International Journal of Computer Network and Information Security (IJCNIS)

IJCNIS Vol. 11, No. 1, Jan. 2019

Cover page and Table of Contents: PDF (size: 174KB)

Table Of Contents

REGULAR PAPERS

Identification of Compromised Nodes in MANETs using Machine Learning Technique

By Rodney Sebopelo Bassey Isong Naison Gasela

DOI: https://doi.org/10.5815/ijcnis.2019.01.01, Pub. Date: 8 Jan. 2019

Mobile ad hoc networks (MANETs) are faced with various security challenges emanating from malicious attacks. Their dynamic nature make nodes more vulnerable to attacks from either malicious nodes or intruders since there is no fixed infrastructure resulting in each node acting as router to transmit data. Currently, several solutions have been proposed and implemented in different ways aimed at eliminating or reducing these malicious attacks. However, the attacks still persist. Therefore, this paper proposes an efficient security mechanism based on machine learning as a solution that detects and identifies malicious attacks in real-time basis by classifying packets data as either normal or abnormal. To achieve this, we conducted experiments using logistic regression (LR) and a support vector machine (SVM) to choose the best predictive model utilizing the Iris data set. The results obtained show that LR performed better than SVM with an accuracy of 100% detection rate. Thus, LR is better suited for the identification of malicious attacks in MANETs. Furthermore, we proposed and designed a framework to detect malicious attacks in real-time in MANETs based on packet behavior using the LR model and the components were presented. We believe that, if this framework is implemented in MANETs, it could go a long way to reduce the rate of attacks in the infrastructure less network.

[...] Read more.
A Comparative Study of Recent Steganography Techniques for Multiple Image Formats

By Arshiya Sajid Ansari Mohammad Sajid Mohammadi Mohammad Tanvir Parvez

DOI: https://doi.org/10.5815/ijcnis.2019.01.02, Pub. Date: 8 Jan. 2019

Steganography is the technique for exchanging concealed secret information in a way to avoid suspicion. The aim of Steganography is to transfer secrete message to another party by hiding the data in a cover object, so that the imposter who monitors the traffic should not distinguish between genuine secret message and the cover object. This paper presents the comparative study and performance analysis of different image Steganography methods using various types of cover media ((like BMP/JPEG/PNG etc.) with the discussion of their file formats. We also discuss the embedding domains along with a discussion on salient technical properties, applications, limitations, and Steganalysis.

[...] Read more.
Understanding the Evolution of Ransomware: Paradigm Shifts in Attack Structures

By Aaron Zimba Mumbi Chishimba

DOI: https://doi.org/10.5815/ijcnis.2019.01.03, Pub. Date: 8 Jan. 2019

The devasting effects of ransomware have continued to grow over the past two decades which have seen ransomware shift from just being opportunistic attacks to carefully orchestrated attacks. Individuals and business organizations alike have continued to fall prey to ransomware where victims have been forced to pay cybercriminals even up to $1 million in a single attack whilst others have incurred losses in hundreds of millions of dollars. Clearly, ransomware is an emerging cyber threat to enterprise systems that can no longer be ignored. In this paper, we address the evolution of the ransomware and the associated paradigm shifts in attack structures narrowing down to the technical and economic impacts. We formulate an attack model applicable to cascaded network design structures common in enterprise systems. We model the security state of the ransomware attack process as transitions of a finite state machine where state transitions depict breaches of confidentiality, integrity, and availability. We propose a ransomware categorization framework that classifies the virulence of a given ransomware based on a proposed classification algorithm that is based on data deletion and file encryption attack structures. The categories that increase in severity from CAT1 to CAT5 classify the technical prowess and the overall effectiveness of potential ways of retaining the data without paying the ransom demand. We evaluate our modeling approach with a WannaCry attack use case and suggest mitigation strategies and recommend best practices based on these models.

[...] Read more.
Analyzing Progressive-BKZ Lattice Reduction Algorithm

By Mokammel Haque Mohammad Obaidur Rahman

DOI: https://doi.org/10.5815/ijcnis.2019.01.04, Pub. Date: 8 Jan. 2019

BKZ and its variants are considered as the most efficient lattice reduction algorithms compensating both the quality and runtime. Progressive approach (gradually increasing block size) of this algorithm has been attempted in several works for better performance but actual analysis of this approach has never been reported. In this paper, we plot experimental evidence of its complexity over the direct approach. We see that a considerable time saving can be achieved if we use the output basis of the immediately reduced block as the input basis of the current block (with increased block size) successively. Then, we attempt to ?nd pseudo-collision in SWIFFT hash function and show that a different set of parameters produces a special shape of Gram-Schmidt norms other than the predicted Geometric Series Assumptions (GSA) which the experiment suggests being more efficient.

[...] Read more.
A Critical appraisal on Password based Authentication

By Amanpreet A. Kaur Khurram K. Mustafa

DOI: https://doi.org/10.5815/ijcnis.2019.01.05, Pub. Date: 8 Jan. 2019

There is no doubt that, even after the development of many other authentication schemes, passwords remain one of the most popular means of authentication. A review in the field of password based authentication is addressed, by introducing and analyzing different schemes of authentication, respective advantages and disadvantages, and probable causes of the ‘very disconnect’ between user and password mechanisms. The evolution of passwords and how they have deep-rooted in our life is remarkable. This paper addresses the gap between the user and industry perspectives of password authentication, the state of art of password authentication and how the most investigated topic in password authentication changed over time. The author’s tries to distinguish password based authentication into two levels ‘User Centric Design Level’ and the ‘Machine Centric Protocol Level’ under one framework. The paper concludes with the special section covering the ways in which password based authentication system can be strengthened on the issues which are currently holding-in the password based authentication.

[...] Read more.
Cyber Security and Analysis of Cyber-Crime Laws to Restrict Cyber Crime in Pakistan

By Qamar Atta Ul Haq

DOI: https://doi.org/10.5815/ijcnis.2019.01.06, Pub. Date: 8 Jan. 2019

This research report analyses the plebeian interest and tension hostility between privacy and cyber security in Pakistan. I explore the areas threaten by hackers in means of ATM card hacks and social data sniffing. It explores the challenges for Cyber security belongs to privacy and data protection.

[...] Read more.