IJCNIS Vol. 11, No. 6, Jun. 2019
Cover page and Table of Contents: PDF (size: 171KB)
REGULAR PAPERS
Malware presents a major threat to the security of computer systems, smart devices, and applications. It can also endanger sensitive data by modifying or destroying them. Thus, electronic exchanges through different communicating entities can be compromised. However, currently used signature-based methods cannot provide accurate detection of zero-day attacks, polymorphic and metamorphic programs which have the ability to change their code during propagation. In order to solve this issue, static and dynamic malware analysis is being used along with machine learning algorithms for malware detection and classification. Machine learning methods play an important role in automated malware detection. Several approaches have been applied to classify and to detect malware. The most challenging task is selecting a rele-vant set of features from a large dataset so that the classification model can be built in less time with higher accuracy. The purpose of this work is firstly to make a general review on the existing classification and detection methods, and secondly to develop an automated system to detect malicious Portable Executable files based on their headers with low performance and more efficiency. Experimental results will be presented for the best classifier selected in this study, namely Random Forest; accuracy and time performance will be discussed.
[...] Read more.Recently, in healthcare sector, the data is steadily growing and becomes more vital. Most of this data is embedded in the medical record of the patient. In fact, Patient Health Records (PHRs) refer to those records that the patient can maintain, access and share among different specialists. Storing these PHRs to the cloud allow the patient to maintain and share them with different practitioners anywhere and anytime. However, he still suffers from some security and privacy issues. Hence, it is necessary to guarantee the security and privacy of this immense volume of patient's confidential data on the cloud. Anonymization and encryption are the two methods that can be adopted to ensure the security and privacy of PHRs on cloud. In this paper, a cloud-based framework for securing the storage and the retrieval of unstructured PHRs is proposed. This framework combines different encryption techniques to encrypt the different contents of the PHR, to compress medical images and to control the access to these records. In addition, the encrypted files are partitioned into a random number of files before being sent to the cloud storage server. These files are of variable number and variable size. When a user requests to access a PHR from the cloud, the proposed framework first controls access of this user before merging the partitioned files. The decryption of these files is performed on the client side not on the cloud using the secret key, which is owned by authorized user only. Finally, extensive analytical and experimental results are presented. It shows the security, scalability, and efficiency of the proposed framework.
[...] Read more.One of the most important problems of modern cryptocurrency networks is the problem of scaling: advanced cryptocurrencies like Bitcoin can handle around 5 transactions per second. One of the most promising solutions to this problem are second layer payment protocols: payment networks implemented on top of base cryptocurrency network layer, based on the idea of delaying publication of intermediate transactions and using base network only as a finalization layer. Such networks consist of entities that interact with the cryptocurrency system via a payment channel protocol, and can send, receive and forward payments. This paper describes a formal actor-based model of payment channel network and uses it to formulate a modified payment protocol that can be executed in the network without requiring any information about its topology and thus can hide information about financial relations between nodes.
[...] Read more.Tech-savvy users are striving to bring automation and digitization in their lifestyle to make life more comfortable and efficient; Internet of Things (IoT) is an enabler in this direction. Technology advancements and new business opportunities are rapidly changing the IoT adoption landscape, and thereby security and privacy concerns have also started raising and realizing. The increasing number of IP enabled electronic devices, enormous data generation, and communication traffic have enhanced the attack surface for security and privacy violators. Many security attack scenarios are the result of poor identification and authentication mechanisms of communicating entities. In this paper, we present a secure scheme to perform a business transaction initiated by a smart device in the IoT environment. Scheme performs dynamic authentication of a business transaction while ensuring the privacy of the associated user(s). This scheme relies on Message Authentication Code (MAC) and dynamic key generation method to achieve a secure workflow. In this paper, we present a pluggable Roaming Smart Meters (RSM) concept to demonstrate the applicability of the proposed authentication scheme.
[...] Read more.Maintenance error such as failure of fan cowl door opening is one of the causes of aircraft accidents. In this research, we aim to develop an augmented reality application that allows the animation of each maintenance procedure of fan cowl door opening to be superimposed on the fan cowl door of aircraft. The marker detectability of the augmented reality application is checked based on different camera angles and distances. Hence, by using the developed application, the aircraft maintenance technician can interpret the information of the fan cowl door opening procedure in the form of texts, three-dimensional models and animations.
[...] Read more.For the sensitive information, the best privacy demand must be supported in commercial, technical and legal regulations. In this system we used combination of steganography and cryptography techniques in order to improve imperceptibility, robustness, payload capacity and to transmit data securely. As the preprocessing step, Arnold scrambling and discrete wavelet transform (DWT) techniques are used over the secret image. Then the referable values are calculated from the values of transformed secret image with the use of a secret key and embed these referable values in the video file by least significant bit (LSB) technique. Moreover, the secret key is encrypted with a pre-shared key by a new stream cipher Twisted Exchange Algorithm. And the result encrypted message is embedded behind the audio file by Parity coding technique. As the experimental results, performance of the system is tested with different real time images and various video quality files and measured by different parameters (PSNR, MSE), then it is also analyzed with attacks.
[...] Read more.