Identifying the Phishing Websites Using the Patterns of TLS Certificates

With the recent rise of HTTPS adoption on the Web, attackers have begun “HTTPSifying” phishing websites. HTTPSifying a phishing website has the advantage of making the website appear legitimate and evading conventional detection methods that leverage URLs or web contents in the network. Further, adopting HTTPS could also contribute to generating intrinsic footprints and provide defenders with a great opportunity to monitor and detect websites, including phishing sites, as they would need to obtain a public-key certificate issued for the preparation of the websites. The potential benefits of certificate-based detection include (1) the comprehensive monitoring of all HTTPSified websites by using certificates immediately after their issuance, even if the attacker utilizes dynamic DNS (DDNS) or hosting services; this could be overlooked with the conventional domain-registration-based approaches; and (2) to detect phishing websites before they are published on the Internet.

Read more...

Authentication Mechanisms in the 5G System

The 5G system introduces multiple new authentication mechanisms. The initial 5G specification in 3GPP Release 15 defines the initial security solution including primary and secondary authentication. Further enhancements and additional security features are added in Release 16; some of them introduce new types of authentication. As a result, the scope and meaning of ‘authentication’ has expanded. This is a new trend in the 5G system as it introduces new concepts that did not exist in the preceding generation systems. One such example is the slice authentication for which the authentication is performed at the network slice level. As a result, the authentication mechanisms become more complex. This paper clarifies the details of each of these different authentication mechanisms.

Read more...

Blockchain-based Trusty Buyer Coalition Scheme Using A Group Signature

Without trust, buyers may not join a coalition. Despite the tremendous need for trustworthy relationships in buyer coalitions, no current buyer coalition scheme explicitly tackles confidence issues with blockchain technology. This study proposes an algorithmic design, the blockchain-based trusty buyer coalition scheme, to satisfy the trust requirement among different actors while forming the coalition. All activities forming a coalition through a decentralized public ledger can be explicitly examined. Consequently, the proposed algorithm can ensure anonymity within a community, resulting in trusting relationships. Furthermore, the proposed algorithm can ensure correctness and accountability by recognizing misbehavior and enforcing alternative forms of punishment. Additionally, the discovered algorithm can be applied to mobile commerce applications.

Read more...

Data Tamper Detection from NoSQL Database in Forensic Environment

Abstract: The growth of service sector is increasing the usage of digital applications worldwide. These digital applications are making use of database to store the sensitive and secret information. As the database has distributed over the internet, cybercrime attackers may tamper the database to attack on such sensitive and confidential information. In such scenario, maintaining the integrity of database is a big challenge. Database tampering will change the database state by any data manipulation operation like insert, update or delete. Tamper detection techniques are useful for the detection of such data tampering which play an important role in database forensic investigation process. Use of NoSQL database has been attracted by big data requirements. Previous research work has limited to tamper detection in relational database and very less work has been found in NoSQL database. So there is a need to propose a mechanism to detect the tampering of NoSQL database systems. Whereas this article proposes an idea of tamper detection in NoSQL database such as MongoDB and Cassandra, which are widely used document-oriented and column-based NoSQL database respectively. This research work has proposed tamper detection technique which works in forensic environment to give more relevant outcome on data tampering and distinguish between suspicious and genuine tampering.

Read more...

Database Security Enhancement by Eliminating the Redundant and Incorrect Spelled Data Entries

Database is used for storing the data in an easy and efficient format. In recent days large size of data has been generated through number of applications and same has been stored in the database. Considering the importance of data in every sector of digitized world, it is foremost important to secure the data. Hence, database security has been given a prime importance in every organization. Redundant data entries may stop the functioning of the database.

Read more...

A Secure Trust-aware Cross-layer Routing Protocol for Vehicular Ad hoc Networks

VANETs currently represent one of the most prominent solutions that aim to reduce the number of road accident victims and congestion problems while improving the quality of driving. VANETs form a very dynamic open network in which vehicles exchange information and warnings about road situations and other traffic information through several routing protocols, without any intermediate control.

Read more...

A Boosted Performances of NTRUencrypt Post-Quantum Cryptosystem

Abstract: The bottleneck of all cryptosystems is the difficulty of the computational complexity of the polynomials multiplication, vectors multiplication, etc. Thus most of them use some algorithms to reduce the complexity of the multiplication like NTT, Montgomery, CRT, and Karatsuba algorithms, etc. We contribute by creating a new release of NTRUencrypt1024 with great improvement, by using our own polynomials multiplication algorithm operate in the ring of the form Rq=Zq[X]/(XN+1), combined to Montgomery algorithm rather than using the NTT algorithm as used by the original version.

Read more...

Evaluating and Improving a Content Delivery Network (CDN) Workflow using Stochastic Modelling

Abstract: Content Delivery Networks (CDN) are the backbone of Internet. A lot of research has been done to make CDNs more reliable. Despite that, the world has suffered from CDN inefficiencies quite a few times, not just due to external hacking attempts but due to internal failures as well. In this research work the authors have analyzed the performance of a content delivery network through various reliability measures.

Read more...

DDOS Detection on Internet of Things Using Unsupervised Algorithms

The increase in the deployment of IOT networks has improved productivity of humans and organisations. However, IOT networks are increasingly becoming platforms for launching DDOS attacks due to inherent weaker security and resource-constrained nature of IOT devices. This paper focusses on detecting DDOS attack in IOT networks by classifying incoming network packets on the transport layer as either “Suspicious” or “Benign” using unsupervised machine learning algorithms.

Read more...

A Lightweight Security Scheme (LSS) for Wireless Node Communication for Border Surveillance System

The physical breach across the borders is a very common issue these days among nations sharing boundaries. It is controlled via proper border surveillance system. The border surveillance system is trivially a physical border intrusion detection system in which CCTV cameras are used traditionally to observe manually the presence of some intruder. Instead, we utilize the raspberry PI controller board based wireless sensor nodes fitted with raspberry PI camera for identifying the intruder.

Read more...