Fuzzing is a simple and popular technique that has been widely used to detect vulnerabilities in software. However, due to its blind mutation, fuzzing brings many limitations. First, it is difficult for fuzzing to pass the sanity checks, which makes fuzzing unable to target vulnerability or crash locations effectively. Secondly, blind mutation limits the diversity of seed generation and makes it difficult

Cost-sensitive metrics have been widely used during the past years as financial metrics that quantify the monetary costs and benefits of security investments, assess risks, and select countermeasures accordingly. However, due to the complexity of current attacks, and the level of dynamicity required in the estimation of the parameters composing the metrics, the use of a novel approach that considers

Recently, an image block encryption algorithm was proposed based on some well-known chaotic maps. The authors claim that the encryption algorithm achieves enough security level and high encryption speed at the same time. In this paper, we give a thorough security analysis on the algorithm from the perspective of modern cryptology and report some critical security defects on the algorithm. Given five

Content-based image retrieval (CBIR) retrieves desired digital images from large databases. “Content-based” means that the search analyzes the contents of the image rather than the metadata such as keywords, tags, or descriptions associated with images. It has different applications in different domains such as crime prevention, intellectual property, medical diagnosis, and face finding. Based on the

Current EDA (electronic design automation) tools are not capable to consider side-channel vulnerabilities at design time. Therefore, designers should manage such security considerations in their designs manually. One of the main reasons for this glaring shortcoming is the lack of feasible metrics to assess the immunity of various crypto-system designs against various attacks at design time. In this

Mobile spam messages have become one of the main concerns in the field of short messaging service (SMS) due to its negative impact on mobile users and networks. The current literature lacks effective solutions for this issue. In this study, the negative impacts of SMS spam were thoroughly analysed, and the existing techniques for SMS spam detection were investigated through two experiments. The first

Cost-sensitive metrics have been widely used during the past years as financial metrics that quantify the monetary costs and benefits of security investments, assess risks, and select countermeasures accordingly. However, due to the complexity of current attacks, and the level of dynamicity required in the estimation of the parameters composing the metrics, the use of a novel approach that considers

Conference Key Distribution Systems (CKDS) are well-analyzed systems for the computation and distribution of a symmetric key shared amongst a session's participants. We focus on previous CKDS with user anonymity and we propose modifications from the perspective of anonymity, dynamicity, efficiency and security crystallized in a novel CKDS design. The security of the proposed anonymous CKDS is based

Previous research demonstrated that Bluetooth Low Energy beacons enable very accurate indoor positioning. This leads to the question whether a Bluetooth Mesh network could inadvertently serve the same purpose, leading to unexpected location privacy violations. We analyze the information broadcasted by a typical Bluetooth Mesh installation and show that it can indeed be utilized by a potentially malicious

With the advancement of computer and communication technologies in data processing, storage, and increasing bandwidth of data transmission, the amount of multimedia data generation and sharing has increased exponentially. Therefore, the security of multimedia data becomes more important in transmission, processing, and storing the day-to-day. Cryptography is one of the important mechanisms in preserving

This article describes an experimental investigation into the inter-dataset generalization of supervised machine learning methods, trained to distinguish between benign and several classes of malicious network flows. The first part details the process and results of establishing reference classification scores on CIC-IDS2017 and CSE-CIC-IDS2018, two modern, labeled data sets for testing intrusion detection

Assuring the security of the communication channel is a significant issue in the fog networks. Designing an efficient and secure key management scheme with a common key among nodes is a critical factor. The available key distribution schemes of hierarchical networks are not scalable and impose high communication and computation overhead to networks. These schemes are impractical on limited resources’

The degree of sophistication of modern cyber-attacks has increased in recent years, and in the future these attacks will more and more target cyber-physical systems (CPS). Unfortunately, today’s security solutions that are used for enterprise information technology (IT) infrastructures are not sufficient to protect CPS, which have largely different properties, involve heterogeneous technologies, and

Electronic health (e-health) information systems rely on cloud computing technologies to provide massive medical data storage services. Particularly, to ensure the confidentiality of diagnostic results, sensitive diagnostic data need to be encrypted before being uploaded to a cloud server. Hence, enabling encrypted diagnostic data sharing efficiently is a demanding issue. To this end, we propose an

With the rapid development of Machine Learning technology applied in electroencephalography (EEG) signals, Brain-Computer Interface (BCI) has emerged as a novel and convenient human-computer interaction for smart home, intelligent medical and other Internet of Things (IoT) scenarios. However, security issues such as sensitive information disclosure and unauthorized operations have not received sufficient

Many block-based detection methods for image copy-move forgery have been reported. However, their performance degrades significantly under different geometric attacks such as rotation and scaling. In this paper, we propose a novel robust and accurate detection scheme for image copy-move forgery. It mainly consists of three steps: firstly, a suspicious image is divided into overlapping circular blocks

With the popularity of cloud computing and IoT, consistently increasing data brings us a great burden to store locally. Due to the local limited storage capacity and expensive maintenance cost, individuals and enterprises are preferred to outsource their data to the public commercial cloud (e.g., Google Drive and Dropbox). However, the commercial cloud can not be fully trusted because data on the cloud

A smart grid network is a part of critical infrastructure, and its interruption or blackout may cause fatal consequences on energy production, distribution, and eventually lives of people. Smart grid networks can be a target of cyber attacks coming from the outside or the inside of the network. Traditional smart grid protection includes firewalls and IDS/IPS devices that are usually deployed on edges

False Data Injection Attack (FDIA) is one of the most dangerous cyber attacks against smart power grids, as it could cause severe physical and economic damage. In this paper, we review and compare previous surveys on FDIA, which mostly focus only on the state estimation component. Differently, our survey describes the FDIAs that target the different components of the on-line power system security.

Authenticated lateral movement via compromised accounts is a common adversarial maneuver that is challenging to discover with signature- or rules-based intrusion detection systems. In this work a behavior-based approach to detecting malicious logins to novel systems indicative of lateral movement is presented, in which a user’s historical login activity is used to build a model of putative “normal”

Copy Move Forgery (CMF) is a type of digital image forgery in which an image region is copied and pasted to another location within the same image with malicious intent to misrepresent its meaning. To prevent misinterpretation of an image content, several Copy Move Forgery Detection (CMFD) methods have been proposed in the past. However, the existing methods show limited robustness on images altered

Cloud computing is an important step in our era, delivering many advantages in business and our daily life. However, as every new technology, various challenges are brought into light with one of them being the misuse of Cloud computing environments for criminal activities. As such, Cloud service providers have to establish adequate forensic capabilities in order to support forensics investigations

This paper presents an optically secure image cryptosystem in the compressed-sensing (CS) domain by using a chaos driven nonlinear function. First, the original image is divided into non-overlapping blocks of uniform size, and then the discrete cosine transform (DCT) is used for obtaining sparse representation of these blocks. A logistic map-based circulant sensing measurement matrix is used to compress

The Internet of Things (IoT) based healthcare system is one of the prominent approaches to overcome the issue of the increasing burden of healthcare costs in India. Wireless Body Area Networks (WBANs) are the key enabler in this scenario. It provides continuous monitoring of the patient’s health condition remotely, by making the real-time health data of the patient available to healthcare professionals

Proxy Re-encryption (PRE) offers an efficient solution for enforcing access control on outsourced data through delegation of decryption rights of a delegator to a delegatee. However, to meet practical security requirements of an access control model, the delegator must control these delegations such that a re-encryption key enables the delegation of decryption rights of only a subset of the delegator’s

The concept of Supply Chain Management (SCM) is very imperative while moving sensitive products from one entity to the next entity until it reaches to the end-users to avoid damage(s) in the product. In the traditional supply chain management system, several serious problems such as tampering of products, delay, and fraud, etc. exist. It also lacks proper authentication among the participants, data

Android devices are very popular because of their availability at reasonable prices. However, there is a rapid rise of malware applications in Android platform in the recent past years due to its security vulnerabilities. The existing static malware detection mechanisms can locate malicious components associated with the source code of an application and dynamic analysis can identify exploits in the

With the rapid development of splicing manipulation, more and more negative effects have been brought. Therefore, the demand for image splicing detection algorithms is growing dramatically. In this paper, a new image splicing detection method is proposed which is based on convolutional neural network (CNN) with weight combination strategy. In the proposed method, three types of features are selected

The two-party authenticated key agreement (2PAKA) protocol establishes a secure channel over the Internet between two users. This secure channel helps to transfer messages between them in the presence of an adversary. The invention of Shor’s algorithms makes current 2PAKA protocols vulnerable to quantum attacks. To mitigate quantum attacks, we designed an identity-based two-party authenticated key

The hierarchy theory is the foundation of the modern computer system design. However, the interaction part between different system layers is usually the weak point of the system, which tends to have security flaws. When communicating across the system boundary, failure to enforce the required synchronization in the shared memory can cause data inconsistency of the communication partners. Especially

In recent years, the chaotic systems in engineering applications attracted many researchers. One of the most important applications of chaos theory is the production of pseudo random numbers that can be used in different areas of cryptography, signal processing, and a variety of other fields. In production of pseudo random numbers generators the chaotic maps are the source of entropy for producing

This research paper introduces a novel low-complexity physical layer security technique based on an encryption model for fixed LiFi communication systems. This encryption model is based on the Channel Impulse Response (CIR) between the two users. This technique shows to be efficient against eavesdropping and self-aware of malicious activities. The attacker will get a Bit Error Ratio (BER) of over 0

Distributed data stores are critical to the success of applications in cloud. Massive volumes of user data are stored and processed with the support of underlying distributed data stores. With large amounts of data stored remotely in the cloud, security becomes a major concern. Authentication and access control are provided by cloud storage providers. But even with proper authentication and access

The favor that lightweight encryption algorithms have gained over the recent years regarding data and image security in a resource constrained environment of the smart device sort in Internet of Things (IoT) is undeniable. Secure IoT (SIT) is a popular encryption algorithm that tends to consume less hardware resources due to simple operation, which serves a welcome advantage, since it is precisely

Telecare Medical Information System (TMIS) is a platform for the patients and the medical server to communicate and exchange data through the Internet. As the Internet is an insecure medium, the shared sensitive data is at troublesome situation. To protect sensitive data over the public network, it is essential to have secure communication. The authentication and key establishment protocol supports

In the Healthcare 4.0 era, recent breakthroughs in emerging and disruptive technologies, such as Artificial Intelligence (AI), machine learning and robotics, have significantly changed the way in which healthcare services are delivered to patients. Advancements in patient monitoring systems and wearable devices have created more powerful and flexible real-time remote patient observation. Healthcare

Since Wiener pointed out that the RSA can be broken if the private exponent d is relatively small compared to the modulus N, it has been a general belief that the Wiener attack works for d

We study efficient and lightweight Intrusion Detection Systems (IDS) for ad-hoc networks via the prism of IPv6-enabled Wireless Sensor Actuator Networks. These networks consist of highly constrained devices able to communicate wirelessly in an ad-hoc fashion, thus following the architecture of ad-hoc networks. Current state-of-the-art (IDS) has been developed taking into consideration the architecture

Distributed denial of service attack is one of the most dangerous attacks in cloud computing. This attack makes the cloud services inaccessible to the end-users by exhausting resources, resulting in heavy economic and reputation loss. So, developing defensive solutions against these attacks is necessary for the widespread adoption of cloud computing technology. This paper proposes a new system for

Elliptic curve cryptography is an essential cryptography which is widely used in data encryption, key agreement, digital signature, and other applications. Scalar multiplication is the fundamental operation in all ECC schemes, such as ECDSA, ECIES, and ECMQV. Even a slight improvement of scalar multiplication is precious. Various methods have been proposed for improving efficiency of the scalar multiplication

Image security is very important to protect from any unauthorised user access. In this paper a two-phase secure image encryption has been proposed using the concepts of Deoxyribonucleic acid (DNA) and Ribonucleic acid (RNA). First, the plain image is encrypted based on DNA rules, DNA XOR operator, and chaotic map function in DNA phase and initial cipher image is created. Next, the cipher image is used

Median filtering is a widely used method for removing noise, preserving edges and smoothing regions within an image. Detection of median filtering has drawn much attention from researchers of image forensic. A new robust detection scheme of median filtering based on combined features of difference image is proposed in this paper. In the proposed approach, the combined features consist of data-pair

Artificial neural networks tend to use only what they need for a task. For example, to recognize a rooster, a network might only considers the rooster’s red comb and wattle and ignores the rest of the animal. This makes them vulnerable to attacks on their decision making process and can worsen their generality. Thus, this phenomenon has to be considered during the training of networks, especially in

Location fingerprinting is a technique employed when Global Positioning System (GPS) positioning breaks down within indoor environments. Since Location Service Providers (LSPs) would implicitly have access to such information, preserving user privacy has become a challenging issue in location estimation systems. This paper proposes a low-complexity k-anonymity approach for preserving the privacy of

The classification is one of the important machine learning technologies, which plays an important role in the fields of medical treatment, image processing, and cyberspace security. In recent years, the popularity of cloud computing has caused many data owners to seek outsourced storage computing, which has become a new trend in the development of classification. Although it can be used in several

The authentication protocol for HTTP proposed in RFC 8120 has been model checked under different assumptions. Four security properties have been taken into account: (1) Key Secrecy Property (K-SEC), (2) Key Sharing Property (K-SHR), (3) Correspondence Property from a client point of view (C-CORR), and (4) Correspondence Property from a server point of view (S-CORR). In each assumption, we suppose that

Fingerprint is the most well-known and successfully deployed biometric modalities in view of its ease of acquisition, established use, acceptance and high recognition rate (i.e., robustness). This is also due in part to its use in crime scene investigations to link crimes to suspected individuals. One form of fingerprint is called the latent fingerprint. Despite its subtle appearance, the latent fingerprint

To allow more general key derivation patterns, the concept of wicked identity-based encryption (wicked IBE) was introduced. It is an extension of hierarchical identity based encryption (HIBE). Recently, research on leakage-resilient wicked IBE has attracted much attention for its consideration on the problem of key leakage in system. However, the existing works implement leakage resistance under the

The Industrial Internet of Things (IIoT) represents a variety of IoT applications in the industrial sector of economy and is heavily underpinned by computational capabilities of cloud computing to reduce the cost of on-demand services. However, cloud computing does not protect the privacy of the outsourced data unless some form of encryption is applied. Recently, some Certificateless Authenticated

With the ever-increasing rate of adoption of internet-enabled smart devices, the allure of greater integration of technologies, such as smart home, smart city, and smart grid into everyday life is undeniable. However, this trend inevitably leaves a massive amount of information and infrastructure connected to the public Internet, which exposes the data to many security threats and challenges. In this

Data trading scheme based on Bitcoins faces many challenges. One of them is the transactions’ fairness. That is, the distrust between the unfamiliar parties involved in the transaction is likely to cause unfair trade. For example, the party can provid inveracious data or refuse to pay after receiving the authentic data. Another one is the Bitcoin transaction latency, which causes the inability to reach

With the continuously developing wireless communication technique, the Internet of Things (IoT) has been deployed in various domains. In the IoT, numerous smart devices exchange information transparently and seamlessly via the open channel to provide intelligent and convenient services for the citizens. Due to the vulnerable nature of the communication channel, ensuring data authenticity of the transmitted

Today, with the advent of internet technology, we are looking for e-mechanisms such as e-voting, e-commerce, e-learning, etc., where electronic information are transferred between the entities via the public network. However, e-mechanisms require the support of integrity, authenticity and non-repudiability of the transmitted electronic information. The digital signature is a technique that allows users

In this paper, a cloud based digital image locker system along with secure user authentication and novel image cryptosystem for preserving privacy of user images is proposed. Images require more storage space as compared to text. So, it is not feasible to store images locally in digital locker for everyone. By taking advantage of high speed Internet, it is feasible to use cloud for efficient storage