Security and Communication Networks

Cover image for Vol. 7 Issue 10

Early View (Online Version of Record published before inclusion in an issue)

Edited By: Hsiao-Hwa Chen and Hamid R. Sharif

Impact Factor: 0.433

ISI Journal Citation Reports © Ranking: 2013: 66/78 (Telecommunications); 116/135 (Computer Science Information Systems)

Online ISSN: 1939-0122

  1. Research Articles

    1. A novel automated framework for modeling and evaluating covert channel algorithms

      Fahimeh Rezaei, Michael Hempel and Hamid Sharif

      Article first published online: 29 MAY 2014 | DOI: 10.1002/sec.1013

      Thumbnail image of graphical abstract

      Automated Covert Channel Modeling is an accurate and reliable approach that converts the general description of covert channel algorithms to a fully functional executable code. This code can be used in a simulation environment or a real network platform to establish a covert communication channel. The main objective of defining this framework is to observe and analyze the behavior of diverse covert channel algorithms and their characteristic, in order to be able to study effective solutions for detecting and disrupting covert communication.

  2. Special Issue Papers

    1. Cooperative monitoring BGP among autonomous systems

      Ning Hu, BaoSheng Wang and Xin Liu

      Article first published online: 29 MAY 2014 | DOI: 10.1002/sec.1024

      Thumbnail image of graphical abstract

      This paper presents a Border Gateway Protocol (BGP) monitoring method, which is called cooperative information sharing model (CoISM). CoISM can provide autonomous systems with a more comprehensive information view. CoISM optimizes the information transmission by leveraging the data locality caused by BGP policy and implements ISP coordination with low communication and deployment cost. More specifically, CoISM provides a self-organizing and incentive mechanism, which drives autonomous systems to coordinate independently and shares information on-demand.

    2. AutoMal: automatic clustering and signature generation for malwares based on the network flow

      Sun Hao, Wen Wang, Huabiao Lu and Peige Ren

      Article first published online: 29 MAY 2014 | DOI: 10.1002/sec.1029

      Thumbnail image of graphical abstract

      This paper presents AutoMal, a system for automatically extracting signatures from large-scale malware, and our main contribution is putting forward the concept hashing signature and developing the corresponding mechanism constituted by three methods in the paper. We utilize feature hashing for high-dimensional feature spaces reducing and propose cross association with median filtering for malware clustering then provide Bayesian selection for signature generating and evaluating. The results show that AutoMal can generate strongly noise-resisted signatures that exactly show the characteristics of malware.

  3. Research Articles

    1. Evaluation of entropy-based detection of outbound denial-of-service attacks in edge networks

      Ilija Basicevic, Stanislav Ocovaj and Miroslav Popovic

      Article first published online: 26 MAY 2014 | DOI: 10.1002/sec.1040

      Thumbnail image of graphical abstract

      The entropy-based method has been compared with a known method for detection of Synchronize sequence numbers (SYN) flood attacks, which relies on application of Cumulative sum control chart (CUSUM) algorithm over the number of SYN packets. The experimental evaluation confirms that entropy-based detection does not reach the performance of a method tailored for a specific type of attack but it has generality that allows the use in viable detection of a range of attacks.

    2. On cross-correlation properties of S-boxes and their design using semi-bent functions

      Enes Pasalic, Samed Bajrić and Milan Djordjević

      Article first published online: 26 MAY 2014 | DOI: 10.1002/sec.1035

      Thumbnail image of graphical abstract

      In addition,

      1. A sufficient condition that the absolute indicator of two bent functions achieves its lowest value is derived

      2. A construction of substitution boxes with good autocorrelation properties from vectorial bent functions is given.

      3. Two classes of nonlinear vectorial semi-bent functions with good autocorrelation properties are proposed.

    3. A new certificateless signature scheme under enhanced security models

      Kee Sung Kim and Ik Rae Jeong

      Article first published online: 26 MAY 2014 | DOI: 10.1002/sec.1036

      Thumbnail image of graphical abstract

      We construct the first certificateless signature scheme that can be proven secure against malicious-but-passive key generation center attack of super adversaries. Moreover, our scheme is still secure when the adversary is allowed to obtain valid signatures on the target identity and message. Our construction is based on the hard lattice problems in the random oracle model.

  4. Special Issue Papers

    1. Authentication and key relay in medical cyber-physical systems

      Mohammed Raza Kanjee and Hong Liu

      Article first published online: 8 MAY 2014 | DOI: 10.1002/sec.1009

      Thumbnail image of graphical abstract

      This non-cryptographic authentication scheme, with relay of one-time key, offers an efficient security solution to medical cyber-physical systems. The holistic analysis of medical processes and healthcare adversaries leads to utilizing the unique features present in wireless body area network. The novel design builds on a secure architecture across physical world and cyber space with strategic resource allocation for economic security.

    2. Identifying an OpenID anti-phishing scheme for cyberspace

      Haider Abbas, Moeen Qaemi Mahmoodzadeh, Farrukh Aslam Khan and Maruf Pasha

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1027

      Thumbnail image of graphical abstract

      This paper aims at identifying and discussing solution to OpenID Phishing by proposing a user authentication scheme that allows OpenID providers to identify a user using publicly known entities. The authentication scheme is also validated through detailed descriptions of use cases and prototype implementation.

  5. Research Article

    1. A new efficient signcryption scheme in the standard model

      Zheng Yang

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1034

      Thumbnail image of graphical abstract

      We introduce an efficient signcryption scheme for hybrid authenticated encryption that is provably secure in the standard model under a strong multiuser insider setting. Our new signcryption scheme is built on the basis of a variant of Boneh-CBoyen short signature, which works under bilinear groups. The new construction idea is to reuse the signature value to derive the encryption key. This could dramatically save not only the computational cost but also the communication bandwidth.

  6. Research Articles

    1. Reliability enhancement for CIR-based physical layer authentication

      Jiazi Liu, Ahmed Refaey, Xianbin Wang and Helen Tang

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1014

      Thumbnail image of graphical abstract

      In this article, we propose three channel impulse response (CIR) based physical layer authentication schemes, which exploit the inherent properties of CIR to enhance the authentication reliability under a binary hypothesis testing in mobile communications. Specifically, the reliability of authentication is enhanced by mitigating the noise components of CIR estimates, deriving CIR difference based on a channel predictor, and observing multiple CIR differences in the final decision, respectively.

  7. Special Issue Papers

    1. Trust dynamic task allocation algorithm with Nash equilibrium for heterogeneous wireless sensor network

      Wen Zhong Guo, Jia Ye Chen, Guo Long Chen and Hai Feng Zheng

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1026

      Thumbnail image of graphical abstract

      A trust dynamic task allocation algorithm is proposed to address the task allocation problem for a heterogeneous wireless sensor network (WSN). A discrete particle swarm optimization is designed to generate a structure of the parallel coalitions. Task strategies and payoff functions by invoking the game theory in WSNs are designed.

  8. Research Articles

    1. Attribute-based signature for threshold predicates from lattices

      Qingbin Wang and Shaozhen Chen

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1038

      Thumbnail image of graphical abstract

      This paper presents an attribute-based signature scheme for the case of threshold predicates from lattices. This scheme is existentially unforgeable against selective predicate and static chosen message attacks in the standard model, with respect to the hardness of the small integer solution problem. To the best of our knowledge, this work constitutes the first attribute-based signature scheme based on lattices.

    2. Efficient techniques of key management and quantum cryptography in RFID networks

      Vijey Thayananthan, Ahmed Alzahrani and Muhammad Shuaib Qureshi

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1005

      Thumbnail image of graphical abstract

      In order to maximize the data security and secure transmission around radio frequency identification (RFID) network, theoretical model of the quantum key management system based on RFID is introduced. Novelties in this research are security keys of which quantum cryptography is being utilized in RFID network with continuous key updates. To maximize the security and minimize the complexity in key management, quantum cryptography with Grover's algorithm is introduced as a method in RFID network environments and is proved.

    3. Analysis and improvement of a multi-factor biometric authentication scheme

      Liling Cao and Wancheng Ge

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1010

      Thumbnail image of graphical abstract

      Multi-Factor Biometric Authentication (MFBA) comes to be a promising technology to enhance the security in wireless communication. Several attacks to some existing MFBA schemes have been demonstrated. A modified MFBA scheme has been proposed with security formal analysis using BAN-logic, which demonstrates that the modified scheme with slight high computation costs can protect against several possible attacks.

    4. Making air traffic surveillance more reliable: a new authentication framework for automatic dependent surveillance-broadcast (ADS-B) based on online/offline identity-based signature

      Joonsang Baek, Young-ji Byon, Eman Hableel and Mahmoud Al-Qutayri

      Article first published online: 7 MAY 2014 | DOI: 10.1002/sec.1021

      Thumbnail image of graphical abstract

      In this paper, we propose an authentication framework for automatic dependent surveillance-broadcast system for the future e-enabled aircrafts. The proposed framework is based on our new online/offline identity-based signature scheme. This scheme resolves the public-key infrastructure management issue by using the identities of aircrafts as public keys and makes it possible to frequently sign automatic dependent surveillance-broadcast messages exchanged between aircrafts and ground controllers through online/offline signature generation.

    5. An authorization model for cross-enterprise collaborations

      Fotios I. Gogoulos, Anna Antonakopoulou, Georgios V. Lioudakis, Aziz S. Mousas, Dimitra I. Kaklamani and Iakovos S. Venieris

      Article first published online: 5 MAY 2014 | DOI: 10.1002/sec.1000

      Thumbnail image of graphical abstract

      In this paper, an authorization framework toward the protection of sensitive resources in the context of cross-enterprise scenarios is presented. The proposed framework is founded on the utilization of a semantic information model, which integrates individual privacy preferences, organizational access control rules, and information handling policies into the authorization determination procedure. Partners within the framework are organized in a bridged federated architecture in order to ensure the semantic and trust interoperability of the emerging transactions.

    6. Meet-in-the-middle fault analysis on word-oriented substitution-permutation network block ciphers

      Zhiqiang Liu, Ya Liu, Qingju Wang, Dawu Gu and Wei Li

      Article first published online: 5 MAY 2014 | DOI: 10.1002/sec.1015

      Thumbnail image of graphical abstract

      Observe that some special properties of the diffusion layers of word-oriented substitution-permutation network block ciphers can be exploited to facilitate the meet-in-the-middle fault attacks on the ciphers. Mount efficient meet-in-the-middle fault attacks on ARIA and AES are based on our observations.

    7. Modified data encryption standard encryption algorithm with improved error performance and enhanced security in wireless fading channels

      Walid Y. Zibideh and Mustafa M. Matalgah

      Article first published online: 5 MAY 2014 | DOI: 10.1002/sec.1003

      Thumbnail image of graphical abstract

      This paper presents a new encryption algorithm that addresses the strict avalanche criterion in wireless communication channels. The performance of the proposed algorithm is evaluated in different channel conditions and is shown to outperform well-known standardized encryption algorithms in terms of the probability of correct reception, security, and complexity.

    8. A fault recovery-based scheduling algorithm for cloud service reliability

      Ping Qi and Longshu Li

      Article first published online: 5 MAY 2014 | DOI: 10.1002/sec.1017

      Thumbnail image of graphical abstract

      Considered the unreliable and dynamic characteristics of cloud computing, cloud service failures are inevitable, which have an adverse effect on task execution and scheduling. To improve cloud service reliability, we first analyze the fault recovery mechanism, and then, cloud failures considered in this paper are classified into two categories: unrecoverable failures and recoverable failures. By integrating the existing dynamic level scheduling (DLS) algorithm, a novel scheduling algorithm based on fault recovery mechanism named fault recovery-based DLS algorithm is proposed to reduce the failure probability of task assignments. The experimental results confirm that fault recovery mechanism can meet the reliability requirements of cloud computing infrastructures and the proposed algorithm can effectively ensure trustworthy execution of tasks.

    9. Remote three-factor authentication scheme based on Fuzzy extractors

      Min Zhang, Jiashu Zhang and Ying Zhang

      Article first published online: 5 MAY 2014 | DOI: 10.1002/sec.1016

      Thumbnail image of graphical abstract

      From the table in the succeeding text, we can see that the proposed scheme is more secure and more reasonable than Lee and Hsu's scheme. We also provide a new method to achieve three-factor authentication scheme.