814 research outputs found
Security in Wireless Sensor Networks: Issues and Challenges
Wireless Sensor Network (WSN) is an emerging technology that shows great
promise for various futuristic applications both for mass public and military.
The sensing technology combined with processing power and wireless
communication makes it lucrative for being exploited in abundance in future.
The inclusion of wireless communication technology also incurs various types of
security threats. The intent of this paper is to investigate the security
related issues and challenges in wireless sensor networks. We identify the
security threats, review proposed security mechanisms for wireless sensor
networks. We also discuss the holistic view of security for ensuring layered
and robust security in wireless sensor networks.Comment: 6 page
Command & Control: Understanding, Denying and Detecting - A review of malware C2 techniques, detection and defences
In this survey, we first briefly review the current state of cyber attacks,
highlighting significant recent changes in how and why such attacks are
performed. We then investigate the mechanics of malware command and control
(C2) establishment: we provide a comprehensive review of the techniques used by
attackers to set up such a channel and to hide its presence from the attacked
parties and the security tools they use. We then switch to the defensive side
of the problem, and review approaches that have been proposed for the detection
and disruption of C2 channels. We also map such techniques to widely-adopted
security controls, emphasizing gaps or limitations (and success stories) in
current best practices.Comment: Work commissioned by CPNI, available at c2report.org. 38 pages.
Listing abstract compressed from version appearing in repor
Human visual based perception of steganographic images
In 2014 it was estimated that 1.8 billion images were uploaded daily to the Internet, and in 2018 it is estimated that 3.2 billion images are shared daily. Some of these uploaded images may contain hidden information that can potentially be malicious (e.g. an image that contains hidden information regarding terrorism recruitment) or may cause serious damage (e.g. an employee wishing to hide sensitive company details in an image file and exporting the image to third parties). This research studied the most effective methods in manipulating images to hide information (Data Loss). Significant work has been done on computational algorithmic detection. Yet the desired output from this work was to find the point at which a human can no longer visually establish the difference between an original image and a manipulated image. This research examines the extent of use for file formats, bit depth alterations, least significant bits, message and audio concealment and watermark and filtering techniques for image steganography. The findings of this study indicated that audio insertion and picture insertion into cover image files are the strongest in deceiving the human eye. These results have been categorised for human visual perception in image-based steganography.PostprintPeer reviewe
Steganographer Identification
Conventional steganalysis detects the presence of steganography within single
objects. In the real-world, we may face a complex scenario that one or some of
multiple users called actors are guilty of using steganography, which is
typically defined as the Steganographer Identification Problem (SIP). One might
use the conventional steganalysis algorithms to separate stego objects from
cover objects and then identify the guilty actors. However, the guilty actors
may be lost due to a number of false alarms. To deal with the SIP, most of the
state-of-the-arts use unsupervised learning based approaches. In their
solutions, each actor holds multiple digital objects, from which a set of
feature vectors can be extracted. The well-defined distances between these
feature sets are determined to measure the similarity between the corresponding
actors. By applying clustering or outlier detection, the most suspicious
actor(s) will be judged as the steganographer(s). Though the SIP needs further
study, the existing works have good ability to identify the steganographer(s)
when non-adaptive steganographic embedding was applied. In this chapter, we
will present foundational concepts and review advanced methodologies in SIP.
This chapter is self-contained and intended as a tutorial introducing the SIP
in the context of media steganography.Comment: A tutorial with 30 page
The Automation of the Extraction of Evidence masked by Steganographic Techniques in WAV and MP3 Audio Files
Antiforensics techniques and particularly steganography and cryptography have
become increasingly pressing issues that affect the current digital forensics
practice, both techniques are widely researched and developed as considered in
the heart of the modern digital era but remain double edged swords standing
between the privacy conscious and the criminally malicious, dependent on the
severity of the methods deployed. This paper advances the automation of hidden
evidence extraction in the context of audio files enabling the correlation
between unprocessed evidence artefacts and extreme Steganographic and
Cryptographic techniques using the Least Significant Bits extraction method
(LSB). The research generates an in-depth review of current digital forensic
toolkit and systems and formally address their capabilities in handling
steganography-related cases, we opted for experimental research methodology in
the form of quantitative analysis of the efficiency of detecting and extraction
of hidden artefacts in WAV and MP3 audio files by comparing standard industry
software. This work establishes an environment for the practical implementation
and testing of the proposed approach and the new toolkit for extracting
evidence hidden by Cryptographic and Steganographic techniques during forensics
investigations. The proposed multi-approach automation demonstrated a huge
positive impact in terms of efficiency and accuracy and notably on large audio
files (MP3 and WAV) which the forensics analysis is time-consuming and requires
significant computational resources and memory. However, the proposed
automation may occasionally produce false positives (detecting steganography
where none exists) or false negatives (failing to detect steganography that is
present) but overall achieve a balance between detecting hidden data accurately
along with minimising the false alarms.Comment: Wires Forensics Sciences Under Revie
Big Data Security (Volume 3)
After a short description of the key concepts of big data the book explores on the secrecy and security threats posed especially by cloud based data storage. It delivers conceptual frameworks and models along with case studies of recent technology
- …