Visible to the public Biblio

Filters: Author is Sharma, S.  [Clear All Filters]
Conference Paper
Singh, S., Sharma, S..  2014.  Improving security mechanism to access HDFS data by mobile consumers using middleware-layer framework. Computing, Communication and Networking Technologies (ICCCNT), 2014 International Conference on. :1-7.

Revolution in the field of technology leads to the development of cloud computing which delivers on-demand and easy access to the large shared pools of online stored data, softwares and applications. It has changed the way of utilizing the IT resources but at the compromised cost of security breaches as well such as phishing attacks, impersonation, lack of confidentiality and integrity. Thus this research work deals with the core problem of providing absolute security to the mobile consumers of public cloud to improve the mobility of user's, accessing data stored on public cloud securely using tokens without depending upon the third party to generate them. This paper presents the approach of simplifying the process of authenticating and authorizing the mobile user's by implementing middleware-centric framework called MiLAMob model with the huge online data storage system i.e. HDFS. It allows the consumer's to access the data from HDFS via mobiles or through the social networking sites eg. facebook, gmail, yahoo etc using OAuth 2.0 protocol. For authentication, the tokens are generated using one-time password generation technique and then encrypting them using AES method. By implementing the flexible user based policies and standards, this model improves the authorization process.

Sharma, S., Zavarsky, P., Butakov, S..  2020.  Machine Learning based Intrusion Detection System for Web-Based Attacks. 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS). :227—230.

Various studies have been performed to explore the feasibility of detection of web-based attacks by machine learning techniques. False-positive and false-negative results have been reported as a major issue to be addressed to make machine learning-based detection and prevention of web-based attacks reliable and trustworthy. In our research, we tried to identify and address the root cause of the false-positive and false-negative results. In our experiment, we used the CSIC 2010 HTTP dataset, which contains the generated traffic targeted to an e-commerce web application. Our experimental results demonstrate that applying the proposed fine-tuned feature set extraction results in improved detection and classification of web-based attacks for all tested machine learning algorithms. The performance of the machine learning algorithm in the detection of attacks was evaluated by the Precision, Recall, Accuracy, and F-measure metrics. Among three tested algorithms, the J48 decision tree algorithm provided the highest True Positive rate, Precision, and Recall.

Jain, S., Sharma, S., Chandavarkar, B. R..  2020.  Mitigating Man-in-the-Middle Attack in Digital Signature. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–5.
We all are living in the digital era, where the maximum of the information is available online. The digital world has made the transfer of information easy and provides the basic needs of security like authentication, integrity, nonrepudiation, etc. But, with the improvement in security, cyber-attacks have also increased. Security researchers have provided many techniques to prevent these cyber-attacks; one is a Digital Signature (DS). The digital signature uses cryptographic key pairs (public and private) to provide the message's integrity and verify the sender's identity. The private key used in the digital signature is confidential; if attackers find it by using various techniques, then this can result in an attack. This paper presents a brief introduction about the digital signature and how it is vulnerable to a man-in-the-middle attack. Further, it discusses a technique to prevent this attack in the digital signature.
Juyal, S., Sharma, S., Harbola, A., Shukla, A. S..  2020.  Privacy and Security of IoT based Skin Monitoring System using Blockchain Approach. 2020 IEEE International Conference on Electronics, Computing and Communication Technologies (CONECCT). :1—5.

Remote patient monitoring is a system that focuses on patients care and attention with the advent of the Internet of Things (IoT). The technology makes it easier to track distance, but also to diagnose and provide critical attention and service on demand so that billions of people are safer and more safe. Skincare monitoring is one of the growing fields of medical care which requires IoT monitoring, because there is an increasing number of patients, but cures are restricted to the number of available dermatologists. The IoT-based skin monitoring system produces and store volumes of private medical data at the cloud from which the skin experts can access it at remote locations. Such large-scale data are highly vulnerable and otherwise have catastrophic results for privacy and security mechanisms. Medical organizations currently do not concentrate much on maintaining safety and privacy, which are of major importance in the field. This paper provides an IoT based skin surveillance system based on a blockchain data protection and safety mechanism. A secure data transmission mechanism for IoT devices used in a distributed architecture is proposed. Privacy is assured through a unique key to identify each user when he registers. The principle of blockchain also addresses security issues through the generation of hash functions on every transaction variable. We use blockchain consortiums that meet our criteria in a decentralized environment for controlled access. The solutions proposed allow IoT based skin surveillance systems to privately and securely store and share medical data over the network without disturbance.

Sharma, S..  2017.  A secure reputation based architecture for MANET routing. 2017 4th International Conference on Electronics and Communication Systems (ICECS). :106–110.

Mobile Ad hoc Network has a wide range of applications in military and civilian domains. It is generally assumed that the nodes are trustworthy and cooperative in routing protocols of MANETs viz. AODV, DSR etc. This assumption makes wireless ad hoc network more prone to interception and manipulation which further open possibilities of various types of Denial of Service (DoS) attacks. In order to mitigate the effect of malicious nodes, a reputation based secure routing protocol is proposed in this paper. The basic idea of the proposed scheme is organize the network with 25 nodes which are deployed in a 5×5 grid structure. Each normal node in the network has a specific prime number, which acts as Node identity. A Backbone Network (BBN) is deployed in a 5×5 grid structure. The proposed scheme uses legitimacy value table and reputation level table maintained by backbone network in the network. These tables are used to provide best path selection after avoiding malicious nodes during path discovery. Based on the values collected in their legitimacy table & reputation level table backbone nodes separate and avoid the malicious nodes while making path between source and destination.

Kaur, R., Singh, A., Singh, S., Sharma, S..  2016.  Security of software defined networks: Taxonomic modeling, key components and open research area. 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT). :2832–2839.

Software defined networking promises network operators to dramatically simplify network management. It provides flexibility and innovation through network programmability. With SDN, network management moves from codifying functionality in terms of low-level device configuration to building software that facilitates network management and debugging[1]. SDN provides new techniques to solve long-standing problems in networking like routing by separating the complexity of state distribution from network specification. Despite all the hype surrounding SDNs, exploiting its full potential is demanding. Security is still the major issue and a striking challenge that reduces the growth of SDNs. Moreover the introduction of various architectural components and up cycling of novel entities of SDN poses new security issues and threats. SDN is considered as major target for digital threats and cyber-attacks[2] and have more devastating effects than simple networks. Initial SDN design doesn't considered security as its part; therefore, it must be raised on the agenda. This article discusses the security solutions proposed to secure SDNs. We categorize the security solutions in the article by presenting a thematic taxonomy based on SDN architectural layers/interfaces[3], security measures and goals, simulation framework. Moreover, the literature also points out the possible attacks[2] targeting different layers/interfaces of SDNs. For securing SDNs, the potential requirements and their key enablers are also identified and presented. Also, the articles sketch the design of secure and dependable SDNs. At last, we discuss open issues and challenges of SDN security that may be rated appropriate to be handled by professionals and researchers in the future.