Recent Trends in Network Security and Applications - Third International Conference, CNSA 2010, Chennai, India, July 23-25, 2010Proceedings

Preface

Organization

Workshop Preface

Workshop Organization

Table of Contents

The Third International Conference on Network Security and Applications (CNSA 2010)

Secure Framework for Data Centric Heterogeneous Wireless Sensor Networks

Introduction

Preliminaries

Related Work

Key Pre-distribution Schemes

Revocation of Keys

Secure Data Aggregation Schemes

SDAKM Scheme

Secure Data Aggregation Scheme

Efficient Key Management Scheme

Performance Evaluation

Security Analysis of IHC

Security Analysis of Key Management Scheme

Conclusion

References

Data Security in Local Area Network Based on Fast Encryption Algorithm

Introduction

Review on the Symmetrical-Encryption Algorithms

The New Symmetrical Algorithm

Key Generation

Encryption

Decryption

Applications

The Results

Conclusion

References

Fuzzy Rule-Base Based Intrusion Detection System on Application Layer

Introduction

Architecture of the Fasids

Fuzzy Component for Non-intrusive Traffic

Working of Fuzzy Cognitive Mapper in Ids

Fuzzy Associative Memory by Fuzzy Rules

Algorithm for Fuzzy Intrusion Detection System

Results and Analysis

Conclusion

References

Trust Models in Wireless Sensor Networks: A Survey

Introduction

Security in WSNs

Notion of Trust

Trust in Sensor Networks

References

Load Balancing in Distributed Web Caching

Introduction

Issues

Solutions

Desirable Properties of Distributed Web Caching

Fast access

Robustness

Transparency

Scalability

Efficiency

Adaptivity

Stability

Load balancing

Simplicity

Problems in Distributed Web Caching

Extra Overhead

Size of Cache

Cache Coherence Problem

Scalability

Proposed Solution for Distributed Web Caching

The Proposed Caching System

Structure of Network

Proposed Architecture

Proposed Algorithm

Conclusions

References

TRING: A New Framework for Efficient Group Key Distribution for Dynamic Groups

Introduction

Related Work

Notations and Terminology

Broadcast Ring Based Group Communication

Join Protocol

Leave Protocol

Group Communication Using the Combination of Ring and Tree

Join Protocol

Leave Protocol

Analysis

Number of Keys at Each Member

Cost of Join

Cost of Leave

Conclusion

References

Image Classification for More Reliable Steganalysis

Introduction

Notations

Classification of Images for More Reliable Steganalysis

Experimental Results

Identification of Images Which Give Highly Inaccurate Results

Identification of Images Which Give Accurate Results

Conclusion

References

Security for High-Speed MANs/WANs

Introduction

Security Threats

Threat Identification

Security Concerns and TCP/ IP

Physical Security

Security Services and Mechanisms

Why a New Approach Is Needed

References

Behavioral Analysis of Transport Layer Based Hybrid Covert Channel

Introduction

Covert Communication

Importance of Covertness and Layers of Attack

Covert Channel Variants

Transport Layer Based Hybrid Covert Channel

NCT - SNCC Implementation

SCSL Implementation

Conclusion and Future Work

References

Efficient Encryption of Intra and Inter Frames in MPEG Video

Introduction

MPEG Coding Methodology

Video Security Algorithms

Proposed Encryption Method

Secret Sharing

Shamir’s Secret Sharing Scheme

Decryption of Intra and Inter Frames

Security Analysis

Key Space Analysis

Statistical Analysis

Experiments and Results

Conclusion

References

VLSI Design and Implementation of Combined Secure Hash Algorithm SHA-512

Introduction

SHA-512 Implementation

Preprocessing

Hash Computation

Proposed Model

Performance Analysis

Security Analysis

Conclusion

References

Performance Comparison of Multicast Routing Protocols under Variable Bit Rate Scenario for Mobile Adhoc Networks

Introduction

Multicasting Protocols in MANET

Experimental Setup and Performance Metrics

Simulation Result

Conclusion and Future Work

References

A Trust Based Technique to Isolate Non-forwarding Nodes in DSR Basedmobile Adhoc Networks

Introduction

Security Attacks in MANET

Related Works

Other Related Work

The Proposed Scheme

Nature of Association between Neighbouring Nodes in an Ad Hoc Network

Association Estimator Technique

Routing Mechanism

Simulation Set Up

Results and Discussions

Conclusion

References

Ensured Quality of Admitted Voice Calls through Authorized VoIP Networks

Introduction

Admission of Voice Calls Using Delay Analysis Method in Differentiated Services

Components of the Qos-Provisioning System

Design of a Call Admission Control Agent (CACA)

Utilization-Based Deterministic Delay Analysis

Utilization-Based Statistical Delay Analysis

Proposed Method for Securing ARP Cache Poisoning Attack

Secure ARP Request and Response between LAN

Experimental Results for Admission of Voice Calls Using Delay Analysis Method

Performance of Authenticated Voice User Admission Procedure in VOIP Network

Verification of Prevented ARP Cache Poisoning Attack Using MessageIntegrity and Message Authentication

Conclusion

References

Wireless Mesh Networks: Routing Protocols and Challenges

Introduction

Routing Layer Challenges

Routing Metrics

Hop Count

Blocking Metric

Expected Transmission Count (ETX)

Expected Transmission Time (ETT)

Routing Protocols

Optimized Link State Routing (OLSR) Protocol

Fish-Eye State Routing Protocol

Destination Sequenced Distance Vector (DSDV)

The Wireless Routing Protocol (WRP)

Clusterhead Gateway Switching Routing Protocol (CGSR)

Zone Based Hierarchical Link State Routing Protocol (ZHLS)

Ad Hoc On Demand Distance Vector Routing (AODV)

Temporally-Ordered Routing Algorithm- TORA

Dynamic Source Routing- DSR

Application Scenarios

Wireless Broadband Home Networking

Enterprise Networking

Broadband Community Networking

Conclusion

References

Comparative Analysis of Formal Model Checking Tools for Security Protocol Verification

Introduction

Two Approaches for Protocol Verification

Formal Verification of Security Protocols

Belief Logics

Theorem Proving Based Approaches

State Exploration

Model Checking Tools

Protocol Verification Using Scyther

Comparative Analysis of Formal Method Model Checking Tools

Conclusion

References

Secured Paradigm for Mobile Databases

Introduction

Related Works

Encryption

Issues

Architecture

Proposed Architecture

Server Side Security

Client Side Security

Security during Data Transmission

Advantages of the Proposed Architecture

Conclusion

References

Energy Analysis of RSA and ELGAMAL Algorithms for Wireless Sensor Networks

Introduction

Cryptography for WSN

Need of Asymmetric Key Cryptosystem

Crypt Algorithms for WSN

RSA Algorithm

ELGAMAL Algorithm

Simulation Results

ELGAMAL Algorithm-Energy Diagram

RSA Algorithm-Energy Diagram

Comparison of RSA and ELGAMAL

Conclusion

References

Detection and Mitigation of Attacks by Colluding Misbehaving Nodes in MANET

Introduction

Related Work

Trust Based Multipath DSR

Route Discovery at Source Node

RREQ Processing at Intermediate Nodes

RREP at Destination Node

RREP Processing at Intermediate Nodes

Path Decision at Source Node

Extended - Trust Based Multi-path Dynamic Source Routing(E-TMDSR)

Discovery of Multiple Paths

Path Selection

Traffic Allocation

Route Maintenance

Security Analysis of E-TMDSR

Protection against Malicious Colluding Nodes

Black Hole and Gray Hole Attacks

Cache Poisoning

Performance Analysis of E-TMDSR

Metrics

Discussion of Results

Conclusions and Future Work

References

A Flow Based Slow and Fast Scan Detection System

Introduction

Related Work

ProposedSystem

Architecture

Detection Methods

Experiments

Test Set-Up

Result

Result Analysis

Fast Scan Detection

Slow Scan Detection

Conclusion

References

A New Remote Mutual Authentication Scheme for WI-FI Enabledhand-Held Devices

Introduction

Problems in the Traditional Method

Related Work

Authentication

Authentication Factors

Indirect Authentication

Proposed Authentication Scheme

Initial Phase

Registration Phase

Login Phase

Authentication Phase

Security Analysis of Our Scheme

Denial of Service Attack

Forgery Attack

Password Guessing Attack

Parallel Session Attack

Mutual Authentication

Security Analysis

Implementation Results and Discussions

Experimental Setup

Time Complexity

Energy Requirements

Conclusion

References

Concurrent Usage Control Implementation Verification Using the SPIN Model Checker

Introduction

Related Work

Overview of Software Model Checking

The SPIN Model Checker

Concurrent Usage Control Authorization Implementation Verification

Verification Using the SPIN

Case Study

Safe Usage Control Authorization Model Design

Usage Control Implementation Verification

Conclusion

References

Pipelining Architecture of AES Encryption and Key Generation with Search Based Memory

Introduction

AES (Advanced Encryption Standard)

Pipelining of AES Encryption

Search Based Memory

Pipelining of Key Schedule Algorithm

Pipelined Architecture for Key Expansion Module

Comparison of Hardware Utilization

Conclusion

References

A SAT Based Verification Framework for Wireless LAN Security Policy Managemen Supported by STRBAC Model

Introduction

Related Work

WLAN Security Policy Management System

Proposed Spatio-temporal RBAC Model for WLAN Policy Management

Modeling Basic RBAC Entities in the Proposed System

Modeling of Global Policy

SAT Based Security Property Verification

Boolean Modeling STRBAC Entities and Policy Configurations

SAT Solver and SAT Query Formulation

Conclusion

References

Detection and Classification of DDoS Attacks Using Fuzzy Inference System

Introduction

Review of Literature

System Architecture

Anomaly Detection Dataset

Alert Generation

Alert Preprocessing

Alert Classification Using Fuzzy Inference System

Implementation Details

Results and Discussion

Key Findings of the Research

Conclusion

References

Detection and Recognition of File Masquerading for E-mail and Data Security

Introduction

Problem Definition

Design Goals

File Type Detection Methods

Literature Survey

Byte Frequency Distribution Techniques

Metric Based Techniques

Proposed Technique

File Header/Trailer Analysis

Multiple Discriminant Analysis/Compound File Type Detection

Tested Environment

Conclusion

Future Work

References

Privacy Preserving Mining of Distributed Data Using Steganography

Introduction

Related Works

Proposed Approach: Steganography

Conclusions

References

First International Workshop on Trust Management in P2P Systems (IWTMP2PS 2010) P2P

Proxy Re-signature Scheme That Translates OneType of Signature Scheme to Another Type of Signature Scheme

Introduction

Definition of Proxy Re-signature Scheme

Proxy Re-signature Scheme to Translate One Type of Signature Scheme to Another Type

Schnorr Signature Scheme to RSA Signature Scheme

ElGamal Signature to RSA Signature Scheme

Proxy Signer Revocation

Properties of the New Proxy Re-signature Schemes

Security of Our Schemes

Conversion of One Type of Signature to Another Type:Applications

Conclusion

References

Efficient Region-Based Key Agreement for Peer -to - PeerInformation Sharing in Mobile Ad Hoc Networks

Introduction

Proposed Scheme

System Model

Network Dynamics

Communication Protocol

Applying Elliptic Curve Based Diffie-Hellman Key Exchange

Tree-Based Group Elliptic Curve Diffie-Hellman Protocol

Experimental Results and Discussion

Searching for Information [4,5,6]

Normal Search

Content Search

Performance Analysis

Storage Overhead

Communication Overhead

Computation Overhead

Conclusion and Future Work

References

A Power Adjustment Approach for Multi-channelMulti-AP Deployment Using Cognitive Radio Concept

Introduction

Related Work

The Proposed Approach

Algorithm for Power Adjustment

Conclusion

References

Conscience-Based Routing in P2P Networks: Preventing Copyright Violations and Social Malaise

Introduction

Related Work and Our Approach

Related Work

Our Unique Contributions

System Model

Protecting P2P Networks

Conscience Filters

Content Poisoning

Audit Trails

Circumventing Trust-Based Systems

Result Analysis

Creating Real-World Conscience

Conclusions and Future Work

References

Analysis of 802.11 Based Cognitive Networks and Cognitive Based 802.11 Networks

Introduction

Heuristic Cognitive Approach for IEEE 802.11 WLAN

IEEE 802.11 Architecture

Cognitive Radio

Proposed Heuristic Model

802.11 Based Cognitive Radio Network

Operation Principles of the System

Overview of IEEE 802.11 DCF

Proposed 802.11 Based Cognitive Design Spectrum Sensing

Conclusion

References

Privacy Layer for Business Intelligence

Introduction

Preserving Privacy

Our Approach

The Privacy Layer

Components of Privacy Layer

Conclusion

References

Analysis and Comparative Study of Different Backoff Algorithms with Probability Based Backoff Algorithm

Introduction

Overview of Existing Backoff Algorithms

Proposed Probability Based Backoff Algorithm

Comparative Analysis of BEB Algorithm, MBEB Algorithm and Proposed PBB Algorithm

Conclusion

References

Proof Of Erasability for Ensuring Comprehensive Data Deletion in Cloud Computing

Introduction

Related Work

Our Scheme

Setup Phase

SLA Details

Exposure Window

End of SLA Period

Destructor

Verifier

Proof of Destruction/Proof of Erasability

Analysis of Our Scheme

Conclusion

References

A Roadmap for the Comparison of Identity Management Solutions Based on State-of-the-Art IdM Taxonomies

Introduction

Related to This Work

Identity Management – A Survey

Selection of Vendors for the Survey

Selection of Evaluation Criteria

State-of-the-Art IdM Taxonomies

Review of Different IdMs

IBM Tivoli Identity Manager

Novell Identity Manager

Sun Java System Identity Manager

Oracle Identity Management

CA Identity Manager

Comparison Results

Future Work

Conclusion

References

BubbleTrust: A Reliable Trust Management for Large P2P Networks

Introduction

BasicConcept

Calculation

Basic Algorithm

Data Management

Provider and Evaluator Function

Optimized Algorithms

Algorithm with Cutting Off

Limiting Depth

Using Values from Previous Runs

Evaluation and Data Analysis

Conclusion and Future Work

References

Dynamic Policy Adaptation for Collaborative Groups

Introduction

System Model

Peer Behavior and Roles

Change of Roles

Detailed Working of the Framework

Group Discovery and Advertisement

Admission Request

Authentication

Key Management

PDTBAC- Policy Driven Trust Based Access Control for P$_2$P Applications

Trust Model in Presence of Malicious Peers

Context Sensitive Layered Reputation Model

Design of Trust Model

Modeling Dynamic Policies Using Prolog

Modeling Rules for Join

Modeling Rules for Level Update

Modeling Dynamic Rules

Overall Working of Framework with Prolog

Application Framework

Peer Behavior

Implementation Details

Simulations and Graphs

Related Work

Conclusion

References

A Deviation Based Outlier Intrusion Detection System

Introduction

Intruder

Intrusion

Intrusion Detection

IDS Classification

Contemporary Research

Proposed Approach

Approach

Model

Conclusion and Future Works

References

Privacy Preserving Ciphertext Policy Attribute Based Encryption

Introudction

Our Contribution

Related Work

Preliminaries

Bilinear Maps

Access Structure

Ciphertext Policy Attribute Based Encryption

Security Model for CP-ABE

Construction

Security Analysis

Conclusion

References

Reliable Timeout Based Commit Protocol

Introduction

Proposed Solution: Reliable Timeout Based Commit Protocol

Transaction Execution at MH

Transaction Execution at Coordinator i.e. at BS

Recovery Model

Performance Analysis of Reliable Timeout Based Commit Protocol

Results

Conclusion and Future Work

References

Proposed Security Model and Threat Taxonomy for the Internet of Things (IoT)

Introduction

IoT Objectives

Naming and Addressing

Device Discovery and Network Discovery

Content and Service Access

Communication

Security and Privacy

Security Requirements

Key Properties of IoT

Challenges

High Level Security Requirements

Security and Threat Taxonomy for IoT

Related Work

Identity Certificate Frameworks

Single Sign-On

Identity Federation

User-Centric Identity Management

Device Security

Proposed Security Model for IoT

Conclusion

References

Identity Management Framework towards Internet of Things (IoT): Roadmap and Key Challenges

Introduction

Architectural Framework and Design Constraints

Identity Management

Related Work

OpenId

Liberty Alliance

Card-Space

Shibboleth

Higgins

Identity Modeling and Requirement Matrix

Proposed IdM Framework

Conclusion

References

Reputation Enhancement in a Trust Management System

Introduction

Related Work

Extended TUX-TMS Model

Architecture of TUX-TMS

Parameters

Partitioning of the Users

Results and Discussion

Performance against Malicious Users

Performance in a Distributed Environment

Conclusion

References

A-Code: A New Crypto Primitive for Securing Wireless Sensor Networks

Introduction

Usage Scenario and Functional Requirements

The A-Code Primitive

The Experimental Platform

Experimental Results

Related Work

Conclusions and Future Work

References

Design of a Reliability-based Source Routing Protocol for Wireless Mobile Ad Hoc Networks

Introduction

Related Work

Description of the Reliability-based Source Routing Protocol

Motivation

Attack Model

Reliability Metric Table and Beacon Broadcasts

Reliability Metric of a Path

Sequence of Steps for the RSR Protocol

Logic behind the Use of the Probe Packet and the Public Key Certificate

RSR Route Maintenance

Increment vs. Decrement Costs

Conclusions and Future Work

References

Performance Evaluation and Detection of Sybil Attacks in Vehicular Ad-Hoc Networks

Introduction

Attacks on Vehicular Networks

Sybil Attack and Classification

Simulation of Sybil Attack in VANET

Simulation Parameters and Performance Metrics

Simulation Results

Related Work of Sybil Attack Detection

Proposed Sybil Attack Detection Technique for VANETs

Conclusions

References

Clustering Approach in Speech Phoneme Recognition Based on Statistical Analysis

Introduction

Related Work

Proposed Methodology

Conclusion and Limitations

References

Knowledge Base Compound Approach towards Spam Detection

Introduction

Spammer Approaches and Their Attack

Related Work

Proposed Methodology

Implementation and Analysis

Conclusion and Limitation

References

Trust Management Framework for UbiquitousApplications

Introduction

Security Approach for Typical Ubiquitous Applications

Related Work

Proposed Architecture for Trust Management Framework

Trust Value Calculation Using Inference Engine

Conclusion and Future Work

References

A Hybrid Address Allocation Algorithm for IPv6

Introduction

Existing IPv6 Address Allocation Algorithms

Bisection Allocation Algorithm

Rate-Sparse Allocation Algorithm

Existing Proposals on IPv6 Address Allocation Algorithms

Growth-based Address Partitioning Algorithm (GAP)

Common Address Pool (CAP)

Proposed Hybrid IPv6 Address Allocation Algorithm

Evaluation

Conclusion

References

Modeling and Performance Analysis of Efficient and Dynamic Probabilistic Broadcasting Algorithm in MANETs Routing Protocols

Introduction

Related Literature Reviews

Proposed Model of Efficient and Dynamic Probabilistic Broadcasting Algorithm (EDPB)

Simulation Experimental Setup and Performance Metrics

Result Analysis

Conclusions

References

A Trust-Based Detection Algorithm of Selfish Packet Dropping Nodes in a Peer-to-Peer Wireless Mesh Network

Introduction

Related Work

AODV and Modeling of the State Machine

Finite State Machine Model

The Proposed Algorithm

The Features of the Algorithm

The Detection Algorithm

Simulation Results

Conclusion and Future Work

References

A Distributed Trust and Reputation Framework for Mobile Ad Hoc Networks

Introduction

Related Work

Trust Manager

The Monitoring Module

The Reputation Handling Module

Simulation

Conclusion

References

Towards Designing Application Specific Trust Treated Model

Introduction

Motivation

Literature Review

Trust Models

Aspect-Oriented Methodologies

Trust Treated Model

Overview

Trust Modeling Process

Reputation Service - A Running Example

Conclusions and Future Work

References

First International Workshop on Database Management Systems (DMS 2010) and MWNS 2010

Security for Contactless Smart Cards Using Cryptography

Introduction

Methodology and Architecture

Implementation and Result

Evaluation and Limitations

Future Enhancements

Conclusion

References

A Novel Approach for Compressed Video Steganography

Introduction

Architecture

Embedding and Extraction Mechanism

Embedding Position Selection

Compressed Video Steganographic Algorithm

Adaptive Rules to Reduce Distortion

Pseudo-random Dithering

The Embedding Algorithm

The Extraction Algorithm

Experimental Result

Capacity and PSNR

Conclusion

References

Privacy Preserving Data Mining by Cyptography

Introduction

Privacy Preserving

Cryptography: Oblivious Transfer

Two Party Case

Two Multi Party Case

Conclusion

References

A Framework for Mining Strong Positive and Negative Association Rules of Frequent Objects in Spatial Database System Using Interesting Measure

Introduction

Proposed Framework

Proposed Algorithm

Analysis of Proposed Framework

Mining of Association Rules for Dense Dataset

Hyper-Linked Data Structure on Sparse Datasets

Performance Study and Experimental Results

Conclusion and Future Wok

References

Global Search Analysis of Spatial Gene Expression Data Using Genetic Algorithm

Introduction

Related Work

Proposed Approach

Approach Decomposition

Algorithm

Results and Discussion

Conclusion

References

Design and Implementation of Pessimistic Commit Protocols in Mobile Environments

Introduction

Mobile Database System

Pessimistic Commit Protocols

Architecture of Mobile Transaction Management System

Mapping Functionality to Architecture

Design and Implementation of Pessimistic Commit Protocols

Mobility Management in Pessimistic Protocols

Data Structures

Conclusion

References

On Analyzing the Degree of Coldnessin Iowa, a North Central Region,United States: An XML Exploitation in Spatial Databases

Introduction

Approach

NC94 Dataset

Canonical Storage for XML (CanStoreX)

Common GUI

ParaSQL Query

Color Coding Scheme

Formulation

Algorithm to Calculate the Degree of Coldness

Model to Calculate the Darkness

Results

Related Work

Conclusion and Future Work

References

Implementation of MPEG-7 Document Management System Based on Native Database

Introduction

Related Works

MPEG-7 Data Clustering

Design of MDMS

General Structure of MDMS

Schema Management Subsystem

Document Management Subsystem

Implementation of MDMS

Implementation Environment

MDMS Packages

Storage Structure

Comparison of MPEG-7 Document Clustering Method

Conclusions and Future Work

References

Author Index