Thursday, 21 November 2013

IEEE 2014: Building a Scalable System for Stealthy P2P-Botnet Detection


IEEE 2014 Transactions on INFORMATION FORENSICS AND SECURITY
 
Technology - Available in Java

Abstract—Peer-to-peer (P2P) botnets have recently been adopted by botmasters for their resiliency against take-down efforts. Besides being harder to take down, modern botnets tend to be stealthier in the way they perform malicious activities, making current detection approaches ineffective. In addition, the rapidly growing volume of network traffic calls for high scalability of detection systems. In this paper, we propose a novel scalable botnet detection system capable of detecting stealthy P2P botnets.Our system first identifies all hosts that are likely engaged in P2P communications. It then derives statistical fingerprints to profile P2P traffic and further distinguish between P2P botnet traffic and legitimate P2P traffic. The parallelized computation with bounded complexity makes scalability a built-in feature of our system. Extensive evaluation has demonstrated both high detection accuracy and great scalability of the proposed system.

IEEE 2013: Hacktivism Trends Digital Forensic Tools and Challenges: A Survey

IEEE 2013 Transactions on Information and Communication Technologies 

Technology - Available in Java

Abstract— Hacktivism is the biggest challenge being faced by the Cyber world. Many digital forensic tools are being developed to deal with this challenge but at the same pace hackers are developing the counter techniques. This paper includes the digital forensics basics along with the recent trends of hacktivism in social networking sites, cloud computing, websites and phishing. The various tools of forensics with the platform supported, the recent versions and licensing details are discussed. The paper extends with the current challenges being faced by digital forensics. Keywords - Hacktivism; Computer forensics; Memory forensics; Network forensics; Mobile Phone forensics; Database forensics; Computer forensics Tools; Memory forensics Tools; Network forensics Tools; Mobile Phone forensics Tools; Database forensics
Tools; Anti digital forensics (ADF)

IEEE 2013: Data Security in Distributed System using Fully Homomorphic Encryption and Linear

IEEE 2013 Transactions on Communication Systems and Network Technologies

Technology - Available in Java

Abstract—Distributed computing is a method of computer processing in which different parts of a program run simultaneously on two or more computers that are communicating with each other over a system. Distributed computing is a type of segmented or corresponding computing, but the last term is most usually used to refer to dispensation in which different parts of a program run simultaneously on two or more processors that are part of the same computer. Beside all this there is security issues arise. Through insecure environment distribute the data to get the leakage problem inside the network communication or exchanges the resources of content information specification process. Previous system it cannot provides any verification and validation results specification process. There is no perfect encrypted format of data; it can contain less computational resources of information. In present system we are going to implement robust design with perfect security constraints. We also were implementing Linear Programming Condition and Fully Homomorphic encryption technique

IEEE 2013:Window - based streaming Video - on-Demand Transmission on BitTorrent-Like Peer-to-Peer Networks


IEEE 2013 consumer Communications and Networking Conference

Technology - Available in Java

Abstract—Peer-to-Peer (P2P) networks are distributed systems where no central authority rules the behavior of the individual peers. These systems relay on the voluntary participation of the peers to help each other and reduce congestion at the data servers. Bit Torrent is a popular file-sharing P2P application originally designed for non real-time data. Given the inherent characteristics of these systems, they have been considered to alleviate part of the traffic in conventional networks, particularly for streaming stored playback Video-on-Demand services. In this work, a window-based peer selection strategy for managed P2P networks is proposed. The basic idea is to select the down loader peers according to their progress in the file download process relative to the progress of the downloading peers. The aforementioned strategy is analyzed using both a fluid model and a Continuous Time Markov Chain. Also, abundance conditions in the system are identified. Index Terms - Streaming Stored Playback Video-on-Demand, Peer-to-peer Network, Bit Torrent

IEEE 2013: Rethinking Vehicular Communications: Merging VANET with Cloud Computing

IEEE 2013 Transactions on Cloud Computing Technology and Science

Technology - Available in Java

Abstract—Despite the surge in Vehicular Ad Hoc NETwork (VANET) research, future high-end vehicles are expected to under-utilize the on-board computation, communication, and storage resources. Olariu et al. envisioned the next paradigm shift from conventional VANET to Vehicular Cloud Computing (VCC) by merging VANET with cloud computing. But to date, in the literature, there is no solid architecture for cloud computing from VANET standpoint. In this paper, we put forth the taxonomy of VANET based cloud computing. It is, to the best of our knowledge, the first effort to define VANET Cloud architecture. Additionally we divide VANET clouds into three architectural frameworks named Vehicular Clouds (VC), Vehicles using Clouds (VuC), and Hybrid Vehicular Clouds (HVC). We also outline the unique security and privacy issues and research challenges in VANET clouds

Wednesday, 20 November 2013

IEEE 2013: Redundancy Management of Multipath Routing for Intrusion Tolerance in Heterogeneous Wireless Sensor Networks

IEEE 2013: Transactions on Networking

Technology - Available in Java

Abstract—In this paper we propose redundancy management of heterogeneous wireless sensor networks (HWSNs), utilizing multipath routing to answer user queries in the presence of unreliable and malicious nodes. The key concept of  our redundancy management is to exploit the tradeoff between energy consumption vs. the gain in reliability, timeliness, and security to maximize the system useful lifetime. We formulate the tradeoff as an optimization problem for dynamically determining the best redundancy level to apply to multipath routing for intrusion tolerance so that the query response success probability is maximized while prolonging the useful lifetime.  Furthermore, we consider this optimization problem for the case  in which a voting-based distributed intrusion detection algorithm is applied to detect and evict malicious nodes in a HWSN. We develop a novel probability model to analyze the best redundancy level in terms of path redundancy and source redundancy, as  well as the best intrusion detection settings in terms of the number of voters and the intrusion invocation interval under which the lifetime of a HWSN is maximized. We then apply the analysis results obtained to the design of a dynamic redundancy management algorithm to identify and apply the best design parameter settings at run time in response to environment changes, to maximize the HWSN lifetime

IEEE 2013: NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems

IEEE 2013 Transactions on Dependable and Secure Computing


Technology - Available in Java

Abstract—Cloud security is one of most important issues that has attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multi step exploitation, low-frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely difficult. This is because cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multiphase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph-based analytical models and reconfigurable virtual network-based countermeasures. The proposed framework leverages Open Flow network programming APIs to build a monitor and control plane over distributed programmable virtual switches to significantly improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the efficiency and effectiveness of the proposed solution

IEEE 2013: DRINA: A Lightweight and Reliable Routing Approach for In-Network Aggregation in Wireless Sensor Networks

IEEE 2013 Transactions on Computers

Technology - Available in Java

Abstract—Large scale dense Wireless Sensor Networks (WSNs) will be increasingly deployed in different classes of applications for accurate monitoring. Due to the high density of nodes in these networks, it is likely that redundant data will be detected by nearby nodes when sensing an event. Since energy conservation is a key issue in WSNs, data fusion and aggregation should be exploited in order to save energy. In this case, redundant data can be aggregated at intermediate nodes reducing the size and number of exchanged  messages and, thus, decreasing communication costs and energy consumption. In this work, we propose a novel Data Routing for In-Network Aggregation, called DRINA, that has some key aspects such as a reduced number of messages for setting up a routing tree, maximized number of overlapping routes, high aggregation rate, and reliable data aggregation and transmission. The proposed DRINA algorithm was extensively compared to two other known solutions: the Information Fusion-based Role Assignment (InFRA) and Shortest Path Tree (SPT) algorithms. Our results indicate clearly that the routing tree built by DRINA provides the best aggregation quality when compared to these other algorithms. The obtained results show that our proposed solution outperforms these solutions in different scenarios and in different key aspects required by WSNs

IEEE 2013 :Community-Aware Opportunistic Routing in Mobile Social Networks

IEEE 2013 Transactions on Computers

Technology - Available in Java

Abstract—Mobile social networks (MSNs) are a kind of delay tolerant network that consists of lots of mobile nodes with social characteristics. Recently, many social-aware algorithms have been proposed to address routing problems in MSNs. However, these algorithms tend to forward messages to the nodes with locally optimal social characteristics, and thus cannot achieve the optimal performance. In this paper, we propose a distributed optimal Community-Aware Opportunistic Routing (CAOR) algorithm. Our main contributions are that we propose a home-aware community model, whereby we turn an MSN into a network that only includes community homes. We prove that, in the network of community homes, we still can compute the minimum expected delivery delays of nodes through a reverse Dijkstra algorithm and achieve the optimal opportunistic routing performance. Since the number of communities is far less than the number of nodes in magnitude, the computational cost and maintenance cost of contact information are greatly reduced. We demonstrate how our algorithm significantly outperforms the previous ones through extensive simulations, based on a real MSN trace and a synthetic MSN trace

Tuesday, 19 November 2013

IEEE 2013: ALERT: An Anonymous Location-Based Efficient Routing Protocol in MANETs

IEEE 2013 Transactions on Mobile Computing

Technology - Available in Java

Abstract—Mobile Ad Hoc Networks (MANETs) use anonymous routing protocols that hide node identities and/or routes from outside observers in order to provide anonymity protection. However, existing anonymous routing protocols relying on either hop-by-hop encryption or redundant traffic, either generate high cost or cannot provide full anonymity protection to data sources, destinations, and routes. The high cost exacerbates the inherent resource constraint problem in MANETs especially in multimedia wireless applications. To offer high anonymity protection at a low cost, we propose an Anonymous Location-based Efficient Routing pro Tocol (ALERT). ALERT dynamically partitions the network field into zones and  randomly chooses nodes in zones as intermediate relay nodes, which form a non traceable anonymous route. In addition, it hides the data initiator/receiver among many initiators/receivers to strengthen source and destination anonymity protection. Thus, ALERT offers anonymity protection to sources, destinations, and routes. It also has strategies to effectively counter intersection and timing attacks. We theoretically analyze ALERT in terms of anonymity and efficiency. Experimental results exhibit consistency with the theoretical analysis, and show that ALERT achieves better route anonymity protection and lower cost compared to other anonymous routing protocols. Also, ALERT achieves comparable routing efficiency to the GPSR geographical routing protocol

IEEE 2013: EMR: A Scalable Graph-based Ranking Model for Content-based Image Retrieval

IEEE 2013 Transactions on Knowledge and Data Engineering 

Technology - Available in Java

Abstract—Graph-based ranking models have been widely applied in information retrieval area. In this paper, we focus on a well known graph-based model - the Ranking on Data Manifoldmodel, or Manifold Ranking (MR). Particularly, it has been successfully applied to content-based image retrieval, because of its outstanding ability to discover underlying geometrical structure of the given image database. However, manifold ranking is computationally very expensive, which significantly limits its applicability to large databases especially for the cases that the queries are out of the database (new samples). We propose a novel scalable graph-based ranking model called Efficient Manifold Ranking (EMR), trying to address the shortcomings of MR from two main perspectives: scalable graph construction and efficient ranking computation. Specifically, we build an anchor graph on the database instead of a traditional k-nearest neighbor graph, and design a new form of adjacency matrix utilized to speed up the ranking. An approximate method is adopted for efficient out-of-sample retrieval. Experimental results on some large scale image databases demonstrate that EMR is a promising method for real world retrieval applications

IEEE 2013: SUSIE: Search Using Services and Information Extraction

IEEE 2013 Transactions on Knowledge and Data Engineering

Abstract—The API of a Web service restricts the types of queries that the service can answer. For example, a Web service might provide a method that returns the songs of a given singer, but it might not provide a method that returns the singers of a given song. If the user asks for the singer of some specific song, then the Web service cannot be called – even though the underlying database might have the desired piece of information. This asymmetry is particularly problematic if the service is used in a Web service orchestration system. In this paper, we propose to use on-the-fly information extraction to collect values that can be used as parameter bindings for the Web service. We show how this idea can be integrated into a Web service orchestration system. Our approach is fully implemented in a prototype called SUSIE. We present experiments with real-life data and services to demonstrate the practical viability and good performance of our approach.


IEEE 2013 : A Fast Clustering-Based Feature Subset Selection Algorithm for High Dimensional Data


IEEE  2013  Transactions on Knowledge and Data Engioneering

Technology - Available in Java


Abstract—Feature selection involves identifying a subset of the most useful features that produces compatible results as the original entire set of features. A feature selection algorithm may be evaluated from both the efficiency and effectiveness points of view. While the efficiency concerns the time required to find a subset of features, the effectiveness is related to the quality of the subset of features. Based on these criteria, a fast clustering-based feature selection algorithm, FAST, is proposed and experimentally evaluated in this paper. The FAST algorithm works in two steps. In the first step, features are divided into clusters by using graph-theoretic clustering methods. In the second step, the most representative feature that is strongly related to target classes is selected from each cluster to form a subset of features. Features in different clusters are relatively independent, the clustering-based strategy of FAST has a high probability of producing a subset of useful and independent features. To ensure the efficiency of FAST, we adopt the efficient minimum-spanning tree clustering method. The efficiency and effectiveness of the FAST algorithm are evaluated through an empirical study. Extensive experiments are carried out to compare FAST and several representative feature selection algorithms, namely, FCBF, ReliefF, CFS, Consist, and FOCUS-SF, with respect to four types of well-known classifiers, namely, the probability-based Naive Bayes, the tree-based C4.5, the instance-based IB1, and the rule-based RIPPER before and after feature selection. The results, on 35 publicly available real-world high dimensional image, microarray, and text data, demonstrate that FAST not only produces smaller subsets of features but also improves the performances of the four types of classifiers

Monday, 18 November 2013

IEEE 2013: Facilitating Document Annotation using Content and Querying Value

IEEE 2013 Transactions on Knowledge and Data Engineering


Technology - Available in Java 

Abstract—A large number of organizations today generate and share textual descriptions of their products, services, and actions. Such collections of textual data contain significant amount of structured information, which remains buried in the unstructured text. While information extraction algorithms facilitate the extraction of structured relations, they are often expensive and inaccurate, especially when operating on top of text that does not contain any instances of the targeted structured information. We present a novel alternative approach that facilitates the generation of the structured metadata by identifying documents that are likely to contain information of interest and this information is going to be subsequently useful for querying the database. Our approach relies on the idea that humans are more likely to add the necessary metadata during creation time, if prompted by the interface; or that it is much easier for humans (and/or algorithms) to identify the metadata when such information actually exists in the document, instead of naively prompting users to fill in forms with information that is not available in the document. As a major contribution of this paper, we present algorithms that identify structured attributes that are likely to appear within the document, by jointly utilizing the content of the text and the query workload. Our experimental evaluation shows that our approach generates superior results compared to approaches that rely only on the textual content or only on the query workload, to identify attributes of interest



IEEE 2013: Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud

IEEE 2013 Transactions on Parallel and Distributed Systems  

Technology - Available in Java

Abstract—With the character of low maintenance, cloud computing provides an economical and efficient solution for sharing group resource among cloud users. Unfortunately, sharing data in a multi owner manner while preserving data and identity privacy from an untrusted cloud is still a challenging issue, due to the frequent change of the membership. In this paper, we propose a secure multi-owner data sharing scheme, named Mona, for dynamic groups in the cloud. By leveraging group signature and dynamic broadcast encryption techniques, any cloud user can anonymously share data with others. Meanwhile, the storage overhead and encryption computation cost of our scheme are independent with the number of revoked users. In addition, we analyze the security of our scheme with rigorous proofs, and demonstrate the efficiency of our scheme in experiments.