computer simulation, the Matlab 2016a programming language has been used. The
transmitted text message is successfully retrieved at the receiver end after the Vigenere cipher and the RSA
cryptographic algorithm are implemented. It is also anticipated that as noise power increases, the
effectiveness of a wireless communication system based on the Vigenere cipher and RSA security will
decrease.
SECURITY V/S QOS FOR LTE AUTHENTICATION AND KEY AGREEMENT PROTOCOLIJNSA Journal
Â
Protocol and technology convergence, the core of near future communication, will soon be forming the interoperating heterogeneous networks. Attaining a strict secure authentication without risking the QoS performance and call success rates is a major concern when it comes to wireless heterogeneous
networks. In order to achieve this, a generic, fast and secure, Authentication and Key Agreement protocol is to be used; a version of which is to be implemented between each two technologies. In this research, different existing EPS-EPS AKA protocols will be compared with our proposed protocol EC-AKA
(Ensure Confidentiality Authentication and Key Agreement) based on security, cost effectiveness, signaling overhead, delay and performance. It is proven that EC-AKA is the exclusive protocol satisfying the New Generation Networkâs KPIs and it will be promoted as the target generic AKA protocol in
heterogeneous networks.
Secure Checkpointing Approach for Mobile Environmentidescitation
Â
Mobile nodes such as mobile phones, laptops etc are widely used nowadays. The
services must be always available, reliable and uninterrupted. The communication must be
secure. Fault tolerance is the most important feature of these systems. To make a system
fault tolerant at operating system level we apply check pointing. Security threats like
information leakage, information theft, information change can be done by a malicious node
at the time of communication between two legitimate nodes. Elliptic curve cryptography is
used to provide authentication, confidentiality, non repudiation etc. Main objective of our
work is to design a low overhead secured fault tolerant system which makes the
computation and communication secure. The saving of system state is needed to recover
from failure. The reliable backing store is also needed for recovery from failure.
An Identity-Based Mutual Authentication with Key Agreementijtsrd
Â
Now days mobile networks are rapid development by performing the e-commerce transaction such as online shopping, internet banking and e- payment. So that to provide secure communication, authentication and key agreement is important issue in the mobile networks. Hence, schemes for authentication and key agreement have been studied widely. So that to provide efficient and more secure techniques is necessary. In this paper we are proposed random prime order key agreement protocol proposed for authentication and key agreement. Another technique is used to provide security of transferred data using key xor data transpose technique. By using this technique, we provide more security and more efficiency for transferring data. B. V. S. Manikya Rao | Y. Triveni "An Identity-Based Mutual Authentication with Key Agreement" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-2 , February 2019, URL: https://www.ijtsrd.com/papers/ijtsrd21562.pdf
Paper URL: https://www.ijtsrd.com/computer-science/computer-security/21562/an-identity-based-mutual-authentication-with-key-agreement/b-v-s-manikya-rao
A Survey of Source Authentication Schemes for Multicast transfer in Adhoc Net...ijsrd.com
Â
An adhoc network is a collection of autonomous nodes with dynamically changing infrastructure. Multicast is a good mechanism for group communication. It can be used in the group oriented applications like video/audio conference, interactive group games, video on demand etc. The security problems obstruct the large deployment of the multicast communication model. Multicast data origin authentication is the main component in the security architecture. The authentication schemes should scalable and efficient against packet loss. In this article we discuss varies authentication scheme for multicast data origin with their advantage and disadvantage
Advanced Data Protection and Key Organization Framework for Mobile Ad-Hoc Net...AM Publications,India
Â
Key organization and protect routing are two major subjects for Mobile Ad-hoc Networks nonetheless preceding explanations tend to contemplate them distinctly. This indicates to Key organization and protects routing inters dependency cycle problem. In this paper, we recommend a Key organization and protection of routing integrated scheme that speeches Key organization and protection of routing inter dependency cycle problem. By using identity based cryptography this scheme delivers produced including confidentiality, honesty, verification, cleanness, and non-repudiation. Connected to symmetric cryptography and conventional asymmetric cryptography as well as preceding IBC arrangements, this arrangement has developments in many features. We deliver hypothetical resistant of the refuge of the scheme and validate the efficiency of the scheme with applied simulation.
Different types of Authentications described in different scenarios. Basically a survey paper on Different kinds of authentications in different scenarios.
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...cscpconf
Â
In this paper, we have taken out the concern of security on a Medium Access Control layer
implementing Assured Neighbor based Security Protocol to provide the authentication,
confidentiality and taking in consideration High speed transmission by providing security in
parallel manner in both Routing and Link Layer of Mobile Ad hoc Networks. We basically
divide the protocol into two different segments as the first portion concentrates, based on
Routing layer information; we implement the scheme for the detection and isolation of the
malicious nodes. The trust counter for each node is maintained which actively increased and
decreased considering the trust value for the packet forwarding. The threshold level is defined differencing the malicious and non malicious nodes. If the value of the node in trust counter lacks below the threshold value then the node is considered as malicious. The second part focus on providing the security in the link layer, the security is provided using CTR (Counter) approach for authentication and encryption. Hence simulating the results in NS-2, we come to conclude that the proposed protocol can attain high packet delivery over various intruders while attaining low delays and overheads.
Conference Paper: Formal Verification of the Security for Dual Connectivity i...Ericsson
Â
We describe our experiences from using formal verification tools during the standardization process of Dual Connectivity, a new feature in LTE developed by 3GPP. To the best of our knowledge, this is the first report of its kind in the telecom industry. We present a model for key establishment of this feature and provide a detailed account on its formal analysis using three popular academic tools in order to automatically prove the security properties of secrecy, agreement and key freshness. The main purpose of using the tools during standardization is to evaluate their suitability for modeling a rapidly changing system as it is developed and in the same time raising the assurance level before the system is deployed.
Full abstract in IEEE Xplore, DOI: 10.1109/FormaliSE.2015.10
Authors
Noamen Ben Henda, Karl Norrman and Katharina Pfeffer.
Published 2015-05-18
Š 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Hierarchical Key Agreement Protocol for Wireless Sensor Networksidescitation
Â
Wireless sensor network promises ubiquitous data
collection and processing for variety of commercial, healthcare
and military applications. Practical realization of WSN
applications is possible only after assuring network security.
Cryptographic key distribution is an important phase in
network security which establishes initial trust in the network.
Security protocol implementation in WSN is limited by
resource constrained nature of sensor nodes. The key
distribution algorithm satisfying security requirements of
given WSN application should be implemented with minimum
communication and memory overhead. As a solution to this
problem, hierarchical key management technique is proposed
in this paper. Symmetric key pre-distribution technique with
less computational overhead and ID-based asymmetric key
(IBK) distribution technique with less communication
overhead are applied simultaneously in the network at
different levels. Resilience strength and resource overhead of
the proposed scheme is compared with both symmetric and
asymmetric techniques.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Â
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
Â
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
Dev Dives: Train smarter, not harder â active learning and UiPath LLMs for do...UiPathCommunity
Â
đĽ Speed, accuracy, and scaling â discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Miningâ˘:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing â with little to no training required
Get an exclusive demo of the new family of UiPath LLMs â GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
đ¨âđŤ Andras Palfi, Senior Product Manager, UiPath
đŠâđŤ Lenka Dulovicova, Product Program Manager, UiPath
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
Â
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
⢠The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
⢠Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
⢠Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
⢠Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
Â
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Â
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
Â
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Â
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Â
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overviewâ
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Â
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Â
Are you looking to streamline your workflows and boost your projectsâ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, youâre in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part âEssentials of Automationâ series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Hereâs what youâll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
Weâll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Donât miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Â
G1102014246
1. IOSR Journal of Electrical and Electronics Engineering (IOSR-JEEE)
e-ISSN: 2278-1676,p-ISSN: 2320-3331, Volume 11, Issue 2 Ver. I (Mar. â Apr. 2016), PP 42-46
www.iosrjournals.org
DOI: 10.9790/1676-1102014246 www.iosrjournals.org 42 | Page
Mutual Authentication in Wimax Security Using Diffie Hellman
Stephen Ochieng Oguta1
, Dr. S. Musyoki2
, Dr. K. Langat3
1
Msc in Telecommunication And Information Engineering Student At Jomo Kenyatta University Of Agriculture
And Technology ( P.O BOX 333, 40222 Oyugis Kenya,
2
Department Of Telecommunication And Information Engineering At Jomo Kenyatta University Of Agriculture
And Technology (P.O.Box 62000, 00200, Nairobi, Kenya,
3
Senior Lecturer, Department Of Telecommunication And Information Engineering At Jomo Kenyatta
University Of Agriculture And Technology, (P.O.Box 62000, 00200, Nairobi, Kenya,
Abstract: Network security is becoming an area of concern with the expansion of wireless technology. Many
businesses have lost a lot of money as a result of compromised network security. The Worldwide
Interoperability for Microwave Access (WiMAX) is one example of 3G technology which is getting popular.
Most business establishemnst use WiMAX to network their communication equipments. The popularity of
WiMAX and its security vulnarability are the key motivation for this study. Presently, PKM versions of
authentication are used to secure WiMAX networks. The PKM authentication methods expose the WiMAX
network to third party risks like Man in the Middle attacks, eavesdropping and jamming attacks. WiMAX is thus
vulnerable to network attacks that compromise the radio links between the communicating Subscriber Station
(SS) and the serving Base Station (BS). The PKMv1 process involves a one sided authentication. The BS
authenticates the SS but the SS has no capacity to authenticate a BS. As a result, a rogue BS can successfully
enter the network of a SS without prevention. The rogue BS can then tap all the unencrypted management
messages. This constitutes a major security flaw. The Man-In- The-Middle (MITM) attack exploits this weakness
in the network by eavesdropping, interception and fabrication of the management messages, resulting in a
breach in the reliability of the entire network. In this research, a modification of the Diffie-Hellman (DH) key
exchange protocol is used to mitigate the man-in-the middle attack in WiMAX by modeling using the Dev C++
programming language. The DH protocol uses a unique algorithm whose solution must be obtained by both the
SS and the BS for communication to be allowed. Both the BS and the SS are given an opportunity to authenticate
one another before any communication can proceed.
Keywords: Diffie Hellman; Mutual Authentication; Security; WiMAX.
I. Introduction
With the deployment of wireless communication in recent years, security issues in wireless networks
also become a growing concern [1] [2]. The Institute of Electrical and Electronics Engineers (IEEE) and Internet
Engineers Task Force (IETF) has proposed security mechanisms and protocols to countermeasure security
breaches in a way that minimizes the damage which may be caused by the attacks [4]. Even if WiMAX
technology has complex authentication and authorization methods and a very strong encryption technique it is
still vulnerable to different attacks or threats like jamming, scrambling, MITM or water torture attacks [8].
Privacy or confidentiality is fundamental for secure communication, which provides resistance to interception
and eavesdropping. Man-in-the-middle attack is another classic attack and is generally applicable in a
communication protocol where mutual authentication is absent. Other familiar attacks include parallel session
attack, reflection attack, interleaving attack, attack due to type flaw, attack due to name omission, and attack due
to misuse of cryptographic services. PKM V1 and PKM V2 have been used in WiMAX for security purposes
[3]. The above versions only secure the data being transferred. It also secures the BS. The MS/SS is however
left vulnerable to rogue BS [4]. The rogue BS can tap the management messages before the actual passing of
transmitted data. This paper addresses the weaknesses in WiMAX security system and consequently illustrates
how DH can help improve the WiMAX network security. MITH takes advantage of the absence of mutual
authentication to pose threats to the system [3].
1.1 Objective
The main objective of this paper is to highlight the application of DH algorithm in WiMAX mutual
authentication
II. Diffie Hellman Algorithm
The latest standard, IEEE 802.16e-2005, includes a new version (PKMv2) of the protocol that caters
for the shortcomings of the first version. PKMv1 does not have a capacity for mutual authentication.
2. Mutual Authentication In Wimax Security Using Diffie Hellman
DOI: 10.9790/1676-1102014246 www.iosrjournals.org 43 | Page
Furthermore PKMv2 supports two different mechanisms for authentication: the SS and the BS may use RSA-
based authentication or Extensible Authentication Protocol (EAP) -based authentication [21]. This is because
the RSA based authentication applies X.509 digital certificates together with RSA encryption. Authentication is
therefore made more secure. However, the exchange of vital management information is done before securing
the network. In the PKMv2, the BS asks the SS for its certificates and manufacturing IDs. The BS also sends its
management information details to SS in the public environment. Such vital information can be tapped by a
rogue Station.
Mutual authentication takes place in PKMv2 only after the transfer of management information. This is
where DH algorithm comes in handy. DH carries out authentication first before the exchange of management
information gets transferred.
The basic version of the Diffie-Hellman protocol is implemented as described below:
Let
1
2
Where:
ďˇ PkMS is the mobile Stationâs public key
ďˇ PkBS is the base Stationâs public key
ďˇ G and P are global variables called primes numbers
ďˇ G is a primitive root of P.
ďˇ âNaâ and âNbâ are the private keys of the MS and the BS respectively.
In the basic version of DH, after the respective exchange of the public keys, the MS and the BS
calculate the shared encryption key as shown in the equations 1 and 2. In order to implement mutual
authentication, AS sends Na to BS, BS calculates AKB [6], [7]. BS then sends another unique number Nb to SS.
Similarly, SS calculates AKS. If AKS is equal to AKB, AS believes this message sent by BS [8]. The AK in
both SS and BS is calculated as follows:
3
The equation 3 illustrates the implementation of DH protocol.
Figure 1: Implementation procedure for DH
Key
Na- Unique number from SS
Nb- Unique number from BS
AKB- BS authentication key
The Diffie Hellman Mutual Authentication Code
Diffie-Hellman key exchange (DH) is a cryptographic protocol that allows two parties that have no
prior knowledge of each other to establish together a shared secret key over an insecure communications
SS sends its Na
to BS
BS sends its Nb to SS
BS calculates AK
SS Calculates AK
AKS = AKB
Allow communication
3. Mutual Authentication In Wimax Security Using Diffie Hellman
DOI: 10.9790/1676-1102014246 www.iosrjournals.org 44 | Page
channel [2] [5]. Then they use this key to encrypt subsequent communications using a symmetric-key cipher.
The scheme was first published publicly by Whitfield Diffie and Martin [4].
Figure 3.1 illustrates the implementation procedure of the proposed protocol. The SS sends a number Na to the
BS. The BS then sends another unique number Nb to SS. BS calculates a unique authentication key using the
number received from the SS. The SS also calculates a unique authentication key using the number received
from the BS. The two results obtained from the calculations must be the same for authentication is to succeed.
Communication will be terminated if AKS and AKB are not the same. The mutual authentication code for DH
protocol is programmed in Dev C ++ as shown in the code at the appendix section. The following code is
written in Dev C++. This program has the mutual authentication functions that illustrate DH algorithm.
III. Results And Discussion
Dev C ++ allows for the demonstration of DH mutual authentication. The above code is written to help
a BS and an SS to communicate one to another and in the process establish a shared authentication key that is
later used to access the network [1]. The Responder commits to a protocol session with the Initiator if, and only
if, it has correctly finished the session with the Initiator. The Responder will only commit to the Initiator if the
latter is correctly authenticated by the Responder and the same applies to the Initiator, if it correctly validates the
identity of the Responder as expressed in the challenge response process of the model. In the equations above,
Nb is the nonce generated by the Responder, while Na is the nonce generated by Initiator.
Equation 3 explains that a shared authentication key must be obtained if two parties are to
communicate. The results obtained in figure 2 below show the mutual authentication process. The SS selects its
first number to be used in the DH algorithm. This number is used to obtain that calculation result. The result is
then sent to BS in a public non secured environment [4]. The BS equally selects its number then sends the result
of calculation. The two equipments only arrive at the same solution to the algorithm is they have the right
formula. A wrong result is obtained is an equipment has a wring algorithm. This translates to a MITH.
Suspicious equipment can never get the right solution to the challenge because the algorithm is only known to
legitimate BS and SS [8]. A legitimate station will always get the correct solution to the algorithm challenge. It
is also necessary to have more than one trial on the algorithm challenge. This means that a legitimate station can
sometimes miss the correct choice of number in the initial attempt. DH algorithm helps two stations which have
no prior knowledge of one another to establish a common authentication key. System details can then be
exchanged once the shared authentication key is obtained.
IV. Conclusion
Privacy or confidentiality is fundamental for secure communication, which provides resistance to
interception and eavesdropping. Message authentication provides integrity of the message and sender
authentication, corresponding to the security attacks of message modification and impersonation. Even if
WiMAX technology has complex authentication and authorization methods and a very strong encryption
technique, it is still vulnerable to different attacks or threats like jamming, scrambling, MITM or water torture
attacks [8].
The results show that the DH protocol works to keep away any intruder in the network. The goal of DH
is to carry out mutual authentication. The process of solving the algorithm is complex and only known by the
legitimate communication gadgets. Any MITH is kept at bay since they do not have the knowledge of the
protocol. Diffie Hellmann protocol algorithm introduces mutual authentication between the BS and SS prior to
the exchange of any management information. WiMAX is selected for this research because it is a recent
technology and is presently being rolled out in many parts of the world because of its broadband capacities.
Further research is needed on the actual implementation of DH protocol in new mobile devices lke smart phones
and Ipads.
Acknowledgement
S. Oguta would like to thank Dr. S. Musyoki and DR. K. Langat for your guidance and presence during
the preparation of this paper. S. Oguta also appreciates his family for their understanding and encouragement.
4. Mutual Authentication In Wimax Security Using Diffie Hellman
DOI: 10.9790/1676-1102014246 www.iosrjournals.org 45 | Page
Figure 2: Results of compilation
References
[1]. Z.You, X. Xie, W.Zheng," Verification and Research of a WiMAX authentication protocol Based on SSM", ICETC, pp. 34-43,
2010.
[2]. E.Yuksel," Analysis of the PKMv2 Protocol in IEEE 802.16e-2005 Using Static Analysis", Technical Paper at University of
Denmark, pp. 45-54, Feb 2007.
[3]. Z.You, X.Xie, W.Zheng," Verification and Research of a WiMAX authentication protocol Based on SSM", ICETC, pp. 22-32,
2010.
[4]. H.Tseng, R.Hong, W.Yang,"A chaotic maps-base key agreement protocol that preserves user anonymity", IEEE ICC, vol. 3, pp. 67-
70, 2009.
[5]. S.Sidharth, M.P.Sebastian," A Revised Secure Authentication Protocol for IEEE 802.16 (e)", International Conference on Advances
in Computer Engineering, pp. 34-42, 2010.
[6]. K.C.Chen, J.Boberto and B. De Marca, Mobile WiMAX. John Wiley & Sons Ltd, p. 56, 2008.
[7]. M.Barbeau, "WiMAX/802.16 Threat Analysis," in Proceedings of ACM Q2SWinet'05, Montreal, Quebec, Canada, 2005, pp. 8-15.
[8]. K. Jensen, L.Kristensen, L. Wells," Colored Petri Nets and CPN Tools for Modeling and Validation of Concurrent Systemsâ,
Department of Computer Science, pp. 112-122, 2008.
[9]. D. Gollmann. Computer Security Second Edition West Sussex, England: John Wiley & Sons, Ltd, 2006. Pp. 45.
Appendix
Implementation Code:
#include <iostream>
#include <math.h>
using namespace std;
int main ()
{
cout << "nntt" ;
int g, a, p, b, b2, A, X, B, Y, C, D, E, F, K1, K2 ;
cout << "SS to enter its unique numbernn";
g = 5;
p = 7; // the SS and BS agree to use same values of g and p. such an agreement is set at the point of
manufacture
cout << "nntt" ;
cin >> a ; // the SS selects its unique number for computation
cout << "nnttt" ;
A = pow (g, a);
cout << "the first SS computation result is nnntt" ;
B = A % p ;
cout << B ; // this is the value obtained by the SS
cout << "nntt";
// X is then sent by the SS across the network to the BS.
cout << " BS to enter its first unique number nntt" ;
cin >> b ; // BS selects its unique number for computation
5. Mutual Authentication In Wimax Security Using Diffie Hellman
DOI: 10.9790/1676-1102014246 www.iosrjournals.org 46 | Page
cout << "nn" ;
C = pow (g, b) ;
cout << "nntt" ;
D = C % p;
cout << "the BS computation result is: nntt";
cout << D ;
cout << "nntt" ;
cout << "SS sends its result to BS and BS equally sends its result to SS. these received values are used
in step two calculation nn" ;
E = pow (D, a) ;
cout << "nntt" ;
K1 = E % p ;
cout << "the authentication key obtained from SS is: nntt" ;
cout << K1 ;
cout << "nn" ;
F = pow (C, a);
cout << "nn" ;
K2 = F % p ;
cout << "nntt" ;
cout << "The authentication key obtained from BS is: nntt" ;
cout << K2;
cout << "nntt" ;
if ( K1 == K2)
{
cout << "value is the same mutual authentication has been obtained continue with communication the network
is securenntt" ;
}
else
{ cout << " mutual authentication not obtained. try againnntt" ;
cout << "SS to enter its unique number for second attempt nntt";
}