Current Issue : July - September Volume : 2015 Issue Number : 3 Articles : 5 Articles
Now days due to increasing transactions via wireless communication and internet, electronic data security is necessary for users so that sending data securely transmitted through the link. In Oct 2000 NIST adopted new AES Rijndael algorithm to replace data encryption standard (DES). Compared to software implementation, hardware implementation of Rijndael algorithm provides more physical security as well as higher speed to electronic data.The algorithm can be implemented in FPGA due to its flexibility and reconfiguration capability. A reconfigurable device is very convenient for an AES algorithm since it allows cheap and quick alterations. The paper presents hardware implementation of AES-256 bit on FPGA....
In this paper we present Laribus, a peer-to-peer network designed to detect local man-in-the-middle attacks against\nsecure socket layer/transport layer security (SSL/TLS). With Laribus, clients can validate the authenticity of a certificate\npresented to them by retrieving it from different vantage points on the network. Unlike previous solutions, clients do\nnot have to trust a central notary service nor do they have to rely on the cooperation of website owners. The Laribus\nnetwork is based on a social network graph, which allows users to form notary groups that improve both privacy and\navailability. It integrates several well-known techniques, such as secret sharing, ring signatures, layered encryption,\nrange queries, and a distributed hash table (DHT), to achieve privacy-aware queries, scalability, and decentralization.\nWe present the design and core components of Laribus, discuss its security properties, and also provide results from a\nsimulation-based feasibility study....
Cyber security attacks are becoming ever more frequent and sophisticated. Enterprises often deploy several security\nprotection mechanisms, such as anti-virus software, intrusion detection/prevention systems, and firewalls, to protect\ntheir critical assets against emerging threats. Unfortunately, these protection systems are typically ââ?¬Ë?noisyââ?¬â?¢, e.g., regularly\ngenerating thousands of alerts every day. Plagued by false positives and irrelevant events, it is often neither practical\nnor cost-effective to analyze and respond to every single alert. The main challenges faced by enterprises are to extract\nimportant information from the plethora of alerts and to infer potential risks to their critical assets. A better\nunderstanding of risks will facilitate effective resource allocation and prioritization of further investigation. In this\npaper, we present MUSE, a system that analyzes a large number of alerts and derives risk scores by correlating diverse\nentities in an enterprise network. Instead of considering a risk as an isolated and static property pertaining only to\nindividual users or devices, MUSE exploits a novel mutual reinforcement principle and models the dynamics of risk\nbased on the interdependent relationship among multiple entities. We apply MUSE on real-world network traces and\nalerts from a large enterprise network consisting of more than 10,000 nodes and 100,000 edges. To scale up to such\nlarge graphical models, we formulate the algorithm using a distributed memory abstraction model that allows\nefficient in-memory parallel computations on large clusters. We implement MUSE on Apache Spark and demonstrate\nits efficacy in risk assessment and flexibility in incorporating a wide variety of datasets...
To be successful, cybercriminals must figure out how to scale their scams. They duplicate content on new websites,\noften staying one step ahead of defenders that shut down past schemes. For some scams, such as phishing and\ncounterfeit goods shops, the duplicated content remains nearly identical. In others, such as advanced-fee fraud and\nonline Ponzi schemes, the criminal must alter content so that it appears different in order to evade detection by\nvictims and law enforcement. Nevertheless, similarities often remain, in terms of the website structure or content,\nsince making truly unique copies does not scale well. In this paper, we present a novel optimized combined clustering\nmethod that links together replicated scam websites, even when the criminal has taken steps to hide connections. We\npresent automated methods to extract key website features, including rendered text, HTML structure, file structure,\nand screenshots. We describe a process to automatically identify the best combination of such attributes to most\naccurately cluster similar websites together. To demonstrate the method�s applicability to cybercrime, we evaluate its\nperformance against two collected datasets of scam websites: fake escrow services and high-yield investment\nprograms (HYIPs). We show that our method more accurately groups similar websites together than those existing\ngeneral-purpose consensus clustering methods....
This paper investigates the statistical detection of JSteg steganography. The approach is based on a statistical model\nof discrete cosine transformation (DCT) coefficients challenging the usual assumption that among a subband all the\ncoefficients are independent and identically distributed (i. i. d. ). The hidden information-detection problem is cast in\nthe framework of hypothesis testing theory. In an ideal context where all model parameters are perfectly known, the\nlikelihood ratio test (LRT) is presented, and its performances are theoretically established. The statistical performance\nof LRT serves as an upper bound for the detection power. For a practical use where the distribution parameters are\nunknown, by exploring a DCT channel selection, a detector based on estimation of those parameters is designed. The\nloss of power of the proposed detector compared with the optimal LRT is small, which shows the relevance of the\nproposed approach....
Loading....