Security and Communication Networks

Cover image for Vol. 6 Issue 7

July 2013

Volume 6, Issue 7

Pages i–iv, 797–923

  1. Issue Information

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Call for Papers
    1. Issue Information (pages i–iv)

      Article first published online: 21 JUN 2013 | DOI: 10.1002/sec.659

  2. Research Articles

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Call for Papers
    1. Using particle swarm optimization in fuzzy association rules-based feature selection and fuzzy ARTMAP-based attack recognition (pages 797–811)

      Mansour Sheikhan and Maryam Sharifi Rad

      Article first published online: 13 AUG 2012 | DOI: 10.1002/sec.609

      Thumbnail image of graphical abstract

      In this study, a fuzzy association rules mining-based feature selection method is proposed for use in the attack recognizers of computer networks. To improve the performance, particle swarm optimization algorithm is employed to determine optimum parameter values of rule-mining and feature-mining modules; in addition to training parameters of fuzzy ARTMAP neural classifier. When compared with some other machine learning methods, the proposed system indicates better performance in terms of detection rate, false alarm rate, and cost per example.

    2. Key exposure free chameleon hash schemes based on discrete logarithm problem (pages 812–817)

      Seongan Lim, Juhee Lee and Youngjoo An

      Article first published online: 13 AUG 2012 | DOI: 10.1002/sec.612

      Thumbnail image of graphical abstract

      The chameleon hash key pair (skCH, pkCH) of the verifier guarantees that the verifier is the only one who can compute a hash collision, which means a signature forgery. The algorithm UForge guarantees the non-transferability of the signature, and the algorithm IForge guarantees the message privacy of the signer. In this paper, we present a key(skCH) exposure free chameleon hash scheme based on discrete logarithm problem.

    3. Semantic aware attribution analysis of remote exploits (pages 818–832)

      Deguang Kong, Donghai Tian, Qiha Pan, Peng Liu and Dinghao Wu

      Article first published online: 19 SEP 2012 | DOI: 10.1002/sec.613

      Thumbnail image of graphical abstract

      We present SA3, a novel exploit code attribution analysis that combines semantics-based analysis and statistical modeling to automatically categorize given exploit code. SA3 extracts semantic features from exploit code through data anomaly analysis and then attributes the exploit to an appropriate class on the basis of our statistical model derived from a Markov model. The attribution analysis accuracy can be over 90% in different parameter settings with false positive rate of no more than 4.5%.

    4. Nonintrusive tracing in the Internet (pages 833–843)

      Alina Olteanu, Yang Xiao, Jing Liu, Thomas M. Chen and C. L. Philip Chen

      Article first published online: 25 SEP 2012 | DOI: 10.1002/sec.616

      Thumbnail image of graphical abstract

      This paper studies two ways for tracing intruders in the Internet. One is to shorten the time interval used for existing thumbprinting mechanism. Another is based on a timestamping approach, which passively monitors flows between source and destination pairs.

    5. A proactive approach to intrusion detection and malware collection (pages 844–853)

      Chia-Mei Chen, Sheng-Tzong Cheng and Ruei-Yu Zeng

      Article first published online: 8 OCT 2012 | DOI: 10.1002/sec.619

      Thumbnail image of graphical abstract

      The proposed high-interactive honeypot can achieve the following goals: (1) not be perceived by attackers; (2) to protect against being attacked; (3) to record and learn attack behaviors; (4) to capture malware; and (5) to collect valuable information for detection purpose.

    6. A communication and computation-efficient three-party authenticated key agreement protocol (pages 854–863)

      Zuowen Tan

      Article first published online: 29 AUG 2012 | DOI: 10.1002/sec.622

      Thumbnail image of graphical abstract

      In this paper, we propose a novel three-party authenticated key agreement protocol that requires neither public key cryptosystem nor password. Compared with the previous three-party authenticated key agreement protocols, the novel three-party authenticated key agreement protocol requires considerably fewer rounds, lower communication cost and smaller computation cost. The detailed security proof and analyses show that the proposed protocol satisfies all the security requirements of the three-party authenticated key agreement protocols.

    7. A taxonomy framework based on ITU-TX-805 security architecture for quantitative determination of computer network vulnerabilities (pages 864–880)

      Shahriyar Mohammadi, Mohammad Hussein Sherkat and Mona Jamporazmey

      Article first published online: 29 AUG 2012 | DOI: 10.1002/sec.623

      Thumbnail image of graphical abstract

      The objectives of the this paper are to develop a taxonomy framework for the classification of network vulnerabilities on the basis of the ITU-TX-805 security architecture and to develop a method based on the second edition of CVSS for the quantification of vulnerabilities within the proposed taxonomy framework. This framework provides a comprehensive taxonomic structure that can be extended to all the different aspects of network vulnerability. Furthermore, it will help in the identification and effective management of vulnerabilities by their quantification.

    8. Secure event signature protocol for peer-to-peer massive multiplayer online games using bilinear pairing (pages 881–888)

      Wei Yuan, Liang Hu, Hongtu Li and Jianfeng Chu

      Article first published online: 15 NOV 2012 | DOI: 10.1002/sec.627

      Thumbnail image of graphical abstract

      We summarize the problems existing in some event signature protocols for peer-to-peer online games and propose a new secure event signature protocol. The security basis of the proposed protocol is the discrete logarithms and bilinear pairing. Our protocol provides higher security than some current protocols on secure event signature.

    9. IKE vulnerability discovery based on fuzzing (pages 889–901)

      Huan Yang, Yuqing Zhang, Yu-pu Hu and Qi-xu Liu

      Article first published online: 7 NOV 2012 | DOI: 10.1002/sec.628

      Thumbnail image of graphical abstract

      This paper summarizes the most comprehensive vulnerable points of the Internet key exchange (IKE) protocol and designed a two-stage test cases library based on fuzzing. This approach reduces the blindness of other traditional fuzzing approaches. Additionally, we design and implement an IKE protocol vulnerability discovering tool called IKEProFuzzer. It is a network protocol fuzzing framework with extensibility and automatic Monitor/Debugger designed by ourselves. In the experiments, the tool has discovered 14 vulnerabilities, including nine released vulnerabilities and five unreleased ones.

    10. Efficient identity-based strong designated verifier signature schemes (pages 902–911)

      Meijiao Duan, Jing Xu and Dengguo Feng

      Article first published online: 26 NOV 2012 | DOI: 10.1002/sec.645

      Thumbnail image of graphical abstract

      In this paper, we show that the identity-based strong designated verifier signature (IBSDVS) scheme of Kang et al. is actually forgeable, delegatable, and not strong. We then propose an improved efficient IBSDVS scheme with short signature size and provide formal security proofs on the basis of the CDH assumption in the random oracle model. Our scheme outperforms all the existing IBSDVS schemes known in the literature. Furthermore, we propose an extended nondelegatable IBSDVS scheme achieving high efficiency and short signature size and provide formal security proofs.

    11. New public key cryptosystems based on non-Abelian factorization problems (pages 912–922)

      Lize Gu, Licheng Wang, Kaoru Ota, Mianxiong Dong, Zhenfu Cao and Yixian Yang

      Article first published online: 1 MAR 2013 | DOI: 10.1002/sec.710

      Thumbnail image of graphical abstract

      Two novel public key encryption schemes based on the non-Abelian factorization problems were proposed. Both of them are proved to be indistinguishable against adaptively chosen ciphertext attack (IND-CCA2) in the random oracle models. These constructions have the potential to resist Shor's quantum algorithm attack proposed in 1994 and give affirmative answers for the open question announced by Myasnikov, Shpilrain and Ushakov in 2011.

  3. Call for Papers

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Call for Papers
    1. You have free access to this content

SEARCH

SEARCH BY CITATION