The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Distributed storage platforms draw much attention due to their high reliability and scalability for handling a massive amount of data. To protect user and data privacy, encryption is considered as a necessary feature for production systems like Storj. But it prohibits the nodes from performing content search. To preserve the functionality, we observe that a protocol of integration with searchable...
A Tire Pressure Monitoring System (TPMS) is a system that monitors the air pressure and temperature in the tires, and reports real-time information to the driver via wireless communication for vehicle safety and efficiency. On the other hand, several privacy issues regarding TPMS have been reported at the same time. Most of the current TPMSs do not support cryptographic modules for security of the...
IP-based networks are prone to hardware failures, software errors and misconfigurations. This leads to service outages, such as those experienced by American Airlines in 2015. Moreover, cyber threats are becoming ever more sophisticated. As demonstrated by recent success stories of malware, such as the crimeware BlackEnergy, current defence solutions are insufficient to detect those anomalies and...
In Internet of Things (IoT) era, everybody can access data anytime and anywhere. Information in a data center can be accessed by users using end-user devices such as a laptop, smartphone, and Personal Computer. The data should be secured and cannot be accessed by illegal users from the environment monitoring. To secure and prevent the sensor data from illegal access by the user then it is required...
Cyber-attacks from terrorist, national enemies, disgruntled employees are on the rise now on an Oil Refineries, on shore petroleum fields, off-shore Platforms, Oil and Gas Pipe Lines which will have a catastrophic impact on oil production and in turn on economy of the country, it can also cause serious damage to the environment living being, and even human lives. There is a dire need to protect Petroleum...
There is a rapidly growing interest in the field of unmanned road vehicles across the world. To aid the traffic management of such systems, there is an urgent need to develop appropriate security protocols facilitating car-to-car and car-to-traffic controller systems. Ensuring security requires both confidentiality (will be understandable only to intended recipients) as well as authenticity (message...
The DTLS (Datagram Transport Layer Security) protocol allows a huge number of delay-sensitive applications to communicate in a secure channel, and its security research is growing with significant importance. We propose an attack framework to recovery plaintext in DTLS. Our attack leverages the cache side-channel attack to obtain necessary information, and then a padding oracle attack is performed...
In this paper, we introduce a security protocol for wireless sensor network which is designed for monitoring long range power transmission lines in smart grid. The proposed security protocol provides authentications to the sensor nodes and the information data, and the encryption for uplink and downlink information of the power line monitoring sensor network. Different from the existing protocol,...
In today's world, there is a strong need for sharing big data for collaboration. However, privacy and security remains a barrier especially when dealing with massive amounts of data in the Cloud. In particular, there is a growing need for the data owner to gain better access control over their data. The data owner should be able to specify how their data should be viewed, copied and modified. A dishonest...
Address resolution process' main work is convert IP address to physical address, detecting whether happened address conflicts, performing address reach ability testing, etc. Address resolution protocols (ARP or NDP) are important basic agreements of internet. There have been security problems because the protocol assumes that all nodes are reliable, lead to security problems. This paper reviewed the...
In today's classified networks, system health and availability are crucial to support the mission needs of the US Government. Inclusion of sensing appliances into these sensitive networks has been a priority for several years to achieve the situational awareness of the network. The purpose of this paper is to demonstrate how an encryptor at the network boundaries enhanced with Deep Packet Inspection...
In document authentication, the context refers to the ability to trace the origins of a document to a given person, the device that produced it, or the time and/or place it was produced. Forgeries pose significant dangers in terms of authentication and trust. Therefore, it is essential to maintain the integrity of important documents to prevent document content modification by an intruder. Here, we...
Cross-domain Internet-scale collaborative security is affected by a native dichotomy. On one side, sharing of monitoring data across domains may significantly help in detecting large scale threats and attacks; on the other side, data sharing conflicts with the need to protect network customers' privacy and confidentiality of business and operational information. The approach first proposed in this...
Unattended Wireless Sensors Networks (UWSNs) are emerging Wireless Sensor Networks (WSNs) characterized by periodic absence of trusted entities, like the Sink Collectors. The time periods with no sink attendance, force the network sensors to locally store collected data until the next sink visit. This means that data collection is not performed in real time, but it falls at regular intervals. Such...
We describe our experiences implementing the master-key recovery attack against the High-Bandwidth Digital Content Protection Protocol (HDCP). We recovered the private keys from 41 HDCP-capable monitors using the key extraction attack of Irwin. We then used the master-key recovery attack of Crosby, et al. to compute the HDCP global secret. The attack used commodity hardware and did not damage the...
There is usually a tradeoff between security strength and computing power in a real time health monitoring system. In this paper, we firstly investigated the performance of several cryptographic protocols for different data sizes applied on the system in different network condition, and then presented a security protocol adaption scheme allowing to automatically change the encryption algorithm to...
Intrusion Detection Systems (IDS) are integral components for the detection of malicious code and attacks. Detection methods can be differentiated in signature-based and anomaly-based systems. While the former ones search for well-known patterns which are available in a database, the latter ones build a model of the normal behavior of a network and later on attacks can be detected by measuring significant...
As the modern society becomes increasingly dependent on software, how to develop Trustworthy Software(TS) systems is considered a critical issue by academia, government and industry. The domain of our work focused on the reliability research on UNIX system, which is the famous and widely used operation system in the world, and adopts C/S software architecture. However, when the user remote login the...
In designing an electronic voting protocol factors such as security, simplicity, justice, and easily communicate should be considered. In general, an electronic voting protocol security how is higher, is more complex, but this problem has been solved because of the new protocol using a fixed blind signature scheme. The advantage of this protocol in the same samples that the same simply has higher...
In this paper we present a new approach for identifying the crypto routines in different types of malware. In traditional malware analysis, like sandboxing, network data is examined as seen on the wire or data is collected as it is written to a file. The use of proprietary binary formats, obfuscation, or encryption hides important details, which are necessary for investigating malicious behavior....
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.