Security and Communication Networks

Cover image for Vol. 9 Issue 5

Early View (Online Version of Record published before inclusion in an issue)

Edited By: Hsiao-Hwa Chen and Hamid R. Sharif

Impact Factor: 0.72

ISI Journal Citation Reports © Ranking: 2014: 54/77 (Telecommunications); 100/139 (Computer Science Information Systems)

Online ISSN: 1939-0122

VIEW

  1. 1 - 100
  2. 101 - 119
  1. Research Articles

    1. A secure image encryption algorithm based on chaotic maps and SHA-3

      Guodong Ye and Xiaoling Huang

      Article first published online: 5 FEB 2016 | DOI: 10.1002/sec.1458

      Thumbnail image of graphical abstract

      To resist efficiently the chosen-plaintext and known-plaintext attacks, a chaotic maps and SHA-3-based image encryption algorithm is proposed in this paper under permutation-diffusion architecture. With an auto-updating system, the control parameter and initial condition of Logistic map are produced according to different plain images in the stage of permutation. Then, in diffusion stage, three initial conditions of 3D chaotic cat map are auto-updated with the help of SHA-3 function to the last sub-block of permuted image performing like one-time pad.

  2. Special Issue Papers

    1. Two new message authentication codes based on APN functions and stream ciphers

      Teng Wu and Guang Gong

      Article first published online: 5 FEB 2016 | DOI: 10.1002/sec.1456

      Thumbnail image of graphical abstract

      This paper presents two new message authentication codes based on almost perfect nonlinear functions. Both message authentication codes have provable security and high efficiency. They are designed for resource-constrained devices, for example, cellphone.

  3. Research Articles

    1. A secure authentication scheme with provable correctness for pay-TV systems

      Hsiao-Ling Wu, Chin-Chen Chang and Chin-Yu Sun

      Article first published online: 4 FEB 2016 | DOI: 10.1002/sec.1449

      Thumbnail image of graphical abstract

      A pay-television (TV) system allows the subscribers to pay for the specific channels they want to watch. If we consider that m users subscribe to n channels in traditional schemes for pay-TV, the time complexity will be O(mn). It is lower efficiency for user on the pay-TV system. But, in this paper, we proposed a novel authentication scheme for pay-TV systems based on Chebyshev chaotic maps, and the time complexity only needs O(m). The purpose of our scheme is focus on efficiency and security. The security and performance analyses showed that our proposed scheme satisfies the essential functionality requirements, with stands potential attacks, and is suitable for real-world practical implementation. Furthermore, the Burrows–Abadi–Needham logic model was used to prove the correctness of our proposed scheme for the mutual authentication between users and the server.

    2. Efficient and robust user authentication scheme that achieve user anonymity with a Markov chain

      Dongwoo Kang, Jaewook Jung, Jongho Mun, Donghoon Lee, Younsung Choi and Dongho Won

      Article first published online: 4 FEB 2016 | DOI: 10.1002/sec.1432

      Thumbnail image of graphical abstract

      Authentication scheme with key agreement is used to overcome security threat in the existing scheme such as Djellali's scheme and its derivatives. We analyze our scheme compared with existing scheme and prove more resistant to various attacks and lower computational cost.

    3. Thwarting location privacy protection in location-based social discovery services

      Minhui Xue, Yong Liu, Keith W. Ross and Haifeng Qian

      Article first published online: 4 FEB 2016 | DOI: 10.1002/sec.1438

      Thumbnail image of graphical abstract

      In this paper, we investigate the user location privacy leakage problem in location-based social discovery (LBSD) services reporting distances in discrete bands. Using number theory, we analytically show that by strategically placing multiple virtual probes with fake Global Positioning System locations, one can nevertheless localize user locations in band-based LBSD. Our methodology is guaranteed to localize any reported user within a circle of radius no greater than one meter, even for LBSD services using large bands(such as 100 m as used by WeChat).

  4. Special Issue Papers

    1. Color images steganalysis using rgb channel geometric transformation measures

      Hasan Abdulrahman, Marc Chaumont, Philippe Montesinos and Baptiste Magnier

      Article first published online: 4 FEB 2016 | DOI: 10.1002/sec.1427

      Thumbnail image of graphical abstract

      A novel method proposed two types of features, computed between color image channels. The first type of feature reflects local Euclidean transformations and the second one reflects mirror transformations. These geometric measures are obtained by sine and cosine of gradients angles between all the color channels to increase the detectability of hidden messages in the color images.

    2. Pitch-based steganography for Speex voice codec

      Artur Janicki

      Article first published online: 3 FEB 2016 | DOI: 10.1002/sec.1428

      Thumbnail image of graphical abstract

      The article presents an improved version of a steganographic algorithm for IP telephony called HideF0. It is based on approximating the F0 parameter, responsible for conveying information about the pitch. The bits saved due to simplification of the pitch contour are used for the hidden transmission. When working with the Speex codec, HideF0 was able to create hidden channels with steganographic bandwidths of around 200 bps at the expense of a steganographic cost of between 0.5 and 0.7 MOS.

    3. Steganalysis of analysis-by-synthesis speech exploiting pulse-position distribution characteristics

      Hui Tian, Yanpeng Wu, Chin-Chen Chang, Yongfeng Huang, Jin Liu, Tian Wang, Yonghong Chen and Yiqiao Cai

      Article first published online: 2 FEB 2016 | DOI: 10.1002/sec.1443

      Thumbnail image of graphical abstract

      We present a support-vector-machine-based steganalysis of low bit-rate speech exploiting statistic characteristics of pulse positions. Specifically, we utilize the probability distribution of pulse positions as a long-time distribution feature, extract Markov transition probabilities of pulse positions according to the short-time invariance characteristic of speech signals, and employ joint probability matrices to characterize the pulse-to-pulse correlation. The experimental results demonstrate that the proposed method significantly outperforms the previous ones on detection accuracy, false positive rate, and false negative rate.

  5. Research Articles

    1. Efficient chosen ciphertext secure identity-based encryption against key leakage attacks

      Shi-Feng Sun, Dawu Gu and Shengli Liu

      Article first published online: 2 FEB 2016 | DOI: 10.1002/sec.1429

      Thumbnail image of graphical abstract

      We put forward two new leakage-resilient chosen ciphertext attack (CCA)2 secure identity-based encryption schemes in this work. The first overcomes the undesirable shortcoming that the leakage parameter and the message length depend on each other and thus can tolerate a larger amount of key leakage and support a larger message space. The other is based on Alwen et al.'s scheme, which has the same message space as with Alwen et al. but can achieve a higher leakage ratio up to one-fourth. Thus, it can tolerate a relatively larger amount of leakage and achieve a better security.

    2. EPCS: an efficient and privacy-preserving classification service query framework for SVM

      Hui Zhu, Xiaoxia Liu, Rongxing Lu and Hui Li

      Article first published online: 2 FEB 2016 | DOI: 10.1002/sec.1416

      Thumbnail image of graphical abstract

      An efficient and privacy-preserving classification service query framework is proposed, named EPCS, for the linear kernel support vector machine (SVM) classifier. Based on lightweight multiparty random masking and polynomial aggregation techniques, EPCS preserves the privacy of users' data and SVM classifier efficiently during the process of user query. Detailed security analysis shows its security strength and privacy-preserving ability, and extensive simulation results demonstrate its high efficiency and effectiveness in SVM classification.

    3. A privacy-preserving multi-server authenticated key-agreement scheme based on Chebyshev chaotic maps

      Zuowen Tan

      Article first published online: 2 FEB 2016 | DOI: 10.1002/sec.1424

      Thumbnail image of graphical abstract

      We present a password-based authenticated key agreement protocol for multi-server environments by using Chebyshev chaotic maps. The proposed scheme has removed the weakness of multi-server authenticated key agreement schemes, which adopt the architecture of two-level servers. After a user has finished the first login to a service providing server, the control server is not required to be online for the user's subsequent logins. It is provably secure under the CDH assumption of Chebyshev polynomials in the random oracle model. Moreover, it offers the user and server with privacy-preserving, that is, anonymity and untraceability. Any adversary can neither figure out the identities of users or the identities of service providing servers nor link different sessions with a user or a server.

    4. Detecting JitterBug covert timing channel with sparse embedding

      Jiangtao Zhai, Mingqian Wang, Guangjie Liu and Yuewei Dai

      Article first published online: 1 FEB 2016 | DOI: 10.1002/sec.1440

      Thumbnail image of graphical abstract

      The detection scheme mainly contains three parts: statistical range determination, histogram modeling, and calmative distribution function calculation. Then, the K–S method is used to give the detection results. Finally, the multi-reference model and updating strategy are further proposed.

    5. Security bootstrapping of mobile ad hoc networks using identity-based cryptography

      Kamal Adli Mehr and Javad Musevi Niya

      Article first published online: 1 FEB 2016 | DOI: 10.1002/sec.1423

      Thumbnail image of graphical abstract

      Key management (KM) plays significant role in the security of mobile ad-hoc networks. Proposed identity-based KM methods usually assume a trusted set of nodes during network initialization, which is not the case in many real-world applications. In this paper, a novel identity-based KM method is proposed based on Pedersen's verifiable secret sharing, which provides high levels of availability and scalability, while eliminating single point of failure. Furthermore, the proposed method provides a mechanism to check the validity of secret shares.

    6. AD-ASGKA – authenticated dynamic protocols for asymmetric group key agreement

      Mingchu Li, Xiaodong Xu, Cheng Guo and Xing Tan

      Article first published online: 26 JAN 2016 | DOI: 10.1002/sec.1420

      Thumbnail image of graphical abstract

      This paper proposes a one-round authenticated dynamic protocol for asymmetric group key agreement. The analysis shows that the proposals in this paper can resist active attacks and meet many desirable security attributes. Besides, our protocol allows users to join or leave the group at the same time. Furthermore, the protocol is round-optimal and has a quite good performance as compared with previous works.

    7. Root cause diagnosis in error-propagating networks

      Eunsoo Seo, Gulustan Dogan, Tarek Abdelzaher and Theodore Brown

      Article first published online: 14 JAN 2016 | DOI: 10.1002/sec.1415

      Thumbnail image of graphical abstract

      Various types of errors can propagate in networks. In many cases, it is very hard to find the root cause of such errors without complete knowledge of the error propagation. We aim to find the root cause node when there is limited information about error propagation. With real networks from various domains, our algorithms are shown to be very effective.

    8. An authentication scheme with identity-based cryptography for M2M security in cyber-physical systems

      Shuo Chen, Maode Ma and Zhenxing Luo

      Article first published online: 14 JAN 2016 | DOI: 10.1002/sec.1407

      Thumbnail image of graphical abstract

      This paper proposed an authentication scheme applying authenticated identity-based cryptography (IBC) without key-escrow (AIBCwKE) mechanism to mutually authenticate the mobile devices, environmental devices, and the M2M service provider (MSP). The key-escrow free feature of the AIBCwKE mechanism ensures that the whole system does not hold the key escrow problem. The authenticated feature of the AIBCwKE mechanism enables the communication entities to authenticate the transmitting messages through encrypting them, which omits the trouble of signature management to save computational and communication resource.

    9. Relay selection scheme for amplify-and-forward cooperative communication system with artificial noise

      Nan Run Zhou, Xiao Rong Liang, Zhi Hong Zhou and Ahmed Farouk

      Article first published online: 14 JAN 2016 | DOI: 10.1002/sec.1425

      Thumbnail image of graphical abstract

      A novel scheme combining relay selection with artificial noise for amplify-and-forward cooperative communication system in the presence of an eavesdropper is designed, which finds out the optimal location of the relay node. If there is no relay node at the optimal location, then the suboptimal relay node can be found out by drawing circles centered on the optimal location.

    10. Cryptanalysis of a certificateless aggregate signature scheme

      Liangliang Wang, Kefei Chen, Yu Long and Huige Wang

      Article first published online: 13 JAN 2016 | DOI: 10.1002/sec.1421

      Thumbnail image of graphical abstract

      In this paper, two attacks are firstly provided, so as to indicate that the certificateless signature scheme proposed by Chen et al. is insecure against a Type I adversary and a Type II adversary. And then, it is demonstrated that the certificateless aggregate signature scheme, which is extended from the certificateless signature scheme, cannot achieve their expected security levels because of the weaknesses of the certificateless signature scheme.

  6. Special Issue Papers

    1. Effectiveness of file-based deduplication in digital forensics

      Sebastian Neuner, Martin Schmiedecker and Edgar Weippl

      Article first published online: 13 JAN 2016 | DOI: 10.1002/sec.1418

      Thumbnail image of graphical abstract

      In this paper, it is shown on a real-world corpus how an improved forensic process reduces the required storage for a forensic investigation. By applying this improved approach on this 16 disks large corpus, the reduction of required storage is above 22%.

  7. Research Articles

    1. A novel chaos-based encryption algorithm over TCP data packet for secure communication

      Ünal Çavuşoğlu, Akif Akgül, Sezgin Kaçar, İhsan Pehli̇van and Ahmet Zengi̇n

      Article first published online: 13 JAN 2016 | DOI: 10.1002/sec.1414

      Thumbnail image of graphical abstract

      In this study, a new algorithm that can encrypt data on TCP data segment by using novel chaotic random number generator (RNG) was developed. Dynamic analyses of the chaotic system to be used were made, and the original pseudo RNG with new approach was designed. The performance of the encryption, memory usage, and encryption and decryption times were analysed by comparison on different security algorithms. According to tests and analyses results, this chaos-based encryption has a high-level of performance and security.

    2. An Android based new German eID solution for policy making processes

      Yacine Rebahi, Mateusz Khalil, Simon Hohberg and Pascal Lorenz

      Article first published online: 11 JAN 2016 | DOI: 10.1002/sec.1413

      Thumbnail image of graphical abstract

      Design and development of a novel mobile-based opinion casting solution enable citizens, without limitation in time and space, to participate to policy making processes, while their privacy is protected, and their anonymity is ensured. This solution supports both general IdPs such as OpenSSO and OpenID as well as the new European eID cards.

    3. Robust anonymous two-factor authenticated key exchange scheme for mobile client-server environment

      Yanrong Lu, Lixiang Li, Haipeng Peng and Yixian Yang

      Article first published online: 11 JAN 2016 | DOI: 10.1002/sec.1419

      Thumbnail image of graphical abstract

      We analyzed the security flaws of the scheme of Xie et al. We presented an enhanced scheme regarding performance and security properties. The highlight of our scheme is that it not only conquers the flaws but also is efficient compared with other related authenticated key agreement schemes.

    4. Cryptanalysis and improvement of a chaotic maps-based anonymous authenticated key agreement protocol for multiserver architecture

      Yanrong Lu, Lixiang Li, Haipeng Peng and Yixian Yang

      Article first published online: 11 JAN 2016 | DOI: 10.1002/sec.1417

      Thumbnail image of graphical abstract

      We analyzed the security flaws of the Tsai scheme. We presented an enhanced scheme regarding performance and security properties. The highlight of our scheme is that it not only conquers the flaws but also is efficient compared with other related authenticated key agreement schemes.

    5. A novel approach for spam email detection based on shifted binary patterns

      Yılmaz Kaya and Ömer Faruk Ertuğrul

      Article first published online: 11 JAN 2016 | DOI: 10.1002/sec.1412

      Thumbnail image of graphical abstract

      In this study; we have proposed a novel approach based on the probability of using characters with respect to their UTF-8 value by employing shifted one-dimensional local binary pattern (shifted-1D-LBP). Shifted-1D-LBP was used to extract quantitative features from e-mails in spam e-mail detection. To validate the performance of the proposed approach, three benchmark corpora were used. Analysis and promising experimental results indicate that the proposed approach is a very competitive feature extraction method in spam e-mail filtering.

    6. Novel secure VPN architectures for LTE backhaul networks

      Madhusanka Liyanage, Pardeep Kumar, Mika Ylianttila and Andrei Gurtov

      Article first published online: 11 JAN 2016 | DOI: 10.1002/sec.1411

      Thumbnail image of graphical abstract

      This paper proposes two secure virtual private network architectures for the long-term evolution (LTE) backhaul network based on Internet key exchange version 2 mobility and multihoming protocol and host identity protocol. Both architectures satisfy a complete set of 3GPP backhaul security requirements such as authentication, authorization, payload encryption, and privacy protection. The security analysis and simulation results verify that the proposed architectures are capable enough to protect LTE backhaul traffic against various IP-based attacks.

    7. PFX: an essence of authencryption for block-cipher security

      Tzonelih Hwang and Prosanta Gope

      Article first published online: 11 JAN 2016 | DOI: 10.1002/sec.1410

      Thumbnail image of graphical abstract

      This article presents a new concept called for ensuring privacy integrity together in a single pass. This approach can be in-cooperated with other modes such that they can ensure integrity support.

    8. Mitigating insider threat in cloud relational databases

      Qussai Yaseen, Qutaibah Althebyan, Brajendra Panda and Yaser Jararweh

      Article first published online: 5 JAN 2016 | DOI: 10.1002/sec.1405

      Thumbnail image of graphical abstract

      The paper tackles insider threat in cloud relational database systems. It proposes four models, which are peer-to-peer model, centralized model, Mobile-Knowledgebases model, and Guided Mobile-Knowledgebases model, and it discusses their advantages as well as their limitations. These models help access control models for detecting and preventing insider threat

    9. Provably secure group key agreement protocol based on ECDH with integrated signature

      Vankamamidi S. Naresh and Nistala V. E. S. Murthy

      Article first published online: 29 DEC 2015 | DOI: 10.1002/sec.1402

      Thumbnail image of graphical abstract

      The paper proposes a dynamic authenticated contributory group key agreement, based on elliptic curve Diffie-Hellman with integrated signature, and analyzed its formal security model and performance. The theoretical analysis shows that dynamic authenticated contributory group key agreement is the best protocol in overall performance among the popular discrete logarithm problem-based and elliptic curve discrete logarithm problem-based schemes discussed in this paper. Further from experimental and simulation results, theoretical estimates, one can see that our protocol matches theory well.

    10. Investigation of security issues for service-oriented network architecture

      Bhawana Rudra and Om Prakash Vyas

      Article first published online: 28 DEC 2015 | DOI: 10.1002/sec.1397

      Thumbnail image of graphical abstract

      This paper discusses about service-oriented network architecture along with various security issues. Although the users are authenticated and authorized in a service-oriented network architecture, the brokers may get busy in the network fulfilling the requests of various users, which may lead to a distributed denial-of-service (DDoS) attack. To avoid a DDoS attack, a detection and filtering method has been proposed to overcome it based on MAC address and hop counts from source to destination.

    11. Tweakable parallel OFB mode of operation with delayed thread synchronization

      Boris Damjanović and Dejan Simić

      Article first published online: 27 DEC 2015 | DOI: 10.1002/sec.1404

      Thumbnail image of graphical abstract

      In this paper, we examine the performance of the proposed parallel mode of operation that utilizes tweakable parallel encryption using xor encrypt xor and xor encrypt constructions in output feedback (OFB)-like mode. New design is based on the fact that in OFB mode of operation, block cipher decryption operation is not needed and that OFB mode is very similar to a stream cipher [1]. In realization of its design, we use construction similar to XTS-AES tweakable block cipher [2] and combine it with OFB mode of operation. Finally, we differentiate the design of two new modes of operation by using xor encrypt xor and xor encrypt constructions [3]. Regarding the known literature, there is no available study that considers the acceleration of the standard OFB mode performance.

    12. A stochastic model for the size of worm origin

      Tala Tafazzoli and Babak Sadeghiyan

      Article first published online: 27 DEC 2015 | DOI: 10.1002/sec.1403

      Thumbnail image of graphical abstract

      In Back-to-Origin models, the time runs backwards. In stochastic Back-to-Origin model, the number of alleged nodes, which are initially infectious nodes, is estimated probabilistically. Stochastic Back-to-Origin Markov model predicts the number of infectious nodes at each time point.

    13. Security analysis of Khudra: a lightweight block cipher for FPGAs

      Yibin Dai and Shaozhen Chen

      Article first published online: 22 DEC 2015 | DOI: 10.1002/sec.1409

      Thumbnail image of graphical abstract

      In this paper, we analyze the lightweight block cipher Khudra for FPGAs. By studying its key schedule algorithm and discussing the round function, we present related-key differential attack and related-key rectangle attack on 16-round Khudra and full Khudra without whitening keys. Besides, we present a related-key impossible differential attack on 14-round without pre-whitening keys. These are the best results on Khudra, which provide a helpful understanding of Khudra security evaluation against related-key attack.

  8. Review Articles

    1. Survey of return-oriented programming defense mechanisms

      Yefeng Ruan, Sivapriya Kalyanasundaram and Xukai Zou

      Article first published online: 21 DEC 2015 | DOI: 10.1002/sec.1406

      Thumbnail image of graphical abstract

      It provides numerous types of defense mechanisms for return-oriented programming attack, including compiletime methods that add checking logic to the program code before compilation, dynamic methods that monitor the control-flow integrity during execution and randomization methods that aim at randomizing instruction locations. This paper discusses these different static, dynamic, and randomization techniques proposed recently and compares the techniques based on their effectiveness and performances.

    2. A survey of lightweight stream ciphers for embedded systems

      Charalampos Manifavas, George Hatzivasilis, Konstantinos Fysarakis and Yannis Papaefstathiou

      Article first published online: 21 DEC 2015 | DOI: 10.1002/sec.1399

      Thumbnail image of graphical abstract

      Stream ciphers are very relevant in ubiquitous computing applications, as they can be used to secure applications where the plaintext length is either unknown or continuous. This paper provides a survey of 31 lightweight implementations of stream ciphers in embedded hardware and software, along with pertinent authenticated encryption schemes. Only six of them are found to be secure by independent cryptanalysis. A performance analysis is included, and the most appropriate secure solutions are mapped to different types of applications.

  9. Research Articles

    1. Flashing displays: user-friendly solution for bootstrapping secure associations between multiple constrained wireless devices

      Tonko Kovačević, Toni Perković and Mario Čagalj

      Article first published online: 18 DEC 2015 | DOI: 10.1002/sec.1400

      Thumbnail image of graphical abstract

      One of the major challenges to securing wireless sensor networks presents loading initial cryptographic credentials into a relatively large number of interface constrained wireless devices (lacking usual wired interfaces, displays, keypads, and alike). In this paper, two novel multichannel key deployment schemes for secure network bootstrapping that involve communication over a regular high bandwidth radio channel and a visible light channel are presented. Communication over a visible light channel requires a light source device (multi-touch screen) and a light sensor.

    2. Provably secure identity-based encryption resilient to post-challenge continuous auxiliary input leakage

      Jiguo Li, Yuyan Guo, Qihong Yu, Yang Lu and Yichen Zhang

      Article first published online: 18 DEC 2015 | DOI: 10.1002/sec.1396

      Thumbnail image of graphical abstract

      In this paper, we propose a semantic-security model with post-challenge continuous auxiliary inputs for identity-based encryption. Furthermore, we present an identity-based encryption scheme resilient to leakage under composite order groups. Our scheme is secure against post-challenge continuous auxiliary input, adaptive chosen-identity, and adaptive chosen plaintext attacks under three static assumptions in the standard model. Compared with existing identity-based encryption schemes under security properties and performance, our scheme is practical.

    3. Security analysis of network protocols through model checking: a case study on mobile IPv6

      Zohreh Saffarian Eidgahi and Vahid Rafe

      Article first published online: 16 DEC 2015 | DOI: 10.1002/sec.1401

      Thumbnail image of graphical abstract

      In this article we propose a timed automata based method for formal verification of network protocols' security properties with the appropriate abstraction level of the protocol model using the UPPAAL real time model checker. We apply our method to analyze Mobile Internet Protocol version 6 (MIPv6) and show how to avoid state space explosion using time concepts in protocol model.

    4. A secure white-box SM4 implementation

      Kunpeng Bai and Chuankun Wu

      Article first published online: 16 DEC 2015 | DOI: 10.1002/sec.1394

      Thumbnail image of graphical abstract

      This paper presents a new lookup-table-based white-box implementation for the Chinese block cipher standard SM4, which can resist a series of white-box attacks. It requires 32.5 MB of memory to store the lookup tables and is about nine times as fast as the previous Xiao–Lai white-box SM4 implementation.

    5. A hybrid image encryption algorithm using chaos and Conway's game-of-life cellular automata

      Brindha Murugan, Ammasai Gounden Nanjappa Gounder and Sriram Manohar

      Article first published online: 16 DEC 2015 | DOI: 10.1002/sec.1386

      Thumbnail image of graphical abstract

      A complex matrix generated from the plain image is used as an additional component in the diffusion process, which enables the encrypted image to exhibit a strong sensitivity to the input image. The performance metrics obtained on the developed algorithm such as high key space, ideal number of pixels change rate and unified average changing intensity (UACI) values, and very less correlation among the adjacent pixels demonstrate the high effectiveness and security features of the proposed algorithm.

    6. Intrusion detection algorithm based on OCSVM in industrial control system

      Wenli Shang, Peng Zeng, Ming Wan, Lin Li and Panfeng An

      Article first published online: 10 DEC 2015 | DOI: 10.1002/sec.1398

      Thumbnail image of graphical abstract

      The intrusion detection system is established by using OCSVM algorithm, and the PSO is used to optimize parameters, which can detect the potential attack in multiple Modbus packets and has a better detection performance.

    7. Home area network accountability with varying consumption devices in smart grid

      Eric McCary and Yang Xiao

      Article first published online: 9 DEC 2015 | DOI: 10.1002/sec.1393

      Thumbnail image of graphical abstract

      This paper addresses accountability of devices in the home area network by providing a witness-based method for more accurate monitoring and estimation of the energy usage for devices whose power consumption varies while these devices are powered on.

    8. Security analysis of online digital goods business based on stochastic game net model

      Junjie Lv and Chen Zhao

      Article first published online: 9 DEC 2015 | DOI: 10.1002/sec.1381

      Thumbnail image of graphical abstract

      This paper uses a dynamic, visible method to simulate a process game of an online digital goods business. Besides that, it figures out a risk evaluation system regarding the online digital goods business. Finally, this paper tests the practical value of the model and evaluation system through an example. Based on the result of the example, several valuable suggestions are provided in the meantime.

    9. Security approach to controlling access to personal health records in healthcare service

      Tzer-Long Chen, Yu-Ting Liao, Yi-Fan Chang and Jen-Hung Hwang

      Article first published online: 3 DEC 2015 | DOI: 10.1002/sec.1387

      Thumbnail image of graphical abstract

      This figure indicates the member authority access matrix for personal health records. Using matrix is easier to access control, especially the numerical meanings; 1 is for the users with access authority and 0 is for the ones without authority access. According to the previous method, it could provide a high-security mechanism for accessing control personal health records. Otherwise, it could also improve TS Chen's (2012) methodology and consolidate the security and solve security problems of accessing personal health records in medical environments. The method proposed in this study not only could protect the members of the system and patients' privacy of their personal health records and information but could stop the entry of illegal attackers.

    10. Many-to-one homomorphic encryption scheme

      Hong Zhong, Jie Cui, Runhua Shi and Chao Xia

      Article first published online: 1 DEC 2015 | DOI: 10.1002/sec.1395

      Thumbnail image of graphical abstract

      In this paper, we combine the homomorphic encryption concept with the cryptography form of “multi-party encryption, one-party decryption” to propose the “many-to-one” homomorphic encryption scheme. The complexity analysis along with a comparative study of our scheme is with the existing schemes. Based on the construction of our proposed many-to-one scheme, a multi-level “many-to-one” homomorphic encryption scheme is also proposed.

    11. User-friendly random-grid-based visual secret sharing for general access structures

      Liaojun Pang, Deyu Miao and Chunfeng Lian

      Article first published online: 26 NOV 2015 | DOI: 10.1002/sec.1392

      Thumbnail image of graphical abstract

      To overcome the data management problem in random-grid-based visual secret sharing (RGVSS) for general access structures (GASs), in our paper, we use the meaningful images as shares. By stamping the gray-scale images with the shares generated from the traditional RGVSS, a novel user-friendly random-grid-based visual secret sharing (UFRGVSS) scheme for GASs was proposed, in which the resulting shares can be any meaningful gray-scale images. Our work may be the first attempt to construct the UFRGVSS scheme for GASs.

    12. A novel self-checking ad hoc routing scheme against active black hole attacks

      Ruo Jun Cai, Xue Jun Li and Peter Han Joo Chong

      Article first published online: 26 NOV 2015 | DOI: 10.1002/sec.1390

      Thumbnail image of graphical abstract

      In this paper, we propose a distributed self-checking defense mechanism that can be easily implemented on top of the existing ad hoc routing protocols. This proposed defense mechanism is capable of detecting not only conventional active black hole attackers but also colluded attackers. Even the internal attackers who know the security mechanism cannot get any benefit to launch the black hole attacks.

    13. An ensemble method for detecting shilling attacks based on ordered item sequences

      Fuzhi Zhang and Honghong Chen

      Article first published online: 26 NOV 2015 | DOI: 10.1002/sec.1389

      Thumbnail image of graphical abstract

      This work presents an ensemble method for detecting shilling attacks in recommender systems. We first construct ordered popular item sequences and ordered novelty item sequences by analyzing the differences of rating patterns between genuine and attack profiles, and based on which the popular and novelty item rating series are constructed for each user profile. Then we propose six features to characterize the attack profiles, and based on these features, we devise an ensemble classification model to detect shilling attacks.

    14. The value of flow size distribution in entropy-based detection of DoS attacks

      Ilija Basicevic, Stanislav Ocovaj and Miroslav Popovic

      Article first published online: 16 NOV 2015 | DOI: 10.1002/sec.1391

      Thumbnail image of graphical abstract

      This paper investigates the use of flow size distribution as a source in entropy-based detection of DoS attacks. Its performance is compared with a detector that uses the distribution of addresses as the source. The results show significant advantages of flow size distribution.

    15. Robust stream-cipher mode of authenticated encryption for secure communication in wireless sensor network

      Tzonelih Hwang and Prosanta Gope

      Article first published online: 16 NOV 2015 | DOI: 10.1002/sec.1388

      Thumbnail image of graphical abstract

      This article proposes two stream-cipher modes of operation, which can be useful for WSN security.

    16. A dynamic trust management system for wireless sensor networks

      Wei Luo, Wenping Ma and Qiang Gao

      Article first published online: 16 NOV 2015 | DOI: 10.1002/sec.1384

      Thumbnail image of graphical abstract

      This work presents a new secure trust management system for clustered wireless sensor networks (WSNs). Our system employs a hash algorithm for generating identify labels for sensor nodes to distinguish external attackers from normal nodes and dynamically manages the trust value of each node to detect the compromised nodes based on the trust evaluating model, which is based on beta density function. The simulation results show that our scheme can detect the malicious nodes quickly, which prevents clustered WSNs from external attacks and internal compromised nodes' attacks.

    17. Unbalanced tree-formed verification data for trusted platforms

      Donglai Fu, Xinguang Peng and Yuli Yang

      Article first published online: 3 NOV 2015 | DOI: 10.1002/sec.1385

      Thumbnail image of graphical abstract

      The Stored Measurement Log to record the execution history of the attesting system brings efficiency, scalability and privacy problems. We attempt to mitigate them through a new algorithm that uses an unbalanced tree to manage the Stored Measurement Log. The greater the probability of the leaf is, the closer it is to the root. Results show the validation obtains the logarithmic speed-up (O((n/N)lb(n))). Moreover, our scheme demonstrates advantages in privacy protection and scalability.

    18. Light-weight group signatures with time-bound membership

      Lukas Malina, Jan Hajny and Vaclav Zeman

      Article first published online: 30 OCT 2015 | DOI: 10.1002/sec.1383

      Thumbnail image of graphical abstract

      This paper presents a novel privacy-preserving cryptographic protocol for secure many-to-one communication systems. The protocol is based on group signatures with a time-bound membership. The protocol employs batch verification and is designed to achieve efficiency.

  10. Special Issue Papers

    1. Steganographic transmission in optical networks with the use of direct spread spectrum technique

      Pawel Laka and Lukasz Maksymiuk

      Article first published online: 30 OCT 2015 | DOI: 10.1002/sec.1379

      Thumbnail image of graphical abstract

      This paper presents a novel method of hidden data transmission in the physical layer of the optical networks. It is based on direct spread spectrum technique, which is a simplistic and robust approach. There has been a description provided of a concept in which public signal sequences and noise in optical networks were used to hide information.

    2. SDN-based Sensitive Information (SI) protection: sensitivity-degree measurement in software and data lifetime supervisor in software defined network

      Letian Sha, Liwen He, Jianming Fu, Jing Sun and Pengwei Li

      Article first published online: 30 OCT 2015 | DOI: 10.1002/sec.1367

      Thumbnail image of graphical abstract

      we propose a new design called software defined networking (SDN) based SI protection, in which sensitivity degree can be measured by using AHP and TOPSIS, and SI covert channel can be detected based on OpenFlow in SDN.

    3. Vulnerabilities of network OS and mitigation with state-based permission system

      Jiseong Noh, Seunghyeon Lee, Jaehyun Park, Seungwon Shin and Brent Byunghoon Kang

      Article first published online: 26 OCT 2015 | DOI: 10.1002/sec.1369

      Thumbnail image of graphical abstract

      In this paper, we identified four major attack vectors that could undermine the following network operating system operations: denial of service, global data manipulation, control plane poisoning, and system shell execution. In addressing these attacks, a permission-based malicious network application detector was introduced to examine the permission set of each application and prevent it from executing without permission.

    4. Design and performance evaluation of a covert timing channel

      Rennie Archibald and Dipak Ghosal

      Article first published online: 15 OCT 2015 | DOI: 10.1002/sec.1336

      Thumbnail image of graphical abstract

      This paper presents the design, implementation, and performance evaluation of a model-based covert timing channel for Skype traffic as the overt carrier. Results show that the timing channel can be established even when the source is connected to a public WiFi network and it is largely non-detectable under well-known statistical tests including the entropy test, the Kolmogorov-Smirnov test, and the Kullback-Leibler divergence test.

    5. A scalable anomaly detection and mitigation architecture for legacy networks via an OpenFlow middlebox

      Kostas Giotis, George Androulidakis and Vasilis Maglaris

      Article first published online: 2 OCT 2015 | DOI: 10.1002/sec.1368

      Thumbnail image of graphical abstract

      In this paper, we investigate the applicability of inserting an OpenFlow middlebox to enhance the remotely triggered black hole routing mechanism, in order to mitigate distributed denial of service attacks in legacy networks. Specifically, we propose a scalable and modular architecture that exploits the network programmability of software-defined networking within the context of network function virtualization, deploying on-demand virtualized network functions capable to manipulate and filter malicious traffic.

    6. Multi-bit watermarking of high dynamic range images based on perceptual models

      Emanuele Maiorana and Patrizio Campisi

      Article first published online: 16 SEP 2015 | DOI: 10.1002/sec.1345

      Thumbnail image of graphical abstract

      This work presents a blind multi-bit watermarking method, exploiting several properties of the human visual system, specifically designed for high dynamic range (HDR) images. The effectiveness of the proposed approach is evaluated over 15 HDR images, in terms of both mark imperceptibility and robustness against tone-mapping operators (TMOs).

    7. Lightweight and ultralightweight RFID mutual authentication protocol with cache in the reader for IoT in 5G

      Kai Fan, Yuanyuan Gong, Chen Liang, Hui Li and Yintang Yang

      Article first published online: 3 AUG 2015 | DOI: 10.1002/sec.1314

      Thumbnail image of graphical abstract

      For secure authentication in low-cost RFID system, we propose a lightweight RFID mutual authentication protocol with cache in the reader. The protocol can greatly reduce the computational and transmission cost. Especially, it can reduce computational costs greatly when a large number of tags want to be authenticated. We prove the correctness of LRMAPC using GNY logic. Furthermore, we developed LRMAPC into an ultralightweight authentication protocol, and it also achieves stronger security and higher efficiency in storage and computation cost.

    8. MDE-based image steganography with large embedding capacity

      Zhaoxia Yin and Bin Luo

      Article first published online: 22 JUN 2015 | DOI: 10.1002/sec.1275

      Thumbnail image of graphical abstract

      This paper proposed an image steganographic scheme with both high embedding capacity and good embedding quality. A cover pixel pair can be modified to imply one or two 9-ary digits according to different payloads. The modification directions are defined by the reference matrix with special features. Differing from past work by others, this method fully explores the potential of embedding space in the reference matrix and improves the embedding payload. Experimental results demonstrate high embedding capacity as well as good image quality and security.

    9. A changeable personal identification number-based keystroke dynamics authentication system on smart phones

      Ting-Yi Chang, Cheng-Jung Tsai, Wang-Jui Tsai, Chun-Cheng Peng and Han-Sing Wu

      Article first published online: 22 MAY 2015 | DOI: 10.1002/sec.1265

      Thumbnail image of graphical abstract

      In this paper, a novel keystroke dynamics-based authentication (KDA) system by which the users could change their passwords anytime without retraining is proposed. According to the experimental results, the proposed predictable mechanism does scaffold the KDA system to accurately distinguish legitimate users from impostors when the users changed their passwords.

    10. You have full text access to this OnlineOpen article
      Policy-based communications for 5G mobile with customer edge switching

      Raimo Kantola, Jesus Llorente Santos and Nicklas Beijar

      Article first published online: 11 MAY 2015 | DOI: 10.1002/sec.1253

      Thumbnail image of graphical abstract

      This paper suggests controlling all traffic admissions in 5G using policies. The paper describes how by extending network address translators to cooperative firewalls, hosts in a private address space can communicate smoothly with hosts in another private address space, while flow admission is controlled by policy. Policies executed by edge nodes eliminate source address spoofing and DDoS and can blend the boundary of open and closed networks helping to provide ultra-reliable networking and supporting the idea of “Anything-as-a-Service”.

    11. SecIoT: a security framework for the Internet of Things

      Xin Huang, Paul Craig, Hangyu Lin and Zheng Yan

      Article first published online: 11 MAY 2015 | DOI: 10.1002/sec.1259

      Thumbnail image of graphical abstract

      This paper includes an investigation into the security requirements of three different characteristic Internet of Things (IoT) scenarios (concretely, body IoT, home IoT, and hotel IoT), a design of new authentication mechanisms, and an access control subsystem with fine-grained roles and risk indicators. Our prototype security framework gives us an insight into some of the major difficulties of IoT security and provides some feasible solutions.

    12. ShoVAT: Shodan-based vulnerability assessment tool for Internet-facing services

      Béla Genge and Călin Enăchescu

      Article first published online: 11 MAY 2015 | DOI: 10.1002/sec.1262

      Thumbnail image of graphical abstract

      This paper expands the features exposed by Shodan with vulnerability assessment capabilities embedded into a novel tool called ShoVAT. ShoVAT takes the output of traditional Shodan queries and performs an in-depth analysis of service-specific data. Extensive comparison is performed between ShoVAT's features and the capabilities exposed by tools such as nmap, ZenMap, p0f, PRADS, Nessus, NetGlean, SinFP, and Hershel. The experiments conducted on 1501 services in 12 different institutions revealed a total of 3922 known vulnerabilities.

    13. Fusion: coalesced confidential storage and communication framework for the IoT

      Ibrahim Ethem Bagci, Shahid Raza, Utz Roedig and Thiemo Voigt

      Article first published online: 30 APR 2015 | DOI: 10.1002/sec.1260

      Thumbnail image of graphical abstract

      Fusion uses existing secure communication protocols for the Internet of Things (IoT) such as Internet protocol security (IPsec) and datagram transport layer security (DTLS) and re-uses the defined communication security mechanisms within the storage component. Thus, trusted mechanisms developed for communication security are extended into the storage space. Notably, this mechanism allows us to transmit requested data directly from the file system without decrypting read data blocks and then re-encrypting these for transmission.

    14. SAFE-CROWD: secure task allocation for collaborative mobile social network

      Xiaochen Fan, Panlong Yang, Qingyu Li, Dawei Liu, Chaocan Xiang and Yonggang Zhao

      Article first published online: 30 APR 2015 | DOI: 10.1002/sec.1261

      Thumbnail image of graphical abstract

      Inthiswork,weinvestigatehowtosecurethesecuritywhentaskcollaborationsareallowedformobile users.Weleveragethe‘ballandbin'theoryfortaskassignmentandpropose‘SAFE-CROWD’:asecure taskoffloadingandreassignmentschemeamongmobileusers.Simulation-driveandtrace-drivenstudies haveshownthatoursimplebuteffectiveschemecouldenhancesecuritywhenthetasksarecollaboratively executedamongmobiledevices.

    15. A study on SW-Blackbox to ensure the reliability of content distribution using file system event monitoring of online service providers

      Sang-Ho Seo, Byung-Ok Jung, Byung-Su Koh and James Jeong

      Article first published online: 22 APR 2015 | DOI: 10.1002/sec.942

      Thumbnail image of graphical abstract

      This paper proposes an SW-Blackbox technical method using file system event monitoring to verify the reliability of online service providers that operate file hosting services (Web Hard). This method prevents the bypassing of filtering solutions and the omission, fabrication, and altering of transaction-related logs for the intentional distribution of illegal content.

    16. A security and trust framework for virtualized networks and software-defined networking

      Zheng Yan, Peng Zhang and Athanasios V. Vasilakos

      Article first published online: 26 MAR 2015 | DOI: 10.1002/sec.1243

      Thumbnail image of graphical abstract

      This paper indicates open research issues and future research directions of 5G security and trust in the context of virtualized networking and SDN. We propose a framework of security and trust focusing on solving 5G network security issues. The proposed framework applies adaptive trust evaluation and management technologies and sustainable trusted computing technologies to ensure computing platform trust and achieve software-defined network security. It adopts cloud computing to securely deploy various trustworthy security services over the virtualized networks.

    17. A privacy-preserving distance-based incentive scheme in opportunistic VANETs

      Jun Song, ChunJiao He, Fan Yang and HuanGuo Zhang

      Article first published online: 25 MAR 2015 | DOI: 10.1002/sec.1211

      Thumbnail image of graphical abstract

      This paper proposes an efficient privacy-preserving distance-based incentive scheme especially for opportunistic vehicular ad-hoc networks. This proposed scheme describes a novel opportunistic routing framework to provide three properties: the confidentiality of nodes location information, the integrity of the message carried distance, and the availability of location privacy preserving. A comprehensive performance, including security analysis, and performance evaluation, is presented to show that the proposed framework is secure, efficient, and practical.

    18. An ID-based node key management scheme based on PTPM in MANETs

      Guang Yang, Jiqiang Liu and Lei Han

      Article first published online: 12 MAR 2015 | DOI: 10.1002/sec.1206

      Thumbnail image of graphical abstract

      The combined public key based on elliptic-curve cryptography was adopted in our identity-based key management scheme. The keys were protected and managed by the next generation protected storage of portable trusted platform module. We show that our scheme is semantically secure under the elliptic-curve DDH assumption. Also, the performance evaluation of proposed scheme in a real-world ad hoc network indicates the feasibility in practice.

    19. A secure energy-efficient access control scheme for wireless sensor networks based on elliptic curve cryptography

      Yuanyuan Zhang, Neeraj Kumar, Jianhua Chen and Joel J.  P.  C. Rodrigues

      Article first published online: 19 FEB 2015 | DOI: 10.1002/sec.1230

      Thumbnail image of graphical abstract

      Recently, Chi et al. proposed an improved energy-efficient access-control scheme for wireless sensor networks based on elliptic curve cryptography. In this article, we point out that their scheme cannot withstand the replay attack. And there is a flaw in their scheme. To surmount the weakness of the Chi et al. scheme, we propose a secure energy-efficient access-control scheme for wireless sensor networks based on elliptic curve cryptography. In addition, we prove that our scheme is secure and efficient.

    20. Toward a flexible and fine-grained access control framework for infrastructure as a service clouds

      Bo Li, Jianxin Li, Lu Liu and Chao Zhou

      Article first published online: 17 FEB 2015 | DOI: 10.1002/sec.1216

      Thumbnail image of graphical abstract

      A flexible and fine-grained access control framework, named IaaS-oriented Hybrid Access Control (iHAC), is proposed in this paper. iHAC designs a permission transition model to dynamically assign permissions to virtual machines and regulates the behaviors of virtual machines in a fine-grained manner.

    21. A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity

      Xiong Li, Jianwei Niu, Saru Kumari, Junguo Liao, Wei Liang and Muhammad Khurram Khan

      Article first published online: 16 FEB 2015 | DOI: 10.1002/sec.1214

      Thumbnail image of graphical abstract

      This paper points out some security flaws the authentication protocol of He et al.s for healthcare applications using wireless medical sensor networks. Besides, a new three-factor user-anonymous authentication protocol based on wireless medical sensor networks is proposed. Some security analysis and comparisons are done to illustrate the efficiency and security of the protocol.

  11. Special Issue Paper

    1. Constructing authentication web in cloud computing

      Gansen Zhao, Zhongjie Ba, Xinming Wang, Feng Zhang, Changqin Huang and Yong Tang

      Article first published online: 13 FEB 2015 | DOI: 10.1002/sec.1202

      Thumbnail image of graphical abstract

      This work proposes a cross-domain single sign-on mechanism. It allows service providers to verify user identities in a decentralized way and allows users to unify their identities from various domains in a safe way. The verification process used in this mechanism is able to support hybrid authentication protocols as well as to accelerate the verification of credentials by eliminating single point of failure and single-point bottleneck.

  12. Special Issue Papers

    1. An intrusion detection method for wireless sensor network based on mathematical morphology

      Yanwen Wang, Xiaoling Wu and Hainan Chen

      Article first published online: 11 FEB 2015 | DOI: 10.1002/sec.1181

      Thumbnail image of graphical abstract

      In this paper, " An intrusion detection method for wireless sensor network based on mathematical morphology" written by Yanwen Wang, Xiaoling Wu* and Hainan Chen, an innovative method called Granulometric Size Distribution (GSD) method is proposed based on mathematical morphology for detecting malicious attack in IoTs. GSD clusters are successfully generated to monitor the number of active nodes in a wireless sensor network because the GSD curves are similar when the number of active nodes in a wireless sensor network isfixed.

  13. Research Articles

    1. Intrusion detection techniques for mobile cloud computing in heterogeneous 5G

      Keke Gai, Meikang Qiu, Lixin Tao and Yongxin Zhu

      Article first published online: 11 FEB 2015 | DOI: 10.1002/sec.1224

      Thumbnail image of graphical abstract

      This paper proposes a high level framework of using mobile cloud-computing-based Intrusion Detection Systems (IDSs) on mobile applications. The types of IDS are reviewed and synthesized by this paper. Connecting mobile cloud computing platform with IDS techniques is an efficient approach for securing mobile apps in 4G/5G.

  14. Special Issue Papers

    1. You have free access to this content
      Universal steganography model for low bit-rate speech codec

      Shanyu Tang, Qing Chen, Wei Zhang and Yongfeng Huang

      Article first published online: 10 FEB 2015 | DOI: 10.1002/sec.1183

      Thumbnail image of graphical abstract

      The authors proposed a universal VoIP steganography model for covert communications using low bit-rate speech codec that uses the PESQ deterioration rate and the decoding error to automatically choose a data embedding algorithm for each VoIP bitstream. With the proposed model, it achieved the average PESQ deterioration rate of 4.04% (indicating strong imperceptibility) and a high data hiding capacity up to 12 bits/frame (400 bits/second, three times larger than other methods), and could effectively resist the latest steganalysis.

    2. Distributed flood attack detection mechanism using artificial neural network in wireless mesh networks

      Muhammad Altaf Khan, Shafiullah Khan, Bilal Shams and Jaime Lloret

      Article first published online: 4 FEB 2015 | DOI: 10.1002/sec.1204

      Thumbnail image of graphical abstract

      In this paper, we propose an artificial neural network (ANN)-based flood detection mechanism for wireless mesh network. In our simulation, sample dataset used to train and test the ANN is generated using NS-2. Simulation results and real system implementation proved that the proposed mechanism can be used in real network environment to detect intermediate and severe distributed flood attacks with low false positive and false negative rates.

    3. A robust and privacy-preserving aggregation scheme for secure smart grid communications in digital communities

      Shuai Fu, Jianfeng Ma, Hongtao Li and Qi Jiang

      Article first published online: 30 JAN 2015 | DOI: 10.1002/sec.1188

      Thumbnail image of graphical abstract

      We propose a privacy-preserving and secure multi-dimensional aggregation scheme for smart grid communications. Data authentication and integrity protection are performed and proved without disclosing any fine-grained user consumption data by integrating privacy homomorphism encryption with aggregation signature scheme. Security analysis and performance evaluation demonstrate that the proposed scheme can resist various security threats and preserve identity privacy while possessing significantly less communication overhead and computation cost than other existing approaches.

  15. Special Issue

    1. CDMCR: multi-level fault-tolerant system for distributed applications in cloud

      Weizhong Qiang, Changqing Jiang, Longbo Ran, Deqing Zou and Hai Jin

      Article first published online: 28 JAN 2015 | DOI: 10.1002/sec.1187

      Thumbnail image of graphical abstract

      A multi-level fault-tolerant system for distributed applications in cloud named CDMCR is presented. The CDMCR system backups the complete state of applications periodically with a snapshot-based distributed checkpointing protocol, including file system state. Thus, not only the processes can be recovered, but also the related data can be roll-backed. A multi-level recovery strategy is proposed, which includes process-level recovery, virtual machine recreation, and host rescheduling, enabling comprehensive and efficient fault tolerance for different components in cloud.

  16. Special Issue Paper

    1. SAKE: scalable authenticated key exchange for mobile e-health networks

      Weiran Liu, Jianwei Liu, Qianhong Wu, Willy Susilo, Hua Deng and Bo Qin

      Article first published online: 28 JAN 2015 | DOI: 10.1002/sec.1198

      Thumbnail image of graphical abstract

      We model Mobile e-Health Networks (MHN) and formalize a hierarchical network architecture mirroring MHNs in the real world. We present a virtual MHN architecture and propose an efficient authenticated key exchange framework based on the virtual MHN architecture to secure MHNs. Theoretical analyses and experimental results show that scalable authenticated key exchange is secure and scalable, and hence is practical for MHNs.

  17. Special Issue Papers

    1. A formal analysis of Trusted Platform Module 2.0 hash-based message authentication code authorization under digital rights management scenario

      Fajiang Yu, Huanguo Zhang, Bo Zhao, Juan Wang, Liqiang Zhang, Fei Yan and Zhenlin Chen

      Article first published online: 23 JAN 2015 | DOI: 10.1002/sec.1193

      Thumbnail image of graphical abstract

      The authors use the typed pi calculus to describe the Trusted Platform Module (TPM) 2.0 hash-based message authentication code authorization and its security properties under the digital rights management scenario, and use ProVerify to reason that the key handle manipulation attack for TPM 1.2 does not exist anymore in TPM 2.0. But the vulnerability of key blob substitution still exists in TPM 2.0.

    2. An approach of security testing for third-party component based on state mutation

      Jinfu Chen, Jiamei Chen, Rubing Huang, Yuchi Guo and Yongzhao Zhan

      Article first published online: 23 JAN 2015 | DOI: 10.1002/sec.1189

      Thumbnail image of graphical abstract

      In this paper, two test cases generation algorithms are proposed on the basis of state mutation and extended finite state machine, that is, Operations Conflict Sequences Generation Algorithm and Conditions Conflict Sequences Generation Algorithm, which are designed to generate inaccessible sequences of behavior and condition conflicts. These conflict sequences are run. Furthermore, the security detecting algorithms are addressed to detect implicit vulnerabilities of third-party components, and then, testing report of component security is obtained.

    3. Matrix embedding in multicast steganography: analysis in privacy, security and immediacy

      Weiwei Liu, Guangjie Liu and Yuewei Dai

      Article first published online: 14 NOV 2014 | DOI: 10.1002/sec.1168

      Thumbnail image of graphical abstract

      In this paper, the general model of multicast steganography is presented, and the newly spawned problems are discussed including the intergroup privacy, extended embedding efficiency and information retrieval immediacy. Synchronous and asynchronous multicast matrix embedding frameworks are also given respectively.

    4. Mobile middleware platform for secure vessel traffic system in IoT service environment

      Namje Park and Hyo-Chan Bang

      Article first published online: 10 NOV 2014 | DOI: 10.1002/sec.1108

      Thumbnail image of graphical abstract

      This paper suggests, based on the basic service model and protocol provided in the recommendation V-145, the implementation of the Jeju-VTS middleware will facilitate exchange of information on sea traffic. This paper developed a system enabling IVEF service simulation under an Internet of Things environment made possible by improving IVEF software development kit, which is an open source.

    5. Real-time audio steganography attack based on automatic objective quality feedback

      Qilin Qi, Aaron Sharp, Dongming Peng and Hamid Sharif

      Article first published online: 30 OCT 2014 | DOI: 10.1002/sec.1150

      Thumbnail image of graphical abstract

      This paper provides an efficient and effective method to attack the steganography in a real-time basis. The proposed generic method works well against a variety of steganography methods while preserving the cover audio quality by the automatic quality control scheme.

    6. Digital image steganalysis based on local textural features and double dimensionality reduction

      Fengyong Li, Xinpeng Zhang, Hang Cheng and Jiang Yu

      Article first published online: 14 OCT 2014 | DOI: 10.1002/sec.1094

      Thumbnail image of graphical abstract

      This work proposes a spatial steganalysis scheme based on local textural features and double dimensionality reduction. An image is filtered by multiple filters to obtain a number of residual images. By comparing the pixel values with the neighbors' value in each residual image, local textural patterns are employed to form a high-dimensional steganalysis feature set. Then, principle component analysis (PCA) is used twice to perform double dimensionality reduction for high-dimensional textural features. Finally, a textural feature set with low dimensionality is proposed and can be effectively used in steganalysis.

    7. Small target detection using morphology and modified Gaussian distance function

      Jong-Ho Kim, Jun-Jae Park, Sang-Ho Ahn, Deok Gyu Lee, Daesung Moon and Sang-Kyoon Kim

      Article first published online: 11 SEP 2014 | DOI: 10.1002/sec.1069

      Thumbnail image of graphical abstract

      This paper proposes a new small target detection system that detects small target candidates based on morphology operations and detects actual targets using a modified Gaussian distance function. The proposed method is less sensitive to clutters than existing methods and has a detection rate of 98%.

    8. Protect biometric data with compound chaotic encryption

      Charles Z. Liew, Raymond Shaw and Lanlan Li

      Article first published online: 15 AUG 2014 | DOI: 10.1002/sec.1070

      Thumbnail image of graphical abstract

      In this paper, the information security issue on biometric data is studied, focusing on distribution in space domain and uniform diffusion in frequency domain. Related tests and analysis on key space, sensitivity, correlation and uniform distribution are performed with comparison to diverse schemes including triple data encryption standard algorithm and chaotic mapping cipher. Experiment results show that the proposed approach possesses good secure performances on both random scrambling in space domain and uniform distribution in frequency domain.

    9. On importance of steganographic cost for network steganography

      Wojciech Mazurczyk, Steffen Wendzel, Ignacio Azagra Villares and Krzysztof Szczypiorski

      Article first published online: 8 AUG 2014 | DOI: 10.1002/sec.1085

      Thumbnail image of graphical abstract

      The paper emphasizes the importance of the steganographic cost, which is an indicator for the degradation or distortion of the carrier caused by the application of the steganographic method.

    10. Towards efficient deployment of wireless sensor networks

      Hacène Fouchal, Philippe Hunel and Cédric Ramassamy

      Article first published online: 12 JUL 2014 | DOI: 10.1002/sec.1059

      Thumbnail image of graphical abstract

      The study gives a methodology and a tool to design properly an application over wireless sensor networks with a high QoS degree. We have undertaken a set of experimentations in order to extract a road map in order to choose the right parameters. A classification technique has been used for many types of parameters (application, type, routing protocol, network size, and radio range coverage). The tool is able to propose an NS-2 script for the selected parameters.

  18. SPECIAL ISSUE PAPER

    1. Introducing touchstroke: keystroke-based authentication system for smartphones

      Georgios Kambourakis, Dimitrios Damopoulos, Dimitrios Papamartzivanos and Emmanouil Pavlidakis

      Article first published online: 1 JUL 2014 | DOI: 10.1002/sec.1061

      Thumbnail image of graphical abstract

      This work introduces touchstroke dynamics aiming to explore the potential of this advanced biometric trait in serving as a second verification factor when authenticating the user of a touchscreen smartphone. Towards this goal, we explore typical scenarios used by the majority of legacy keystroke systems but also consider novel classification features and methodologies along with that employed in typical keystroke analysis. The entire experimental procedure has been carried out on a real smartphone in the Android platform.

  19. Special Issue Papers

    1. Time synchronization: pivotal element in cloud forensics

      Nikolaos Marangos, Panagiotis Rizomiliotis and Lilian Mitrou

      Article first published online: 19 JUN 2014 | DOI: 10.1002/sec.1056

      Thumbnail image of graphical abstract

      This paper highlights the importance of time synchronization in Cloud log files from the perspective of a forensics investigator. We evaluate the existing time synchronization techniques for cloud computing (CC) and provide a list of guidelines toward the design of cloud forensics aware timekeeping techniques for CC.

    2. Authentication and key relay in medical cyber-physical systems

      Mohammed Raza Kanjee and Hong Liu

      Article first published online: 8 MAY 2014 | DOI: 10.1002/sec.1009

      Thumbnail image of graphical abstract

      This non-cryptographic authentication scheme, with relay of one-time key, offers an efficient security solution to medical cyber-physical systems. The holistic analysis of medical processes and healthcare adversaries leads to utilizing the unique features present in wireless body area network. The novel design builds on a secure architecture across physical world and cyber space with strategic resource allocation for economic security.

    3. Identifying an OpenID anti-phishing scheme for cyberspace

      Haider Abbas, Moeen Qaemi Mahmoodzadeh, Farrukh Aslam Khan and Maruf Pasha

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1027

      Thumbnail image of graphical abstract

      This paper aims at identifying and discussing solution to OpenID Phishing by proposing a user authentication scheme that allows OpenID providers to identify a user using publicly known entities. The authentication scheme is also validated through detailed descriptions of use cases and prototype implementation.

    4. Location-preserved contention-based routing in vehicular ad hoc networks

      Qing Yang, Alvin Lim, Xiaojun Ruan, Xiao Qin and Dongjin Kim

      Article first published online: 11 APR 2014 | DOI: 10.1002/sec.1008

      Thumbnail image of graphical abstract

      Using pseudonyms and dummy distance to destination information, the proposed location preserved contention based routing protocol can achieve 11.7% improvement on network performance and a higher level of location privacy protection compared with the second best protocol-contention-based forwarding active selection.

    5. Single authentication through in convergence space using collaborative smart cameras

      Geon Woo Kim, Jong Wook Han, Deok Gyu Lee and Sang Wook Kim

      Article first published online: 4 APR 2014 | DOI: 10.1002/sec.1007

      Thumbnail image of graphical abstract

      In this paper, we suggest a single authentication through, a scheme to access any ubiquitous service with single authentication at initial stage for efficiently identifying an object moving multiple convergences spaces. This is performed by enabling distributed smart cameras to deliver identifiers temporarily generated during the object's handover.

    6. Towards secure identity management for the smart grid

      Todd Baumeister and Yingfei Dong

      Article first published online: 3 APR 2014 | DOI: 10.1002/sec.996

      Thumbnail image of graphical abstract

      The emerging smart grid incorporates modern information systems with traditional power delivery systems to achieve better control, efficiency, and reliability. However, it also brings potential cyber security risks into the essential power system. Therefore, we need a large-scale framework to address the basic security issues such as identity management in the smart grid. While public key infrastructures (PKIs) have been developed for large-scale distributed information systems, the existing PKI solutions cannot meet the unique requirements of the electrical power grid.

    7. Optimisation-based collaborative determination of component trustworthiness in service compositions

      Hisain Elshaafi and Dmitri Botvich

      Article first published online: 17 MAR 2014 | DOI: 10.1002/sec.985

      Thumbnail image of graphical abstract

      The paper describes an optimisation-based approach for the determination of component service trustworthiness based on the trustworthiness attributes of collaborating composite services. The approach can identify untrustworthy components and detect the trustworthiness of candidate components to be selected for new compositions. The composite services jointly invoke distributed component services. The paper covers some of the important attributes of trustworthy services that are service reliability, reputation and response time.

    8. Server-based code obfuscation scheme for APK tamper detection

      Yuxue Piao, Jin-Hyuk Jung and Jeong Hyun Yi

      Article first published online: 10 MAR 2014 | DOI: 10.1002/sec.936

      Thumbnail image of graphical abstract

      We propose an obfuscation technique based on a client/server model with one-time secret key delivery using SMS or network protocol. The main concept is to store the core execute class file through obfuscation on the server, so when a program needs to execute core routines, it must request these routines from the server. In this way, we can protect Android apps from reverse engineering.

VIEW

  1. 1 - 100
  2. 101 - 119

SEARCH

SEARCH BY CITATION