In general, attackers carry out scanning or probing against a certain network when they start to attack their victims. Because of this, darknet is very useful to observe the scanning activities of attackers who want to find their victims that have security vulnerabilities in operating systems, applications, services, and so on. Thus, by observing and analyzing darknet traffic, it is able to obtain an insight into malicious activities that are happening on the Internet and to identify potential attackers who sent attack packets to the darknet. However, darknet has a fatal limitation that most of the darknet traffic has no payload data. This means that we cannot collect the real attack codes from the original darknet traffic. To cope with this problem, we propose a security monitoring and response model to analyze cyber threats trend and to trace potential attackers based on darknet traffic. We have evaluated the proposed model using one /24 darknet IP addresses and TMS alerts that were obtained from TMS. The experimental results provided the statistical information of all the incoming darknet traffic so that we could obtain the global cyber threats trend. Furthermore, the experimental results demonstrated that we could obtain malicious attack patterns and attack codes that were not detected by TMS. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents a security monitoring and response model based on darknet traffic, which consists of six main components: darknet IP addresses, intrusion detection system, collection server, management system, and analysis system and tracing system.

It enables us to obtain real traffic that may contain attack codes in the wild and malicious attack patterns.

Public key encryption with keyword search is a novel cryptographic primitive enabling one to search on the encrypted data directly. In the known schemes, once getting a trapdoor, the server can search associated data without any restrictions. However, in reality, it is sometimes essential to prevent the server from searching the data all the time because the server is not fully trusted. In this paper, we propose the notion of public key encryption with revocable keyword search to address the issue. We also develop a concrete construction by dividing the whole life of the system into distinct times to achieve our goals. The proposed scheme achieves the properties of the indistinguishability of ciphertexts against an adaptive chosen keywords attack security under the co-decisional bilinear Diffie–Hellman assumption in our security model. Compared with two somewhat schemes, ours offers much better performance in terms of computational cost. Copyright © 2013 John Wiley & Sons, Ltd.

We propose the notion of public key encryption with revocable keyword search, which provides a solution to restrict the search power in cloud storage by revoking the search capability of the server. Inspired by the anonymous multi-receivers identity-based encryption proposed by Fan et al., we give a concrete construction of revokable keyword search by dividing the whole life of the system into distinct times and demonstrate the scheme achieves indistinguishability of ciphertexts against an adaptive chosen keywords attack secure under co-decisional bilinear Diffie-Hellman assumption in the random oracle model.

Wireless image sensor network generates a large number of images from the distributed camera sensors. The image data need to be delivered securely and efficiently to the sink in many circumstances. The current node-disjoint multipath and dispersive routings cannot provide enough security and efficiency for the image data collection and transportation. In this paper, we propose an ellipse batch dispersive routing (EBDR) algorithm to address the secure and efficient data collection issue in wireless image sensor network. Images are broken into many shares using (K, N) threshold secret sharing. A multi-hop path is built for each share. All hop nodes are constrained in an ellipse. The routing chooses a relay node for each share of an image in each hop selection step. Relay nodes are dispersed in the whole ellipse area. We analyze the interception probability of shares and delivery delay of EBDR compared with multicast tree-assisted random propagation. Simulation experiments show that EBDR can obtain better security and efficiency for the routing of image data than multicast tree-assisted random propagation routing protocol. Copyright © 2013 John Wiley & Sons, Ltd.

We propose an ellipse batch dispersive routing algorithm to address the secure and efficient data collection issue in wireless image sensor network. Images are broken into many shares using (K, N) threshold secret sharing. A multi-hop path is built for each share. Relay nodes are dispersed in the whole ellipse area. Simulation experiments show that ellipse batch dispersive routing can obtain better security and efficiency for the routing of image data than multicast tree-assisted random propagation routing protocol.

Detecting distributed abnormal events has become an increasingly significant task for efficient network management and operation. However, it is still challenging to uncover these distributed behaviors in backbone networks because of the voluminous amount of noisy, high-dimensional traffic data. In this paper, we present a novel system for detecting distributed abnormal events in backbone networks. The proposed system emphasizes on detecting distributed correlated abnormal events, which are caused by the same reason. In contrast, existing methods are not able to distinguish correlated abnormal events from the independent abnormal events. In our proposed system, a set of data mining techniques is used for modeling and detecting distributed correlated abnormal events by analyzing the traffic features. Specifically, traffic behavior representation is constructed to define and select traffic features for describing the traffic behaviors of interest, feature clustering is performed to group together similar transformations in each feature, behavioral data mining is employed to discover the most significant patterns in network interactions with respect to typical behavior, and behavior classification is used to expose the behaviors of interest. Experiment results using real traffic data present the effectiveness of our proposed methods for detecting distributed correlated abnormal events in the backbone network. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents a novel system for detecting distributed abnormal events in backbone networks. The proposed systems emphasizes on detecting distributed correlated abnormal events, which are caused by the same reason. In contrast, existing methods are not able to distinguish correlated abnormal events from the independent abnormal events.

Message encryption does not prevent eavesdroppers from unveiling who is communicating with whom, when, or how frequently, a privacy risk wireless networks are particularly vulnerable to. The Crowds protocol, a well-established anonymous communication system, capitalizes on user collaboration to enforce sender anonymity. This work formulates a mathematical model of a Crowd-like protocol for anonymous communication in a lossy network, establishes quantifiable metrics of anonymity and quality of service (QoS), and theoretically characterizes the trade-off between them. The anonymity metric chosen follows the principle of measuring privacy as an attacker's estimation error. By introducing losses, we extend the applicability of the protocol beyond its original proposal. We quantify the intuition that anonymity comes at the expense of both delay and end-to-end losses. Aside from introducing losses in our model, another main difference with respect to the traditional Crowds is the focus on networks with stringent QoS requirements, for best effort anonymity, and the consequent elimination of the initial forwarding step. Beyond the mathematical solution, we illustrate a systematic methodology in our analysis of the protocol. This methodology includes a series of formal steps, from the establishment of quantifiable metrics all the way to the theoretical study of the privacy QoS trade-off. Copyright © 2013 John Wiley & Sons, Ltd.

Message encryption does not prevent eavesdroppers from unveiling who is communicating with whom, when, or how frequently, a privacy risk wireless networks are particularly vulnerable to. The Crowds protocol, a well-established anonymous-communication system, capitalizes on user collaboration to enforce sender anonymity. Our works formulates a mathematical model of a Crowd-like protocol for anonymous communication in a lossy network, establishes quantifiable metrics of anonymity and quality of service, and theoretically characterizes the trade-off between them.

Since Ratha et al. introduced the functional transform for cancelable fingerprint templates, a few simulation attacks to this method have been proposed. The attacks are based on the fact that the transform depends only on the predefined parameters. That is, the attacker may fully simulate the transform and partially invert it if the parameters are available. Although an original template is transformed using different parameters for different systems, even the compromise of only one of these systems may reveal the original template, which may be a serious potential threat from a practical viewpoint. In this paper, we propose an improved functional transform, whose parameters are decided by the original template, as well as predefined user-specific keys. Because the information on the original template will not be available to the attacker even when a system is compromised, the proposed method significantly improves the security of the original template by preventing the attacker from reconstructing the transform. Copyright © 2013 John Wiley & Sons, Ltd.

Since Ratha et al. introduced the functional transform for cancelable fingerprint templates, a few simulation attacks to this method have been proposed. We propose an improved functional transform, whose parameters are decided by the original template, as well as predefined user-specific keys. Because the information on the original template will not be available to the attacker even when a system is compromised, the proposed method significantly improves the security of the original template by preventing the attacker from reconstructing the transform.

We design a new (k,n)-threshold visual secret sharing scheme on the basis of Boolean operations. We propose two different algorithms to encrypt a secret image into n meaningless shares such that no secret information can be obtained by having any k − 1 or fewer shares. However, the secret image can be reconstructed easily by XOR of any k (≤n) or more shares. Both the algorithms have used simple Boolean operations such as OR and XOR. The proposed scheme broadens the potential applicability of Boolean operation-based visual secret sharing by generating the shares of size same as that of the original secret image. Formal proofs, security analysis, and the experimental results are given to demonstrate the correctness and feasibility of the proposed scheme. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes a (k,n)-threshold visual secret sharing scheme based on Boolean operations. The proposed scheme maintains the merits as follows: (1) No pixel expansion; (2) No codebook requirement; (3) No need to align the shares in decoding process; (4) Can encode a wide range of image format. The formal proofs and experimental results confirm that the proposed scheme satisfies both the requirements: security (any k-1 or fewer shares cannot reconstruct the secret image) and recoverability (any k or more shares can easily reconstruct the secret image).

After verifying the correctness of the password, the keystroke dynamics-based authentication (KDA) system will verify the corresponding keystroke features. It provides additional security verification for alphanumeric-based and personal identification number-based authentication schemes that suffer from guessing and shoulder surfing attacks. Except for the original time features in the KDA schemes, two novel keystroke features are found in touch screen handheld mobile devices, which are called “pressure” features and “size” features. A computation efficient statistical classifier is built for low-power mobile devices to authenticate the user's identity. This paper analyzes the following combinations of features: (1) time features; (2) time features and pressure features; (3) time features and size features; and (4) all features combined. The result shows that the size features or the pressure features can effectively promote the utility of the KDA system in personal identification number-based authentication schemes for touch screen handled mobile devices. The combination of time features and pressure features is the best one for authenticating users. Copyright © 2013 John Wiley & Sons, Ltd.

Two novel keystroke features are found in touch screen handheld mobile devices, which are called “pressure” features and “size” features. A computation efficient statistical classifier is built for low-power mobile devices to authenticate the user's identity. The result shows that the size features or the pressure features can effectively promote the utility of KDA system in PIN-based authentication schemes for touch screen handled mobile devices. The combination of time features and pressure features is the best one for authenticating users.

Big data presents critical requirements for security in data collection and transmission of selected data through a communication network. This paper presents a new secure transmission for big data based on nested sparse sampling and coprime sampling. With nested sampling and coprime sampling, besides the advantage of higher spectrum efficiency, big data could also achieve higher power spectral density for binary frequency shift keying (BFSK) signal. When the sampling spacing pairs are big enough, the spectrum of BFSK signal performs like frequency hopping. This property has great advantage in the security of big data collection and transmission using FH/BFSK, as it could achieve low error probability. With the same multitone interfering signal added to FH/BFSK, the error probability becomes much lower using nested sampling and coprime sampling compared with the original FH/BFSK signal. This proves that both nested sampling and coprime sampling could be used in big data transmission to resist interference, while guaranteeing the transmission performance. Copyright © 2013 John Wiley & Sons, Ltd.

With nested sampling or coprime sampling, besides the advantage of higher spectrum efficiency, big data could also achieve higher power spectral density for binary frequency shift keying signal. When the sampling spacing pairs are big enough, the spectrum performs like frequency hopping.With the same independent multitone interfering signal added to FH/BFSK, the error probability becomes much lower using nested sampling or coprime sampling for a secure transmission of big data to resist interference.

Regular expression matching is widely used in many programming languages and applications. A regular expression is transformed into a deterministic finite automata (DFA) for processing. However, the DFA requires large memory resources because of the state blowup problem. Many algorithms have been proposed to compress the DFA storage and generally store the compressed DFA in sparse matrix format. For field-programmable gate array (FPGA)-based implementations, operations on sparse matrix consume multiple clock cycles, thus reducing the flexibility and performance of applications. To accelerate the regular expression matching, we present a compact sparse matrix format for storing the compressed DFA transition table on the FPGA. Taking advantage of the special properties of sparse matrices generated by DFAs, we can accomplish one access within a single clock cycle. Furthermore, we develop a regular expression matching engine on a Xilinx (Xilinx Inc. Location: 2100 Logic Dr, San Jose, CA 95124-3400, USA) Virtex-6 FPGA chip using this sparse matrix format. Compared with previous solutions, this regular expression matching engine has more flexibility while keeping high compression ratio. The results show that this regular expression matching engine saves 94% of memory space compared with the original DFA structure while keeping a fast matching speed. By running multiple engines in parallel, our design achieves a throughput up to 29 Gbps. Copyright © 2013 John Wiley & Sons, Ltd.

We present a compact sparse matrix format for storing the compressed deterministic finite automata transition table on the field-programmable gate array. Then we develop a regular expression matching engine on a using this sparse matrix format. This regular expression matching engine saves 94% memory space while keeping high matching speed.

To cope with the challenges existing in pervasive environments, based on the characteristics of pervasive environments, a semantic distance-based trust model is proposed in this paper. The semantic distance between entities and between trust categories is borrowed to calculate trustworthiness more precisely. In the model, the behavior trust and capability trust are distinguished and evaluated separately; on the basis of the trust evaluations, all entities in pervasive environments make independent decisions that can maximize their own profit with the trust model. The simulation experiment results proved the effectiveness of the model in improving the interaction success ratio and efficiency between entities under pervasive environments. Copyright © 2013 John Wiley & Sons, Ltd.

A semantic distance-based trust model is proposed. The semantic distance between entities and between trust categories is borrowed to calculate trustworthiness more precisely. In the model, the behavior trust and capability trust are distinguished and evaluated separately. The simulation experiment results proved the effectiveness of the model in improving the interaction success ratio and efficiency between entities under pervasive environments.

In this paper, the design of a low-cost ultra-high-frequency (UHF) Radio Frequency IDentification (RFID) tag chip with an advanced encryption standard (AES) cryptographic engine is presented. The design of digital baseband is verified on a Field-Programmable Gate Array (FPGA) platform. The whole chip, including a radio frequency frontend, an analog frontend, an Electrically Erasable Programmable Read-Only Memory (EEPROM), and a baseband with AES engine, is taped out on Semiconductor Manufacturing International Corporation (SMIC) 0.13μm process. The chip area is 1 × 1 mm2, in which 0.6 × 0.3 mm2 is covered by the digital baseband. The power consumption of the entire tag chip is 20.9 μW. The design can work on both two modes of the standard ISO 18000-6C mode and the security enhanced ISO 18000-6C mode. To the best of our knowledge, it is the first UHF passive RFID tag chip with AES algorithm in the baseband.

The design of a low-cost UHF Radio Frequency IDentification (RFID) tag chip with an AES cryptographic engine is presented. The whole chip, including a radio frequency frontend, an analog frontend, an EEPROM, and a baseband with AES engine, is taped out on SMIC 0.13μm process. The design can work on both two modes of the standard ISO 18000-6C mode and the security enhanced ISO 18000-6C mode.

Embedded microprocessors are used in a wide variety of platforms, including Radio frequency identification (RFID) systems, sensor networks, and smartphones. Unfortunately, as practical use of microprocessors has increased, so have the security problems associated with them. Although public key cryptography (PKC) can mitigate these problems, standard implementations of PKC also impose a steep computational cost on resource-constrained devices. To reduce this cost, researchers have proposed alternative implementations that accelerate multiprecision multiplication, the most expensive operation involved in PKC. In this paper, we focus on a further optimization of this same operation, using several innovative methods: carry-once, optimized multiplication and accumulation (MAC), unbalanced comb, and optimized comb-window. These methods yield further performance improvements of 2%, 17%, 4.5%, and 9.5%, respectively, on representative modern microprocessors including ATmega128 and MSP430. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we focus on a further optimization of binary and prime field multiplication, using several innovative methods: carry-once, optimized multiplication and accumulation, unbalanced comb, and optimized comb-window. These methods yield further performance improvements of 2%, 17%, 4.5%, and 9.5%, respectively, on representative modern microprocessors including ATmega128 and MSP430.

Cloud computing is becoming increasingly popular because of the dynamic deployment of computing service. Another advantage of cloud is that data confidentiality is protected by the cloud provider with the virtualization technology. However, a covert channel can break the isolation of the virtualization platform and leak confidential information without letting it known by virtual machines. In this paper, the threat model of covert channels is analyzed. The channels are classified into three categories, and only the category that is new to cloud computing is concerned, for example, CPU load-based, cache-based, and shared memory-based covert channels. The covert channel scenario is modeled into an error-corrected four-state automaton, and two error-corrected algorithms are designed. A new detection framework termed C²Detector is presented. C²Detector includes a captor located in the hypervisor and a two-phase synthesis algorithm implemented as Markov and Bayesian detectors. A prototype of C²Detector is implemented on Xen hypervisor, and its performance of detecting the covert channels is demonstrated. The experiment results show that C²Detector can detect the three types of the covert channels with an acceptable false positive rate by using a pessimistic threshold. Moreover, C²Detector is a plug-in framework and can be easily extended. It is believed that new covert channels can be detected by C²Detector in the future. Copyright © 2013 John Wiley & Sons, Ltd.

The covert channels in cloud computing are classified into three categories for the first time, and the channel scenario is modeled into an error-corrected four-state automaton. A flexible framework named C²Detector is presented to detect covert channels in cloud computing, which includes a captor located in the hypervisor and a two-phase synthesis algorithm implemented as Markov and Bayesian detectors. A prototype of C²Detector is implemented on Xen hypervisor, and the experiment results show that it can detect the three types of the covert channels with an acceptable false positive rate by using a pessimistic threshold.

Access control plays an important role in protecting security-sensitive sensor data from being utilized by malicious users. Despite the numerous studies on access control for wireless sensor networks (WSNs), however, few of them pay attention to preserving user privacy, which has recently been an urgent demand of the network users. In this paper, we propose two access control schemes with different privacy preserving properties for WSNs, which can adaptively satisfy the demands of the sensor network users. First, on the basis of our signcryption approach, we propose a distributed query protected access control scheme where the query message is encrypted in the process of user authentication. Because no other users could decrypt and read the query message, the user can preserve the privacy of the target data type. With the additional help with proxy signature, we then design a distributed anonymous access control scheme. Apart from protecting the data type information, distributed anonymous access control preserves the privacy of the user's access behavior by anonymizing the user's identity. In contrast to the previous privacy-preserved access control schemes for WSNs, our schemes can efficiently protect the privacy of users without significantly increasing the network overhead and the energy consumption on sensors. Copyright © 2013 John Wiley & Sons, Ltd.

The architecture of adaptive privacy-preserved distributed access control schemes for WSNs.

This paper develops a formal model that allows research, development and evaluation from a functional point of view and attending to security needs, of the different parts in the process of creation of a linguistic steganographic system based on the lexical–semantic substitution of words by their synonyms. The advantages and drawbacks of this type of steganographic technique and the procedure to evaluate its usefulness in a given language are discussed. As a case study, the application of this model is carried out in the Spanish language based on the development of the tool Lexical Substitution in Spanish. This tool allows the testing of the substitution of words with their synonyms in Spanish. A hiding capacity of at least 0.1864 bits/word, resulting in 68.33% of the stegotexts created being invisible to the attacks analysed. This hiding capacity is useful enough to send Internet addresses, GPS coordinates, brief mobility messages, signatures on text, control messages, and so forth. All these uses are in fact very practical within the area of telecommunication networks. From the point of view of corporate network security, stegotexts make possible, for example, the control of a botnet without any knowledge on the part of the network administrators. Copyright © 2013 John Wiley & Sons, Ltd.

This paper develops a formal model that allows evaluation from a functional point of view of the different parts in the process of creation of a linguistic steganographic system based on the lexical–semantic substitution of words by their synonyms. As a case study, the tool Lexical Substitution in Spanish, allows the testing of the substitution of words with their synonyms in Spanish. A hiding capacity of at least 0.1864 bits/word, resulting in 68.33% of the stegotexts created being invisible to the attacks.

This paper presents a robust blind frequency domain watermarking scheme based on chaotic maps. The proposed scheme embeds a black and white watermark logo in the midband components of a host image according to a discrete wavelet transform. Each watermark bit is embedded into a small submatrix of selected second level subbands of an image resulting from iterated applications of a two-dimensional discrete wavelet transform. This scheme embeds two copies of the watermark using two different methods, in two different subbands of the image. At the cost of embedding capacity, this results in improving the security and robustness of the watermarking scheme. Experimental results demonstrate that the suggested scheme provides imperceptibility and robustness against image processing attacks such as JPEG compression, low-pass filtering, median filtering, Gaussian noise, scaling, rotating, cropping, histogram equalization, and gamma correction. Experimental results also show superior robustness of the suggested scheme over existing algorithms with a similar approach. Copyright © 2013 John Wiley & Sons, Ltd.

A blind frequency domain watermarking scheme is proposed to embed a black and white logo. Each watermark bit is embedded into a small block of selected second level subbands of the host image. This image demonstrates the scaled absolute difference between a host image (Lena) and its resulting watermarked image.

An appropriate model of attacker behaviour is a key requirement for quantitative security evaluation. Motivated by the fact that attacker behaviour is affected by some social factors such as monetary costs and benefits rather than merely the technical aspects of the target system, we proposed an attack modelling approach based on a hierarchical and coloured extension of stochastic activity networks (HCSANs). This approach is called HCSAN-based attack modelling. By using this approach, multistage attacks can be modelled following the attack tree paradigm. Also, attacker behaviour can be modelled as a strategic decision-making process that accounts for the following factors affecting the attacker's decisions: (1) the goals of attack; (2) the cost and risk associated with available strategies; and (3) the target system's possible responses. Furthermore, we put forward an analytic solution method to measure security attributes (i.e. confidentiality, integrity and availability) and estimated two important quantitative security measures, which are the mean time to security failure and attack success probability. Additionally, we introduce a parametric sensitivity analysis method, which can be used to determine the sensitivity of the evaluated measures to different model parameters and optimize the model accordingly. Finally, we demonstrated how this approach can be used for survivability enhancement of the system using a well-known risk assessment process. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes hierarchical and coloured extension of stochastic activity network-based attack modelling (HCSAM) for modelling multistage attacks following the attack tree paradigm. By using HCSAM, attacker behaviour can be modelled as a strategic decision-making process regarding the following factors affecting the attacker's decisions: (1) the goals of attack; (2) the cost and risk associated with available strategies; and (3) the target system's possible responses. Furthermore, we put forward an analytic solution method to measure security attributes and estimate mean time to security failure and attack success probability.

Cloud computing enables information technology related services in a more dynamic and scalable way than before—more cost-effective than before due to the economy of scale and of sharing resources. Usually, cloud providers describe their promised behaviour—regarding functional and non-functional aspects of the service provision—by way of service level agreements (SLAs). For different providers offering similar functionality, SLAs are often insufficiently claimable and inconsistent with the aspects considered important by customers. Therefore, customers face problems identifying a trustworthy cloud provider solely on the basis of its SLA. To support customers in reliably identifying trustworthy cloud providers, we propose a multi-faceted trust management system architecture for cloud computing marketplaces and related approaches. This system provides the means for identifying trustworthy cloud providers in terms of different attributes, for example, compliance, data governance and information security. In this article, we present the first realization of our proposed trust management system using the Consensus Assessment Initiative Questionnaire, initiated by the Cloud Security Alliance, as one of the sources of trust information. In particular, our proposed approach contributes to the challenge of extracting trust information from Consensus Assessment Initiative Questionnaires completed by cloud providers. Finally, our implemented system and related approaches are experimented using real datasets. Copyright © 2013 John Wiley & Sons, Ltd.

The first-ever proof-of-concept trust system for cloud computing marketplaces. The system leverages the CSA CAIQ as an information source.

In this paper, we propose a distributed and dynamic public key infrastructure for vehicular ad hoc networks. We aim to achieve the fundamental security requirements, particularly the authentication, the confidentiality, and a reliable vehicle-to-vehicle data exchange. To make the certification authority (CA) reachable by all vehicles, we distribute its role among a set of dynamically elected vehicles. The election of dynamic CAs is based on a clustering algorithm where the cluster heads will be CAs in their clusters. The cluster heads are elected following two criteria: security and mobility. Due to the important role of the CA in each cluster and to protect it from DOS attacks, we introduce a VANETs dynamic demilitarized zone for vehicular ad hoc networks. Its role is to handle the certification requests sent to the CA from unknown vehicles, and hence, it avoids compromising it. Additionally, we detail the certificates management in the proposed public key infrastructure, and we propose a mechanism to provide anonymous vehicle-to-vehicle communications using pseudonyms. To study the feasibility of our distributed architecture and particularly the clustering algorithm, we propose a probabilistic model considering the speed of vehicles and taking into account the safety distance between vehicles.

We carried out a set of simulations to evaluate the performance of the proposed clustering algorithm in both urban and highway environments. Hence, we study the effects of the transmission range, the speed of vehicles, and the number of trusted vehicles in the network on the stability and the efficiency of the overall proposed architecture. We also study some delays characterizing the certificates management. Our simulation results show that the security of the proposed architecture closely depends on the number of trusted vehicles in the network, and the stability depends on the mobility of vehicles on the road and on the total number of trusted vehicles. Copyright © 2013 John Wiley & Sons, Ltd.

We propose a distributed and dynamic public key infrastructure for vehicular ad hoc networks to fulfill the requirements of security, particularly, the authentication, the confidentiality, and the reliability of data. The role of the central certification authority is distributed among a set of elected vehicles, which are equipped with wireless on-broad units. Eventually, vehicles can communicate with road side units. The architecture is dynamic because the election of vehicles takes into account the topology changes.

Routing algorithms in delay tolerant networks often need nodes serving as relays for the source to carry and forward message. In particular, nodes should relay the source's packets to others. However, because of the selfish nature, nodes may not relay others' packets to save energy after obtaining message. To make these nodes be cooperative, the source has to pay certain fees to them. Moreover, such fees may be varying with time. On the other hand, if the payment is too much, it may not be cost-effective for the source. Therefore, the total cost may be limited. The main objective of this paper is to explore efficient incentive policies for the source to use its limited cost (maximal fees that the source can afford is limited) to maximize the probability that the destination obtains the message before the deadline of the message. First, we present a theoretical framework, which can be used to evaluate the performance of different incentive policies. Then, we explore the optimal incentive policy through Pontryagin's maximal principle and prove that the optimal policy conforms to threshold form in certain cases. Simulation results show the accuracy of our theoretical framework. Extensive numerical results show that the optimal policy obtained in this paper is better than other policies. Copyright © 2013 John Wiley & Sons, Ltd.

The main objective of this paper is to explore efficient incentive policies for the source to use its limited cost (maximal fees that the source can afford is limited) to maximize the probability that the destination obtains the message before the deadline of the message.

We explore the optimal incentive policy through Pontryagin's maximal principle and prove that the optimal policy conforms to threshold form in certain cases.

Information of multi-cells is big data because of the enormous quantities of various cells as well as their parameters and status. To securely and efficiently integrate all the cells' information and trace multi-cells are challenging due to varying number of the multi-cells, as well as the complicacy of the multi-cells' movement. In this paper, an automatic big data integration algorithm based on the optical transfer function is proposed. The experimental results show that the algorithm can securely and efficiently integrate all the cell information and simultaneously track a large quantity of cells. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we propose the automatic big data integration algorithm based on the optical transfer function to trace multi-cells. The experimental results show that the algorithm can securely and efficiently integrate all the cell information and simultaneously track a large quantity of cells.

We present a new 3D object tracking algorithm that supports multiple planar and nonplanar objects with real-time processing speed and high accuracy. The main problem of object tracking algorithm is the limitation of the supporting type of target object, slow processing speed, and low tracking accuracy. Our algorithm provides high accuracy and real-time performance while detecting not only planar objects but also nonplanar objects. The real-time performance is accomplished by using Features from Accelerated Segment Test corner detection, region of interest, and parallel processing on a multicore processor. High accuracy is realized by using a scale-invariant feature transform descriptor, random sample consensus, region of interest, and double robust filtering. Copyright © 2013 John Wiley & Sons, Ltd.

Real-time 3D object tracking algorithm for multiple planar and non-planar objects by using Features from Accelerated Segment Test corner detector, scale-invariant feature transform, Perspective n-Problem, region of interest, double robust filtering and parallel processing on multi-core processor.

Server-aided verification (SAV) signature schemes are useful for power-constrained devices since a powerful server can assist in performing costly operations such as pairing operations. Wu et al. defined security notions for SAV signature schemes and constructed SAV protocols for some existing signature schemes. We extend their work by introducing a new notion called server-aided batch verification (SABV) signature schemes, which allows signatures on (possibly) different messages by (possibly) different signers to be simultaneously verified with the help of an honest server. Then, we define completeness, soundness, and existential unforgeability for SABV signature schemes in the multiple-signer setting. In the following, we design SABV protocols for Waters signature and Boneh–Lynn–Shacham signature, respectively, and prove that these protocols meet the requirement of soundness defined in this paper. Finally, we evaluate the performance of the proposed SABV protocols to show that the cost of a verifier can be further reduced compared with the corresponding SAV protocols presented by Wu et al. Copyright © 2013 John Wiley & Sons, Ltd.

Our SABV schemes allow signatures on different messages by different signers to be simultaneously verified with the help of an honest server. We design SABV protocols for Waters signature and BLS signature respectively and prove that these protocols meet the requirement of soundness. The result shows that the cost of a verifier in our SABV protocols can be further reduced compared with the corresponding SAV protocols.

In Shamir's (t, n) secret sharing (SS) scheme, the secret s is divided into n shares by a dealer and is shared among n shareholders in such a way that any t or more than t shares can reconstruct this secret; but fewer than t shares cannot obtain any information about the secret s. In this paper, we will introduce the security problem that an adversary can obtain the secret when there are more than t participants in Shamir's secret reconstruction. A secure secret reconstruction scheme, which prevents the adversary from obtaining the secret is proposed. In our scheme, Lagrange components, which are linear combination of shares, are used to reconstruct the secret. Lagrange component can protect shares unconditionally. We show that this scheme can be extended to design a multi-secret sharing scheme. All existing multi-secret sharing schemes are based on some cryptographic assumptions, such as a secure one-way function or solving the discrete logarithm problem; but, our proposed multi-secret sharing scheme is unconditionally secure. Copyright © 2013 John Wiley & Sons, Ltd.

A secure secret reconstruction scheme ensures that the secret can only be recovered by participants who present valid shares; but not by any outside adversary who does not own any valid share.

There are some biometrics-based three-factor remote user authentication schemes proposed by researchers for ensure high security features for network-based application systems. Recently, Das pointed out the security flaws of Li and Hwang's three-factor remote user authentication scheme, and proposed an enhanced biometrics-based three-factor remote user authentication scheme. Das's scheme overcomes the defects of Li and Hwang's scheme, and maintains the advantages of Li and Hwang's scheme at the same time. However, after detailed analysis, we find that Das's scheme remains vulnerable to forgery attack and stolen smart card attack; at the same time, Das's scheme cannot provide the session key agreement after the mutual authentication. To provide more security features, we design a three-factor remote user authentication scheme with key agreement using biometrics. Copyright © 2013 John Wiley & Sons, Ltd.

Biometrics has many excellent features, such as widely available, easy-to-use, high recognition rate, high reliability, unique, cannot be copied, lost or forgotten, and so on, so it was being widely used in user authentication. In this paper, we design a new three-factor remote user authentication scheme with key agreement using biometrics to remove the security weaknesses of previous three-factor remote user authentication schemes.

We propose a quantum secure direct communication protocol utilizing four-qubit cluster state to enhance the efficiency of eavesdropping detection. In the security analysis, by applying the method of the entropy theory, we contrast our scheme to another two strategies, the Ping-pong protocol and the protocol using two particles of Einstein–Podolsky–Rosen pair as detection particles. The comparison results show that if the eavesdropper obtains the same amount of information, the presented quantum protocol strategy will have a larger detection probability than the other two. At last, the security of the proposed protocol is discussed. The analysis results indicate that the protocol in this paper is more secure. Copyright © 2013 John Wiley & Sons, Ltd.

We present a deterministic secure quantum communication protocol based on four-particle cluster state. In the security analysis, the method of the entropy theory is introduced. The eavesdropping detection rate of the original protocol is 50%, whereas ours is 75%.

The original architecture of content-centric network (CCN) may suffer from interest flooding attacks. In this paper, we focus on one type of interest flooding attacks called denial of service against content source (DACS attack). To damage CCN, it floods a large number of malicious interests requesting content that does not exist, which guarantees that no cache hit can occur at routers until these malicious interests reach the target content source. Thus, it can directly exhaust the resource of the victim. To counter it, we propose a threshold-based detecting and mitigating (TDM) scheme. The basic idea is to detect DACS attack on the basis of the frequency that pending interest table items in CCN routers expire (recording this frequency by introducing two counters with their corresponding thresholds and one indicator for counter mode) and to mitigate it by implementing the rate limiter in each router. From the viewpoint of a CCN router, we analyze the performance of TDM in terms of detection ability and effect on mitigating malicious traffic. In addition, we briefly analyze the overhead of TDM. The results show that TDM achieves high detection ability and good effect on mitigating malicious traffic while bringing in small overhead on countering DACS attack. To the best of our knowledge, this is the first attempt to design a detailed scheme embedded with corresponding algorithms on countering this attack. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we give a comprehensive taxonomy for different types of interest flooding attacks in CCN based on the type of victim and propose a threshold-based detecting and mitigating (TDM) scheme to counter one type of the interest flooding attacks called denial of service against content source (DACS attack). The performance analysis results show that TDM achieves high detection ability and good effect on mitigating malicious traffic while bringing in small overhead on countering DACS attack.

Wireless sensor networks (WSNs) are susceptible to various attacks, and these attacks pose a major threat to the normal functioning of WSNs. Jamming is one such attack, which affects network operations by blocking frequencies. Hence, the need of defending such attack is of utmost importance. This paper proposes three variants of a data forwarding scheme using multi-level multi-tier architecture, which employs judicious surfing of a pair of channels to defend jamming attack in WSNs. Variant I defends the attack at the cost of an affordable delay. Improvement of the scheme in minimizing data transmission time is made in variant II. Further improvement in transmission time is made in variant III and is made more realistic by introducing sensing capability at all tiers, thereby increasing network coverage. Simulation is performed to establish each of the successor's variant's improvement over its predecessor. The performance of the scheme in terms of area coverage, packet delivery ratio, and control message overhead is compared with an existing jamming-defending scheme for infrastructure-based wireless network. Finally, comparison results establish that although the proposed scheme is equivalent to its infrastructure-based counterpart in terms of coverage, it provides a more lightweight solution and maintains improved performance in terms of packet delivery ratio. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes a data forwarding scheme with three variants for WSN having multi-level tier architecture which employs judicious surfing of a pair of channels to defend jamming attack. The performance of the scheme in terms of area coverage, packet delivery ratio and control message overhead is compared with an existing jamming defending scheme for infrastructure-based wireless network. The comparison results establish that while the proposed scheme is equivalent to its infrastructure-based counterpart in terms of coverage, it provides more light-weight solution fulfilling the requirement of infrastructure-less network like WSN and maintains improved performance in terms of packet delivery ratio. Please use figure 1 for abstract diagram or illustration.

Rogue access points (APs) have been used in several attacks such as packet sniffing and man-in-the-middle attacks. It is becoming a serious security threat to users in public and enterprise networks. Moreover, it is easy to install malicious APs using mobile devices and networks, and existing solutions do not effectively detect these rogue APs. In this paper, we propose a method to detect rogue APs over mobile networks using round-trip time measurements, without relying on information from authorized lists of APs or users. Through experiments, we proved that our proposed method could detect rogue APs successfully. Copyright © 2013 John Wiley & Sons, Ltd.

Rogue AP (Access Point) is becoming a serious security threat to users in public and enterprise networks. Moreover, it is easy to install malicious APs using mobile devices and networks, and existing solutions do not effectively detect these rogue APs. In this paper, we propose a method to detect rogue APs over mobile networks using round-trip time measurements, without relying on information from authorized lists of APs or users.

In password-based or two-factor (password and smart card) authentications, password changing is one of common techniques used to improve the security of the systems protected by the password. However, the password-changing operations in existing password authentications either depend on the login phase or violate the common practice that an old password should not be valid for subsequent login after being updated. On the other hand, password mistyping is very common in reality, which may be random or be skewed by the adversary via technical means or social engineering manipulation [i.e., a kind of denial-of-service (DoS) attack]. In human-centric authentication mechanisms, password changing and DoS resilience are not marginal issues. The paper addresses the requirements of robust password changing in authentication and presents , a password authentication scheme with robust password changing, DoS resilience, and card-compromise security. Thus, the proposal can be viewed as a suitable candidate instantiation for authentication services of human-centric security, by embedding in the computer and software systems. also achieves other appealing features, such as self-healing ability and strong privacy protection, which may be useful for human-centric applications. Copyright © 2013 John Wiley & Sons, Ltd.

This paper addresses the requirements of robust password changing in human-centric password authentication and presents a scheme with robust password changing, denial-of-service resilience, card-compromise security, self-healing ability, and strong privacy protection. The scheme may be useful for human-centric applications.

eHealth is being rapidly deployed. Lower cost and greater productivity attract government and healthcare enterprise to transit from traditional healthcare service to eHealth service. Security and privacy are growing concerns with the widespread deployment of eHealth and the development of next generation of eHealth services. In this paper, we discuss these security problems and propose a high-level security framework that captures required features in the next-generation eHealth infrastructure. Our framework consists of the following: (i) an adaptive trust-aware tag-based privacy control to specify which data to share and whom to share with. The fine-grained control of data access is guaranteed; (ii) a decentralized authorization that relies on trust propagation protocol to provide robust and resilient access control enforcement; and (iii) a hybrid trust management mechanism that addresses access control information depository on a cloud server. It enforces user-defined access control not only in a distributed environment but also in a privacy-preserving manner so as to minimize the disclosure of privileges and of access policies. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents an access control framework for healthcare social cloud systems. It consists of an adaptive trust-aware tag-based privacy control for information access, a trust propagation protocol to verify the authenticity of information sources, and a hybrid trust management mechanism that meets system users' access control requirements while minimizing the disclosure of privileges and of access policies.

CCM/CCMP is a two-cycle authenticate and encrypt (AE) mode. One cycle is used to perform confidentiality computations, and the second cycle is used to compute authenticity and integrity. CCM/CCMP is also a generic composition. CCM/CCMP is actually made up of two separate modes, CBC-MAC and AES counter mode amalgamated together. Although CCM/CCMP is an AE mode, it is not an authenticated encryption with associated data (AEAD) mode. Previous research has suggested that it is a major deficiency for an AE mode not to be an AEAD. Previous critiques of the CCM/CCMP have shown that CBC-MAC and AES counter mode were poorly amalgamated to create the CCM/CCMP. They also showed that CCMP, which was ratified by the IEEE 802.11i workgroup in 2003 and implemented in WPA2, has some security issues. It also has some major efficiency and complexity issues. This research work reviewed the current major AE and AEAD modes such as the Galois counter mode, and the encryption system with keyed integrity and managed oracle and used critical analysis and statistical analysis approaches to identify more deficiencies in the CCM/CCMP. Copyright © 2013 John Wiley & Sons, Ltd.

This research work reviewed the current major AE and AEAD modes like the GCM and the ESKIMO and used critical analysis and statistical analysis approaches to identify more deficiencies in the CCM/CCMP. Because, critiques of the CCM/CCMP have shown that CBC-MAC and AES Counter Mode were poorly amalgamated to create the CCM/CCMP. They also showed that CCMP, which was ratified by the IEEE 802.11i workgroup in 2003, and implemented in WPA2, has some security issues.

The definitions of big data and anomaly detection are presented. The theory of ultra-wideband radar and the through-wall detection of a human model based on ultra-wideband radar are briefly introduced. The target criterion with wavelet packet transform is deduced, and the procedure for the through-wall human detection with statistical process control is constructed. The radar echo signals are collected at stationary and moving statuses of a human being for three types of walls. The experimental results demonstrate the effective of through-wall target detection based on the proposed algorithm. Copyright © 2013 John Wiley & Sons, Ltd.

The anomaly detection in big data has been studied. Taking the through wall human detection for example. A criterion with wavelet packet transform was induced and the detection procedure with statistical process control is constructed. The experimental results demonstrate the effective of through wall target detection based on the proposed algorithm.

Fuzz testing, also known as fuzzing, has long been recognized as an effective technique to detect software vulnerabilities. Unfortunately, this approach is demonstrated noneffective when applied to test programs with highly structured inputs, such as interpreters and compilers. These programs usually process inputs in several stages as lexing and parsing, where the test input will be rejected if its structure does not obey the grammar. In this paper, we present a novel approach for fuzzing highly structured input programs. By disassembling the existing test cases into multiple grammatical fragments and inferring their grammar structures, we build a new series of test cases that can pass the validation and reach the previously unexplored places in the target program. We have implemented this approach in our general fuzzing framework BlendFuzz. Experiments have shown that BlendFuzz achieves higher code coverage compared with other blackbox fuzzing tools. BlendFuzz has also detected over two dozens of previously unreported vulnerabilities in real-world applications, with seven of them being considered high risky. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes a novel approach for fuzzing programs with highly-structured input. We've implemented this approach in our general fuzzing framework BlendFuzz, which can achieve high code coverage and has detected over dozens of previously unreported vulnerabilities in real-world applications.

Securing scalable multimedia streams becomes an important issue with the emergence of various scalable multimedia coding standards and their wide spread applications. In this paper, we first propose two novel schemes for authenticating scalable multimedia streams over packet-lossy networks. The first scheme uses a digital signature to protect the integrity of a group of frames and uses erasure correction coding to combat packet loss. The second scheme employs message authentication code to protect integrity of individual frames, which is completely resilient to packet loss and greatly improves computational efficiency compared with the first scheme. With the second authentication scheme, we further present a scheme that provides both authentication and access control to scalable multimedia streams over packet-lossy networks. This third scheme uses symmetric encryption to enforce access control by allowing authorized users to decrypt substreams corresponding to their privileges and uses attribute-based encryption to disseminate secret keys to users. For the first two schemes, we analyze their performance in terms of computation cost, communication overhead, buffer size, and probability of successful authentication, whereas for the third scheme, we demonstrate its application to H.264 scalable video coding encoded streams. Copyright © 2013 John Wiley & Sons, Ltd.

Two novel authentication schemes for scalable multimedia streams over packet-lossy networks are proposed. The first scheme uses a digital signature to protect the integrity of a group of frames; the second scheme uses message authentication code to protect individual frame, making it packet loss-resilient and computationally efficient. Based on the second scheme, we propose a third scheme that provides authentication and collusion-free access control.

A mobile ad hoc network is a collection of mobiles, autonomous nodes that communicate in a cooperative manner over a wireless channel without any fixed infrastructure, nor built-in security. As such, this type of network is vulnerable to different types of attacks such as blackhole and wormhole attacks. A blackhole attack is a type of attack where the malicious node (so-called blackhole node) can attract all the data packets by using a forged route reply packet to falsely claim that it has a shortest route to the destination, thereby dropping all the data packets that it receives. In this paper, an improved version of a dynamic source routing (DSR) protocol (so-called detecting blackhole attack based on DSR (DBA-DSR)) is proposed to combat against blackhole attacks in mobile ad hoc networks. Unlike other solutions, which adopt a reactive approach in which blackhole nodes are identified only after the attack has been carried out on the network, our DBA-DSR scheme detects and isolates the blackhole nodes prior to the actual routing process. This is achieved by using fake route request packets. Simulation results are provided, demonstrating the superiority of DBA-DSR over DSR in terms of network throughput, packet delivery ratio, and routing overhead, chosen as performance metrics, when blackhole nodes are present in the network. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposed an improved version of the Dynamic Source Routing (DSR) protocol to combat against blackhole attacks in MANETs. The blackhole nodes are detected and isolated prior to the actual routing process.

By integrating the traditional grid with the advanced communication and information technologies, smart grid can provide a reliable and efficient energy service for our modern society. Data aggregation plays an important role in evaluating the current energy usage information of consumer domains, based on which the operation center can accommodate distributed power sources to maximize the utilization efficiency. However, it also incurs a potential risk to the consumer privacy. In this paper, we propose an anonymous multi-dimensional data aggregation for smart grid systems. With the proposed scheme, the operation center can compute both additive and non-additive aggregation functions over the collected reports from consumers. The computation cost of each consumer is independent of the number of collected data types. In addition, by using the batch verification technique, the operation center's computation cost can be significantly reduced. The security analysis demonstrates that the proposed scheme can achieve identity privacy preserving, data authentication, and confidentiality. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes an anonymous multi-dimensional data aggregation scheme for smart grid systems, which can be used for both additive aggregation functions and non-additive ones. In addition, the computation cost of user is independent of the number of collected data types.

With the rapid advancement of traffic classification techniques, a countermeasure against them called network traffic morphing, which aims at masking traffic to degrade the performance of traffic identification and classification, has emerged. Although several morphing strategies have been proposed as promising approaches, very few works, however, have investigated their impact on the actual traffic classification performance. This work sets out to fulfill this gap from an empirical study point of view. It takes into account different morphing strategies exerted on packet size (PS) and/or inter-arrival time (IAT) and evaluates them by simulation. The impact is evaluated by using three popularity used classification algorithms, including C4.5, Support Vector Machines , and Naïve Bayes, with various performance metrics considered. The results show that not all morphing strategies can effectively thwart traffic classification. Different morphing strategies perform distinctively in degrading traffic identification, among which the integration of PS and IAT morphings is the best, and the PS-based method alone is the worst. Furthermore, the three classifiers also exhibit distinct robustness to the morphing, with C4.5 being the most robust and Naïve Bayes being the weakest. Finally, our study shows that classifiers can learn nontrivial information merely from the traffic direction patterns, which partially explains the weak protection of PS-based morphing methods because they fail to take the direction patterns into consideration. Copyright © 2013 John Wiley & Sons, Ltd.

This work investigates the impact of traffic morphing on actual classification performance from an empirical study point of view. The results show that different morphing strategies perform distinctively in degrading traffic identification, and classifiers with different mechanisms also exhibit distinct robustness to the morphings. The study also shows that classifiers can learn nontrivial information merely from the traffic direction patterns, which partially explains the weak protection of some morphing methods which fail to take the direction patterns into consideration.

This paper proposes a secure mobility support scheme for 6LoWPAN wireless sensor networks. The paper first presents the IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) architecture where the routing can be automatically performed. With the architecture, both the hierarchical Internet protocol version 6 address structure and the secure address configuration algorithm for a 6LoWPAN wireless sensor network are proposed. With the architecture and the address structure, the secure intranetwork and internetwork mobility handover algorithms are presented, and they utilize the encryption and authentication to achieve the security. During the mobility process, a mobile node does not need a care-of address, so the mobility handover process includes neither the care-of address configuration operation nor the address-binding operation. As a result, the mobility handover cost and delay are reduced. Moreover, mobile nodes do not need to be involved in the mobility handover process, so the packet loss caused by mobile nodes' failure is avoided. During the intranetwork mobility handover process, a link address is used to identify a mobile node, so the size of a control message is reduced substantially. As a result, the transmission cost and delay are reduced. The paper analyzes the performance parameters of the proposed scheme, including mobility handover cost, delay, and packet loss rate. Compared with the existing scheme without security, the proposed scheme has relatively good mobility handover performance. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes a secure mobility support scheme for 6LoWPAN wireless sensor networks. The scheme utilizes the encryption and authentication to achieve the security. Compared with the existing schemes without security, the proposed scheme has relatively good mobility handover performance.

Dynamic analysis is typically performed in a closed network environment to prevent the malware under analysis from attacking machines on the Internet. However, many of today's malwares require Internet connectivity to operate and to be thoroughly analyzed in a closed network environment. We propose a secure and transparent network environment that allows the malware in a dynamic analysis environment to have seemingly unrestricted Internet access in a secure manner. Our environment transparently dispatches malicious network traffic to compatible decoys while allowing harmless control traffic to have Internet access. We use 12 real-world malware samples, which involve Internet connections, to evaluate the effectiveness of the proposed environment. The evaluation shows that the proposed environment can allow malware to exhibit more network activities than a closed network environment and can even outperform the baseline open network environment in some cases. In the meantime, Internet security is maintained by the dispatching of attack and propagation traffic to decoys inside the analysis environment. Copyright © 2013 John Wiley & Sons, Ltd.

Many of today's malwares require Internet connectivity to operate and to be thoroughly analyzed in a closed network environment. We propose a secure and transparent network environment that allows the malware in a dynamic analysis environment to have seemingly unrestricted Internet access in a secure manner. The environment can allow malware to exhibit more network activities than a closed network environment and can even outperform the baseline open network environment in some cases. In the meantime, Internet security is maintained by the dispatching of attack and propagation traffic to decoys inside the analysis environment.

This work proposes a novel scheme of commutative reversible data hiding and encryption. In encryption part, the gray values of two neighboring pixels are masked by same pseudo-random bits. In data-hiding part, the additional data are embedded into various bit planes with a reversible manner, and a parameter optimization method based on a capacity–distortion criterion is used to ensure a good performance. Because the data space used for accommodating the additional data is not affected by the encryption operation, the data embedded in plain/encrypted domain can be extracted from encrypted/plain domain, and the way of insertion/extraction of additional data in plain domain is same as that in encrypted domain. Furthermore, the original image can be recovered without any error from an image containing additional data. Copyright © 2013 John Wiley & Sons, Ltd.

A novel scheme of commutative reversible data hiding and encryption on digital images is proposed. The data insertion/extraction can be performed in both the plain and encrypted domains, and the ways of data insertion/extraction in the two domains are same. Furthermore, the original plain/encrypted image can be recovered without any error from a plain/encrypted image containing additional data.

Denial-of-Service attacks continue to plague the Internet. Tracing an individual attack packet to its origin is an important step in defending against these attacks. For this reason, researchers have proposed several approaches for single-packet IP traceback. Packet logging is a generic technique in these methods, which results in the high overhead at routers and low traceback accuracy. In this paper, we propose a novel path-based approach for single-packet IP traceback. Our approach makes use of the routing paths to set up traceback paths, instead of packet logging, so as to improve single-packet IP traceback in several dimensions: (i) our storage overhead is only related to the number of routing paths, no matter how many packets traverse on them; (ii) the number of queried routers during the traceback process is only related to the number of hops in the attack path; (iii) the false positives in attack-path construction can be negligible. We perform extensive mathematical analysis and simulations to evaluate our approach. The results show that our approach represents a step forward in preciseness and efficiency compared with the previous work. Copyright © 2013 John Wiley & Sons, Ltd.

Highlights

1. We make use of the routing paths to set up traceback paths, instead of packet logging.
2. We propose a novel path-based approach for single-packet IP traceback.
3. Our work is applicable to defend against the DoS attacks.

Vehicular ad hoc networks provide a safer driving environment by allowing vehicles to broadcast safety related messages and inform neighbouring vehicles regarding traffic and road conditions. Safety can only be achieved if transmission of messages is reliable. However, verification of reliability may violate privacy. On the other hand, it is desirable that malicious or defective vehicles can be identified and revoked. In this paper, we propose a new protocol by using certificateless signature and reputation system to achieve the sometimes contradictory requirements of a reliable, private and accountable vehicular ad hoc network message announcement scheme. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we propose a new protocol by using certificateless signature and reputation system to achieve the sometimes contradictory requirements of a reliable, private and accountable vehicular ad hoc network message announcement scheme.

One of the most important Universal Mobile Telecommunications System security breaches that were identified was the identity catching vulnerability. Whenever the user turns his mobile device on or if the service network fails, the International Mobile Subscriber Identity will be sent in clear over the radio link. This allows the International Mobile Subscriber Identity to be intercepted by an attacker who can use it for different purposes. In this paper, we present a Confidential Initial Identification Protocol that protects user identity and also offers the support for further Universal Mobile Telecommunications System security improvement, especially in the authentication and key agreement protocol and the security algorithms negotiation protocol. We show that these new protocols solve the identity catching vulnerability, limit the secret key exposure to cryptographic attacks, and increase the level of confidence of the user and the home network put in the service network. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we present a Confidential Initial Identification Protocol that protects user identity and also offers the support for further Universal Mobile Telecommunications System security improvement, especially in the authentication and key agreement protocol and the security algorithms negotiation protocol.

Traditionally, jamming to the wireless system is a fatal threat to the security of home area networks (HANs), which impedes the two-way data transmission between electric devices and the smart meter, and thus deteriorates the reliability of the in-home communication of Smart Grid. On the basis of this consideration, this paper incorporates the power line system into the HAN and proposes a hybrid architecture of orthogonal frequency-division multiplexing-based wireless communication and power line communication for the Smart Grid security application. With this new solution, the channel diversity of the HAN is realized, and the communication reliability is still guaranteed even when the wireless channel suffers from jamming. Simulation results validate the feasibility of the proposed hybrid architecture, and furthermore, as a receiver diversity scheme, selection combining is preferred to maximum ratio combining. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, a combination of the OFDM-based wireless communication and the existing in-home PL system is proposed as a hybrid HAN for Smart Grid. The Monte-Carlo simulation results show that the proposed hybrid structure effectively enhances the performance of the HAN for Smart Grid, and the reliability is guaranteed even when the wireless channel is threatened by a PHY jamming. Moreover, SC is highly recommended as the receive diversity scheme for the hybrid system.

Along with widespread information communication technology, digital management has been applied to a variety of fields. Considering the rapidly growing importance of medical treatment, for which medical record management plays a crucial role, it is time to make full use of digital techniques in the medical field. Doctors in different departments and locations can check the electronic records of patients without complex steps and can even consult together via the Internet. In this paper, we design a hierarchical–object–relational management system for electronic records (HORME). HORME can not only achieve the essentials of traditional paper-based record but can also satisfy the requirements of privacy and security according to the factorization problem, which makes it possible to protect the right of the legal doctors, patients, and hospitals. Copyright © 2013 John Wiley & Sons, Ltd.

Doctors in different departments and locations can check the electronic records of patients without any complicated steps and can even consult together via the Internet. In this paper, we design a hierarchical-object-relational management system for electronic records. Hierarchical-object-relational management system for electronic records can not only achieve the essentials of traditional paper-based record but can also satisfy the requirements of privacy and security according to the factorization problem, which makes it possible to protect the right of the legal doctors, patients, and hospitals.

The security of many cryptographic systems is based on the difficulty of solving systems of quadratic multivariate polynomial equations. XL family (which stands for eXtended Linearization) is a traditional type of algorithm for solving systems of multivariate polynomial equations over finite fields. The main idea of these algorithms is to extend the initial system by monomials multiplications and use linear algebra techniques to solve the system. The overall complexity of XL family is essentially determined by the workload of Gaussian elimination step. In this paper, we use the structured Gaussian elimination and parallel fast Gaussian elimination to reduce the complexity of XL family over GF(2). Because of the sparsity of the extended system, structured Gaussian elimination is applied to reduce the dimensions of the extended system. Thus, a great reduction of the storage can be obtained. By slightly modifying the logic of ordinarily Gaussian elimination, we parallelly compute the reduced system. Theory analysis indicates that the complexity of our improved XL, XL_SP, is (λT)², which is far lower than (7/64)T^2.8, the complexity of XL, where T is the number of monomials and λ is the ratio of the dimensions of the reduced system to the extended system. Further experiments to Hidden Field Equation cryptosystems show that about 90% reduction of the extended system is achieved by using structured Gaussian elimination, which means λ is about 1/10 in our experiments. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, our goal is to improve the two major weaknesses of XL family algorithms: the storage problem and the huge workload of Gaussian elimination step. We present the XL_SP, a combination of XL and an improved parallel Gaussian elimination (IPGE), to reduce the time and space cost of XL family over GF(2). The XL_SP will make the algebraic attacks be more practical.

In this paper, we present a new identity-based encryption (IBE) scheme using bilinear pairings. Compared with the famous IBE scheme of Boneh and Franklin, ours is more practical in the multiple private key generator (multiple-PKG) environment. We prove that our scheme meets chosen ciphertext security in the random oracle model, assuming the intractability of the standard bilinear Diffie–Hellman problem. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents a new IBE scheme using bilinear pairings. Compared with the famous IBE scheme of Boneh and Franklin, ours is more practical in the multiple private key generator environment. The two schemes enjoy the same level of security.

Virtual private local area network service (VPLS) is a layer 2 service provider-provisioned virtual private network service. Security is one of the key system requirements of a VPLS because it delivers the frames via an untrusted network. Several VPLS architectures are proposed during the recent years. However, many of them do not provide a sufficient level of security. On the other hand, the existing secure VPLS architectures are also suffering from the scalability issues, and they are infeasible to implement in large scale networks.

Hence, we present a scalable secure VPLS architecture based on host identity protocol (HIP). It includes a new session key-based security mechanism that provides the scalability both in forwarding and security planes. The initial simulations verify that our proposal comparatively reduces the complexity of the key storage at a node, the total key storage of the network, and the number of encryption per a broadcast frame. Additionally, it offers an efficient broadcast mechanism and comparably higher degree of security features than other existing VPLS proposals. The simulation results further confirm that our proposal is able to protect the control protocol of the VPLS from the Internet Protocol (IP)/transmission control protocol-(TCP) based attacks. Copyright © 2012 John Wiley & Sons, Ltd.

We proposed a secure and scalable VPLS network VPLS architecture based on Host Identity Protocol. It integrates a session key mechanism with HIP to provide extra security and scalability.

With the rapid development of cloud computing, more and more enterprises will outsource their sensitive data for sharing in a cloud. Many data sharing and access control schemes have been submitted. However, dynamic privileges among user groups were not considered. In many circumstances, some users may have higher privileges than others, and they can decrypt more contents than those with low privileges. Moreover, the data owner may want to dynamically control the privileges in data sharing. In this paper, we present an efficient framework for data sharing system to achieve dynamic privileges, basing on chameleon hash function and one-way function. With this framework, any data sharing and access control scheme can be turned into a dynamic privileged scheme, in which the data owner can change the group of each user dynamically and change the structure of privileges flexibly when it is needed. The proposed framework requires much less storage than previous schemes in handling dynamic privileges among the users. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents a solution to enable dynamic privileges for multiple groups in cloud storage where some group may have higher privileges than others and the members of each group may change dynamically. Based on chameleon hash function and one-way function, the proposed framework allows previous data sharing schemes to achieve efficient storage and at the same time the data owner can realize a complicated structure of privileges as long as it can be described by a directed acyclic graph.

Hackers generally do not use their own computers to launch attacks on the Internet to avoid exposing their actual locations. The trick involves an intruder connecting to a victim indirectly through a sequence of hosts called stepping-stone, which makes network managers difficult to detect the intrusion, often results in serious injuries. In this study, a detection method of stepping-stone based on the association rule mining of network traffic records is proposed. The association rules establish a model for detecting stepping-stones in accordance with collecting the connecting records in the governed network. Test records are gathered from the source and destination addresses of Internet protocol in a fixed time interval, which are then analyzed with the association rules algorithm to filter out the transmission characteristics of stepping-stone attacks. In the experimental results, empirical evaluation under 5 min of test records shows that the accuracy rate, the precision rate, and the recall rate are 83.81%, 84.26%, and 83.16%, respectively. When the test record gathering time is extended to 20 min, with the same detecting method, the three evaluations achieve 99.9%. The proposed detection method may be helpful to network management for detecting suspected stepping-stone attacks. Copyright © 2012 John Wiley & Sons, Ltd.

A detection method of stepping-stone based on the association rule mining of network traffic records is proposed. Empirical evaluation under 5 min of test records shows that the accuracy rate, the precision rate, and the recall rate are 83.81%, 84.26%, and 83.16%. When the test record gathering time is extended to 20 min, with the same detecting method, the three evaluations achieve 99.9%.

We propose a protocol to transfer a one-time pad (in a probabilistic manner) from Alice to Bob, over a public channel. The proposed protocol is unique because Bob merely acts as a receiver of the pad (secret key); that is, Bob does not need to send any message back to Alice unless he detects eavesdropping. Such a secure transfer of one-time pad, over public channel, is not possible in classical cryptography, and in quantum cryptography, all previous protocols require Bob to send almost as many messages back to Alice as she does to Bob to establish a key. Copyright © 2013 John Wiley & Sons, Ltd.

We propose a protocol to transfer a one-time-pad (in a probabilistic manner) from Alice to Bob, over a public channel. The proposed protocol is unique because Bob merely acts as a receiver of the pad. Such a secure transfer of one-time-pad, over public channel, is not possible in classical cryptography and in quantum cryptography all previous protocols require Bob to send almost as many messages back to Alice as she does to Bob, to establish a key.

Wireless mesh networks (WMNs) are proliferating as one of the key technologies of the next-generation networks. Security is one of the prime concerns towards actual implementation of any network technology for commercial applications. Network security has intrinsically two approaches—prevention based and detection based. Implementing firewalls or intrusion prevention techniques is often not an attractive solution for energy-constrained network nodes such as mobile ad hoc network (MANET) nodes or mesh clients in WMNs. However, in the era of pervasive and ubiquitous computing, commercial transactions are performed on the move and over portable devices such as cell phones and laptops. These devices have energy constraints, and hence, one cannot afford to adopt security measures with high computational overhead. This influences a shift in paradigm from active intrusion prevention to passive intrusion detection. In this paper, a new cluster-oriented reward-based intrusion detection system (CORIDS) has been proposed for WMNs. The performance of CORIDS has been evaluated using the Qualnet network simulator. Simulation results also establish superiority of CORIDS over Misbehavior Detection Algorithm, another recent trust-based IDS for WMN, both in terms of higher detection efficiency and lower false positives. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, a new cluster-oriented reward-based intrusion detection system (CORIDS) has been proposed for Wireless Mesh Networks. The simulation performances establish the effectiveness of CORIDS over another recent IDS named Misbehavior Detection Algorithm, both in terms of higher detection efficiency and lower false positives.

In this paper, the information-theoretic secrecy for the log-normal fading channel is investigated. In particular, the closed-form expressions of the probability of strictly positive secrecy capacity are derived for two wireless communication systems, with single eavesdropper and double eavesdroppers, respectively. Copyright © 2013 John Wiley & Sons, Ltd.

In wireless communications over stochastic channels, the instantaneous secrecy capacity can still be positive, even on the average the eavesdropper channel is stronger than the main channel. A fundamental metric is the probability of strictly positive secrecy capacity. This paper derives the probabilities of SPSC for two systems with log-normal fading.

The smart grid system is composed of the power infrastructure and communication infrastructure and thus is characterized by the flow of electric power and information, respectively. Although there is no doubt that the wireless communication architecture will play a significant role in smart grid, the wireless network introduces additional vulnerabilities, given the scale of potential threats. Therefore, the physical layer security issue is of first priority in the study of smart grid and has already attracted substantial attention in the industry and academia. In this paper, we aimed to present a general overview of the physical layer security in wireless smart grid and cover the effective countermeasures proposed in the literature of smart grid to date. We first investigate the security challenges from malicious attacks. Specifically, two typical forms of malicious attack in smart grid, namely, jamming and bad data injecting, are studied. In addition, the related countermeasures against these malicious attacks are illustrated. Further, we analyze the state of the art of the privacy issues in smart grid. The private information and privacy concerns are introduced, and then the effective solutions to privacy security are provided. Finally, voltage regulation, a security topic that has been hardly studied in the wireless smart grid domain, is presented. We expect that the work presented here will advance the research on smart grid security. Copyright © 2013 John Wiley & Sons, Ltd.

Although there is no doubt that the wireless communication architecture will play a significant role in smart grid, the wireless network introduces additional vulnerabilities. Therefore, the physical layer security issue is of first priority in the study of smart grid and has already attracted substantial attention in the industry and academia. In this paper, we aim to present a general overview of the physical layer security in wireless smart grid and cover the effective countermeasures proposed in the literature to date.

This paper concerns about logic vulnerabilities that result from faulty logic of a web application. Logic vulnerabilities typically accompany with the exposure of unexpected functionalities and lead to the bypass of the intended constraints. From a semantic perspective, logic vulnerabilities occur when mistakes arise in the control flows guarding the processes of invoking critical functionalities. In this paper, we propose the first lightweight static analysis approach to automatically detect logic vulnerabilities in Java web applications. Logic errors in our approach are characterized as erroneous invocations of functionalities. Program-slicing technique has been leveraged to capture the processes of invoking critical functionalities. A back-tracing algorithm is originally designed to extract control flows guarding functionality-invocation processes. Finally, logic vulnerability detection is transformed into mining abnormal functionality-invocation processes in a cluster of similar ones by comparing these processes' control flows. We implemented our approach in a prototype tool named logic vulnerability detector and evaluated it on seven real-world applications scaled from thousands to million lines of code. The evaluation results show that our approach achieves bigger coverage with acceptable cost and better scalability than previous approaches. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we propose the first lightweight static analysis approach to automatically detect logic vulnerabilitiesin Java web applications. We implemented our approach using program-slicing technique and a back-tracingextracting algorithm for control flow, and evaluated it on seven real-world applications scaled from thousands to million lines of code. The evaluation results show that our approach achieves bigger coverage with acceptable cost and better scalability than previous approaches.

User authentication procedures are essential for global mobility networks and enable a mobile user to communicate securely with other users. Chang et al. recently presented an efficient authentication scheme with user anonymity in roaming environments. The authentication scheme of Chang et al. used low-cost functions and was most suitable for battery-powered mobile environments. However, Youn et al. pointed out that their authentication scheme cannot ensure user anonymity and resist known session key and side channel attacks. This study will demonstrate that the scheme of Chang et al. cannot resist impersonation attacks and violates session key security. In addition, this study present a secure and efficient authentication scheme based on the scheme of Chang et al. The proposed scheme not only avoids the weaknesses of the authentication scheme of Chang et al. but also ensures data unlinkability and users untrackabilty. Copyright © 2013 John Wiley & Sons, Ltd.

This investigation demonstrates that the scheme of Chang et al. cannot resist impersonation attacks and violates session key security. In addition, a secure and efficient authentication scheme based on the scheme of Chang et al. is proposed. The proposed scheme avoids the weaknesses of the authentication scheme of Chang et al. and ensures data unlinkability and users untrackability.

Stream reassembly is the premise of deep packet inspection, regarded as the core function of network intrusion detection system and network forensic system. As moving packet payload from one block of memory to another is essential for the reason of packet disorder, throughput performance is very vital in stream reassembly design. In this paper, a stream reassembly card (SRC) is designed to improve the stream reassembly throughput performance. The designed SRC adjusts the sequence of packets on the basis of the multicore network processing unit by managing and reassembling streams through an additional level of buffer. Specifically, three optimistic techniques, namely stream table dispatching, no-locking timeout, and multichannel virtual queue, are introduced to further improve the throughput. To address the critical role of memory size in SRC, the relationship between the system throughput and memory size is analyzed. Extensive experiments demonstrate that the proposed SRC achieves more than 3 Gbps in terms of reassembly and submission throughput and triply outperforms the traditional server-based architecture with a lower cost. Copyright © 2013 John Wiley & Sons, Ltd.

To improve the throughput performance of stream reassembly in network intrusion detection system and network forensics system, this paper proposes a stream reassembly card (SRC) based on multicore network processing unit (NPU). To take full advantage of NPU, three optimistic techniques called stream table dispatching, no-locking timeout, and multichannel virtual queue are introduced to further obtain higher performance. The relationship between the system throughput and memory size is analyzed, and experiment results based on real system are given.

Two novel public key encryption schemes based on the non-Abelian factorization problems were proposed. Both of them are proved to be indistinguishable against adaptively chosen ciphertext attack (IND-CCA2) in the random oracle models. These constructions have the potential to resist Shor's quantum algorithm attack proposed in 1994 and give affirmative answers for the open question announced by Myasnikov, Shpilrain and Ushakov in 2011. Copyright © 2013 John Wiley & Sons, Ltd.

Two novel public key encryption schemes based on the non-Abelian factorization problems were proposed. Both of them are proved to be indistinguishable against adaptively chosen ciphertext attack (IND-CCA2) in the random oracle models. These constructions have the potential to resist Shor's quantum algorithm attack proposed in 1994 and give affirmative answers for the open question announced by Myasnikov, Shpilrain and Ushakov in 2011.

Cloud storage enables users to access their data at any time anywhere. It has the advantages of high scalability, ease of use, cost effectiveness, and so on. However, the server that stores users' data may not be fully trustworthy. When users store their data in cloud storage, they concern much about data intactness. This is the goal of remote data possession checking schemes. This paper proposes a Hill cipher-based remote data possession checking scheme. The main idea of the scheme comes from the homomorphism of Hill cipher, namely the tags computed from plaintext blocks can be used to compare with the tags computed from ciphertext blocks. It has several advantages as follows. First, it is efficient in terms of computation and communication. Second, it allows verification without the need for the challenger to compare against the original data. Third, the scheme only needs to store a small amount of metadata and use only small challenges and responses. Finally, it performs data possession checking at the same time it provides confidentiality of data. The security and performance analysis illustrates that the scheme is feasible and effective. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes a Hill cipher-based RDPC scheme. It is efficient in terms of computation and communication. It performs data possession checking and at the same time provides confidentiality of data.

Several multiparty systems supporting group-based and cloud-based applications have been proposed in the context of smart grid. An important requirement of these systems is that the devices/parties need to communicate with each other as members of a group. In this paper, we present an efficient group key (GK) management scheme aimed at securing the group communications, for instance, from the utility to appliances and smart meters located in different homes. Our scheme is based on the X.1035 password-authenticated key exchange protocol standard and also follows the cluster-based approach to reduce the costs of the GK construction and maintenance for large groups. Our protocol enables secure communications utilizing any communication technology. Analysis using one of the best evaluation tools in the technical community shows that our constructed GK is valid and secure against well-known attacks. We also show that the proposed scheme supports forward and backward secrecy and is more efficient in comparison with other GK mechanisms in the literature. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we present an efficient group key (GK) management scheme aimed at securing the group communications, based on the X.1035 standard, and also follow the cluster-based approach to reduce the costs of the GK construction and maintenance for large groups. Our work is motivated by security of the multiparty systems supporting group-based and cloud-based applications that have been proposed in the context of smart grid.

Information security using chaotic dynamics is a novel topic in the wireless sensor network (WSN) research field. After surveying analog and digital chaotic security systems, we give a state of the art of chaotic S-Box design. The substitution tables are nonlinear maps that strengthen and enhance block crypto-systems. This paper deals with the design of new dynamic chaotic S-Boxes suitable for implementation on wireless sensor nodes. Our proposed schemes are classified into two categories: S-Box based on discrete chaotic map with floating point arithmetic (cascading piecewise linear chaotic map and a three-dimensional map) and S-Box based on discrete chaotic map with fixed-point arithmetic (using discretized Lorenz map and logistic–tent map). The security analysis and implementation process on WSN are discussed. The proposed methods satisfy Good S-Box design criteria and exceed the performance of Advanced Encryption Standard static S-Box in some cases. The energy consumption of different proposals and existing chaotic S-Box designs are investigated via a platform simulator and a real WSN testbed equipped with TI MSP430f1611 micro-controller. The simulations and the experimental results show that our proposed S-Box design with fixed-point arithmetic Lorenz map has the lowest energy-consuming profile compared with the other studied and proposed S-Box design. Copyright © 2013 John Wiley & Sons, Ltd.

Information security using chaotic dynamics is a novel topic in the wireless sensor network (WSN) research field. This paper deals with the design of new dynamic chaotic S-Boxes suitable for implementation on wireless sensor nodes. The proposed methods satisfy Good S-Box design criteria and exceed the performance of Advanced Encryption Standard static S-Box in some cases. The energy consumption of different proposals and existing chaotic S-Box designs are investigated via a platform simulator and a real WSN testbed.

In this paper, we study the important issue of verifying service-level agreement (SLA) with an untrusted cloud and present an SLA verification framework that utilizes a third-party auditor (TPA). A cloud provides users with elastic computing and storage resources in a pay-as-you-go way. An SLA between the cloud and a user is a contract that specifies the computing resources and performances that the cloud should provide to the user. A cloud service provider (CSP) has incentives to cheat on the SLA, for example, providing a user with less central processing unit and memory resources than specified in the SLA, which allows the CSP to support more users and make more profits. A malicious CSP can easily disrupt the existing SLA monitoring/verification techniques by interfering with the monitoring/measurement process. A TPA resolves the trust dilemma between a CSP and its users. Under the TPA framework and the untrusted-cloud threat model, we design two effective testing algorithms that can detect an SLA violation of the virtual machine memory size. Using real experiments, we demonstrate that our algorithms can detect cloud cheating on a virtual machine's memory size (i.e., SLA violations). Furthermore, we show that our testing algorithms can defend various attacks from a malicious CSP, which tries to hide an SLA violation. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents a flexible and scalable framework that utilizes a third-party auditor for cloud service-level agreement verification. We design two novel testing algorithms that can detect a service-level agreement violation of a virtual machine's memory size. Real experimental results demonstrate that our algorithms can effectively detect cloud service-level agreement violations on virtual machine memory size while defending various attacks from a malicious cloud.

In this paper, we propose a new security log management scheme for smart surveillance in a multi-camera environment. Basically, our security log consist of descriptions for various behavior properties of moving objects, such as motion type, time, and speed in a merged camera view. To generate such security log, we first analyze the input video frame from each surveillance camera and construct a motion vector of interest points in the frame. By analyzing the motion vector, we recognize moving objects and trace their local behavior in the video. On the basis of this analysis, we can calculate various global behavior features of the objects in the merged camera view, which can be acquired by stitching together the frames from multiple camera inputs. Such global behavior features are captured into security logs, which can be used to smartly carry out various surveillance operations such as retrieving objects whose behavior is similar to a query behavior or whose behavior shows predefined abnormality. Because our scheme treats all the objects in the frame independently, it can handle multiple objects simultaneously. We implemented a prototype system and performed various experiments to demonstrate that our scheme can achieve a reasonable performance. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we propose an intelligent security log management scheme for smart surveillance in a multi-camera environment. The figure shows the overall steps for generating security logs. We represent various global behavior features of moving objects in the merged camera view into security logs and efficiently perform various surveillance operations such as retrieving objects whose behavior is similar to a query behavior or shows predefined abnormality.

IP prefix hijacking remains a serious security threat to the traditional services in the Internet. It also harms the confidentiality and integrity of user data in Internet-enabled cloud services because of its great dependence on Internet routing infrastructure. In addition, collaborations between networks in the cloud environment, especially in cross-domain deployment, bring about new types of prefix hijacking attack, which may cause greater impact due to side-effect of the cooperation of victim and infected autonomous systems. It is important to understand what impact a prefix hijacking attack can cause and how the number and locations of participants can affect the attacking results. In this paper, we model this problem as an attack planning task and solve it by applying a genetic algorithm. By analyzing the best solution to the problem, we find that the type of victims plays a more important role in IP prefix hijacking than that of attackers. Attackers can gain great impact even when the prefixes of a small number of victims are hijacked. For attack planning, the degree of an autonomous system is a major criterion to be considered. These findings are useful for securing cloud computing networks by preventing and eliminating IP prefix hijacking attacks. Copyright © 2013 John Wiley & Sons, Ltd.

We model the IP prefix hijacking as an attack planning task and solve it by a genetic algorithm. We find that victim plays a more important role than attacker great impact can be gained even when a small number of victims are hijacked and the degree of an autonomous system is a major criterion to be considered for attack planning. These findings are useful for securing cloud computing networks by preventing and eliminating this type of attack.

Three-party encrypted key exchange (3PEKE) enables two communicating parties to securely exchange confidential and authenticated information over an insecure network via a trusted server. This investigation presents a novel efficient and secure 3PEKE protocol using a super-poly-to-one trapdoor function. The proposed protocol employs the Diffie–Hellman key exchange and adopts the technique that the clients can publicly exchange the factors for generating the session key without the help of the server to reduce the numbers of transmissions. A round-efficient version of the proposed 3PEKE protocol is also described. Compared with related approaches, the proposed protocol not only retains security requirements and possesses lower computational cost but also has fewer transmissions and realizes the lower bounds of communications. Copyright © 2013 John Wiley & Sons, Ltd.

This investigation presents a novel efficient and secure three-party encrypted key exchange protocol using trapdoor functions and its round-efficient version. The proposed protocol employs the Diffie-Hellman encrypted key exchange and adopts the technique that the clients can publicly exchange the factors for generating the session key without the help of the server to reduce the numbers of transmissions. Compared with related approaches, the proposed protocol retains security requirements, possesses lower computational cost, and has fewer transmissions.

The recent developments of advanced intrusion detection systems in the cyber security field provide opportunities to proactively protect the computer network systems and minimize the impacts of attackers on network operations. This paper is intended to assist the network defender find its best actions to defend against multistage attacks. The possible sequences of interactions between the attackers and the network defender are modeled as a two-player non-zero-sum non-cooperative dynamic multistage game with incomplete information. The players are assumed to be rational. They take turns in making decisions by considering previous and possible future interactions with the opponent and use Bayesian analysis after each interaction to update their knowledge about the opponents. We propose a Dynamic game tree-based Fictitious Play (DFP) approach to describe the repeated interactive decisions of the players. Each player finds its best moves at its decision nodes of the game tree by using multi-objective analysis. All possibilities are considered with their uncertain future interactions, which are based on learning of the opponent's decision process (including risk attitude and objectives). Instead of searching the entire game tree, appropriate future time horizons are dynamically determined for both players. In the DFP approach, the defender keeps tracking the opponent's actions, predicts the probabilities of future possible attacks, and then chooses its best moves. Thus, a new defense algorithm, called Response by DFP (RDFP), is developed. Numerical experiments show that this approach significantly reduces the damage caused by multistage attacks and it is also more efficient than other related algorithms. Copyright © 2013 John Wiley & Sons, Ltd.

In the cybersecurity field, the possible sequences of interactions between the attackers and the network defender are modeled as a two-player non-zero-sum non-cooperative dynamic multi-stage game with incomplete information. Based on the recent developments of advanced intrusion detection systems, a new defense algorithm, called Response by Dynamic game tree-based Fictitious Play (RDFP), is developed for the defender to consider previous and possible future interactions with the attackers, update his/her knowledge about the opponents, and find the best defending strategies quickly.

Privacy theft malware has become a serious and challenging problem to cyber security. Previous methods are of different categories: one focuses on the outbound network traffic and the other one dives into the inside information flow of the program. We incorporate dynamic behavior analysis with network traffic analysis and present an abstract model called Privacy Petri Net (PPN), which is more applicable to various kinds of malware and more understandable to users. In consideration of the multi-process technique adopted by new malware, we also model the collaborative behaviors between different malicious functionality modules with PPN. We apply our approach to real-world malware, and the experiment result shows that our approach can effectively find categories, content, source, and destination of the privacy theft behavior of the malware sample. Copyright © 2013 John Wiley & Sons, Ltd.

We incorporate dynamic behavior analysis with network traffic analysis and present an abstract model called Privacy Petri Net (PPN), which is more applicable to various kinds of malware and more understandable to users. We model the relay race, master–slave, and dual active collaborative behaviors between different malicious functionality processes with PPN. We apply our approach to real-world malware, and the experiment result shows that our approach can effectively detect and analyze the privacy theft behavior of the multi-process malware sample.

Honeypots play an important role in collecting relevant information about malicious activities that happen on the Internet. In this paper, we are particularly interested in attacks targeting Web services. We therefore propose a honeypot implementation for Web services, called WS Honeypot. However, the data collected by honeypots can become very large, which greatly complicates the analysis task performed by the human analyst. As a solution for this problem, we propose in this paper an automatic technique to analyze the data collected from our WS Honeypot. The proposed approach is based on four machine learning methods: support vector machines, support vector regression, spectral clustering, and k-means clustering. Our main objectives are to analyze the collected data, automatically characterizing the captured attacks and detecting the denial-of-service and novel attacks. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we propose an automatic technique to analyze the data collected from our Web service Honeypot. The proposed approach is based on four machine learning methods: support vector machines, support vector regression, spectral clustering, and k-means clustering. Our main objectives are to analyze the collected data, automatically characterizing the captured attacks and detecting the denial-of-service and novel attacks.

The wide use of high-performance image acquisition devices and powerful image-processing software has made it easy to tamper images for malicious purposes. Image splicing, which has constituted a menace to integrity and authenticity of images, is a very common and simple trick in image tampering. Therefore, image-splicing detection is of great importance in digital forensics. In this paper, an effective framework for revealing image-splicing forgery is proposed. First, the local binary pattern operator is used to model magnitude components of two-dimensional arrays obtained by applying multisize block discrete cosine transform to test images. Then, all of bins of histograms computed from local binary pattern codes are served as discriminative features for image-splicing detection. After that, kernel principal component analysis is utilized to reduce the dimensionality of the proposed features to avoid the high computational complexity, high mutual correlation among the constructed features and possible overfitting for support vector machine classifier. Finally, support vector machine classifier is employed to distinguish spliced images from authentic images by using the final dimensionality-reduced feature set. The experiment results show that the proposed method can perform better than some state-of-the-art methods in terms of the detection performance over the Columbia image-splicing detection evaluation dataset. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, an effective framework for revealing image-splicing forgery is proposed. The local binary pattern operator is used to model magnitude components of two-dimensional arrays obtained by applying multisize block discrete cosine transform to test images. Kernel principal component analysis is utilized to reduce the dimensionality of the constructed features for making the computational cost more manageable. Experiment results show that the proposed method can perform better than some state-of-the-art methods

Security in wireless sensor networks demands an efficient key management scheme. As sensors typically operate unattended, it becomes quite important to ensure security to cryptographic keys stored in their memories. In this scenario, the development of lightweight encryption mechanisms is a challenge because of sensor-constrained resources. In this work, we present a mechanism tailored to sensor networks called SENSORLock applying it to a specific case. Our main contribution is to propose, analyze, and demonstrate the feasibility of SENSORLock for secure symmetric key distribution solving the stored key exposure problem. Analytical results demonstrate that this approach increases the system's security against the tampering of sensor nodes. Additionally, the mechanism is evaluated using simulation and practical experiments, using the TinyOS platform. Simulation results reveal that this scheme introduces very low processing overhead, in the order of nanoseconds, and an estimated power consumption quite similar to existing approaches. Besides, practical experiments indicate that the scheme can be deployed by off-the-shelf sensors, such as MicaZ and TelosB. Copyright © 2012 John Wiley & Sons, Ltd.

This work presents a key management mechanism tailored to sensor networks called SENSORLock. Our main contribution is to propose, analyze, and demonstrate the feasibility of SENSORLock for secure symmetric key distribution solving the stored key exposure problem. Simulation results reveal that such mechanism introduces very low processing overhead, in the order of nanoseconds, and an estimated power consumption quite similar to existing approaches. Besides, practical experiments indicate that the scheme can be deployed by off-the-shelf sensors, such as MicaZ and TelosB.

In wireless sensor networks (WSNs), due to low cost, limited resource, and large scale, symmetric key-based key pre-distribution schemes are considered to be very suitable, but they cannot thoroughly solve authentication problem and resilience problem against physical capture. So, some researchers attempt to improve the traditional public-key cryptography to meet security requirements of the WSNs. In this paper, at first, to create the hybrid network model, the number range of cluster heads is determined according to the change of the average path length with the probability that the nodes are selected as the cluster heads. Next, based on the characteristics of the hybrid WSNs, a novel security mechanism is proposed by making use of the advantages of the symmetric cryptography and asymmetric cryptography. Our scheme can provide different security mechanism for the vital link and the ordinary link, respectively. In order to balance the energy consumption over all nodes, a selecting cluster head algorithm is proposed to rotate periodically cluster heads among all nodes and to compute the optimal number of times transmitting data per round. At last, our experiment shows that our scheme not only can provide sufficient security but also have the lowest energy overhead and the perfect connectivity. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, at first, the number range of cluster heads is determined according to the change of the average path length with the probability that the nodes are selected as the cluster heads. Next, a novel security mechanism is respectively proposed for the vital link and the ordinary link. At last, in order to balance the energy consumption over all nodes, a selecting cluster head algorithm is proposed to rotate periodically cluster heads.

In this paper, a sealed-bid multi-attribute auction protocol that mainly focuses on security issues (i.e., bid privacy, bidder anonymity, and fairness problem) is presented. In recent years, existing literatures mainly focus on the multi-attribute winner determination problem and other issues, but research of multi-attribute e-auction just begin from the perspective of information security. The new proposal is motivated by the conflict between bidder anonymity and denial-of-service attack from an insider. It utilizes private set intersection method to solve the privacy problem of winner determination of sealed-bid multi-attribute auction. The proposed sealed-bid auction scheme preserves the strong privacy of the bids and provides verifiable correctness. According to the security analysis, it satisfies the security requirements of an e-auction. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, a sealed-bid multi-attribute auction protocol that mainly focuses on security issues is presented. The proposal preserves the strong privacy of the bids and provides verifiable correctness. According to the security analysis, it satisfies the security requirements of an e-auction. Figure: it is provided by 1.eps.

In mobile ad hoc networks (MANETs), nodes are mobile in nature, but at the same time, they are assumed to rely on each other to relay their traffic even in case the wireless transmission medium is out of range. This requirement poses a serious challenge when malicious nodes are present in the MANET and may contribute to the routing operations, either by tampering the data packets or dropping them. This paper addresses this particular type of wormhole attacks, by introducing an enhancement (the so-called E-HSAM) to a recently proposed ad hoc on-demand distance vector-based protocol for preventing against such attacks in MANETs (the so-called highly secured approach against attacks on MANETs (HSAM)). Our contributions are twofold: (i) a simulation study of the HSAM protocol is provided for the first time, and (ii) the Advanced Encryption Standard (AES) is introduced in the route selection phase of E-HSAM (yielding our so-called E-HSAM-AES scheme) to strengthen the integrity of the data while securing the potential routes chosen for data transfer from source to destination nodes. Simulation results are presented, showing the superiority of E-HSAM-AES over E-HSAM and HSAM in terms of packet delivery ratio and broken link detected during data transmission, chosen as performance metrics. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes an enhancement to a protocol for preventing and mitigating packet dropping and message tampering attacks on mobile ad hoc networks. A cryptography primitive is introduced to secure the data integrity and routing.

The next-generation networks improve people's quality of life with new services and applications. The evolution of Internet technologies also promoted the development of electronic commerce and the evolution of mobile payments. Near field communication (NFC) was proposed as a new short-range wireless technology and can play an important role in such issues. Money transactions among mobile devices could play an important role in a near future in order to simplify and perform such operations safely. Furthermore, it is important that tasks are easy to perform. Then, this paper presents a mobile solution based on a peer-to-peer communication system for money transfer, based on NFC and Bluetooth communications. A hybrid communication protocol combining the security characteristics of NFC and better Bluetooth data transfer rates is proposed. The proposal was deployed in real environments, and it was evaluated, demonstrated, and validated with different NFC tags and the Bluetooth traffic was also analyzed. It was shown that system presents good response times. The solution offers a friendly user's interface and very easy to use, guaranteeing the security of money transfer, and it is ready for use. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents a hybrid NFC–Bluetooth peer-to-peer mobile application where it is used as a payment method. This protocol combines the security characteristics of NFC and the features of Bluetooth, which presents the faster data transfer rates. The proposal has been deployed on Android system, but it can be extended to other operating systems with NFC support. With this system, the user has a safety method to create a safe, reliable, and trusted operation to transfer cash.

By combining multiple factors during authentication, a service can provide better assurance of security. However, the users are likely to feel inconvenient, or even discard the service. This paper, therefore, addresses this issue and introduces a novel method, referred to as the Quantified riSk and Benefit adaptive Authentication Factors combination (QSBAF). QSBAF balances the requirements for both security and usability in the authentication of an information system and improves the system's ability to respond quickly to emerging risky events. In QSBAF, the authentication factors can be dynamically combined on the basis of quantified risk, benefit measurements, and combination policies. Furthermore, QSBAF provides an adaptive mechanism, which is driven by history data to justify the measurements of risk and benefit. In this paper, we use the online banking system as a typical scenario to demonstrate the usage of QSBAF. We also implement a prototype of QSBAF to evaluate the performance of its feasibility in real application scenarios. Copyright © 2013 John Wiley & Sons, Ltd.

Quantified riSk and Benefit adaptive Authentication Factors combination (QSBAF) balances the requirements for both security and usability in the authentication of an information system and improves the system's ability to respond quickly to emerging risky events. In QSBAF, the authentication factors can be dynamically combined on the basis of quantified risk, benefit measurements, and combination policies. Furthermore, QSBAF provides an adaptive mechanism, which is driven by history data to justify the measurements of risk and benefit.

The long-term vision for modernization of power management and control systems, smart grid, is rather complex. It comprises several scientific traditions: supervisory control and data acquisition systems, automation systems, information and communication technology, safety, and security. Integrating information and communication technology systems and power management and control systems causes a need for a major change regarding system design and operation, in which security controls are required and implemented, and how incidents are responded to and learned from. This paper presents concerns that need to be addressed in order for the implementation of smart grids to succeed from an information security point of view: a unified terminology, a fusion of cultures, improved methods for assessing risks in complex and interdependent systems, preserving end users' privacy, securing communications and devices, and being well prepared for managing unwanted incidents in a complex operating environment. Copyright © 2013 John Wiley & Sons, Ltd.

From an information security point of view, certain concerns need to be addressed in order for the implementation of smart grids to succeed: a unified terminology, a fusion of cultures, improved methods for assessing risks in complex and interdependent systems, preserving end users' privacy, securing communications and devices, and being well prepared for managing unwanted incidents in a complex operating environment.

As the arms race between botmasters and defenders becomes increasingly common, the emerging advanced botnets have evolved to be more resilient to traditional mitigation strategies. For security-conscious Internet users, the host-based security software (i.e., antivirus and firewall) could provide effective protection against the botnet attacks; however, the remaining security-unconscious users will suffer from the botnet attacks and will be compromised easily. Consequently, how to protect both security-conscious and security-unconscious users against advanced botnets (without any command and control vulnerability) has posed a great challenge to this day. In this paper, we propose the idea of botnet spoofing that aims at addressing the aforementioned challenge to some degree. Botnet spoofing exploits the essential property of a persistent bot that it MUST obtain its file path before subsequent autostart registration or self-propagation to spoof a specific bot and trick the specific bot to propagate BotSpoofer instead of propagating itself, consequently making the victim not only avoid an originally successful attack but also achieve extra protection provided by BotSpoofer. Thus, botnet spoofing is independent of the vulnerability, protocol, and structure of botnet command and control. To prove the feasibility of botnet spoofing, we create a prototype named ConSpoofer-targeting Conficker. The results show that ConSpoofer could be passively delivered to other victims, which are located by Conficker, through Conficker's three propagation methods in an automatic, simple, accurate, and scalable manner. The goal of our work is to provide a new mitigation strategy that will promote the development of more efficient countermeasures against advanced botnets. Copyright © 2013 John Wiley & Sons, Ltd.

Botnet spoofing exploits the essential property of a persistent bot that it must obtain its file path before subsequent auto-start registration or self-propagation to spoof a specific bot and trick the specific bot to propagate BotSpoofer instead of propagating itself, consequently making the victim not only avoid an originally successful attack but also achieve extra protection provided by BotSpoofer. Thus, botnet spoofing is independent of the vulnerability, protocol, and structure of botnet C&C.

A personal network (PN) should enable the collaboration of user's devices and services in a flexible, self-organizing, and friendly manner. For such purpose, the PN must securely accommodate heterogeneous technologies with uneven computational and communication resources. In particular, personal radio frequency identification (RFID) tags can enable seamless recognition of user's context, provide user authentication, and enable novel services enhancing the quality and quantity of data handled by the PN. However, the highly constrained features of common RFID tags and their passive role in the network highlights the need of an adequate secure communication model with personal tags, which enables their participation as a member of the PN. In this paper, we present our concept of PN, with special emphasis on the role of RFID and sensor networks, and define a secure architecture for PNs including methods for the secure access to context-aware technologies from both local PN members and the Internet of Things. The PN architecture is designed to support differentiated security mechanisms to maximize the level of security for each type of personal device. Furthermore, we analyze which security solutions available in the literature can be adapted for our architecture, as well as the challenges and security mechanisms still necessary in the secure integration of personal tags. Copyright © 2013 John Wiley & Sons, Ltd.

This paper analyzes how to achieve the secure integration of personal radio frequency identification (RFID) tags and sensor networks in the heterogeneous network of personal devices. It proposes a secure architecture for the personal network (PN) designed to accommodate these context-aware technologies including their complete life cycle: device initialization, secure ownership transfer, key management, and enforcement of privacy policies. Secure communication models are provided to enable the access from the Internet of Things and local PN nodes to the RFID tags and sensors.

Inside a machine-to-machine (M2M) environment, a device is very much a communication subject. Machine and gateways are important communication subjects. It can be collecting or storing surrounding information as user's intention. There is a case that infringes other person's privacy such as not passing through a certification process of the user or communication chairman who requests communications among the information that is collected by the machine. Therefore, we wish to propose privacy problem solving using device and user authentication (PSDUA) that can support the certification process between device and user communicating the subject in M2M environment and can support the user in another certification work about various services. PSDUA proposes a design that can pass through a light certification process based on existent system. For example, Kerberos and public key infrastructure (PKI) can support very heavy certification process but our proposed scheme cannot. However, our proposed system can act easily and fast and that gradual access may be possible using time stamp, device identification, and user log-in information. It can also protect privacy information of other person or machines that are not the subject of communication. Additionally, we also check about confidentiality, integrity, and safety of machine-in-the-middle attack. Also, we can show safety in our proposed system. Our proposed scheme will provide solutions on various securities privacy problems. Copyright © 2013 John Wiley & Sons, Ltd.

Privacy problem solving using device and user authentication is a rapid and user authentication procedure that is very simple and easy. It is very important point against of Kerberos and public key infrastructure. The proposed system suggests solving a privacy problem with machine in machine-to-machine environments. Our proposal scheme has more efficiency because this system has immigrated design method of user authentication and service authentication to solve privacy problems. Therefore, our system can prevent confidentiality, integrity, man-in-the-middle attack, and replay attack.

In order to resolve the problem that collusion attack on attribute-based encryption (ABE) with multi-authority, we firstly formulize user action of making request for key into legality and collusion by the relationship between user's attributes and decryption threshold. Furthermore, we propose an ABE scheme without presenting user's global ID (GID). In our first system, a trusted central authority assists each attribute authority (AA) to independently run a security check for users' requests, such that only legal users have power to decrypt a message. In order to prevent a malicious user from passing security check by submitting duplication request to AA, we improve the first system by our second system, where the same requests of different users are transformed into different ones associated with the subset of attributes indexes. Finally, in order to adapt this transformation to ABE, discrete Fourier transform and inverse discrete Fourier transform are used to share and recover secret key, respectively. As shown in the results of security and performance evaluation, our scheme not only improves user's privacy but also is more efficient than existing ABE schemes. Copyright © 2013 John Wiley & Sons, Ltd.

This paper constructs two systems of attribute-based encryption without presenting user's global ID. In our first system, a trusted central authority assists each attribute authority to independently run a security check for users' requests. In our second system, discrete Fourier transform and inverse discrete Fourier transform are used to share and recover secret key, respectively. Finally, proposed scheme not only improves user's privacy while defending against collusion attack but also is more efficient than existing schemes.

Trust mechanism has become a research focus in recent years as a novel and valid way to ensure the transaction security in peer-to-peer file sharing networks. Nevertheless, some fundamental challenges still exist, for example: How can malicious peers be effectively isolated? How can various threats of manipulation by strategic peers be resisted? What strategy should be used to ensure that the service providers are authentic peers? Considering these challenges in our minds, in this paper, we propose a new trust mechanism based on the maximum flow theory. We firstly add a few prestigious peers into a cluster as the original members according to their transaction behaviors in a period; then, we perform maximum flow algorithm and identify those peers that still link from (to) the peers in the cluster as new members, which is carried out repeatedly, and almost every normal peer would finally become the member of the cluster. Each request peer has the priority to select downloading sources from this cluster according to our trust mechanism. In this way, the malicious peers are isolated, and their transaction behaviors are also confined largely even though they have high reputation. Extensive experimental results confirm the efficiency of our trust mechanism against the threats of exaggeration, cheat, collusion, and disguise. Copyright © 2013 John Wiley & Sons, Ltd.

The maximum flow based trust mechanism can make normal peers cluster together to isolate those different types of malicious peers (IMPs, CMPs, and DMPs). Request peers firstly select those peers that are in cluster as service providers; in this way, the malicious peers are constrained to carry out transaction even if they have high reputation values. Recall and precision, two widely used statistical classifications, are introduced by design to obtain rational amount of original peers in cluster.

Peer-to-peer (P2P) networks are distributed, decentralized, dynamic networks that are self-organized and self-managed. P2P networks have emerged over the past several years as an effective and scalable medium for sharing distributed resources. However, determining the reliability and trustworthiness of the participating peers still remains a major security challenge. Reputation-based trust management calculates peer trust as a measure of recommendations received from other peers. Malicious peers may give wrong reputation scores and also collude with other peers to make themselves or others appear trustworthy. In this paper, we propose the use of outlier detection technique to detect false testimony as outliers. We have applied rough set theory, an efficient and intelligent mathematical tool, to detect the outliers in the trust scores. We present the detailed methodology for implementing rough set theory for P2P network and detecting outlier scores in reputation metrics given by other peers and compared the model with the mechanism to detect outliers with the Eigen Trust model and eBay system. Trust computation without the outlier scores would be more accurate and enable proper verification and evaluation of peer trustworthiness. Copyright © 2013 John Wiley & Sons, Ltd.

Reputation trust management systems in peer-to-peer networks trust a peer on the basis of the recommendations about the peer received from all other peers in the form of scores. Malicious peers may give wrong reputation scores and also collude with other peers to make themselves or others appear trustworthy. In this paper, rough set theory, a mathematical tool, is used to detect and eliminate outlier scores in trust computation. The performance of the system has been tested, and the results have shown that the trust computation without outliers would be more accurate in evaluating the trustworthiness of a peer.

Defense mechanisms against distributed denial-of-service (DDoS) attacks usually mitigate the attack by filtering out the excess traffic targeted at the victim. These defenses should be able to discriminate the attack from the legitimate traffic so that filtering can be selectively applied. The problem is exacerbated when spoofed addresses are used in attack packets. This paper proposes traceback-based distributed packet filter (TDPF), a novel distributed packet filtering mechanism that employs IP traceback as a means for traffic discrimination. In this defense mechanism, packet filters are relocated to the routers nearer the attack sources whenever the traceback algorithm adds such nodes to the attack tree. The filtering probabilities at packet filters are also dynamically adjusted to the volume of traffic the victim receives from each filtering router. In this way, TDPF is able to achieve a high throughput of legitimate traffic while blocking malicious flows. The burden it imposes on a participating router is negligible as well. Moreover, unlike the earlier traceback-based defenses, it can defend against intense DDoS attacks. Experimental results show that TDPF is effective in different attack scenarios. Copyright © 2013 John Wiley & Sons, Ltd.

Traceback-based distributed packet filter is a novel distributed packet filter based on traceback mechanisms that mitigates spoofed distributed denial-of-service attacks. This defense mechanism has three components: filtering routers decision making and filtering probabilities decision making modules that run at the victim and packet filtering (PF) modules at core or source routers. PF modules receive the required information including the kind of packets to be dropped as well as the probability of filtering and filter out the excess traffic targeted at the victim.

This paper proposes a technique of quantum code generation using optical tweezers. This technique uses a microring resonator made of nonlinear fibre optics to generate the desired results, which are applicable to Internet security and quantum network cryptography. A modified add/drop interferometer system called PANDA is proposed, which consists of a centred ring resonator connected to smaller ring resonators on the left side. To form the multifunction operations of the PANDA system—for instance, to control, tune and amplify—an additional Gaussian pulse is introduced into the add port of the system. The optical tweezers generated by the dark soliton propagating inside the PANDA ring resonator system are in the form of potential wells. Potential well output can be connected to the quantum signal processing system, which consists of a transmitter and a receiver. The transmitter is used to generate high-capacity quantum codes within the system, whereas the receiver detects encoded signals known as quantum bits. Therefore, an entangled photon pair can be generated and propagated via an optical communication link such as a time division multiple access system. Here, narrower potential wells with a full-width half-maximum of 3.58 and 9.57 nm are generated at the through and drop ports of the PANDA ring resonator system, respectively, where the amplification of the signals occurs during propagation inside the system. Copyright © 2013 John Wiley & Sons, Ltd.

A PANDA ring resonator system which is made of nonlinear fiber optic can be used to generate optical tweezers in the form of potential wells while the dark soliton propagates inside the system. This system is connected to an encoding unit in which entangled photon pair can be generated and propagated via an optical communication link such as a time division multiple access. Here, ultra-short potential wells with a full-width halfmaximum of 3.58 and 9.57 nm could be generated.

Current secure communication schemes do not take together traffic security and data security (content integrity and non-repudiation) of the secret message into consideration, making the content prone to blind tampering and compromised party cheating attacks. In this paper, we present a scheme that hides secret audio in cover audio on the basis of robust digital signature to preserve not only hidden communication but also content integrity and non-repudiation of the secret audio. Furthermore, instead of traditional binary authentication that only outputs yes or no, the authentication of our scheme is flexibly measurable, and the measurement value is in correspondence with the sense of human hearing precisely. Experimental results show that the proposed scheme provides highly robust authentication against content-preserving degradations with 99.03% of test audios having the strongest authenticity (1.00) and high level of distinct authentication between content-destructive degradations with 95.01% of test audios having relatively weak authenticity (less than 0.15). As the authentication is flexibly measureable, there is no false alarm in the semantic aspect. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents a scheme that hides secret audio in cover audio on the basis of robust digital signature to preserve not only hidden communication but also content integrity and non-repudiation of the secret audio. Authentication of the scheme is flexibly measurable, and the measurement value is in correspondence with the sense of human hearing precisely. Experimental results show that the proposed scheme provides highly robust authentication against content-preserving degradations and high level of distinct authentication between content-destructive degradations.

Recently, a few biometric identity-based encryption (BIO-IBE) schemes have been proposed. BIO-IBE leverages both fuzzy extractor and Lagrange polynomial to extract biometric feature as a user public key and as a preventive measure of collusion attack, respectively. In this paper, we reveal that BIO-IBE is not realistic whereby a query of fresh biometrics is needed for each encryption process. Moreover, the use of both fuzzy extractor and Lagrange polynomial in BIO-IBE simultaneously is a redundancy; it confers no advantage, but simply computational overhead. Therefore, we amend the progression of the BIO-IBE scheme by eliminating either Lagrange polynomial or fuzzy extractor to alleviate computational complexity. Subsequently, we demonstrate that the amendment does not compromise the security of the BIO-IBE scheme. Such amendments can be applied to other BIO-IBE schemes as well. Copyright © 2013 John Wiley & Sons, Ltd.

We revealed that biometric identity-based encryption (BIO-IBE) is not realistic whereby a query of fresh biometric is needed for each encryption process. Moreover, the use of both fuzzy extractor and Lagrange polynomial in BIO-IBE simultaneously is a redundancy. We amend the progression of the BIO-IBE scheme by eliminating either Lagrange polynomial or fuzzy extractor to alleviate computational complexity without compromising the security of the BIO-IBE scheme.

One of the benefits of virtualization technology is the provision of secure and isolated computing environments on a single physical machine. However, the use of virtual machines for this purpose often degrades the overall system performance that is due to emulation costs, for example, packet filtering on every virtual machine. To allow virtual machines to be favorably used as before for the provision of secure environments but with comparably less performance degradation, we propose a new architecture called Alamut in this paper for restructuring any typical network intrusion detection system (NIDS) to run in a Xen-based virtual execution environment. In the proposed architecture, primitive mechanisms for implementing the security concerns of typical NIDSs such as signature matching are placed at the kernel level of driver domain (dom0), whereas security policies and management modules are kept in user space of that domain. Separation of mechanisms from policies allows network packets to be verified at the kernel level first hand more efficiently without requiring costly context switches to push them to user space for validation. In addition, system administrators can easily define new policies at user level and determine on which virtual machines these policies should be enforced. A proof-of-concept implementation of Alamut has been prototyped on the Xen hypervisor using Bro open-source NIDS. Experimental results show approximately 3.5-fold increase in the overall system performance when our prototype is run compared with when Bro is run. Results also show 19% improvement in network throughput. The comparison of Alamut with Snort with the same set of signatures and attacks shows that our prototyped NIDS has lower processor utilization and has captured more packets in heavy network loads. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents Alamut, a new architecture for network intrusion detection systems (NIDSs) in support of Xen-based virtualized environments. In the design of Alamut, the base primitive modules of an NIDS (Bro in our case) are moved to the kernel space of dom0, whereas the rest parts are kept at user space. Evaluation results show that Alamut outperforms Snort and user mode Bro.

Over the past few years, return-oriented programming (ROP) has drawn great attention of both academia and industry. Because of its Turing completeness, ROP reuses short instruction sequences already present in the victim program's address space to perform arbitrary computation. Hence, it can successfully bypass state-of-the-art code integrity check mechanisms. In this paper, we look into using virtualization technologies to defeat return-oriented programming. We design and implement HyperCropII, a virtualization-based automatic runtime approach to defend such attacks. ROP attackers extract short instruction sequences ending in ret called “gadgets” and craft stack content to “chain” these gadgets together. We observe that a key characteristic of ROP is to fill the stack with plenty of addresses that are within the range of the program's libraries. Accordingly, we inspect the content of the stack to see if a potential ROP attack exists and quarantine the damages for further security purposes. We have implemented a proof-of-concept system based on the open source Xen hypervisor. The evaluation results exhibit that our solution is effective and efficient. Copyright © 2013 John Wiley & Sons, Ltd.

We propose a hypervisor-based on-the-fly approach to defend return-oriented programming attacks. This approach is transparent to the protected system and does not rely on the operating system kernel's correctness. We implement a proof-of-concept system based on the open source Xen hypervisor. Our evaluation shows that this system is effective and efficient.

In the last few years, the technological evolution in the field of wireless sensor networks was impressive, which made them extremely useful in various applications (military, commercial, etc.). In such applications, it is essential to protect the network from malicious attacks. This presents a demand for providing security mechanisms in these vulnerable networks. In this paper, we design a new framework for intrusion detection in cluster-based wireless sensor networks. Our detection framework is composed of different protocols that run at different levels. The first protocol is a specification-based detection protocol that runs at intrusion detection system (IDS) agents (low level). The second one is a binary classification detection protocol that runs at cluster head (CH) node (medium level). In addition, a reputation protocol is used at each CH to evaluate the trustworthiness level of its IDSs agents. Each CH monitors its CH neighbors on the basis of a specification detection protocol with the help of a vote mechanism applied at the base station (high level). We evaluated the performances of our framework in the presence of four well-known attacks: hello flood, selective forwarding, black hole, and wormhole attacks. We evaluated specifically the detection rate, false positive rate, energy consumption, and efficiency. Simulation results show that our detection framework exhibits high detection rate (almost 100%), low number of false positives, less time to detect the attack, and less energy consumption. Our intrusion detection framework outperforms other schemes proposed in the literature in terms of detection, false positive rate, and energy consumption. Copyright © 2013 John Wiley & Sons, Ltd.

In our framework, the intrusion detection process is carried out at three levels (i.e., cluster members, cluster head, and base station) to detect with a high accuracy these four well-known attacks: hello flood, selective forwarding, black hole, and wormhole attacks. According to the simulation results, our detection framework exhibits high detection rate (almost 100%), low number of false positives, less time to detect the attack, and less energy consumption.

Supervisory control and data acquisition (SCADA) systems are widely used to monitor and control industrial processes. They provide the key functionality of real-time monitoring, logging/archiving, report generation, and automation for smart grid, which is a promising power delivery system for the near future. On the basis of these functionalities, various SCADA architectures, including hardware and software architecture, have been proposed and standardized; however, the most open and expediently growing areas in the smart grid are the infrastructure and technologies for the SCADA communication and security. In this paper, we provide a review for many documented standards in SCADA, and we also review its state-of-the-art communication and security aspects. Copyright © 2013 John Wiley & Sons, Ltd.

We provide a review for many documented standards in SCADA, and we also review its state-of-the-art communication and security aspects.

We give an abstraction of multisecret sharing based on Lagrange interpolating polynomial that is accessible to a fully mechanized analysis. This abstraction is formalized in the applied pi-calculus by using an equational theory that characterizes the cryptographic semantics of multisecret sharing based on Lagrange interpolating polynomial. We also present an encoding from the equational theory into a convergent rewriting system, which is suitable for the automated protocol verifier ProVerif. Finally, we verify the Yang–Chang–Hwang (YCH) protocol in ProVerif. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we give an abstraction of multi-secret sharing based on Lagrange interpolating polynomial that is accessible to a fully mechanized analysis. We also present an encoding from the equational theory into a convergent rewriting system, which is suitable for the automated protocol verifier ProVerif. Finally, we verify a practical verifiable multi-secret sharing scheme based on YCH in ProVerif.

Recently, mobile networks and radio frequency identification (RFID) technologies are both widely applied by many enterprises to develop their applications. The third-generation (3G) mobile network technology is one of the popular mobile network technologies because service providers can serve users anytime and anywhere through 3G mobile network technology. A solution that combines RFID technology with 3G mobile network technology could identify users anytime and anywhere. However, RFID tags are limited in computation power and suffered from security threats, especially on mobile networks. An authentication with low-cost RFID tags in Mobile Networks should be proposed in this paper. This paper designs a key agreement mechanism to achieve consistency, integration, legality, and safety. In order to design a low-cost scheme, our authentication mechanism is built of simple XOR operations and one-way hash function. Although the computation cost of our proposed mechanism is not the best, our proposed mechanism can achieve more security requirements for practical applications. Copyright © 2013 John Wiley & Sons, Ltd.

Solutions combined RFID technology with 3G mobile network technology could identify users anytime and anywhere. However, RFID tags are limited in computation power and suffered from security threats, especially on mobile networks. In this paper, we introduced an authentication with low-cost RFID tags in mobile Networks. The proposal designs a key agreement mechanism to achieve consistency, integration, legality and safety.

With the rapid development and rich applications of mobile Internet, security issues become urgent. For example, piracy of media content (image, audio, or video) becomes easier because mobile Internet provides more ways to re-distribute media contents. Watermarking has been regarded as a potential solution for identifying pirate copies. However, the watermarking algorithms' security and robustness are still not ideal enough for practical applications, especially in mobile scenarios with more attacks. In this paper, a novel hybrid multiplicative watermarking algorithm is proposed to obtain higher security and good robustness. In this algorithm, two embedding rules are changed according to the secret key, which embed the watermark into Discrete Wavelet Transform (DWT) coefficients. The secret key improves the watermark system's security. Additionally, the optimum and locally optimum hybrid multiplicative watermarking decoders are proposed, respectively, to detect the watermark. Because it works with two rules, it obtains a tradeoff in robustness. Various comparative experiments are carried out, and results are given to prove the valid of theoretical analysis. Copyright © 2013 John Wiley & Sons, Ltd.

In this algorithm, two embedding rules are changed according to the secret key, which embed the watermark into Discrete Wavelet Transform (DWT) coefficients. The secret key improves the watermark system's security. Additionally, the optimum and locally optimum hybrid multiplicative watermarking decoders are proposed, respectively, to detect the watermark. Because it works with two rules, it obtains a tradeoff in robustness.

A signature scheme is one of the important primitives in modern cryptography, which may offer functionalities of user identification, non-repudiation, and message authentication. With the advent of identity (ID)-based public key systems with bilinear pairings defined on elliptic curves, many ID-based signature schemes have been proposed. Like certificate-based public key systems, any ID-based public key system must provide a revocation method to revoke misbehaving users. There was little work on studying the revocation problem of ID-based public key systems, and no ID-based signature scheme deals with how to revoke the signing ability of misbehaving users. Quite recently, Tseng and Tsai presented a practical revocation mechanism using a public channel for ID-based public key systems. In this paper, we adopt Tseng and Tsai's revocation concept to define the new framework and security notions of revocable ID-based signature (RIBS) scheme and propose the first RIBS scheme in the standard model. Under the computational Diffie–Hellman assumption, we demonstrate that the proposed RIBS scheme is provably secure while remaining efficient for signing and verification as compared with previously proposed ID-based signature schemes. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we adopt Tseng and Tsai's revocation concept to propose the first revocable ID-based signature (RIBS) scheme in the standard model. Under the computational Diffie–Hellman assumption, we demonstrate that the proposed RIBS scheme is provably secure while remaining efficient for signing and verification as compared with previously proposed ID-based signature schemes.

Distributed energy resources (DERs), which are characterized by small-scale power generation technologies to provide an enhancement of the traditional power system, have been strongly encouraged to be integrated into the smart grid, and numerous trading strategies have recently been proposed to support the energy auction in the emerging smart grid marketing. However, few of them consider the security aspects of energy trading, such as privacy preservation, bid integrity, and pre-filtering ability. In this paper, we propose an efficient searchable encryption scheme for auction (SESA) in emerging smart grid marketing. Specifically, SESA uses a public key encryption with keyword search technique to enable the energy sellers (e.g., DERs) to inquire suitable bids while preserving the privacy of the energy buyers. Additionally, to facilitate the seller to search for detailed information of the bids, we also propose an extension of SESA to support conjunctive keywords search. Security analysis demonstrates that the proposed SESA and its extension can achieve data and keyword privacy, bid integrity and trapdoor unforgeability. Simulation results also show that both SESA and its extension have less computation and communication overhead than the existing searchable encryption approaches. Copyright © 2013 John Wiley & Sons, Ltd.

This paper proposes an efficient searchable encryption scheme for auction (SESA) in emerging smart grid marketing. Specifically, SESA uses a public key encryption with keyword search technique to enable the energy sellers (eg., DERs) to inquire suitable bids, while preserving the privacy of the energys buyers. SESA and its extension, respectively, can support one keyword and conjunctive keywords search.

Advanced metering infrastructure (AMI) enables real-time collection of power consumption data through the Smart Grid communication network. With the current deployment of smart meters (SMs), one of the concerns that started to be raised by the customers is on the privacy of their power consumption data. The exposure of these data can lead to several privacy problems that need to be addressed before the customers can be convinced for the use of SMs. This paper has two contributions. First, it identifies the threats regarding user and data privacy in AMI applications and comprehensively surveys the existing solutions to address these threats. We categorize the existing approaches on privacy and discuss pros and cons of these approaches with respect to some criteria. Second, we pick one of the existing solutions on privacy, namely the homomorphic encryption, and evaluate its feasibility and impact on performance when used in data aggregation for real-time AMI applications. We investigate and compare the performance of homomorphic encryption in terms of data size and end-to-end delay with that of hop-by-hop secure data aggregation and data concatenation within a network of SMs via extensive simulations. We finally conclude the paper with some future privacy issues that are subject to further research. Copyright © 2013 John Wiley & Sons, Ltd.

In this paper, we provide a thorough survey and propose a classification of the existing efforts to protect user data privacy. We also investigate and compare the impact of privacy solutions on the performance of AMI applications that utilize data aggregation. The results indicated that the end-to-end latency of end-to-end homomorphic aggregation approach is superior to hop-by-hop concatenation and comparable with hop-by-hop aggregation. However, hop-by-hop aggregation does not provide privacy by itself even though it has the lowest bandwidth requirements.

Key revocation plays an essential role in ensuring the confidentiality of wireless sensor networks following the compromise of one or more of the network nodes. The distributed key revocation protocol presented by Chan et al. has a rapid reaction time and avoids the single-point failure problem inherent in centralized schemes. However, the scheme is computationally complex, requires a large storage space, and incurs high communication overheads. Accordingly, this paper proposes a novel distributed, scalable, and cost-effective key revocation scheme based on Blom's t-secure property. In the proposed approach, any node identified as having a malicious behavior by t or more sensor nodes is categorized as a compromised node, and its keys are immediately revoked from the entire network. The proposed scheme not only satisfies the rigorous definition of a distributed key revocation protocol but also yields a significant improvement over Chan's revocation scheme in terms of a lower storage space requirement, a reduced communication overhead, and a lower computational cost. Copyright © 2013 John Wiley & Sons, Ltd.

The paper proposed that any node identified as having a malicious behaviour by t or more sensor nodes is categorized as a compromised node, and its keys are immediately revoked from the entire network. The proposed scheme not only satisfies the rigorous definition of a distributed key revocation protocol but also yields a significant improvement over Chan's revocation scheme in terms of a lower storage space requirement, a reduced communication overhead, and a lower computational cost.

Recent smartphone platforms based on new operating systems, such as iOS, Android, or Windows Phone, have been a huge success in recent years and open up many new opportunities. Unfortunately, 2011 also showed us that the new technologies and the privacy-related data on smartphones are also increasingly interesting for attackers. Especially, the Android platform has been the favorite target for malware, mainly because of the openness of the platform, the ability to install applications from other sources than the Android Market, and the significant gains in market share. Although the processes of detecting and analyzing malware are well known from the PC world, where the arms race between attackers and defenders has continued for the past 15 years, they cannot be directly applied to smartphone platforms because of differences in the hardware and software architectures. In this paper, we first give an overview of the current malware situation on smartphone platforms with a special focus on Android and explain relevant malware detection and analysis methods. It turns out that most of the current malware relies on the installation by the user, who represents the last line of defense in malware detection. With these conclusions, we then present a new malware detection method that focuses on the information that the user is able to see prior to the installation of an application—the metadata within the platform's software market. Depending on the platform, this includes the application's description, its permissions, the ratings, or information about the developer. To analyze these data, we use sophisticated knowledge discovery processes and lean statistical methods. By presenting a wide range of examples based on real application metadata extracted from the Android Market, we show the possibilities of the new method. With the possibilities, we argue that it should be an essential part of a complete malware analysis/detection chain that includes other well-known methods such as network traffic analysis, or static, or dynamic code inspection. Copyright © 2013 John Wiley & Sons, Ltd.

Malware detection and analysis on mobile devices depends on heterogeneous methods, such as static code analysis, dynamic execution, or network traffic analysis. This work proposes an additional approach, which uses knowledge discovery techniques to analyze the metadata within the application stores (description, permissions, etc.) to discover hitherto unknown relations and possible anomalies, which might indicate malicious applications.

In this paper, we present a unified algorithm for phase and magnitude speech spectra data hiding. The phase and the magnitude speech spectra are concurrently investigated to increase the capacity and the security of the embedded information. The proposed algorithm in this paper is based on finding secure spectral embedding areas in wideband magnitude speech spectrum. Our approach exploits these areas to hide data in both speech components (i.e., phase and magnitude). The embedding locations and hiding capacity are defined according to a controlled acceptable distortion in the magnitude spectrum. The latter is expressed as a set of parameters controlled by the sender. Consequently, the hiding capacity and the locations of concealed data change for each data communication instance to further prevent malicious intrusions. Objective results show that the presented algorithm in this paper secures hidden data and achieves interesting tradeoffs between the hiding capacity and the speech quality. Copyright © 2013 John Wiley & Sons, Ltd.

This paper presents a steganographic algorithm that securely hides large amount of data using both magnitude and phase speech spectra of a signal. The algorithm selects only high energetic frequency components and exploits the properties of a simple frequency masking to ensure the inaudibility and the security of embedded data. On the basis of the objective results and the steganalysis study, hiding in phase spectrum is preferable because it achieves higher hiding capacity while ensuring a better stego-speech quality and low detection rate of the embedded data.

Security of data is an issue that is of significant interest. In this paper, we propose a new compressive sensing-based data encryption system that can represent the original signal with far fewer samples than the conventional Nyquist sampling-based system. Compressive sensing could also be treated as an encryption algorithm with good secrecy. As an application example, we apply it to sense-through-wall ultra-wideband (UWB) noise radar that requires enormous storage space and high security. Interestingly, a random Gaussian matrix is sufficient to capture the information of UWB noise radar signal; no knowledge of UWB signal is required in advance. Simulation results indicate only one-third of the original samples are needed to perfectly recover UWB noise radar signal, and compressive sensing provides good secrecy as an encryption algorithm. It is impossible to retrieve the original message without the entire sensing matrix. Copyright © 2013 John Wiley & Sons, Ltd.

Compressive sensing can represent the original signal with far fewer samples than the conventional Nyquist sampling rate and provide good data secrecy as well. Our proposed compressive sensing-based data encryption system is then applied to sense-through-wall ultra-wide band (UWB) noise radar, and simulation results indicate that only one-third of the original samples are needed to perfectly recover UWB noise radar signal, and compressive sensing also provides good data secrecy as an encryption scheme.

Cycle-walking is a method that makes sure ciphertext falls in the acceptable range through encrypting plaintext repeatedly with some underlying cipher. This technology provides a general way to construct cryptographic schemes for various interesting applications, including enhancing existing system security without the change of original structure, encrypting multimedia data with the preservation of scalability, generating credit card numbers for Web transaction, and so on, which have a common feature that ciphertext is required to satisfy certain restrictions in order to allow some operations directly imposed on encrypted data. Nevertheless, as far as we know, there exists little work making rigorous analysis on cycle-walking, especially its undeterministic efficiency, which may limit the application of schemes constructed by such technology or even lead it to unpracticality. In this paper, aiming at filling some gaps about cycle-walking and helping cryptographic theory “catch up” with its application, we present the rigorous analysis on cycle-walking's properties including consistency, security, and efficiency. On consistency, we show that cycle-walking will necessarily arrive back with finite iteration rounds and its decryption reverses encryption. On security, we show that cycle-walking would not degrade the security of underlying ciphers. On efficiency, instead of using “nondeterministic” to describe cycle-walking's performance in previous work, we make precise analysis and provide the answer to “how long is the duration of cycle-walking's encrypting process.” Copyright © 2012 John Wiley & Sons, Ltd.

This paper provides theoretical foundation and quantitative efficiency analysis to cycle-walking, which is an approach that makes sure ciphertext falls in the acceptable range. On consistency, cycle-walking must eventually arrive back with finite iteration rounds and its decryption reverses encryption. On security, cycle-walking would not degrade the security of underlying ciphers. On efficiency, we draw a conclusion that the average iteration rounds for cycle-walking is nearly , where , n is the domain size and k is the number of binary input subblocks in the combined Feistel network.

Intrusion detection has become an indispensable technique to ensure the security and reliability of information systems. Support vector machine (SVM) and its many improved algorithms have been successfully applied to intrusion detection systems in recent years. However, the training process of SVM ignores an important prior knowledge, the within-class structure in the training set. In this paper, we propose an improved classification algorithm, which combines minimum within-class scatter in Fisher discriminant analysis with traditional SVM. The central idea is to find an optimal separating hyperplane such that the margin is maximized, whereas the within-class scatter is kept as small as possible. This new algorithm is called SVM with minimum within-class scatter (WCS-SVM). A set of experiments is conducted on ten benchmarking datasets and KDDCUP'99 experimental data of MIT Lincoln Laboratory to test the generalization performance of the WCS-SVM algorithm. Experimental results show that the WCS-SVM algorithm has better discriminatory power than traditional SVM and kernel Fisher discriminant analysis and it has higher true detection rate and lower false positive rate for intrusion detection systems. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, a new classification algorithm, which combines the minimum within-class scatter in Fisher discriminant analysis with traditional support vector machine, is to find an optimal separating hyperplane such that the margin is maximized, whereas the within-class scatter is kept as small as possible. Experimental results show that this new algorithm has better discriminatory power than support vector machine and kernel Fisher discriminant analysis, and it has higher true detection rate and lower false positive rate for intrusion detection systems.

Ubiquitousness of Radio Frequency Identification (RFID) systems with inherent weaknesses has been a cause of concern about their privacy and security. Therefore, secure protocols are essentially necessary for the RFID tags to guarantee privacy and authentication among them and the reader. This paper inspects privacy in the RFID systems. First, we survey four new-found RFID authentication protocols, and then, their weaknesses in formal privacy model are analyzed. Although the authors of the schemes claimed that their protocols completely resist privacy attacks, we formally prove that all of them suffer from the family of traceability attacks. Furthermore, not only are the four improved protocols proposed to prevent the aforementioned attacks, but also we provide formal analysis to guarantee the security and privacy of the proposed enhancements. Copyright © 2012 John Wiley & Sons, Ltd.

Authentication protocols are essentially necessary for the Radio Frequency Identification (RFID) tags to guarantee privacy and security among them and the readers. This paper inspects privacy in the RFID systems. The paper highlighted the weaknesses of four new found RFID authentication protocols in formal privacy model. The authors proved that all of them suffer from the family of traceability attacks. Furthermore, the four improved protocols are proposed to prevent the mentioned attacks with formal analysis.

MICKEY 2.0 is a synchronous hardware-oriented stream cipher designed by Steve Babbage and Matthew Dodd in 2006. It was submitted to eSTREAM and became one of the seven eSTREAM finalists. MICKEY-128 2.0 is a variant version with 128-bit secret key. In this paper, we present a weakness in the initialization of MICKEY family of stream ciphers (i.e., MICKEY 2.0 and MICKEY-128 2.0). With this weakness, we apply a slide resynchronization attack to them, which finds for any K with k₀ = d and for any IV with iv_n = d, there is a (K′, IV′) pair with probability 2^− 1 that generates 1-bit shifted keystream, where d ∈ {0, 1} is a constant. Furthermore, we propose related key attacks on MICKEY family of stream ciphers. Our attacks can break these two ciphers in real time on a PC when 65 and 113 related (K, IV) pairs for MICKEY 2.0 and MICKEY-128 2.0 are obtained, respectively. The success probabilities of our attacks on MICKEY 2.0 and MICKEY-1282.0 are 0.9835 and 0.9714, respectively. This is the first paper presenting a weakness in MICKEY family of stream ciphers, and the results show that MICKEY family of stream ciphers are extremely weak against related key attacks. Copyright © 2012 John Wiley & Sons, Ltd.

This paper presents a weakness in the initialization of MICKEY family of stream ciphers. The result shows that MICKEY family of stream ciphers are extremely weak against related key attacks.

Reversible watermark is suitable for the hosts with high precision requirement. However, the existed reversible watermark methods are mainly for raster images, and the reversible watermark schemes for vector graphics still have the defects such as low capacity and significant distortion. To counterstrike these situations, a reversible watermark scheme for two-dimensional vector map based on reversible contrast mapping is proposed. First, the coordinates of the vertices are chosen according to the data precision requirements; then, the data of two-dimensional vector maps are preprocessed to reduce distortion. After that, the encrypted watermark is embedded into the relative coordinates by using the reversible contrast mapping transform. Experimental results and analysis show that the proposed scheme can achieve higher payload, better reversibility, and invisibility than those of the existed schemes based on difference expansion, discrete cosine transform, and so on. It has great potential in the application of map data authentication and secure communication. Copyright © 2012 John Wiley & Sons, Ltd.

A reversible watermark scheme for two-dimensional vector map based on reversible contrast mapping is proposed in this paper. The data of the two-dimensional vector maps are first preprocessed to reduce distortion. Then, the encrypted watermark is embedded into the relative coordinates by using the reversible contrast mapping. Experimental results and analysis show that it can achieve high payload, good reversibility, and invisibility. It has great potential in the application of map data authentication and secure communication.

The landscape of security threats continues to evolve, with attacks becoming more serious and the number of vulnerabilities rising. For these threats to be managed, many security studies have been undertaken in recent years, mainly focusing on improving detection, prevention and response efficiency. This paper proposes an incident prioritisation model, the Risk Index Model (RIM), which is based on risk assessment and the analytic hierarchy process. For incidents to be prioritised, the model uses indicators, such as criticality, as decision factors to calculate incidents' risk index. The model also adopts different strategies to enhance the prioritisation process. To evaluate the model, two stages of evaluation study were conducted. The first stage aims to validate the model by comparing its results with the Common Vulnerability Scoring System and Snort. The second stage aims to enhance RIM by analysing the effect of using different strategies in the model. The experimental results in the first stage have shown that 100% of incidents could be rated with RIM, compared with only 17.23% with the Common Vulnerability Scoring System. The experiments in the second stage have shown significant changes in the resultant risk index as well as some of the top-priority incidents. Copyright © 2012 John Wiley & Sons, Ltd.

This paper proposes an incident prioritisation model, the Risk Index Model, which is based on risk assessment and the analytic hierarchy process. For incidents to be prioritised, the model uses indicators, such as criticality, maintainability, dependability, severity and similarity, as decision factors to calculate incidents' risk index. The model also adopts different strategies to enhance the prioritisation process.

Ample amount of research has been done for analysing nonlinear phenomenon in power electronics converters. Application of chaotic power electronics converters in spread spectrum communication in recent times is catching interest. This paper proposes a methodology for using chaotic current mode-controlled DC (Direct Current)–DC (Direct Current) boost converter in spread spectrum communication. A noncoherent receiver is developed. For this, an Adaline-based adaptive filter is designed to recover the message from spread spectrum signal at the receiver end. The proposed Adaline-based receiver is tested by transmitting various types of message signals while considering white noise at different signal-to-noise ratio. For designing noncoherent receiver-based chaotic communication, use of power electronics converters is expected to play a vital role in the future. Copyright © 2012 John Wiley & Sons, Ltd.

In the presented work, a methodology to use chaotic DC–DC converters in spread spectrum communication is proposed. With the use of discrete time modeling of DC–DC boost converter, an Adaline-based noncoherent receiver is designed. The spread spectrum communication model developed. The model is tested with various types of practical message signals and shown to be robust even in low channel noise.

In order to reach a safe environment that can be automatically used on the Internet and to take precautions against the Internet fishing attack, the system integrates some features including one-time password, Completely Automated Public Turing Test to tell Computers and Humans Apart, voiceprint identification of creatural features, and visual cryptography, designing a formula wherein users do not need to remember any accounts and passwords when they surf the Internet through mobile devices, and it aims at smart phones and the Cloud. The formula is able to improve the problems of rampant Internet fishing and the management of passwords. In techniques, on one hand, it uses PIN information visual passwords in cell phones to improve the security of the account; on the other hand, it uses voiceprint identification features so that the system center can ensure the user's identification with a view to improve the leak in mobile devices rather than only to check mobile devices. And then, it utilizes the voiceprint, which we use when we log in, to produce a one-time password that is able to lower the risk of the account and passwords being attacked by Internet fishing. Through the frame of this research, it can protect our cell phones from being lost and embezzled and can prevent the account and passwords from being attacked by Internet fishing. It can also solve the problem of users forgetting accounts and passwords, and reduce the operational burden of cell phones. Besides, it is capable of preventing the Cloud servers from incurring many malicious registrations and logins, keeping them working efficiently. Copyright © 2012 John Wiley & Sons, Ltd.

Through the frame of this research, it can protect our cell phones from being lost and embezzled and can prevent the account and passwords from being attacked by Internet fishing. It can also solve the problem of users forgetting accounts and passwords, and reduce the operational burden of cell phones. Besides, it is capable of preventing the Cloud servers from incurring many malicious registrations and logins, keeping them working efficiently.

The medical environment has evolved from the one centered on the hospital diagnosis to that centered on the healthcare. The healthcare environment is the technology enabling the remote diagnosis for personal healthcare not only of lonesome old men but also of general households. In relation with it, an international standard technology was published recently that transmits the information from the devices to measure the biometric information of persons to the healthcare center or hospital. But, for its actual application into each household, it is necessary to solve the privacy protection problem. Therefore, this paper proposes a new architecture and system to secure the privacy of person for the newly published international standard technology. The proposed technology is expected to provide a more secure and realistic alternative in the future human-centric healthcare home environment. Copyright © 2012 John Wiley & Sons, Ltd.

This paper surveys the international standard technologies that have been applied to this smart healthcare environment up to now and proposes a new standard architecture that can protect the personal privacy on the basis of our previous requirements. The proposed technology is expected to provide a more secure and realistic alternative in the future human-centric healthcare home environment.

Advanced metering infrastructure (AMI) is one of the key elements in smart grid, which facilitates the communication of metering data to a substation in one direction and control messages in the reverse direction. Using wireless technologies and communication devices (e.g., smart meters), which are located in the physically insecure places, makes the AMI vulnerable to cyber attacks. In order to ensure the reliability and security of AMI, attack prevention techniques and intrusion detection systems (IDSs) should be in place to protect the AMI communications from malicious attacks and security breaches, respectively. In this paper, we discuss the security requirements and vulnerabilities of AMI and review the existing threat prevention and detection solutions. We propose an IDS for neighborhood area network (NAN) in AMI, taking into account the NAN-specific requirements. Copyright © 2012 John Wiley & Sons, Ltd.

Advanced Metering Infrastructure (AMI), one of the key elements in smart grid, facilitates the communication of metering data and control messages. To ensure reliability and security of AMI, attack prevention techniques and intrusion detection systems (IDSs) should be in place. In this paper, we discuss security requirements and vulnerabilities of AMI and review the existing threat prevention and detection solutions. We propose an IDS for neighborhood area network (NAN) in AMI, taking into account the NAN-specific requirements.

A micropayment scheme provides a secure and efficient solution for electronic payment environments that require frequent transactions with nominal fees. It is particularly suitable for mobile applications in which a customer is charged for either time spent or data volume transferred. Most proposed micropayment schemes are based on “PayWord” by Rivest and Shamir. The security and efficiency of a micropayment scheme can be ensured by adopting the hash chain technique. Recent research on micropayment has introduced additional properties such as user anonymity and fairness. However, the existing schemes may lose efficiency and some of the original desirable properties of PayWord while achieving new ones. We propose an anonymous fair offline micropayment scheme that satisfies user anonymity and fairness and retains the efficiency and properties of PayWord, such as offline broker. A user can make multiple purchases from different vendors without interacting with the broker again. PayWord's postpaid mechanism is adopted in order to make our scheme more attractive to users. To the best of our knowledge, this is the first micropayment scheme to simultaneously offer the aforementioned properties. Copyright © 2012 John Wiley & Sons, Ltd.

We propose an anonymous fair offline micropayment scheme that satisfies user anonymity and fairness, and retains the efficiency and properties of PayWord, such as an offline broker. A user can make multiple purchases from different vendors without interacting with the broker again. PayWord's postpaid mechanism is adopted in order to make our scheme more attractive to users. To the best of our knowledge, this is the first micropayment scheme that provides the aforementioned properties simultaneously.

A fair exchange protocol allows two entities to exchange digital signatures over open networks in a fair way, so that either each entity obtains the other's signature or neither entity does. Fair exchange protocol plays an important role in electronic commerce in the case of exchanging digital contracts. In this paper, we propose a fair exchange protocol based on identity-based verifiably encrypted signatures. Our protocol involves an offline trusted third party which is only required when one entity attempts to cheat or crashes. The underlining identity-based verifiably encrypted signature scheme is proven secure under the computational Diffie–Hellman assumption and is the first identity-based verifiably encrypted signature scheme provably secure against existential unforgeable under adaptive chosen message and identity attacks in the standard model. Copyright © 2012 John Wiley & Sons, Ltd.

We propose a fair exchange protocol based on identity-based verifiably encrypted signatures. The protocol involves an offline trusted third party which is only required when one entity attempts to cheat or crashes. The underlining identity-based verifiably encrypted signature scheme is the first identity-based verifiably encrypted signature scheme provably secure against existential unforgeable under adaptive chosen message and identity attacks in the standard model.

The vehicular ad hoc network (VANET) is a novel wireless network and suffers security threats as other networks. Information exchanged in the network might be stolen by malicious users, and some secure mechanisms are needed to provide the privacy. In VANET, the vehicles can be separated to different groups. When vehicles in the same group want to communicate with others, they can use the group key to protect the messages, and the privacy in the group communication is preserved. In this paper, we propose a group key management method with centralized key management scheme for VANET. In each group, there is a group leader, and the group leader will manage the members and the keys. By managing the group keys properly, the communication in the group can be secure. In the performance evaluation and analysis, our proposal provides better rekey mechanisms to related works and also achieves the forward secrecy and backward secrecy. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, a group key management method with centralized key management scheme for vehicular ad hoc network is introduced. In each group, the group leader manages the members and the keys. By managing the group keys properly, the communication in the group can be secure. The performance evaluation and analysis show that the proposal works better to related works and provide better secrecy, too.

Strong designated verifier signature (SDVS) makes it possible for a signer to convince a designated verifier that he or she has signed a message in such a way that the designated verifier cannot transfer the signature to any third party and no third party can even verify the validity of the signature. Recently, Kang et al. proposed an identity-based SDVS (IBSDVS) scheme that is claimed to be unforgeable and strong. However, in this paper, we show that their scheme is actually forgeable, delegatable, and not strong. We then propose an improved efficient IBSDVS scheme with short signature size and provide formal security proofs based on the computational Diffie–Hellman assumption in the random oracle model. We also show that the performance of our scheme outperforms all the existing IBSDVS schemes known in the literature. Furthermore, we propose an extension of our scheme achieving the stronger notion of nondelegatability and provide formal security proofs. The extended scheme is also showed to achieve high efficiency and short signature size. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we show that the identity-based strong designated verifier signature (IBSDVS) scheme of Kang et al. is actually forgeable, delegatable, and not strong. We then propose an improved efficient IBSDVS scheme with short signature size and provide formal security proofs on the basis of the CDH assumption in the random oracle model. Our scheme outperforms all the existing IBSDVS schemes known in the literature. Furthermore, we propose an extended nondelegatable IBSDVS scheme achieving high efficiency and short signature size and provide formal security proofs.

With the development of the Internet, multiplayer online games are rapidly replacing the traditional single-player games. The peer-to-peer architecture, which is suitable for massive multiplayer online games, is being considered as the replacement for traditional client–server architecture. Because the current solutions cannot prevent the cheating problems to gain unfair advantages in these games completely, we summarize the problems existing in some event signature protocols for peer-to-peer online games and propose a new secure event signature protocol. The security basis of the proposed protocol is the discrete logarithms and bilinear pairing. Our protocol provides higher security than some current protocols on secure event signature, although the efficiency of our protocol is lower than theirs. Copyright © 2012 John Wiley & Sons, Ltd.

We summarize the problems existing in some event signature protocols for peer-to-peer online games and propose a new secure event signature protocol. The security basis of the proposed protocol is the discrete logarithms and bilinear pairing. Our protocol provides higher security than some current protocols on secure event signature.

Broadcast encryption is an effective way to broadcast a message securely such that more than one privileged receiver can decrypt it. The well-known constructions of identity-based broadcast encryption only support bounded broadcast users that had to deploy the maximum user number in advance. This is somewhat inefficient and impractical if the broadcast user number is predetermined. In this paper, we propose an adaptively secure identity-based broadcast encryption in the standard model that supports arbitrary number of users in broadcast set, which eliminates the size of public parameters with a constant number of group elements and obtain short ciphertexts, secret keys, and public parameters. We use the techniques of semi-functional ciphertexts and semi-functional keys in orthogonal subgroups to implement the boundless broadcast set and adaptive security by means of dual-system encryption mechanism in a composite-order group, and we prove the scheme to be fully secure without the random oracles in the static assumptions. The proposed scheme captures the properties of confidentiality, adaptive security, constant key, and short ciphertext. We also evaluate the computational costs and communication overheads and give the deployment in secure set-top box broadcast systems. Copyright © 2012 John Wiley & Sons, Ltd.

Our proposed construction, which has the smallest public parameter size, achieves the constant sizes of public parameters, ciphertexts, and private keys. Furthermore, the scheme does not need to compel the predetermined number of maximum broadcast users, which is much flexible in practical applications in broadcast communication environments.

Internet Key Exchange (IKE) protocol is widely applied on the Internet to protect confidentiality of the Internet communication. However, there are many high-risk security vulnerabilities in various IKE implementations. Traditional fuzzing approaches with the aim of discovering vulnerabilities have some blind spots, such as time-consuming, low efficiency, and low degree of automation. This paper introduces a new vulnerability discovering approach based on fuzzing and applies the approach to the IKE protocol. Through summarizing the most comprehensive vulnerable points of IKE protocol and proposing a two-stage test cases library, an IKE protocol vulnerability discovering tool called IKEProFuzzer is designed and implemented. It is a network protocol fuzzing framework with extensibility and automated Monitor/Debugger designed by ourselves. In the experiments, IKEProFuzzer has discovered 14 vulnerabilities, including nine released vulnerabilities and five unreleased ones, which affect many kinds of routers and applications. The evaluation results prove the feasibility, efficiency, and extensibility of the approach compared with the existing approaches. Copyright © 2012 John Wiley & Sons, Ltd.

This paper summarizes the most comprehensive vulnerable points of the Internet key exchange (IKE) protocol and designed a two-stage test cases library based on fuzzing. This approach reduces the blindness of other traditional fuzzing approaches. Additionally, we design and implement an IKE protocol vulnerability discovering tool called IKEProFuzzer. It is a network protocol fuzzing framework with extensibility and automatic Monitor/Debugger designed by ourselves. In the experiments, the tool has discovered 14 vulnerabilities, including nine released vulnerabilities and five unreleased ones.

On the basis of hash chain and Lagrange interpolation formula over a finite field, a lightweight micropayment scheme is proposed. Compared with Micali and Rivest's micropayment scheme, the improved scheme achieves three additional properties to ensure it suitable for mobile network. First it reduces the computing burden without digital signature algorithm, which is essential for limited mobile terminal. Second, the user, the merchant, and the bank are all equally involved in the selection of payable checks, which ensure the proposed scheme is fair for all parties. Moreover, the privacy of scheme is also achieved for the computational infeasibility of calculating the inverse of secure one-way function. The improved micropayment scheme is secure, fair, and efficient, and privacy-preserving, especially suitable for mobile network. Copyright © 2012 John Wiley & Sons, Ltd.

The proposed micropayment based on hash chain and Lagrange interpolation formula achieves the following goals. First, it is lightweight, using hash chain instead of the complicated public key signature. Second, the payable selection is determined by the user, merchant, and bank; any types of collusion can be prevented. Next, the scheme achieves privacy protection for the users. Furthermore, the proposed scheme is also economic and efficient.

Tor protocol has been designed primarily to defend against traffic analysis, which threatens privacy while using Internet. In this paper, we consider a very common threat model where an attacker can observe only the local traffic between the target Tor client and the first Tor relay. We show that even with this restricted threat model, the attacker can infer relevant information about the client's traffic, in particular when exactly new circuits are constructed. This is achieved by analyzing the Tor traffic using Hidden Markov Models (HMMs). The experimental analysis shows that the proposed HMM-based approach has a high precision (93 % on average) and F-measure (75 % on average). The more interesting part of the paper discusses how a local attacker can identify the hops forming circuits initiated by the Tor client victim. The attack is based on sampling the timing patterns of the most “probable” paths and then estimating the likelihood of each one of them given a circuit construction packets sequence. The experimental analysis shows that the proposed approach has an acceptable precision (around 50 %) as long as the time delay between HMM learning and the actual traffic analysis is relatively small. Copyright © 2012 John Wiley & Sons, Ltd.

Tor is the most popular tool providing anonymity online. The paper studies a common threat model where an attacker in the same LAN as the victim tries to defeat the anonymity of Tor. Using Hidden Markov Models, we show that a local attacker can identify the hops forming circuits initiated by the Tor client victim with an acceptable probability of 50 %.

This paper presents high throughput architecture for the hardware implementation of Advanced Encryption Standard algorithm. Advanced Encryption Standard is the industry standard crypto algorithm for encryption and is used for protecting secret information. This work is mainly targeted for low-cost embedded applications. This paper introduces parallel operation in the folded architecture to obtain better throughput. The design is coded in Very High-speed Integrated Circuit Hardware Description Language. Timing simulation is performed to verify the functionality of the designed circuit. The proposed structure is implemented in Virtex-6 XC6VLX75T FPGA device. This work gives a high throughput of 37.1 Gb/s with a maximum frequency of 505.5 MHz, which is 20% higher than the maximum throughput reported in the literature. Copyright © 2012 John Wiley & Sons, Ltd.

The proposed structure combines the features of folding concept with parallel processing. The combined structure is implemented in Virtex-6 XC6VLX75T FPGA device. This work gives a high throughput of 37.1 Gb/s with a maximum frequency of 505.5 MHz, which is 20% higher than the maximum throughput reported in the literature.

To produce ciphertexts, two modes of encryption are applied—block ciphers, which encrypt a fixed size block of plaintext at a time, and stream ciphers, which encrypt stream data, one or more bits at a time. As one of stream ciphers, the cipher feedback (CFB) mode is implemented by a block cipher via multiple stages, and in each stage, 1 bit or a number of bits of plaintext are encrypted at a time. Throughout this paper, the study will focus upon the error performance of the stream-based CFB under two sliding-window protocols, go-back-N and selective-reject, in an error channel in terms of throughput. We model the performance of the CFB in terms of application-level throughput and derive the number of stages needed to achieve the optimal throughput, under a given error rate in an error channel. Copyright © 2012 John Wiley & Sons, Ltd.

This paper studies the error performance of the stream-based the cipher feedback (CFB) mode under two sliding-window protocols, go-back-N and selective-reject, in an error channel in terms of throughput. We model the performance of the CFB in terms of application-level throughput and derive the number of stages needed to achieve the optimal throughput, under a given error rate in an error channel.

In 2008, Cao et al. proposed an identity-based multi-user broadcast authentication scheme (called IMBAS) for wireless sensor networks. The IMBAS consists of one elliptic curve-based signature scheme, called variant of Bellare-Namprempre-Neven' Identity-Based Signature (vBNN-IBS), for user broadcast authentication; a new Schnorr signature with partial message recovery for sink broadcast authentication; and a password-based private key protection to eliminate the threat caused by possible user device compromise. Compared with its counterparts, IMBAS owns better performance in terms of security, scalability, and efficiency. Unfortunately, this letter will show that (1) the password-based protection scheme and the vBNN-IBS scheme are not secure—a compromised user device will disclose the user private key—and (2) the new Schnorr signature with partial message recovery is vulnerable to existential forgery attack. Copyright © 2012 John Wiley & Sons, Ltd.

The identity-based multi-user broadcast authentication (called IMBAS) scheme for wireless sensor networks by Cao et al. is a very promising solution in terms of its scalability and efficiency. This article shows the security weaknesses and proposes our improvements, which are based on existing primitives that have been formally proved and ratified as standards. This approach ensures the security of the proposed solutions.

Symmetric polynomial-based key distribution scheme has been widely adopted in various communication applications. This type of key distribution consists of a server and a set of users, where the server is responsible to distribute shares for each user via a symmetric polynomial. Based on the property of symmetry of this polynomial, each pair of users can compute a common secret key using their shares for establishing a secure communication channel. However, some users may receive faulty shares from the server because of some uncertain factors in the communication environment, such as software failures and transmission errors. As a result, the users who receive faulty shares cannot share common secret keys with other users. To solve this problem, in this paper, we propose two individual verifiable key distribution schemes on the basis of a symmetric polynomial based key distribution. In both our proposed schemes, the server adopts the same approach to distribute shares for users; the users are able to verify the validity of their shares without revealing them before establishing communication channels. If all shares are verified valid, users can ensure that each pair of them possesses a common secret key, they can establish secure communication channels when needed; otherwise, all users can collaborate to identify those users who possess faulty shares and require the server to distribute a set of valid shares for those users. Furthermore, both our proposed schemes are efficient, because the procedures of verification and identification do not involve any complicated cryptographic operation. Copyright © 2012 John Wiley & Sons, Ltd.

This paper proposes a verifiable key distribution scheme that enables users to verifying the validity of their shares. When there exist faulty shares, users can identify the users who received faulty shares and require the key distribution center to modify these shares for users.

There is a consensus in the anti-spam community regarding the prevalence of spam botnets and the significant role they play in the worldwide spam problem. Nevertheless, far less attention has been devoted to studying the strategic behavior of spammers on a long-term basis. This paper explores several facets of spammers operations by providing three essential perspectives: (i) we study the inter-relationships among spam botnets through their aggregate spam campaigns, and we focus on identifying similarities or differences in their modus operandi; (ii) we look at the impact of the Rustock takedown on the botnet ecosystem; and (iii) we study the conjecture about spammers hijacking unused IP space to send spam in a stealthy way. To that end, we have analyzed over one million spam records collected by Symantec.cloud (formerly MessageLabs) through worldwide distributed spamtraps. Our methodology leverages techniques relying on data fusion and multi-criteria decision analysis to extract intelligence from large spam data sets by automatically correlating spam campaigns according to various combinations of spam features. We also take advantage of node–link visualizations developed in the context of VIS-SENSE, a research project aiming at developing Visual Analytics technologies for the security domain. Using these visualizations, we illustrate the tight relationships that exist among different botnet families (such as Rustock/Grum or Lethic/Maazben). Regarding the disruption of Rustock on 17 March 2011, our experimental results provide substantial evidence indicating that part of the botnet activity may have been offloaded to Grum shortly after the takedown operation. Finally, we analyzed over 1 year of spam data enriched with Border Gateway Protocol data and found that an increasing amount of spam may have been sent from IP blocks hijacked for several weeks or months, even though this phenomenon remains marginal at this time compared with spam sent from large botnets. Copyright © 2012 John Wiley & Sons, Ltd.

This paper explores several facets of spammers operations. First, we look at the interconnections between spam botnets that are used by spammers for sending unsolicited e-mail in bulk through spam campaigns. We also study a conjecture about so-called “fly-by spammers,” or spammers hijacking unused IP space to send spam in a stealthy way. Finally, we look at the impact of the Rustock takedown on the botnet ecosystem through an in-depth analysis of real spam data.

Network continues to be under various attacks every day. One common attack is to use password guessing to intrude a machine and then to inject malware or botnet for future control. To develop counter measures, honeypot technique, which simulates a real system, is often used for capturing attack patterns, malware or botnet, and malware download sites. However, neither low-interaction nor medium-interaction honeypot could simulate well the behaviors in a true system as a result of the inborn restrictions in the technology so that the honeypot might be discovered by an attacker or malware. This study proposes a new honeypot system, Jingu, which is constructed with a true environment plus protection mechanism from being circumvented. The proposed high-interactive honeypot system, Jingu, can achieve the following goals: (1) not be perceived by attackers; (2) to protect against being attacked; (3) to record and learn attack behaviors; (4) to capture malware; and (5) to collect valuable information for detection purpose.

Jingu has been deployed on a real network for 2 years. Comparing with the low-interactive honeypot, honeyd, Jingu can successfully catch attack behaviors as well as can capture malware. The results show that the proposed system is able to block real attacks and to collect valuable information for future detection and malware analysis. Copyright © 2012 John Wiley & Sons, Ltd.

The proposed high-interactive honeypot can achieve the following goals: (1) not be perceived by attackers; (2) to protect against being attacked; (3) to record and learn attack behaviors; (4) to capture malware; and (5) to collect valuable information for detection purpose.

This paper presents a formal model, namely Biometric Privacy–Security–Trust Model (BioPSTM), aiming to describe the tradeoff between privacy and security and their relationship with trust in biometric authentication systems. The relationship between trust and privacy–security pair requires a comprehensive approach that should consider user acceptance and the pricing between privacy and security. The proposed model is quite new in that it combines the formal formulation of tradeoff between privacy and security with trust over a user's acceptance model. The formal model presents a three-dimensional approach to indicate demand responsive pricing between privacy, security, and trust. The model is interpreted over a general syndrome-based biometric template protection method by discussing possible privacy and security requirements. The proposed model has been applied on countries that are aware of biometric security technologies. The evaluation on country profiles presents an overall description of the user acceptance model and its relationship with biometric technologies. Copyright © 2012 John Wiley & Sons, Ltd.

BioPSTM presents a formal privacy–security–trust model for biometric identity management systems where the decision makers can see the overall features of any system before deployment. Because it is impossible to foresee the privacy and security threats, the proposed model enables a prediction of privacy–security tradeoff through analyzing equivocation between any pairs of the system components. BioPSTM then reflects the relation between privacy–security tradeoff and trust through public willingness and the weight indicating how much privacy or security is needed practically in a biometric identity management system. The case study presents how BioPSTM can be applied to various biometric applications that have been deployed in 12 countries.

Digital rights management (DRM) is a term for access control technologies that are used by hardware manufacturers, publishers, copyright holders, and individuals to limit the use of digital content and devices. Enterprise digital rights management (E-DRM) is the application of DRM technology to prevent illegal users from accessing the confidential data of an enterprise. In 2010, Chang et al. proposed an efficient E-DRM scheme to solve the flaws of Chen's scheme. However, we still found some weaknesses in their scheme. In this article, we propose an improved secure and efficient E-DRM mechanism based on a one-way hash function and exclusive-or. Our mechanism overcomes the weaknesses in the scheme of Chang et al. and also reduces computation costs. In addition, we used BAN logic to show the correctness of our mechanism. Copyright © 2012 John Wiley & Sons, Ltd.

Highlights

(1) We found the weaknesses in the scheme of Chang et al. developed in 2010 and propose an improved mechanism. (2) We use a one-way hash function and exclusive-or to develop our mechanism, which provides greater efficiency than previous approaches. (3) Our proposed mechanism is more suitable for the mobile networks environment and provides the security required by enterprise digital rights management.

Leakage of sensitive data stored on lost or stolen portable devices has been an open problem in the data security community. Clumsiness of existing solutions hinders them from being deployed. We propose a user-friendly location-free encryption system for mobile users (UFLE) to improve the solution Mobile User Location-specific Encryption (MULE) from Studer and Perrig on both the security and usability. In particular, we solve the problem of (i) enhancing the convenience and security of MULE, (ii) accessing sensitive data in untrusted locations, and (iii) protecting data on stolen or lost USB flash drive, which were not addressed in their solution. Moreover, UFLE does not require any special hardware except a mobile phone and a Bluetooth adapter, which are readily available nowadays. This significantly improves the practicability of the proposed system in contexts such as business companies, government offices, hospitals, and banks. Evaluation of our system shows that it is both faster and more stable than MULE. Copyright © 2012 John Wiley & Sons, Ltd.

System is mainly used for protecting sensitive data and for providing secure ways for conveniently accessing sensitive data in a corporation, at home, and outdoors.

Intruders that log in through a series of machines when conducting an attack are hard to trace because of the complex architecture of the Internet. The thumbprinting method provides an efficient way of tracing such intruders by determining whether two connections are part of the same connection chain. Because many connections are transient and therefore short in length, choosing the best time interval to thumbprint over can be an issue. In this paper, we provide a way to shorten the time interval used for thumbprinting. We then study some special properties of the thumbprinting function. We also study another mechanism for tracing intruders in the Internet based on a timestamping approach, which passively monitors flows between source and destination pairs. Given a potentially suspicious source, we identify its true destination. We compute the error probability of our algorithm and show that its value decreases exponentially as the observation time increases. Our simulation results show that our approach performs well. Copyright © 2012 John Wiley & Sons, Ltd.

This paper studies two ways for tracing intruders in the Internet. One is to shorten the time interval used for existing thumbprinting mechanism. Another is based on a timestamping approach, which passively monitors flows between source and destination pairs.

Nowadays, e-mail spam is not a novelty, but it is still an important problem with a high impact on the economy. Spam filtering poses a special problem in text categorization, in which the defining characteristic is that filters face an active adversary, which constantly attempts to evade filtering. In this paper, we present a novel approach to spam filtering based on a compression-based model. We have conducted an empirical experiment on eight public and real non-encoded datasets. The results indicate that the proposed filter is fast to construct, is incrementally updateable, and clearly outperforms established spam classifiers. Copyright © 2012 John Wiley & Sons, Ltd.

E-mail spam is still an important problem with a high impact on the economy. Spam filtering poses a special problem in text categorization, in which the defining characteristic is that filters face an active adversary. This paper presents a novel approach to spam filtering based on a compression-based model. Experiments were conducted on public and real non-encoded datasets. The results indicate that the proposed filter is fast to construct, incrementally updateable, and outperforms established spam classifiers.

Web services have been greatly threatened by remote exploit code attacks, where maliciously crafted HTTP requests are used to inject binary code to compromise web servers and web applications. In practice, besides detection of such attacks, attack attribution analysis (i.e., to automatically categorize exploits or determine whether an exploit is a variant of an attack from the past) is also very important. In this paper, we present SA³, a novel exploit code attribution analysis that combines semantics-based analysis and statistical modeling to automatically categorize given exploit code. SA³ extracts semantic features from exploit code through data anomaly analysis and then attributes the exploit to an appropriate class on the basis of our statistical model derived from a Markov model. We evaluate SA³ over a comprehensive set of shellcode collected from Metasploit and other polymorphic engines. Experimental results show that SA³ is effective and efficient. The attribution analysis accuracy can be over 90% in different parameter settings with false positive rate no more than 4.5%. The novelty of SA³ is that it combines semantic analysis with statistical modeling for exploit code attribution analysis. Copyright © 2012 John Wiley & Sons, Ltd.

We present SA³, a novel exploit code attribution analysis that combines semantics-based analysis and statistical modeling to automatically categorize given exploit code. SA³ extracts semantic features from exploit code through data anomaly analysis and then attributes the exploit to an appropriate class on the basis of our statistical model derived from a Markov model. The attribution analysis accuracy can be over 90% in different parameter settings with false positive rate of no more than 4.5%.

Cognitive radio is a novel wireless communication technology that allows for adaptive configuration of the reception parameters of a terminal, based on the information collected from the environment. Cognitive radio technology can be used in innovative spectrum management approaches such as spectrum sharing, where radio frequency spectral bands can be shared among various users through a dynamic exclusive-use spectrum access model. Spectrum sharing can be applied to various scenarios in the commercial, public safety and military domain. In some scenarios, spectrum sharing demands a mechanism for expressing and enforcing access control policies for the allocation of resources including spectral bands. The access control polices should state what are the available resources (e.g., transmission/reception bandwidths), what are the users that are allowed to access them and under what conditions. However, because of the intrinsically highly dynamic nature of specific scenarios (e.g., public safety, military), where parties with various levels of authority may suddenly appear, it may be difficult to establish in advance what are the most suitable access control policies. Trust negotiation is a well-known approach for expressing and enforcing distributed access control policies that depend on two or more parties. In this work, we present a trust negotiation-based framework that allows for the definition of highly expressive and flexible distributed access control policies for the allocation of spectrum resources. Copyright © 2012 John Wiley & Sons, Ltd.

Cognitive radio is a novel wireless communication technology that allows new spectrum management models, where radio frequency spectral bands can be shared among various users. Spectrum sharing demands a mechanism to regulate the allocation of spectrum resources in a secure way. In this paper, we present a trust negotiation-based framework that allows for the definition of highly expressive and distributed access control policies for the allocation of spectrum resources. This paper applies this framework to a public safety scenario.

This paper proposes the trusted platform board monitoring (TPBM) system that enabled effectively detecting and managing abnormal phenomenon based on the trusted platform board not only for security but also for multiple clients connected on the web. In other words, TPBM strengthens weak points of the existing security and provides the function to monitor with human-centric method not only system resources and process status for remote multi-client systems that are operated based on hardware security but also behavior of multiple clients in the cloud computing environment. In addition, measuring instruction level behavior is potentially a more effective protection than a pure software approach. From program's run-time behavior, system state safety can also be analyzed. However, dynamic characteristic of program trace also introduces challenges on what to measure and how to measure. To solve such problems, branch instruction trace (BiT) profiling tool is introduced to measure processor's instruction level run-time behavior. However, the BiT has provided only the text results of logical error information but not the visual monitoring function by tracing abnormal branch at the level of instruction. In order to resolve this problem, this paper includes the human-centric visual monitoring function for information on abnormal branch trace to TPBM. Copyright © 2012 John Wiley & Sons, Ltd.

This paper proposes the trusted platform board monitoring (TPBM) system that enabled effectively detecting and managing abnormal phenomenon based on the trusted platform board not only for security but also for multiple clients connected on the web. The branch instruction trace(BiT) has provided only the text results of logical error information but not the visual monitoring function by tracing the abnormal branch at the level of instruction. In order to resolve this problem, this paper includes the human-centric visual monitoring function for information on abnormal branch trace to TPBM.

In the detection of web attacks, it is necessary that Web Application Firewalls (WAFs) are effective, at the same time than efficient. In this paper, we propose a new methodology for web attack detection that enhances these two aspects of WAFs. It involves both feature construction and feature selection. For the feature construction phase, many professionals rely on their expert knowledge to define a set of important features, what normally leads to high and reliable attack detection rates. Nevertheless, it is a manual process and not quickly adaptive to the changing network environments. Alternatively, automatic feature construction methods (such as n-grams) overcome this drawback, but they provide unreliable results. Therefore, in this paper, we propose to combine expert knowledge with n-gram feature construction method for reliable and efficient web attack detection. However, the number of n-grams grows exponentially with n, which usually leads to high dimensionality problems. Hence, we propose to apply feature selection to reduce the number of redundant and irrelevant features. In particular, we study the recently proposed Generic Feature Selection (GeFS) measure, which has been successfully tested in intrusion detection systems. Additionally, we use several decision tree algorithms as classifiers of WAFs. The experiments are conducted on the publicly available ECML/PKDD 2007 dataset. The results show that the combination of expert knowledge and n-grams outperforms each separate technique and that the GeFS measure can greatly reduce the number of features, thus enhancing both the effectiveness and efficiency of WAFs. Copyright © 2012 John Wiley & Sons, Ltd.

This paper proposes a new methodology for web attack detection that enhances both the efficiency and effectiveness of web application firewalls. It involves feature construction by means of expert knowledge and n-grams, feature selection using the Generic Feature Selection (GeFS) measure, and classification applying decision trees. The experiments are conducted on the ECML/PKDD 2007 dataset, and the results confirm that the combination of expert knowledge and n-grams outperforms each separate technique and that GeFS greatly reduces the number of features.

The three-party authenticated key agreement protocol enables two clients to authenticate each other and agree on a session key over an insecure public network with the help of a trusted server. The password-based three-party authenticated key agreement protocols often have two drawbacks: (1) the server must store large numbers of passwords and (2) low-entropy passwords easily suffer from potential guessing attacks. The public key infrastructure-based three-party authenticated key agreement protocols need no password. In 2008, Chen et al. proposed a round-efficient three-party authenticated key agreement protocol that needs no password or public key cryptosystem. However, the computation costs and communication loads of their protocol are still high. In 2009, Yang et al. proposed an efficient three-party authenticated key exchange protocol based upon elliptic curve cryptography for mobile commerce environments. Unfortunately, both three-party authenticated key agreement protocols are insecure. In this paper, we propose a novel three-party authenticated key agreement protocol that requires neither public key cryptosystem nor password. Compared with the previous three-party authenticated key agreement protocols, the novel three-party authenticated key agreement protocol requires considerably fewer rounds, lower communication cost and smaller computation cost. The comparisons have shown that our three-party authenticated key agreement protocol is more practical than other three-party authenticated key agreement protocols. The proposed protocol is provably secure on the basis of the intractability of the computational Diffie–Hellman problems in the random oracle model. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we propose a novel three-party authenticated key agreement protocol that requires neither public key cryptosystem nor password. Compared with the previous three-party authenticated key agreement protocols, the novel three-party authenticated key agreement protocol requires considerably fewer rounds, lower communication cost and smaller computation cost. The detailed security proof and analyses show that the proposed protocol satisfies all the security requirements of the three-party authenticated key agreement protocols.

Network vulnerability taxonomy has become increasingly important in the area of information and data exchange for its potential use not only in identification of vulnerabilities but also in their assessment and prioritization. Computer networks play an important role in information and communication infrastructure. However, they are constantly exposed to a variety of vulnerability risks. In their attempts to create secure information exchange systems, scientists have concentrated on understanding the nature and typology of these vulnerabilities. Their efforts aimed at establishing secure networks have led to the development of a variety of methods and techniques for quantifying vulnerability. The objectives of the present paper are twofold: (1) to develop a taxonomy framework for the classification of network vulnerabilities on the basis of the ITU-TX-805 security architecture and (2) to develop a method on the basis of the second edition of Common Vulnerability Scoring System for the quantification of vulnerabilities within the proposed taxonomy framework. It is expected that the framework proposed in this paper will provide a comprehensive taxonomic structure that can be extended to all the different aspects of network vulnerability. Furthermore, it will help in the identification and effective management of vulnerabilities by their quantification. Copyright © 2012 John Wiley & Sons, Ltd.

The objectives of the this paper are to develop a taxonomy framework for the classification of network vulnerabilities on the basis of the ITU-TX-805 security architecture and to develop a method based on the second edition of CVSS for the quantification of vulnerabilities within the proposed taxonomy framework. This framework provides a comprehensive taxonomic structure that can be extended to all the different aspects of network vulnerability. Furthermore, it will help in the identification and effective management of vulnerabilities by their quantification.

Feature selection is a classic research topic in data mining, and it has attracted much interest in many fields such as network security. In addition, data mining approaches such as fuzzy association rule mining (FARM) can improve the performance of intrusion detection systems. In this study, a FARM-based feature selector is proposed in order to reduce the dimension of input features to the misuse detector. Furthermore, a fuzzy ARTMAP neural network is used as the classifier. The accuracy of the proposed approach depends strongly on the precision of the parameters of FARM-based feature selector module and fuzzy ARTMAP neural classifier. Particle swarm optimization (PSO) algorithm is incorporated into the proposed method to determine optimum values of parameters. In this way, the performance of PSO algorithm is compared with genetic algorithm (GA), as well. Experimental results indicate that PSO outperforms GA both in population size and number of evolutions and can converge faster. This is very important for enhancing the mining performance in large datasets such as intrusion detection datasets. When compared with some other machine learning methods, the proposed system indicates better performance in terms of detection rate, false alarm rate, and cost per example. Copyright © 2012 John Wiley & Sons, Ltd.

In this study, a fuzzy association rules mining-based feature selection method is proposed for use in the attack recognizers of computer networks. To improve the performance, particle swarm optimization algorithm is employed to determine optimum parameter values of rule-mining and feature-mining modules; in addition to training parameters of fuzzy ARTMAP neural classifier. When compared with some other machine learning methods, the proposed system indicates better performance in terms of detection rate, false alarm rate, and cost per example.

A chameleon hash scheme is a trapdoor collision-resistant hash scheme, and it provides many interesting features in signature schemes with hash-and-sign construction. In this paper, we introduce the notion of key exposure threshold τ for a chameleon hash scheme for which a key exposure free chameleon hash scheme can be understood as the case with τ = ∞. We propose chameleon hash schemes CH_τ with the key exposure threshold τ based on discrete logarithm problem (DLP). For τ < ∞, the proposed scheme is noninteractive and key exposure free as long as k ephemeral trapdoors are disclosed for k < τ. The proposed scheme CH_∞ is a key exposure free chameleon hash scheme based on DLP, and it requires a label directory that can be managed by a third party. This improves the only known efficient key exposure free chameleon hash scheme based on DLP, which requires one interaction with the trapdoor holder. Copyright © 2012 John Wiley & Sons, Ltd.

The chameleon hash key pair (skCH, pkCH) of the verifier guarantees that the verifier is the only one who can compute a hash collision, which means a signature forgery. The algorithm UForge guarantees the non-transferability of the signature, and the algorithm IForge guarantees the message privacy of the signer. In this paper, we present a key(skCH) exposure free chameleon hash scheme based on discrete logarithm problem.

User authentication and privacy protection are important issues for wireless and mobile communication systems such as GSM, 3G, and 4G wireless networks. Recently, Yoon et al. proposed a user-friendly authentication scheme with anonymity for wireless communications. However, in this paper, we show that user anonymity of their scheme is not achieved under the eavesdropping attack and their scheme is not fair in the key agreement. In order to ensure security authentication and protect user anonymity for wireless communications, we propose a novel user authentication scheme with anonymity based on elliptic curve cryptosystem, which can resist various known types of attacks and is more practical for wireless and mobile communications. Copyright © 2012 John Wiley & Sons, Ltd.

In order to ensure security authentication and protect user anonymity for wireless communications, this paper proposes a novel user authentication scheme with anonymity based on elliptic curve cryptosystem, which can resist various known types of attacks and is more practical for wireless and mobile communications.

This paper intends to develop some novel hybrid intelligent systems by combining naïve Bayes with decision trees (NBDT) and by combining non-nested generalized exemplar (NNge) and extended repeated incremental pruning (JRip) rule-based classifiers (NNJR) to construct a multiple classifier system to efficiently detect network intrusions. We also use ensemble design using AdaBoost to enhance the detection rate of the proposed hybrid system. Further, to have a better overall detection, we propose to combine farthest first traversal (FFT) clustering with classification techniques to obtain another two hybrid methods such as DTFF (DT + FFT) and FFNN (NNge + FFT). Finally, we use Bayesian belief network with Tabu search combined with NNge for better detection rate. Because most of the anomaly detection uses binary labels, that is, anomaly or normal, without discussing more details about the attack types, we perform two-class classification for our proposed methodologies in this paper. Substantial experiments are conducted using NSL-KDD dataset, which is a modified version of KDD99 intrusion dataset. Finally, empirical results with a detailed analysis for all the approaches show that hybrid classification with clustering DTFF provides the best anomaly detection rate among all others. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we tried to develop some hybrid approaches by combining classifiers such as NBDT, NNJR, and BBN + NNge and then by combination of clustering with classifier such as DTFF and FFNN to detect network intrusion efficiently. While analyzing the results, it is understood that the combination of clustering with classification techniques provides better result than classifier combination strategies.

Design-level vulnerabilities are a major source of security problems in software programs. For the purpose of improving the trustworthiness of software designs, this paper presents a unified threat model for representing, analyzing, and evaluating software threats at various design stages. Unified threat models represent software threats via tree structures with AND/OR logical relationships and evaluates software threats in a cost-effective way based on attack paths. Mitigation measures for software threats are designed and prioritized based on the evaluation results, which make it possible to design high-quality software security programs that resist identified software threats. A case study for an online banking system is given to systematically demonstrate the application of unified threat models in software threat analysis and evaluation. The results from the case study demonstrate that the unified threat model is superior to traditional threat trees in accurately evaluating results, designing mitigation measures, and guiding software security testing. Copyright © 2012 John Wiley & Sons, Ltd.

This presents a unified threat model for representing, analyzing, and evaluating software threats at various design stages. Unified threat models represent software threats via tree structures with AND/OR logical relationships and evaluates software threats in a cost-effective way based on attack paths. Mitigation measures for software threats are designed and prioritized based on the evaluation results, which make it possible to design high-quality software security programs that resist identified software threats.

The demand for better intrusion detection systems, especially anomaly intrusion detection, increases daily, as new attacks arise and Internet speeds increase. The criterion for a good intrusion detection system is to detect emerging attacks with high accuracy at line rates. Existing systems suffer from high false positives and negatives, and are unable to handle increasing traffic rates. This paper applies artificial bee colony for anomaly-based intrusion detection systems. In addition, it uses two feature selection techniques to reduce the amount of data used for detection and classification. KDD Cup 99 dataset was used to evaluate the proposed algorithm. Experimental results show that artificial bee colony achieves average accuracy rate of 97.5% for known attacks and 93.2% overall for known and unknown attacks. The new algorithm outperforms all methods reported in the literature. Copyright © 2012 John Wiley & Sons, Ltd.

The application of artificial bee colony for anomaly-based intrusion detection using two different feature selection techniques greatly improved the detection accuracy. Experimental evaluation using the KDD Cup 99 dataset resulted in an average detection accuracy rate of 97.5% for known attacks and 93.2% overall for all attacks.

The relay attack is a simple yet effective attack against most radio-frequency identification (RFID) authentication systems. Because of the minimalist design of an RFID system, a lightweight authentication scheme must be designed to provide a strong level of security for low-cost RFID tags. In this work, we propose a simple but secure masking scheme that counters the relay attack in RFID systems. Our scheme is the first solution based on the chaos suppression theory. We have exploited the chaotic characteristics of a dynamic Lorenz controller to distinguish a legitimate RFID reader from a proxy reader in the relay attack. We also show that the proposed approach is practical using simulation results. Copyright © 2012 John Wiley & Sons, Ltd.

In this work, we propose a simple but secure masking scheme that counters the relay attack in radio-frequency (RFID) systems. Our scheme is the first solution based on the chaos suppression theory. We have exploited the chaotic characteristics of a dynamic Lorenz controller to distinguish a legitimate RFID reader from a proxy reader in the relay attack. We also show that the proposed approach is practical using simulation results.

Spamming botnets present a critical challenge in the control of spam messages because of the sheer volume and wide spread of the botnet members. In this paper, we advocate the approach for recipient mail servers to filter messages directly delivered from remote end-user (EU) machines, given that the majority of spamming bots are EU machines. We develop a support vector machine (SVM)-based classifier to separate EU machines from legitimate mail server (LMS) machines, using a set of machine features that cannot be easily manipulated by spammers. We investigate the efficacy and performance of the SVM-based classifier using a number of real-world data sets. Our performance studies show that the SVM-based classifier is indeed a feasible and effective approach in distinguishing EU machines from LMS machines. For example, training and testing on an aggregated data set containing both EU machines and LMS machines, on average, we found that the SVM-based classifier can achieve a 99.25 % detection accuracy, with very small false positive rate (0.35%) and false negative rate (1.27%), significantly outperforming eight Domain Name System-based blacklists widely used today. Copyright © 2012 John Wiley & Sons, Ltd.

A novel spam blocking technique is developed in the paper by separating end-user machines from legitimate mail server machines using a support vector machine (SVM)-based classifier. Evaluation studies using real-world data sets show that the SVM-based classifier can achieve high detection accuracy, with a very small false positive rate and false negative rate, significantly outperforming eight DNS-based blacklists widely used today.

As a critical infrastructure element, smart grid is facing security and reliability challenges. In this paper, we have investigated the real-time communication between a smart meter and the central control system, a component that provides centralized monitoring and performs control operations for the power grid. To combat severe communication impairments induced by malicious attacks or link failures, we propose to implement space–time block coding over multiple antennas at the transmitter and the receiver. We first investigated the security challenges from malicious attacks, in which the malicious attacks of additive pattern were primarily addressed. Reliability challenges from link failure were then considered. Finally present were extensive numerical studies on multiple-link attacks, multiple-link failures and receiver with detection scenarios. Simulations showed that additive malicious attacks and link failures could be effectively mitigated in virtue of space–time block coding. Meanwhile, it is verified that more antennas will give more diversity gain and better performance. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we investigated the real-time communication between a smart meter and the central control system. To combat severe communication impairments induced by malicious attacks or link failures, we proposed to implement space-time block coding over multiple antennas at the transmitter and the receiver. Simulations results showed that malicious attacks and link failures could be effectively mitigated in virtue of space-time block coding.

A framework consisting of the Protocol Derivation System (PDS) and the Protocol Composition Logic (PCL) has been recently proposed by Datta et al. for the design and analysis of a secure composition of cryptographic protocols. However, the PDS in this proposed framework can only be used for the protocols of the Station-to-Station family, which are signature-based authenticated Diffie–Hellman key exchange protocols. In this paper, the PDS is extended to support key exchange protocols using a trusted third party and an encryption-based authentication such as those in the Needham–Schroeder family. This is achieved by means of adding new components, refinements, and transformations to the PDS. In addition, the PCL is applied to prove the correctness of the derived protocols. Then, the derivation graph of the Needham−Schroeder family is developed by using the extended PDS. Finally, the derivations and proofs of the protocols in the Needham–Schroeder family are shown in this paper. Copyright © 2012 John Wiley & Sons, Ltd.

This paper extended the Protocol Derivation System for Needham–Schroeder family, which is based on symmetric encryption and trusted third party. The extended Protocol Derivation System could be used to generate a derivation graph of the protocols in the Needham–Schroeder family. At the same time, the Protocol Composition Logic could be applied to prove the correctness of the derived protocols.

Because accurate identification cannot be obtained when the Identification Friend or Foe (IFF) sensor is employed separately, a radar sensor network (RSN) is designed to improve the identification capability in this paper. The content of this paper is focused on the information fusion algorithm, which is one of the key technologies in the RSN. The fuzzy c-means and the Bayesian network are chosen as the fusion algorithm. This algorithm can implement the identification friend or foe automatically after being trained by the training samples and expert's experience, and reduce the effect of uncertainties in the process of identification. At the same time, the algorithm can update the identification result with the augmentation of observations. The RSN can be expanded, if more information can be obtained, to adapt to the complicated environment, on the basis of this algorithm. The simulation results prove the validity and efficiency of the algorithm. Copyright © 2012 John Wiley & Sons, Ltd.

Radar sensor network (RSN) is designed to improve the target identification capability in this paper. Fuzzy c-means and Bayesian network are chosen as the fusion algorithm, which is the one of the key technologies in the RSN. With this algorithm, the identification result can be updated with the augment of observations, and RSN can be expanded if more information can be obtained.

This paper describes an approach towards protocol verification, which is based on the Unifying Theories of Programming framework and the associated refinement calculus: we encode protocol runs as predicates, in the form of homogeneous relations between probability distributions on the state space at the beginning and at the end of the protocol. The attacker model is a variation of the classical Dolev–Yao model, where cryptographic primitives can be broken probabilistically. We obtain a lattice of traces, where safe runs (with respect to the attacker not achieving a given goal) of the protocol are at the bottom and possible attacks are above in the order of increasing probability of success for the attacker. Copyright © 2012 John Wiley & Sons, Ltd.

We encode protocol runs as predicates, in the style of the Unifying Theories of Programming, in the form of homogeneous relations between probability distributions on the state space at the beginning and at the end of the protocol. The attacker model is a variation of the classical Dolev–Yao model, where cryptographic primitives can be broken probabilistically. We obtain a lattice of traces, ordered by safety with respect to a given goal.

Security in computer systems has been a major concern since the very beginning. Although security has been addressed in various aspects, accountability is one of the main facets of security that is lacking in today's computer systems. The ability not only to detect errors but also to find the responsible entity/entities for the failure is crucial. In this paper, we intend to provide a comprehensive investigation of the state-of-the-art accountability research issues in current information systems. Also, we study the various accountability tactics that are available and how each one of them contributes to providing strong accountability of different aspects. Finally, we examine the various merits and tradeoffs. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we intend to provide a comprehensive investigation of the state-of-the-art accountability research issues in current information systems. Also, we study the various accountability tactics that are available and how each one of them contributes to providing strong accountability of different aspects. Finally, we examine the various merits and tradeoffs.

Over recent years, the concept of Internet of Things has been put forward and undergone gradual progress. Machine to machine (M2M) technology, as the most prevalent application form of Internet of Things now, is widely used in various fields, among which smart home takes on tremendous market potential in virtue of its intimate relationship with human life. This paper endeavors to propose the smart home and security system, an M2M application system based on wireless networks, by combining wireless sensor network, mobile communication network, and the Internet together and briefly introduces the architecture, function, interface, identity addressing, and security mechanism of this system. Copyright © 2012 John Wiley & Sons, Ltd.

This paper endeavors to propose the smart home and security system, an M2M application system based on wireless networks, by combining wireless sensor network, mobile communication network, and the Internet together, and briefly introduces the architecture, function, interface, identity addressing, and security mechanism of this system.

The availability of the Web service has been exposed to several threats such as distributed denial-of-service attack, which is not an unfamiliar terminology anymore. Sustaining availability against various attacks becomes the critical issue for high-profile Web sites. In this paper, we propose a novel architecture providing Web service among client, called client cloud Web service, by utilizing resources of clients to enhance the availability. Client cloud Web service can be easily integrated into the current Internet protocol suite by providing a transparent layer in the middle of Hypertext Transfer Protocol layer and Transmission Control Protocol/Internet Protocol layer. It is shown by simulations that the proposed architecture can efficiently reduce the traffic when both the size of Web items and the number of requests from clients increase. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we propose a new architecture to share Web objects among clients of Web service, called client cloud Web service (CCWS) layer. CCWS layer enables a Web server to reduce its network traffic by utilizing the resources of clients. CCWS layer can be easily integrated into current Web service protocol because it is in the middle of Hypertext Transfer Protocol layer and Transmission Control Protocol/Internet Protocol layer.

A key feature of the smart grid is the introduction of two-way data communications into the power grid. This brings many security challenges, because of the large-scale, difficult-to-secure environment, complexity of smart grid systems, and resource limitations of the smart grid deployments. In this paper, we focus on security and privacy concerns in the context of the smart grid. Existing security mechanisms developed for traditional information technology systems can be used as a basis for designing security measures for the smart grid. However, new methods that meet the special requirements and characteristics of the smart grid are also required. In spite of the obstacles against developing detailed security solutions for the future smart grid, such as uncertainty of the architecture and lack of practical experiences with security attacks, some research has been performed in this area over the last few years. We survey the existing literature on different security aspects of the smart grid and provide directions for further research. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we investigate the security challenges in the context of the smart grid. We survey the existing literature on different security aspects of the smart grid and provide directions for further research.

In a vehicular ad hoc network (VANET) environment, it is not easy to keep data secure and private. If the private data are stolen, the hacker might have the user identity and do some bad things. To provide secure transmitting, some data encryption mechanisms are necessary. In this paper, we proposed a group key management mechanism for data communication in VANETs. It is exploited on the basis of a decentralized architecture with the hierarchical key tree and cluster heads. The proposed mechanism not only provides a rekeying method in reducing the communication cost but also furnishes the forward security and backward security. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, the authors proposed a group key management mechanism to provide secure communication in vehicular ad hoc networks. It is exploited on the basis of a decentralized architecture with the hierarchical key tree and cluster heads. The proposed mechanism not only provides a rekeying method in reducing the communication cost but also furnishes the forward security and backward security.

Secure routing protocols that are based only on cryptographic techniques cannot guarantee security against all attacks. Among solutions that have been proposed to enhance the security in vehicular networks are the distributed revocation protocols, which provide vehicles with the ability to quickly detect and avoid malicious attacks. However, most of the proposed revocation protocols are vulnerable to colluding attacks conducted by malicious nodes, a situation which results in denial of service. In this work, we propose a new and robust distributed revocation protocol for vehicular ad hoc networks, called Secure Distributed Revocation Protocol (SDRP), with the main objective to exclude misbehaving nodes conducting or not a colluding attack from the routing operation in VANET. We present an evaluation analysis of SDRP on the basis of the simulation results and show that our scheme provides a high detection rate of misbehaving nodes with a low rate of false positives even in the presence of a large number of attackers. Copyright © 2012 John Wiley & Sons, Ltd.

We propose a new and robust distributed revocation protocol for vehicular ad hoc networks, called Secure Distributed Revocation Protocol (SDRP), with the main objective to exclude misbehaving nodes conducting or not a colluding attack from the routing operation in VANET.

Traditionally, there are two very costly operations in homomorphic e-auction schemes. First, bid validity check is an efficiency bottleneck for both the bidders and auctioneers, but it is needed to guarantee validity of the bids and correctness of homomorphic bid opening. Second, although the auctioneers can employ binary search to reduce the instances of homomorphic bid opening, every bid opening needs a costly equality test. The two costly operations prevent homomorphic e-auction from being applied to efficiency-sensitive applications. In this paper, three new homomorphic e-auction protocols are proposed to get rid of them in homomorphic e-auction. As a result, efficiency of e-auction is greatly improved. Copyright © 2012 John Wiley & Sons, Ltd.

The predominant strategy in restricting permissions in information systems is to limit users on the basis of the ‘need-to-know’ principle. Although appropriate in highly security-sensitive contexts, this culture of protection will, in other contexts, often reduce users' productivity and is seen as a hassle because the everyday exceptions to the routine tasks can be severely hindered. This paper proposes a more flexible authorization model, policy override, which allows end users to override authorization in a controlled manner. In this article, I describe the authorization model and its implementation in a medium enterprise's business application. I evaluated policy override use over a period of 1 year through quantitative and qualitative analysis to identify challenges and offer advice on the implementation of policy override in practice. One important challenge is the setting of adequate bounds for policy override. To overcome this obstacle, I propose and evaluate a qualitative risk-based calculus that offers decision support to balance additional risks of policy override with the benefits of more flexible authorization. Copyright © 2012 John Wiley & Sons, Ltd.

Our case study shows that policy override is a promising approach in increasing the flexibility of authorization measures. However, additional technical and non-technical support, such as user guidance, is necessary for effective security.

In this paper, we design, implement, and realize a cryptographic unit (CU) that can easily be integrated to any reduced instruction set computing (RISC)-type processor for the safe and efficient execution of cryptographic algorithms. Design of the CU takes a novel approach in the execution of cryptographic algorithms when compared with cryptographic accelerators and architectural enhancements. Although it is integrated to a pipeline of an embedded RISC processor, it is partially an autonomous unit with its own resources, which is analogous to the floating point unit in this sense. It provides new instructions to accelerate cryptographic algorithms, and its associated cost in terms of area is acceptable and justified by the improvement in the performance and efficiency. The CU can also be instrumental in protecting the cryptographic computation against active and passive attacks and other malicious processes running simultaneously. We demonstrate that the execution of Advanced Encryption Standart (AES) encryption can be performed inside the CU, which prevents secret and/or sensitive information from leaving the CU during the cryptographic computation. Copyright © 2012 John Wiley & Sons, Ltd.

We design, implement, and realize a cryptographic unit (CU) that can easily be integrated to any reduced instruction set computing-type processor for the safe and efficient execution of cryptographic algorithms. The CU provides new instructions to accelerate cryptographic algorithms, and its associated cost, in terms of area, is justified by the improvement in the performance and efficiency. The CU can also be instrumental in protecting the cryptographic computation against active and passive attacks and other malicious processes running simultaneously.

Machine-to-machine (M2M) techniques have significant application potential in the emerging internet of things, which may cover many fields from intelligence to ubiquitous environment. However, because of the data exposure when transmitted via cable, wireless mobile devices, and other technologies, its security vulnerability has become a great concern during its further extending development. This problem may even get worse if the user privacy and property are considered. Therefore, the authentication process of communicating entities has attracted wide investigation. Meanwhile, the data confidentiality also becomes an important issue in M2M, especially when the data are transmitted in a public and thereby insecure channel. In this paper, we propose a promising M2M application model that connects a mobile user with the home network using the existing popular Time Division-Synchronous Code Division Multiple Access (TD-SCDMA) network. Subsequently, a password-based authentication and key establishment protocol is designed to identify the communicating parties and hence establish a secure channel for data transmissions. The final analysis shows the reliability of our proposed protocol. Copyright © 2012 John Wiley & Sons, Ltd.

In this article, we propose a promising M2M application model that connects a mobile user with the home network by using the existing popular Time Division-Synchronous Code Division Multiple Access (TD-SCDMA) network. A reliability password-based authentication and key establishment protocol is also designed to identify the communicating parties and hence, establish a secure channel for data transmissions.

Maximum Distance Separable (MDS) and Maximum Distance Binary Linear (MDBL) codes are used as diffusion layers in the design of the well-known block ciphers like the Advanced Encryption Standard, Khazad, Camellia, and ARIA. The reason for the use of these codes in the design of block ciphers is that they provide optimal diffusion effect to meet security of a round function of a block cipher. On the other hand, the constructions of these diffusion layers are various. For example, whereas the Advanced Encryption Standard uses a 4 × 4 MDS matrix over GF(2⁸), ARIA uses a 16 × 16 involutory binary matrix over GF(2⁸). The most important cryptographic property of a diffusion layer is the branch number of that diffusion layer, which represents the diffusion rate and measures security against linear and differential cryptanalysis. Therefore, MDS and Maximum Distance Binary Linear codes, which provide maximum branch number for a diffusion layer, are preferred in the design of block ciphers as diffusion layers. In this paper, we present a new algebraic construction method based on MDS codes for 8 × 8 and 16 × 16 involutory and non-involutory binary matrices of branch numbers 5 and 8, respectively. By using this construction method, we also show some examples of these diffusion layers. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we propose a new algebraic construction method to generate 8 × 8 and 16 × 16 involutory and non-involutory binary matrices of maximum branch numbers 5 and 8, respectively, which can be used as diffusion layers for block ciphers. By using this construction method, we also show some examples of these constructed matrices.

In this paper, we study the security assurance in application layer in wireless acoustic sensors via event forecasting and detection. In order to perform event forecasting and detection, we try to answer several challenging questions in acoustic signal research based on wireless acoustic sensors: (i) Are acoustic signals predictable? (ii) How are acoustic signals predicted? (iii) Are there any event-forecasting applications for the security in wireless acoustic sensors? We study these questions based on Xbow acoustic sensors and demonstrate that real-world acoustic signals are self-similar, which means that they are predictable. We propose an acoustic signal prediction scheme using interval type-2 fuzzy logic system (FLS). We show that a type-2 fuzzy membership function (MF); that is, a Gaussian MF with uncertain mean is appropriate to model the acoustic signal strength. Two FLSs, a type-1 FLS, and an interval type-2 FLS are designed for signal strength forecasting. Furthermore, we propose a double sliding window scheme for event detection based on the forecasted signals. Simulation results show that the interval type-2 FLS outperforms the type-1 FLS in signal strength forecasting and the performance of event detection based on the forecasted signal from type-2 FLS is much better than that based on type-1 FLS. Copyright © 2012 John Wiley & Sons, Ltd.

Security assurance in application layer in wireless acoustic sensors was studied via event forecasting and detection. Three questions were answered: (i) Are acoustic signals predictable? (ii) How are acoustic signals predicted? (iii) Are there any event-forecasting applications for the security in wireless acoustic sensors?

The paper introduces a new secure power aware many-to-many routing protocol for wireless sensor and actuator networks. Actuators register for sensing data and sensor nodes send data directly to actuators using the proposed protocol. The protocol has two versions. The first version is designed for networks where every node transmits at the same power level. The second version is for the case where nodes can individually adjust the transmission power according to the channel conditions and communications distance. The protocol increases energy efficiency and prolongs network life-time while still keeps the communications secure. Copyright © 2012 John Wiley & Sons, Ltd.

The paper introduces a new secure power aware many-to-many routing protocol for wireless sensor and actuator networks. Sensor nodes can change their power consumption while multicasting data to actuators. The protocol increases energy efficiency and prolongs network life-time while still keeps the communications secure.

Wireless sensor networks (WSNs) are getting popular for their deployment in unattended environments, where a registered user can log in to the network and access data collected from the desired sensor. Because of limited resources and computation power in sensor nodes, an authentication protocol should be simple and efficient. M.L. Das proposed a two-factor authentication scheme for WSNs. Because his scheme uses only one-way hash function and XOR operation, it is well suited for resource-constrained environments. Because of some flaws in Das's scheme, several improved schemes have been introduced. In this paper, we show that Das's scheme and its derivatives not only have security imperfections but also do not provide key agreement. To overcome their security shortcomings, we propose a novel user authentication scheme with key agreement for WSN. We furnish security analysis of the proposed protocol to show its robustness to various attacks as well as analyze its performance to determine its efficiency. We provide protocol analysis and verification of the proposed protocol. Compared with the existing schemes, it is more robust and offers better security. Copyright © 2012 John Wiley & Sons, Ltd.

This paper presents a novel user authentication scheme with key agreement for wireless sensor network (WSN) to overcome shortcomings in the existing schemes such as Das's scheme and its derivatives. We have furnished security analysis and efficiency analysis of the proposed protocol to show its resiliency to various attacks and lower computational overhead in comparison to the existing schemes. We have provided protocol analysis and verification of the proposed protocol.

This paper discusses public key-authenticated key agreement protocols. First, we critically analyze several authenticated key agreement protocols and uncover various theoretical and practical flaws. In particular, we present two new attacks on the Hashed Menezes-Qu-Vanstone (HMQV) protocol, which is currently being standardized by IEEE P1363. These attacks suggest the caution one should take when interpreting theoretical results from a formal model. We further point out that many of the protocol failures in the past are caused by sidestepping an important engineering principle, namely, “Do not assume that a message you receive has a particular form (such as g^r for known r) unless you can check this.” Constructions in the past generally resisted this principle on the grounds of efficiency: checking the knowledge of the exponent is commonly seen as too expensive. In a concrete example, we demonstrate how to effectively integrate the zero-knowledge proof primitive into the protocol design and, meanwhile, achieve good efficiency. Our new key agreement protocol, YAK, has comparable computational efficiency to the MQV and HMQV protocols with clear advantages on security. Among all the related techniques, our protocol appears to be the simplest so far. We believe simplicity is also an important engineering principle. Copyright © 2012 John Wiley & Sons, Ltd.

The paper presents the first comprehensive investigation on the state of the art in public key infrastructure (PKI)-based authenticated key exchange protocols. It uncovers a number of practical and theoretical flaws of existing protocols that were not reported before. In addition, it proposes a new protocol called YAK. Among all the available PKI-based authenticated key exchanges to date, the YAK protocol appears to be the simplest and the most robust.

Collusion attack is an attack against Optimised Link State Routing (OLSR) protocol in mobile ad hoc network. Two malicious nodes work together so that routes to the target (victim) node(s) are not established in the network. Multipoint relay (MPR) selection process in OLSR is exploited to achieve this route denial. Packet delivery ratio for the target drops to 0% for nodes at distance of 3 hops or more. In this paper, we propose use of convergence characteristics of OLSR in designing effective, resource efficient countermeasures for packet dropping attacks such as collusion attack. We propose a detection method and countermeasure Scruple where discovery packets called ScruplePackets are injected to probe routes from target node to its three-hop neighbours. Acquired information is analysed to conclude if the node is a target of collusion attack. We also propose a novel attack-resistant method named Forced MPR Switching OLSR in which a node temporarily blacklists potential attackers on observing symptoms of the attack, thereby, forcing recomputation of its MPR set. Proposed approaches incur minimal penalty on network performance. Simulations conducted on Network Simulator 3 confirm effectiveness of the proposed method. Copyright © 2012 John Wiley & Sons, Ltd.

Collusion attack in Optimised Link State Routing requires malicious node to be the only multipoint relay (MPR) node of the victim. After its initiation, the attack converges in [TC interval, Topology Holding Time]. A node having only one MPR sends scruple packets to its neighbourhood. Absence or limited presence of acknowledgement of scruple by three-hop neighbours indicates attack. Countermeasure is affected through forcing at least two nodes in MPR set of every node.

Communication anonymity is becoming an increasingly important, or even indispensable, security requirement for many applications. The existing research in anonymous communications can largely be divided into two categories: mix-based systems and secure multiparty computation-based systems, originating from mixnet and DC-net, respectively. However, they either cannot provide provable anonymity or suffer from transmission collision problem. In this paper, we first propose a novel unconditionally secure source anonymous message authentication code that can be applied to any messages without relying on any trusted third parties. While ensuring message sender anonymity, secure source anonymous message authentication code can also provide message content authenticity. We then propose a novel communication protocol that can hide the senders and the recipients from each other and thus can be used for secure file sharing. The security analysis demonstrates that the proposed protocol is secure against various attacks. Our analysis also shows that it is efficient and practical. Copyright © 2012 John Wiley & Sons, Ltd.

We first propose a novel unconditionally secure source anonymous message authentication code that, while ensuring message sender anonymity, can also provide message content authenticity. We then propose a novel and practical communication protocol to hide the senders and the recipients from each other. The security analysis demonstrates that the proposed protocol is secure against various attacks.

Wireless sensor networks (WSNs) can provide the world with a technology for real-time event monitoring. One of the primary concerns that hinder the successful deployment of WSNs is source-location privacy (SLP). The privacy of the source location is vital and highly jeopardized by the usage of wireless communications. Although message content privacy can be ensured through message encryption, it is much more difficult to adequately address the SLP. For WSNs, SLP service is further complex by the fact that sensors consist of low-cost and energy-efficient radio devices. Therefore, using computationally intensive cryptographic algorithms (such as public-key cryptosystems) and large-scale broadcasting-based protocols are not suitable for WSNs. In this paper, we analyze the quantitatively measure source-location information leakage in routing-based SLP protection schemes for WSNs. Through this model, we identify vulnerabilities of some well-known SLP protection schemes. We also propose a routing technique, called the Sink Toroidal Region (STaR), to provide adequate SLP with low energy consumption. With this routing technique, the source node randomly selects an intermediate node within a designed STaR area located around the sink node. Furthermore, this routing protocol ensures that the intermediate node is neither too close, nor too far from the sink node in relations to the entire network. While ensuring SLP, our simulation results show that the proposed scheme is very efficient and can be used for practical applications. Copyright © 2012 John Wiley & Sons, Ltd.

We propose a sink toroidal region (STaR) routing scheme to provide source-location privacy with low energy consumption. We also provide quantitative analysis on source-location information leakage of the proposed scheme in wireless sensor networks. While ensuring source-location privacy, our simulation results show that the proposed scheme is very efficient and can be used for practical applications.

In recent years, online social networks (OSNs) have had explosive growth in numbers and popularity. In an OSN, users communicate with each other and share information about themselves. However, limiting the flow of private information across OSNs is very important especially because most OSNs provide insufficient privacy settings to control information leakage. In this paper, we propose a mediated architecture for OSNs that protects users' information from both the OSN provider and unauthorized OSN users. Our proposed approach delegates most of the computation tasks to a semi-trusted proxy server. We exploit a simplified broadcast encryption method in order to design a dynamic, efficient, flexible, and fine-grained (DEFF) control system. In the proposed DEFF system, users are allowed to cryptographically categorize their friends into different relations and to share data with arbitrary groups of them. The results of our analysis indicate that the DEFF system fully protects users' privacy and is very efficient in terms of communication and computation complexities. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we propose a mediated architecture for OSNs that protects users' information from both the OSN provider and unauthorized OSN users. Our proposed approach delegates most of the computation tasks to a semi-trusted proxy server. We exploit a simplified broadcast encryption method in order to design a dynamic, efficient, flexible, and fine-grained (DEFF) control system. In the proposed DEFF system, users are allowed to cryptographically categorize their friends into different relations and to share data with arbitrary groups of them.

Enhancing security requires sensing devices surveilling over critical infrastructures for early warning of radio frequency (RF) emitter geolocations. Conventional geolocation of RF emitters has adopted active methodologies by illuminating targets, such as radar sensors. However, active geolocation draws unwanted attention of adversary, thus highly increases threats and vulnerabilities of the sensing devices. As security issues become a central concern in sensing applications, we propose a small unmanned-aerial-system for passive geolocation of RF emitters. Multiple electronic surveillance sensors are mounted on small unmanned-aerial-vehicles (UAVs) to provide geolocation awareness. Both sensors-to-UAV and UAVs-to-fusion-center communications are investigated. Different with previous studies, our approach is based on an empirical path loss and log-normal shadowing model, from a wireless communication and signal processing vision. The communication degradation from UAV to fusion center has been taken into consideration other than assuming lossless performance. The analyzed geolocation error and the error probability of distance shows that this approach provides robust performance at high frequencies, thus offers an effective solution for the security issue in RF emitter geolocation. Copyright © 2012 John Wiley & Sons, Ltd.

We propose a passive netcentric system made up of small unmanned-aerial-vehicles, onboard electronic surveillance sensors, and fusion center to geolocate radio frequency emitters. It is shown that the geolocation error is essentially a log-normal random variable. This approach provides robust performance at high frequencies.

The establishment of trust relations is recognized as an important approach to initiate cooperation between unfamiliar entities in distributed computing environments. Particularly, trust relations can play a key role to help nodes make decisions on service discoveries in wireless environments. Visualizing trust relations can help us understand and analyze the real-time threats that the distributed system is facing and consequently identify the attacks in order to deploy corresponding countermeasures. The main challenges to visualize trust in such distributed environments are as follows: (i) visually reorganizing and presenting trust relations to show underlying cooperation between attackers; (ii) mapping attacker behaviors to visual patterns in an ambiguity-free manner; (iii) properly organizing and encoding other contextual information to analyze how these factors play along with trust. In this paper, we introduce TrustVis, a tool that helps users visually analyze trust relations to identify attacks in a semi-automatic fashion. In parallel with a running trust evaluation engine that actively monitors trust relations, TrustVis reorganizes and presents trust relations with a matrix to map the cooperative attack schemes to visual patterns. By coordinating the trust matrix and other contextual information into a multi-faceted view, TrustVis incorporates the intelligence of domain experts to interactively monitor the networked system toward identifying both the attackers' identities and the adopted attack schemes. Copyright © 2012 John Wiley & Sons, Ltd.

In this article, we introduce TrustVis, a visual analysis system that helps users visually analyze trust relations to identify attacks in distributed computing environments. TrustVis reorganizes and presents trust relations with a matrix to map the cooperative attack schemes to visual patterns. By incorporating the intelligence of domain experts, we can achieve interactive monitoring of the networked system towards identifying both the attackers' identities and the adopted attack schemes.

Digital fingerprinting is an emerging digital forensic technology that has been developed to detect digital forgeries and identify the pirates who leak the copies. Understanding the weaknesses and limitations of existing fingerprinting schemes and designing anti-forensic approaches play an important role in the development of digital fingerprinting. In this paper, we propose a support vector machine (SVM)-based anti-forensic method capable of removing the fingerprints from the previously marked images for spread-spectrum fingerprinting. We first estimate the parameters of the embedded fingerprint superposed on the frequency coefficients of the original signal. Then, we select the best basis through wavelet packet decomposition for thresholding the fingerprinted coefficients. Furthermore, an SVM-based classifier is used to measure the existence of the pirates' fingerprints. The experimental results show that the proposed method is more effective than the other examined approaches. About three pieces of fingerprinted content are able to interrupt the fingerprinting system that accommodates thousands of users. Meanwhile, high fidelity of the attacked content is retained. Copyright © 2012 John Wiley & Sons, Ltd.

We first estimate the parameters of the fingerprint superposed on the frequency coefficients of the original signal. Then, we select the best basis through wavelet packet decomposition for thresholding the cover coefficients. Furthermore, an SVM-based classifier is used to measure the existence of the pirates' fingerprints. The forgery that obtains the acceptable perceptual quality of the denoised image while obtaining the smallest distance to the hyperplane will be selected. Finally, we average all the forgeries to yield the final version.

We present a new graph-based approach for the detection and isolation of botnets in a computer network. Our approach depends primarily on the temporal co-occurrences of malicious activities across the computers in a network and is independent of botnet architectures and the means used for their command and control. As practically all aspects of how a botnet manifests itself in a network—such as the online bot population, bot lifetimes, and the duration and the choice of malicious activities ordered by the bot master—can be expected to vary significantly with time, our approach includes mechanisms that allow the graph representing the infected computers to evolve with time. With regard to how such a graph varies with time, of particular importance are the edge weights that are derived from the temporal co-occurrences of malicious activities at the endpoints of the edges. A unique advantage of our graph-based representation of the infected computers is that it allows us to use graph-partitioning algorithms to separate out the different botnets when a network is infected with multiple botnets at the same time. We have validated our approach by applying it to the isolation of simulated botnets, with the simulations based on a new unified temporal botnet model that incorporates the current best understanding about how botnets behave, about the lifetimes of bots, and about the growth and decay of botnets. We also validate our algorithm on real network traces. Our results indicate that our framework can isolate botnets in a network under varying conditions with a high degree of accuracy. Copyright © 2012 John Wiley & Sons, Ltd.

This work presents a new graph-based approach for the detection and isolation of botnets in a computer network. Our approach depends primarily on the temporal co-occurrences of malicious activities in the different computers in a network and is independent of the underlying botnet architecture. It additionally includes mechanisms to deal with temporal variations seen in a botnet-such as the variations in online bot population, in botnet growth patterns, in malicious activity durations, and so on. Results on real and simulated traces indicate that the graph-based approach can segment out botnets with high accuracy under varying conditions.

Network security risks grow with increase in the network size. In recent past, the attacks on computer networks have increased tremendously and require efficient network intrusion detection mechanisms. Data mining and machine-learning techniques have been used for network intrusion detection during the past few years and have gained much popularity. In this paper, we propose an intrusion detection mechanism based on binary particle swarm optimization (PSO) and random forests (RF) algorithms called PSO-RF and investigate the performance of various dimension reduction techniques along with a set of different classifiers including the proposed approach. Binary PSO is used to find more appropriate set of attributes for classifying network intrusions, and RF is used as a classifier. In the preprocessing step, we reduce the dimensions of the dataset by using different state-of-the-art dimension reduction techniques, and then this reduced dataset is presented to the proposed PSO-RF approach that further optimizes the dimensions of the data and finds an optimal set of features. PSO is an optimization method that has a strong global search capability and is used here for dimension optimization. We perform extensive experimentation to prove the worth of the proposed approach by using different performance metrics. The standard benchmark, that is, KDD99Cup dataset, is used that contains the information about various kinds of network intrusions. The experimental results indicate that the proposed approach performs better than the other approaches for the detection of all kinds of attacks present in the dataset. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we have proposed a wrapper-based hybrid feature selection technique using particle swarm optimization algorithm that is used to optimize the features already selected by statistical feature selection techniques. Random forests algorithm is used for classification. The proposed approach achieved the best performance for detecting all attack classes (Denial-of-Service, PROBE, User-to-Root and Remote-to-Local) with even less number of features as compared with the statistical feature selection techniques.

This paper describes the experience and findings of deploying a vehicular scenario based on a heterogeneous network. WiMAX and Wi-Fi have been chosen as access technologies because of their wide presence in the market and their different coverage range. Our approach has been developed, taking into account crucial aspects regarding mobility and security. These two aspects have been provided by Network Mobility and Internet Key Exchange version 2 protocols, respectively. In addition, a study about how to interoperate them has been performed, describing the benefits and drawbacks of every existing approach. Regarding handover latency, some improvements have been identified in order to reduce it to the minimum. Fast authentication methods, pre-authentication method, and “multiple care-of addresses” mechanism are examples of these improvements. Copyright © 2012 John Wiley & Sons, Ltd.

The main findings are on how to provide security and mobility to the communications at the same time using Internet Protocol Security/Internet Key Exchange version 2 and Network Mobility. Some issues have been discovered in this research, and a proposal has been presented to manage them.

Threshold public-key encryption can control decryption abilities of an authorized user group in such a way that each user of the group can produce only a decryption share and at least t of them should collect decryption shares to recover a message. We present a new threshold public-key encryption that is secure against selectively chosen ciphertext attacks. Semantic security against chosen ciphertext adversaries is the de facto level of security for public-key encryption deployed in practice because many encryption systems are broken in a model of chosen ciphertext security. The security of the proposed system is formally proved without random oracles under a new assumption. We also provide proof of the intractability of our assumption in the generic group model. Copyright © 2012 John Wiley & Sons, Ltd.

We provide a new threshold public-key encryption scheme that is secure under the selectively chosen ciphertext security model. Security of our proposed scheme is proven to be secure under the hardness of a new modified bilinear Diffie-Hellman assumption. Our construction relies on the special property of Strong Diffile-Hellman tuples.

Every hour, nearly 40 people under the age of 25 die in road accidents around the world. According to the World Health Organization, this is the second most important cause of death for 5- to 29-year-olds. In India, drunk driving and inefficient law enforcements are major contributing factors. The current system of visual identification of traffic violation, conducted by the traffic authorities, cannot work everywhere and every time. There is a great demand for simple and cost-effective solutions to traffic safety problem. In this paper, we propose a traffic violation detection technique for vehicular ad hoc networks to detect crossing speed limits and analyzing the behavior of driver. In this work, we used a sensor device, a digital map and GPS-based system for area of 1000 m × 1000 m. We analyzed the behavior of each vehicle in the network. Here, we have divided a network into a number of clusters, and each cluster has an infrastructure node (base station); the infrastructure node will be the point of contact for all the vehicles in that area. All infrastructure nodes communicate with a control center (master control room). If the driver violates traffic rule(s), then the infrastructure node will send an alert message to the control center. We have simulated our proposed model on a graphics package, and the simulation result suggests that drunken drivers can no longer escape from the law enforcers, which is the foundation for traffic safety. Copyright © 2012 John Wiley & Sons, Ltd.

Here is a great demand for simple and cost-effective solutions to traffic safety problem. Here, we propose a traffic violation detection technique for vehicular ad hoc networks to detect crossing speed limits and analyzing the behavior of driver. In this work, we used a sensor device, a digital map, and a GPS-based system for an area of 1000 m × 1000 m. We analyzed the behavior of each vehicle in the network. Here, we have divided a network into a number of clusters, and each cluster has an infrastructure node (base station). The infrastructure node will be the point of contact for all the vehicles in that area. All infrastructure nodes communicate with a control center (master control room). If the driver violates traffic rule(s), then the infrastructure node sends an alert message to the control center.

The Web of Things (WoT), inherited from the Internet of Things (IoT), encapsulates functionalities into publishable services on the Web to enable the IoT a seamless integration with the Web. The openness of the Web, in turn, directly exposes WoT to existing attacks from the Web. In addition, WoT possesses characteristics of high security and privacy concerns, mobility, and limited capabilities, which require specific and additional security and privacy protection beyond existing mechanisms. More importantly, WoT is inherently connected to its context, so context information must be taken into account in its security and privacy measures.

To address these challenges, we propose a context-aware usage control model (ConUCON), which leverages the context information to enhance data, resource, and service protection for WoT. On the basis of ConUCON, we also design and implement a context-aware usage control framework on the middleware layer in our ongoing SmartHome project, to provide security and privacy protection. ConUCON is designed specifically to express the context-aware usage policy specification, such that security and privacy requirements can be easily specified and enforced with the proposed model and framework. Finally, we apply ConUCON to a remote appliance management prototype, as a case study, to demonstrates its feasibility in a real environment. Copyright © 2012 John Wiley & Sons, Ltd.

This paper proposes a context-aware usage control model (ConUCON) to enhance the security of the Web of Things. ConUCON not only inherits the UCON's advantages but also enhances the context definition and context-aware policy specification, which takes context, a critical element in WoT, into usage control, gracefully. In this paper, the employment of the ConUCON in a real WoT application demonstrates its applicability and feasibility.

Recent surges in the development of underwater acoustic networks (UANs) have lead to a rapid acceptance of this technology in scientific, commercial, and military applications. However, limited work has been performed on developing secure communication mechanisms and techniques to protect these networks. Security mechanisms are wildly studied in terrestrial networks, and various defense mechanisms have been developed as safeguards. Because of the difference in communication mediums and physical environments, the existing solutions for terrestrial networks cannot be directly applied for UANs. In this paper, we study the effects of denial-of-service jamming attacks on UANs using real-world field tests. We develop our own jammer hardware and signals in order to analyze the characteristics of different jamming attack models on a network. Our tests are performed on multiple commercial brand acoustic modems and an orthogonal frequency division multiplexing modem prototype. We show that UANs can be easily jammed using carefully timed attacks, which are energy efficient. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we study the effects of denial-of-service jamming attacks on underwater acoustic networks using real-world field tests. We develop our own jammer hardware and signals to analyze the characteristics of different jamming attack models on a network. Our tests are performed on multiple commercial brand acoustic modems and an orthogonal frequency division multiplexing modem prototype.

In 2010, Harn et al. proposed an authenticated group key transfer protocol-based secret sharing. In their protocol, for distributing a secret group key involving t group members, the key generation center (KGC) needs to broadcast a message containing (t + 1) elements to all group members, whereas each group member needs to compute a tth-degree interpolating polynomial to recover the secret group key. Thus, the protocol of Harn et al. is only suitable for small-size groups. We propose an improved protocol from the protocol of Harn et al. In our protocol, the size of a broadcasted message from the KGC is fixed, and each group member only needs to compute a fixed-degree interpolating polynomial to recover the group key. Thus, our protocol can be suitable for large-size groups. On the other hand, in the protocol of Harn et al., the KGC should be mutually trusted because it knows all group keys for every communication. If the KGC is untrustworthy, it can bring great threats to the group communications. In this paper, we also propose another improved group key transfer protocol based on untrustworthy KGC. Copyright © 2012 John Wiley & Sons, Ltd.

In this paper, we propose two improved group key transfer protocol from the protocol of Harn et al. The first one is suitable for the large-size group, while the second one is based on the untrustworthy KGC.

The 4G of mobile networks will be a technology-opportunistic and user-centric system, combining the economical and technological advantages of various transmission technologies. As a part of its new architecture, LTE networks will implement an evolved packet core. Although this will provide various critical advantages, it will, on the other hand, expose telecom networks to serious IP-based attacks. One often adopted solution to mitigate such attacks is based on a centralized security architecture. However, this approach requires large processing and memory resources to handle huge amounts of traffic, which, in turn, causes a significant over dimensioning problem in the centralized nodes. Hence, it may cause this approach to fail from achieving its security task. In this paper, we focus on a SPAM flooding attack, namely SMTP SPAM, and demonstrate, through simulations and discussion, its DoS impact on the Long Term Evolution (LTE) network and subsequent effects on the mobile network operator. Our main contribution involves proposing a distributed architecture on the LTE network that is secure and that mitigates attacks efficiently by solving the over dimensioning problem. It is also cost-effective by utilizing ‘off-the-shelf’ low-cost hardware in the distributed nodes. Through additional simulation and analysis, we demonstrate the feasibility and effectiveness of our approach. Copyright © 2012 John Wiley & Sons, Ltd.