ISSN: 2032-9393
Downloads: 31459
Submit Article
Submission Instructions
Ethics and Malpractice Statement
Most Recent Issue
2018
Issue 18Issue 17Issue 16Issue 15
2017
Issue 14Issue 13Issue 12Issue 11
2016
Issue 10Issue 9Issue 8Issue 7
2015
Issue 6Issue 5Issue 4Issue 3
2011
Issue 2Issue 1

EAI Endorsed Transactions on Security and Safety

An open access journal abstracted/indexed in DOAJ, DBLP, CrossRef, EBSCO Discovery Services, and WorldCat. It focuses on security and safety of network and service infrastructures, with no publishing fees.

Editor(s)-in-Chief: Sencun Zhu and Leandros A. Maglaras

Growing threats and increasingly also failures due to complexity may compromise the security and resilience of network and service infrastructures. Applications and services require security of data handling and we need new security architectures and scalable and interoperable security policies for this. There is a need to guarantee end-to-end security in data communications and storage, including identity management and authentication.

Moreover, we need technology to enable network security monitoring and tracing and to assess the trustworthiness of infrastructures and services. It must ensure the protection of personal data and privacy and to properly assign liability and risks, together with the appropriate governance models needed to do so. Furthermore this is applied to the settings of Public Safety in general.

Guest editor: Leandros A. Maglaras (De Montfort University of Leicester, U.K.)

Guest editor: Mohamed Amine Ferrag (Guelma University, Algeria)

Call for Papers: Special issue on Cyber Security of Critical Infrastructures (Submission Deadline: November 30, 2018)

  • Abdulaleem Z. M. Al-Othmani (University Kuala Lumpur (UniKL)
  • Andrew Crampton (Huddersfield University)
  • Arosha Bandara (The Open University)
  • Artemios G. Voyiatzis (SBA Research)
  • Dimitrios Katsaros (University of Thessaly)
  • Giampaolo Bella (Università di Cataia)
  • Hamed Taherdoost (Hamta Business Solution Snd Bhd, Ahoora Ltd Management Consultation Group)
  • Heng Zhang (Western Sydney University)
  • John Yen (Pen-state University)
  • Kieran McLaughlin (Queens Belfast University)
  • Martin Boldt (Blekinge Institute of Technology)
  • Mohamed Amine Ferrag (Guelma University)
  • Mohammed Atiquzzaman (University of Oklahoma)
  • Shujun Li (University of Surrey)
  • Simona Bernardi (University of Zaragoza, Spain)
  • Sokratis Katsikas (University of Piraeus)
  • Steven Furnell (Plymouth University)
  • Thomas Brandstetter (Limes security)
  • Tiago J. Cruz (Coimbra University)
  • Simon Parkinson (University of Huddersfield)
  • Kaiqi Xiong (University of South Florida)

Leandros A. Maglaras1

Dr. Leandros Maglaras (DMU) received the B.Sc. degree from Aristotle University of Thessaloniki, Greece in 1998, M.Sc. in Industrial Production and Management from University of Thessaly in 2004 and M.Sc. and PhD degrees in Electrical & Computer Engineering from University of Volos, in 2008 and 2014 respectively. He is currently a visiting Lecturer in the School of Computer Science and Informatics at the De Montfort University, U.K. During 2014 he was a Research Fellow in the Department of Computer at the University of Surrey, U.K. He has participated in various research programs investigating vehicular and ICT technologies (C4C-project.eu, reduction-project.eu), sustainable development (islepact.eu, Smilegov), cyber security (cockpitci.eu, fastpass-project.eu) and optimization and prediction of the dielectric behavior of air gaps (optithesi.webs.com). He serves on the Editorial Board of several International peer-reviewed journals such as Wiley Journal on Security & Communication Networks, EAI Transactions on e-Learning and EAI Transactions on Industrial Networks and Intelligent Systems. He is general (co-)Chair of INISCOM 2016, a new, annual, EAI and Springer sponsored conference on industrial networks and intelligent systems. He is an author of more than 60 papers in scientific magazines and conferences and is a senior member of IEEE. His research interests include wireless sensor networks and vehicular ad hoc networks.


1: School of Computer Science and Informatics at the De Montfort University, U.K.

  • HProve: A Hypervisor Level Provenance System to Reconstruct Attack Story Caused by Kernel Malware

    Appears in:
    sesa 19(18): e5

    Authors:
    Chonghua Wang, Libo Yin, Jun Li, Xuehong Chen, Rongchao Yin, Xiaochun Yun, Yang Jiao, Zhiyu Hao

    Published:
    25th Jan 2019

    Abstract:
    Provenance of system subjects (e.g., processes) and objects (e.g., files) are very useful for many forensics tasks. In our analysis and comparison of existing Linux provenance tracing systems, we found that most systems assume the Linux kernel to be in the trust base, making these systems vulnerable…Provenance of system subjects (e.g., processes) and objects (e.g., files) are very useful for many forensics tasks. In our analysis and comparison of existing Linux provenance tracing systems, we found that most systems assume the Linux kernel to be in the trust base, making these systems vulnerable to kernel level malware. To address this problem, we present HProve, a hypervisor level provenance tracing system to reconstruct kernel malware attack story. It monitors the execution of kernel functions and sensitive objects, and correlates the system subjects and objects to form the causality dependencies for the attacks. We evaluated our prototype on 12 real world kernel malware samples, and the results show that it can correctly identify the provenance behaviors of the kernel malware with a minor performance overhead.
     more »

  • Towards Scalability Trade-off and Security Issues in State-of-the-art Blockchain

    Appears in:
    sesa 19(18): e4

    Author:
    Debasis Gountia

    Published:
    25th Jan 2019

    Abstract:
    Blockchain is the latest technology developed in recent years for storing and sharing valuable information about transactions. This technology applies different methods for storing information that is unlike other existing traditional ways. Blockchain technology is an excellent example of maintaini…Blockchain is the latest technology developed in recent years for storing and sharing valuable information about transactions. This technology applies different methods for storing information that is unlike other existing traditional ways. Blockchain technology is an excellent example of maintaining privacy and security (in terms of immutability). As it does not need any control of central unit, it has tremendous impacts on many organizations involving from business to education and finance. This technology has a lot of attractive features that make it very popular from day to day in the domain of technology. But then also we have to pertain to the scalability and security challenges in this technology for more honorable and reliable in state-of-the-art Blockchain technology.
     more »

  • A Machine Learning Based Approach for Mobile App Rating Manipulation Detection

    Appears in:
    sesa 19(18): e3

    Authors:
    Yang Song, Chen Wu, Sencun Zhu, Haining Wang

    Published:
    25th Jan 2019

    Abstract:
    In order to promote apps in mobile app stores, for malicious developers and users, manipulating average rating is a popular and feasible way. In this work, we propose a two-phase machine learning approach to detecting app rating manipulation attacks. In the first learning phase, we generate feature …In order to promote apps in mobile app stores, for malicious developers and users, manipulating average rating is a popular and feasible way. In this work, we propose a two-phase machine learning approach to detecting app rating manipulation attacks. In the first learning phase, we generate feature ranks for different app stores and find that top features match the characteristics of abused apps and malicious users. In the second learning phase, we choose top N features and train our models for each app store. With cross-validation, our training models achieve 85% f-score. We also use our training models to discover new suspicious apps from our data set and evaluate them with two criteria. Finally, we conduct some analysis based on the suspicious apps classified by our training models and some interesting results are discovered.
     more »

  • Exploring the Privacy Bound for Differential Privacy: From Theory to Practice

    Appears in:
    sesa 19(18): e2

    Authors:
    Xianmang He, Yuan Hong, Yindong Chen

    Published:
    25th Jan 2019

    Abstract:
    Data privacy has attracted significant interests in both database theory and security communities in the past few decades. Differential privacy has emerged as a new paradigm for rigorous privacy protection regardless of adversaries prior knowledge. However, the meaning of privacy bound ꞓ and how to s…Data privacy has attracted significant interests in both database theory and security communities in the past few decades. Differential privacy has emerged as a new paradigm for rigorous privacy protection regardless of adversaries prior knowledge. However, the meaning of privacy bound ꞓ and how to select an appropriate ꞓ may still be unclear to the general data owners. More recently, some approaches have been proposed to derive the upper bounds of ꞓ for specified privacy risks. Unfortunately, these upper bounds suffer from some deficiencies (e.g., the bound relies on the data size, or might be too large), which greatly limits their applicability. To remedy this problem, we propose a novel approach that converts the privacy bound in differential privacy ꞓ to privacy risks understandable to generic users, and present an in-depth theoretical analysis for it. Finally, we have conducted experiments to demonstrate the effectiveness of our model.
     more »

  • Monitoring and Improving Managed Security Services inside a Security Operation Center

    Appears in:
    sesa 19(18): e1

    Authors:
    Mina Khalili, Mengyuan Zhang, Daniel Borbor, Lingyu Wang, Nicandro Scarabeo, Michel-Ange Zamor

    Published:
    25th Jan 2019

    Abstract:
    Monitoring and improving the performance of Security Operation Centers (SOC) are becoming crucial due to the emerging need of benefiting from Managed Security Services (MSS) rather than hiring in-house security experts. In this paper, by observing workflows of a real-world SOC, a system consisting of…Monitoring and improving the performance of Security Operation Centers (SOC) are becoming crucial due to the emerging need of benefiting from Managed Security Services (MSS) rather than hiring in-house security experts. In this paper, by observing workflows of a real-world SOC, a system consisting of three different modules is designed for monitoring analysts’ activities, analysis performance measurement, and performing simulation scenarios. The system empowers managers to evaluate the SOC’s performance, which helps them to conform to Service Level Agreement (SLA) and see the need for improvement. Moreover, the designed system is strengthened by a background service module to provide feedback about anomalies or informative issues for security analysts. Three case studies have been conducted based on real data collected from the operational SOC, and simulation results have demonstrated the effectiveness of the different modules of the designed system in improving the SOC performance.
     more »

  • Threat Modeling for Cloud Infrastructures

    Appears in:
    sesa 18(17): e5

    Authors:
    Nawaf Alhebaishi, Lingyu Wang, Anoop Singhal

    Published:
    21st Dec 2018

    Abstract:
    Today’s businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastruc…Today’s businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastructures is naturally more challenging than in traditional networks. This is evidenced by the fact that there are limited efforts on threat modeling for cloud infrastructures. In this paper, we conduct comprehensive threat modeling exercises based on two representative cloud infrastructures using several popular threat modeling methods, including attack surface, attack trees, attack graphs, and security metrics based on attack trees and attack graphs, respectively. Those threat modeling efforts may provide cloud providers useful lessons toward better understanding and improving the security of their cloud infrastructures. In addition, we show how hardening solution can be applied based on the threat models and security metrics through extended exercises. Such results may not only benefit the cloud provider but also embed more confidence in cloud tenants by providing them a clearer picture of the potential threats and mitigation solutions.
     more »

  • Improving Network Intrusion Detection Classifiers by Non-payload-Based Exploit-Independent Obfuscations: An Adversarial Approach

    Appears in:
    sesa 18(17): e4

    Authors:
    Ivan Homoliak, Martin Teknös, Martín Ochoa, Dominik Breitenbacher, Saeid Hosseini, Petr Hanacek

    Published:
    21st Dec 2018

    Abstract:
    Machine-learning based intrusion detection classifiers are able to detect unknown attacks, but at the same time they may be susceptible to evasion by obfuscation techniques. An adversary intruder which possesses a crucial knowledge about a protection system can easily bypass the detection module. T…Machine-learning based intrusion detection classifiers are able to detect unknown attacks, but at the same time they may be susceptible to evasion by obfuscation techniques. An adversary intruder which possesses a crucial knowledge about a protection system can easily bypass the detection module. The main objective of our work is to improve the performance capabilities of intrusion detection classifiers against such adversaries. To this end, we firstly propose several obfuscation techniques of remote attacks that are based on the modification of various properties of network connections; then we conduct a set of comprehensive experiments to evaluate the effectiveness of intrusion detection classifiers against obfuscated attacks. We instantiate our approach by means of a tool, based on NetEm and Metasploit, which implements our obfuscation operators on any TCP communication. This allows us to generate modified network traÿc for machine learning experiments employing features for assessing network statistics and behavior of TCP connections. We perform evaluation on five classifiers: Gaussian Naïve Bayes, Gaussian Naïve Bayes with kernel density estimation, Logistic Regression, Decision Tree, and Support Vector Machines. Our experiments confirm the assumption that it is possible to evade the intrusion detection capability of all classifiers trained without prior knowledge about obfuscated attacks, causing an exacerbation of the TPR ranging from 7.8% to 66.8%. Further, when widening the training knowledge of the classifiers by a subset of obfuscated attacks, we achieve a significant improvement of the TPR by 4.21% – 73.3%, while the FPR is deteriorated only slightly (0.1% – 1.48%). Finally, we test the capability of an obfuscations-aware classifier to detect unknown obfuscated attacks, where we achieve over 90% detection rate on average for most of the obfuscations.
     more »

  • BluePass: A Mobile Device Assisted Password Manager

    Appears in:
    sesa 18(17): e3

    Authors:
    Yue Li, Haining Wang, Kun Sun

    Published:
    21st Dec 2018

    Abstract:
    With the growing number of online accounts a user possesses, managing passwords has been unprecedentedly challenging. Password managers have emerged to help users managing their passwords. However, state-of-the-art cloud based password managers are vulnerable to data breach and a master password be…With the growing number of online accounts a user possesses, managing passwords has been unprecedentedly challenging. Password managers have emerged to help users managing their passwords. However, state-of-the-art cloud based password managers are vulnerable to data breach and a master password becomes a single point of failure. To address these security vulnerabilities, we propose BluePass, a password manager that stores the password vault (i.e., the set of all the encrypted site passwords of a user) locally in a mobile device and a decryption key to the vault in the user computer. BluePass partially inherits the security characteristics of two-factor authentication by requiring both a mobile device and a master password to retrieve and decrypt the site passwords. BluePass leverages short-range nature of Bluetooth to automatically retrieve site passwords and fill the login fields, providing a hand-free user experience.
     more »

  • Secure Communication in VANET Broadcasting

    Appears in:
    sesa 18(17): e2

    Authors:
    Muhammad Jafer, M. Arif Khan, Sabih ur Rehman, Tanveer A. Zia

    Published:
    21st Dec 2018

    Abstract:
    Broadcasting is a communication mechanism utilized in VANET architecture that facilitates in disseminated of public information to help reduce traffic jams/congestions. The authentic and genuine nature of public information is required to be maintained to avoid broadcasting of false information cau…Broadcasting is a communication mechanism utilized in VANET architecture that facilitates in disseminated of public information to help reduce traffic jams/congestions. The authentic and genuine nature of public information is required to be maintained to avoid broadcasting of false information causing mass panic and hysteria. Therefore, it is of utmost importance to secure the broadcasting information so that an intruder is unable to alter any information without compromising public nature of the information. In this paper, we have proposed a secure broadcasting architecture consisting of different layers stacked together in different formation according to operating modes. A real-time simulation model is developed in Python, while simulations are run on a supercomputer for the purpose of gathering results for highway environments. We compare the results of the proposed secure highway architecture with unsecure architecture. Overall, the results show delayed propagation time due to the availability of multiple information packets as well as prioritization of these information packets. However, there was no significant difference in retransmission of different information packets when compared with either different broadcasting probability or unsecure highway scenario, which indicates an effective as well as efficient, secure broadcasting architecture.
     more »

  • Bridging the Gap Between Security Tools and SDN Controllers

    Appears in:
    sesa 18(17): e1

    Authors:
    Li Wang, Dinghao Wu

    Published:
    21st Dec 2018

    Abstract:
    Software-Defined Networking (SDN) is a promising paradigm to improve network security protections. However, current SDN-based security solutions can hardly provide suÿcient protections in a real SDN network, due to several reasons: 1) they are implemented at either the centralized SDN controllers o…Software-Defined Networking (SDN) is a promising paradigm to improve network security protections. However, current SDN-based security solutions can hardly provide suÿcient protections in a real SDN network, due to several reasons: 1) they are implemented at either the centralized SDN controllers or the decentralized network devices, which are subject to a performance limitation; 2) their designs are confined by the SDN network characteristics and can only provide limited security functions; and 3) many solutions have deployment challenges and compatibility issues. In this paper, we propose SecControl, a practical network protection framework combining the existing security tools and SDN technologies, to produce a comprehensive network security solution in an SDN environment. We implement a SecControl prototype with OpenFlow and evaluate its effectiveness and performance. Our experiment shows that SecControl can cooperate with many mainstream security tools and provide effective defense responses over SDN-supported networks.
     more »

  • Mouse Underlaying: Global Key and Mouse Listener Based on an Almost Invisible Window with Local Listeners and Sophisticated Focus

    Appears in:
    sesa 18(15): e5

    Author:
    Tim Niklas Witte

    Downloads:
    4551

    Abstract:
    Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim’s machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection tech…Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim’s machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection techniques against keyloggers become increasingly better. This article presents the method of Mouse Underlaying for creating a new kind of software based keyloggers. This method is implemented in Java for testing countermeasures concerning keylogger protection, virtual keyboard, signatures and behavior detection by anti-virus programs. Products of various manufacturers are used for demonstration purposes. All of them failed without an exception. In addition, the reasons why these products failed are analyzed, and moreover, measures against Mouse Underlaying are developed based on the demonstration results.
     more »

  • A Deep Learning Approach for Network Intrusion Detection System

    Appears in:
    sesa 16(9): e2

    Authors:
    Ahmad Javaid, Quamar Niyaz, Weiqing Sun, Mansoor Alam

    Downloads:
    3250

    Abstract:
    A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches in their organizations. However, many challenges arise while developing a flexible and efficient NIDS for unforeseen and unpredictable attacks. We propose a deep learning based approach for…A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches in
    their organizations. However, many challenges arise while
    developing a flexible and efficient NIDS for unforeseen and unpredictable attacks. We propose a deep learning based approach for developing such an efficient and flexible NIDS.
    We use Self-taught Learning (STL), a deep learning based technique, on NSL-KDD - a benchmark dataset for network
    intrusion. We present the performance of our approach and compare it with a few previous work. Compared metrics include accuracy, precision, recall, and f-measure values.
     more »

  • Threats, Countermeasures and Attribution of Cyber Attacks on Critical Infrastructures

    Appears in:
    sesa 18(16): e1

    Authors:
    Leandros Maglaras, Mohamed Amine Ferrag, Abdelouahid Derhab, Mithun Mukherjee, Helge Janicke, Stylianos Rallis

    Downloads:
    990

    Abstract:
    As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threat…As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classified according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace keeping.
     more »

  • A V2X Message Evaluation Methodology and Cross-Domain Modelling of Safety Applications in V2X-enabled E/E-Architectures

    Appears in:
    sesa 16(8): e1

    Authors:
    Harald Bucher, Marius-Florin Buciuman, Alexander Klimm, Oliver Sander, Jürgen Becker

    Downloads:
    856

    Abstract:
    The introduction of Vehicular Ad-Hoc Networks (VANETs) enables great potential for improving road traffic flow and especially active safety applications such as cooperative adaptive cruise control (CACC). Such applications not only rely on continuous broadcast of vehicle state information (beacons)…The introduction of Vehicular Ad-Hoc Networks (VANETs) enables great potential for improving road traffic flow and especially active safety applications such as cooperative adaptive cruise control (CACC). Such applications not only rely on continuous broadcast of vehicle state information (beacons) of all vehicles, but also have strict real-time requirements. Regarding automotive E/E architectures this continuous broadcasting adds heavy internal E/E data traffic that needs to be processed in real-time by Electronic Control Units (ECUs).
    In this work we address this issue by proposing a novel cluster-based message evaluation methodology to significantly reduce internal E/E network traffic by discarding irrelevant messages. The approach is only depending on information received over beacons. It combines a vehicle clustering strategy as well as network and vehicle state monitoring capabilities in order to correctly evaluate messages under real-time constraints. The proposed methodology is modeled inside an abstract ECU. It is evaluated by simulating a model-based CACC application under different traffic scenarios. It is shown that a significant reduction of messages is achievable, while still guaranteeing accident-free behavior of CACC.
     more »

  • Reviewing the book “Principles of Cyber-physical Systems” from a security perspective

    Appears in:
    sesa 15(4): e6

    Authors:
    Minghui Zhu, Peng Liu

    Downloads:
    767

    Abstract:
    This is a review of the book “Principles of Cyber-physical Systems” authored by Rajeev Alur and published by the MIT Press at 2015.This is a review of the book “Principles of Cyber-physical Systems” authored by Rajeev Alur and published by the MIT Press at 2015.
     more »

  • A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)

    Appears in:
    sesa 17(12): e2

    Authors:
    Quamar Niyaz, Weiqing Sun, Ahmad Y. Javaid

    Downloads:
    545

    Abstract:
    Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. Poor network management, low-priced Internet subscriptions, and readily available attack tools can be attributed to their rise. The recently emerged softwar…Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. Poor network management, low-priced Internet subscriptions, and readily available attack tools can be attributed to their rise. The recently emerged software-defined networking (SDN) and deep learning (DL) concepts promise to revolutionize their respective domains. SDN keeps the global view of the entire managed the network from a single point, i.e., the controller, thus making the network management easier. DL-based approaches improve feature extraction/reduction from a high-dimensional dataset such as network traffic headers. This work proposes a deep learning based multi-vector DDoS detection system in an SDN environment. The detection system is implemented as a network application on top of the SDN controller and can monitor the managed network traÿc. Performance evaluation is based on different metrics by applying the system on traÿc traces collected from different scenarios. A high accuracy with low false-positive rate is observed in attack detection for the proposed system.
     more »

  • ITFComp: A Compression Algorithm for ARM Architecture Instruction Trace Files

    Appears in:
    sesa 16(8): e2

    Authors:
    Mohammad Qasem, Lukas Pustina

    Downloads:
    515

    Abstract:
    Testing the performance of a new computational component is costly due to the need of prototyping different setups. Therefore, trace driven hardware simulations are used. Instruction Trace Files (ITFs) are files containing traces of executed instructions in a program's run and are used as an input …Testing the performance of a new computational component is costly due to the need of prototyping different setups. Therefore, trace driven hardware simulations are used. Instruction Trace Files (ITFs) are files containing traces of executed instructions in a program's run and are used as an input for hardware simulations. ITFs tend to be large in size, causing a storage challenge. Many trace reduction techniques exist to deal with the ITFs' storage challenge. In this paper we introduce ITFComp, a compression algorithm that combines general purpose compression methods with knowledge about ARM architecture ITFs' structure to reduce their size. ITFComp also works on compressing data memory addresses accessed by instructions within ITFs to further reduce an ITF size. Results show a reduction of 600 times on average when combined with LZMA compression algorithm. This reduction is 4 times better than when using LZMA alone, and 10 times better than when using DEFLATE. ITFComp introduces a negligible overhead in the decompression time (less than 1%).
     more »

  • Prevention of crime in B2C E-Commerce: How E-Retailers/Banks protect themselves from Criminal Activities

    Appears in:
    sesa 16(7): e4

    Authors:
    Najlaa AlMajed, Leandros A. Maglaras, Francois Siewe, Helge Janicke, Pooneh Bagheri Zadeh

    Downloads:
    442

    Abstract:
    Online shopping and banking institutes are a current trend in e-commerce, where online shopping and banking are frequently used over the Internet. With the fast growth of the technology and on-line practices, criminal activities also have grown dramatically. Customer trust in the security of online…Online shopping and banking institutes are a current trend in e-commerce, where online shopping and banking are frequently used over the Internet. With the fast growth of the technology and on-line practices, criminal activities also have grown dramatically. Customer trust in the security of online activities is extremely immportant for successful trading. Both buyers and sellers are vulnerable to online risks. With the current focus being on precautions that individual buyers and sellers should consider protecting themselves from criminal activities online, the issue of what e-commerce websites should do to minimize their customer's risk is apparently a neglected area in current literature. This research analyses deficiencies in online shopping and online banking websites, and identifies suitable procedures that e-commerce operators may apply to minimize the risk of criminal activities.
     more »

  • WG-8: A Lightweight Stream Cipher for Resource-Constrained Smart Devices

    Appears in:
    sesa 15(3): e4

    Authors:
    Xinxin Fan, Kalikinkar Mandal, Guang Gong

    Downloads:
    416

    Abstract:
    Lightweight cryptographic primitives are essential for securing pervasive embedded devices like RFID tags, smart cards, and wireless sensor nodes. In this paper, we present a lightweight stream cipher WG-8, which is tailored from the well-known Welch-Gong (WG) stream cipher family, for resource-c…Lightweight cryptographic primitives are essential for securing pervasive embedded devices like RFID tags,
    smart cards, and wireless sensor nodes. In this paper, we present a lightweight stream cipher WG-8, which is
    tailored from the well-known Welch-Gong (WG) stream cipher family, for resource-constrained devices. WG-8
    inherits the good randomness and cryptographic properties of the WG stream cipher family and is resistant to
    the most common attacks against stream ciphers. The software implementations of the WG-8 stream cipher on
    two popular low-power microcontrollers as well as the extensive comparison with other lightweight cryptography
    implementations highlight that in the context of securing lightweight embedded applications WG-8 has favorable
    performance and low energy consumption.
     more »

  • A novel intrusion detection method based on OCSVM and K-means recursive clustering

    Appears in:
    sesa 15(3): e5

    Authors:
    Leandros A. Maglaras, Jianmin Jiang

    Downloads:
    415

    Abstract:
    In this paper we present an intrusion detection module capable of detecting malicious network traffic in a SCADA (Supervisory Control and Data Acquisition) system, based on the combination of One-Class Support Vector Machine (OCSVM) with RBF kernel and recursive k-means clustering. Important para…In this paper we present an intrusion detection module capable of detecting malicious network traffic in a SCADA
    (Supervisory Control and Data Acquisition) system, based on the combination of One-Class Support Vector
    Machine (OCSVM) with RBF kernel and recursive k-means clustering. Important parameters of OCSVM, such
    as Gaussian width o and parameter v affect the performance of the classifier. Tuning of these parameters is of
    great importance in order to avoid false positives and over fitting. The combination of OCSVM with recursive k-
    means clustering leads the proposed intrusion detection module to distinguish real alarms from possible attacks
    regardless of the values of parameters o and v, making it ideal for real-time intrusion detection mechanisms for
    SCADA systems. Extensive simulations have been conducted with datasets extracted from small and medium
    sized HTB SCADA testbeds, in order to compare the accuracy, false alarm rate and execution time against the
    base line OCSVM method.
     more »
Publisher
EAI
ISSN
2032-9393
Number of Volumes
5
Last Published
25th Jan 2019