Editorial Preface

It is with great pleasure that we present the 6th regular issue of Volume 10 of the International Journal of Integrated Engineering (IJIE). The special issue of Data Information Engineering contains 30 papers contributed by 124 authors from various institutions. There topics covered in this issue including augmented reality, system testing, wireless area network, information security, data science and search engine optimization. There is also review on in silico-metabolic engineering, intrusion detection system and service-oriented architecture.The authors comprise researchers from four countries which are Malaysia, Indonesia, Pakistan and Iraq. Hopefully with all the strict reviewing process and selection, the knowledge presented will be helpful to the research community by providing breakthrough discoveries and future insight on where the research should be going

A Method for Patching Interleaving-Replay Attacks in Faulty Security Protocols

AbstractThe verification of security protocols has attracted a lot of interest in the formal methods community, yielding two main verification approaches: i) state exploration, e.g. FDR [Gavin Lowe. Breaking and fixing the needham-schroeder public-key protocol using FDR. In TACAs'96: Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems, pages 147–166, London, UK, 1996. Springer-Verlag] and OFMC [A.D. Basin, S. Mödersheim, and L. Viganò. An on-the-fly model-checker for security protocol analysis. In D. Gollmann and E. Snekkenes, editors, ESORICS'03: 8th European Symposium on Research in Computer Security, number 2808 in Lecture Notes in Computer Science, pages 253–270, Gjøvik, Norway, 2003. Springer-Verlag]; and ii) theorem proving, e.g. the Isabelle inductive method [Lawrence C. Paulson. The inductive approach to verifying cryptographic protocols. Journal in Computer Security, 6(1-2):85–128, 1998] and Coral [G. Steel, A. Bundy, and M. Maidl. Attacking the asokan-ginzboorg protocol for key distribution in an ad-hoc bluetooth network using coral. In H. König, M. Heiner, and A. Wolisz, editors, IFIP TC6 /WG 6.1: Proceedings of 23rd IFIP International Conference on Formal Techniques for Networked and Distributed Systems, volume 2767, pages 1–10, Berlin, Germany, 2003. FORTE 2003 (work in progress papers)]. Complementing formal methods, Abadi and Needham's principles aim to guide the design of security protocols in order to make them simple and, hopefully, correct [M. Abadi and R. Needham. Prudent engineering practice for cryptographic protocols. IEEE Transactions on Software Engineering, 22(1):6–15, 1996]. We are interested in a problem related to verification but far less explored: the correction of faulty security protocols. Experience has shown that the analysis of counterexamples or failed proof attempts often holds the key to the completion of proofs and for the correction of a faulty model. In this paper, we introduce a method for patching faulty security protocols that are susceptible to an interleaving-replay attack. Our method makes use of Abadi and Needham's principles for the prudent engineering practice for cryptographic protocols in order to guide the location of the fault in a protocol as well as the proposition of candidate patches. We have run a test on our method with encouraging results. The test set includes 21 faulty security protocols borrowed from the Clark-Jacob library [J. Clark and J. Jacob. A survey of authentication protocol literature: Version 1.0. Technical report, Department of Computer Science, University of York, November 1997. A complete specification of the Clark-Jacob library in CAPSL is available at http://www.cs.sri.com/millen/capsl/]

Protector Control PC-AODV-BH in The Ad Hoc Networks

In this paper we deal with the protector control that which we used to secure AODV routing protocol in Ad Hoc networks. The considered system can be vulnerable to several attacks because of mobility and absence of infrastructure. While the disturbance is assumed to be of the black hole type, we purpose a control named "PC-AODV-BH" in order to neutralize the effects of malicious nodes. Such a protocol is obtained by coupling hash functions, digital signatures and fidelity concept. An implementation under NS2 simulator will be given to compare our proposed approach with SAODV protocol, basing on three performance metrics and taking into account the number of black hole malicious nodesComment: submit 15 pages, 19 figures, 1 table, Journal Indexing team, AIRCC 201

Lightweight Mutual Authentication Protocol for Low Cost RFID Tags

Radio Frequency Identification (RFID) technology one of the most promising technologies in the field of ubiquitous computing. Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to be addressed. When designing a real lightweight authentication protocol for low cost RFID tags, a number of challenges arise due to the extremely limited computational, storage and communication abilities of Low-cost RFID tags. This paper proposes a real mutual authentication protocol for low cost RFID tags. The proposed protocol prevents passive attacks as active attacks are discounted when designing a protocol to meet the requirements of low cost RFID tags. However the implementation of the protocol meets the limited abilities of low cost RFID tags.Comment: 11 Pages, IJNS

Security in Wireless Sensor Networks: Issues and Challenges

Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats. The intent of this paper is to investigate the security related issues and challenges in wireless sensor networks. We identify the security threats, review proposed security mechanisms for wireless sensor networks. We also discuss the holistic view of security for ensuring layered and robust security in wireless sensor networks.Comment: 6 page