Improved Internet Security Protocols Using Cryptographic One-Way Hash Chains

In this dissertation, new approaches that utilize the one-way cryptographic hash functions in designing improved network security protocols are investigated. The proposed approaches are designed to be scalable and easy to implement in modern technology. The first contribution explores session cookies with emphasis on the threat of session hijacking attacks resulting from session cookie theft or sniffing. In the proposed scheme, these cookies are replaced by easily computed authentication credentials using Lamport\u27s well-known one-time passwords. The basic idea in this scheme revolves around utilizing sparse caching units, where authentication credentials pertaining to cookies are stored and fetched once needed, thereby, mitigating computational overhead generally associated with one-way hash constructions. The second and third proposed schemes rely on dividing the one-way hash construction into a hierarchical two-tier construction. Each tier component is responsible for some aspect of authentication generated by using two different hash functions. By utilizing different cryptographic hash functions arranged in two tiers, the hierarchical two-tier protocol (our second contribution) gives significant performance improvement over previously proposed solutions for securing Internet cookies. Through indexing authentication credentials by their position within the hash chain in a multi-dimensional chain, the third contribution achieves improved performance. In the fourth proposed scheme, an attempt is made to apply the one-way hash construction to achieve user and broadcast authentication in wireless sensor networks. Due to known energy and memory constraints, the one-way hash scheme is modified to mitigate computational overhead so it can be easily applied in this particular setting. The fifth scheme tries to reap the benefits of the sparse cache-supported scheme and the hierarchical scheme. The resulting hybrid approach achieves efficient performance at the lowest cost of caching possible. In the sixth proposal, an authentication scheme tailored for the multi-server single sign-on (SSO) environment is presented. The scheme utilizes the one-way hash construction in a Merkle Hash Tree and a hash calendar to avoid impersonation and session hijacking attacks. The scheme also explores the optimal configuration of the one-way hash chain in this particular environment. All the proposed protocols are validated by extensive experimental analyses. These analyses are obtained by running simulations depicting the many scenarios envisioned. Additionally, these simulations are supported by relevant analytical models derived by mathematical formulas taking into consideration the environment under investigation

Blockchain-Based Land Registration System: A Conceptual Framework

Land registration authorities are frequently held accountable for the alleged mismanagement and manipulation of land records in various countries. Pakistan’s property records are especially vulnerable to falsification and corruption because of the country’s poverty. Different parties therefore claim varying degrees of authority over a specific piece of land. Given the fact that this data has been consolidated, it has become significantly more vulnerable to security threats. The goal of decentralized system research has been to increase the reliability of these systems. In order to fix the flaws of centralized systems, blockchain-based decentralized systems are currently in development. By using significant land record registration models as the basis for this research, we hope to create a proof-of-concept system or framework for future use. Pakistan’s land registration agency will benefit from our proposed conceptual framework. For the Pakistani government to implement a decentralized land record registry system, we propose a conceptual framework that outlines the essential components.publishedVersio

A Simple and Efficient Deep Learning-Based Framework for Automatic Fruit Recognition

Accurate detection and recognition of various kinds of fruits and vegetables by using the artificial intelligence (AI) approach always remain a challenging task due to similarity between various types of fruits and challenging environments such as lighting and background variations. Therefore, developing and exploring an expert system for automatic fruits’ recognition is getting more and more important after many successful approaches; however, this technology is still far from being mature. The deep learning-based models have emerged as state-of-the-art techniques for image segmentation and classification and have a lot of promise in challenging domains such as agriculture, where they can deal with the large variability in data better than classical computer vision methods. In this study, we proposed a deep learning-based framework to detect and recognize fruits and vegetables automatically with difficult real-world scenarios. The proposed method might be helpful for the fruit sellers to identify and differentiate various kinds of fruits and vegetables that have similarities. The proposed method has applied deep convolutional neural network (DCNN) to the undertakings of distinguishing natural fruit images of the Gilgit-Baltistan (GB) region as this area is famous for fruits’ production in Pakistan as well as in the world. The experimental outcomes demonstrate that the suggested deep learning algorithm has the effective capability of automatically recognizing the fruit with high accuracy of 96%. This high accuracy exhibits that the proposed approach can meet world application requirements.publishedVersio

An Efficient Online/Offline Signcryption Scheme for Internet of Things in Smart Home

publishedVersio

A Conceptual Model for Blockchain-Based Agriculture Food Supply Chain System

In agriculture supply chain management, traceability is a crucial aspect to ensure food safety for increasing customer loyalty and satisfaction. Lack of quality assurance in centralized data storage makes us move towards a new approach based on a decentralized system in which transparency and quality assurance is guaranteed throughout the supply chain from producer to consumer. The current supply chain model has some disadvantages like a communication gap between the entities of the supply chain and no information about the travel history and origin of the product. The use of technology improves the communication and relation between various farmers and stakeholders. Blockchain technology acquires transparency and traceability in the supply chain, provides transaction records traceability, and enhances security for the whole supply chain. In this paper, we present a blockchain-based, fully decentralized traceability model that ensures the integrity and transparency of the system. This new model eliminated most of the disadvantages of the traditional supply chain. For the coordination of all transactions in the supply chain, we proposed a decentralized supply chain model along with a smart contract.publishedVersio

An Efficient NIDPS with Improved Salp Swarm Feature Optimization Method

Network security problems arise these days due to many challenges in cyberspace. The malicious attacks on installed wide networks are rapidly spreading due to their vulnerability. Therefore, the user and system information are at high risk due to network attacks. To protect networks against these attacks, Network Intrusion Detection and Prevention Systems (NIDPS) are installed on them. These NIDPS can detect malicious attacks by monitoring abnormal behavior and patterns in network traffic. These systems were mainly developed using Artificial Intelligence (AI) algorithms. These intelligent NIDPS are also able to detect the attack type while detecting network attacks. Previous studies have proposed many NIDPS for network security. However, many challenges exist so far such as limited available data for training AI algorithms, class imbalance problems, and automated selection of the most important features. These problems need to be solved first, which will lead to the precise detection of network attacks. Therefore, the proposed framework used the highly imbalanced UNSW-NB15 dataset for binary and multiclass classification of network attacks. In this framework, firstly dataset normalization is applied using standard deviation and the mean of feature columns; secondly, an Improved Salp Swarm Algorithm (ISSA) is applied for automated feature selection separately on binary and multiclass subsets. Thirdly, after applying feature selection, the SMOTE–Tomek class balancing method is applied where at least four different ML classifiers are used for binary and multiclass classification. The achieved results outperformed as compared to previous studies and improved the overall performance of NIDPS

A Novel Study: GAN-Based Minority Class Balancing and Machine-Learning-Based Network Intruder Detection Using Chi-Square Feature Selection

The network security problem becomes a routine problem for networks and cyber security specialists. The increased data on every minute not only creates big data problems, but also it expands the network size on the cloud and other computing technologies. Due to the big size and data, the network becomes more vulnerable to cyber-attacks. However, the detection of cyber-attacks on networks before or on time is a challenging task to solve. Therefore, the network intruder detection system (NIDS) is used to detect it. The network provided data-based NIDS were proposed previously, but still needed improvements. From the network data, it is also essential to find the most contributing features to avoid overfitting and lack of confidence in NIDS. The previously proposed solutions of NIDS mostly ignored the class imbalance problems that were normally found in the training of machine learning (ML) methods used in NIDS. However, few studies have tried to solve class imbalance and feature selection separately by achieving significant results on different datasets. The performance of these NIDS needs improvements in terms of classification and class balancing robust solutions. Therefore, to solve the class imbalance problem of minority classes in public datasets of NIDS and to select the most significant features, the proposed study gives a framework. In this framework, the minority class instances are generated using Generative Adversarial Network (GAN) model hyperparameter optimization and then the chi-square method of feature selection is applied to the fed six ML classifiers. The binary and multi-class classifications are applied on the UNSW-NB15 dataset with three versions of it. The comparative analysis on binary, multi-class classifications showed dominance as compared to previous studies in terms of accuracy (98.14%, 87.44%), precision (98.14%, 87.81%), F1-score (98.14%, 86.79%), Geometric-Mean (0.976, 0.923) and Area Under Cover (0.976, 0.94)

An Improved CCF Detector to Handle the Problem of Class Imbalance with Outlier Normalization Using IQR Method

E-commerce has increased online credit card usage nowadays. Similarly, credit card transactions have increased for physical sales and purchases. This has increased the risk of credit card fraud (CCF) and made payment networks more vulnerable. Therefore, there is a need to develop a precise CCF detector to control such online fraud. Previously, many studies have been presented on CCF detection and gave good results and performance. However, these solutions still lack performance, and most of them have ignored the outlier problem before applying feature selection and oversampling techniques to give solutions for classification. The class imbalance problem is most prominent in available datasets of credit card transactions. Therefore, the proposed study applies preprocessing to clean the feature set at first. Then, outliers are detected and normalized using the IQR method. This outlier normalizes data fed to the Shapiro method for feature ranking and the 20 most prominent features are selected. This selected feature set is then fed to the SMOTEN oversampling method, which increases the minority class instances and equalizes the positive and negative instances. Next, this cleaned feature set is then fed to five ML classifiers, and four different splits of holdout validation are applied. There are two experiments conducted in which, firstly, the original data are fed to five ML classifiers and the holdout validation technique is used, in which the AUC reaches a maximum of 0.971. In Experiment 2, outliers are normalized, features are selected using the Shapiro method, and oversampling is performed using the SMOTEN method. This normalized and processed feature set is fed to five ML classifiers via holdout validation methods. The experimental results show a 1.00 AUC compared with state-of-the-art studies, which proves that the proposed study achieves better results using this specific framework

Preventing Session Hijacking In Collaborative Applications With Hybrid Cache-Supported One-Way Hash Chains

Session hijacking attacks of social network websites are one of the commonly experienced cyber threats in today\u27s Internet especially with the unprecedented proliferation of wireless networks and mobile applications. To address this problem, we propose a cache supported hybrid two-dimensional one-way hash construction to handle social networks\u27 user sessions authentication in collaborative applications efficiently. The solution, which presents a major redesign from [18], is based on utilizing two-dimensional OHC chains equipped with sparse caching capabilities to carry out authentication during social networks users\u27 sessions. We analyze the proposed hybrid scheme mathematically to determine the cost of authentication and develop a quartic equation to check the optimal configuration of the two dimensions. We also evaluate the hybrid scheme with simulation experiments of different configurations and scenarios. The results of the simulation experiments show that the hybrid scheme improves performance of the OHC tremendously while efficiently and securely handling authentication

A Hierarchical Two-Tier One-Way Hash Chain Protocol For Secure Internet Transactions

One-way hash chains are a popular cryptographic technique used in many security applications. In this paper, we present a two-tier one-way hash chain (TTOHC) protocol to secure cookie-based Internet transactions. The use of cookies as a cheaper alternative to secure Internet sessions is extremely dangerous since session cookies can be easily sniffed out resulting in session hijacking. By utilizing different cryptographic hash functions arranged in two tiers, our hierarchical TTOHC protocol gives significant performance improvement over previously proposed solutions for securing Internet cookies. A detailed Java testbed has been used to evaluate alternative configurations for the hierarchical scheme and investigate the optimal set up of the two tiers. Detailed performance results obtained from this testbed are presented and analyzed. © 2012 IEEE