A data encryption model is developed using Brownian Motion based confusion and intertwining logistic map based diffusion method. In the existing encryption models, shuffling is irrelevant for the pixels with same value i.e. (all white/black/same colour) and models are prone to differential and various statistical attacks. This article investigates random data insertion to ensure the validity of shuffling

Homomorphic Encryption (HE) aims to perform computations on encrypted data. Still in research stage, a lot of HE schemes have been created but their comparison remains costly as execution exhibits prohibitive costs. PAnTHErS is a HE schemes modeler. Modeling with a common formalism allows the evaluation of input parameters variation impact on performances of a HE scheme execution i.e. on its execution

Privacy-preserving data aggregation has been studied extensively over the past decades, but there are still some concerns remained. For example, some schemes cannot resist against internal attacks, especially when the internal attack is launched by either the data centers that allocate the system security parameters or the attacker who shares the common information with the targeted user. In this paper

Indoor localization is widely used as enabling technology for location-based services, such as advertising, indoor routing, and behavioral analysis. To keep these features available, service providers passively collect a large amount of data that may reveal strictly personal information about an individual. As an example, a timestamped mobility trace acquired in a mall may help the business owner to

This paper presents a comprehensive survey of authenticated key agreement protocols, which have been proposed for multi-server architectures. The growing use of cloud-based services has made multi-server authentication protocols a necessity. For a brief insight into the topic, the break-fix history of these protocols, vital functional and security requirements have been summarized. Protocols are categorized

Comparison with traditional network routing technology, multi-source network coding allows the routers to encode the received data and has the merits of large throughput, strong robustness and fast speed. In addition, certificateless public key cryptosystem (CL-PKC) is both certificate-free and key escrow-free. From now, there is no certificateless signature suitable for multi-source network coding

Hou et al. introduced a (2, n) block-based progressive visual cryptographic scheme (BPVCS). In (2, n)-BPVCS, a secret image is subdivided into n non-overlapped image blocks. When t (2 ≤ t ≤ n) participants stack their shadow images, the image blocks belonged to these t participants will be recovered. Unfortunately, Hou et al.’s (2, n)-BPVCS suffers from the cheating problem. Additionally, Hou et al

It is well known that the designing or improving embedding cost becomes a key issue for current steganographic methods. Unlike existing works, we propose a novel framework to enhance the steganography security via post-processing on the embedding units (i.e., pixel values and DCT coefficients) of stego directly. In this paper, we firstly analyze the characteristics of STCs (Syndrome-Trellis Codes)

Like any emerging and disruptive technology, multiple obstacles are slowing down the Internet of Things (IoT) expansion for instance, multiplicity of things’ standards, users’ reluctance and sometimes rejection due to privacy invasion, and limited IoT platform interoperability. IoT expansion is also accompanied by the widespread use of mobile apps supporting anywhere, anytime service provisioning to

With the development of communication and information technologies, the telemedicine system has infiltrated many aspects of medicine field. It allows doctors to simultaneously diagnose patients in different areas, which provides great convenience to people. However, the increasing medical data brings serious challenges to people, such as data storage and processing. To reduce data management costs

Present-day organizations continue to expose their critical information infrastructures over the Internet for facilitating accessibility; substantially raising concerns about the security of data from both outsiders and insiders. In this paper, we propose a novel approach for detecting intrusive attacks on databases by assessing the risk for incoming transaction based upon the conflation of multiple

Pollution attacks in network coding result in the waste of bandwidth and computational resources. Several homomorphic message authentication code (HMAC) and signature-based schemes have been proposed to mitigate such attacks. In these schemes, authentication is achieved by appending several HMAC tags with or without a signature to the packet payload. This approach negatively affects the throughput

The technical features of blockchain, including decentralization, data transparency, tamper-proofing, traceability, privacy protection and open-sourcing, make it a suitable technology for solving the information asymmetry problem in personal credit reporting transactions. Applying blockchain technology to credit reporting meets the needs of social credit system construction and may become an important

Security risk assessment is done to identify the vulnerabilities of a client’s application and develop strong security measures within budgetary constraints. However, while migrating to the Cloud platform, a generic notion of their publicly available security policies make it challenging for clients to assess the security threats solely relevant to their applications. Additionally, traditional risk

Spatiotemporal chaotic systems are widely used for image encryption due to their better chaos, more chaotic sequences and more complex dynamic behavior. This paper proposes a new spatiotemporal chaotic system named Multiple dynamically coupled map lattices (MDCML). The proposed system introduces dynamic coupling parameter, which enhances ergodicity and improves pseudo-randomness and chaos of the system

The rise of edge computing enables local network management. Services are no longer clustered inside the cloud but rather spread all over the whole network. In this paper, we propose a method for deploying security services within an IoT network according to devices capabilities. Our method models an IoT network as a weighted graph using device capabilities. Using the latter, we propose to identify

The botnet has been one of the most common threats to network security. Among all emerged botnet, Peer to Peer (P2P) botnets are more perilous and resistant due to their distributed nature. In addition to their resiliency against takedown strategies, modern P2P botnets are stealthier in the way they perform fraudulent activities. One of the main challenges to detect P2P bots/botnets is the presence

Cloud computing is admired as a notable computing terminology in which facilities of the computing framework are rendered as aid over Internet services. In the era of cloud computing, lightweight devices can be used to afford remote e-healthcare, which facilitates the development of remote healthcare consultations, monitoring of patients’ health reports, and medical research. The downside of the cloud

Analyzing safety and security together in the concept stage of system development can reduce redundant work and inconsistency in the identification of safety and security requirements. STPA is a safety analysis technique that also allows analyzing security concerns. STPA does not employ threat models to identify loss scenarios. Threat models allow identifying, enumerating, and prioritizing potential

Vehicular Ad-hoc Networks (VANETs), which are a subclass of Mobile Ad-hoc Networks (MANETs), received a widespread attention during the last decades. With these promising set of safety applications, which are the main reason why they were developed, VANETs are considered as a tremendous support for the Intelligent Transportation Systems (ITS). However, several key issues remain to be solved before

Soft security is a new generation of security methods that, unlike traditional ones such as encryption and access control (known as hard security), uses social-based control to secure a system. Like any other security method, soft security methods should be evaluated and verified against attacks before they are used; however, despite the increasing attractiveness and applications of these methods,

Ensuring data security is a hot-button-issue at present in medical field because the sufferer information are stored and transmitted widely through communication networks. To vanquish the awful conditions a novel Multi-dimensional Medical Image Encryption (MMIE) scheme is proposed exploiting Rossler dynamical system and Sine map. Chaotic systems gained its popularity in the last few decades for their

Purpose Spear phishing is a fraudulent practice that targets specific and well-researched users in an organization to collect their credentials. Previous studies have addressed the underlying drivers that significantly influence susceptibility to spear phishing. However, findings may not be generalized to other cultures and environments such as the developing Non-English-speaking countries. To fill

A wildcard character in a pattern adds an additional feature in the field of pattern matching. In this paper, we consider two problems of secure pattern matching (SPM) with wildcards: (i) SPM with repetitive wildcards (SPM-RW) and (ii) SPM with compound wildcards (SPM-CW). Here we consider that a type of wildcard characters “*” is used to represent gaps in the pattern for the first problem of SPM with

With the increasing utilization of the Internet and its provided services, an increase in cyber-attacks to exploit the information occurs. A technology to store and maintain user's information that is mostly used for its simplicity and low-cost services is cloud computing (CC). Also, a new model of computing that is noteworthy today is mobile cloud computing (MCC) that is used to reduce the limitations

As an important security technology, recently quantum watermarking attracted wide research attention. This study presents a blind quantum audio watermarking scheme based on quantum discrete cosine transform (qDCT). In the proposed scheme, the quantum audio signal in quantum representation of discrete signal (QRDS) is transformed into frequency domain using qDCT. The medium frequency components are

Due to the expeditious evolution of wearable technology and wireless mobile networks, the tele-medicine and mobile medications have turned up into the Telecare Medicine Information System (TMIS). The efficient management of the patient’s Electronic Health Record (EHR) plays a vital role for the telecare of patients that include medication for the chronic patients, long-term telecare for the special

In many real resource access scenarios, the parties who require to establish communication may be unable to effectively identify and verify some authentication messages of the other party due to the use of completely different cryptography settings, making it difficult to authenticate each other in such scenarios. We usually define the above-mentioned problem as “cross-domain authentication”. Although

With the growth of online shopping, Credit Card Fraud (CCF) comes out as a serious menace. For this end, the automatic and real-time fraud detection field calls for several studies. The recent ones use many Machine Learning (ML) methods and techniques due to their beneficial characteristics to build a good fitting model to catch fraudulent transactions. The purpose of this paper is to develop a new

In this paper, the authors have compared ensemble methods in Spark supported distributed environment. With ever changing attack trends traditional machine learning algorithms fail to detect new types of network based attacks. Machine learning techniques therefore need to be improved. Secondly, there is need for faster and accurate detection algorithms and study of distributed frameworks like Apache

Due to the rapid advancement in on-demand communication and information technologies, the peripheral connection of computers through Universal Serial Bus (USB) is considered as a remarkable interface standard that is extensively used in Mass Storage Devices (MSDs) of consumers. The MSDs of current USB consumers are easy to carry as they facilitate with relatively advance transmission speed, however

This paper presents the first mutual authentication protocol for RFID systems based on hard problems from rank metric codes, and we discuss its security in the post quantum scenario. Furthermore, our protocol uses two improvements. The first one consists in using double circulant low rank parity check codes and permits to reduce communication costs and to get smaller key size than previous code-based

A cryptocurrency is a network-based digital exchange medium, where the records are secured using strong cryptographic algorithms such as Secure Hash Algorithm 2 (SHA-2) and Message Digest 5 (MD5). It uses blockchain technology to make the transactions secure, transparent, traceable, and immutable. Due to these properties, the cryptocurrencies have gained popularity in almost all the sectors especially

As the fast development of IoT technology, various security solutions have to be considered when the corresponding solutions are being deployed. Due to the lightweight nature of the IoT devices such as the RFID tags and so on, traditional encryption schemes such as AES which are relatively heavy in the sense of operations cannot be applied here. Lightweight block ciphers have since become a default

Group Key Agreement Protocol (GKAP) is a cryptographic mechanism where members of a group agree on a common key by sharing their blinded keys over a public channel. Sharing a key over a public channel is a security threat and expensive in terms of communication cost. In this paper, we proposed the GKAP based on tree and elliptic curve. For reducing the communication cost, we have used the divide-and-conquer

Fundamental components of the distribution systems of electric energy are primary and secondary substation networks. Considering the incorporation of legacy communication infrastructure in these systems, they often have in- herent cybersecurity vulnerabilities. Moreover, traditional intrusion defence strategies for IT systems are often not applicable. With the aim to improve cybersecurity in substation

Information security implementation in an organization regardless of its business processes will not be effective. Current approaches to risk assessment have moved towards business process-oriented ones. Thus, in new approaches, assets are got attention based on the business processes involved. But existing approaches that are based on business processes have their drawbacks. For example, we need to

Software defined networking (SDN) has emerged as the integral part of cloud services since it provides flexible management capabilities to monitor and to analyze the network traffic with the help of programmable entities. Although, such functionalities play a significant role in terms of protecting the availability of cloud services against the security threats, SDN still has some vulnerabilities such

The paradigm of cloud computing has elevated IT to new heights by offering the elasticity to match customer needs, while also reducing capital expenditure on procuring IT infrastructure. Despite the apparent benefits provided by cloud computing, organisations are slow in embracing the technology due to numerous issues that are associated with the lack of security transparency such as trust and accountability

Information exchange through public networks has the risk of information disclosure, making data hiding an important technique to protect privacy. Image interpolation is also a common technique in image processing. Recent years, research on data hiding based on image interpolation have matured. In this paper, we propose an efficient data hiding scheme based on image interpolation that can be adopted

This study suggests a novel color multiple image encryption technique using “Algebra-Chaos Amalgamated 256-length-12-bit random sequence” and DNA Transform. The proposed random sequence (S-box) has the property of occupying small computer memory space as regards to the existing S-boxes. Moreover, for simplicity and novelty, 1D sin chaotic map and 1D logistic map are mixed to generate a 1D mixed Chaotic

To detect new malware, machine learning approaches require many training samples. These training samples contribute to build an accurate model. To maintain the accuracy, collecting comprehensive samples continuously is very important. However, new malicious samples appear one after another, and thereby making it difficult. Hence, actual small training samples do not likely to represent the entire population

The advent of Internet of Things have paved the way for providing smart services for mobile users in the smart city. Due to the rapid movement of users and their fast information exchange, the global mobility network (GLOMONET) is a proper candidate to be used as the communication platform to provide roaming services. However, privacy and security preservation of mobile users becomes an important issue

Existing alert correlation methods do not consider the unsuccessful paths and true negative alerts of IDS, which affects the completeness and visualization of attack restoring. To overcome this, an attack graph based alert correlation approach is proposed. The attack graph is first created using the toolkit MulVAL based on the network connectivity and known vulnerabilities, which gives the full view

Digital signatures are important cryptographic primitive for authentication. To resist quantum attacks, many post-quantum signature schemes have been proposed. Among them, isogeny-based signature schemes, such as SeaSign, rapid development in recent years along with the proposed CSIDH construction. In this paper, inspired by the Fiat-Shamir transform, we construct the first identity-based signature

Deniable Authenticated Encryption (DAE) scheme ensures the security of deniable authentication and confidentiality by performing both cryptographic functions of deniable authentication and public key encryption in one single logical step at a cost significantly lower than that required for performing these two functions separately. In this paper, we have designed a deniable authenticated encryption

The security, efficiency, and storage of image data are global issues while transmitting images over the Internet. In this paper, we have fabricated a novel approach for security of multiple-color images utilizing asymmetric RSA cryptosystem, reality preserving fractional discrete cosine transform and Arnold transform. In our approach, three indexed images are obtained from three RGB color images by

In 1998, at Eurocrypt, a novel primitive, called Proxy Re-Encryption (PRE) was introduced by Blaze, Bleumer and Strauss [1]. In the given concept, a delegator computes re-encryption key and gives it to the semi trusted proxy. Then proxy can convert a message, enciphered with Alice’s public key into a message, enciphered with Bob’s public key without knowing the message. Upto best our knowledge, we

Fuzzing is a simple and popular technique that has been widely used to detect vulnerabilities in software. However, due to its blind mutation, fuzzing brings many limitations. First, it is difficult for fuzzing to pass the sanity checks, which makes fuzzing unable to target vulnerability or crash locations effectively. Secondly, blind mutation limits the diversity of seed generation and makes it difficult

Cost-sensitive metrics have been widely used during the past years as financial metrics that quantify the monetary costs and benefits of security investments, assess risks, and select countermeasures accordingly. However, due to the complexity of current attacks, and the level of dynamicity required in the estimation of the parameters composing the metrics, the use of a novel approach that considers

Recently, an image block encryption algorithm was proposed based on some well-known chaotic maps. The authors claim that the encryption algorithm achieves enough security level and high encryption speed at the same time. In this paper, we give a thorough security analysis on the algorithm from the perspective of modern cryptology and report some critical security defects on the algorithm. Given five

Content-based image retrieval (CBIR) retrieves desired digital images from large databases. “Content-based” means that the search analyzes the contents of the image rather than the metadata such as keywords, tags, or descriptions associated with images. It has different applications in different domains such as crime prevention, intellectual property, medical diagnosis, and face finding. Based on the

Current EDA (electronic design automation) tools are not capable to consider side-channel vulnerabilities at design time. Therefore, designers should manage such security considerations in their designs manually. One of the main reasons for this glaring shortcoming is the lack of feasible metrics to assess the immunity of various crypto-system designs against various attacks at design time. In this

Mobile spam messages have become one of the main concerns in the field of short messaging service (SMS) due to its negative impact on mobile users and networks. The current literature lacks effective solutions for this issue. In this study, the negative impacts of SMS spam were thoroughly analysed, and the existing techniques for SMS spam detection were investigated through two experiments. The first

Cost-sensitive metrics have been widely used during the past years as financial metrics that quantify the monetary costs and benefits of security investments, assess risks, and select countermeasures accordingly. However, due to the complexity of current attacks, and the level of dynamicity required in the estimation of the parameters composing the metrics, the use of a novel approach that considers

Conference Key Distribution Systems (CKDS) are well-analyzed systems for the computation and distribution of a symmetric key shared amongst a session's participants. We focus on previous CKDS with user anonymity and we propose modifications from the perspective of anonymity, dynamicity, efficiency and security crystallized in a novel CKDS design. The security of the proposed anonymous CKDS is based

Previous research demonstrated that Bluetooth Low Energy beacons enable very accurate indoor positioning. This leads to the question whether a Bluetooth Mesh network could inadvertently serve the same purpose, leading to unexpected location privacy violations. We analyze the information broadcasted by a typical Bluetooth Mesh installation and show that it can indeed be utilized by a potentially malicious

With the advancement of computer and communication technologies in data processing, storage, and increasing bandwidth of data transmission, the amount of multimedia data generation and sharing has increased exponentially. Therefore, the security of multimedia data becomes more important in transmission, processing, and storing the day-to-day. Cryptography is one of the important mechanisms in preserving