Vol.1 Special Issue MAY 2009

International Journal of Computer Science and Information Security

Publication May 2009, Volume 1( Download Full Journal)

Copyright © 2009 IJCSIS . This is an open access journal distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 26030906: Strategies and Performances of Soft Input Decryption

(Download PDF)

(Download Word)

Natasa Zivic ,University of Siegen, Hoelderlinstrasse 3, Siegen, Germany

Abstract:

This paper analyzes performance aspects of Soft Input Decryption and L-values. Soft Input Decryption uses L-values (soft output) of a SISO channel decoder for the correction of input of Soft Input Decryption (SID blocks) which have been modified during the transmission over a noisy channel. The algorithm, strategies and scenarios of Soft Input Decryption are described. The results of the tested performance of L-values show how many L-values are necessary for the correction of SID blocks. This number is higher than the number of wrong bits. This difference is presented. The number of L-values is estimated for different lengths of SID blocks as well as for different Eb/N0 ratios. The time performance of Soft Input Decryption depends on the used cryptographic mechanism for the verification of the cryptographic check values (digital signatures (based on Elliptic Curve Cryptography), MACs (based on CBC-DES) and H-MACs (based on SHA-1)). The combination of the performance of L-values and time performance gives an estimation, if and when Soft Input Decryption can be performed in practice. Further optimizations are outlined.

Keywords: Soft Input Decryption, SISO Channel Decoding, Joint Channel Coding and Cryptography, Digital Signatures, Elliptic Curve Cryptography.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 19030901: QoS-based Request-Routing Among Peering Content Distribution Networks (CDNs) in a Virtual Organization (VO)-Based Model

(Download PDF)

Adenike O. Osofisan, Department of Computer Science, University of Ibadan, Ibadan, Nigeria.

Sunday A. Idow, Department of Computer Science and Mathematics, Babcock University, Ilisan, Nigeria.

Abstract:

Content Distribution Networks (CDNs) have evolved as a collaborative group of networks over the Internet where Web content is distributed or replicated over surrogates’ servers for effective delivery performance to the clients. Since a CDN is limited in terms of reach and scalability due to technical and financial implications peering of CDNs via CPG becomes necessary in order to reduce expenses, avoid adverse business impact and improve users’ content access experience. However, the challenges involved in this type of arrangement include routing of clients’ requests from the primary CDN provider to peers subject to certain quality of service constraints as agreed upon in SLAs. This work will be presenting an analytical model of request routing problem among peering CDNs in a virtual organization model in terms of an optimization problem subject to certain QoS constraints(bandwidth and delay) such that the service cost is minimized and the clients access to Web content is improved. We shall show that this problem is NP-hard, and then present a simple algorithm that uses a Lagrangian relaxation as the primary relaxation to provide a lower bound for the minimization problem. Computational solutions of the problem are presented using AMPL/CPLEX in which a number of CDNs and objects are considered.

Keywords: QoS, CDN, Request routing, peering CDNs, Lagragian relaxation

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 08040909: Automatic Defect Detection And Classification Technique From Image: A Special Case Using Ceramic Tiles

(Download PDF)

G. M. Atiqur Rahaman, Computer Science and Engineering Discipline, Khulna University, Khulna 9208, Bangladesh.

Md. Mobarak Hossain, Computer Science and Engineering Department, Asian University of Bangladesh, Dhaka, Bangladesh.

Abstract:

Quality control is an important issue in the ceramic tile industry. On the other hand maintaining the rate of production with respect to time is also a major issue in ceramic tile manufacturing. Again, price of ceramic tiles also depends on purity of texture, accuracy of color, shape etc. Considering this criteria, an automated defect detection and classification technique has been proposed in this report that can have ensured the better quality of tiles in manufacturing process as well as production rate. Our proposed method plays an important role in ceramic tiles industries to detect the defects and to control the quality of ceramic tiles. This automated classification method helps us to acquire knowledge about the pattern of defect within a very short period of time and also to decide about the recovery process so that the defected tiles may not be mixed with the fresh tiles.

Keywords: Quality Control; Pattern of Defect; Defected Ceramic Tiles; Fresh Tiles

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 17040920: High Transmission Bit Rate of A thermal Arrayed Waveguide Grating (AWG) Module in Passive Optical Networks

(Download PDF)

Abd El–Naser A. Mohammed, Ahmed Nabih Zaki Rashed, Gaber E. S. M. El-Abyad and Abd El–Fattah A. Saad

Electronics and Electrical Communication Engineering Department, Faculty of Electronic Engineering, Menouf 32951, Menoufia University, EGYPT

Abstract:

In the present paper, high transmission bit rate of a thermal arrayed waveguide grating (AWG) which is composed of lithium niobate (LiNbO3)/polymethyl metha acrylate (PMMA) hybrid materials on a silicon substrate in Passive Optical Networks (PONs) has parametrically analyzed and investigated over wide range of the affecting parameters. We have theoretically investigated the temperature dependent wavelength shift of the arrayed waveguide grating (AWG) depends on the refractive-indices of the materials and the size of the waveguide. A thermalization of the AWG can be realized by selecting proper values of the material and structural parameters of the device. Moreover, we have analyzed the data transmission bit rate of a thermal AWG in passsive optical networks (PONs) based on Maximum Time Division Multiplexing (MTDM) technique.

Keywords−PONs; Arrayed waveguide gratings (AWGs); integrated optics; optical planar waveguide; optical fiber communications; MTDM technique.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 18040921: XML Data Integrity Based on Concatenated Hash Function (PUBLISHED)

(Download PDF)

Baolong Liu, School of Computing & Engineering, University of Huddersfield, Huddersfield, UK

Joan Lu, School of Computing & Engineering, University of Huddersfield, Huddersfield, UK

Jim Yip, School of Computing & Engineering, University of Huddersfield, Huddersfield, UK

Abstract:

Data integrity is the fundamental for data authentication. A major problem for XML data authentication is that signed XML data can be copied to another document but still keep signature valid. This is caused by XML data integrity protecting. Through investigation, the paper discovered that besides data content integrity, XML data integrity should also protect element location information, and context referential integrity under fine-grained security situation. The aim of this paper is to propose a model for XML data integrity considering XML data features. The paper presents an XML data integrity model named as CSR (content integrity, structure integrity, context referential integrity) based on a concatenated hash function. XML data content integrity is ensured using an iterative hash process, structure integrity is protected by hashing an absolute path string from root node, and context referential integrity is ensured by protecting context-related elements. Presented XML data integrity model can satisfy integrity requirements under situation of fine-grained security, and compatible with XML signature. Through evaluation, the integrity model presented has a higher efficiency on digest value-generation than the Merkle hash tree-based integrity model for XML data.

Keywords- Fine-grained security, XML data integrity, Digest value, Merkle hash tree, XML signature..

Other links: Huddersfield University

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 24030902: An Extensive Intrusion Detection System Incorporating an Alarm and Smoke Detector (PUBLISHED)

(Download PDF)

Awodele Oludele, Alao Olujimi, Idowu Sunday and Joshua Vincent

Computer Science and Mathematics Department, Babcock University Ilishan-Remo, Ogun state, Nigeria

Abstract:

Information security is an essential part for the successful growth and sustenance of any business organization. To secure information, certain measures must be put in place to ensure the unauthorized access to company information. Though current trends encourage the use of soft information, the use of paper cannot be completely eradicated. The security and safety of file rooms which are used for the storage of papers must be ensured by any organization. Such rooms usually contain important information that might have been uploaded into the organization’s network or those too sensitive to be put on the network. Such rooms must have both security and safety features to reduce the risk of accidents such as fires or unauthorized access of information.

Keywords: Information Security, Safety, Unauthorized Access.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 20040929: A Protocol for Secure Multi-Party Computation for Preserving Privacy during Data Mining (PUBLISHED)

(Download PDF)

Dr. Durgesh Kumar Mishra, Acropolis Institute of Technology and Research, Indore, MP, India.

Abstract:

Secure Multi-Party Computation (SMC) allows parties with similar background to compute results upon their private data, minimizing the threat of disclosure. The exponential increase in sensitive data that needs to be passed upon networked computers and the stupendous growth of internet has precipitated vast opportunities for cooperative computation, where parties come together to facilitate computations and draw out conclusions that are mutually beneficial; at the same time aspiring to keep their private data secure. These computations are generally required to be done between competitors, who are obviously weary of each-others intentions. SMC caters not only to the needs of such parties but also provides plausible solutions to individual organizations for problems like privacy-preserving database query, privacy-preserving scientific computations, privacy-preserving intrusion detection and privacy-preserving data mining. This paper presents a plain sailing yet effective approach to SMC and also lays down an aptly crafted architecture, whereby an efficient protocol, involving the parties that have come forward for joint-computations and the third party who undertakes such computations, can be developed.

Keywords : Complexity, Encryption, Decryption

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 20040930: Secure Routing Using Ant Colony Method and Link Based PRNG Algorithm (PUBLISHED)

(Download PDF)

C. Suresh Gnana Dhas, Dept. of computer Sci. and Engg., Vel Multitech SRS Engineering College, Avadi, Chennai.

Dr. R. S. Ratastogi, Faculty of and Engg. Mageth University, Gaya.

Abstract:

Soft computing is one of the emerging fields used in many application problems. This paper mainly deals with the emerging soft computing technique (i.e.) Ant colony algorithm for the optimized network routing and clustering method for the optimized network design. In the design of networks the fundamental problem is to transmit the packets of information from source node to destination node. An important part of network design is to find the best way to layout the nodes and arcs with a minimized cost between each of the path. In the Network Design stage nodes are grouped into clusters and interconnected using the Cluster Method. In the optimized routing stage the best path is selected from the designed network using the Ant Colony Soft Computing Techniques. The paper focuses on securing the path for data transmission using Link based PRNG(Pseudo Random Number Generator) algorithm.

Keywords: Soft Computing, Ant Colony Algorithm, Survivability, Clustering, Dynamic programming,. Pseudo Random Number Generator

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 20040932: A Full Image of the Wormhole Attacks :Towards Introducing Complex Wormhole Attacks in wireless Ad Hoc Networks (PUBLISHED)

(Download PDF)

Marianne Azer, Computer and Information Technology Dept. Nile University, Cairo, Egypt.

Sherif El-Kassas, Computer Science Dept. American University in Cairo, Cairo, Egypt.

Magdy El-Soudani, Electronics and Communications Dept. Faculty of Engineering, Cairo, Egypt.

Abstract:

In this paper, we are concerned of a particularly severe security attack that affects the ad hoc networks routing protocols, it is called the wormhole attack. We can think of wormhole attack as a two phase process launched by one or several malicious nodes. In the first phase, these malicious nodes, called wormhole nodes, try to lure legitimate nodes to send data to other nodes via them. In the second phase, wormhole nodes could exploit the data in variety of ways. We will introduce the wormhole attack modes and classes, and point to its impact and threat on ad hoc networks. We also analyze the wormhole attack modes from an attacker’s perspective and suggest new improvements to this type of attacks. We finally conclude this paper and present our future directions.

Keywords: attacks; ad hoc network; security; tunneling; wormhole

Other links available: Arxiv,

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 20040934: A Scalable Wireless Intrusion Detection System (PUBLISHED)

(Download PDF)

Mouhcine Guennoun, University of Ontario Institute of Technology, 2000 Simcoe Drive Street North, Oshawa, Canada, L1H 7K4 .

Khalil El-Khatib, University of Ontario Institute of Technology, 2000 Simcoe Street North, Oshawa, Canada, L1H 7K4.

Abstract:

Wireless Intrusion Detection Systems have recently gained a considerable attention in both research and industry communities due to the widespread use of Wireless Local Area Networks (WLANs). New threats and vulnerabilities specific to these networks have urged for the development of efficient systems that can meet the requirements of wireless networks. In this paper, we present a scalable architecture of wireless intrusion detection. The proposed framework is divided into several modules that collaborate between them in order to protect network resources. Sensor agents collect and analyze traffic to detect trace of signatures. Controllers are central entities that perform anomaly detection by correlating data and information sent by the wireless sensors.

Keywords: Wireless Intrusion Detection System; Anomaly Detection; Misuse Detectio; Sensors.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 21040935: Analyzing the Number of Actualized Information Security Threats (PUBLISHED)

(Download PDF)

Tero Viiru, Department of Computer Science, University of Tampere, Tampere, Finland.

Abstract:

There are several different types of information security threats. Number of actualized information security threats is a valuable indicator of information security level. It is important to understand that what is the number of actualized information security threats in the future. It is essential to know that our security countermeasures are working and the situation has maximum security.

There are no plenty of research papers about researching the number of actualized information security threats in the future. A one paper that discusses the future trends is Bassham and Polk 1999 [2]. Non-Control data attacks are discussed in the paper Chen, Xu, Sezer, Gauriar [3] and Iyer 2005. Neuman 1991 [4] discusses protecting and securing future information systems. There has not developed correctly working mathematical formula to predict the number of actualized information security threats in the future. Literature review and security evaluation offer data of the number of information security threats in the future. Result of analysis can be verified against the real number of information security threats in the future and thus it is possible to develop our understanding more precise. Point of view is not technical but to understand better the future trends of the number of actualized information security threats now and in future.

It is not reasonable try to predict precise number of actualized information security threats in the future. This has forgotten in many sciences like economics or organisation management that they believe they can predict exactly the future. There are too many not known or unmanaged variables that affect to the number of actualized information security threats. A minor adjustment can change the situation totally as Edvard Lorentz 1963 [8] has described in his paper and this phenomenon is nowadays called as ”Butterfly Effect”.

Interesting future research is to find out that what kind of information security threats there are in the future? Generating more precise mathematical formula to predict the number of information security threats can be developed. Real world situation can be simplified, modelled and understood better to have real world situation more understandable and managed.

Keywords: Information, Security, Threat, Analyze, Evaluation

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

.

Paper 21040938: Crypt Analysis hash function of Fork-1 Family (PUBLISHED)

(Download PDF)

A. Arul Lawrence selvakumar, Dr. C.Suresh Gnanadhas

CSE, Magadh University, India

Abstract:

There are various cryptographic protocols in which 160-bit message digest is required. SHA-1is the most well-known 160-bit hash function which is still used in protocols despite of its vulnerabilities against collision attacks. Lack of 160-bit hash function structures and disadvantages of truncating outputs of other secure hash functions (security problems and inefficiency) motivated us to introduce a new 160-bit hash function. In this paper, we describe our new software-efficient hash function FORK-160. Hence the name, this function uses basic design principles from the recently proposed hash function FORK-256. However, FORK-160 aims at improving FORK-256 both on security and efficiency. Most notably, FORK-160 uses more secure step function, reasonable message ordering and additive constants which make it resistant against existing cryptanalysis especially local collision attacks.

Key words: Hash function, collision attack, differential attack, FORK-256.

.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 30030907: Design and Analysis of an Attack Resilient and Adaptive Medium access Control Protocol for Computer Networks (PUBLISHED)

(Download PDF)

Piyush Kumar Shukla, Dr. S. Silakari, Dr. Sarita Singh Bhadoria

Dept. of CSE, UIT, RGTU, Bhopal, M.P., INDIA, Dept. Of EC, MITS, Gwalior, Bhopal, M.P.

Abstract:

The challenge of designing an efficient Medium Access Control (MAC) protocol and analyzing it has been an important research topic for over 30 years. This paper focuses on the performance analysis (through simulation) and modification of a well known MAC protocol CSMA/CD.The existing protocol does not consider the wastage of bandwidth due to unutilized periods of the channel. By considering this fact, performance of MAC protocol can be enhanced. The purpose of this work is to modify the existing protocol by enabling it to adapt according to state of the network. The modified protocol takes appropriate action whenever unutilized periods detected. In this way, to increase the effective bandwidth utilization and determine how it behaves under increasing load, and varying packet sizes. It will also include effects of attacks [9]i.e. Denial of service attacks, Replay Attack, Continuous Channel Access or Exhaustion attack, Flooding attack, Jamming (Radio interference) attack, Selective forwarding attack which degrade performance of MAC protocol. In Continuous Channel Access or Exhaustion attack, a malicious node disrupts the MAC protocol, by continuously requesting or transmitting over the channel. This eventually leads a starvation [10] for other nodes in the network w.r.t channel access. remedy may be the network ignores excessive requests without sending expensive radio transmissions. This limit however cannot drop below the expected maximum data rate the network has to support. This limit is usually coded into the protocol during the design phase and requires additional logic also. Repeated application of these exhaustion or collision based MAC layer attacks can lead into unfairness.

Keywords: ALOHA, backoff, collision, CSMA/CD, Ethernet, attacks

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Paper 26050949: Cryptanalysis of SDES via evolutionary computation techniques (PUBLISHED)

(ArXiV Download PDF)

(Full paper download)

Poonam Garg, Institute of Management Technology, India

Abstract - The cryptanalysis of simplified data encryption standard can be formulated as NP-Hard combinatorial problem. The goal of this paper is two fold. First we want to make a study about how evolutionary computation techniques can efficiently solve the NP-Hard combinatorial problem. For achieving this goal we test several evolutionary computation techniques like memetic algorithm, genetic algorithm and simulated annealing for the cryptanalysis of simplified data encryption standard problem (SDES). And second was a comparison between memetic algorithm, genetic algorithm and simulated annealing were made in order to investigate the performance for the cryptanalysis on SDES. The methods were tested and extensive computational results show that memetic algorithm performs better than genetic algorithms and simulated annealing for such type of NP-Hard combinatorial problem. This paper represents our first effort toward efficient memetic algorithm for the cryptanalysis of SDES.

Keywords Simplified data encryption standard, Memetic algorithm, Genetic algorithm, Simulated annealing, Key search space

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------