Security and Communication Networks

Cover image for Vol. 7 Issue 2

February 2014

Volume 7, Issue 2

Pages i–iv, 245–472

  1. Issue Information

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. Issue Information (pages i–iv)

      Version of Record online: 28 JAN 2014 | DOI: 10.1002/sec.884

  2. Research Articles

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. TDPF: a traceback-based distributed packet filter to mitigate spoofed DDoS attacks (pages 245–264)

      Mehran S. Fallah and Nafiseh Kahani

      Version of Record online: 14 FEB 2013 | DOI: 10.1002/sec.725

      Thumbnail image of graphical abstract

      Traceback-based distributed packet filter is a novel distributed packet filter based on traceback mechanisms that mitigates spoofed distributed denial-of-service attacks. This defense mechanism has three components: filtering routers decision making and filtering probabilities decision making modules that run at the victim and packet filtering (PF) modules at core or source routers. PF modules receive the required information including the kind of packets to be dropped as well as the probability of filtering and filter out the excess traffic targeted at the victim.

    2. SRC: a multicore NPU-based TCP stream reassembly card for deep packet inspection (pages 265–278)

      Shuhui Chen, Rongxing Lu and Xuemin (Sherman) Shen

      Version of Record online: 1 MAR 2013 | DOI: 10.1002/sec.727

      Thumbnail image of graphical abstract

      To improve the throughput performance of stream reassembly in network intrusion detection system and network forensics system, this paper proposes a stream reassembly card (SRC) based on multicore network processing unit (NPU). To take full advantage of NPU, three optimistic techniques called stream table dispatching, no-locking timeout, and multichannel virtual queue are introduced to further obtain higher performance. The relationship between the system throughput and memory size is analyzed, and experiment results based on real system are given.

    3. Efficient and secure chaotic S-Box for wireless sensor network (pages 279–292)

      Ghada Zaibi, Fabrice Peyrard, Abdennaceur Kachouri, Danièle Fournier-Prunaret and Mounir Samet

      Version of Record online: 28 FEB 2013 | DOI: 10.1002/sec.728

      Thumbnail image of graphical abstract

      Information security using chaotic dynamics is a novel topic in the wireless sensor network (WSN) research field. This paper deals with the design of new dynamic chaotic S-Boxes suitable for implementation on wireless sensor nodes. The proposed methods satisfy Good S-Box design criteria and exceed the performance of Advanced Encryption Standard static S-Box in some cases. The energy consumption of different proposals and existing chaotic S-Box designs are investigated via a platform simulator and a real WSN testbed.

    4. Critical analysis of counter mode with cipher block chain message authentication mode protocol—CCMP (pages 293–308)

      Idris Ahmed, Anne James and Dhananjay Singh

      Version of Record online: 22 MAR 2013 | DOI: 10.1002/sec.733

      Thumbnail image of graphical abstract

      This research work reviewed the current major AE and AEAD modes like the GCM and the ESKIMO and used critical analysis and statistical analysis approaches to identify more deficiencies in the CCM/CCMP. Because, critiques of the CCM/CCMP have shown that CBC-MAC and AES Counter Mode were poorly amalgamated to create the CCM/CCMP. They also showed that CCMP, which was ratified by the IEEE 802.11i workgroup in 2003, and implemented in WPA2, has some security issues.

    5. A novel path-based approach for single-packet IP traceback (pages 309–321)

      Ning Lu, Yulong Wang, Sen Su and Fangchun Yang

      Version of Record online: 21 MAR 2013 | DOI: 10.1002/sec.741

      Thumbnail image of graphical abstract

      Highlights

      1. We make use of the routing paths to set up traceback paths, instead of packet logging.
      2. We propose a novel path-based approach for single-packet IP traceback.
      3. Our work is applicable to defend against the DoS attacks.
  3. Editorials

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. You have free access to this content
      Security of e-systems (pages 322–324)

      Mohammad S. Obaidat, Petros Nicopolitidis and Weili Han

      Version of Record online: 28 NOV 2013 | DOI: 10.1002/sec.897

  4. Research Articles

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. A hybrid NFC–Bluetooth secure protocol for Credit Transfer among mobile phones (pages 325–337)

      David M. Monteiro, Joel J. P. C. Rodrigues, Jaime Lloret and Sandra Sendra

      Version of Record online: 22 FEB 2013 | DOI: 10.1002/sec.732

      Thumbnail image of graphical abstract

      This paper presents a hybrid NFC–Bluetooth peer-to-peer mobile application where it is used as a payment method. This protocol combines the security characteristics of NFC and the features of Bluetooth, which presents the faster data transfer rates. The proposal has been deployed on Android system, but it can be extended to other operating systems with NFC support. With this system, the user has a safety method to create a safe, reliable, and trusted operation to transfer cash.

  5. Special Issue Papers

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. Characterization of attacks collected from the deployment of Web service honeypot (pages 338–351)

      Abdallah Ghourabi, Tarek Abbes and Adel Bouhoula

      Version of Record online: 26 FEB 2013 | DOI: 10.1002/sec.737

      Thumbnail image of graphical abstract

      In this paper, we propose an automatic technique to analyze the data collected from our Web service Honeypot. The proposed approach is based on four machine learning methods: support vector machines, support vector regression, spectral clustering, and k-means clustering. Our main objectives are to analyze the collected data, automatically characterizing the captured attacks and detecting the denial-of-service and novel attacks.

  6. Research Articles

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. An exemplar-based learning approach for detection and classification of malicious network streams in honeynets (pages 352–364)

      Fahim H. Abbasi, Richard Harris, Stephen Marsland and Giovanni Moretti

      Version of Record online: 29 MAY 2013 | DOI: 10.1002/sec.724

      Thumbnail image of graphical abstract

      Key Findings: Using the algorithms described in this paper, we can detect and classify known malicious network streams and their variants and new and novel malicious streams. This is done by creating a model using the least number of exemplars suitable for classification of each class.

  7. Special Issue Papers

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. A low-cost UHF RFID tag chip with AES cryptography engine (pages 365–375)

      Lingzhi Fu, Xiang Shen, Linghao Zhu and Junyu Wang

      Version of Record online: 9 MAY 2013 | DOI: 10.1002/sec.723

      Thumbnail image of graphical abstract

      The design of a low-cost UHF Radio Frequency IDentification (RFID) tag chip with an AES cryptographic engine is presented. The whole chip, including a radio frequency frontend, an analog frontend, an EEPROM, and a baseband with AES engine, is taped out on SMIC 0.13μm process. The design can work on both two modes of the standard ISO 18000-6C mode and the security enhanced ISO 18000-6C mode.

    2. A cryptography-based protocol against packet dropping and message tampering attacks on mobile ad hoc networks (pages 376–384)

      Mohammad S. Obaidat, Isaac Woungang, Sanjay Kumar Dhurandher and Vincent Koo

      Version of Record online: 22 FEB 2013 | DOI: 10.1002/sec.731

      Thumbnail image of graphical abstract

      This paper proposes an enhancement to a protocol for preventing and mitigating packet dropping and message tampering attacks on mobile ad hoc networks. A cryptography primitive is introduced to secure the data integrity and routing.

    3. Dynamic combination of authentication factors based on quantified risk and benefit (pages 385–396)

      Weili Han, Chen Sun, Chenguang Shen, Chang Lei and Sean Shen

      Version of Record online: 22 FEB 2013 | DOI: 10.1002/sec.729

      Thumbnail image of graphical abstract

      Quantified riSk and Benefit adaptive Authentication Factors combination (QSBAF) balances the requirements for both security and usability in the authentication of an information system and improves the system's ability to respond quickly to emerging risky events. In QSBAF, the authentication factors can be dynamically combined on the basis of quantified risk, benefit measurements, and combination policies. Furthermore, QSBAF provides an adaptive mechanism, which is driven by history data to justify the measurements of risk and benefit.

  8. Editorials

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. You have free access to this content
  9. Special Issue Papers

    1. Top of page
    2. Issue Information
    3. Research Articles
    4. Editorials
    5. Research Articles
    6. Special Issue Papers
    7. Research Articles
    8. Special Issue Papers
    9. Editorials
    10. Special Issue Papers
    1. Cryptanalysis and Improvement of “An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems” (pages 399–408)

      Muhammad Khurram Khan and Saru Kumari

      Version of Record online: 10 JUN 2013 | DOI: 10.1002/sec.791

      Thumbnail image of graphical abstract

      Telecare medicine information system (TMIS) is an effective mechanism to provide quality healthcare services. In 2012, Chen et al. proposed a dynamic ID-based authentication scheme for TMIS. In this paper, we address security issues of Chen et al.'s scheme. We exhibit that it suffers from many drawbacks that are impediment to achieve trustworthy user authentication. To conquer the identified drawbacks, we propose a new scheme for TMIS. Analysis and comparison show improved usability of our scheme for secure access to healthcare services.

    2. Publishing and sharing encrypted data with potential friends in online social networks (pages 409–421)

      Huimin Shuai, Wen Tao Zhu and Xin Liu

      Version of Record online: 14 JUN 2013 | DOI: 10.1002/sec.806

      Thumbnail image of graphical abstract

      Masque+ is a full-fledged access control mechanism for online social networks employing attribute-based encryption. With Masque+, one can publish and share his encrypted data with potential new friends who have the same interests just as in a masquerade with various themes. Data security and personal privacy are protected in Masque+ because all published files are specifically encrypted, and only users satisfying the embedded access control structure can decrypt the content.

    3. Signer-admissible strong designated verifier signature from bilinear pairings (pages 422–428)

      Huaqun Wang

      Version of Record online: 14 JUN 2013 | DOI: 10.1002/sec.805

      Thumbnail image of graphical abstract

      Although designated verifier signature continues to develop, several works are being proposed to solve some special applications. This paper presents the concept of identity-based strong designated verifier signature with the property of signer-admission. On the basis of bilinear pairings, a concrete scheme is designed. The designed scheme is provably secure efficient.

    4. A generic homomorphic MAC construction for authentication in network coding (pages 429–433)

      Weijia Wang and Lei Hu

      Version of Record online: 29 NOV 2013 | DOI: 10.1002/sec.847

      Thumbnail image of graphical abstract

      This paper presents a generic homomorphic MAC scheme on the basis of linear mapping over finite fields. Benefiting from its algebra characteristics, our scheme is more flexible and effective than the previous schemes based on the vector inner product or the trace function over finite fields. As an instance, we show that the homomorphic MAC scheme used in RIPPLE protocol can be perfectly replaced by our scheme with a shorter key sequence.

    5. Secure universal designated verifier identity-based signcryption (pages 434–444)

      Changlu Lin, Fei Tang, Pinhui Ke, Lein Harn and Shengyuan Zhang

      Version of Record online: 28 JUN 2013 | DOI: 10.1002/sec.820

      Thumbnail image of graphical abstract

      A secure channel is required in existing universal designated verifier signature. We introduce the concept of universal designated verifier signcryption without the secure channel. The proposed universal designated verifier identity-based signcryption is secure under the random oracle model.

    6. Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles (pages 445–454)

      Wenjie Yang, Futai Zhang and Limin Shen

      Version of Record online: 23 JUL 2013 | DOI: 10.1002/sec.826

      Thumbnail image of graphical abstract

      At first, we show the insecurity of the certificateless encryption scheme (ZW scheme) presented by Zhang and Wang. After that, we introduce a new efficient certificateless encryption scheme. Our new scheme not only gets rid of the security drawbacks of ZW scheme but also keeps its most distinctive feature of a short public key length.

    7. A local joint fast handoff scheme in cognitive wireless mesh networks (pages 455–465)

      Yuan He, Li Xu and Wei Wu

      Version of Record online: 23 AUG 2013 | DOI: 10.1002/sec.832

      Thumbnail image of graphical abstract

      In this paper, we introduce a local joint fast handoff scheme based on proxy signature, which is suitable for cognitive wireless mesh (CogMesh) scenarios. After the mutual authentication between a mesh client and a mesh router, a session tunnel key is derived and shared between them to protect their sessions. Our scheme can be viewed as a local joint re-authentication scheme without any modification of the IEEE 802.1x authentication architecture.

    8. Efficient public key encryption with revocable keyword search (pages 466–472)

      Yong Yu, Jianbing Ni, Haomiao Yang, Yi Mu and Willy Susilo

      Version of Record online: 24 MAY 2013 | DOI: 10.1002/sec.790

      Thumbnail image of graphical abstract

      We propose the notion of public key encryption with revocable keyword search, which provides a solution to restrict the search power in cloud storage by revoking the search capability of the server. Inspired by the anonymous multi-receivers identity-based encryption proposed by Fan et al., we give a concrete construction of revokable keyword search by dividing the whole life of the system into distinct times and demonstrate the scheme achieves indistinguishability of ciphertexts against an adaptive chosen keywords attack secure under co-decisional bilinear Diffie-Hellman assumption in the random oracle model.

SEARCH

SEARCH BY CITATION