An Enhanced Sybil Guard to Detect Bots in Online Social Networks

Sybil accounts are swelling in popular social networking sites such as Twitter, Facebook etc. owing to cheap subscription and easy access to large masses. A malicious person creates multiple fake identities to outreach and outgrow his network. People blindly trust their online connections and fall into trap set up by these fake perpetrators. Sybil nodes exploit OSN’s ready-made connectivity to spread fake news, spamming, influencing polls, recommendations and advertisements, masquerading to get critical information, launching phishing attacks etc. Such accounts are surging in wide scale and so it has become very vital to effectively detect such nodes. In this research a new classifier (combination of Sybil Guard, Twitter engagement rate and Profile statistics analyser) is developed to combat such Sybil nodes. The proposed classifier overcomes the limitations of structure based, machine learning based and behaviour-based classifiers and is proven to be more accurate and robust than the base Sybil guard algorithm.

Read more...

Identifying the Phishing Websites Using the Patterns of TLS Certificates

With the recent rise of HTTPS adoption on the Web, attackers have begun “HTTPSifying” phishing websites. HTTPSifying a phishing website has the advantage of making the website appear legitimate and evading conventional detection methods that leverage URLs or web contents in the network. Further, adopting HTTPS could also contribute to generating intrinsic footprints and provide defenders with a great opportunity to monitor and detect websites, including phishing sites, as they would need to obtain a public-key certificate issued for the preparation of the websites. The potential benefits of certificate-based detection include (1) the comprehensive monitoring of all HTTPSified websites by using certificates immediately after their issuance, even if the attacker utilizes dynamic DNS (DDNS) or hosting services; this could be overlooked with the conventional domain-registration-based approaches; and (2) to detect phishing websites before they are published on the Internet.

Read more...

Authentication Mechanisms in the 5G System

The 5G system introduces multiple new authentication mechanisms. The initial 5G specification in 3GPP Release 15 defines the initial security solution including primary and secondary authentication. Further enhancements and additional security features are added in Release 16; some of them introduce new types of authentication. As a result, the scope and meaning of ‘authentication’ has expanded. This is a new trend in the 5G system as it introduces new concepts that did not exist in the preceding generation systems. One such example is the slice authentication for which the authentication is performed at the network slice level. As a result, the authentication mechanisms become more complex. This paper clarifies the details of each of these different authentication mechanisms.

Read more...

Blockchain-based Trusty Buyer Coalition Scheme Using A Group Signature

Without trust, buyers may not join a coalition. Despite the tremendous need for trustworthy relationships in buyer coalitions, no current buyer coalition scheme explicitly tackles confidence issues with blockchain technology. This study proposes an algorithmic design, the blockchain-based trusty buyer coalition scheme, to satisfy the trust requirement among different actors while forming the coalition. All activities forming a coalition through a decentralized public ledger can be explicitly examined. Consequently, the proposed algorithm can ensure anonymity within a community, resulting in trusting relationships. Furthermore, the proposed algorithm can ensure correctness and accountability by recognizing misbehavior and enforcing alternative forms of punishment. Additionally, the discovered algorithm can be applied to mobile commerce applications.

Read more...

Data Tamper Detection from NoSQL Database in Forensic Environment

Abstract: The growth of service sector is increasing the usage of digital applications worldwide. These digital applications are making use of database to store the sensitive and secret information. As the database has distributed over the internet, cybercrime attackers may tamper the database to attack on such sensitive and confidential information. In such scenario, maintaining the integrity of database is a big challenge. Database tampering will change the database state by any data manipulation operation like insert, update or delete. Tamper detection techniques are useful for the detection of such data tampering which play an important role in database forensic investigation process. Use of NoSQL database has been attracted by big data requirements. Previous research work has limited to tamper detection in relational database and very less work has been found in NoSQL database. So there is a need to propose a mechanism to detect the tampering of NoSQL database systems. Whereas this article proposes an idea of tamper detection in NoSQL database such as MongoDB and Cassandra, which are widely used document-oriented and column-based NoSQL database respectively. This research work has proposed tamper detection technique which works in forensic environment to give more relevant outcome on data tampering and distinguish between suspicious and genuine tampering.

Read more...

Database Security Enhancement by Eliminating the Redundant and Incorrect Spelled Data Entries

Database is used for storing the data in an easy and efficient format. In recent days large size of data has been generated through number of applications and same has been stored in the database. Considering the importance of data in every sector of digitized world, it is foremost important to secure the data. Hence, database security has been given a prime importance in every organization. Redundant data entries may stop the functioning of the database.

Read more...

A Secure Trust-aware Cross-layer Routing Protocol for Vehicular Ad hoc Networks

VANETs currently represent one of the most prominent solutions that aim to reduce the number of road accident victims and congestion problems while improving the quality of driving. VANETs form a very dynamic open network in which vehicles exchange information and warnings about road situations and other traffic information through several routing protocols, without any intermediate control.

Read more...

A Boosted Performances of NTRUencrypt Post-Quantum Cryptosystem

Abstract: The bottleneck of all cryptosystems is the difficulty of the computational complexity of the polynomials multiplication, vectors multiplication, etc. Thus most of them use some algorithms to reduce the complexity of the multiplication like NTT, Montgomery, CRT, and Karatsuba algorithms, etc. We contribute by creating a new release of NTRUencrypt1024 with great improvement, by using our own polynomials multiplication algorithm operate in the ring of the form Rq=Zq[X]/(XN+1), combined to Montgomery algorithm rather than using the NTT algorithm as used by the original version.

Read more...