Password Cracking and Countermeasures in Computer Security: A Survey

With the rapid development of internet technologies, social networks, and other related areas, user authentication becomes more and more important to protect the data of the users. Password authentication is one of the widely used methods to achieve authentication for legal users and defense against intruders. There have been many password cracking methods developed during the past years, and people have been designing the countermeasures against password cracking all the time. However, we find that the survey work on the password cracking research has not been done very much. This paper is mainly to give a brief review of the password cracking methods, import technologies of password cracking, and the countermeasures against password cracking that are usually designed at two stages including the password design stage (e.g. user education, dynamic password, use of tokens, computer generations) and after the design (e.g. reactive password checking, proactive password checking, password encryption, access control). The main objective of this work is offering the abecedarian IT security professionals and the common audiences with some knowledge about the computer security and password cracking, and promoting the development of this area.Comment: add copyright to the tables to the original authors, add acknowledgement to helpe

Distributed Denial of Service Prevention Techniques

The significance of the DDoS problem and the increased occurrence, sophistication and strength of attacks has led to the dawn of numerous prevention mechanisms. Each proposed prevention mechanism has some unique advantages and disadvantages over the others. In this paper, we present a classification of available mechanisms that are proposed in literature on preventing Internet services from possible DDoS attacks and discuss the strengths and weaknesses of each mechanism. This provides better understanding of the problem and enables a security administrator to effectively equip his arsenal with proper prevention mechanisms for fighting against DDoS threat.Comment: ISSN: 1793-819

Effectiveness of Intrusion Prevention Systems (IPS) in Fast Networks

Computer systems are facing biggest threat in the form of malicious data which causing denial of service, information theft, financial and credibility loss etc. No defense technique has been proved successful in handling these threats. Intrusion Detection and Prevention Systems (IDPSs) being best of available solutions. These techniques are getting more and more attention. Although Intrusion Prevention Systems (IPSs) show a good level of success in detecting and preventing intrusion attempts to networks, they show a visible deficiency in their performance when they are employed on fast networks. In this paper we have presented a design including quantitative and qualitative methods to identify improvement areas in IPSs. Focus group is used for qualitative analysis and experiment is used for quantitative analysis. This paper also describes how to reduce the responding time for IPS when an intrusion occurs on network, and how can IPS be made to perform its tasks successfully without effecting network speed negatively.Comment: IEEE Publication Format, https://sites.google.com/site/journalofcomputing

A Secure Communication in Mobile Agent System

A mobile agent is a software code with mobility which can be move from a computer into another computers through network. The mobile agent paradigm provides many benefits in developments of distributed application at the same time introduce new requirements for security issues with these systems. In this article we present a solution for protection agent from other agents attacks with loging patterns of malicious agent and useing this log for communication. We implemented our resolution by JADE.Comment: 3 pages, Published with International Journal of Engineering Trends and Technology (IJETT

A Criticism of the Current Security, Privacy and Accountability Issues in Electronic Health Records

Cryptography has been widely accepted for security and partly for privacy control as discovered from past works. However, many of these works did not provide a way to manage cryptographic keys effectively especially in EHR applications, as this is the Achilles heel of cryptographic techniques currently proposed. The issue of accountability for legitimate users also has not been so popular and only a few considered it in EHR. Unless a different approach is used, the reliant on cryptography and password or escrow based system for key management will impede trust of the system and hence its acceptability. Also users with right access should also be monitored without affecting the clinician workflow. This paper presents a detailed review of some selected recent approaches to ensuring security, privacy and accountability in EHR and gaps for future research were also identified.Comment: published (2014

Fixed Point Realization of Iterative LR-Aided Soft MIMO Decoding Algorithm

Multiple-input multiple-output (MIMO) systems have been widely acclaimed in order to provide high data rates. Recently Lattice Reduction (LR) aided detectors have been proposed to achieve near Maximum Likelihood (ML) performance with low complexity. In this paper, we develop the fixed point design of an iterative soft decision based LR-aided K-best decoder, which reduces the complexity of existing sphere decoder. A simulation based word-length optimization is presented for physical implementation of the K-best decoder. Simulations show that the fixed point result of 16 bit precision can keep bit error rate (BER) degradation within 0.3 dB for 8x8 MIMO systems with different modulation schemes.Comment: submitted to SPIJ (Signal Processing: An International Journal),(under review), 10 pages, 5 figure

Knowledge and Security

Epistemic concepts, and in some cases epistemic logic, have been used in security research to formalize security properties of systems. This survey illustrates some of these uses by focusing on confidentiality in the context of cryptographic protocols, and in the context of multi-level security systems.Comment: 51 pages; preliminary version of a chapter for an upcoming Handbook of Logics for Knowledge and Belie

New Classification Methods for Hiding Information into Two Parts: Multimedia Files and Non Multimedia Files

With the rapid development of various multimedia technologies, more and more multimedia data are generated and transmitted in the medical, commercial, and military fields, which may include some sensitive information which should not be accessed by or can only be partially exposed to the general users. Therefore, security and privacy has become an important, Another problem with digital document and video is that undetectable modifications can be made with very simple and widely available equipment, which put the digital material for evidential purposes under question .With the large flood of information and the development of the digital format Information hiding considers one of the techniques which used to protect the important information. The main goals for this paper, provides a general overview of the New Classification Methods for Hiding Information into Two Parts: Multimedia Files and Non Multimedia Files

Offline Arabic Handwriting Recognition Using Artificial Neural Network

The ambition of a character recognition system is to transform a text document typed on paper into a digital format that can be manipulated by word processor software Unlike other languages, Arabic has unique features, while other language doesn't have, from this language these are seven or eight language such as ordo, jewie and Persian writing, Arabic has twenty eight letters, each of which can be linked in three different ways or separated depending on the case. The difficulty of the Arabic handwriting recognition is that, the accuracy of the character recognition which affects on the accuracy of the word recognition, in additional there is also two or three from for each character, the suggested solution by using artificial neural network can solve the problem and overcome the difficulty of Arabic handwriting recognition.Comment: Submitted to Journal of Computer Science and Engineering, see http://sites.google.com/site/jcseuk/volume-1-issue-1-may-201

Hardware Architecture of Complex K-best MIMO Decoder

This paper presents a hardware architecture of complex K-best Multiple Input Multiple Output (MIMO) decoder reducing the complexity of Maximum Likelihood (ML) detector. We develop a novel low-power VLSI design of complex K-best decoder for 8x8 MIMO and 64 QAM modulation scheme. Use of Schnorr-Euchner (SE) enumeration and a new parameter, Rlimit in the design reduce the complexity of calculating K-best nodes to a certain level with increased performance. The total word length of only 16 bits has been adopted for the hardware design limiting the bit error rate (BER) degradation to 0.3 dB with list size, K and Rlimit equal to 4. The proposed VLSI architecture is modeled in Verilog HDL using Xilinx and synthesized using Synopsys Design Vision in 45 nm CMOS technology. According to the synthesize result, it achieves 1090.8 Mbps throughput with power consumption of 782 mW and latency of 0.044 us. The maximum frequency the design proposed is 181.8 MHz.Comment: 13 pages, 5 figures, 1 tabl