Thursday, 21 November 2013

IEEE 2014: Building a Scalable System for Stealthy P2P-Botnet Detection


IEEE 2014 Transactions on INFORMATION FORENSICS AND SECURITY
 
Technology - Available in Java

Abstract—Peer-to-peer (P2P) botnets have recently been adopted by botmasters for their resiliency against take-down efforts. Besides being harder to take down, modern botnets tend to be stealthier in the way they perform malicious activities, making current detection approaches ineffective. In addition, the rapidly growing volume of network traffic calls for high scalability of detection systems. In this paper, we propose a novel scalable botnet detection system capable of detecting stealthy P2P botnets.Our system first identifies all hosts that are likely engaged in P2P communications. It then derives statistical fingerprints to profile P2P traffic and further distinguish between P2P botnet traffic and legitimate P2P traffic. The parallelized computation with bounded complexity makes scalability a built-in feature of our system. Extensive evaluation has demonstrated both high detection accuracy and great scalability of the proposed system.

IEEE 2013: Hacktivism Trends Digital Forensic Tools and Challenges: A Survey

IEEE 2013 Transactions on Information and Communication Technologies 

Technology - Available in Java

Abstract— Hacktivism is the biggest challenge being faced by the Cyber world. Many digital forensic tools are being developed to deal with this challenge but at the same pace hackers are developing the counter techniques. This paper includes the digital forensics basics along with the recent trends of hacktivism in social networking sites, cloud computing, websites and phishing. The various tools of forensics with the platform supported, the recent versions and licensing details are discussed. The paper extends with the current challenges being faced by digital forensics. Keywords - Hacktivism; Computer forensics; Memory forensics; Network forensics; Mobile Phone forensics; Database forensics; Computer forensics Tools; Memory forensics Tools; Network forensics Tools; Mobile Phone forensics Tools; Database forensics
Tools; Anti digital forensics (ADF)

IEEE 2013: Data Security in Distributed System using Fully Homomorphic Encryption and Linear

IEEE 2013 Transactions on Communication Systems and Network Technologies

Technology - Available in Java

Abstract—Distributed computing is a method of computer processing in which different parts of a program run simultaneously on two or more computers that are communicating with each other over a system. Distributed computing is a type of segmented or corresponding computing, but the last term is most usually used to refer to dispensation in which different parts of a program run simultaneously on two or more processors that are part of the same computer. Beside all this there is security issues arise. Through insecure environment distribute the data to get the leakage problem inside the network communication or exchanges the resources of content information specification process. Previous system it cannot provides any verification and validation results specification process. There is no perfect encrypted format of data; it can contain less computational resources of information. In present system we are going to implement robust design with perfect security constraints. We also were implementing Linear Programming Condition and Fully Homomorphic encryption technique

IEEE 2013:Window - based streaming Video - on-Demand Transmission on BitTorrent-Like Peer-to-Peer Networks


IEEE 2013 consumer Communications and Networking Conference

Technology - Available in Java

Abstract—Peer-to-Peer (P2P) networks are distributed systems where no central authority rules the behavior of the individual peers. These systems relay on the voluntary participation of the peers to help each other and reduce congestion at the data servers. Bit Torrent is a popular file-sharing P2P application originally designed for non real-time data. Given the inherent characteristics of these systems, they have been considered to alleviate part of the traffic in conventional networks, particularly for streaming stored playback Video-on-Demand services. In this work, a window-based peer selection strategy for managed P2P networks is proposed. The basic idea is to select the down loader peers according to their progress in the file download process relative to the progress of the downloading peers. The aforementioned strategy is analyzed using both a fluid model and a Continuous Time Markov Chain. Also, abundance conditions in the system are identified. Index Terms - Streaming Stored Playback Video-on-Demand, Peer-to-peer Network, Bit Torrent

IEEE 2013: Rethinking Vehicular Communications: Merging VANET with Cloud Computing

IEEE 2013 Transactions on Cloud Computing Technology and Science

Technology - Available in Java

Abstract—Despite the surge in Vehicular Ad Hoc NETwork (VANET) research, future high-end vehicles are expected to under-utilize the on-board computation, communication, and storage resources. Olariu et al. envisioned the next paradigm shift from conventional VANET to Vehicular Cloud Computing (VCC) by merging VANET with cloud computing. But to date, in the literature, there is no solid architecture for cloud computing from VANET standpoint. In this paper, we put forth the taxonomy of VANET based cloud computing. It is, to the best of our knowledge, the first effort to define VANET Cloud architecture. Additionally we divide VANET clouds into three architectural frameworks named Vehicular Clouds (VC), Vehicles using Clouds (VuC), and Hybrid Vehicular Clouds (HVC). We also outline the unique security and privacy issues and research challenges in VANET clouds

IEEE 2013: Redundancy Management of Multipath Routing for Intrusion Tolerance in Heterogeneous Wireless Sensor Networks

IEEE 2013: Transactions on Networking

Technology - Available in Java

Abstract—In this paper we propose redundancy management of heterogeneous wireless sensor networks (HWSNs), utilizing multipath routing to answer user queries in the presence of unreliable and malicious nodes. The key concept of  our redundancy management is to exploit the tradeoff between energy consumption vs. the gain in reliability, timeliness, and security to maximize the system useful lifetime. We formulate the tradeoff as an optimization problem for dynamically determining the best redundancy level to apply to multipath routing for intrusion tolerance so that the query response success probability is maximized while prolonging the useful lifetime.  Furthermore, we consider this optimization problem for the case  in which a voting-based distributed intrusion detection algorithm is applied to detect and evict malicious nodes in a HWSN. We develop a novel probability model to analyze the best redundancy level in terms of path redundancy and source redundancy, as  well as the best intrusion detection settings in terms of the number of voters and the intrusion invocation interval under which the lifetime of a HWSN is maximized. We then apply the analysis results obtained to the design of a dynamic redundancy management algorithm to identify and apply the best design parameter settings at run time in response to environment changes, to maximize the HWSN lifetime

IEEE 2013: NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems

IEEE 2013 Transactions on Dependable and Secure Computing


Technology - Available in Java

Abstract—Cloud security is one of most important issues that has attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multi step exploitation, low-frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely difficult. This is because cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multiphase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph-based analytical models and reconfigurable virtual network-based countermeasures. The proposed framework leverages Open Flow network programming APIs to build a monitor and control plane over distributed programmable virtual switches to significantly improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the efficiency and effectiveness of the proposed solution

Wednesday, 20 November 2013

IEEE 2013: DRINA: A Lightweight and Reliable Routing Approach for In-Network Aggregation in Wireless Sensor Networks

IEEE 2013 Transactions on Computers

Technology - Available in Java

Abstract—Large scale dense Wireless Sensor Networks (WSNs) will be increasingly deployed in different classes of applications for accurate monitoring. Due to the high density of nodes in these networks, it is likely that redundant data will be detected by nearby nodes when sensing an event. Since energy conservation is a key issue in WSNs, data fusion and aggregation should be exploited in order to save energy. In this case, redundant data can be aggregated at intermediate nodes reducing the size and number of exchanged  messages and, thus, decreasing communication costs and energy consumption. In this work, we propose a novel Data Routing for In-Network Aggregation, called DRINA, that has some key aspects such as a reduced number of messages for setting up a routing tree, maximized number of overlapping routes, high aggregation rate, and reliable data aggregation and transmission. The proposed DRINA algorithm was extensively compared to two other known solutions: the Information Fusion-based Role Assignment (InFRA) and Shortest Path Tree (SPT) algorithms. Our results indicate clearly that the routing tree built by DRINA provides the best aggregation quality when compared to these other algorithms. The obtained results show that our proposed solution outperforms these solutions in different scenarios and in different key aspects required by WSNs

IEEE 2013 :Community-Aware Opportunistic Routing in Mobile Social Networks

IEEE 2013 Transactions on Computers

Technology - Available in Java

Abstract—Mobile social networks (MSNs) are a kind of delay tolerant network that consists of lots of mobile nodes with social characteristics. Recently, many social-aware algorithms have been proposed to address routing problems in MSNs. However, these algorithms tend to forward messages to the nodes with locally optimal social characteristics, and thus cannot achieve the optimal performance. In this paper, we propose a distributed optimal Community-Aware Opportunistic Routing (CAOR) algorithm. Our main contributions are that we propose a home-aware community model, whereby we turn an MSN into a network that only includes community homes. We prove that, in the network of community homes, we still can compute the minimum expected delivery delays of nodes through a reverse Dijkstra algorithm and achieve the optimal opportunistic routing performance. Since the number of communities is far less than the number of nodes in magnitude, the computational cost and maintenance cost of contact information are greatly reduced. We demonstrate how our algorithm significantly outperforms the previous ones through extensive simulations, based on a real MSN trace and a synthetic MSN trace

Tuesday, 19 November 2013

IEEE 2013: ALERT: An Anonymous Location-Based Efficient Routing Protocol in MANETs

IEEE 2013 Transactions on Mobile Computing

Technology - Available in Java

Abstract—Mobile Ad Hoc Networks (MANETs) use anonymous routing protocols that hide node identities and/or routes from outside observers in order to provide anonymity protection. However, existing anonymous routing protocols relying on either hop-by-hop encryption or redundant traffic, either generate high cost or cannot provide full anonymity protection to data sources, destinations, and routes. The high cost exacerbates the inherent resource constraint problem in MANETs especially in multimedia wireless applications. To offer high anonymity protection at a low cost, we propose an Anonymous Location-based Efficient Routing pro Tocol (ALERT). ALERT dynamically partitions the network field into zones and  randomly chooses nodes in zones as intermediate relay nodes, which form a non traceable anonymous route. In addition, it hides the data initiator/receiver among many initiators/receivers to strengthen source and destination anonymity protection. Thus, ALERT offers anonymity protection to sources, destinations, and routes. It also has strategies to effectively counter intersection and timing attacks. We theoretically analyze ALERT in terms of anonymity and efficiency. Experimental results exhibit consistency with the theoretical analysis, and show that ALERT achieves better route anonymity protection and lower cost compared to other anonymous routing protocols. Also, ALERT achieves comparable routing efficiency to the GPSR geographical routing protocol

IEEE 2013: EMR: A Scalable Graph-based Ranking Model for Content-based Image Retrieval

IEEE 2013 Transactions on Knowledge and Data Engineering 

Technology - Available in Java

Abstract—Graph-based ranking models have been widely applied in information retrieval area. In this paper, we focus on a well known graph-based model - the Ranking on Data Manifoldmodel, or Manifold Ranking (MR). Particularly, it has been successfully applied to content-based image retrieval, because of its outstanding ability to discover underlying geometrical structure of the given image database. However, manifold ranking is computationally very expensive, which significantly limits its applicability to large databases especially for the cases that the queries are out of the database (new samples). We propose a novel scalable graph-based ranking model called Efficient Manifold Ranking (EMR), trying to address the shortcomings of MR from two main perspectives: scalable graph construction and efficient ranking computation. Specifically, we build an anchor graph on the database instead of a traditional k-nearest neighbor graph, and design a new form of adjacency matrix utilized to speed up the ranking. An approximate method is adopted for efficient out-of-sample retrieval. Experimental results on some large scale image databases demonstrate that EMR is a promising method for real world retrieval applications

IEEE 2013: SUSIE: Search Using Services and Information Extraction

IEEE 2013 Transactions on Knowledge and Data Engineering

Abstract—The API of a Web service restricts the types of queries that the service can answer. For example, a Web service might provide a method that returns the songs of a given singer, but it might not provide a method that returns the singers of a given song. If the user asks for the singer of some specific song, then the Web service cannot be called – even though the underlying database might have the desired piece of information. This asymmetry is particularly problematic if the service is used in a Web service orchestration system. In this paper, we propose to use on-the-fly information extraction to collect values that can be used as parameter bindings for the Web service. We show how this idea can be integrated into a Web service orchestration system. Our approach is fully implemented in a prototype called SUSIE. We present experiments with real-life data and services to demonstrate the practical viability and good performance of our approach.


Friday, 26 July 2013

IEEE 2013: CLOUD COMPUTING FOR MOBILE USERS: CAN OFFLOADING COMPUTATION SAVE ENERGY?

IEEE 2013 TRANSACTIONS ON CLOUD COMPUTING 

 Technology - Available in Android

Cloud computing1 is a new paradigm in which computing resources such as processing, memory, and storage are not physically pres-ent at the user’s location. Instead, a service provider owns and manages these resources, and users access them via the Internet. For example, Amazon Web Services lets users store personal data via its Simple Storage Service (S3) and perform computations on stored data using the Elastic Compute Cloud (EC2). This type of computing provides many advantages for businesses—including low initial capital investment, shorter start-up time for new services, lower maintenance and operation costs, higher utilization through virtual-ization, and easier disaster recovery—that make cloud computing an attractive option. Reports suggest that there are several benefits in shifting computing from the desktop to the cloud.1,2 What about cloud computing for mobile users? The primary constraints for mobile computing are limited energy and wireless bandwidth. Cloud computing can provide energy savings as a service to mobile users, though it also poses some unique challenges.

IEEE 2013:CloudMoV: Cloud-based Mobile Social TV


IEEE 2013 TRANSACTIONS ON MULTIMEDIA 

Technology - Available in Android
Abstract—The rapidly increasing power of personal mobile devices (smart phones, tablets, etc.) is providing much richer contents and social interactions to users on the move. This trend however is throttled by the limited battery lifetime of mobile devices and unstable wireless connectivity, making the highest possible quality of service experienced by mobile users not feasible. The recent cloud computing technology, with its rich resources to compensate for the limitations of mobile devices and connections, can potentially provide an ideal platform to support the desired mobile services. Tough challenges arise on how to effectively exploit cloud resources to facilitate mobile services, especially those with stringent interaction delay requirements. In this paper, we propose the design of a Cloud-based, novel Mobile social tV system (CloudMoV). The system effectively utilizes both PaaS (Platform-as-a-Service) and IaaS (Infrastructure-asa- Service) cloud services to offer the living-room experience of video watching to a group of disparate mobile users who can interact socially while sharing the video. To guarantee good streaming quality as experienced by the mobile users with time varying wireless connectivity, we employ a surrogate for each user in the IaaS cloud for video downloading and social exchanges on behalf of the user. The surrogate performs efficient stream transcoding that matches the current connectivity quality of the mobile user. Given the battery life as a key performance bottleneck, we advocate the use of burst transmission from the surrogates to the mobile users, and carefully decide the burst size which can lead to high energy efficiency and streaming quality. Social interactions among the users, in terms of spontaneous textual exchanges, are effectively achieved by efficient designs of data storage with BigTable and dynamic handling of large volumes of concurrent messages in a typical PaaS cloud. These various designs for flexible transcoding capabilities, battery efficiency of mobile devices and spontaneous social interactivity together provide an ideal platform for mobile social TV services. We have implemented CloudMoV on Amazon EC2 and Google App Engine and verified its superior performance based on real world experiments.




Wednesday, 17 July 2013

IEEE 2013: Security and Privacy Enhancing Multi-Cloud Architectures



IEEE 2013 Transaction on Dependable and Secure Computing

Technology - Available in Java and Dot Net

Abstract—Security challenges are still amongst the biggest obstacles when considering the adoption of cloud services. This triggered a lot of research activities, resulting in a quantity of proposals targeting the various cloud security threats. Alongside with these security issues the cloud paradigm comes with a new set of unique features which open the path towards novel security approaches, techniques and architectures. This paper provides a survey on the achievable security merits by making use of multiple distinct clouds simultaneously. Various distinct architectures are introduced and discussed according to their security and privacy capabilities and prospects.


Index Terms—Cloud; Security; Privacy; Multi-Cloud; Application Partitioning; Tier Partitioning; Data Partitioning; Multi-party Computation

IEEE 2013: Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-based Encryption

IEEE 2013 Transactions on Parallel & Distributed System


Technology- Available in Java and DotNet

Abstract—Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients’ control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained,  cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semi-trusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient’s PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme.



IEEE 2023: WEB SECURITY OR CYBER CRIME

  IEEE 2023:   Machine Learning and Software-Defined Networking to Detect DDoS Attacks in IOT Networks Abstract:   In an era marked by the r...