Visible to the public Biblio

Found 16099 results

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
A, Meharaj Begum, Arock, Michael.  2021.  Efficient Detection Of SQL Injection Attack(SQLIA) Using Pattern-based Neural Network Model. 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS). :343–347.
Web application vulnerability is one of the major causes of cyber attacks. Cyber criminals exploit these vulnerabilities to inject malicious commands to the unsanitized user input in order to bypass authentication of the database through some cyber-attack techniques like cross site scripting (XSS), phishing, Structured Query Language Injection Attack (SQLIA), malware etc., Although many research works have been conducted to resolve the above mentioned attacks, only few challenges with respect to SQLIA could be resolved. Ensuring security against complete set of malicious payloads are extremely complicated and demanding. It requires appropriate classification of legitimate and injected SQL commands. The existing approaches dealt with limited set of signatures, keywords and symbols of SQL queries to identify the injected queries. This work focuses on extracting SQL injection patterns with the help of existing parsing and tagging techniques. Pattern-based tags are trained and modeled using Multi-layer Perceptron which significantly performs well in classification of queries with accuracy of 94.4% which is better than the existing approaches.
A, Sujan Reddy, Rudra, Bhawana.  2021.  Evaluation of Recurrent Neural Networks for Detecting Injections in API Requests. 2021 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC). :0936–0941.
Application programming interfaces (APIs) are a vital part of every online business. APIs are responsible for transferring data across systems within a company or to the users through the web or mobile applications. Security is a concern for any public-facing application. The objective of this study is to analyze incoming requests to a target API and flag any malicious activity. This paper proposes a solution using sequence models to identify whether or not an API request has SQL, XML, JSON, and other types of malicious injections. We also propose a novel heuristic procedure that minimizes the number of false positives. False positives are the valid API requests that are misclassified as malicious by the model.
A. A. Zewail, A. Yener.  2015.  "The two-hop interference untrusted-relay channel with confidential messages". 2015 IEEE Information Theory Workshop - Fall (ITW). :322-326.

This paper considers the two-user interference relay channel where each source wishes to communicate to its destination a message that is confidential from the other destination. Furthermore, the relay, that is the enabler of communication, due to the absence of direct links, is untrusted. Thus, the messages from both sources need to be kept secret from the relay as well. We provide an achievable secure rate region for this network. The achievability scheme utilizes structured codes for message transmission, cooperative jamming and scaled compute-and-forward. In particular, the sources use nested lattice codes and stochastic encoding, while the destinations jam using lattice points. The relay decodes two integer combinations of the received lattice points and forwards, using Gaussian codewords, to both destinations. The achievability technique provides the insight that we can utilize the untrusted relay node as an encryption block in a two-hop interference relay channel with confidential messages.

A. Akinbi, E. Pereira.  2015.  "Mapping Security Requirements to Identify Critical Security Areas of Focus in PaaS Cloud Models". 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing. :789-794.

Information Technology experts cite security and privacy concerns as the major challenges in the adoption of cloud computing. On Platform-as-a-Service (PaaS) clouds, customers are faced with challenges of selecting service providers and evaluating security implementations based on their security needs and requirements. This study aims to enable cloud customers the ability to quantify their security requirements in order to identify critical areas in PaaS cloud architectures were security provisions offered by CSPs could be assessed. With the use of an adaptive security mapping matrix, the study uses a quantitative approach to presents findings of numeric data that shows critical architectures within the PaaS environment where security can be evaluated and security controls assessed to meet these security requirements. The matrix can be adapted across different types of PaaS cloud models based on individual security requirements and service level objectives identified by PaaS cloud customers.

A. Bekan, M. Mohorcic, J. Cinkelj, C. Fortuna.  2015.  "An Architecture for Fully Reconfigurable Plug-and-Play Wireless Sensor Network Testbed". 2015 IEEE Global Communications Conference (GLOBECOM). :1-7.

In this paper we propose an architecture for fully-reconfigurable, plug-and-play wireless sensor network testbed. The proposed architecture is able to reconfigure and support easy experimentation and testing of standard protocol stacks (i.e. uIPv4 and uIPv6) as well as non-standardized clean-slate protocol stacks (e.g. configured using RIME). The parameters of the protocol stacks can be remotely reconfigured through an easy to use RESTful API. Additionally, we are able to fully reconfigure clean-slate protocol stacks at run-time. The architecture enables easy set-up of the network - plug - by using a protocol that automatically sets up a multi-hop network (i.e. RPL protocol) and it enables reconfiguration and experimentation - play - by using a simple, RESTful interaction with each node individually. The reference implementation of the architecture uses a dual-stack Contiki OS with the ProtoStack tool for dynamic composition of services.

A. Chouhan, S. Singh.  2015.  "Real time secure end to end communication over GSM network". 2015 International Conference on Energy Systems and Applications. :663-668.

GSM network is the most widely used communication network for mobile phones in the World. However the security of the voice communication is the main issue in the GSM network. This paper proposes the technique for secure end to end communication over GSM network. The voice signal is encrypted at real time using digital techniques and transmitted over the GSM network. At receiver end the same decoding algorithm is used to extract the original speech signal. The speech trans-coding process of the GSM, severely distort an encrypted signal that does not possess the characteristics of speech signal. Therefore, it is not possible to use standard modem techniques over the GSM speech channel. The user may choose an appropriate algorithm and hardware platform as per requirement.

A. Dutta, R. K. Mangang.  2015.  "Analog to information converter based on random demodulation". 2015 International Conference on Electronic Design, Computer Networks Automated Verification (EDCAV). :105-109.

With the increase in signal's bandwidth, the conventional analog to digital converters (ADCs), operating on the basis of Shannon/Nyquist theorem, are forced to work at very high rates leading to low dynamic range and high power consumptions. This paper here tells about one Analog to Information converter developed based on compressive sensing techniques. The high sampling rates, which is the main drawback for ADCs, is being successfully reduced to 4 times lower than the conventional rates. The system is also accompanied with the advantage of low power dissipation.

A. K. M. A., J. C. D..  2015.  "Execution Time Measurement of Virtual Machine Volatile Artifacts Analyzers". 2015 IEEE 21st International Conference on Parallel and Distributed Systems (ICPADS). :314-319.

Due to a rapid revaluation in a virtualization environment, Virtual Machines (VMs) are target point for an attacker to gain privileged access of the virtual infrastructure. The Advanced Persistent Threats (APTs) such as malware, rootkit, spyware, etc. are more potent to bypass the existing defense mechanisms designed for VM. To address this issue, Virtual Machine Introspection (VMI) emerged as a promising approach that monitors run state of the VM externally from hypervisor. However, limitation of VMI lies with semantic gap. An open source tool called LibVMI address the semantic gap. Memory Forensic Analysis (MFA) tool such as Volatility can also be used to address the semantic gap. But, it needs to capture a memory dump (RAM) as input. Memory dump acquires time and its analysis time is highly crucial if Intrusion Detection System IDS (IDS) depends on the data supplied by FAM or VMI tool. In this work, live virtual machine RAM dump acquire time of LibVMI is measured. In addition, captured memory dump analysis time consumed by Volatility is measured and compared with other memory analyzer such as Rekall. It is observed through experimental results that, Rekall takes more execution time as compared to Volatility for most of the plugins. Further, Volatility and Rekall are compared with LibVMI. It is noticed that examining the volatile data through LibVMI is faster as it eliminates memory dump acquire time.

A. Motamedi, M. Najafi, N. Erami.  2015.  "Parallel secure turbo code for security enhancement in physical layer". 2015 Signal Processing and Intelligent Systems Conference (SPIS). :179-184.

Turbo code has been one of the important subjects in coding theory since 1993. This code has low Bit Error Rate (BER) but decoding complexity and delay are big challenges. On the other hand, considering the complexity and delay of separate blocks for coding and encryption, if these processes are combined, the security and reliability of communication system are guaranteed. In this paper a secure decoding algorithm in parallel on General-Purpose Graphics Processing Units (GPGPU) is proposed. This is the first prototype of a fast and parallel Joint Channel-Security Coding (JCSC) system. Despite of encryption process, this algorithm maintains desired BER and increases decoding speed. We considered several techniques for parallelism: (1) distribute decoding load of a code word between multiple cores, (2) simultaneous decoding of several code words, (3) using protection techniques to prevent performance degradation. We also propose two kinds of optimizations to increase the decoding speed: (1) memory access improvement, (2) the use of new GPU properties such as concurrent kernel execution and advanced atomics to compensate buffering latency.

A. Oprea, Z. Li, T. F. Yen, S. H. Chin, S. Alrwais.  2015.  "Detection of Early-Stage Enterprise Infection by Mining Large-Scale Log Data". 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. :45-56.

Recent years have seen the rise of sophisticated attacks including advanced persistent threats (APT) which pose severe risks to organizations and governments. Additionally, new malware strains appear at a higher rate than ever before. Since many of these malware evade existing security products, traditional defenses deployed by enterprises today often fail at detecting infections at an early stage. We address the problem of detecting early-stage APT infection by proposing a new framework based on belief propagation inspired from graph theory. We demonstrate that our techniques perform well on two large datasets. We achieve high accuracy on two months of DNS logs released by Los Alamos National Lab (LANL), which include APT infection attacks simulated by LANL domain experts. We also apply our algorithms to 38TB of web proxy logs collected at the border of a large enterprise and identify hundreds of malicious domains overlooked by state-of-the-art security products.

A. Papadopoulos, L. Czap, C. Fragouli.  2015.  "LP formulations for secrecy over erasure networks with feedback". 2015 IEEE International Symposium on Information Theory (ISIT). :954-958.

We design polynomial time schemes for secure message transmission over arbitrary networks, in the presence of an eavesdropper, and where each edge corresponds to an erasure channel with public feedback. Our schemes are described through linear programming (LP) formulations, that explicitly select (possibly different) sets of paths for key-generation and message sending. Although our LPs are not always capacity-achieving, they outperform the best known alternatives in the literature, and extend to incorporate several interesting scenaria.

A. Pramanik, S. P. Maity.  2015.  "DPCM-quantized block-based compressed sensing of images using Robbins Monro approach". 2015 IEEE International WIE Conference on Electrical and Computer Engineering (WIECON-ECE). :18-21.

Compressed Sensing or Compressive Sampling is the process of signal reconstruction from the samples obtained at a rate far below the Nyquist rate. In this work, Differential Pulse Coded Modulation (DPCM) is coupled with Block Based Compressed Sensing (CS) reconstruction with Robbins Monro (RM) approach. RM is a parametric iterative CS reconstruction technique. In this work extensive simulation is done to report that RM gives better performance than the existing DPCM Block Based Smoothed Projected Landweber (SPL) reconstruction technique. The noise seen in Block SPL algorithm is not much evident in this non-parametric approach. To achieve further compression of data, Lempel-Ziv-Welch channel coding technique is proposed.

A. Rahmani, A. Amine, M. R. Hamou.  2015.  "De-identification of Textual Data Using Immune System for Privacy Preserving in Big Data". 2015 IEEE International Conference on Computational Intelligence Communication Technology. :112-116.

With the growing observed success of big data use, many challenges appeared. Timeless, scalability and privacy are the main problems that researchers attempt to figure out. Privacy preserving is now a highly active domain of research, many works and concepts had seen the light within this theme. One of these concepts is the de-identification techniques. De-identification is a specific area that consists of finding and removing sensitive information either by replacing it, encrypting it or adding a noise to it using several techniques such as cryptography and data mining. In this report, we present a new model of de-identification of textual data using a specific Immune System algorithm known as CLONALG.

A. Rawat, A. K. Singh, J. Jithin, N. Jeyanthi, R. Thandeeswaran.  2016.  RSJ Approach for User Authentication. Proceeding AICTC '16 Proceedings of the International Conference on Advances in Information Communication Technology & Computing Article No. 101 .

Some of the common works like, upload and retrieval of data, buying and selling things, earning and donating or transaction of money etc., are the most common works performed in daily life through internet. For every user who is accessing the internet regularly, their highest priority is to make sure that there data is secured. Users are willing to pay huge amount of money to the service provider for maintaining the security. But the intention of malicious users is to access and misuse others data. For that they are using zombie bots. Always Bots are not the only malicious, legitimate authorized user can also impersonate to access the data illegally. This makes the job tougher to discriminate between the bots and boots. For providing security form that threats, here we are proposing a novel RSJ Approach by User Authentication. RSJ approach is a secure way for providing the security to the user form both bots and malicious users.

A. Roy, S. P. Maity.  2015.  "On segmentation of CS reconstructed MR images". 2015 Eighth International Conference on Advances in Pattern Recognition (ICAPR). :1-6.

This paper addresses the issue of magnetic resonance (MR) Image reconstruction at compressive sampling (or compressed sensing) paradigm followed by its segmentation. To improve image reconstruction problem at low measurement space, weighted linear prediction and random noise injection at unobserved space are done first, followed by spatial domain de-noising through adaptive recursive filtering. Reconstructed image, however, suffers from imprecise and/or missing edges, boundaries, lines, curvatures etc. and residual noise. Curvelet transform is purposely used for removal of noise and edge enhancement through hard thresholding and suppression of approximate sub-bands, respectively. Finally Genetic algorithms (GAs) based clustering is done for segmentation of sharpen MR Image using weighted contribution of variance and entropy values. Extensive simulation results are shown to highlight performance improvement of both image reconstruction and segmentation problems.

A. Soliman, L. Bahri, B. Carminati, E. Ferrari, S. Girdzijauskas.  2015.  "DIVa: Decentralized identity validation for social networks". 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). :383-391.

Online Social Networks exploit a lightweight process to identify their users so as to facilitate their fast adoption. However, such convenience comes at the price of making legitimate users subject to different threats created by fake accounts. Therefore, there is a crucial need to empower users with tools helping them in assigning a level of trust to whomever they interact with. To cope with this issue, in this paper we introduce a novel model, DIVa, that leverages on mining techniques to find correlations among user profile attributes. These correlations are discovered not from user population as a whole, but from individual communities, where the correlations are more pronounced. DIVa exploits a decentralized learning approach and ensures privacy preservation as each node in the OSN independently processes its local data and is required to know only its direct neighbors. Extensive experiments using real-world OSN datasets show that DIVa is able to extract fine-grained community-aware correlations among profile attributes with average improvements up to 50% than the global approach.

A. T. Erozan, A. S. Aydoğdu, B. Örs.  2015.  "Application specific processor design for DCT based applications". 2015 23nd Signal Processing and Communications Applications Conference (SIU). :2157-2160.

Discrete Cosine Transform (DCT) is used in JPEG compression, image encryption, image watermarking and channel estimation. In this paper, an Application Specific Processor (ASP) for DCT based applications is designed and implemented to Field Programmable Gate Array (FPGA). One dimensional DCT and IDCT hardwares which have fully parallel architecture have been implemented and connected to MicroBlaze softcore processer. To show a basic application of ASP, DCT based image watermarking example is studied in this system.

A., Jesudoss, M., Mercy Theresa.  2019.  Hardware-Independent Authentication Scheme Using Intelligent Captcha Technique. 2019 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT). :1—7.

This paper provides hardware-independent authentication named as Intelligent Authentication Scheme, which rectifies the design weaknesses that may be exploited by various security attacks. The Intelligent Authentication Scheme protects against various types of security attacks such as password-guessing attack, replay attack, streaming bots attack (denial of service), keylogger, screenlogger and phishing attack. Besides reducing the overall cost, it also balances both security and usability. It is a unique authentication scheme.

A.A., Athulya, K., Praveen.  2020.  Towards the Detection of Phishing Attacks. 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI)(48184). :337—343.
Phishing is an act of creating a website similar to a legitimate website with a motive of stealing user's confidential information. Phishing fraud might be the most popular cybercrime. Phishing is one of the risks that originated a couple of years back but still prevailing. This paper discusses various phishing attacks, some of the latest phishing evasion techniques used by attackers and anti-phishing approaches. This review raises awareness of those phishing strategies and helps the user to practice phishing prevention. Here, a hybrid approach of phishing detection also described having fast response time and high accuracy.
Aafer, Yousra, Tao, Guanhong, Huang, Jianjun, Zhang, Xiangyu, Li, Ninghui.  2018.  Precise Android API Protection Mapping Derivation and Reasoning. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :1151-1164.

The Android research community has long focused on building an Android API permission specification, which can be leveraged by app developers to determine the optimum set of permissions necessary for a correct and safe execution of their app. However, while prominent existing efforts provide a good approximation of the permission specification, they suffer from a few shortcomings. Dynamic approaches cannot generate complete results, although accurate for the particular execution. In contrast, static approaches provide better coverage, but produce imprecise mappings due to their lack of path-sensitivity. In fact, in light of Android's access control complexity, the approximations hardly abstract the actual co-relations between enforced protections. To address this, we propose to precisely derive Android protection specification in a path-sensitive fashion, using a novel graph abstraction technique. We further showcase how we can apply the generated maps to tackle security issues through logical satisfiability reasoning. Our constructed maps for 4 Android Open Source Project (AOSP) images highlight the significance of our approach, as \textasciitilde41% of APIs' protections cannot be correctly modeled without our technique.

Aal, Konstantin, Mouratidis, Marios, Weibert, Anne, Wulf, Volker.  2016.  Challenges of CI Initiatives in a Political Unstable Situation - Case Study of a Computer Club in a Refugee Camp. Proceedings of the 19th International Conference on Supporting Group Work. :409–412.

This poster describes the research around computer clubs in Palestinian refugee camps and the various lessons learned during the establishment of this intervention such the importance of the physical infrastructure (e.g. clean room, working hardware), soft technologies (e.g. knowledge transfer through workshops), social infrastructure (e.g. reliable partners in the refugee camp, partner from the university) and social capital (e.g. shared vision and values of all stakeholders). These important insights can be transferred on other interventions in similar unstable environments.

Aanjanadevi, S., Palanisamy, V., Aanjankumar, S..  2019.  An Improved Method for Generating Biometric-Cryptographic System from Face Feature. 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI). :1076—1079.
One of the most difficult tasks in networking is to provide security to data during transmission, the main issue using network is lack of security. Various techniques and methods had been introduced to satisfy the needs to enhance the firmness of the data while transmitting over internet. Due to several reasons and intruders the mechanism of providing security becomes a tedious task. At first conventional passwords are used to provide security to data while storing and transmitting but remembering the password quite confusing and difficult for the user to access the data. After that cryptography methodology is introduced to protect the data from the intruders by converting readable form of data into unreadable data by encryption process. Then the data is processed and received the receiver can access the original data by the reverse process of encryption called decryption. The processes of encoding have broken by intruders using various combinations of keys. In this proposed work strong encryption key can be generated by combining biometric and cryptography methods for enhancing firmness of data. Here biometric face image is pre-processed at initial stage then facial features are extracted to generate biometric-cryptographic key. After generating bio-crypto key data can be encrypted along with newly produced key with 0's or 1's bit combination and stored in the database. By generating bio-crypto key and using them for transmitting or storing the data the privacy and firmness of the data can be enhanced and by using own biometrics as key the process of hacking and interfere of intruders to access the data can be minimized.
Aartsen, Max, Banga, Kanta, Talko, Konrad, Touw, Dustin, Wisman, Bertus, Meïnsma, Daniel, Björkqvist, Mathias.  2022.  Analyzing Interoperability and Security Overhead of ROS2 DDS Middleware. 2022 30th Mediterranean Conference on Control and Automation (MED). :976–981.
Robot Operating System 2 (ROS2) is the latest release of a framework for enabling robot applications. Data Distribution Service (DDS) middleware is used for communication between nodes in a ROS2 cluster. The DDS middleware provides a distributed discovery system, message definitions and serialization, and security. In ROS2, the DDS middleware is accessed through an abstraction layer, making it easy to switch from one implementation to another. The existing middleware implementations differ in a number of ways, e.g., in how they are supported in ROS2, in their support for the security features, their ease of use, their performance, and their interoperability. In this work, the focus is on the ease of use, interoperability, and security features aspects of ROS2 DDS middleware. We compare the ease of installation and ease of use of three different DDS middleware, and test the interoperability of different middleware combinations in simple deployment scenarios. We highlight the difference that enabling the security option makes to interoperability, and conduct performance experiments that show the effect that turning on security has on the communication performance. Our results provide guidelines for choosing and deploying DDS middleware on a ROS2 cluster.
ISSN: 2473-3504
Ababii, V., Sudacevschi, V., Braniste, R., Nistiriuc, A., Munteanu, S., Borozan, O..  2020.  Multi-Robot System Based on Swarm Intelligence for Optimal Solution Search. 2020 International Congress on Human-Computer Interaction, Optimization and Robotic Applications (HORA). :1–5.
This work presents the results of the Multi-Robot System designing that works on the basis of Swarm Intelligence models and is used to search for optimal solutions. The process of searching for optimal solutions is performed based on a field of gradient vectors that can be generated by ionizing radiation sources, radio-electro-magnetic devices, temperature generating sources, etc. The concept of the operation System is based on the distribution in the search space of a multitude of Mobile Robots that form a Mesh network between them. Each Mobile Robot has a set of ultrasonic sensors for excluding the collisions with obstacles, two sensors for identifying the gradient vector of the analyzed field, resources for wireless storage, processing and communication. The direction of the Mobile Robot movement is determined by the rotational speed of two DC motors which is calculated based on the models of Artificial Neural Networks. Gradient vectors generated by all Mobile Robots in the system structure are used to calculate the movement direction.
Ababtain, Eman, Engels, Daniel.  2019.  Gestures Based CAPTCHAs the Use of Sensor Readings to Solve CAPTCHA Challenge on Smartphones. 2019 International Conference on Computational Science and Computational Intelligence (CSCI). :113—119.
We present novel CAPTCHA challenges based on user gestures designed for mobile. A gesture CAPTCHA challenge is a security mechanism to prevent malware from gaining access to network resources from mobile. Mobile devices contain a number of sensors that record the physical movement of the device. We utilized the accelerometer and gyroscope data as inputs to our novel CAPTCHAs to capture the physical manipulation of the device. We conducted an experimental study on a group of people. We discovered that younger people are able to solve this type of CAPTCHA challenges successfully in a short amount of time. We found that using accelerometer readings produces issues for some older people.