IJCNIS Vol. 9, No. 2, Feb. 2017
Cover page and Table of Contents: PDF (size: 174KB)
Understanding logical network connectivity is essential in network topology mapping especially in a fast growing network where knowing what is happening on the network is critical for security purposes and where knowing how network resources are being used is highly important. Mapping logical communication topology is important for network auditing, network maintenance and governance, network optimization, and network security. However, the process of capturing network traffic to generate the logical network topology may have a great influence on the operation of the network. In hierarchically structured networks such as control systems, typical active network mapping techniques are not employable as they can affect time-sensitive cyber-physical processes, hence, passive network mapping is required. Though passive network mapping does not modify or disrupt existing traffic, current passive mapping techniques ignore many practical issues when used to generate logical communication topologies. In this paper, we present a methodology which compares topologies from an idealized mapping process with what is actually achievable using passive network mapping and identify some of the factors that can cause inaccuracies in logical maps derived from passively monitored network traffic. We illustrate these factors using a case study involving a hierarchical control network.[...] Read more.
The number of reported security vulnerabilities and incidents related to the industrial control systems (ICS) has increased recent years. As argued by several researchers, authorization issues and poor access control are key incident vectors. The majority of ICS are not designed security in mind and they usually lack strong and granular access control mechanisms. The attribute based access control (ABAC) model offers high authorization granularity, central administration of access policies with centrally consolidated and monitored logging properties. This research proposes to harness the ABAC model to address the present and future ICS access control challenges. The proposed solution is also implemented and rigorously tested to demonstrate the feasibility and viability of ABAC model for ICS.[...] Read more.
Steganography is the discipline of invisible communication by hiding the exchanged secret information (message) in another digital information media (image, video or audio). The existence of the message is kept indiscernible in sense that no one, other than the intended recipient, suspects the existence of the message. The majority of steganography techniques are implemented either in spatial domain or in frequency domain of the digital images while the embedded information can be in the form of plain or cipher message. Medical image steganography is classified as a distinctive case of image steganography in such a way that both the image and the embedded information have special requirements such as achieving utmost clarity reading of the medical images and the embedded messages. There is a contention between the amount of hidden information and the caused detectable distortion of image. The current paper studies the degradation of the medical image when undergoes the steganography process in the frequency domain.[...] Read more.
Smart phones have become an essential part in the life of the individuals and their priorities at the present time. The most prominent uses are in chatting and conversation applications. Most of these applications do not provide the required protection and privacy of the data exchanged between users. Yet there are very few mobile chat applications that provides an End-to-End (E2E) security and privacy-preserving service to their clients. In this paper, a secure chatting application with end to end encryption for smart phones that use the android OS has been proposed. The proposed application uses the ECDH algorithm to generate the key pair and exchange to produce the shared key that will be used for the encryption of data by symmetric algorithms. The proposed Application allows the users to communicate via text messages, voice messages, as well as exchange photos. For the text message security the standard AES algorithm with a 128 bit key is used. The generated key (160 bit) minimized to 128 bit length in order to be used by the AES algorithm. For the voice and image security processes the proposed application uses the symmetric algorithm RC4 for this purpose. RC4 provides less security than AES, but it performs faster and this is required for such types and sizes of data.[...] Read more.
For any communication to be successful, trust is necessary. For inter-cloud communication, clouds interact with each other for resource sharing. Since they are unaware of their opposite party, there should be some mechanism by which the cloud gets an idea about them prior to the communication. This is accomplished through trust management systems that calculate the trust rating of clouds from opinions from their peers. There is no way to ensure whether these peers are genuine in their opinion or not. This paper proposes a method to reduce such problems by considering the latest history of communication of a particular cloud and ignore the opinions given by less trusted clouds.[...] Read more.
This paper revisits malicious object propagation in networks using epidemic theory in such a manner that it proposes the (Pre-quarantining) of nodes in networks. This is a concept that is known by experience to be a standard disease control procedure that involves screening and quarantining of immigrants to a population. As preliminary investigation we propose the Q-SEIRS model and the more advanced Q-SEIRS-V model for malicious objects’ spread in networks. This Pre-quarantine concept addresses and implements the “assume guilty till proven innocent” slogan of the cyber world by providing a mechanism for pre-screening, isolation and treatment for incoming infected nodes. The treated nodes from the pre-quarantine compartment are sent to the recovered compartment while the free nodes join the network population. The paper also derived the reproduction number, equilibria, as well as local stability of the proposed model. Numerical methods are employed to solve the system of equations and MATLAB is used to simulate the system so as to visualize the dynamical behavior of the models. It is seen that pre-screening/pre-quarantining improves the recovery rate in relative terms.[...] Read more.
IT companies are facing many difficulties and challenges when dealing with big data. These difficulties have surfaced due to the ever-expanding amount of data generated via personal computer, mobile devices, and social network sites. The significant increase in big data has created challenges for IT companies that need to extract necessary information and knowledge. Cloud computing, with its virtualized resources usage and dynamic scalability, is broadly used in organizations to address challenges related to big data and has an important influence on business in organizations. Furthermore, big data is changing the way organizations do business. This paper proposes novel cloud architecture to decrease problems related to big data. The proposed architecture is a combination of many big data infrastructures in the creation of a service. This architecture minimizes problems related to big data by improving performance and quality of service.[...] Read more.