

IET Information Security
Volume 14, Issue 1, January 2020
Volumes & issues:
Volume 14, Issue 1
January 2020
-
- Author(s): Shitharth Selvarajan ; Masood Shaik ; Sirajudeen Ameerjohn ; Sangeetha Kannan
- Source: IET Information Security, Volume 14, Issue 1, p. 1 –11
- DOI: 10.1049/iet-ifs.2019.0011
- Type: Article
- + Show details - Hide details
-
p.
1
–11
(11)
The applications such as the remote communication and the control system are in critically integrated arrangement. The controlling of these network is specified by supervisory control and data acquisition (SCADA) systems. This study discusses about the attack prediction and classification process by using an enhanced model of machine learning technology. The attack types are classified by the optimal selection of features extracted from the sensor data. In this, the features are labelled and cluster between the matrixes are extracted. These cluster forms the initial processing of attack identification which prevents the mismatched result. This clustering of data is performed by mean-shift clustering algorithm. From that clustered data, the features that are irrelevant for classification process is identified and suppressed by using the genetically seeded flora optimisation algorithm. In this optimisation process, the flora seeds are selected genetically to select best features. Then, from that optimally selected clustered data, the relevancy vector is predicted and the types are classified. The classification process is performed by the Boltzmann machine learning algorithm. The classified results of the proposed method for testing SCADA dataset are analysed and the performance metrics are evaluated and compared with the state-of-the-art methods.
- Author(s): Ling Sun ; Wei Wang ; Meiqin Q. Wang
- Source: IET Information Security, Volume 14, Issue 1, p. 12 –20
- DOI: 10.1049/iet-ifs.2018.5283
- Type: Article
- + Show details - Hide details
-
p.
12
–20
(9)
In this study, the authors settle the feasibility of mixed integer linear programming (MILP)-aided bit-based division property for ciphers with non-bit-permutation linear layers. First, they transform the complicated linear layers to their primitive representations. Then, the original Copy and exclusive OR models are generalised, and these models are exploited to depict the primitive representations. Accord- ingly, the MILP-aided bit-based division property can be applied to much more primitives with complicated linear layers. As an illus- tration, they rst evaluate the bit-based division properties of some word-oriented block ciphers. For Midori64, they obtain a 7-round integral distinguisher, which achieves one more round than the previous results. At the same time, the data requirements of some existing distinguishers are also reduced. They decrease the data complexities of 4-round and 5-round distinguishers for LED and Joltik-BC by half. Then, the bit-based division properties of some bit-oriented ciphers such as Serpent and Noekeon are considered. The data complexities of their distinguishers for short rounds are reduced. Besides, they evaluate the bit-based division properties of the internal permutations in some hash functions. An 18-round zero-sum distinguisher for SPONGENT-88 is proposed, which achieves four more rounds than the previous ones. Some integral distinguishers for PHOTON permutations are improved.
- Author(s): Ikram Gharsallah ; Salima Smaoui ; Faouzi Zarai
- Source: IET Information Security, Volume 14, Issue 1, p. 21 –29
- DOI: 10.1049/iet-ifs.2018.5443
- Type: Article
- + Show details - Hide details
-
p.
21
–29
(9)
In recent years, the world of wireless telecommunications is in full progress. Indeed, although the evolution of 4G mobile networks continues, the standardization work of the 5G networks is in full progress. The connected vehicle is part of the services expected from 5G. Indeed, the interconnection between vehicles promises a safer and more enjoyable driving experience. However, as the huge number of vehicle devices are increasing day by day and each vehicle must perform a full authentication procedure to reach to the network, network congestion may occur when a group of vehicles requires simultaneous access, moreover this can have a decisive effect on the promised high rate of 5G. The EPS-AKA authentication mechanism used in 4G networks is too insufficient to handle a large number of mobile devices. In this context, our article aims to define a reliable solution for the authentication of a group of vehicles simultaneous in 5G cellular networks. A reauthentication procedure is also proposed. Analysis results obtained using the SPAN tool has proven that authentication and privacy objectives are met. In addition, elaborate performance evaluations in terms of communication signalling and computational overhead demonstrate that our protocol is more efficient than those existing protocols.
- Author(s): Huang Zhang ; Fangguo Zhang ; Baodian Wei ; Yusong Du
- Source: IET Information Security, Volume 14, Issue 1, p. 30 –38
- DOI: 10.1049/iet-ifs.2018.5491
- Type: Article
- + Show details - Hide details
-
p.
30
–38
(9)
The notion of confidential transactions plays a central role in ensuring the confidentiality of transaction amounts in a block-chain-based cryptocurrency. Past researches have confirmed that the access policy of transaction amounts influences the anonymity of a cryptocurrency. Most of the current techniques of confidential transactions are based on the discrete logarithm problem. Because of the threats from quantum algorithms, clients are eager to enjoy security guarantees in a post-quantum scenario. Lattices are an ideal source of hardness, due to its exclusive worst-case to the average-case phenomenon. Nevertheless, the distinctions between the discrete logarithm problem and lattice problems build an obstacle in the way of borrowing the ideas from the former to the latter directly. In this study, inspired by the notion of commitments to polynomials and zero-knowledge arguments of knowledge for the inhomogeneous short integer solution problem, the authors give an approach to implement confidential transactions using lattice techniques.
- Author(s): Hisham A. Kholidy
- Source: IET Information Security, Volume 14, Issue 1, p. 39 –50
- DOI: 10.1049/iet-ifs.2019.0409
- Type: Article
- + Show details - Hide details
-
p.
39
–50
(12)
Despite the important benefits that cloud computing could offer, security remains one of the major concern that is hindering the development of this paradigm. Masquerades attacks and malicious insiders are often listed among the most dangerous challenges faced by cloud computing. The detection of masquerade attacks in cloud systems has to integrate host and network detection by correlating the user's behaviours in several virtual machines. The author has introduced two approaches that use sequences of events from the operating system and data from the network environment. Then, he integrated these approaches through a neural network that also considers information about the active session. Both approaches use his DDSGA method, a data-driven semi-global alignment approach for detecting masquerade attacks based on the alignment technique. He evaluated the efficiency and accuracy of the approaches through the Cloud Intrusion Detection Dataset. He also shows that the integrated approach results in the best accuracy and the proposed approaches outperform a recent masquerade detection framework that works in the cloud computing systems called the Sliding Window-based Anomaly Detection using Maximum Mean Discrepancy.
- Author(s): Thomas Shortell and Ali Shokoufandeh
- Source: IET Information Security, Volume 14, Issue 1, p. 51 –59
- DOI: 10.1049/iet-ifs.2019.0157
- Type: Article
- + Show details - Hide details
-
p.
51
–59
(9)
In a world becoming dependent on cloud computing, multiple and many techniques are needed to meet security and privacy requirements. This study investigates using Fully Homomorphic Encryption (FHE) in the cloud for a set of signal processing algorithms. Using FHE provides a level of security and privacy for cloud computing. This research implements a framework with a set of real number processing formats that allows FHE to be used in the cloud. Developing formats for real numbers is required because FHE operates over integers. Both a fixed point binary format and a rational number format are implemented to allow for real number processing. Experimentally, the framework is implemented and verified with three algorithms: fast Fourier transform, speeded up robust features, and histogram of oriented gradients. Each implementation is bounded with error caused by the formats and examined against images (two-dimensional signals).
- Author(s): Junaid Akram and Luo Ping
- Source: IET Information Security, Volume 14, Issue 1, p. 60 –71
- DOI: 10.1049/iet-ifs.2018.5647
- Type: Article
- + Show details - Hide details
-
p.
60
–71
(12)
Cybercrimes are on a dramatic rise worldwide. The crime rate is growing day by day in every field or department which is directly or indirectly connected to the internet including Government, business or any individual. The main objective of this study is to evaluate the vulnerabilities in different software systems at the source code level by tracing their patch files. The authors have collected the source code of different types of vulnerabilities at a different level of granularities. They have proposed different ways to collect or trace the vulnerability code, which can be very helpful for security experts, organisations and software developers to maintain security measures. By following their proposed method, you can build your own vulnerability data-set and can detect vulnerabilities in any system by using suitable code clone detection technique. The study also includes a discussion of reasons for the rise in cybercrimes including zero-day exploits. A case study has been discussed with results and research questions to show the effectiveness of this study. This study concludes with the effective key findings of published and non-published vulnerabilities and the ways to prevent from different security attacks to overcome cybercrimes.
- Author(s): Zahra Eskandari and Abbas Ghaemi Bafghi
- Source: IET Information Security, Volume 14, Issue 1, p. 72 –80
- DOI: 10.1049/iet-ifs.2018.5252
- Type: Article
- + Show details - Hide details
-
p.
72
–80
(9)
Cube attack, a simplified type of algebraic attack, is widely utilised to cryptanalyse ciphers. However, since the cube attack works without considering the cipher structure, it is highly complex. In 2017, division property, a successful approach to finding integral distinguishers, was used to extract cube distinguishers in a non-blackbox manner for stream ciphers, which led to a significant improvement of the previous results. This is the first paper employing division property for cube distinguisher extraction in block ciphers. To do this, first, an approach relying on Boolean satisfiability problem (SAT) is presented to evaluate the propagation of division property. Indeed, extraction of zero-sum distinguisher is mapped on a SAT problem and SAT solvers are used to finding division trails efficiently and automatically. Then, this approach is extended and adapted to extract cube distinguishers in block ciphers. However, there are similarities between our contribution and others but the different structure of block and stream ciphers lead to disparity in applying division property to extract cube distinguisher for block ciphers. To prove the efficiency of the presented approach, it is applied to the lightweight block cipher Katan and the cube distinguishers are extended to a higher round in comparison with previous results.
- Author(s): Jian Wang ; Guosheng Zhao ; Zhongnan Zhao ; Zhixin Li
- Source: IET Information Security, Volume 14, Issue 1, p. 82 –88
- DOI: 10.1049/iet-ifs.2018.5251
- Type: Article
- + Show details - Hide details
-
p.
82
–88
(7)
To enhance system survivability when the original mapping scheme fails caused by the change of underlying infrastructures, a dynamic resource virtualisation method based on software definition network (SDN) is proposed. First of all, modelling and formalisation of dynamic resource remapping under SDN environment are constructed, which make the entity resources controlled in the network. Then, resource constraints and evaluation objectives of mapping are considered, and the remapping procedures of nodes and links are described in the case of failure of physical resources. During the process, the detachment factor is introduced as the index to evaluate whether the virtual nodes and links need to be separated, and further be allocated by the greedy algorithm reasonably and dynamically, to realise the virtual network requests. Finally, the simulation experiments are carried out and show that the proposed method is superior to other related methods in virtual request acceptance rate, resource utilisation and average waiting time of service; as a result, improving survivability under the condition that the underlying physical resources change in real time.
- Author(s): Nadjah Chergui and Narhimene Boustia
- Source: IET Information Security, Volume 14, Issue 1, p. 89 –98
- DOI: 10.1049/iet-ifs.2018.5479
- Type: Article
- + Show details - Hide details
-
p.
89
–98
(10)
The high rate of false positive alerts generated by the intrusion detection system (IDS), raises a crucial problem in the face of the security operator to differentiate between true attacks and failed ones. In order to solve this problem, several approaches have been developed relying on contextual information such as applications, services, network location, and vulnerabilities. The change of the context can be an effective factor to reduce false positive rate. However, most approaches in the literature have not dealt with this factor. Therefore, the authors propose non-monotonic ontology contextual-based approach (NOC-IDS), which represents a set of helpful contextual information in flexible format and dynamic reasoning. NOC-IDS aims in general to filter false positive alerts and to figure out relevant alerts, and helping the security operator to analyse relevant ones. NOC-IDS is defined by the description logic that provides non-monotonic reasoning. They illustrate the effectiveness and the powerfulness of the authors’ approach using the well-known DARPA 2000 data set.
- Author(s): Xuelian Li ; Yue Han ; Juntao Gao ; Jie Niu
- Source: IET Information Security, Volume 14, Issue 1, p. 99 –110
- DOI: 10.1049/iet-ifs.2019.0249
- Type: Article
- + Show details - Hide details
-
p.
99
–110
(12)
The 5G technology will promote the development of vehicle ad hoc networks (VANET). However, almost all the existing authentication protocols rely on a completely trusted authority (TA), which undoubtedly raises a heavy burden on the TA. On the other hand, these protocols can rarely resist some special attacks, such as registration authority leaks registration information attack and ephemeral secret leakage attack. To address these problems, based on the self-certified public keys and Schnorr signatures, the authors propose a hierarchical revocable authentication protocol in VANET. The proposed protocol is provably secure in the random oracle model under the Diffie-Hellman assumption. Performance analysis illustrates that the protocol greatly saves computation resources and satisfies the well-known security requirements. Therefore, the proposed protocol is suitable for the VANET environment.
- Author(s): Lin Jiao
- Source: IET Information Security, Volume 14, Issue 1, p. 111 –125
- DOI: 10.1049/iet-ifs.2018.5448
- Type: Article
- + Show details - Hide details
-
p.
111
–125
(15)
The hardness of LPN problems serves as security source of many primitives in lightweight and post-quantum cryptography, which enjoy extreme simplicity and efficiency for various applications. Accordingly there are several LPN solving algorithms proposed over past decade, and received quite a lot of attention recently. In this paper, we propose a new LPN solving algorithm using covering codes in the existing algorithmic framework with a new data structure of numerical value instead of vector quantity for convenience in table look-up, integrate the optimized procedures, and further presenting four main improvements. Firstly, we apply the technique of binary tree sum in Gaussian elimination and new BKW iterations. Secondly, we propose a global BKW collision optimization with tweakable reduction length, which is proved optimized. Thirdly, we extend the covering codes scope in service for lager bias and smaller data requirement with a bias estimation strategy. Finally, we propose a detailed parameter selection principle for given LPN instances. The best known classic results are given for the (512/532/592,1/8)-instances suggested in cryptographic schemes. Besides, we evaluate the performance on low-noise LPN and (k,1/4)-LPN instances, and further correct the lower length bounds of LPN instances with various bias for security levels of NIST's Post-Quantum Call.
- Author(s): Rongjia Li ; Chenhui Jin ; Hongchen Pan
- Source: IET Information Security, Volume 14, Issue 1, p. 126 –132
- DOI: 10.1049/iet-ifs.2019.0056
- Type: Article
- + Show details - Hide details
-
p.
126
–132
(7)
Grøstl is one of the SHA-3 finalist hash functions. Kupyna is the new Ukrainian hash standard, which is structurally very similar to Grøstl. The authors investigate the randomness of the two permutations used in Grøstl-512 and one of the two permutations used in Kupyna-512, in this study. New integral distinguishers of the three permutations are constructed. First, using an automatic search tool of division property, they find improved integral distinguishers of the permutations in both the forward and backward directions. Then, subspace trails are utilised to extend the length of the backward integral distinguishers by one round. Finally, the forward and backward integral distinguishers are combined using the inside-out method. As far as they know, they decrease the computational cost of 8, 9 and 10-round distinguishers and their 12-round distinguishers are the longest distinguishers for the three permutations.
- Author(s): Mohammad Shakibazad and Ali Jabbar Rashidi
- Source: IET Information Security, Volume 14, Issue 1, p. 133 –145
- DOI: 10.1049/iet-ifs.2018.5390
- Type: Article
- + Show details - Hide details
-
p.
133
–145
(13)
One of the most important components constructing the information security management system is the risk assessment process. Information technology system risks have a direct impact on the mission of organisations. Risk assessment allows organisations to identify weaknesses and security threats, and adopt appropriate solutions to deal with risks. The risk identification and assessment is the most important and complex part of the risk management process. In this study, a method has been presented to asset technical risks with regard to the sensitivity of each of the assets. In this research, the cyber battlefield framework has been presented to analyse the assets' sensitivity and then to determine the risk of each. The cyber battlefield contains exact information about cyber environment, including a vulnerability of knowledge repository, tangible and intangible components of cyber environment, and the relationships between them. Cyber-attacks are performed using vulnerabilities in the cyber environment components, so the present study focuses on the provision of a method to determine the risk due to the vulnerabilities. Considering the cost of risks treatment, the risks have been prioritised.
- Author(s): Arkadii Slinko
- Source: IET Information Security, Volume 14, Issue 1, p. 146 –150
- DOI: 10.1049/iet-ifs.2019.0210
- Type: Article
- + Show details - Hide details
-
p.
146
–150
(5)
A secret sharing scheme implemented in an organisation is designed to reflect the power structure in that organisation. When two organisations merge, this usually requires a number of substantial changes and, in particular, changes to their secret sharing schemes which have to be merged in the way which reflects a new role of each of the organisations. This study looks at the ways secret sharing scheme can be modified when organisational changes occur. The authors restrict themselves with the class of ideal linear secret sharing schemes and describe how matrices of these linear schemes have to be modified when they take the sum, the product or the composition of two linear access structures.
Mining of intrusion attack in SCADA network using clustering and genetically seeded flora-based optimal classification algorithm
MILP-aided bit-based division property for primitives with non-bit-permutation linear layers
An efficient authentication and key agreement protocol for a group of vehicles devices in 5G cellular networks
Implementing confidential transactions with lattice techniques
Correlation-based sequence alignment models for detecting masquerades in cloud computing
Secure signal processing using fully homomorphic encryption
How to build a vulnerability benchmark to overcome cyber security attacks
Cube distinguisher extraction using division property in block ciphers
Dynamic resource virtualisation method for survivability enhancement based on SDN
Contextual-based approach to reduce false positives
Secure hierarchical authentication protocol in VANET
Specifications and improvements of LPN solving algorithms
Integral distinguishers for Grøstl-512 and Kupyna-512 permutation functions
New method for assets sensitivity calculation and technical risks assessment in the information systems
Ways to merge two secret sharing schemes
Most viewed content for this Journal

Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article