A new tunnelled EAP based authentication method for WiMAX networks

Despite well-defined and commercially viable security standards for WiMAX networks, vulnerability in current system design and other inherent characteristics expose the network to various types of security attacks. These attacks are commonly related to network access security, authentication of users, validation of data transmission, and confidentiality issues. In order to provide better protection to WiMAX users, several improvements in the security mechanism have been provided. One notable solution is by using a more secure protocol, namely the Privacy Key Management (PKM), which later being revised into PKMv2 (PKM version 2). In this protocol, authentication (as well as mutual authentication) plays an important role since it must be completed in order to establish a secure connection between the network entities. PKMv2 uses either RSA-based or EAP-based authentication modes. While there are variations of authentication modes exist in the literature, some of them prone to man-in-the-middle (MITM) attack and significant overheads. This paper proposes a new method called EAP-TTLS-ISRP which embeds the transmission of security messages in a secure tunnel. This authentication method is proposed for a single EAP based authentication to achieve both user and device authentications between Mobile Station (MS) and Authentication Server (AS) by using strong and fast authentication methods. The proposed method outperforms other methods in the number of messages exchanged and thus it has less overhead cost, it also satisfies the EAP requirement for secure and efficient data exchange, as well as robust to MITM attacks. Automated Validation of Internet Security Protocols and Applications (AVISPA) verification tools are used to verify the security performance of the proposed EAP-TTLS-ISRP method

Forecasting Malaysian stock price using artificial neural networks (ANN)

Predicting a stock price is a very difficult task because it is complex and involves many factors. This has led to drop in the investment level in the Malaysian stock market. It is difficult to predict the stock market because its environments are unstable and dynamic. Recently, the demand for neural network in the business arena is on the increase. It is need to analyze vast data in order to search for information and knowledge that do not exist by using traditional methods. This included stock market prediction that is a very significant research in business area. In regard to Bursa Malaysia, Artificial Neural Network (ANNs). ANNs was only used to predict main index, i.e. Kuala Lumpur Composite Index (KLCI), but no attempt to predict share price and in particular banking sector. Since ANN has potential to predict non-linear behavior, this research attempts the use of ANNs to predict banking sector stock price in FTSE Bursa Saham Malaysia Kuala Lumpur Composite Index (FBM KLCI). One of the interesting topics of stock-market research is stock market prediction. Precise stock forecasting becomes the greatest challenge in the investment industry because stock data distribution changes over time. This paper investigates the use of ANN to predict Malaysian stock price, in particular Maybank Berhad stock price. The feedforward neural back-propagation network with Training Function Gradient Decent Training Algorithm is used in this study. The outcome of selected stocks, namely Maybank, are modeled and simulated and the results show that ANN offers a very accurate stock model and also generates competitive systems using all four trading strategies. The results also show that, neural network is a good tool to predict stock price movement with accuracy higher than 95%. Closing price is a good input for neural network model for stock price prediction

Security and performance enhancement of authentication protocols in heterogeneous wireless networks

For mobile users, interworking environment comprised of Long Term Evolution (LTE), Worldwide Interoperability for Microwave Access (WiMAX) and Wireless Local Area Networks (WLAN) has become a practical consideration. As a prevalent technology, LTE and WiMAX have desirable features that support high data rate, mobile capabilities, good quality of service (QoS), and wide coverage area. On the other hand, WLAN provides higher bit rate but weaker mobility support. Additional features such as cost effectiveness in covering signal dead zones of LTE networks and its plentiful bandwidth for better QoS makes the WLAN a good complementary solution for LTE networks. Accordingly, integration between these wireless network technologies allows users to move from one to another wireless network to get better QoS in case of some applications that demand higher data rates or to connect to a network that has a stronger signal. However, interworking solutions between these different technologies increase the possibility of intrusion on such networks, consume their resources, affect the QoS and disclose its exchanged data. Thus, the security in such environment is considered as an urgent need. The authentication process is the basis of the security which should be performed appropriately whether in the homogeneous or heterogeneous networks. It is becoming an increasingly important factor during the handover (HO) process in the heterogeneous architecture, where authentication delay and signalling cost may contribute signiffcantly to the handover delay and cost. On the other hand, the 3GPP standards have speciffed that, in interworking architectures between LTE and other wireless networks, each user should be authenticated by the home server in LTE network, which makes this server a subject of single point of failure. Therefore, designing authentication and re-authentication protocols that address the mentioned limitations and contribute to fast, seamless and secure roaming or HO at the same time is an open area that needs to be studied and improved. Several studies have modiffed the existing authentication protocols, but they are limited to 3G-WLAN interworking architecture. Besides, most of the existing authentication schemes are complex and vulnerable to network attacks such as User Identity Disclosure (UID) and Man In The Middle (MITM) attacks. This thesis presents authentication protocols for homogeneous and heterogeneous wireless networks. In particular, a new method called Extensible Authentication Protocol-Tunnelled Transport Layer Security -Improved Secure Remote Password (EAP-TTLS-ISRP) is proposed for WiMAX networks. This method embeds the transmission of security messages in a secure tunnel. The proposed method outperforms other methods in terms of number of messages exchanged, where it is reduced by 16% compared to other WiMAX protocols, which leads to reducing the communication overhead. It also satisfies the EAP requirement for secure and ef- ficient data exchange, as well as robust to MITM attack. In LTE networks, an Efficient Evolved Packet System (EEPS-AKA) protocol is proposed to overcome security and performance problems such as UID and MITM attacks; storage overhead and authentication delay. The proposed protocol is based on the Simple Password Exponential Key Exchange (SPEKE) protocol. Compared to the previous methods, our method is faster, since it uses a secret key method which is faster than certificate-based methods. In addition, the size of messages exchanged between the User Equipment (UE) and Home Subscriber Server (HSS) is reduced by 19%, this effectively reduces authentication delay and storage overhead. In LTE-WLAN interworking architecture, EAP with improved Authentication and Key Agreement (EAPAKA0) protocol is introduced to present new inter and intra re-authentication protocols. These protocols provide an efficient method to improve security against network attacks, protect the user identity and reduce the burden on HSS during the sequential handovers. Compared to the standard authentication protocols, the reduction of the authentication delay, signaling cost, handover delay, handover cost, and energy consumption reaches up to 23%, 30%, 34%, 21%, and 13%, respectively. In LTE-WiMAX-WLAN interworking architecture, authentication and reauthentication protocols are proposed, where they can be invoked if users perform vertical HO (between those networks) or horizontal HO (within the same network). These protocols provide an efficient method to protect user identity and reduce the burden on HSS. The results of analytical model show that the proposed protocols achieve better performance than standard and other protocols in terms of delay, cost, and energy consumption. Compared to the standard and other authentication protocols, the reduction of authentication delay, signaling cost, handover delay, handover cost, and energy consumption reaches up to 14%, 42%, 30%, 18%, and 17%, respectively. The Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is used to provide a formal verification. Results show that the proposed protocols are efficient and secure against active and passive attacks

Normalized advancement based totally opportunistic routing algorithm with void detection and avoiding mechanism for underwater wireless sensor network

Underwater wireless sensor network (UWSN) is the enabling technology for a new era of underwater monitoring and actuation applications. In this network, data aggregation and forwarding are intensely constrained due to channel impairment, and therefore require due consideration. One way to address the data collection of UWSN is by enhancing the routing protocol using the Opportunistic Routing (OR) technique. This article proposes a normalized advancement based opportunistic routing protocol called NA-TORA. NA-TORA is a geographically opportunistic routing protocol in which the next-hop forwarder is selected based on Normalized Advancement (NA). NA is calculated from Expected Transmission Count (ETX) and node' s energy consumption to find an optimal forwarding node. However, the forwarded data may not be received on the designated sink node due to the existence of a void node in the data forwarding route. To overcome the issue of void nodes, we have incorporated a void node detection and avoiding mechanism on NA-TORA, called NA-TORA with VA. The proposed scheme recursively detect void nodes and avoid these nodes to participate in data routing by utilizing the angle of transmission adjustment and transmission range extension method. The novelty of this work lies within its data transmission phase, where normalized advancement is used to select a potential candidate forwarder. Apart from that, the proposed routing protocol operates in two different modes, i.e., standard operating mode (NA-TORA), and void avoidance mode (NA-TORA with VA). Comprehensive simulations were performed to compare the performance of NA-TORA and NA-TORA with VA with some well-known existing routing protocols