Visible to the public Biblio

Found 1145 results

Filters: First Letter Of Last Name is S  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R [S] T U V W X Y Z   [Show ALL]
S R, Sivaramakrishnan, Mikovic, Jelena, Kannan, Pravein G., Mun Choon, Chan, Sklower, Keith.  2017.  Enabling SDN Experimentation in Network Testbeds. Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. :7–12.
Software-defined networking (SDN) has become a popular technology, being adopted in operational networks and being a hot research topic. Many network testbeds today are used to test new research solutions and would benefit from offering SDN experimentation capabilities to their users. Yet, exposing SDN to experimenters is challenging because experiments must be isolated from each other and limited switch resources must be shared fairly. We outline three different approaches for exposing SDN to experimenters while achieving isolation and fair sharing goals. These solutions use software implementation, shared hardware switches and smart network interface cards to implement SDN in testbeds. These approaches are under development on two operational SDN testbeds: the DeterLab at USC/ISI/Berkeley and the NCL testbed at the National University of Singapore.
S, Naveen, Puzis, Rami, Angappan, Kumaresan.  2020.  Deep Learning for Threat Actor Attribution from Threat Reports. 2020 4th International Conference on Computer, Communication and Signal Processing (ICCCSP). :1–6.
Threat Actor Attribution is the task of identifying an attacker responsible for an attack. This often requires expert analysis and involves a lot of time. There had been attempts to detect a threat actor using machine learning techniques that use information obtained from the analysis of malware samples. These techniques will only be able to identify the attack, and it is trivial to guess the attacker because various attackers may adopt an attack method. A state-of-the-art method performs attribution of threat actors from text reports using Machine Learning and NLP techniques using Threat Intelligence reports. We use the same set of Threat Reports of Advanced Persistent Threats (APT). In this paper, we propose a Deep Learning architecture to attribute Threat actors based on threat reports obtained from various Threat Intelligence sources. Our work uses Neural Networks to perform the task of attribution and show that our method makes the attribution more accurate than other techniques and state-of-the-art methods.
S. Chandran, Hrudya P, P. Poornachandran.  2015.  "An efficient classification model for detecting advanced persistent threat". 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI). :2001-2009.

Among most of the cyber attacks that occured, the most drastic are advanced persistent threats. APTs are differ from other attacks as they have multiple phases, often silent for long period of time and launched by adamant, well-funded opponents. These targeted attacks mainly concentrated on government agencies and organizations in industries, as are those involved in international trade and having sensitive data. APTs escape from detection by antivirus solutions, intrusion detection and intrusion prevention systems and firewalls. In this paper we proposes a classification model having 99.8% accuracy, for the detection of APT.

S. Chen, F. Xi, Z. Liu, B. Bao.  2015.  "Quadrature compressive sampling of multiband radar signals at sub-Landau rate". 2015 IEEE International Conference on Digital Signal Processing (DSP). :234-238.

Sampling multiband radar signals is an essential issue of multiband/multifunction radar. This paper proposes a multiband quadrature compressive sampling (MQCS) system to perform the sampling at sub-Landau rate. The MQCS system randomly projects the multiband signal into a compressive multiband one by modulating each subband signal with a low-pass signal and then samples the compressive multiband signal at Landau-rate with output of compressive measurements. The compressive inphase and quadrature (I/Q) components of each subband are extracted from the compressive measurements respectively and are exploited to recover the baseband I/Q components. As effective bandwidth of the compressive multiband signal is much less than that of the received multiband one, the sampling rate is much less than Landau rate of the received signal. Simulation results validate that the proposed MQCS system can effectively acquire and reconstruct the baseband I/Q components of the multiband signals.

S. Goyal, M. Ramaiya, D. Dubey.  2015.  "Improved Detection of 1-2-4 LSB Steganography and RSA Cryptography in Color and Grayscale Images". 2015 International Conference on Computational Intelligence and Communication Networks (CICN). :1120-1124.

Steganography is the art of the hidden data in such a way that it detection of hidden knowledge prevents. As the necessity of security and privacy increases, the need of the hiding secret data is ongoing. In this paper proposed an enhanced detection of the 1-2-4 LSB steganography and RSA cryptography in Gray Scale and Color images. For color images, we apply 1-2-4 LSB on component of the RGB, then encrypt information applying RSA technique. For Gray Images, we use LSB to then encrypt information and also detect edges of gray image. In the experimental outcomes, calculate PSNR and MSE. We calculate peak signal noise ratio for quality and brightness. This method makes sure that the information has been encrypted before hiding it into an input image. If in any case the cipher text got revealed from the input image, the middle person other than receiver can't access the information as it is in encrypted form.

S. Lohit, K. Kulkarni, P. Turaga, J. Wang, A. C. Sankaranarayanan.  2015.  "Reconstruction-free inference on compressive measurements". 2015 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW). :16-24.

Spatial-multiplexing cameras have emerged as a promising alternative to classical imaging devices, often enabling acquisition of `more for less'. One popular architecture for spatial multiplexing is the single-pixel camera (SPC), which acquires coded measurements of the scene with pseudo-random spatial masks. Significant theoretical developments over the past few years provide a means for reconstruction of the original imagery from coded measurements at sub-Nyquist sampling rates. Yet, accurate reconstruction generally requires high measurement rates and high signal-to-noise ratios. In this paper, we enquire if one can perform high-level visual inference problems (e.g. face recognition or action recognition) from compressive cameras without the need for image reconstruction. This is an interesting question since in many practical scenarios, our goals extend beyond image reconstruction. However, most inference tasks often require non-linear features and it is not clear how to extract such features directly from compressed measurements. In this paper, we show that one can extract nontrivial correlational features directly without reconstruction of the imagery. As a specific example, we consider the problem of face recognition beyond the visible spectrum e.g in the short-wave infra-red region (SWIR) - where pixels are expensive. We base our framework on smashed filters which suggests that inner-products between high-dimensional signals can be computed in the compressive domain to a high degree of accuracy. We collect a new face image dataset of 30 subjects, obtained using an SPC. Using face recognition as an example, we show that one can indeed perform reconstruction-free inference with a very small loss of accuracy at very high compression ratios of 100 and more.

S. Majumdar, A. Maiti, A. Nath.  2015.  "New Secured Steganography Algorithm Using Encrypted Secret Message inside QRTM Code: System Implemented in Android Phone". 2015 International Conference on Computational Intelligence and Communication Networks (CICN). :1130-1134.

Steganography is a method of hiding information, whereas the goal of cryptography is to make data unreadable. Both of these methodologies have their own advantages and disadvantages. Encrypted messages are easily detectable. If someone is spying on communication channel for encrypted message, he/she can easily identify the encrypted messages. Encryption may draw unnecessary attention to the transferred messages. This may lead to cryptanalysis of the encrypted message if the spy tries to know the message. If the encryption technique is not strong enough, the message may be deciphered. In contrast, Steganography tries to hide the data from third party by smartly embedding the data to some other file which is not at all related to the message. Here care is to be taken to minimize the modification of the container file in the process of embedding data. But the disadvantage of steganography is that it is not as secure as cryptography. In the present method the authors have introduced three-step security. Firstly the secret message is encrypted using bit level columnar transposition method introduced by Nath et al and after that the encrypted message is embedded in some image file along with its size. Finally the modified image is encoded into a QR Code TM. The entire method has also been implemented for the Android mobile environment. This method may be used to transfer confidential message through Android mobile phone.

S. P. Rajamohana, K. Umamaheswari.  2017.  Hybrid Optimization Algorithm of Improved Binary Particle Swarm Optimization (iBPSO) And Cuckoo Search for Review Spam Detection.

With the development of the Internet, people are interested to share their views and opinions about the product on the web, forums, blogs etc. These online reviews are important for individual users and organization. Recently, it is a common tendency to the user to read the reviews or comments before purchasing some products or services. The online reviews are helpful for the business organizations in order to promote their product. However, in practice, these online reviews may be fake in order to promote or devalue the product. These fake reviews are called as opinion spam. Objective of the research paper is that, to select the best feature subset for detecting the fake review. To select a small subset of features out of the thousands of feature is important for accurate classification of review spam detection. Therefore, a good feature selection method is needed in order to speed up the processing rate, predictive accuracy. In this paper hybrid improved Binary Particle Swarm optimization (iBPSO) and cuckoo search (CS) is used for feature selection and Naive Bayes and k Nearest Neighbor classifier is used for classifying the review as spam and ham. Experimental results have shown that the proposed algorithm has yielded the best performance compared with the swarm intelligence techniques Binary Particle Swarm Optimization (BPSO) and Shuffled Frog Leaping (SFL).

S. Parimi, A. SaiKrishna, N. R. Kumar, N. R. Raajan.  2015.  "An imperceptible watermarking technique for copyright content using discrete cosine transformation". 2015 International Conference on Circuits, Power and Computing Technologies [ICCPCT-2015]. :1-5.

This paper is nominated for an image protection scheme in the area of government sectors based on discrete cosine transformation with digital watermarking scheme. A cover image has broken down into 8 × 8 non overlapped blocks and transformed from spatial domain into frequency domain. Apply DCT version II of the DCT family to each sub block of the original image. Then embed the watermarking image into the sub blocks. Apply IDCT of version II to send the image through communication channel with watermarked image. To recover the watermarked image, apply DCT and watermarking formula to the sub blocks. The experimental results show that the proposed watermarking procedure gives high security and watermarked image retrieved successfully.

S. Patil, S. Ramayane, M. Jadhav, P. Pachorkar.  2015.  "Hiding User Privacy in Location Base Services through Mobile Collaboration". 2015 International Conference on Computational Intelligence and Communication Networks (CICN). :1105-1107.

User uses smartphones for web surfing and browsing data. Many smartphones are embedded with inbuilt location aware system called GPS [Global Positioning System]. Using GPS user have to register and share his all private information to the LBS server. LBS is nothing but Location Based Service. Simply user sends the query to the LBS server. Then what is happening the LBS server gives a private information regarding particular user location. There will be a possibility to misuse this information so using mobile crowd method hides user location from LBS server and avoid sharing of privacy information with server. Our solution does not required to change the LBS server architecture.

S. Petcy Carolin, M. Somasundaram.  2016.  Data loss protection and data security using agents for cloud environment - IEEE Conference Publication.

Cyber infrastructures are highly vulnerable to intrusions and other threats. The main challenges in cloud computing are failure of data centres and recovery of lost data and providing a data security system. This paper has proposed a Virtualization and Data Recovery to create a virtual environment and recover the lost data from data servers and agents for providing data security in a cloud environment. A Cloud Manager is used to manage the virtualization and to handle the fault. Erasure code algorithm is used to recover the data which initially separates the data into n parts and then encrypts and stores in data servers. The semi trusted third party and the malware changes made in data stored in data centres can be identified by Artificial Intelligent methods using agents. Java Agent Development Framework (JADE) is a tool to develop agents and facilitates the communication between agents and allows the computing services in the system. The framework designed and implemented in the programming language JAVA as gateway or firewall to recover the data loss.

S. Pund-Dange, C. G. Desai.  2015.  "Secured data communication system using RSA with mersenne primes and Steganography". 2015 2nd International Conference on Computing for Sustainable Global Development (INDIACom). :1306-1310.

To add multiple layers of security our present work proposes a method for integrating together cryptography and Steganography for secure communication using an image file. We have used here combination of cryptography and steganography that can hide a text in an image in such a way so as to prevent any possible suspicion of having a hidden text, after RSA cipher. It offers privacy and high security through the communication channel.

S. R. Islam, S. P. Maity, A. K. Ray.  2015.  "On compressed sensing image reconstruction using linear prediction in adaptive filtering". 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI). :2317-2323.

Compressed sensing (CS) or compressive sampling deals with reconstruction of signals from limited observations/ measurements far below the Nyquist rate requirement. This is essential in many practical imaging system as sampling at Nyquist rate may not always be possible due to limited storage facility, slow sampling rate or the measurements are extremely expensive e.g. magnetic resonance imaging (MRI). Mathematically, CS addresses the problem for finding out the root of an unknown distribution comprises of unknown as well as known observations. Robbins-Monro (RM) stochastic approximation, a non-parametric approach, is explored here as a solution to CS reconstruction problem. A distance based linear prediction using the observed measurements is done to obtain the unobserved samples followed by random noise addition to act as residual (prediction error). A spatial domain adaptive Wiener filter is then used to diminish the noise and to reveal the new features from the degraded observations. Extensive simulation results highlight the relative performance gain over the existing work.

S. Saquib, R. Ali.  2015.  Malicious behavior in online social network. 2015 IEEE Workshop on Computational Intelligence: Theories, Applications and Future Directions (WCI). :1-6.

Nowadays, Online Social Networks (OSNs) are very popular and have become an integral part of our life. People are dependent on Online Social Networks for various purposes. The activities of most of the users are normal, but a few of the users exhibit unusual and suspicious behavior. We term this suspicious and unusual behavior as malicious behavior. Malicious behavior in Online Social Networks includes a wide range of unethical activities and actions performed by individuals or communities to manipulate thought process of OSN users to fulfill their vested interest. Such malicious behavior needs to be checked and its effects should be minimized. To minimize effects of such malicious activities, we require proper detection and containment strategy. Such strategy will protect millions of users across the OSNs from misinformation and security threats. In this paper, we discuss the different studies performed in the area of malicious behavior analysis and propose a framework for detection of malicious behavior in OSNs.

S. V. Trivedi, M. A. Hasamnis.  2015.  "Development of platform using NIOS II soft core processor for image encryption and decryption using AES algorithm". 2015 International Conference on Communications and Signal Processing (ICCSP). :1147-1151.

In our digital world internet is a widespread channel for transmission of information. Information that is transmitted can be in form of messages, images, audios and videos. Due to this escalating use of digital data exchange cryptography and network security has now become very important in modern digital communication network. Cryptography is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it. The term cryptography is most often associated with scrambling plaintext into ciphertext. This process is called as encryption. Today in industrial processes images are very frequently used, so it has become essential for us to protect the confidential image data from unauthorized access. In this paper Advanced Encryption Standard (AES) which is a symmetric algorithm is used for encryption and decryption of image. Performance of Advanced Encryption Standard algorithm is further enhanced by adding a key stream generator W7. NIOS II soft core processor is used for implementation of encryption and decryption algorithm. A system is designed with the help of SOPC (System on programmable chip) builder tool which is available in QUARTUS II (Version 10.1) environment using NIOS II soft core processor. Developed single core system is implemented using Altera DE2 FPGA board (Cyclone II EP2C35F672). Using MATLAB the image is read and then by using DWT (Discrete Wavelet Transform) the image is compressed. The image obtained after compression is now given as input to proposed AES encryption algorithm. The output of encryption algorithm is given as input to decryption algorithm in order to get back the original image. The implementation of which is done on the developed single core platform using NIOS II processor. Finally the output is analyzed in MATLAB by plotting histogram of original and encrypted image.

S. Zafar, M. B. Tiwana.  2015.  "Discarded hard disks ??? A treasure trove for cybercriminals: A case study of recovered sensitive data from a discarded hard disk" 2015 First International Conference on Anti-Cybercrime (ICACC). :1-6.

The modern malware poses serious security threats because of its evolved capability of using staged and persistent attack while remaining undetected over a long period of time to perform a number of malicious activities. The challenge for malicious actors is to gain initial control of the victim's machine by bypassing all the security controls. The most favored bait often used by attackers is to deceive users through a trusting or interesting email containing a malicious attachment or a malicious link. To make the email credible and interesting the cybercriminals often perform reconnaissance activities to find background information on the potential target. To this end, the value of information found on the discarded or stolen storage devices is often underestimated or ignored. In this paper, we present the partial results of analysis of one such hard disk that was purchased from the open market. The data found on the disk contained highly sensitive personal and organizational data. The results from the case study will be useful in not only understanding the involved risk but also creating awareness of related threats.

Sa Sousa, J., Vilela, J.P..  2014.  A characterization of uncoordinated frequency hopping for wireless secrecy. Wireless and Mobile Networking Conference (WMNC), 2014 7th IFIP. :1-4.

We characterize the secrecy level of communication under Uncoordinated Frequency Hopping, a spread spectrum scheme where a transmitter and a receiver randomly hop through a set of frequencies with the goal of deceiving an adversary. In our work, the goal of the legitimate parties is to land on a given frequency without the adversary eavesdroppers doing so, therefore being able to communicate securely in that period, that may be used for secret-key exchange. We also consider the effect on secrecy of the availability of friendly jammers that can be used to obstruct eavesdroppers by causing them interference. Our results show that tuning the number of frequencies and adding friendly jammers are effective countermeasures against eavesdroppers.

Saab, Farah, Elhajj, Imad, Kayssi, Ayman, Chehab, Ali.  2016.  A Crowdsourcing Game-theoretic Intrusion Detection and Rating System. Proceedings of the 31st Annual ACM Symposium on Applied Computing. :622–625.

One of the main concerns for smartphone users is the quality of apps they download. Before installing any app from the market, users first check its rating and reviews. However, these ratings are not computed by experts and most times are not associated with malicious behavior. In this work, we present an IDS/rating system based on a game theoretic model with crowdsourcing. Our results show that, with minor control over the error in categorizing users and the fraction of experts in the crowd, our system provides proper ratings while flagging all malicious apps.

Saab, Farah, Kayssi, Ayman, Elhajj, Imad, Chehab, Ali.  2016.  Solving Sybil Attacks Using Evolutionary Game Theory. Proceedings of the 31st Annual ACM Symposium on Applied Computing. :2195–2201.

Recommender systems have become quite popular recently. However, such systems are vulnerable to several types of attacks that target user ratings. One such attack is the Sybil attack where an entity masquerades as several identities with the intention of diverting user ratings. In this work, we propose evolutionary game theory as a possible solution to the Sybil attack in recommender systems. After modeling the attack, we use replicator dynamics to solve for evolutionary stable strategies. Our results show that under certain conditions that are easily achievable by a system administrator, the probability of an attack strategy drops to zero implying degraded fitness for Sybil nodes that eventually die out.

Saad, Muhammad, Cook, Victor, Nguyen, Lan, Thai, My T., Mohaisen, Aziz.  2019.  Partitioning Attacks on Bitcoin: Colliding Space, Time, and Logic. 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS). :1175—1187.
Bitcoin is the leading example of a blockchain application that facilitates peer-to-peer transactions without the need for a trusted intermediary. This paper considers possible attacks related to the decentralized network architecture of Bitcoin. We perform a data driven study of Bitcoin and present possible attacks based on spatial and temporal characteristics of its network. Towards that, we revisit the prior work, dedicated to the study of centralization of Bitcoin nodes over the Internet, through a fine-grained analysis of network distribution, and highlight the increasing centralization of the Bitcoin network over time. As a result, we show that Bitcoin is vulnerable to spatial, temporal, spatio-temporal, and logical partitioning attacks with an increased attack feasibility due to network dynamics. We verify our observations by simulating attack scenarios and the implications of each attack on the Bitcoin . We conclude with suggested countermeasures.
Saad, Muhammad, Anwar, Afsah, Ahmad, Ashar, Alasmary, Hisham, Yuksel, Murat, Mohaisen, Aziz.  2019.  RouteChain: Towards Blockchain-Based Secure and Efficient BGP Routing. 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). :210–218.

Routing on the Internet is defined among autonomous systems (ASes) based on a weak trust model where it is assumed that ASes are honest. While this trust model strengthens the connectivity among ASes, it results in an attack surface which is exploited by malicious entities to hijacking routing paths. One such attack is known as the BGP prefix hijacking, in which a malicious AS broadcasts IP prefixes that belong to a target AS, thereby hijacking its traffic. In this paper, we proposeRouteChain: a blockchain-based secure BGP routing system that counters BGP hijacking and maintains a consistent view of the Internet routing paths. Towards that, we leverage provenance assurance and tamper-proof properties of blockchains to augment trust among ASes. We group ASes based on their geographical (network) proximity and construct a bihierarchical blockchain model that detects false prefixes prior to their spread over the Internet. We validate strengths of our design by simulations and show its effectiveness by drawing a case study with the Youtube hijacking of 2008. Our proposed scheme is a standalone service that can be incrementally deployed without the need of a central authority.

Saad, Muhammad, Khormali, Aminollah, Mohaisen, Aziz.  2019.  Dine and Dash: Static, Dynamic, and Economic Analysis of In-Browser Cryptojacking. 2019 APWG Symposium on Electronic Crime Research (eCrime). :1—12.

Cryptojacking is the permissionless use of a target device to covertly mine cryptocurrencies. With cryptojacking attackers use malicious JavaScript codes to force web browsers into solving proof-of-work puzzles, thus making money by exploiting resources of the website visitors. To understand and counter such attacks, we systematically analyze the static, dynamic, and economic aspects of in-browser cryptojacking. For static analysis, we perform content-, currency-, and code-based categorization of cryptojacking samples to 1) measure their distribution across websites, 2) highlight their platform affinities, and 3) study their code complexities. We apply unsupervised learning to distinguish cryptojacking scripts from benign and other malicious JavaScript samples with 96.4% accuracy. For dynamic analysis, we analyze the effect of cryptojacking on critical system resources, such as CPU and battery usage. Additionally, we perform web browser fingerprinting to analyze the information exchange between the victim node and the dropzone cryptojacking server. We also build an analytical model to empirically evaluate the feasibility of cryptojacking as an alternative to online advertisement. Our results show a large negative profit and loss gap, indicating that the model is economically impractical. Finally, by leveraging insights from our analyses, we build countermeasures for in-browser cryptojacking that improve upon the existing remedies.

Saadeh, Huda, Almobaideen, Wesam, Sabri, Khair Eddin, Saadeh, Maha.  2019.  Hybrid SDN-ICN Architecture Design for the Internet of Things. 2019 Sixth International Conference on Software Defined Systems (SDS). :96–101.
Internet of Things (IoT) impacts the current network with many challenges due to the variation, heterogeneity of its devices and running technologies. For those reasons, monitoring and controlling network efficiently can rise the performance of the network and adapts network techniques according to environment measurements. This paper proposes a new privacy aware-IoT architecture that combines the benefits of both Information Centric Network (ICN) and Software Defined Network (SDN) paradigms. In this architecture controlling functionalities are distributed over multiple planes: operational plane which is considered as smart ICN data plane with Controllers that control local clusters, tactical plane which is an Edge environment to take controlling decisions based on small number of clusters, and strategic plane which is a cloud controlling environment to make long-term decision that affects the whole network. Deployment options of this architecture is discussed and SDN enhancement due to in-network caching is evaluated.
SAADI, C., kandrouch, i, CHAOUI, H..  2019.  Proposed security by IDS-AM in Android system. 2019 5th International Conference on Optimization and Applications (ICOA). :1—7.

Mobile systems are always growing, automatically they need enough resources to secure them. Indeed, traditional techniques for protecting the mobile environment are no longer effective. We need to look for new mechanisms to protect the mobile environment from malicious behavior. In this paper, we examine one of the most popular systems, Android OS. Next, we will propose a distributed architecture based on IDS-AM to detect intrusions by mobile agents (IDS-AM).

Saarela, Marko, Hosseinzadeh, Shohreh, Hyrynsalmi, Sami, Leppänen, Ville.  2017.  Measuring Software Security from the Design of Software. Proceedings of the 18th International Conference on Computer Systems and Technologies. :179–186.

With the increasing use of mobile phones in contemporary society, more and more networked computers are connected to each other. This has brought along security issues. To solve these issues, both research and development communities are trying to build more secure software. However, there is the question that how the secure software is defined and how the security could be measured. In this paper, we study this problem by studying what kinds of security measurement tools (i.e. metrics) are available, and what these tools and metrics reveal about the security of software. As the result of the study, we noticed that security verification activities fall into two main categories, evaluation and assurance. There exist 34 metrics for measuring the security, from which 29 are assurance metrics and 5 are evaluation metrics. Evaluating and studying these metrics, lead us to the conclusion that the general quality of the security metrics are not in a satisfying level that could be suitably used in daily engineering work flows. They have both theoretical and practical issues that require further research, and need to be improved.