The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
June 2021 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
January 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
October 2020 - Top Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
March 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Most cited articles in academia - International journal of network security &...IJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
July 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
May 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
June 2021 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
January 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
October 2020 - Top Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
March 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Most cited articles in academia - International journal of network security &...IJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
December 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
November 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
October 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Most Downloaded article for an year in academia - International Journal of Ne...IJNSA Journal
This document summarizes a research article titled "SECURITY & PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS". The article analyzes various security and privacy threats related to the Internet of Things (IoT). It discusses some common attacks on different layers of the IoT and existing as well as proposed countermeasures. The article references 31 other sources and provides an abstract and keywords for the summarized research paper.
Top cited Network Security Articles- Part 1IJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analyzed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.
This document provides an overview of using data science techniques for analyzing Internet of Things (IoT) network traffic, using a smart home network as an example. It first discusses IoT systems, including components, communication protocols, and challenges. It then discusses how machine learning approaches like pattern detection, feature selection, and classification can be used to analyze IoT network traffic and behaviors. Specifically, it presents how these techniques could be applied in R and RStudio to a practical smart home network case study to better understand device interactions and identify anomalies.
Efficient Data Security for Mobile Instant MessengerPutra Wanda
This document proposes an efficient security method for mobile instant messengers. It suggests using elliptic curve cryptography algorithms for authentication and encryption in a peer-to-peer architecture rather than a client-server model. The proposed method generates key pairs for each communication session to sign and encrypt messages efficiently. It is designed to be compatible with mobile devices and improve upon existing methods that lack encryption or have high computational requirements. The document outlines the security model and describes algorithms for encryption, decryption, signing and verifying messages that could provide secure communication for mobile instant messaging applications.
Top 2 Cited Papers in 2017 - International Journal of Network Security & Its ...IJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Fog computing is a decentralized architecture that processes data and applications closer to end users and IoT devices than cloud computing does. It helps address issues with cloud computing like high latency and low capacity for IoT applications. Fog nodes can be devices like routers, switches and hubs that have some computing and storage capabilities. The paper discusses security and privacy issues with fog computing and possible solutions. It outlines threats like denial of service attacks, eavesdropping, spoofing and man-in-the-middle attacks. Authentication, authorization, and virtualization are identified as areas with security issues, and solutions like public key infrastructure, intrusion detection and certification authorities are proposed.
Securing mobile cloud using finger print authenticationIJNSA Journal
The document summarizes a research paper that proposes using fingerprint recognition for user authentication in mobile cloud computing. It introduces mobile cloud computing and the need to improve security by strengthening authentication methods. The proposed approach uses a mobile phone's camera to capture fingerprint images for authentication instead of additional hardware. The algorithm extracts features from captured images and matches them to stored templates. Experimental results on different mobile devices found processing times below standards. The solution was concluded to enhance mobile cloud security through accessible and cross-platform fingerprint authentication.
The Internet is driving force on how we communicate with one another, from posting messages and images to Facebook or “tweeting” your activities from your vacation. Today it is being used everywhere, now imagine a device that connects to the internet sends out data based on its sensors, this is the Internet-ofThings, a connection of objects with a plethora of sensors. Smart devices as they are commonly called, are invading our homes. With the proliferation of cheap Cloud-based IoT Camera use as a surveillance system to monitor our homes and loved ones right from the palm of our hand using our smartphones. These cameras are mostly white-label product, a process in which the product comes from a single manufacturer and bought by a different company where they are re-branded and sold with their own product name, a method commonly practice in the retail and manufacturing industry. Each Cloud-based IoT cameras sold are not properly tested for security. The problem arises when a hacker, hacks into the Cloud-based IoT Camera sees everything we do, without us knowing about it. Invading our personal digital privacy. This study focuses on the vulnerabilities found on White-label Cloud-based IoT Camera on the market specifically on a Chinese brand sold by Shenzhen Gwelltimes Technology. How this IoT device can be compromised and how to protect our selves from such cyber-attacks.
Complexity Versus Comprehendability: Simplifying Wireless SecurityOlivia Moran
This paper will follow the use of unsecured wireless networks in the city of Derry. Derry established a city wide open access network in 2008, thereby providing ideal conditions for the study of security issues pertaining to unsecured open access networks.
The paper will attempt to uncover the
reasoning behind the failure of individuals to take suitable security measures in light of threats that exist.
Novel authentication framework for securing communication in internet-of-things IJECEIAES
Internet-of-Things (IoT) offers a big boon towards a massive network of connected devices and is considered to offer coverage to an exponential number of the smart appliance in the very near future. Owing to the nascent stage of evolution of IoT, it is shrouded by security loopholes because of various reasons. Review of existing research-based solution highlights the usage of conventional cryptographic-based solution over the traditional mechanism of data forwarding process between IoT nodes and gateway. The proposed system presents a novel solution to this problem by a model that is capable of performing a highly secured and cost-effective authentication process. The proposed system introduces Authentication Using Signature (AUS) as well as Security with Complexity Reduction (SCR) for the purpose to resist participation of any form of unknown threats. The outcome of the model shows better security strength with faster response time and energy saving of the IoT nodes.
The AIRCC's International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
The AIRCC's International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
This document summarizes research on Internet of Things (IoT) malware based on a literature review. It defines IoT and IoT malware, categorizes common types of IoT malware, and discusses platforms and operating systems that are targets for IoT malware. The document analyzes reference models for IoT security and surveys recent studies on malware affecting popular mobile and embedded operating systems like Android, iOS, ARM mbed OS, and TinyOS.
1) The document discusses security issues in computer networks and proposes contemporary solutions. It covers topics like cryptography, secure data access, intrusion detection, and secure routing.
2) The literature review discusses previous research on wireless sensor network security including common attacks, requirements, and defenses. It also examines security issues that arise from the unique characteristics of wireless networks.
3) The document proposes that more research is still needed on topics like quantifying security costs and benefits, data integrity, survivability, and security for data-centric wireless sensor networks. A holistic security model is needed that integrates solutions at each network layer.
The internet of things is an emerging technology that is currently present in most processes and devices, allowing to improve the quality of life of people and facilitating the access to specific information and services. The main purpose of the present article is to offer a general overview of internet of things, based on the analysis of recently published work. The added value of this article lies in the analysis of the main recent publications and the diversity of applications of internet of things technology. As a result of the analysis of the current literature, internet of things technology stands out as a facilitator in business and industrial performance but above all in improving the quality of life. As a conclusion to this document, the internet of things is a technology that can overcome the challenges in terms of security, processing capacity and data mobility, as long as the development related to other technologies follows its expected course.
April 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
March 2022 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
November 2021 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
October 2021: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Most Downloaded article for an year in academia - International Journal of Ne...IJNSA Journal
This document summarizes a research article titled "SECURITY & PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN INTERNET OF THINGS". The article analyzes various security and privacy threats related to the Internet of Things (IoT). It discusses some common attacks on different layers of the IoT and existing as well as proposed countermeasures. The article references 31 other sources and provides an abstract and keywords for the summarized research paper.
Top cited Network Security Articles- Part 1IJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Trusting Smart Speakers: Understanding the Different Levels of Trust between ...CSCJournals
The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analyzed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.
This document provides an overview of using data science techniques for analyzing Internet of Things (IoT) network traffic, using a smart home network as an example. It first discusses IoT systems, including components, communication protocols, and challenges. It then discusses how machine learning approaches like pattern detection, feature selection, and classification can be used to analyze IoT network traffic and behaviors. Specifically, it presents how these techniques could be applied in R and RStudio to a practical smart home network case study to better understand device interactions and identify anomalies.
Efficient Data Security for Mobile Instant MessengerPutra Wanda
This document proposes an efficient security method for mobile instant messengers. It suggests using elliptic curve cryptography algorithms for authentication and encryption in a peer-to-peer architecture rather than a client-server model. The proposed method generates key pairs for each communication session to sign and encrypt messages efficiently. It is designed to be compatible with mobile devices and improve upon existing methods that lack encryption or have high computational requirements. The document outlines the security model and describes algorithms for encryption, decryption, signing and verifying messages that could provide secure communication for mobile instant messaging applications.
Top 2 Cited Papers in 2017 - International Journal of Network Security & Its ...IJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Fog computing is a decentralized architecture that processes data and applications closer to end users and IoT devices than cloud computing does. It helps address issues with cloud computing like high latency and low capacity for IoT applications. Fog nodes can be devices like routers, switches and hubs that have some computing and storage capabilities. The paper discusses security and privacy issues with fog computing and possible solutions. It outlines threats like denial of service attacks, eavesdropping, spoofing and man-in-the-middle attacks. Authentication, authorization, and virtualization are identified as areas with security issues, and solutions like public key infrastructure, intrusion detection and certification authorities are proposed.
Securing mobile cloud using finger print authenticationIJNSA Journal
The document summarizes a research paper that proposes using fingerprint recognition for user authentication in mobile cloud computing. It introduces mobile cloud computing and the need to improve security by strengthening authentication methods. The proposed approach uses a mobile phone's camera to capture fingerprint images for authentication instead of additional hardware. The algorithm extracts features from captured images and matches them to stored templates. Experimental results on different mobile devices found processing times below standards. The solution was concluded to enhance mobile cloud security through accessible and cross-platform fingerprint authentication.
The Internet is driving force on how we communicate with one another, from posting messages and images to Facebook or “tweeting” your activities from your vacation. Today it is being used everywhere, now imagine a device that connects to the internet sends out data based on its sensors, this is the Internet-ofThings, a connection of objects with a plethora of sensors. Smart devices as they are commonly called, are invading our homes. With the proliferation of cheap Cloud-based IoT Camera use as a surveillance system to monitor our homes and loved ones right from the palm of our hand using our smartphones. These cameras are mostly white-label product, a process in which the product comes from a single manufacturer and bought by a different company where they are re-branded and sold with their own product name, a method commonly practice in the retail and manufacturing industry. Each Cloud-based IoT cameras sold are not properly tested for security. The problem arises when a hacker, hacks into the Cloud-based IoT Camera sees everything we do, without us knowing about it. Invading our personal digital privacy. This study focuses on the vulnerabilities found on White-label Cloud-based IoT Camera on the market specifically on a Chinese brand sold by Shenzhen Gwelltimes Technology. How this IoT device can be compromised and how to protect our selves from such cyber-attacks.
Complexity Versus Comprehendability: Simplifying Wireless SecurityOlivia Moran
This paper will follow the use of unsecured wireless networks in the city of Derry. Derry established a city wide open access network in 2008, thereby providing ideal conditions for the study of security issues pertaining to unsecured open access networks.
The paper will attempt to uncover the
reasoning behind the failure of individuals to take suitable security measures in light of threats that exist.
Novel authentication framework for securing communication in internet-of-things IJECEIAES
Internet-of-Things (IoT) offers a big boon towards a massive network of connected devices and is considered to offer coverage to an exponential number of the smart appliance in the very near future. Owing to the nascent stage of evolution of IoT, it is shrouded by security loopholes because of various reasons. Review of existing research-based solution highlights the usage of conventional cryptographic-based solution over the traditional mechanism of data forwarding process between IoT nodes and gateway. The proposed system presents a novel solution to this problem by a model that is capable of performing a highly secured and cost-effective authentication process. The proposed system introduces Authentication Using Signature (AUS) as well as Security with Complexity Reduction (SCR) for the purpose to resist participation of any form of unknown threats. The outcome of the model shows better security strength with faster response time and energy saving of the IoT nodes.
The AIRCC's International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
The AIRCC's International Journal of Computer Science and Information Technology (IJCSIT) is devoted to fields of Computer Science and Information Systems. The IJCSIT is a open access peer-reviewed scientific journal published in electronic form as well as print form. The mission of this journal is to publish original contributions in its field in order to propagate knowledge amongst its readers and to be a reference publication.
Cloud computing has sweeping impact on the human productivity. Today it’s used for Computing, Storage, Predictions and Intelligent Decision Making, among others. Intelligent Decision-Making using Machine Learning has pushed for the Cloud Services to be even more fast, robust and accurate. Security remains one of the major concerns which affect the cloud computing growth however there exist various research challenges in cloud computing adoption such as lack of well managed service level agreement (SLA), frequent disconnections, resource scarcity, interoperability, privacy, and reliability. Tremendous amount of work still needs to be done to explore the security challenges arising due to widespread usage of cloud deployment using Containers. We also discuss Impact of Cloud Computing and Cloud Standards. Hence in this research paper, a detailed survey of cloud computing, concepts, architectural principles, key services, and implementation, design and deployment challenges of cloud computing are discussed in detail and important future research directions in the era of Machine Learning and Data Science have been identified.
This document summarizes research on Internet of Things (IoT) malware based on a literature review. It defines IoT and IoT malware, categorizes common types of IoT malware, and discusses platforms and operating systems that are targets for IoT malware. The document analyzes reference models for IoT security and surveys recent studies on malware affecting popular mobile and embedded operating systems like Android, iOS, ARM mbed OS, and TinyOS.
1) The document discusses security issues in computer networks and proposes contemporary solutions. It covers topics like cryptography, secure data access, intrusion detection, and secure routing.
2) The literature review discusses previous research on wireless sensor network security including common attacks, requirements, and defenses. It also examines security issues that arise from the unique characteristics of wireless networks.
3) The document proposes that more research is still needed on topics like quantifying security costs and benefits, data integrity, survivability, and security for data-centric wireless sensor networks. A holistic security model is needed that integrates solutions at each network layer.
The internet of things is an emerging technology that is currently present in most processes and devices, allowing to improve the quality of life of people and facilitating the access to specific information and services. The main purpose of the present article is to offer a general overview of internet of things, based on the analysis of recently published work. The added value of this article lies in the analysis of the main recent publications and the diversity of applications of internet of things technology. As a result of the analysis of the current literature, internet of things technology stands out as a facilitator in business and industrial performance but above all in improving the quality of life. As a conclusion to this document, the internet of things is a technology that can overcome the challenges in terms of security, processing capacity and data mobility, as long as the development related to other technologies follows its expected course.
April 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
March 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
May 2024 - Top 10 Read Articles in Network Security & Its Applications.pdfIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
February 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
January 2024 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
May 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
April 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
This document summarizes a study that evaluated using blockchain technology for resource management between Network Providers (NPs) in Next Generation Networks (NGNs). The researchers implemented a resource management mechanism using a smart contract on a blockchain testbed. Experiments tested transaction throughput and latency using different consensus algorithms (Raft and IBFT). The goal was to assess if the solution could support micro-level resource reallocation between NPs or only at higher levels, and determine the most suitable consensus mechanism based on performance. Results found that blockchain could enable distributed, trusted resource management between competitive NPs, but throughput and latency depended on the consensus algorithm used.
January 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
This document summarizes a study that evaluated using blockchain technology for resource management between Network Providers (NPs) in Next Generation Networks (NGNs). The researchers implemented a resource management mechanism using a smart contract on a blockchain testbed. Experiments tested transaction throughput and latency using different consensus algorithms (Raft and IBFT). The goal was to assess if the solution could support micro-level resource reallocation between NPs or only at higher levels, and determine the most suitable consensus mechanism based on performance. Results showed that blockchain could enable distributed, trusted resource management between competitive NPs, but performance depends on the consensus algorithm used.
October 2022: Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
July 2022 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
June 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
This document summarizes a research paper that evaluates using blockchain technology for resource management between network providers (NPs) in next generation networks (NGNs). It describes implementing a resource management mechanism in a smart contract and testing it on real testbeds using Raft and IBFT consensus algorithms. The evaluation aims to assess performance in terms of transaction throughput and latency to determine if the solution can support micro-service level resource reallocation between NPs. The results help identify the most suitable consensus mechanism for this use case based on performance metrics.
November 2023 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
April 2022 - Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
June 2022: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
May 2022: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
December 2023 - Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
August 2022: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
March 2023: Top 10 Read Articles in Network Security and Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
October 2023 - Top 10 Read Articles in Network Security & Its Applications.pdfIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
September 2022: Top 10 Read Articles in Network Security & Its ApplicationsIJNSA Journal
The International Journal of Network Security & Its Applications (IJNSA) is a bi monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the computer Network Security & its applications. The journal focuses on all technical and practical aspects of security and its applications for wired and wireless networks. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern security threats and countermeasures, and establishing new collaborations in these areas.
Similar to September 2021: Top 10 Read Articles in Network Security and Its Applications (20)
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
Using recycled concrete aggregates (RCA) for pavements is crucial to achieving sustainability. Implementing RCA for new pavement can minimize carbon footprint, conserve natural resources, reduce harmful emissions, and lower life cycle costs. Compared to natural aggregate (NA), RCA pavement has fewer comprehensive studies and sustainability assessments.
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMSIJNSA Journal
The smart irrigation system represents an innovative approach to optimize water usage in agricultural and landscaping practices. The integration of cutting-edge technologies, including sensors, actuators, and data analysis, empowers this system to provide accurate monitoring and control of irrigation processes by leveraging real-time environmental conditions. The main objective of a smart irrigation system is to optimize water efficiency, minimize expenses, and foster the adoption of sustainable water management methods. This paper conducts a systematic risk assessment by exploring the key components/assets and their functionalities in the smart irrigation system. The crucial role of sensors in gathering data on soil moisture, weather patterns, and plant well-being is emphasized in this system. These sensors enable intelligent decision-making in irrigation scheduling and water distribution, leading to enhanced water efficiency and sustainable water management practices. Actuators enable automated control of irrigation devices, ensuring precise and targeted water delivery to plants. Additionally, the paper addresses the potential threat and vulnerabilities associated with smart irrigation systems. It discusses limitations of the system, such as power constraints and computational capabilities, and calculates the potential security risks. The paper suggests possible risk treatment methods for effective secure system operation. In conclusion, the paper emphasizes the significant benefits of implementing smart irrigation systems, including improved water conservation, increased crop yield, and reduced environmental impact. Additionally, based on the security analysis conducted, the paper recommends the implementation of countermeasures and security approaches to address vulnerabilities and ensure the integrity and reliability of the system. By incorporating these measures, smart irrigation technology can revolutionize water management practices in agriculture, promoting sustainability, resource efficiency, and safeguarding against potential security threats.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
Introduction- e - waste – definition - sources of e-waste– hazardous substances in e-waste - effects of e-waste on environment and human health- need for e-waste management– e-waste handling rules - waste minimization techniques for managing e-waste – recycling of e-waste - disposal treatment methods of e- waste – mechanism of extraction of precious metal from leaching solution-global Scenario of E-waste – E-waste in India- case studies.
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
Understanding Inductive Bias in Machine LearningSUTEJAS
This presentation explores the concept of inductive bias in machine learning. It explains how algorithms come with built-in assumptions and preferences that guide the learning process. You'll learn about the different types of inductive bias and how they can impact the performance and generalizability of machine learning models.
The presentation also covers the positive and negative aspects of inductive bias, along with strategies for mitigating potential drawbacks. We'll explore examples of how bias manifests in algorithms like neural networks and decision trees.
By understanding inductive bias, you can gain valuable insights into how machine learning models work and make informed decisions when building and deploying them.
Presentation of IEEE Slovenia CIS (Computational Intelligence Society) Chapte...University of Maribor
Slides from talk presenting:
Aleš Zamuda: Presentation of IEEE Slovenia CIS (Computational Intelligence Society) Chapter and Networking.
Presentation at IcETRAN 2024 session:
"Inter-Society Networking Panel GRSS/MTT-S/CIS
Panel Session: Promoting Connection and Cooperation"
IEEE Slovenia GRSS
IEEE Serbia and Montenegro MTT-S
IEEE Slovenia CIS
11TH INTERNATIONAL CONFERENCE ON ELECTRICAL, ELECTRONIC AND COMPUTING ENGINEERING
3-6 June 2024, Niš, Serbia
September 2021: Top 10 Read Articles in Network Security and Its Applications
1. September 2021: Top
10 Read Articles in
Network Security and
Its Applications
International Journal of Network
Security & Its Applications (IJNSA)
ERA, WJCI Indexed
ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)
http://airccse.org/journal/ijnsa.html
Citations, h-index, i10-index
Citations 7690 h-index 42 i10-index 167
2. SECURITY & PRIVACY THREATS, ATTACKS AND COUNTERMEASURES IN
INTERNET OF THINGS
Faheem Masoodi1
Shadab Alam2
and Shams Tabrez Siddiqui2
1
Department of Computer Science, University of Kashmir, J&k, India 2
Department of Computer
Science, Jazan University, KSA
ABSTRACT
The idea to connect everything to anything and at any point of time is what vaguely defines the
concept of the Internet of Things (IoT). The IoT is not only about providing connectivity but also
facilitating interaction among these connected things. Though the term IoT was introduced in
1999 but has drawn significant attention during the past few years, the pace at which new
devices are being integrated into the system will profoundly impact the world in a good way but
also poses some severe queries about security and privacy. IoT in its current form is susceptible
to a multitudinous set of attacks. One of the most significant concerns of IoT is to provide
security assurance for the data exchange because data is vulnerable to some attacks by the
attackers at each layer of IoT. The IoT has a layered structure where each layer provides a
service. The security needs vary from layer to layer as each layer serves a different purpose. This
paper aims to analyze the various security and privacy threats related to IoT. Some attacks have
been discussed along with some existing and proposed countermeasures.
KEYWORDS
Internet of Things, privacy, attacks, security, threats, protocols.
For More Details : http://aircconline.com/ijnsa/V11N2/11219ijnsa05.pdf
Volume Link : http://airccse.org/journal/jnsa19_current.html
3. REFERENCES
[1] J. Gubbi, R. Buyya, S. Marusic, M. Palaniswami, Internet of things (IoT): a vision,
architectural elements, and future directions, Future Gener. Comput. Syst. 29 (7) (2013)
1645–1660.
[2] Roman, R., Najera, P., Lopez, J., 2011. Securing the internet of things. Computer 44 (9),
51_58.
[3] Horrow, S., and Anjali, S. (2012). Identity Management Framework for Cloud-Based
Internet of Things. SecurIT ’12 Proceedings of the First International Conference on Security
of Internet of Things, 200– 203. 2012
[4] Whitmore, A., Agarwal, A., and Da Xu, L. (2014). The Internet of Things: A survey of topics
and trends. Information Systems Frontiers, 17(2), 261– 274.
[5] Aazam, M., St-Hilaire, M., Lung, C.-H., and Lambadaris, I. (2016). PRE-Fog: IoT trace
based probabilistic resource estimation at Fog. 2016 13th IEEE Annual Consumer
Communications and Networking Conference (CCNC), 12– 17.
[6] Jiang, H., Shen, F., Chen, S., Li, K. C., and Jeong, Y. S. (2015). A secure and scalable
storage system for aggregate data in IoT. Future Generation Computer Systems, 49, 133–
141.
[7] Li, S., Tryfonas, T., and Li, H. (2016). The Internet of Things: a security point of view.
Internet Research, 26(2), 337– 359.
[8] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash. Internet of things:
A survey on enabling technologies, protocols, and applications. IEEE Communications
Surveys Tutorials, 17(4):2347–2376, Fourth quarter 2015.
[9] Pongle, P., and Chavan, G. (2015). A survey: Attacks on RPL and 6LoWPAN in IoT. 2015
International Conference on Pervasive Computing: Advance Communication Technology
and Application for Society, ICPC 2015, 0(c), 0–5
[10] Tsai, C.-W., Lai, C.-F., and Vasilakos, A. V. (2014). Future Internet of Things: open
issues and challenges. Wireless Networks, 20(8), 2201–2217.
[11] V. Karagiannis, P. Chatzimisios, F. Vazquez-Gallego, and J. Alonso-Zarate, "A survey
on application layer protocols for the internet of things," Transaction on IoT and Cloud
Computing, vol. 3, no. 1, pp. 11-17, 2015
[12] D. Locke, "MQ telemetry transport (MQTT) v3. 1 protocol specification," IBM
Developer WorksTechnicalLibrary,2010,
http://www.ibm.com/developerworks/webservices/library/wsmqtt/index.html
4. [13] M. Singh, M. Rajan, V. Shivraj, and P. Balamuralidhar, "Secure MQTT for the Internet
of Things (IoT)," in Fifth International Conference on Communication Systems and Network
Technologies (CSNT 2015), April 2015, pp. 746-751.
[14] OASIS, "OASIS Advanced Message Queuing Protocol (AMQP) Version 1.0," 2012,
http://docs.oasis-open.org/amqp/core/v1.0/os/amqp-core-complete-v1.0-os.pdf
[15] T. Winter, et al., "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks,"
IETF RFC 6550, Mar. 2012, http://www.ietf.org/rfc/rfc6550.txt
[16] A. Aijaz and A. Aghvami, "Cognitive machine-to-machine communications for internet-
of-things: A protocol stack perspective," IEEE Internet of Things Journal, vol. 2, no. 2, pp.
103-112, April 2015,
[17] http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=7006643
[18] Z. Zhou, B. Yao, R. Xing, L. Shu, and S. Bu, "E-CARP: An energy-efficient routing
protocol for UWSNs on the internet of underwater things," IEEE Sensors Journal, vol. PP,
no. 99, 2015, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7113774
[19] D. Dujovne, T. Watteyne, X. Vilajosana, and P. Thubert, "6TiSCH: Deterministic IP-
enabled industrial internet (of things)," IEEE Communications Magazine, vol. 52, no.12, pp.
36-41, December 2014, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6979984
[20] M. Hasan, E. Hossain, D. Niyato, "Random access for machine-to-machine
communication in LTEadvanced networks: issues and approaches," in IEEE
Communications Magazine, vol. 51, no. 6, pp.86-93, June 2013,
http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=6525600
[21] Z-Wave, "Z-Wave Protocol Overview," v. 4, May 2007,
https://wiki.ase.tut.fi/courseWiki/imges/9/94/SDS10243_2_Z_Wave_Protocol_Overview.pdf
[22] ZigBee Standards Organization, “ZigBee Specification,” Document 053474r17, Jan
2008, 604 pp., http://home.deib.polimi.it/cesana/teaching/IoT/papers/ZigBee/ZigBeeSpec.pdf
[23] O. Cetinkaya and O. Akan, "A dash7-based power metering system," in 12th Annual
IEEE Consumer Communications and Networking Conference (CCNC), Jan 2015, pp. 406-
411, http://ieeexplore.ieee.org/xpl/articleDetails.jsp?reload=true&arnumber=7158010
[24] Zhang, Zhi-Kai, et al. ”IoT security: ongoing challenges and research opportunities.”
ServiceOriented Computing and Applications (SOCA), 2014 IEEE 7th International
Conference on. IEEE, 2014.
[25] D. Migault, D. Palomares, E. Herbert, W. You, G. Ganne, G. Arfaoui, and M. Laurent,
“E2E: An Optimized IPsec Architecture for Secure And Fast Offload,” in Seventh
International Conference on Availability, Reliability and Security E2E: 2012.
5. [26] Abomhara, Mohamed, and Geir M. Køien. ”Security and privacy in the Internet of
Things: Current status and open issues.” Privacy and Security in Mobile Systems (PRISMS),
2014 International Conference on. IEEE, 2014.
[27] B. L. Suto, “Analyzing the Accuracy and Time Costs of Web Application Security
Scanners,” San Fr., no. October 2007, 2010.
[28] O. El Mouaatamid, M. LahmerInternet of Things security: layered classification of
attacks and possible countermeasures Electron J (9) (2016).
[29] Seda F. Gürses/Bettina Berendt/Thomas Santen, Multilateral Security Requirements
Analysis for Preserving Privacy in Ubiquitous Environments, in Bettina Berendt/Ernestina
Menasalvas (eds), Workshop on Ubiquitous Knowledge Discovery for Users (UKDU '06), at
51–64;
[30] Stankovic, J. (2014). Research directions for the internet of things. IEEE Internet of
Things Journal, 1(1), 3–9
[31] Sicari, Sabrina, et al. "Security, privacy and trust in the Internet of Things: The road
ahead." Computer Networks76 (2015): 146-164.
[32] https://www.cso.com.au/article/575407/internet-things-iot-threats-countermeasures/
Accessed on 15-03-2019
[33] Bokhari, Mohammad Ubaidullah, and Faheem Masoodi. "Comparative analysis of
structures and attacks on various stream ciphers." Proceedings of the 4th National
Conference. 2010.
6. PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
Wosah Peace Nmachi and Thomas Win
School of Computing & Engineering University of Gloucestershire, Park Campus, Cheltenham
GL50 2RH United Kingdom
ABSTRACT
Email is a channel of communication which is considered to be a confidential medium of
communication for exchange of information among individuals and organisations. The
confidentiality consideration about e-mail is no longer the case as attackers send malicious
emails to users to deceive them into disclosing their private personal information such as
username, password, and bank card details, etc. In search of a solution to combat phishing
cybercrime attacks, different approaches have been developed. However, the traditional exiting
solutions have been limited in assisting email users to identify phishing emails from legitimate
ones. This paper reveals the different email and website phishing solutions in phishing attack
detection. It first provides a literature analysis of different existing phishing mitigation
approaches. It then provides a discussion on the limitations of the techniques, before concluding
with an explorationin to how phishing detection can be improved.
KEYWORDS
Cyber-security, Phishing Email Attack, Deep Learning, Stylometric Analysis, Cyber Human
Behaviour
For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa05.pdf
Volume Link : http://airccse.org/journal/jnsa21_current.html
7. REFERENCES
[1] Leite C., Gondim J. J. C., Barreto P. S., and Alchieri E. A., (2019). Waste flooding: A
phishing retaliation tool
[2] Xiujuan W., Chenxi Z., Kangfeng Z., Haoyang T., &Yuanrui T.(2019)detecting spear-
phishing emails based on authentication
[3] Duman S, Kalkan-Cakmakci K, Egele M. (2016)EmailProfiler: Spear phishing filtering with
header and stylometric features of emails.
[4] Calix K., Connors M., Levy D., Manzar H., McCabe G., & Westcott S. (2008). Stylometry
for E-mail author identification and authentication
[5] Gupta B. B., Arachchilage N A.G., &Psannis K. E. (2018).Defending against phishing
attacks: taxonomy of methods, current issues and future direction
[6] Dewan P, Kashyap A, &Kumaraguru P. (2014). Analysingsocial and stylometric features to
identify spear phishing emails
[7] AbahussainO. &Harrath Y. (2019). Detection of malicious emails through regular
expressions and databases
[8] Helmi R. A. A., Ren C. S.&Jamal A. (2019). Email anti-phishing detection application
[9] Asanka N. G.A.,Steve L.&Beznosov K. (2016) Phishing threat avoidance behaviour: An
empirical investigation
[10] Mohammad R., Thabtah F. & McCluskey L. (2015): Tutorial and critical analysis of
phishing websites methods
[11] Heartfield Ryan& George Loukas, (2018) Detecting semantic social engineering attacks
with the weakest link: Implementation and empirical evaluation of a human-as-a-security-
sensor framework
[12] Baniya T., Gautam D.& Kim Y. (2015). Safeguarding web surfing with URL blacklisting
[13] Canova G., Volkamer M., Bergmann C., &Borza R. (2014). NoPhish: An anti-phishing
education app
[14] Bottazzi G., Casalicchio E., Marturana F., &Piu M. (2015). MP-shield: A framework for
phishing detection in mobile devices.
[15] Li, J., Li, J., Chen, X., Jia, C., & Lou, W. (2015) Identity-based encryption without
sourced revocation incloud computing
8. [16] Qabajeh I.,Thabtah F.,&Chiclana F. (2018) A recent review of conventional vs.
automated cybersecurity anti-phishing techniques
[17] Lötter Andrés.&Futcher Lynn, (2015) A framework to Assist Email Users in the
Identification of Phishing Attacks
[18] Gascon H., Ullrich S., Stritter B. &Rieck K. (2018) Reading between the lines: content-
agnostic detection of spear-phishing emails
[19] Smadi S., Aslam N., & Zhang L. (2018). Detection of online phishing email using
dynamic evolving neural network based on reinforcement learning
[20] Chandrasekaran M., Narayanan K., andUpadhayayaS. (2006) Phishing e-mail detection
based on structural properties.
[21] Ghafir I., Saleem J., Hammoudeh M., Faour H., Prenosil V., Jaf S., Jabbar S. & Baker T.
(2018). Security threats to critical infrastructure: the human factor
[22] Khonji M, Iraqi Y& Jones A. (2011). Mitigation of spear phishing attacks: A Content-
based Authorship Identification framework
[23] Iqbal F, BinsalleehH&Fung B C M. (2010). Mining writeprints from anonymous e-mails
for forensic investigation
[24] Lyon, J.& Wong M. (2006). Sender ID: authenticating e-mail,” RFC 4406.
[25] KunjuM.V., Esther D., Anthony H. C. &BhelwaS. (2019) Evaluation of phishing
techniques based on machine learning
[26] Peng T., Harris I., &Sawa Y. (2018).Detecting phishing attacks using natural language
processing and machine learning
[27] SahingozO.K.,Buber E., Demir O., &Diri B. (2019). Machine learning based phishing
detection from URLs
[28] Zhang, Y., Hong, J. I., &Cranor, L. F.(2007). Cantina: A content based approach to
detecting phishing web sites.
[29] Suganya V. (2016): A review on phishing attacks and various anti-phishing techniques
[30] Abdelhamid N., Ayesh A. &Thabtah F. (2014) Phishing detection based associative
classification data mining
[31] SternfeldUri&Striem-Amit Yonatan. (2019) Prevention of rendezvous generation
algorithm (RGA) and domain generation algorithm (DGA) malware over exiting internet
services.
9. [32] Akarsh S., Sriram S., &Poornachandran P.(2019) Deep learning framework for domain
generation algorithms prediction using long short-term memory.
[33] Bagui S., Nandi D.,Subhash B. & White J.R (2019) Classifying phishing email using
machine learning and deep learning
[34] Jain Kumar Ankit. & Gupta B.B. (2018). A machine learning based approach for
phishing detection using hyperlinks information
[35] Vinayakumar R., Soman K. P., Poornachandran P., Akarsh S. &Elhoseny M. (2019)
Deep learning framework for cyber threat situational awareness based on email and url data
analysis.
[36] Park Gilchan and Rayz Julia (2018).Ontological detection of phishing emails
[37] Surbhi G., Abhishek S.&Akanksha K. (2016). A literature survey on social engineering
attacks: phishing attack
[38] Jamil A., Asif K.& Ghulam Z. (2018) MPMPA: A mitigation and prevention model for
social engineering based phishing attacks on facebook
[39] Platsis George, (2018) Thehuman factor: Cyber security's greatest challenge
[40] NaimBaftiu. (2017).Cyber security in Kosovo
[41] Abdelhamid N., Thabtah F. & Abdel-jaber H. (2017) Phishing detection: A recent
intelligent machine learning comparison based on models content and features
[42] Alsharnouby M., Alaca F., Chiasson S. (2015)Why phishing still works: User strategies
for combating phishing attacks
[43] Chou N., Ledesma R., Teraguchi Y., Boneh D., and Mitchell J. C. (2004) “Client-side
defence against web-based identity theft”.
[44] Prakash P., Kumar M., Rao R. K. and Gupta M. (2010) PhishNet: Predictive blacklisting
to detect phishing attacks
[45] Delany Mark, (2007) Domain-based email authentication using public keys advertised in
the DNS (Domain Keys).
[46] Saidani N., Adi K. and AlliliM. S. (2020)A semantic-based classification approach for an
enhanced spam detection.
[47] Bhowmick A. and Hazarika S.M. (2016) Machine learning for e-mail spam filtering:
review techniques and trends.
10. CRITICAL INFRASTRUCTURE CYBERSECURITY CHALLENGES: IOT IN PERSPECTIVE
1
Akwetey Henry Matey, 2
Paul Danquah, 1
Godfred Yaw Koi-Akrofi and 1
Isaac Asampana
1
Departments of I.T. Studies, University of Professional Studies Accra
2
Department of I.T., Heritage Christian University
ABSTRACT
A technology platform that is gradually bridging the gap between object visibility and remote
accessibility is the Internet of Things (IoT). Rapid deployment of this application can
significantly transform the health, housing, and power (distribution and generation) sectors, etc.
It has considerably changed the power sector regarding operations, services optimization, power
distribution, asset management and aided in engaging customers to reduce energy consumption.
Despite its societal opportunities and the benefits it presents, the power generation sector is
bedeviled with many security challenges on the critical infrastructure. This review discusses the
security challenges posed by IoT in power generation and critical infrastructure. To achieve this,
the authors present the various IoT applications, particularly on the grid infrastructure, from an
empirical literature perspective. The authors concluded by discussing how the various entities in
the sector can overcome these security challenges to ensure an exemplary future IoT
implementation on the power critical infrastructure value chain.
KEYWORDS
Power Distribution, Internet of Things (IoT), Sensors, Technology, Implementation
For More Details : https://aircconline.com/ijnsa/V13N4/13421ijnsa04.pdf
Volume Link : https://airccse.org/journal/jnsa21_current.html
11. REFERENCES
[1] A. R., Khan, A.Mahmood, A. Safdar, Z. A. Khan, and & N. A Khan, "Load forecasting,
dynamic pricing and DSM in smart grid: A review," Renewable and Sustainable Energy
Reviews, Elsevier, vol. 54(C), pages 1311-1322, 2016.
[2] R. Mallik, and H. Kargupta, "A Sustainable Approach for Demand Prediction in Smart Grids
using a Distributed Local Asynchronous Algorithm. Accepted for publication in the
Proceedings of the Conference on Data Understanding (CIDU)", 2011.
[3] K. Zhou, and S. Yang, "Understanding household energy consumption behaviour: The
contribution of energy big data analytics," Renewable and Sustainable Energy Reviews,
Elsevier, vol. 56(C), pages 810-819, 2016.
[4] K. M. Läs- sig J., K. Kersting, "Wind Power Prediction with Machine Learning.," Springer,
vol. 9570 of L.N., 2016.
[5] W. Björn, E. Lorenz, and K. Oliver, "Statistical Learning for Short-Term Photovoltaic Power
Predictions.," vol. Volume 957, 2016.
[6] M. Stolpe, "The Internet of Things: Opportunities and Challenges for Distributed Data
Analysis," ACM SIGKDD Explor. Newsl., vol. 18, no. 1, pp. 15–34, 2016, DOI:
10.1145/2980765.2980768.
[7] B. Shakerighadi, A. A.-M. J. C. Vasquez, and J. M. Guerrero, "Internet of Things for Modern
Energy Systems ," 2018, DOI: 10.3390/en11051252.
[8] K. Sajid, A.; Abbas, H.; Saleem, "Cloud-Assisted IoT-Based SCADA Systems Security: A
Review of the State of the Art and Future Challenges.," IEEE Access, pp. 4, 1375–1384,
2016, DOI: 10.1109/ACCESS.2016.2549047.
[9] S. S. I. Samuel, "A review of connectivity challenges in IoT-smart home." MEC International
Conference on Big Data and Smart City, Muscat, Oman, pp. 364–367, 2016, DOI:
10.1109/ICBDSC.2016.7460395.
[10] G. Bedi, G. K. Venayagamoorthy, R. Singh, R. R. Brooks, and K. C. Wang, "Review of
Internet of Things (IoT) in Electric Power and Energy Systems," IEEE Internet Things J.,
vol. 5, no. 2, pp. 847–870, 2018, DOI: 10.1109/JIOT.2018.2802704.
[11] I. Doh, J. Lim, and K. Chae, "Secure Authentication for Structured Smart Grid System,"
2015, DOI: 10.1109/IMIS.2015.32.
[12] G. W. Bendermacher, M. G. Oude Egbrink, I. H. Wolfhagen, and D. H. Dolmans,
"Unraveling quality culture in higher education: A realist review, "Higher Education, 73(1),
39-60, 2017.
12. [13] R. Savolainen, Information seeking and searching strategies as plans and patterns of
action: A conceptual analysis, " Journal of Documentation, 72(6), 1154-1180, 2016.
[14] R. Syed, and K. Collins-Thompson, "Optimizing search results for a human learning
goal, " Information Retrieval Journal, 20, 506-523, 2017.
[15] M. Allen, "The SAGE Encyclopedia of Communication Research Methods," 2017. DOI:
https://dx.doi.org/10.4135/9781483381411
[16] M. W. and C. Ebert, "Reference Architectures for the Internet of Things," IEEE Software,
IEEE Comput. Soc., no. Jan/Feb 2016, p. P.112 ff, 2016.
[17] B. P. Carrez, Francois, Srdjan Krio, “Designing IoT Architecture ( s ) A European
Perspective,” pp. 79–84, 2014.
[18] K. . Wu G., Talwar, S., Johnsson K., Himayat, N., and Johnson, "Recent Progress in
Machine-To-Machine Communications," IEEE Commun. Mag., pp. 36–43, 2011.
[19] J. Guth et al., "Comparison of IoT Platform Architectures : A Field Study based on a
Reference Architecture Comparison of IoT Platform Architectures : A Field Study based on a
Reference Architecture," 2016.
[20] A. K. Minhaj, and S. Khaled, "IoT security: Review, blockchain solutions, and open
challenges", Future Generation Computer Systems, Volume 82, Pages 395-411, 2018
[21] E. Vasilomanolakis, "On the Security and Privacy of Internet of Things Architectures and
Systems."
[22] D. Minoli, and J. Kouns, "IoT Security ( IoTSec ) Considerations, Requirements, and
Architectures," 2017 14th IEEE Annu. Consum. Commun. Netw. Conf., pp. 1006–1007,
2017, DOI: 10.1109/CCNC.2017.7983271.
[23] T. O. Olowu, and A. Sundararajan, Future Challenges and Mitigation Methods for High
Photovoltaic Penetration : A Survey. 2020.
[24] N. M. Kumar, K. Atluri, and S. Palaparthi, "Internet of Things ( IoT ) in Photovoltaic
Systems," 2018 Natl. Power Eng. Conf., no. October, pp. 1–4, 2018, DOI:
10.1109/NPEC.2018.8476807.
[25] A. Ghasempour, "Internet of Things in Smart Grid: Architecture, Applications, Services,
Key Technologies, and Challenges," 2019, DOI: 10.3390/inventions4010022.
[26] M. Chen, J. Wan, and F. Li, "Machine-to-Machine Communications : Architectures,
Standards and Applications," vol. 6, no. 2, pp. 480–497, 2012, DOI:
10.3837/tiis.2012.02.002.
13. [27] N. A. Hidayatullah, A. C. Kurniawan, and A. Kalam, “Power Transmission and
Distribution Monitoring using Internet of Things (IoT) for Smart Grid,” IOP Conf. Ser.
Mater. Sci. Eng., vol. 384, no. 1, 2018, doi: 10.1088/1757-899X/384/1/012039.
[28] S. Rekha, and J. Anita, "Role of smart grid in the power sector and challenges for its
implementation : A review on Indian scenario," no. October 2018.
[29] S. Chakrabarty, D. W. Engels, and S. Member, "A Secure IoT Architecture for Smart
Cities," 2016.
[30] A. Ramamurthy and P. Jain, "The Internet of Things in the Power Sector Opportunities in
Asia and the Pacific," no. 48, 2017.
[31] Junru Lin. et al., "Monitoring Power Transmission Lines using a Wireless Sensor
Network Wireless," Commun. Mob. Comput. (John Wiley Sons, Ltd, 2014.
[32] O. K. and Hans-RolfT., "Sensor Technology and Future Trend IEEE Transaction on
Instrumentation and Measurement," IEEE, pp. 1497-1501.53(6) p, 2004.
[33] S. Kim, U. Kim, and J. Huh, "A Study on Improvement of Blockchain Application to
Overcome Vulnerability of IoT Multiplatform Security," 2019, DOI: 10.3390/en12030402.
[34] A. Janjić, L. Velimirović, J. Ranitović, and Ž. Džunić, "Internet of Things in Power
Distribution Networks – State of the Art," no. September 2017.
[35] T. Nguyen, S. Wang, M. Alhazmi, M. Nazemi, A. Estebsari, and P. Dehghanian,
"Electric Power Grid Resilience to Cyber Adversaries: State of the Art," IEEE Access, vol. 8,
pp. 87592–87608, 2020, DOI: 10.1109/ACCESS.2020.2993233.
[36] M. A. Shahid, R. Nawaz, I. M. Qureshi, and M. H. Mahmood, "Proposed Defense
Topology against Cyber Attacks in Smart Grid," 4th Int. Conf. Power Gener. Syst. Renew.
Energy Technol. PGSRET 2018, no. September, pp. 1–5, 2019, DOI:
10.1109/PGSRET.2018.8685944.
[37] M. Sahabuddin, B. Dutta, and M. Hassan, "Impact of cyber-attack on isolated power
system," 2016 3rd Int. Conf. Electr. Eng. Inf. Commun. Technol. iCEEiCT 2016, pp. 8–11,
2017, DOI: 10.1109/CEEICT.2016.7873088.
[38] Kaspersky, "Cyber threats for ICS in Energy in Europe. Object of research," pp. 1–11,
2020.
[39] C. Alcaraz, P. Najera, R. Roman, and J. Lopez, “How will city infrastructure and sensors
be made smart?,” White Pap., vol. 6, no. 11, p. 113, 2010, doi: 10.1002/047011276X.
[40] M. Eckel and T. Laffey, "Ensuring the integrity and security of network equipment is
critical in the fight against cyberattacks," Netw. Secure., vol. 2020, no. 9, pp. 18–19, 2020,
DOI: 10.1016/S1353-4858(20)30107-0.
14. [41] Electric Power Research Institute (EPRI), "Contributions of Supply and Demand
Resources to Required Power System Reliability Services," 2015.
[42] S. Ghosh and M. H. Ali, "Exploring Severity Ranking of Cyber-Attacks in Modern
Power Grid," 2019.
[43] Z. Livingston, Sanborn, Slaughter, "Managing cyber risk in the electric power sector |
Deloitte Insights," 2019.
[44] P. Eder-Neuhauser, T. Zseby, J. Fabini, and G. Vormayr, "Sustainable Energy, Grids and
Networks Cyberattack models for smart grid environments," Sustain. Energy, Grids
Networks, vol. 12, pp. 10–29, 2017, DOI: 10.1016/j.segan.2017.08.002.
[45] A. S. Bretas, N. G. Bretas, B. Carvalho, E. Baeyens, and P. P. Khargonekar, "Smart grids
cyber-physical security as a malicious data attack : An innovation approach ଝ," Electr. Power
Syst. Res., vol. 149, pp. 210–219, 2017, DOI: 10.1016/j.epsr.2017.04.018.
[46] J. Xu, B. Liu, H. Mo, and D. Dong, "Automatica Bayesian adversarial multi-node bandit
for optimal smart grid protection against cyber attacks ✩
," Automatica, vol. 128, p. 109551,
2021, DOI: 10.1016/j.automatica.2021.109551.
[47] S. Hasan, A. Dubey, G. Karsai, and X. Koutsoukos, "Electrical Power and Energy
Systems A game-theoretic approach for power systems defence against dynamic," Electr.
Power Energy Syst., vol. 115, no. January 2019, p. 105432, 2020, DOI:
10.1016/j.ijepes.2019.105432.
[48] B. Li, R. Lu, W. Wang, and K. R. Choo, "Distributed host-based collaborative detection
for false data injection attacks in smart grid cyber-physical system," J. Parallel Distrib.
Comput., vol. 103, pp. 32–41, 2017, DOI: 10.1016/j.jpdc.2016.12.012.
[49] X. Luo, Q. Yao, X. Wang, and X. Guan, "Electrical Power and Energy Systems
Observer-based cyber-attack detection and isolation in smart grids," Electr. Power Energy
Syst., vol. 101, no. January, pp. 127–138, 2018, DOI: 10.1016/j.ijepes.2018.02.039.
[50] A. Shukla, S. Dutta, and P. K. Sadhu, "An island detection approach by μ -PMU with
reduced chances of cyber attack," Int. J. Electr. Power Energy Syst., vol. 126, no. PA, p.
106599, 2021, DOI: 10.1016/j.ijepes.2020.106599.
[51] W. Ding, M. Xu, Y. Huang, P. Zhao, and F. Song, "Cyber attacks on PMU placement in a
smart grid : Characterization and optimization," Reliab. Eng. Syst. Saf., vol. 212, no. March,
p. 107586, 2021, DOI: 10.1016/j.ress.2021.107586.
[52] L. Lee and P. Hu, "Vulnerability analysis of cascading dynamics in smart grids under
load redistribution attacks," Electr. Power Energy Syst., vol. 111, no. February, pp. 182–190,
2019, DOI: 10.1016/j.ijepes.2019.03.062.
15. [53] M. Ashrafuzzaman, S. Das, Y. Chakhchoukh, S. Shiva, and F. T. Sheldon, "Computers &
Security Detecting stealthy false data injection attacks in the smart grid using ensemble-
based machine learning," Comput. Secure., vol. 97, p. 101994, 2020, DOI:
10.1016/j.cose.2020.101994.
[54] Y. Li and Y. Wang, "Developing graphical detection techniques for maintaining state
estimation integrity against false data injection attack in the integrated electric cyber-physical
system," J. Syst. Archit., vol. 105, no. December 2019, 2020, DOI:
10.1016/j.sysarc.2019.101705.
[55] S. Aoufi, A. Derhab, and M. Guerroumi, "Journal of Information Security and
Applications Survey of false data injection in the smart power grid : Attacks,
countermeasures and challenges," J. Inf. Secure. Appl., vol. 54, p. 102518, 2020, DOI:
10.1016/j.jisa.2020.102518.
[56] X. Liu, L. Che, K. Gao, and Z. Li, "Power System Intra-Interval Operational Security
under False Data Injection Attacks," IEEE Trans. Ind. Informatics, vol. 16, no. 8, pp. 4997–
5008, 2020, DOI: 10.1109/TII.2019.2954350.
[57] T. Zou, A. S. Bretas, C. Ruben, S. C. Dhulipala, and N. Bretas, "Smart grids cyber-
physical security : Parameter correction model against unbalanced false data injection attacks
☆," Electr. Power Syst. Res., vol. 187, no. June, p. 106490, 2020, DOI:
10.1016/j.epsr.2020.106490.
[58] X. Li and K. W. Hedman, "Enhancing Power System Cyber-Security with Systematic
Two-Stage Detection Strategy," IEEE Trans. Power Syst., vol. 35, no. 2, pp. 1549–1561,
2020, DOI: 10.1109/TPWRS.2019.2942333.
[59] M. Attia, S. Mohammed, H. Sedjelmaci, E. Aglzim, and D. Chrenko, "An efficient
Intrusion Detection System against cyber-physical attacks in the smart grid ☆," Comput.
Electr. Eng., vol. 68, no. May, pp. 499–512, 2018, doi: 10.1016/j.compeleceng.2018.05.006.
[60] S. N. Narayanan, K. Khanna, and B. K. Panigrahi, Security in Smart Cyber-Physical
Systems : A Case Study on Smart Grids and Smart Cars. Elsevier Inc., 2019.
[61] C. Dong, X. Li, W. Jiang, Y. Mu, J. Zhao, and H. Jia, "Cyber-physical modelling
operator and multimodal vibration in the integrated local vehicle-grid electrical system,"
Appl. Energy, vol. 286, no. December 2020, p. 116432, 2021, DOI:
10.1016/j.apenergy.2021.116432.
[62] S. D. Roy and S. Debbarma, "Detection and Mitigation of Cyber-Attacks on AGC
Systems of Low Inertia Power Grid," IEEE Syst. J., vol. 14, no. 2, pp. 2023–2031, 2020,
DOI: 10.1109/JSYST.2019.2943921.
[63] T. R. Sharafeev, O. V Ju, and A. L. Kulikov, "Cyber-Security Problems in Smart Grid,"
2018 Int. Conf. Ind. Eng. Appl. Manuf., pp. 1–6, 2018.
16. [64] N. Mhaisen, N. Fetais, and A. Massoud, "Secure smart contract-enabled control of
battery energy storage systems against cyber-attacks," Alexandria Eng. J., vol. 58, no. 4, pp.
1291–1300, 2019, DOI: 10.1016/j.aej.2019.11.001.
[65] Y. Liu, H. Qin, Z. Chen, C. Shi, R. Zhang, and W. Chen, "Research on cybersecurity
defence technology of power generation acquisition terminal in new energy plant," Proc. -
IEEE Int. Conf. Energy Internet, ICEI 2019, pp. 25–30, 2019, doi: 10.1109/ICEI.2019.00011.
[66] L. Arnaboldi, R. M. Czekster, C. Morisset, and R. Metere, "Modelling Load-Changing
Attacks in Cyber-Physical Systems," Electron. Notes Theor. Comput. Sci., vol. 353, pp. 39–
60, 2020, DOI: 10.1016/j.entcs.2020.09.018.
[67] P. Matoušek, O. Ryšavý, M. Grégr, and V. ech Havlena, "Journal of Information Security
and Applications Flow-based monitoring of ICS communication in the smart grid," J. Inf.
Secure. Appl., vol. 54, 2020, DOI: 10.1016/j.jisa.2020.102535.
[68] V. S. Rajkumar, M. Tealane, and S. Alexandru, "Cyber Attacks on Protective Relays in
Digital Substations and Impact Analysis," IEEE Xplore, 2020.
[69] H. Jia, C. Shao, D. Liu, C. Singh, Y. Ding, and Y. Li, "Operating Reliability Evaluation
of Power Systems with Demand-Side Resources Considering Cyber Malfunctions," IEEE
Access, vol. 8, pp. 87354–87366, 2020, DOI: 10.1109/ACCESS.2020.2992636.
[70] H. He, S. Huang, Y. Liu, and T. Zhang, "International Journal of Electrical Power and
Energy Systems A tri-level optimization model for power grid defence with the consideration
of post-allocated D.G.s against coordinated cyber-physical attacks," Int. J. Electr. Power
Energy Syst., vol. 130, no. March, p. 106903, 2021, DOI: 10.1016/j.ijepes.2021.106903.
[71] M. Woodard, K. Marashi, S. Sedigh, and A. R. Hurson, "Survivability evaluation and
importance analysis for cyber-physical smart grids," Reliab. Eng. Syst. Saf., vol. 210, no.
January, p. 107479, 2021, DOI: 10.1016/j.ress.2021.107479.
[72] L. Li et al., "Cyberattack estimation and detection for cyber-physical power systems R,"
Appl. Math. Comput., vol. 400, p. 126056, 2021, DOI: 10.1016/j.amc.2021.126056.
[73] M. Snehi and A. Bhandari, "Vulnerability retrospection of security solutions for
software-defined Cyber-Physical System against DDoS and IoT-DDoS attacks," Comput.
Sci. Rev., vol. 40, p. 100371, 2021, DOI: 10.1016/j.cosrev.2021.100371.
[74] Q. Su, S. Li, Y. Gao, X. Huang, and J. Li, "Observer-based detection and reconstruction
of dynamic load altering attack in smart grid," J. Franklin Inst., no. XXXX, 2021, DOI:
10.1016/j.jfranklin.2021.02.008.
[75] A. Sadu, A. Jindal, G. Lipari, F. Ponci, and A. Monti, "Resilient Design of Distribution
Grid Automation System against cyber-physical attacks using Blockchain and Smart
Contract," Blockchain Res. Appl., p. 100010, 2021, DOI: 10.1016/j.bcra.2021.100010.
17. [76] X. Liu, L. Che, K. Gao, and Z. Li, "Power System Intra-Interval Operational Security
under False Data Injection Attacks," IEEE Trans. Ind. Informatics, vol. P.P., no. c, p. 1,
2020, DOI: 10.1109/TII.2019.2954350.
[77] Kaspersky, "Cyber threats for ICS in Energy in Europe. Object of research," Kaspersky
ICS CERT, pp. 1–11, 2020.
[78] H. Jia, C. Shao, S. Member, and D. Liu, "Operating Reliability Evaluation of Power
Systems With Demand-Side Resources Considering Cyber Malfunctions," IEEE Access, vol.
8, 2020, DOI: 10.1109/ACCESS.2020.2992636.
[79] T. Nguyen, S. Wang, and S. Member, "Electric Power Grid Resilience to Cyber
Adversaries : State of the Art," IEEE Access, vol. 8, 2020, DOI:
10.1109/ACCESS.2020.2993233.
[80] H. Ge, D. Yue, X. Xie, C. Dou, and S. Wang, "Security control of cyber-physical system
based on switching approach for intermittent denial-of-service jamming attack," ISA Trans.,
no. XXXX, pp. 1–9, 2019, DOI: 10.1016/j.isatra.2019.11.014.
[81] X. Li, K. W. Hedman, and S. Member, "Enhancing Power System Cyber-Security with
Systematic Two-Stage Detection Strategy," IEEE Trans. Power Syst., vol. P.P., no. c, p. 1,
2019, DOI: 10.1109/TPWRS.2019.2942333.
[82] U. Tatar, H. Bahsi, and A. Gheorghe, "Impact assessment of cyber attacks: A
quantification study on power generation systems," Syst. Syst. Eng. Conf. SoSE, 2016, DOI:
10.1109/SYSOSE.2016.7542959.
18. PROOF-OF-REPUTATION: AN ALTERNATIVE CONSENSUS MECHANISM FOR
BLOCKCHAIN SYSTEMS
Oladotun Aluko1
and Anton Kolonin2
1
Novosibirsk State University, Novosibirsk, Russia
2
Aigents Group, Novosibirsk, Russia
ABSTRACT
Blockchains combine other technologies, such as cryptography, networking, and incentive
mechanisms, to enable the creation, validation, and recording of transactions between
participating nodes. A consensus algorithm is used in a blockchain system to determine the
shared state among distributed nodes. An important component underlying any blockchain-based
system is its consensus mechanism, which principally determines the performance and security
of the overall system. As the nature of peer-to-peer(P2P) networks is open and dynamic, the
security risk within that environment is greatly increased mostly because nodes can join and
leave the network at will. Thus, it is important to have a system that can check against malicious
behaviour. In this work, we propose a reputation-based consensus mechanism for blockchain-
based systems, Proof-of-Reputation(PoR) where the nodes with the highest reputation values
eventually become part of a consensus group that determines the state of the blockchain.
KEYWORDS
Consensus Mechanism, Distributed Ledger Technology, Blockchain, Reputation System, Social
Computing.
For More Details : https://aircconline.com/ijnsa/V13N4/13421ijnsa03.pdf
Volume Link : http://airccse.org/journal/jnsa21_current.html
19. REFERENCES
[1] M. Crosby, P. Pattanayak, S. Verma, and V. Kalyanaraman. (2016) Blockchain technology:
Beyond bitcoin. [Online]. Available: https://j2-capital.com/wp-
content/uploads/2017/11/AIR- 2016-Blockchain.pdf?forcedefault=true.
[2] A. Baliga, “Understanding blockchain consensus models,” 2017.
[3] G.-T. Nguyen and K. Kim, “A survey about consensus algorithms used in blockchain,” J. Inf.
Process. Syst., vol. 14, pp. 101–128, 2018.
[4] Quantaloop.io. (2020) Types of consensus algorithms in blockchain. [Online]. Available:
https://quantaloop.io/proof-of-work-vs-proof-of-stake-101.
[5] F. Hendrikx, K. Bubendorfer, and R. Chard, “Reputation systems: A survey and taxonomy,”
Journal of Parallel and Distributed Computing, vol. 75, pp. 184–197, 2015.
[6] V. Gramoli, “From blockchain consensus back to byzantine consensus,” Future Generation
Computer Systems, vol. 107, pp. 760–769, 2020.
[7] S. Azouvi, P. McCorry, and S. Meiklejohn, “Betting on blockchain consensus with
fantomette,” arXiv preprint arXiv:1805.06786, 2018.
[8] M. S. Ferdous, M. J. M. Chowdhury, M. A. Hoque, and A. Colman, “Blockchain
consensuses algorithms: A survey,” arXiv preprint arXiv:2001.07091, 2020.
[9] L. M. Bach, B. Mihaljevic, and M. Zagar, “Comparative analysis of blockchain consensus
algorithms,” in 2018 41st International Convention on Information and Communication
Technology, Electronics and Microelectronics (MIPRO). IEEE, 2018, pp. 1545–1550.
[10] Y. Xiao, N. Zhang, W. Lou, and Y. T. Hou, “A survey of distributed consensus protocols
for blockchain networks,” IEEE Communications Surveys & Tutorials, vol. 22, no. 2, pp.
1432–1465, 2020.
[11] A. Gervais, G. O. Karame, K. Wu ̈st, V. Glykantzis, H. Ritzdorf, and S. Capkun, “On the
security and performance of proof of work blockchains,” in Proceedings of the 2016 ACM
SIGSAC conference on computer and communications security, 2016, pp. 3–16.
[12] A. Josang and R. Ismail, “The beta reputation system,” in Proceedings of the 15th bled
electronic commerce conference, vol. 5, 2002, pp. 2502– 2511.
[13] J. Weng, Z. Shen, C. Miao, A. Goh, and C. Leung, “Credibility: How agents can handle
unfair third-party testimonies in computational trust models,” IEEE Transactions on
Knowledge and Data Engineering, vol. 22, no. 9, pp. 1286–1298, 2009.
[14] S. Song, K. Hwang, R. Zhou, and Y.-K. Kwok,“Trusted p2p transactions with fuzzy
reputation aggregation,” IEEE Internet computing, vol. 9, no. 6, pp. 24–34, 2005.
20. [15] K.K.Bharadwaj and M.Y.H.Al-Shamri,“Fuzzy computational models for trust and
reputation systems,” Electronic commerce research and applications, vol. 8, no. 1, pp. 37–47,
2009.
[16] W. L. Teacy, M. Luck, A. Rogers, and N. R. Jennings, “An efficient and versatile
approach to trust and reputation using hierarchical bayesian modelling,” Artificial
Intelligence, vol. 193, pp. 149–185, 2012.
[17] M. Tavakolifard and S. J. Knapskog, “A probabilistic reputation algorithm for
decentralized multi-agent environments,” Electronic Notes in Theoretical Computer Science,
vol. 244, pp. 139–149, 2009.
[18] A. Whitby, A. Jøsang, and J. Indulska, “Filtering out unfair ratings in bayesian reputation
systems,” in Proc. 7th Int. Workshop on Trust in Agent Societies, vol. 6. Citeseer, 2004, pp.
106–117.
[19] A. Jøsang, Subjective logic. Springer, 2016.
[20] A. Jøsang and T. Bhuiyan, “Optimal trust network analysis with subjective logic,” in
2008 Second International Conference on Emerging Security Information, Systems and
Technologies. IEEE, 2008, pp. 179– 184.
[21] L. C. Freeman, “Centrality in social networks conceptual clarification,” Social networks,
vol. 1, no. 3, pp. 215–239, 1978.
[22] L. Kleinrock, R. Ostrovsky, and V. Zikas, “Proof-of-reputation blockchain with
nakamoto fallback,” in International Conference on Cryptology in India. Springer, 2020, pp.
16–38.
[23] J. Horton and J. Golden,“Reputation Inflation An Online Marketplace,” New York I, vol.
1, 2015.
[24] G. Swamynathan, K. C. Almeroth, and B. Y. Zhao, “The design of a reliable reputation
system,” Electronic Commerce Research, vol. 10, no. 3, pp. 239–270, 2010.
[25] K. Hoffman, D. Zage, and C. Nita-Rotaru, “A survey of attack and defense techniques for
reputation systems,” ACM Computing Surveys (CSUR), vol. 42, no. 1, pp. 1–31, 2009.
[26] M. Gupta, P. Judge, and M. Ammar, “A reputation system for peer-to-peer networks,” in
Proceedings of the 13th international workshop on Network and operating systems support
for digital audio and video, 2003, pp. 144–152.
[27] F. Gai, B. Wang, W. Deng, and W. Peng, “Proof of reputation: A reputation-based
consensus protocol for peer-to-peer network,” in International Conference on Database
Systems for Advanced Applications. Springer, 2018, pp. 666–681.
21. [28] J. Yu, D. Kozhaya, J. Decouchant, and P. Esteves-Verissimo,“Repucoin: Your reputation
is your power,” IEEE Transactions on Computers, vol. 68, no. 8, pp. 1225–1237, 2019.
[29] M. T. de Oliveira, L. H. Reis, D. S. Medeiros, R. C. Carrano, S. D. Olabarriaga, and D.
M. Mattos, “Blockchain reputation-based consensus: A scalable and resilient mechanism for
distributed mistrusting applications,” Computer Networks, vol. 179, p. 107367, 2020.
[30] C. Dwork, N. Lynch, and L. Stockmeyer, “Consensus in the presence of partial
synchrony,” Journal of the ACM (JACM), vol. 35, no. 2, pp. 288–323, 1988.
[31] G. Chalkiadakis, E. Elkind, and M. Wooldridge, “Computational aspects of cooperative
game theory,” Synthesis Lectures on Artificial Intelligence and Machine Learning, vol. 5, no.
6, pp. 1–168, 2011.
[32] P. Berman, J. A. Garay, K. J. Perry et al., “Towards optimal distributed consensus,” in
FOCS, vol. 89. Citeseer, 1989, pp. 410–415.
[33] L. Xiong and L. Liu, “Peertrust: Supporting reputation-based trust for peer-to-peer
electronic communities,” IEEE transactions on Knowledge and Data Engineering, vol. 16,
no. 7, pp. 843–857, 2004.
[34] A. Kolonin and S. SingularityNET, “Reputation systems for human-computer
environments,” Complexity, Informatics and Cybernetics, 2019.
[35] A. Kolonin, B. Goertzel, D. Duong, and M. Ikle, “A reputation system for artificial
societies,” arXiv preprint arXiv:1806.07342, 2018.
[36] I. Eyal and E. G. Sirer, “Majority is not enough: Bitcoin mining is vulnerable,” in
International conference on financial cryptography and data security. Springer, 2014, pp.
436–454.
[37] C. Grunspan and R. Perez-Marco, “On profitability of selfish mining,” arXiv preprint
arXiv:1805.08281, 2018.
[38] K. A. Negy, P. R. Rizun, and E. G. Sirer, “Selfish mining re-examined,” in International
Conference on Financial Cryptography and Data Security. Springer, 2020, pp. 61–78.
[39] E. Heilman, A. Kendler, A. Zohar, and S. Goldberg, “Eclipse attacks on bitcoin’s peer-to-
peer network,” in 24th {USENIX} Security Symposium ({USENIX} Security 15), 2015, pp.
129–144.
[40] J. Bonneau, "Why Buy When You Can Rent?" in International Conference on Financial
Cryptography and Data Security. Springer, 2016, pp. 19–26.
22. AUTHORS
Oladotun Aluko received his BSc(2017) in Computer Science and
Engineering from Obafemi Awolowo University, Nigeria. He is currently
working on his MSc in Big Data Analytics and Artificial Intelligence at
Novosibirsk State University, Novosibirsk, Russia. His research interests are
in Distributed Computing, Blockchain Technology, Machine Learning and
Cloud Databases.
Anton Kolonin received his PhD in 1998 after he independently developed a
software-algorithmic complex for processing geophysical data, introduced into
production in many CIS countries. He has also participated as a leader or lead
architect in many projects to develop algorithms and software, including those
related to the use of AI, including the recognition of static text, moving
objects, music, extracting information from texts and identifying events on
financial markets – in Russian and foreign companies. Since 2017, he has also
been a software architect for AI and blockchain in the Singularity NET
project, leading projects on unsupervised language learning and reputation
systems.
23. EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS
ATTACK STRATEGIES
Iyas Alodat
Department of Computer and Information System, Jerash University, Jerash, Jordan
ABSTRACT
In this paper, we examined the effect on network performance of the various strategies an
attacker could adopt to launch Man-In The Middle (MITM) attacks on the wireless network,
such as fleet or random strategies. In particular, we're focusing on some of those goals for MITM
attackers - message delay, message dropping. According to simulation data, these attacks have a
significant effect on legitimate nodes in the network, causing vast amounts of infected packets,
end-to-end delays, and significant packet loss.
KEYWORDS
Wireless Network, Mobile Network, security; Man-In-The-Middle Attack; smart cities;
simulation; Intelligent Transportation System; Internet-of-Things.
For More Details : http://aircconline.com/ijnsa/V13N3/13321ijnsa02.pdf
Volume Link : http://airccse.org/journal/jnsa21_current.html
24. REFERENCES
[1] Burchfiel, J., Tomlinson, R., & Beeler, M. (1975, May). Functions and structure of a packet
radio station. In Proceedings of the May 19-22, 1975, national computer conference and
exposition (pp. 245-251).
[2] Toor, Y., Muhlethaler, P., Laouiti, A., & De La Fortelle, A. (2008). Vehicle ad hoc networks:
Applications and related technical issues. IEEE communications surveys & tutorials, 10(3),
74-88.
[3] Bauwens, J., Jooris, B., Giannoulis, S., Jabandžić, I., Moerman, I., & De Poorter, E. (2019).
Portability, compatibility and reuse of MAC protocols across different IoT radio platforms.
Ad Hoc Networks, 86, 144-153.
[4] Chaqfeh, M.; Lakas, A. A Novel Approach for Scalable Multi-hop Data Dissemination in
Vehicular Ad Hoc Networks. Ad Hoc Netw. 2016, 37, 228–239
[5] Shi, Y., Ross, A., & Biswas, S. (2018). Source identification of encrypted video traffic in the
presence of heterogeneous network traffic. Computer Communications, 129, 101-110.
[6] Williams, R., Samtani, S., Patton, M., & Chen, H. (2018, November). Incremental hacker
forum exploit collection and classification for proactive cyber threat intelligence: An
exploratory study. In 2018 IEEE International Conference on Intelligence and Security
Informatics (ISI) (pp. 94-99). IEEE.
[7] Wang, J., Juarez, N., Kohm, E., Liu, Y., Yuan, J., & Song, H. (2019, April). Integration of
SDR and UAS for malicious Wi-Fi hotspots detection. In 2019 Integrated Communications,
Navigation and Surveillance Conference (ICNS) (pp. 1-8). IEEE.
[8] Phung, C. V., Dizdarevic, J., Carpio, F., & Jukan, A. (2019, May). Enhancing rest http with
random linear network coding in dynamic edge computing environments. In 2019 42nd
International Convention on Information and Communication Technology, Electronics and
Microelectronics (MIPRO) (pp. 435-440). IEEE.
[9] AMIR, A. Z. B. (2018). A study on Rogue Wireless Devices with Detection of Mousejack
Attacks and Vulnerabilities.
[10] Vanhoef, M., Bhandaru, N., Derham, T., Ouzieli, I., & Piessens, F. (2018, June).
Operating channel validation: preventing Multi-Channel Man-in-the-Middle attacks against
protected Wi-Fi networks. In Proceedings of the 11th ACM Conference on Security &
Privacy in Wireless and Mobile Networks (pp. 34-39).
[11] Chittamuru, S. V. R., Thakkar, I. G., Pasricha, S., Vatsavai, S. S., & Bhat, V. (2020).
Exploiting Process Variations to Secure Photonic NoC Architectures from Snooping Attacks.
IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.
[12] Rupprecht, D., Kohls, K., Holz, T., & Pöpper, C. (2019, May). Breaking LTE on layer
two. In 2019 IEEE Symposium on Security and Privacy (SP) (pp. 1121-1136). IEEE.
25. [13] Ullas, S. U., & Sandeep, J. (2019). Reliable Monitoring Security System to Prevent MAC
Spoofing in Ubiquitous Wireless Network. In Advances in Big Data and Cloud Computing
(pp. 141-153). Springer, Singapore.
[14] Maithili, K., Vinothkumar, V., & Latha, P. (2018). Analyzing the security mechanisms to
prevent unauthorized access in cloud and network security. Journal of Computational and
Theoretical Nanoscience, 15(6-7), 2059-2063.
[15] Tochner, S., Zohar, A., & Schmid, S. (2020, October). Route Hijacking and DoS in Off-
Chain Networks. In Proceedings of the 2nd ACM Conference on Advances in Financial
Technologies (pp. 228-240).
[16] Alharthi, D. N., Hammad, M. M., & Regan, A. C. (2020, March). A taxonomy of social
engineering defense mechanisms. In Future of Information and Communication Conference
(pp. 27-41). Springer, Cham.
[17] Metz, L. A. E. P. (2020). An evaluation of unity ML-Agents toolkit for learning boss
strategies (Doctoral dissertation).
[18] Shringarputale, S., McDaniel, P., Butler, K., & La Porta, T. (2020, November). Co-
residency Attacks on Containers are Real. In Proceedings of the 2020 ACM SIGSAC
Conference on Cloud Computing Security Workshop (pp. 53-66).
[19] Xia, W., Cong, W., Wei, Y., & Li, C. (2020). Critical angle of attack and the
corresponding impact cavity for non-circuitous trajectory of water entry of circular cylinder.
Applied Ocean Research, 103, 102322.
[20] Huang, Y., Kuo, H. K., Thomas, S., Kons, Z., Audhkhasi, K., Kingsbury, B., ... &
Picheny, M. (2020, May). Leveraging unpaired text data for training end-to-end speech-to-
intent systems. In ICASSP 2020-2020 IEEE International Conference on Acoustics, Speech
and Signal Processing (ICASSP) (pp. 7984-7988). IEEE.
[21] Verma, S., Hamieh, A., Huh, J. H., Holm, H., Rajagopalan, S. R., Korczynski, M., &
Fefferman, N. (2016, August). Stopping amplified dns ddos attacks through distributed query
rate sharing. In 2016 11th International Conference on Availability, Reliability and Security
(ARES) (pp. 69-78). IEEE.
[22] A. Guruswamy, R. S. Blum, S. Kishore and M. Bordogna, “On the Optimum Design of
L-Estimators for Phase Offset Estimation in IEEE 1588,” IEEE Transactions on
Communications, Vol. 63 , No. 9, pp. 5101 – 5115, Dec. 2015.
[23] Karthik, A. K., & Blum, R. S. (2016). Estimation theory based robust phase offset
estimation in the presence of delay attacks. arXiv preprint arXiv:1611.05117.
[24] Tsigkari, D., & Spyropoulos, T. (2020). An approximation algorithm for joint caching
and recommendations in cache networks. arXiv preprint arXiv:2006.08421.
26. [25] Stricot-Tarboton, S.; Chaisiri, S.; Ko, R.K.L. Taxonomy of Man-in-the-Middle Attacks
on HTTPS. In Proceedings of the 2016 IEEE Trustcom/BigDataSE/ISPA, Tianjin, China,
23–26 August 2016; pp. 527–534. [CrossRef]
[26] Chen, Z.; Guo, S.; Duan, R.; Wang, S. Security Analysis on Mutual Authentication
against Man-in-the-Middle Attack. In Proceedings of the First International Conference on
Information Science and Engineering, Nanjing, China, 26–28 December 2009; pp. 1855–
1858. [CrossRef]
[27] Conti, M.; Dragoni, N.; Lesyk, V. A Survey of Man In The Middle Attacks. IEEE
Commun. Surv. Tutor. 2016, 18, 2027–2051. [CrossRef]
[28] Glass, S.M.; Muthukkumarasamy, V.; Portmann, M. Detecting Man-in-the-Middle and
Wormhole Attacks in Wireless Mesh Networks. In Proceedings of the International
Conference on Advanced Information Networking and Applications, Bradford, UK, 26–29
May 2009; pp. 530–538.
[29] Kaplanis, C. Detection and Prevention of Man in the Middle Attacks in Wi-Fi
Technology. Master’s Thesis, Aalborg University, Aalborg, Denmark, 2015.
27. USE OF MARKOV CHAIN FOR EARLY DETECTING DDOS ATTACKS
Chin-Ling Chen1
and Jian-Ming Chen2
1
Department of Information Management, National Pingtung University, Pingtung, Taiwan 900
2
Genesis Technology, Inc., HsinChu, Taiwan 300
ABSTRACT
DDoS has a variety of types of mixed attacks. Botnet attackers can chain different types of
DDoS attacks to confuse cybersecurity defenders. In this article, the attack type can be
represented as the state of the model. Considering the attack type, we use this model to calculate
the final attack probability. The final attack probability is then converted into one prediction
vector, and the incoming attacks can be detected early before IDS issues an alert. The experiment
results have shown that the prediction model that can make multi-vector DDoS detection and
analysis easier.
KEYWORDS
DDoS, attack detection, Markov chain, TCP SYN flood, ICMP flood, HTTP flood, LAND, UDP
flood.
For More Details : https://aircconline.com/ijnsa/V13N4/13421ijnsa01.pdf
Volume Link : https://airccse.org/journal/jnsa21_current.html
28. REFERENCES
[1] Karras, D. A. &Zorkadis,V. C. (2008) “On efficient security modelling of complex
interconnected communication systems based on Markov Processes,” 2008 New
Technologies, Mobility and Security, pp1-7.
[2] Zhai, J., Liu, G.& Dai, Y. (2010) “A covert channel detection algorithm based on TCP
Markov model,” 2010 International Conference on Multimedia Information Networking and
Security, pp893-897.
[3] Abdulmunem, A.-S. M. Q.&Kharchenko, V. S. (2016) “Availability and security assessment
of smart building automation systems: combining of attack tree analysis and Markov
models,” 2016 Third International Conference on Mathematics and Computers in Sciences
and in Industry (MCSI), pp302-307.
[4] Kolisnyk, M.,Kharchenko, V.&Iryna, P. (2019) “IoTserver availability consideringDDoS-
attacks: analysis of prevention methods and Markov model,” 2019 10th International
Conference on Dependable Systems, Services and Technologies (DESSERT).
[5] Shing, M. -L.&Shing, C. -C. (2010) “Information security risk assessment using Markov
models,” 2010 Third International Symposium on Electronic Commerce and Security,
pp403-406.
[6] Cao,L. -C. (2007) “A high-efficiency intrusion prediction technology based on Markov
Chain,” 2007 International Conference on Computational Intelligence and Security
Workshops (CISW 2007), pp518-521.
[7] Le,N. T.& Hoang,D. B. (2018) “Security threat probability computation using Markov Chain
and common vulnerability scoring system,” 2018 28th International Telecommunication
Networks and Applications Conference (ITNAC), pp1-6.
[8] Wang, C., Shi, C., Wang, C.& Fu,Y. (2016) “An analyzing method for computer network
security based on Markov game model,” 2016 IEEE Advanced Information Management,
Communicates, Electronic and Automation Control Conference (IMCEC), pp454-458.
[9] Miehling, E., Rasouli, M.&Teneketzis, D. (2017) “A dependency graph formalism for the
dynamic defense of cyber networks,” 2017 IEEE Global Conference on Signal and
Information Processing (GlobalSIP), pp511-512.
[10] Zheng, J.&Namin,A. S. (2018) “Defending SDN-based IoTnetworks againstDDoSattacks
using Markov Decision Process,” 2018 IEEE International Conference on Big Data (Big
Data), pp4589-4592.
[11] Kuang, G. C., Wang, X. F.& Yin, L. R. (2012) “A fuzzy forecast method for network
security situation based on Markov,” 2012 International Conference on Computer Science
and Information Processing (CSIP), pp785-789.
29. [12] Sun, S. (2015) “The research of the network security situation prediction mechanism
based on the complex network,” 2015 International Conference on Computational
Intelligence and Communication Networks (CICN), pp1183-1187.
[13] C. Zhou, S. Huang, N. Xiong, S. -H. Yang, H. Li, Y. Qin & X. Li, (2015) “Design and
analysis of multimodel-based anomaly intrusion detection systems in industrial process
automation,” IEEE Transactions on Systems, Man, and Cybernetics: Systems, 2015, Vol.45,
No.10, pp1345-1360.
[14] Teoh, T. T., Nguwi, Y. Y., Elovici, Y., Cheung, N. M.& Ng, W. L. (2017) “Analyst
intuition based Hidden Markov Model on high speed, temporal cyber security big data,”
2017 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge
Discovery (ICNC-FSKD), pp2080-2083.
[15] Holgado, P., Villagrá, V. A.& Vázquez, L. (2020) “Real-time multistep attack prediction
based on Hidden Markov Models,” IEEE Transactions on Dependable and Secure
Computing, 2020, Vol.17, No.1.
30. AUTHORS
Chin-Ling Chen received the BS degree from National Taiwan University in
1988, the Master degree in Management Information System from the
University of Wisconsin, Milwaukee, in 1992, and the Ph.D. degree in
Information Management from National Taiwan University of Science and
Technology, 1999. Since the spring of 1999, he has joined the faculty of the
Department of Information Management at National Pingtung University,
Taiwan. His research interests include Internet QoS, network technology, and
network security. He is a member of IEICE.
Jian-Ming Chen received his master’s degree in Information Management
from National Pingtung University, 2019. Currently, he is a software
engineer of Genesis Technology, Inc, Hsinchu, Taiwan.
31. A CONCEPTUAL SECURE BLOCKCHAIN-BASED ELECTRONIC
VOTING SYSTEM
Ahmed Ben Ayed
Department of Engineering and Computer Science, Colorado Technical University, Colorado
Springs, Colorado, USA
ABSTRACT
Blockchain is offering new opportunities to develop new types of digital services. While research
on the topic is still emerging, it has mostly focused on the technical and legal issues instead of
taking advantage of this novel concept and creating advanced digital services. In this paper, we
are going to leverage the open source Blockchain technology to propose a design for a new
electronic voting system that could be used in local or national elections. The Blockchain-based
system will be secure, reliable, and anonymous, and will help increase the number of voters as
well as the trust of people in their governments.
KEYWORDS
Blockchain, Electronic Voting System, e-Voting, I-Voting, iVote
For More Details : https://aircconline.com/ijnsa/V9N3/9317ijnsa01.pdf
Volume Link : http://airccse.org/journal/jnsa17_current.html
32. REFERENCES
[1] Madise, Ü. Madise and T. Martens, “E-voting in Estonia 2005. The first practice of country-
wide binding Internet voting in the world.”,Electronic voting, 2nd International Workshop,
Bregenz, Austria,(2006) August 2-4.
[2] J. Gerlach and U. Grasser, “Three Case Studies from Switzerland: E-voting”, Berkman
Center Research Publication, (2009).
[3] I. S. G. Stenerud and C. Bull, “When reality comes knocking Norwegian experiences with
verifiable electronic voting”, Electronic Voting. Vol. 205. (2012), pp. 21-33.
[4] C. Meter and A. Schneider and M. Mauve, “Tor is not enough: Coercion in Remote
Electronic Voting Systems. arXiv preprint. (2017).
[5] D. L. Chaum, “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms”,
Communication of the ACM. Vol. 24(2). (1981), pp. 84-90.
[6] T. ElGamal, “A public Key Cryptosystem and a Signature Scheme Based on Discrete
Logarithms”, IEEE Trans. Info. Theory. Vol. 31. (1985), pp. 469-472.
[7] S. Ibrahim and M. Kamat and M. Salleh and S. R. A. Aziz, “Secure E-Voting with Blind
Signature”, Proceeding of the 4th National Conference of Communication Technology,
Johor, Malaysia, (2003) January 14-15.
[8] J. Jan and Y. Chen and Y. Lin, “The Design of Protocol for e-Voting on the Internet”,
Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security
Technology, London, England, (2001) October 16-19.
[9] D. L. Dill and A.D. Rubin, “E-Voting Security”, Security and Privacy Magazine, Vol. 2(1).
(2004), pp. 22-23.
[10] D. Evans and N. Paul, “Election Security: Perception and Reality”. IEEE Privacy Magazine,
vol. 2(1). (2004), pp. 2-9.
[11] Trueb Baltic, “Estonian Electronic ID – Card Application Specification Prerequisites to the
Smart Card Differentiation to previous Version of EstEID Card Application.”
http://www.id.ee/public/TBSPEC-EstEID-Chip-App-v3_5-20140327.pdf
[12] Cybernetica. “Internet Voting Solution.”
https://cyber.ee/uploads/2013/03/cyber_ivoting_NEW2_A4_web.pdf.
[13] D. Springall, T. Finkenauer, Z. Durumeric, J. Kitcat, H. Hursti, M. MacAlpine, and J. A.
Halderman, “Security Analysis of the Estonian Internet Voting System.” Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications Security. (2014), pp.
703-715.
33. [14] Ministry of Local Government and Modernisation. “Internet Voting Pilot to be
Discontinued.” https://www.regjeringen.no/en/aktuelt/Internet-voting-pilot-to-be-
discontinued/id764300/
[15] J. A. Halderman, and V. Teague, “The New South Wales iVote System: Security Failures
and Verifications Flaws in a Live Online Election.” International Conference on E-Voting
and Identity. (2015), pp. 35-53.
[16] S. Wolchok, E. Wustrow, D. Isabel, J. A. Halderman, “Attacking the Washington, DC
Internet Voting System.” International Conference on Financial Cryptography and Data
Security (2012), pp. 114-128.
[17] National Institute of Standards and Technology, “Federal Information Processing Standards
Publication”, (2012).
[18] S. Nakamoto, “A Peer-to-Peer Electronic Cash System”, (2008).
[19] F. Reid and M. Harrigan, “An Analysis of Anonymity in the Bitcoin System”, Security and
Privacy in Social Networks. (2013), pp. 1-27.
[20] S. Raval, “Decentralized Applications: Harnessing Bitcoin’s Blockchain Technology.”
O’Reilly Media, Inc. Sebastopol, California (2016).
[21] J. R. Douceur, “The Sybil Attack”, International Workshop on Peer-to-Peer Systems, (2002),
pp. 251-260.
34. AUTHORS
Ahmed Ben Ayed, has received his Bachelor of Science in Computer Information Systems,
Master of Science in Cyber Security and Information Assurance, and currently a doctoral student
at Colorado Technical University, and an Adjunct Professor at California Takshila University.
His research interests are Android Security, Pattern Recognition of Malicious Applications,
Machine Learning, Cryptography, Information & System Security and Cyber Security.
35. A LITERATURE SURVEY AND ANALYSIS ON SOCIAL ENGINEERING DEFENSE
MECHANISMS AND INFOSEC POLICIES
Dalal Alharthi and Amelia Regan
Department of Computer Science, University of California Irvine, Irvine, California
ABSTRACT
Social engineering attacks can be severe and hard to detect. Therefore, to prevent such attacks,
organizations should be aware of social engineering defense mechanisms and security policies.
To that end, the authors developed a taxonomy of social engineering defense mechanisms,
designed a survey to measure employee awareness of these mechanisms, proposed a model of
Social Engineering InfoSec Policies (SE-IPs), and designed a survey to measure the
incorporation level of these SE-IPs. After analyzing the data from the first survey, the authors
found that more than half of employees are not aware of social engineering attacks. The paper
also analyzed a second set of survey data, which found that on average, organizations
incorporated just over fifty percent of the identified formal SE-IPs. Such worrisome results show
that organizations are vulnerable to social engineering attacks, and serious steps need to be taken
to elevate awareness against these emerging security threats.
KEYWORDS
Cybersecurity, Social Engineering, Employee Awareness, Defense Mechanisms, Security
Policies
For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa04.pdf
Volume Link : http://airccse.org/journal/jnsa21_current.html
36. REFERENCES
[1] S. D. Applegate, Social engineering: hacking the wetware! Information Security Journal: A
Global Perspective 18 (1) (2009) 40–46.
[2] C. Hadnagy, Social engineering: The art of human hacking, John Wiley & Sons, 2010.3. A.
Berg, Cracking a social engineer, [online]. lan times (1995).
[3] A. Berg, Cracking a social engineer, [online]. lan times (1995).
[4] T. Greening, Ask and ye shall receive: a study in social engineering, ACM SIGSAC Review
14 (2) (1996) 8–14.
[5] A. Karakasiliotis, S. Furnell, M. Papadaki, Assessing end-user awareness of social
engineering and phishing.
[6] M. Workman, A test of interventions for security threats from social engineering,
Information Management & Computer Security 16 (5) (2008) 463–483.
[7] G. L. Orgill, G. W. Romney, M. G. Bailey, P. M. Orgill, The urgency for effective user
privacy-education to counter social engineering attacks on secure computer systems, in:
Proceedings of the 5th conference on Information technology education, ACM, 2004, pp.
177–181
[8] T. Bakhshi, M. Papadaki, S. Furnell, A practical assessment of social engineering
vulnerabilities., in: HAISA, 2008, pp. 12–23.
[9] F. Mouton, M. M. Malan, L. Leenen, H. S. Venter, Social engineering attack
framework, in: 2014 Information Security for South Africa, IEEE, 2014, pp. 1–9.
[10] R. Kalnin,š, J. Purin,š, and G. Alksnis, “Security evaluation of wireless network access
points,” Applied Computer Systems, vol. 21, no. 1, pp.38–45, 2017.
[11] D. N. Alharthi, M. M. Hammad, and A. C. Regan, “A taxonomy of social engineering
defense mechanisms,” in Future of Information and Communication Conference. Springer,
2020, pp. 27–41.
[12] F. Mouton, L. Leenen, and H. S. Venter, “Social engineering attack examples, templates
and scenarios,” Computers & Security, vol. 59, pp.186–209, 2016.
[13] N. Saxena, E. Hayes, E. Bertino, P. Ojo, K.-K. R. Choo, and P. Burnap, “Impact and key
challenges of insider threats on organizations and critical businesses,” Electronics, vol. 9, no.
9, p. 1460, 2020.
[14] T. Ahmad, “Corona virus (covid-19) pandemic and work from home: Challenges of
cybercrimes and cybersecurity,” Available at SSRN3568830, 2020.
37. [15] N. Sarginson, “Securing your remote workforce against new phishing attacks,” Computer
Fraud & Security, vol. 2020, no. 9, pp. 9–12, 2020.
[16] H. Aldawood and G. Skinner, “Contemporary cyber security social engineering solutions,
measures, policies, tools and applications: Acritical appraisal,” International Journal of
Security (IJS), vol. 10, no. 1, p. 1, 2019.
[17] V. Systems, “Varonis 2019 global data risk report,” 2019.
[18] A. Yazdanmehr and J. Wang, “Employees’ information security policy compliance: A
norm activation perspective,” Decision Support Systems, vol. 92, pp. 36–46, 2016.
[19] D. N. Alharthi and A. C. Regan, “Social engineering defense mechanisms: A taxonomy
and a survey of employees’ awareness level,” in Science and Information Conference.
Springer, 2020, pp. 521–541.
[20] D. N. Alharthi and A. C. Regan, “Social engineering InfoSec Policies (SE-IPs),” in the
14th International Conference on Network Security & Applications (CNSA 2021). CICT,
2021, pp. 521–541. NIAI - 2021 pp. 57-74, 2021.
[21] H. Aldawood, G. Skinner, An academic review of current industrial and commercial
cyber security social engineering solutions, in: Proceedings of the 3rd International
Conference on Cryptography, Security and Privacy, ACM, 2019, pp. 110–115.
[22] B. M. E. Elnaim, H. A. S. W. Al-Lami, The current state of phishing attacks against
Saudi Arabia university students.
[23] C. Happ, A. Melzer, G. Steffgen, Trick with treat–reciprocity increases the willingness to
communicate personal data, Computers in Human Behavior 61 (2016) 372–377.
[24] I. Ghafir, V. Prenosil, A. Alhejailan, M. Hammoudeh, Social engineering attack
strategies and defence approaches, in: 2016 IEEE 4th International Conference onFuture
Internet of Things and Cloud (FiCloud), IEEE, 2016, pp. 145–149.
[25] M. Gupta, R. Sharman, Social network theoretic framework for organizational
socialengineering susceptibility index, AMCIS 2006 Proceedings (2006) 408.
[26] K. Parsons, D. Calic, M. Pattinson, M. Butavicius, A. McCormac, T. Zwaans, Thehuman
aspects of information security questionnaire (hais-q): two further validation studies,
Computers & Security 66 (2017) 40–51.
[27] T. Herath, H. R. Rao, Encouraging information security behaviours in organizations:
Role of penalties, pressures and perceived effectiveness, Decision Support Systems47 (2)
(2009) 154–165.
[28] J. A. Stoner, Risky and cautious shifts in group decisions: The influence of widely held
values, Journal of Experimental Social Psychology 4 (4) (1968) 442–459.
38. [29] H. Aldawood and G. Skinner, “Reviewing cyber security social engineering training and
awareness programs—pitfalls and ongoing issues,” Future Internet, vol. 11, no. 3, p. 73,
2019.
[30] K. J. Knapp, R. F. Morris Jr, T. E. Marshall, and T. A. Byrd, “Information security
policy: An organizational-level process model,” computers &security, vol. 28, no. 7, pp.
493–508, 2009.
[31] C. Senarak, “Port cybersecurity and threat: A structural model for prevention and policy
development,” The Asian Journal of Shipping and Logistics, 2020.
[32] A. Karakasiliotis, S. Furnell, and M. Papadaki, “Assessing end-user awareness of social
engineering and phishing,” 2006.
[33] L. Li, W. He, L. Xu, I. Ash, M. Anwar, and X. Yuan, “Investigating the impact of
cybersecurity policy awareness on employees’ cybersecurity behavior,” International Journal
of Information Management, vol. 45, pp. 13–24, 2019.
[34] M. Siponen, M. A. Mahmood, and S. Pahnila, “Employees’ adherence to information
security policies: An exploratory field study,” Information& management, vol. 51, no. 2, pp.
217–224, 2014.
[35] F. Bélanger, S. Collignon, K. Enget, and E. Negangard, “Determinants of early
conformance with information security policies,” Information& Management, vol. 54, no. 7,
pp. 887–901, 2017.
[36] K.-c. Chang and Y. M. Seow, “Effects of it-culture conflict and user dissatisfaction on
information security policy non-compliance: A sense-making perspective,” 2014.
[37] F. Hadi, M. Imran, M. H. Durad, and M. Waris, “A simple security policy enforcement
system for an institution using sdn controller,” in 2018 15th International Bhurban
Conference on Applied Sciences and Technology (IBCAST). IEEE, 2018, pp. 489–494.
[38] V. D. Soni, “Disaster recovery planning: Untapped success factor in an organization,”
Available at SSRN 3628630, 2020.
[39] J. Horney, M. Nguyen, D. Salvesen, O. Tomasco, and P. Berke, “Engaging the public in
planning for disaster recovery,” International journal of disaster risk reduction, vol. 17, pp.
33–37, 2016.
[40] F. Salahdine and N. Kaabouch, “Social engineering attacks: A survey,” Future Internet,
vol. 11, no. 4, p. 89, 2019.
[41] C. Okoli, K. Schabram, A guide to conducting a systematic literature review of
information systems research.
39. [42] NCSC, National Cybersecurity Centre (Accessed 2019). Link
[43] S. Inc., Surveymonkey (Accessed 2019). Link
[44] Stats, “Saudi general authority for statistics,” Accessed 2020. [Online]. Available:
https://www.stats.gov.sa/
[45] Statista, “Statista,” Accessed 2020. [Online]. Available: https://www.statista.com/
[46] C. Bronk and E. Tikk-Ringas, “The cyber-attack on Saudi Aramco,” Survival, vol. 55,
no. 2, pp. 81–96, 2013.
[47] D. D. Cheong, “Cyberattacks in the gulf: lessons for active defence,” 2012.
[48] S. S. Basamh, H. Qudaih, and J. B. Ibrahim, “An overview on cybersecurity awareness
in Muslim countries,” International Journal of Information and Communication Technology
Research, 2014.
[49] ITU, “Committed to connecting the world,” Accessed 2020. [Online]. Available:
https://www.itu.int/en/Pages/default.aspx
[50] T. McClelland, “The insider’s view of a data breach-how policy, forensics, and
attribution apply in the real world,” 2018.
[51] R. Bhor and H. Khanuja, “Analysis of web application security mechanism and attack
detection using vulnerability injection technique,” in 2016 International Conference on
Computing Communication Control and automation (ICCUBEA). IEEE, 2016, pp. 1–6.
[52] J. Saleem and M. Hammoudeh, “Defense methods against social engineering attacks,” in
Computer and network security essentials. Springer, 2018, pp. 603–618.
40. AUTHORS
Dalal Alharthi is a Ph.D. Candidate in Computer Science at the University
of California, Irvine. She is also a Resident Engineer at Palo Alto Networks
and a Senior Prisma Cloud Consultant at Dell. She is equipped with 12+
years of work experience between academia and industry. Her research
interests are in the field of Cybersecurity, Network Security, Cloud Security,
Privacy, Human-Computer Interaction (HCI), and Artificial Intelligence
(AI).
Amelia Regan received a BAS in Systems Engineering from the University
of Pennsylvania, an MS degree in Applied Mathematics from Johns Hopkins
University, and an MSE degree and Ph.D. degree at the University of Texas.
She is a Professor of Computer Science at the University of California,
Irvine. Her research interests include network optimization, cyber-physical
transportation systems, machine learning tools for temporal-spatial data
analysis, and cybersecurity.
41. COMPARISON OF MALWARE CLASSIFICATION METHODS USING CONVOLUTIONAL
NEURAL NETWORK BASED ON API CALL STREAM
Matthew Schofield1
, Gulsum Alicioglu2
, Bo Sun1
, Russell Binaco1
, Paul Turner1
, Cameron
Thatcher1
, Alex Lam1
and Anthony Breitzman1
1
Department of Computer Science, Rowan University, Glassboro, New Jersey, USA
2
Department of Electrical and Computer Engineering, Rowan University, Glassboro, New
Jersey, USA
ABSTRACT
Malicious software is constantly being developed and improved, so detection and classification
of malwareis an ever-evolving problem. Since traditional malware detection techniques fail to
detect new/unknown malware, machine learning algorithms have been used to overcome this
disadvantage. We present a Convolutional Neural Network (CNN) for malware type
classification based on the API (Application Program Interface) calls. This research uses a
database of 7107 instances of API call streams and 8 different malware types:Adware, Backdoor,
Downloader, Dropper, Spyware, Trojan, Virus,Worm. We used a 1-Dimensional CNN by
mapping API calls as categorical and term frequency-inverse document frequency (TF-IDF)
vectors and compared the results to other classification techniques.The proposed 1-D CNN
outperformed other classification techniques with 91% overall accuracy for both categorical and
TFIDF vectors.
KEYWORDS
Convolutional Neural Network, Malware Classification, N-gram Analysis, Term Frequency-
Inverse Document Frequency Vectors, Windows API Calls.
For More Details : https://aircconline.com/ijnsa/V13N2/13221ijnsa01.pdf
Volume Link : http://airccse.org/journal/jnsa21_current.html
42. REFERENCES
[1] Daniel Gibert, Carles Mateu, & Jordi Planes, (2020) “The rise of machine learning for
detection and classification of malware: Research developments, trends and challenges”,
Journal of Network and Computer Applications. 10.1016/j.jnca.2019.102526.
[2] Zahra Bazrafshan, Hashem Hashemi, Fard Hazrati, Mehdi Seyed, & Ali Hamzeh, (2013) “A
survey on heuristic malware detection techniques”, 2013 5th Conference on Information and
Knowledge Technology. 113-120. 10.1109/IKT.2013.6620049.
[3] Jyoti Landage, & M. P. Wankhade, (2013) “Malware and Malware Detection Techniques : A
Survey”, International journal of engineering research and technology, 2.
[4] DainiusCeponis, & Nikolaj Goranin,(2019) “Evaluation of Deep Learning Methods
Efficiency for Malicious and Benign System Calls Classification on the AWSCTD”,Security
and Communication Networks,2317976:1-2317976:12.
[5] SerifBahtiyar, Mehmet BarisYaman, & Can Yilmaz Altinigne, (2019)“A multi-dimensional
machine learning approach to predict advanced malware”, Comput. Networks, 160,118-129.
[6] GyuwanKim, Hayoon Yi, JanghoLee, YunheungPaek, & Sungroh Yoon, (2016) “LSTM-
Based System-Call Language Modeling and Robust Ensemble Method for Designing Host-
Based Intrusion Detection Systems”, ArXiv, abs/1611.01726.
[7] AhmetYazi, Ferhat Ozgur Catak,& EnsarGul,(2019) “Classification of Methamorphic
Malware with Deep Learning (LSTM)”,10.1109/SIU.2019.8806571.
[8] Ferhat OzgurCatak,&AhmetYazi,(2019) “A Benchmark API Call Dataset for Windows PE
MalwareClassification”, https://arxiv.org/abs/1905.01999.
[9] EslamAmer,&Ivan Zelinka,(2020) “A dynamic Windows malware detection and prediction
method based on contextual understanding of API call sequence”, Computers & Security.
10.1016/j.cose.2020.101760.
[10] YuntaoZhao, Bo Bo, Yongxin Feng, ChunYu Xu, & Bo Yu,(2019) “A feature extraction
method of hybrid gram for malicious behavior based on machine learning”, Secur. Commun.
Netw.
[11] Chang Choi, ChristianEsposito, MungyuLee, & JunhoChoi, (2019) “Metamorphic
malicious code behavior detection using probabilistic inference methods”, Cognit. Syst. Res.
56, 142–150.
[12] AsgharTajoddin, & SaeedJalili, (2018) “HM3alD: polymorphic Malware detection using
program behavior-aware hidden Markov model”, Appl. Sci. 8 (7), 1044.
[13] Matthew Schofield, Gulsum Alicioglu, Russell Binaco, Paul Turner, Cameron Thatcher,
Alex Lam & Bo Sun, (2021) “Convolutional Neural Network For Malware Classification
43. Based On API Call Sequence”, In proceedings of 2021 the 14th International Conference on
Network Security & Applications. Computer Science & Information Technology (CS & IT).
Zurich, Switzerland.
[14] Jeffrey Heer, Micheal Bostock, & Vadim Ogievetsky,(2010) “A Tour through the
Visualization Zoo”, ACM Queue, 8, 20.
[15] WeijieHan, Jingfeng Xue, YongWang, LuHuang, ZixiaoKong, & Limin Mao, (2019)
“MalDAE: Detecting and explaining malware based on correlation and fusion of static and
dynamic characteristics”, Comput. Secur., 83, 208-233.
[16] LuXiao-Feng, ZhouXiao, Jiang Fangshuo, Yi Sheng-wei,&ShaJing,(2018) “ASSCA: API
based Sequence and Statistics featuresCombinedmalwaredetectionArchitecture”,Procedia
Computer Science, 129, 248-256.
[17] MatildaRhode, Pete Burnap, & Kevin Jones, (2018) “Early Stage Malware Prediction
Using Recurrent Neural Networks”,Comput. Secur., 77,578-594.
[18] ZahraSalehi, Ashkan Sami, & Mahboobe Ghiasi, (2017) “MAAR: Robust features to
detect malicious activity based on API calls, their arguments and return values”, Eng. Appl.
Artif. Intell., 59, 93-102.
[19] MohamedBelaoued, & SmaineMazouzi, (2016) “A Chi-Square-Based Decision for Real-
Time Malware Detection Using PE-File Features”, JIPS, 12,644-660.
[20] Sanchit Gupta, Harshit Sharma, & Sarvjeet Kaur, (2016) “Malware Characterization
Using Windows API Call Sequences”,SPACE.
[21] Jixin Zhang, Zheng Qin, Hui Yin, Lu Ou, & Kehuan Zhang, (2019) “A feature-hybrid
malware variants detection using CNN based opcode embedding and BPNN based API
embedding”, Comput. Secur., 84,376-392.
[22] Tableau Software. (2020). Retrieved from www.tableau.com.
[23] Kolosnjaji Bojan, Zarras Apostolis, Webster George, & Eckert Claudia, (2016) “Deep
Learning for Classification of Malware System Call Sequences”, In: Kang B., Bai Q. (eds)
AI 2016: Advances in Artificial Intelligence. Lecture Notes in Computer Science, vol 9992.
Springer, Cham. https://doi.org/10.1007/978-3-319-50127-7_11.
[24] Catak Ferhat Ozgur, Yazı Ahmet Faruk, Elezaj Ogerta & Ahmed Javed, (2020) “Deep
learning based Sequential model for malware analysis using Windows exe API Calls”, PeerJ
Computer Science 6:e285 https://doi.org/10.7717/peerj-cs.285.
[25] Albawi Saad, Mohammad Tareq Abed, & Al-Zawi Saad, (2017), “Understanding of a
convolutional neural network”, 2017 International Conference on Engineering and
Technology (ICET), Antalya, pp. 1-6, doi: 10.1109/ICEngTechnol.2017.8308186.
44. [26] “http://alexlenail.me/NN-SVG,” 2016. (Accessed 20 December 2020).
[27] Chigozie Nwankpa, Winifred Ijomah, Anthony Gachagan, & Stephen Marshall, (2018)
“Activation Functions: Comparison of trends in Practice and Research for Deep Learning”,
ArXiv, abs/1811.03378.
[28] Yinzheng Gu, Chuanpeng Li, & Jinbin Xie, (2018) “Attention-aware Generalized Mean
Pooling for Image Retrieval”, ArXiv, abs/1811.00202.
[29] Mark Cheung, John Shi, Lavender Jiang, Oren Wright, &Jose Moura, (2019) “Pooling in
Graph Convolutional Neural Networks”, 53rd Asilomar Conference on Signals, Systems, and
Computers, 462-466.
[30] WilliamCavnar, & John Trenkle, (1994) “N-gram-based text categorization”,
Proceedings of SDAIR-94, 3rd annual symposium on document analysis and information
retrieval. Vol. 161175.
[31] Raymond Canzanese, Spiros Mancoridis, &Moshe Kam, (2015) “Run-time classification
of malicious processes using system call analysis”, 10th International Conference on
Malicious and Unwanted Software (MALWARE), Fajardo, 2015, pp. 21-28.
[32] ShahzadQaiser, & Ramsha Ali, (2018) “Text Mining: Use of TF-IDF to Examine the
Relevance of Words to Documents”, International Journal of Computer Applications, 181,
25-29.
45. AUTHORS
Matthew Schofield is currently enrolled at Rowan University pursuing his
B.S/M.S degree in Computer Science anticipating graduation in December
2021. He is currently working on his master’s thesis on Deep Reinforcement
Learning in Incentivization Systems. His research interests are in Machine
Learning and Deep Reinforcement Learning.
Gulsum Alicioglu received M.Sc. Degree in Industrial Engineering from Gazi
University, Turkey, in 2018. Currently, she is a Ph.D. candidate at the
Department of Electrical and Computer Engineering of Rowan University,
USA. Her research interests aredata visualization, machine learning, and
explainable artificial intelligence.
Bo Sun is an associate professor of Computer Science and led the project effort
of this paper.She received her B.S. in Computer Science from Wuhan
University, her M.S.in Computer Science from Lamar University, and her
Ph.D. in Modeling and Simulation from Old Dominion University. Her research
interests include Visual Analytics and Data Visualization.
Russell Binaco graduated from Rowan University with an M.S. in Computer
Science in Spring 2020. He now works as a software engineer for Innovative
Defense Technologies, and as an adjunct for Rowan University. At Rowan, he
earned undergraduate degrees in Computer Science and Electrical and
Computer Engineering. He has also been published in the Journal of the
International Neuropsychological Society for research using Machine Learning
to classify patients’ levels of cognitive decline with regards to Alzheimer’s
Disease.
Paul Turner received his B.S. in Computer Science from Rowan University in
2018 and is currently enrolled in an M.S. program at the aforementioned
University. His interests include machine learning, text mining, and cloud
computing.
Cameron Thatcher received his B.S in Computer Science from Rowan
University in 2019 and is currently pursuing his M.S. in Computer Science at
Rowan University. His research interests include Machine Learning and Data
Mining.
Alex Lam is currently attending Rowan University pursuing his B.S/M.S
degree in Computer Science and Data Analytics. He has also been published in
the 3rd ACM SIGSPATIAL International Workshop on Analytics for Local
Events and News (LENS’19) for research in identifying real-world events
using bike-sharing data.
46. Anthony Breitzman holds an M.A. in Mathematics from Temple University,
and an M.S. and Ph.D. from Drexel University. He is an associate professor of
Computer Science at Rowan University and his research interests are Data
Mining, Text Mining, Machine Learning, Algorithm Design, Convolution
Algorithms, and Number Theory.
47. CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE
LOGARITHM PROBLEM
Tuan Nguyen Kim1
, Duy Ho Ngoc2
and Nikolay A. Moldovyan3
1
Faculty of Information Technology - Duy Tan University, Da Nang 550000, Vietnam
2
Department of Information Technology, Ha Noi, Vietnam
3
St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, St.
Petersburg, Russia
ABSTRACT
It is considered a group signature scheme in frame of which different sets of signers sign
electronic documents with hidden signatures and the head of the signing group generates a group
signature of fixed size. A new mechanism for imbedding the information about signers into a
group signature is proposed. The method provides possibilities for reducing the signature size
and to construct collective signature protocols for signing groups. New group signature and
collective signature protocols based on the computational difficulty of discrete logarithm are
proposed.
KEYWORDS
Groupdigital signature, Collective digital signature, difficult computational problems, Signing
group.
For More Details : https://aircconline.com/ijnsa/V13N4/13421ijnsa02.pdf
Volume Link : http://airccse.org/journal/jnsa21_current.html
48. REFERENCES
[1] Shah F., Patel H.,“A Survey of Digital and Group Signature”, International Journal of
Computer Science and Mobile Computing, Vol.5 Issue.6, P. 274-278, (2016).
[2] Camenisch J.L., Piveteau J.M., Stadler M.A.,“Blind Signatures Based on the Discrete
Logarithm Problem”, Advances in Crypology – EUROCRYPT'94 Proc, Lecture Notes in
Computer Science. Springer Verlang, Vol. 950,P. 428–432, (1995).
[3] Moldovyan A.A., Moldovyan N.A.,“Blind Collective Signature Protocol Based on Discrete
Logarithm Problem”,Int. Journal of Network Security, Vol. 11, No. 2, P. 106–113, (2010).
[4] Qi Su, Wen-Min Li, “Improved Group Signature Scheme Based on Quantum Teleportation”,
International Journal of Theoretical Physics, Vol. 53, No. 4, P. 1208, (2016).
[5] Alamélou Q, Blazy O, Cauchie S., Gaborit Ph.,“A code-based group signature scheme”,
Designs, Codes and Cryptography, Vol. 82, No 1-2, P. 469–493, (2017).
[6] San Ling, Khoa Nguyen, Huaxiong Wang, “Group signature from lattices: simpler, tighter,
shorter, ring-based”, Proc. of 18th IACR International Conference on Practice and Theory in
Public-Key Cryptography,P.427-449, (2015).
[7] Moldovyan N.A,“Blind Signature Protocols from Digital Signature Standards”, Int. Journal
of Network Security, Vol. 13, No. 1, P. 22–30, (2011).
[8] Duy H.N., Binh D.V., Minh N.H., Moldovyan N.A. “240-bit collective signature protocol in
a non-cyclic finite group”, 2014 International conference on Advanced Technologies for
Communications (ATC),Hanoi, P. 467 – 470, (2014). (DOI 10.1109/ATC.2014.7043433)
[9] Moldovyan A.A., Moldovyan N.A., “Group signature protocol based on masking public
keys”, Quasigroups and related systems, Vol. 22, P. 133-140, (2014).
[10] Moldovyan N.A., Nguyen Hieu Minh, Dao Tuan Hung, Tran Xuan Kien,“Group
Signature Protocol Based on Collective Signature Protocol and Masking Public Keys
Mechanism”, International Journal of Emerging Technology and Advanced Engineering,
Vol. 6, Issue. 6, P. 1-5, (2016).
[11] Phong Q. Nguyen, Jiang Zhang, Zhenfeng Zhang, “Simpler efficient group signature
from lattices”, Proc. of 18th IACR International Conference on Practice and Theory in
Public-Key Cryptography, P.401-426, (2015).
[12] Berezin A. N., Moldovyan N. A., Shcherbakov V. A.,“Cryptoschemes Based on
Difficulty of Simultaneous Solving Two Different Difficult Problems”, Computer Science
Journal of Moldova, Vol. 21,No.2(62), P. 280-290, (2013).
49. AUTHORS
Tuan Nguyen Kim was born in 1969, received B.E, and M.E from Hue
University of Sciences in 1994, and Hanoi University of Technology in
1998. He has been a lecturer at Hue University since 1996. From 2011 to the
present (2021) he is a lecturer at School of Computer Science, Duy Tan
University, Da Nang, Vietnam. His main research interests include Computer
Network Technology and Information Security.
Duy Ho Ngoc was born in 1982. He received his Ph.D. in Cybersecurity in
2007 from LETI University, St. Petersburg, Russia Federation. He has
authored more than 45 scientific articles in cybersecurity.
Nikolay A. Moldovyan is an honored inventor of Russian Federation
(2002), a laboratory head at St. Petersburg Institute for Informatics and
Automation of Russian Academy of Sciences, and a Professor with the St.
Petersburg State Electrotechnical University. His research interests include
computer security and cryptography. He has authored or co-authored more
than 60 inventions and 220 scientific articles, books, and reports. He received
his Ph. D. from the Academy of Sciences of Moldova (1981).