Security in Wireless Sensor Networks: Issues and Challenges

Wireless Sensor Network (WSN) is an emerging technology that shows great promise for various futuristic applications both for mass public and military. The sensing technology combined with processing power and wireless communication makes it lucrative for being exploited in abundance in future. The inclusion of wireless communication technology also incurs various types of security threats. The intent of this paper is to investigate the security related issues and challenges in wireless sensor networks. We identify the security threats, review proposed security mechanisms for wireless sensor networks. We also discuss the holistic view of security for ensuring layered and robust security in wireless sensor networks.Comment: 6 page

Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences

In this survey, we first briefly review the current state of cyber attacks, highlighting significant recent changes in how and why such attacks are performed. We then investigate the mechanics of malware command and control (C2) establishment: we provide a comprehensive review of the techniques used by attackers to set up such a channel and to hide its presence from the attacked parties and the security tools they use. We then switch to the defensive side of the problem, and review approaches that have been proposed for the detection and disruption of C2 channels. We also map such techniques to widely-adopted security controls, emphasizing gaps or limitations (and success stories) in current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages. Listing abstract compressed from version appearing in repor

Human visual based perception of steganographic images

In 2014 it was estimated that 1.8 billion images were uploaded daily to the Internet, and in 2018 it is estimated that 3.2 billion images are shared daily. Some of these uploaded images may contain hidden information that can potentially be malicious (e.g. an image that contains hidden information regarding terrorism recruitment) or may cause serious damage (e.g. an employee wishing to hide sensitive company details in an image file and exporting the image to third parties). This research studied the most effective methods in manipulating images to hide information (Data Loss). Significant work has been done on computational algorithmic detection. Yet the desired output from this work was to find the point at which a human can no longer visually establish the difference between an original image and a manipulated image. This research examines the extent of use for file formats, bit depth alterations, least significant bits, message and audio concealment and watermark and filtering techniques for image steganography. The findings of this study indicated that audio insertion and picture insertion into cover image files are the strongest in deceiving the human eye. These results have been categorised for human visual perception in image-based steganography.PostprintPeer reviewe

Steganographer Identification

Conventional steganalysis detects the presence of steganography within single objects. In the real-world, we may face a complex scenario that one or some of multiple users called actors are guilty of using steganography, which is typically defined as the Steganographer Identification Problem (SIP). One might use the conventional steganalysis algorithms to separate stego objects from cover objects and then identify the guilty actors. However, the guilty actors may be lost due to a number of false alarms. To deal with the SIP, most of the state-of-the-arts use unsupervised learning based approaches. In their solutions, each actor holds multiple digital objects, from which a set of feature vectors can be extracted. The well-defined distances between these feature sets are determined to measure the similarity between the corresponding actors. By applying clustering or outlier detection, the most suspicious actor(s) will be judged as the steganographer(s). Though the SIP needs further study, the existing works have good ability to identify the steganographer(s) when non-adaptive steganographic embedding was applied. In this chapter, we will present foundational concepts and review advanced methodologies in SIP. This chapter is self-contained and intended as a tutorial introducing the SIP in the context of media steganography.Comment: A tutorial with 30 page

The Automation of the Extraction of Evidence masked by Steganographic Techniques in WAV and MP3 Audio Files

Antiforensics techniques and particularly steganography and cryptography have become increasingly pressing issues that affect the current digital forensics practice, both techniques are widely researched and developed as considered in the heart of the modern digital era but remain double edged swords standing between the privacy conscious and the criminally malicious, dependent on the severity of the methods deployed. This paper advances the automation of hidden evidence extraction in the context of audio files enabling the correlation between unprocessed evidence artefacts and extreme Steganographic and Cryptographic techniques using the Least Significant Bits extraction method (LSB). The research generates an in-depth review of current digital forensic toolkit and systems and formally address their capabilities in handling steganography-related cases, we opted for experimental research methodology in the form of quantitative analysis of the efficiency of detecting and extraction of hidden artefacts in WAV and MP3 audio files by comparing standard industry software. This work establishes an environment for the practical implementation and testing of the proposed approach and the new toolkit for extracting evidence hidden by Cryptographic and Steganographic techniques during forensics investigations. The proposed multi-approach automation demonstrated a huge positive impact in terms of efficiency and accuracy and notably on large audio files (MP3 and WAV) which the forensics analysis is time-consuming and requires significant computational resources and memory. However, the proposed automation may occasionally produce false positives (detecting steganography where none exists) or false negatives (failing to detect steganography that is present) but overall achieve a balance between detecting hidden data accurately along with minimising the false alarms.Comment: Wires Forensics Sciences Under Revie

Big Data Security (Volume 3)

After a short description of the key concepts of big data the book explores on the secrecy and security threats posed especially by cloud based data storage. It delivers conceptual frameworks and models along with case studies of recent technology