Africa: cyber-security and its mutual impacts with computerisation, miniaturisation and location-based authentication

YesThe state of insecurity occasioned by fraudulent practices in Africa has been of concern economically, both at home and abroad. In this paper, we propose ways to mitigate this problem, using Nigeria as a case study. Based on surveys in West Africa, the paper examines the security situation in the continent and its mutual impacts with computerisation, miniaturisation and Location-Based Authentication (LBA). It was discovered that computerisation and miniaturisation had negative effects on cyber-security, as these were being exploited by fraudsters, using advance fee fraud; called 419. As a countermeasure, the paper examines the possibility of using LBA and digitisation of the GSM Mobile country codes down to city/area codes along with GSM/GPS authentications. These could also be combined with the use of a web-based Secret Sharing Scheme for services with very high security demands. The challenges of roaming were also examined and considered to be of negligible impact.Petroleum Technology Development Fund (PTDF

Аналіз механізмів забезпечення цілісності та автентичності повідомлень в мережах MANET

Ensuring the integrity and authenticity of the messages in today's MANET networks is an urgent scientific and technical problem. The way to solve it is to conduct a continuous review of security threats of MANET, as well as the development and improvement of mechanisms of ensure the integrity and authenticity of information in the network. The analysis of the current attacks on the MANET networks and the corresponding threats of the integrity and authenticity of information has been done. The advantages and disadvantages of secure routing protocols are shown. As a result, identified promising areas of improvement and further development of security systems and secure routing protocols in MANET networks.Обеспечение целостности и аутентичности сообщений в современных сетях MANET является актуальной научно-технической проблемой. Способом ее решения является проведение постоянного анализа угроз безопасности MANET, а также разработка и усовершенствование механизмов обеспечения целостности и аутентичности информации в сети. Проведен анализ современных атак на сети MANET и соответствующих им угроз целостности и аутентичности информации. Рассмотрены недостатки и преимущества протоколов безопасной маршрутизации. В результате этого определены перспективные направления усовершенствования и дальнейшего развития систем безопасности и протоколов безопасной маршрутизации в сетях MANET.Забезпечення цілісності та автентичності повідомлень в сучасних мережах MANET є актуальною науково-технічною проблемою. Способом її вирішення є проведення постійного аналізу загроз безпеки MANET, а також розробка й вдосконалення механізмів забезпечення цілісності та автентичності інформації в мережі. Проведено аналіз сучасних атак на мережі MANET та відповідних ним загроз цілісності та автентичності інформації. Розглянуті недоліки та переваги протоколів безпечної маршрутизації. В результаті цього визначені перспективні напрямки вдосконалення та подальшого розвитку систем безпеки та протоколів безпечної маршрутизації в мережах MANET

АНАЛІЗ МЕХАНІЗМІВ ЗАБЕЗПЕЧЕННЯ ЦІЛІСНОСТІ ТА АВТЕНТИЧНОСТІ ПОВІДОМЛЕНЬ В МЕРЕЖАХ MANET

Забезпечення цілісності та автентичності повідомлень в сучасних мережах MANET є актуальною науково-технічною проблемою. Способом її вирішення є проведення постійного аналізу загроз безпеки MANET, а також розробка й вдосконалення механізмів забезпечення цілісності та автентичності інформації в мережі. Проведено аналіз сучасних атак на мережі MANET та відповідних ним загроз цілісності та автентичності інформації. Розглянуті недоліки та переваги протоколів безпечної маршрутизації. В результаті цього визначені перспективні напрямки вдосконалення та подальшого розвитку систем безпеки та протоколів безпечної маршрутизації в мережах MANET

Survey on the state of the art of wireless sensor networks

Este artículo presenta un estudio del estado del arte de las redes de sensores inalámbricas, las cuales siguen un desarrollo creciente y presentan una gran variedad de aplicaciones. Estas redes constituyen un campo actual y emergente de estudio donde se combina el desarrollo de computadores, comunicaciones inalámbricas y dispositivos móviles e integración con otras disciplinas como agricultura, biología, medicina, etc. Se presenta el concepto principal, los componentes, topologías, estándares, aplicaciones, problemas y desafíos, luego se profundiza en soluciones de seguridad y se concluye con herramientas básicas de simulación.This article presents a survey of the state of the art of wireless sensor networks, which follows a growing development and a wide variety of applications. These networks provide a current and emerging field of study where combines the development of computers, wireless communications and mobile devices and integration with other disciplines such as agriculture, biology, medicine, etc. Presents the main concept, components, topologies, standards,  applications,  problems  and  challenges,  deepens  security  solutions  and conclude with basic tools of simulation

Seguridad en redes de sensores inalámbricos

This article presents a survey of the state of art of the mechanisms to provide security to the Wireless Sensor Networks. Over the principal schemes, are the key management and cryptography, the authentication protocols and the mechanisms of clone or intrusion  detection.Este artículo presenta un estudio del estado del arte de los mecanismos para proveer seguridad en las redes de sensores inalámbricas. Dentro de los principales esquemas de seguridad se encuentran los manejos de claves y criptografía, los protocolos de autenticación y los mecanismos de detección de intrusos o clones

A framework for evaluating countermeasures against sybil attacks in wireless sensor networks

Although Wireless Sensor Networks (WSNs) have found a niche in numerous applications, they are constrained by numerous factors. One of these important factors is security in WSNs. There are various types of security attacks that WSNs are susceptible to. The focus of this study is centred on Sybil attacks, a denial of service attack. In this type of attack, rogue nodes impersonate valid nodes by falsely claiming to possess authentic identities, thereby rendering numerous core WSN operations ineffective. The diverse nature of existing solutions poses a difficult problem for system engineers wanting to employ a best fit countermeasure. This problem is the largely unanswered question posed to all system engineers and developers alike whose goal is to design/develop a secure WSN. Resolving this dilemma proves to be quite a fascinating task, since there are numerous factors to consider and more especially one cannot assume that every application is affected by all identified factors. A framework methodology presented in this study addresses the abovementioned challenges by evaluating countermeasure effectiveness based on theoretical and practical security factors. Furthermore, a process is outlined to determine the application’s engineering requirements and the framework also suggests what security components the system engineer ought to incorporate into the application, depending on the application’s risk profile. The framework then numerically aligns these considerations, ensuring an accurate and fairly unbiased best fit countermeasure selection. Although the framework concentrates on Sybil countermeasures, the methodology can be applied to other classes of countermeasures since it answers the question of how to objectively study and compare security mechanisms that are both diverse and intended for different application environments. The report documents the design and development of a comparative framework that can be used to evaluate countermeasures against Sybil attacks in wireless sensor networks based on various criteria that will be discussed in detail. This report looks briefly at the aims and description of the research. Following this, a literature survey on the body of knowledge concerning WSN security and a discussion on the proposed methodology of a specific design approach are given. Assumptions and a short list of factors that were considered are then described. Metrics, the taxonomy for WSN countermeasures, the framework and a formal model are developed. Risk analysis and the best fit methodology are also discussed. Finally, the results and recommendations are shown for the research, after which the document is concluded.Dissertation (MEng)--University of Pretoria, 2011.Electrical, Electronic and Computer Engineeringunrestricte

Cryptography and Computer Communications Security. Extending the Human Security Perimeter through a Web of Trust

This work modifies Shamir’s algorithm by sharing a random key that is used to lock up the secret data; as against sharing the data itself. This is significant in cloud computing, especially with homomorphic encryption. Using web design, the resultant scheme practically globalises secret sharing with authentications and inherent secondary applications. The work aims at improving cybersecurity via a joint exploitation of human factors and technology; a human-centred cybersecurity design as opposed to technology-centred. The completed functional scheme is tagged CDRSAS. The literature on secret sharing schemes is reviewed together with the concepts of human factors, trust, cyberspace/cryptology and an analysis on a 3-factor security assessment process. This is followed by the relevance of passwords within the context of human factors. The main research design/implementation and system performance are analysed, together with a proposal for a new antidote against 419 fraudsters. Two twin equations were invented in the investigation process; a pair each for secret sharing and a risk-centred security assessment technique. The building blocks/software used for the CDRSAS include Shamir’s algorithm, MD5, HTML5, PHP, Java, Servlets, JSP, Javascript, MySQL, JQuery, CSS, MATLAB, MS Excel, MS Visio, and Photoshop. The codes are developed in Eclipse IDE, and the Java-based system runs on Tomcat and Apache, using XAMPP Server. Its code units have passed JUnit tests. The system compares favourably with SSSS. Defeating socio-cryptanalysis in cyberspace requires strategies that are centred on human trust, trust-related human attributes, and technology. The PhD research is completed but there is scope for future work.Petroleum Technology Development Fund (PTDF), Abuja, Nigeria