Effectiveness of security tools to anomalies on tunneled traffic

Tunneling mechanism has been proven as an option to link the communication between IPv6 networks and IPv4 environments without incurring the high costs of upgrading equipment. However, this mechanism has reduced the network performance and downgrade the level of security if compared to the native IPv6 network. The Transition Mechanism has also become a covert channel for spreading threats without being acknowledged by the network security tools. Even though the issue has been raised in the set of IETF rules, still they do not provide any recommendation to overcome the problem. Based on this reason, this study explored the effectiveness of conventional network security tools to detect any anomalies occurring on a tunneling mechanism especially against packet flooding attack in IPv6 tunneling. In order to achieve this objective, a testbed that has been deployed with conventional firewall and IDS is used to simulate the IPv6 to IPv4 tunneling mechanism, several network attacks are then launched and the network traffic is then captured to be analyzed. The result shows that the firewall with the default settings had blocked all the tunneling packets, while the firewall and IDS with the default rule of set had performed well in IPv4 but not in the IPv6 tunnel

Remote sensing image classification using soft computing approach

Mangrove forest is an important costal ecosystem in the tropical and sub-tropical coastal regions. It is among the most productivity, ecologically, environmentally and biologically diverse ecosystem in the world. With the improvement of remote sensing technology such as remote sensing images, it provides the alternative for better way of mangrove mapping because covered wider area of ground survey. Image classification is the important part of remote sensing, image analysis and pattern recognition. It is defined as the extraction of differentiated classes; land use and land cover categories from raw remote sensing digital satellite data. One pixel in the satellite image possibly covers more than one object on the ground, within-class variability, or other complex surface cover patterns that cannot be properly described by one class. A pixel in remote sensing images might represent a mixture of class covers, within-class variability, or other complex surface cover patterns. However, this pixel cannot be correctly described by one class. These may be caused by ground characteristics of the classes and the image spatial resolution This project was about the unsupervised classification for satellite image by using fuzzy logic technique. In this project, the method of unsupervised classification was implemented as compared to supervised classification. Nowadays, many situations on this earth were captured by the satellite. Therefore, it was important to be able to classify out the things or objects that had been captured by the satellite. In this project, Fuzzy Inference System (FIS) of Fuzzy Logic Toolbox in matlab was selected to do for unsupervised classification. The types of FIS technique selected to do for the classification include Fuzzy Mamdani and Fuzzy Sugeno. These two methods are used to compare which one can provide a better output. Key Researchers: Dr Mohd Faizal Abdollah Othman bin Mohd Prof Dr. Hj. Shahrin bin Sahib@Sahibuddin Prof Dr. Nanna Suryana Email: [email protected] Tel. No: 06-3316662 Vote No: PJP/2009/FTMK(8D)S55

Thresholding and Fuzzy Rule-Based Classification Approaches in Handling Mangrove Forest Mixed Pixel Problems Associated with in QuickBird Remote Sensing Image Analysis

Mangrove forest is an important costal ecosystem in the tropical and sub-tropical coastal regions. It is among the most productivity, ecologically, environmentally and biologically diverse ecosystem in the world. With the improvement of remote sensing technology such as remote sensing images, it provides the alternative for better way of mangrove mapping because covered wider area of ground survey. Image classification is the important part of remote sensing, image analysis and pattern recognition. It is defined as the extraction of differentiated classes; land use and land cover categories from raw remote sensing digital satellite data. One pixel in the satellite image possibly covers more than one object on the ground, within-class variability, or other complex surface cover patterns that cannot be properly described by one class. A pixel in remote sensing images might represent a mixture of class covers, within-class variability, or other complex surface cover patterns. However, this pixel cannot be correctly described by one class. These may be caused by ground characteristics of the classes and the image spatial resolution. Therefore, the aim of this research is to obtain the optimal threshold value for each class of landuse/landcover using a combination of thresholding and fuzzy rule-based classification techniques. The proposed techniques consist of three main steps; selecting training site, identifying threshold value and producing classification map. In order to produce the final mangrove classification map, the accuracy assessment is conducted through ground truth data, spectroradiometer and expert judgment. The assessment discovered the relationship between the image and condition on the ground, and the spectral signature of surface material in identifying the geographical object. Keywords Mangrove, Remote Sensing Satellite Image, Threshold, Fuzzy Rule-Based Classificatio

Threshold verification using statistical approach for fast attack detection

Network has grows to a mammoth size and becoming more complex, thus exposing the services it offers towards multiple types of intrusion vulnerabilities.One method to overcome intrusion is by introducing Intrusion Detection System (IDS) for detecting the threat before it can damage the network resources.IDS have the ability to analyze network traffic and recognize incoming and on-going network attack.In detecting intrusion attack, Information gathering on such activity can be classified into fast attack and slow attack.Yet, majority of the current intrusion detection systems do not have the ability to differentiate between these two types of attacks. Early detection of fast attack is very useful in a real time environment; in which it can help the targeted network from further intrusion that could let the intruder to gain access to the vulnerable machine.To address this challenge, this paper introduces a fast attack detection framework that set a threshold value to differentiate between the normal network traffic and abnormal network traffic on the victim perspective. The threshold value is abstract with the help of suitable set of feature used to detect the anomaly in the network. By introducing the threshold value, anomaly based detection can build a complete profile to detect any intrusion threat as well as at the same time reducing it false alarm alert

An Improved Fully Homomorphic Encryption Scheme for Cloud Computing

Business in cloud computing is very popular among Small and Medium Enterprises (SMEs). By leveraging services from the cloud, such companies can migrate all of their in-house operations to cloud at low costs with minimum IT facility requirements such as desktop machines and the Internet. Even though the cloud promises tremendous advantages in terms of computing resources and storage spaces, some of the companies are still reluctant to adopt such a technology because of security concerns. To overcome such problems, a fully homomorphic encryption (FHE) scheme with improved efficiency can be implemented as the scheme allows computation on encrypted data without decryption. In this paper, we propose an improved FHE scheme that uses a symmetric key for encryption together with a protocol to implement the scheme. Furthermore, we also provide an analysis regarding to the noise growth in the processed ciphertext and squashing technique that is required to reduce the noise. This analysis is essential to improve the efficiency of the scheme as the squashing technique is time-consuming

E-Government Adoption Success Factors And Their Weight Analysis: A Citizen Perspective

Since there are many theories, models and factors to choose when investigating the e-government adoption, the issue of how to choose the appropriate factors arises. Hence, this study’s purpose is to overcome this issue by highlighting e-government adoption success variables by performing a weight analysis of the variables relationships. Data were gathered from 141 studies associated to the e-government adoption. Out of those 141 studies, only 94 utilized a variety of constructs with appropriate values of correlation that are required to perform a weight analysis. Both non-significant and significant relationships from all 94 publications are also presented in a diagram. Our findings shows that 15 independent variables were found to be categorized as best predictors, 7 independent variables were found to be categorized as promising predictors, and 12 independent variables were found to be categorized as least effective predictors. This paper contributes by implementing an up to date variables weight analysis, moreover it contributes theoretically to the literature body of e-government and suggests further future work directions

Establishment of IPv6 Network on Intranet Environment

Internet Protocol version six (IPv6) is the next generation internet protocol. It is not yet possible to completely migrate to IPv6, but several transitions mechanisms are available to allow IPv6 and IPv4 coexist together in the same network infrastructure. The main benefit of this protocol is a larger address space and enhanced security options. It is not easy to migrate from current Internet Protocol version four (IPv4) to Internet Protocol version six (IPv6) as it is not “Plug n Play” since both are incompatible protocol. For smooth integration between these protocols, native IPv6 testbed (TEST6) was deployed in an intranet environment. In other hand, this gained an experience and confidence before fully integrating it with an existing Internet protocol. This paper describes how TEST6 was setup in intranet environment (TEST6-I) through numerous of process and network test performed to verify the connectivity

Tracing the P2P Botnets Behaviours via Hybrid Analysis Approach

P2P botnets has become central issue that threatens global network security. The unification of botnets and P2P technology make it more powerful and complicated to detect. P2P botnets generally known with abnormal traffic behaviours may highly impact the networks operation, network security and cause financial losses. In order to detect these P2P botnets, a highly-profile investigation on flow analysis is necessary. We consider hybrid analysis approach that integrate both static analysis and dynamic analysis approach. The hybrid analysis will be used in profiling the P2P behaviours and characteristics. Then, the findings of analysis results will contributes on P2P botnets behaviour pattern that will be used in constructing the general model of P2P botnets behaviour. Through the findings, this paper proposes a general P2P botnets behaviour model. The proposed model will be beneficial to further work on P2P botnets detection techniques

Scrutinized System Calls Information Using J48 And Jrip For Malware Behaviour Detection

Malware is considered as one of most emerging threats due to Cybercriminals work diligently to make most of the part of the users’ network of computers as their target. A number of researchers keep on proposing the various alternative framework consisting detection methods day by days in combating activities such as single classification and the rule-based approach. However, such detection method still lacks in differentiate the malware behaviours and cause the rate of falsely identified rate, i.e., false positive and false negative increased. Therefore, integrated machine learning techniques comprise J48 and Jrip are proposed as a solution to distinguish malware behaviour more accurately. This integrated classifier algorithm applied to analyse, classify and generate rules of the pattern and program behaviour of system call information in which, the legal and illegal behaviours could identify. The result showed that the integrated classifier between J48 and Jrip significantly improved the detection rate as compared to the single classifier

Generate optimal number of features in mobile malware classification using Venn diagram intersection

Smartphones are growing more susceptible as technology develops because they contain sensitive data that offers a severe security risk if it falls into the wrong hands. The Android OS includes permissions as a crucial component for safeguarding user privacy and confidentiality. On the other hand, mobile malware continues to struggle with permission misuse. Although permission-based detection is frequently utilized, the significant false alarm rates brought on by the permission-based issue are thought to make it inadequate. The present detection method has a high incidence of false alarms, which reduces its ability to identify permission-based attacks. By using permission features with intent, this research attempted to improve permission-based detection. However, it creates an excessive number of features and increases the likelihood of false alarms. In order to generate the optimal number of features created and boost the quality of features chosen, this research developed an intersection feature approach. Performance was assessed using metrics including accuracy, TPR, TNR, and FPR. The most important characteristics were chosen using the Correlation Feature Selection, and the malicious program was categorized using SVM and naive Bayes. The Intersection Feature Technique, according to the findings, reduces characteristics from 486 to 17, has a 97 percent accuracy rate, and produces 0.1 percent false alarms