International Journal of Computer Network and Information Security (IJCNIS)

IJCNIS Vol. 4, No. 1, Feb. 2012

Cover page and Table of Contents: PDF (size: 122KB)

Table Of Contents

REGULAR PAPERS

M2KMIX: Identifying the Type of High Rate Flooding Attacks using a Mixture of Expert Systems

By Arun Raj Kumar P. S. Selvakumar

DOI: https://doi.org/10.5815/ijcnis.2012.01.01, Pub. Date: 8 Feb. 2012

High rate flooding attacks such as SYN flood, UDP flood, and HTTP flood have been posing a perilous threat to Web servers, DNS servers, Mail servers, VoIP servers, etc. These high rate flooding attacks deplete the limited capacity of the server resources. Hence, there is a need for the protection of these critical resources from high rate flooding attacks. Existing detection techniques used in Firewalls, IPS, IDS, etc., fail to identify the illegitimate traffic due to its self-similarity nature of legitimate traffic and suffer from low detection accuracy and high false alarms. Also, very few in the literature have focused on identifying the type of attack. This paper focuses on the identification of type of high rate flooding attack with High detection accuracy and fewer false alarms. The attack type identification is achieved by training the classifiers with different feature subsets. Therefore, each trained classifier is an expert in different feature space. High detection accuracy is achieved by creating a mixture of expert classifiers and the ensemble output decisions are identified by our proposed Preferential Agreement (PA) rule. Our proposed classification algorithm, M2KMix (mixture of two Multi Layer Perceptron and one K-Nearest Neighbor models) differs from the existing solutions in feature selection, error cost reduction, and attack type identification. M2KMix was trained and tested with our own SSE Lab 2011 dataset and CAIDA dataset. Detection accuracy and False Alarms are the two metrics used to analyze the performance of the proposed M2KMix algorithm with the existing output combination methods such as mean, maximum, minimum, and product. From the simulation results, it is evident that M2KMix algorithm achieves high detection accuracy (97.8%) with fewer false alarms than the existing output combination methods. M2KMix identifies three types of flooding attacks, viz., the SYN Flood, UDP flood, and HTTP Flood, effectively with detection accuracy of 100%, 93.75%, and 97.5%, respectively.

[...] Read more.
Efficient Hand off using Fuzzy and Simulated Annealing

By Vikas.M.N Keshava.K.N Prabhas.R.K Hameem Shanavas .I

DOI: https://doi.org/10.5815/ijcnis.2012.01.02, Pub. Date: 8 Feb. 2012

This paper presents an efficient method for the hand off mechanism in cellular networks using optimization algorithms. The proposed approach integrates a fuzzy logic approach with simulated annealing algorithm to automate the tuning process. The fuzzy controller carries out inference operation at high-speed, whereas the tuning procedure works at a much lower rate. For the implementation described in this paper, a two-input-one-output fuzzy controller is considered. Both the inputs and the output have 8- bit resolution, and up to seven membership functions for each input or output can be defined over the universe of discourse. The fuzzy controller has two levels of pipeline which allows overlapping of the arithmetic as well as inference operations. The SA tuning mechanism adjusts the triangular or singleton membership functions to minimize a cost function. The complete self-tuned fuzzy inference engine is implemented in a Xilinx SPARTAN3 XC3S200 series FPGA device. This paper describes various aspects of the implementation of the self-tuned hand off system.

[...] Read more.
Optimization Modeling for GM(1,1) Model Based on BP Neural Network

By Deqiang Zhou

DOI: https://doi.org/10.5815/ijcnis.2012.01.03, Pub. Date: 8 Feb. 2012

In grey theory, GM(1,1) model is widely discussed and studied. The purpose of GM(1,1) model is to work on system forecasting with poor, incomplete or uncertain messages. The parameters estimation is an important factor for the GM(1,1) model, thus improving estimation method to enhance the model forecasting accuracy becomes a hot topic of researchers. This study proposes an optimization method for GM(1,1) model based on BP neural network. The GM(1,1) model is mapped to a BP neural network, the corresponding relation between GM(1,1) model parameters and BP network weights is established, the GM(1,1) model parameters estimation problem is transformed into an optimization problem for the weights of neural network. The BP neural network is trained by use of BP algorithm, when the BP network convergence, optimization model parameters can be extracted, and the optimization modeling for GM(1,1) Model based on BP algorithm can be also realized. The experiment results show that the method is feasible and effective, the precision is higher than the traditional method and other optimization modeling methods.

[...] Read more.
CSRF Vulnerabilities and Defensive Techniques

By Rupali D. Kombade B.B. Meshram

DOI: https://doi.org/10.5815/ijcnis.2012.01.04, Pub. Date: 8 Feb. 2012

Web applications are now part of day to day life due to their user friendly environment as well as advancement of technology to provide internet facilities, but these web applications brought lot of threats with them and these threats are continuously growing, one of the these threat is Cross Site Request Forgery(CSRF). CSRF attack is immerged as serious threat to web applications which based on the vulnerabilities present in the normal request response pattern of HTTP protocol. It is difficult to detect and hence it is present in most of the existing web applications. CSRF attack occurs when a malicious web site causes a user’s web browser to perform an unwanted action on a trusted site. It is listed in OWASP’s top ten Web Application attacks list. In this survey paper we will study CSRF attack, CSRF vulnerabilities and its defensive measures. We have compared various defense mechanisms to analyse the best defense mechanism. This study will help us to build strong and robust CSRF protection mechanism.

[...] Read more.
A Chaos-based Image Encryption Scheme Using 3D Skew Tent Map and Coupled Map Lattice

By Ruisong Ye Wei Zhou

DOI: https://doi.org/10.5815/ijcnis.2012.01.05, Pub. Date: 8 Feb. 2012

This paper proposes a chaos-based image encryption scheme where one 3D skew tent map with three control parameters is utilized to generate chaotic orbits applied to scramble the pixel positions while one coupled map lattice is employed to yield random gray value sequences to change the gray values so as to enhance the security. Experimental results have been carried out with detailed analysis to demonstrate that the proposed image encryption scheme possesses large key space to resist brute-force attack and possesses good statistical properties to frustrate statistical analysis attacks. Experiments are also performed to illustrate the robustness against malicious attacks like cropping, noising, JPEG compression.

[...] Read more.
Enhancing Hash Function Selection Techniques Based on Message Contents

By Ali Saeed Muhammad Khalil Shahid

DOI: https://doi.org/10.5815/ijcnis.2012.01.06, Pub. Date: 8 Feb. 2012

In Hash based Security systems two major factors that are mostly relied upon are Strong Hash function and the selection procedure of the hash function from a given pool. This paper aims at exploiting maximum available resources a message possesses, intrinsically, that can accommodate greater number of hash functions references. It provides a simple, low cost- easy to implement technique that will be able to make systems available with random hash functions’ selection ability. With the given technique the security level will be enhanced along with greater availability of hash functions. The truly variable nature of contents of messages can be exploited in order to secure messages beyond measure. In case of a single communication stint, if one hash function is compromised the next hash function for next block will be selected truly randomly and cannot be predicted. A summary of already in use techniques is also discussed in order to prove the proposition distinct and practicable. In proposed technique it is proven that it has ability to accommodate greater number of hash functions. Further, the hash function selection methodology has been provisioned with a technique to be message-dependent; the security cannot be compromised owing to truly randomness of the selection procedure.

[...] Read more.
Achieving Open-loop Insulin Delivery using ITM Designed for T1DM Patients

By Akash Rajak Kanak Saxena

DOI: https://doi.org/10.5815/ijcnis.2012.01.07, Pub. Date: 8 Feb. 2012

To simulate the glucose-insulin concentration of type 1 diabetic patient an Intelligent Temporal Mediator (ITM) has been designed. The ITM integrates the tasks of temporal reasoning and temporal maintenance. The paper discusses the design of ITM reasoning system which was based on open-loop insulin delivery technique. The result shows that ITM successfully models the blood glucose profile of the diabetic patient. The designed ITM is also compared with existing open-loop simulator for checking its performance.

[...] Read more.
Application of Erlang Formulae in Next Generation Networks

By Erik Chromy Tibor Misuth Adam Weber

DOI: https://doi.org/10.5815/ijcnis.2012.01.08, Pub. Date: 8 Feb. 2012

The paper deals with the possibility of the Erlang B and Erlang C formula utilization in Next Generation Networks (NGN). Based on the common properties of synchronous and asynchronous networks it is possible the utilization of Erlang formulas also for asynchronous networks. It is possible to describe traffic in NGN networks by calculation of following parameters – loss, link utilization and bandwidth. The second part of this paper deals with the possibility of application of Erlang B formula in contact center. Contact center is one of the many examples of the NGN networks. By application of Erlang B formula in contact center environment it is possible to monitor following important parameters - number of agents, probability of call blocking, utilization of agents and mean number of calls in the system.

[...] Read more.