发布求助
文献互助 智能选刊 最新文献

Int. J. Inf. Comput. Secur.最新文献

筛选
英文 中文
An efficient user authentication model for IOT-based healthcare environment 面向物联网医疗环境的高效用户身份验证模型
Int. J. Inf. Comput. Secur. Pub Date : 2019-08-27 DOI: 10.1504/IJICS.2019.10023077
Ahmed A. Elngar
{"title":"An efficient user authentication model for IOT-based healthcare environment","authors":"Ahmed A. Elngar","doi":"10.1504/IJICS.2019.10023077","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10023077","url":null,"abstract":"Along with the large-scale proliferation of IoT-networks and information technology, users can obtain the information resources conveniently via intelligent device. Therefore authentication mechanism is a fundamental tool for ensuring secure communications and the validity of communicating party. Specially, focusing on healthcare applications based on IoT-networks.This paper proposes an efficient authentication model called 'Elngar authentication model' (EAM)-based IoT medical data system for anonymous users using elliptic curves cryptosystem (ECC) which achieves mutual authentication and forward security. Specifically, this paper certify the legitimacy of the proposed via employing BAN-logic, which is one of the important formal methods. Further, the performance comparison shows that EAM model is more suitable for IoT medical applications where efficiency and security concerned.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134276412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A critical insight into the effectiveness of research methods evolved to secure IoT ecosystem 对研究方法有效性的关键洞察演变为确保物联网生态系统的安全
Int. J. Inf. Comput. Secur. Pub Date : 2019-08-27 DOI: 10.1504/ijics.2019.10023470
B. Khan, R. F. Olanrewaju, F. Anwar, R. N. Mir, Athaur Rahman Najeeb
{"title":"A critical insight into the effectiveness of research methods evolved to secure IoT ecosystem","authors":"B. Khan, R. F. Olanrewaju, F. Anwar, R. N. Mir, Athaur Rahman Najeeb","doi":"10.1504/ijics.2019.10023470","DOIUrl":"https://doi.org/10.1504/ijics.2019.10023470","url":null,"abstract":"Increasing proliferation of IoT has led to an evolution of various devices for realising the smart features of ubiquitous applications. However, the inclusion of such a massive pool of devices with different computational capabilities, network protocols, hardware configurations, etc. also causes a higher number of security threats. Security professionals, organisations, and researchers are consistently investigating the security problems associated with IoT ecosystem and are coming up with different forms of solution sets. This paper presents a snapshot of the existing research work being carried out towards the security of IoT and assesses their strengths and weaknesses. The paper also explores the current research trend and presents the latest security methods being implemented and outlines the open research issues associated with it. The paper contributes to offering an accurate picture of the effectiveness of the existing security system in IoT.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"94 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122360729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Behavioural analysis approach for IDS based on attack pattern and risk assessment in cloud computing 基于云计算攻击模式和风险评估的入侵检测行为分析方法
Int. J. Inf. Comput. Secur. Pub Date : 2019-08-27 DOI: 10.1504/IJICS.2019.10013935
B. Youssef, M. Nada, B. Regragui
{"title":"Behavioural analysis approach for IDS based on attack pattern and risk assessment in cloud computing","authors":"B. Youssef, M. Nada, B. Regragui","doi":"10.1504/IJICS.2019.10013935","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10013935","url":null,"abstract":"Cloud environments are becoming easy targets for intruders looking for possible vulnerabilities to exploit as many enterprise applications and data are moving into cloud platforms. The use of current generation of IDS have various limitations on their performance making them not effective for cloud computing security and could generate a huge number of false positive alarms. Analysing intrusion based on attack patterns and risk assessment has demonstrated its efficiency in reducing the number of false alarms and optimising the IDS performances. However, the use of the same value of likelihood makes the approach lacks of real risk value determination. This paper intended to present a new probabilistic and behavioural approach for likelihood determination to quantify attacks in cloud environment, with the main task to increase the efficiency of IDS and decrease the number of alarms. Experimental results show that our approach is superior to the state-of-the-art approaches for intrusion detection in cloud.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116761138","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
SQL injection attacks - a systematic review SQL注入攻击-系统回顾
Int. J. Inf. Comput. Secur. Pub Date : 2019-08-27 DOI: 10.1504/ijics.2019.10023476
Kirti Sharma, Shobha Bhatt
{"title":"SQL injection attacks - a systematic review","authors":"Kirti Sharma, Shobha Bhatt","doi":"10.1504/ijics.2019.10023476","DOIUrl":"https://doi.org/10.1504/ijics.2019.10023476","url":null,"abstract":"In today's era, each and every person is utilising websites and so many different web applications for online administrations, for example: booking of railway tickets, movie ticketing, shopping, communication and so forth. These websites consists sensitive and confidential information. With the linearity of web applications in the last decade, the unconstructive crash of security has also matured either. SQL injection attack is one such attack where the anonymous user can append SQL code to input query. This research paper starts with developing criteria for systematic literature review based on research questions, quality assessment and data samples. The paper presents various SQL injection techniques with their intended attacks. Further studies explore different techniques to prevent attacks. Tabular representation of quality evaluation criteria was presented with grades. Lastly, different research questions and solutions were provided related to SQL injection attacks.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114880247","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
On mapping of address and port using translation 地址和端口的转换映射
Int. J. Inf. Comput. Secur. Pub Date : 2019-04-10 DOI: 10.1504/IJICS.2019.099419
Xing Li, Jing Wang, Xiaofeng Zhong, A. Bhattacharjya
{"title":"On mapping of address and port using translation","authors":"Xing Li, Jing Wang, Xiaofeng Zhong, A. Bhattacharjya","doi":"10.1504/IJICS.2019.099419","DOIUrl":"https://doi.org/10.1504/IJICS.2019.099419","url":null,"abstract":"Due to the shortage of IPv4 addresses, many hosts are currently assigned to a single IPv4 address by using one or a number of NAT devices. However, numerous NAT devices cannot be upgraded for executing 6to4 due to technical and/or economic reasons. Solutions depending on Double Network Address Translation 64 are a good way to utilise shared IP4 addressing. Mapping of address and port using translation (MAP-T) is a technique that accomplishes double translation on Border Relay (BR) and customer edge (CE) devices. IPv4 and IPv6 forwarding, IPv4 and IPv6 fragmentation functions, and NAT64 translation functions are used by MAP-T. This enables increasing numbers of IPv6 in both clients and servers in order to possess the best defence against certain attacks, such as routing loop attacks, spoofing attacks, denial-of-service attacks. We have here proposed some procedures for creating frameworks and sustaining secure IPv6 networks according to applications, environs and architecture.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114695898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Lightweight R-LWE-based privacy preservation scheme for smart grid network 基于轻量级r - lwe的智能电网隐私保护方案
Int. J. Inf. Comput. Secur. Pub Date : 2019-04-10 DOI: 10.1504/IJICS.2019.10019163
A. Agarkar, H. Agrawal
{"title":"Lightweight R-LWE-based privacy preservation scheme for smart grid network","authors":"A. Agarkar, H. Agrawal","doi":"10.1504/IJICS.2019.10019163","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10019163","url":null,"abstract":"Privacy preservation is one of the important research challenges in IoT applications. In one such IoT application; smart grid network, billing information and energy profiling information of the customer may be collected, aggregated, and forwarded to control centre for further analytics. Based on the research findings, traditional public key cryptography is not secured against quantum attacks. Our study is motivated by the recent developments in the lattice-cryptography schemes. This paper presents a lightweight R-LWE lattice-cryptography-based scheme to sign and encrypt message traffic in smart grid. Security analysis suggests that proposed scheme preserves the privacy of customer. Performance analysis shows that proposed scheme cause less communication overhead as compared to traditional public key cryptography yet maintain parallel with NTRU-based scheme and outperforms both formats of public key cryptography in regards to computation overhead.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116673390","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
What's in your honeypot: a privacy compliance perspective 你的蜜罐里有什么:隐私合规的视角
Int. J. Inf. Comput. Secur. Pub Date : 2019-04-10 DOI: 10.1504/IJICS.2019.10020554
Adam J. Brown, T. Andel
{"title":"What's in your honeypot: a privacy compliance perspective","authors":"Adam J. Brown, T. Andel","doi":"10.1504/IJICS.2019.10020554","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10020554","url":null,"abstract":"Honeypots, a form of active cyber defence, assist in frustrating cyber aggressors through a detect and deceive strategy. However, significant legal questions arise in the USA from the emulation of a production host for purposes of recording information pertaining to access sessions. Taking a holistic perspective, this research explores credible legal claims that may arise when using a honeypot. Situations consider issues pertaining to setting up a honeypot to not violate US federal and state privacy laws, to operating a honeypot without becoming exposed to first or third party liability, and to providing data gathered by a honeypot to law enforcement officials to contribute to an investigation.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"182 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114065418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
CSPS: catchy short passwords making offline and online attacks impossible CSPS:引人注目的短密码使离线和在线攻击不可能
Int. J. Inf. Comput. Secur. Pub Date : 2019-04-10 DOI: 10.1504/IJICS.2019.10018618
Jaryn Shen, Qingkai Zeng
{"title":"CSPS: catchy short passwords making offline and online attacks impossible","authors":"Jaryn Shen, Qingkai Zeng","doi":"10.1504/IJICS.2019.10018618","DOIUrl":"https://doi.org/10.1504/IJICS.2019.10018618","url":null,"abstract":"This paper proposes to address online and offline attacks to passwords without increasing users' efforts in choosing and memorising their passwords. In CSPS, a password consists of two parts, a user-chosen short password and a server-generated long password. The short password should be memorised and secured by its user while the long password be encrypted and stored on the server side. To keep the secret key for protecting the long password secure, an additional sever is introduced to store the secret key and provide encryption/decryption services. On top of balloon, CSPS integrates expensive hash with secure encryption. It is mathematically proved that computationally unbounded attackers cannot succeed in offline dictionary or brute-force attacks or a combination of offline and online attacks. The criteria of security are established, which quantifies the security. To our best knowledge, CSPS is the first technique to make security quantifiable in password authentication mechanisms.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130477207","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A study of the internet financial interest rate risk evaluation index system in cloud computing 云计算环境下互联网金融利率风险评价指标体系研究
Int. J. Inf. Comput. Secur. Pub Date : 2019-03-07 DOI: 10.1504/IJICS.2019.098198
Sheng-dong Mu, Yixiang Tian, Yiwei Luo
{"title":"A study of the internet financial interest rate risk evaluation index system in cloud computing","authors":"Sheng-dong Mu, Yixiang Tian, Yiwei Luo","doi":"10.1504/IJICS.2019.098198","DOIUrl":"https://doi.org/10.1504/IJICS.2019.098198","url":null,"abstract":"Cloud computing is a product of computer technologies combined with network technologies and it has been widely applied in China. Experts and scholars in all fields begin to make many studies of cloud computing infrastructure construction and effective resource utilisation. With ITFIN, people can enjoy financial services in dealing with various problems. However, one person can play many identities in the network. This phenomenon posed a severe challenge to ITFIN network security and has largely intensified the risks, including the operational risk, market selection risk and network and information security risk. ITFIN resolves the risks by establishing a reliable, reasonable and effective risk assessment model. We conducted theoretical and empirical analysis, then constructed an assessment model against China's ITFIN risk. The model integrates rough set and particle swarm optimisation support vector machine (PSO-SVM). Finally, the model was used to assess the ITFIN risk in China. The empirical research results indicate that the model can effectively reduce redundant data information with rough set theory. The theory also guarantees a reliable, reasonable and scientific model, enhance the classification effect of the model. The parameters of SVM model obtained by optimising with PSO can effectively avoid local optimum, improve the effect of the classification model. Overall, the model has good generalisation ability and learning ability.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-03-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121598033","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Reconfigurable design and implementation of nonlinear Boolean function for cloud computing security platform 云计算安全平台非线性布尔函数的可重构设计与实现
Int. J. Inf. Comput. Secur. Pub Date : 2019-03-07 DOI: 10.1504/IJICS.2019.098201
Su Yang, Shen Junwei, Wang Wei
{"title":"Reconfigurable design and implementation of nonlinear Boolean function for cloud computing security platform","authors":"Su Yang, Shen Junwei, Wang Wei","doi":"10.1504/IJICS.2019.098201","DOIUrl":"https://doi.org/10.1504/IJICS.2019.098201","url":null,"abstract":"Nonlinear Boolean function plays a pivotal role in the stream cipher algorithms and cloud computing security platforms. Based on the analysis of multiple algorithms, this paper proposes a hardware structure of reconfigurable nonlinear Boolean function. This structure can realise the number of variables and AND terms less than 80 arbitrary nonlinear Boolean function in stream cipher algorithms. The entire architecture is verified on the FPGA platform and synthesised under the 0.18 μm CMOS technology, the clock frequency reaches 248.7 MHz, the result proves that the design is propitious to carry out the most nonlinear Boolean functions in stream ciphers which have been published, compared with other designs, the structure can achieve relatively high flexibility, and it has an obvious advantage in the area of circuits and processing speed.","PeriodicalId":164016,"journal":{"name":"Int. J. Inf. Comput. Secur.","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-03-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129499066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信