Detection and avoidance technique of anomalous congestion at the network gateways

Active queue management (AQM) techniques are used to maintain congestion at network routers. Random Early Detection (RED) is the most used technique among the existing AQMs, as it can avoid network congestion at the early stage. The RED technique avoids congestion by prompting users to reduce their windows size when the queue average exceeds a predefined threshold. However, RED technique is unable to identify users who do not respond to these notifications, and therefore, RED drops all packets in the queue. This generates false positive alarms as packets of legal users will be dropped as well. This paper proposes a technique for monitoring gateways' queues and discarding only the misbehaving traffic. In particular, the proposed technique monitors users' behavior at the network gateways to identify the real sources of misbehaving traffic that causes the congestion on the network. Congested RED-gateways report the packet transfer rate (PTR) of end-users connected with them to service level agreement unit (SLA-unit). The SLA-unit then discovers end-users who have exceeded their bandwidth shares predefined in the SLA as sources of the anomalous congestion on the network. The obtained results show that the proposed technique is promising in detecting and avoiding anomalous congestion without dropping normal traffic of legitimate end-users

Real time detection of phishing websites

Resinification of liquefied empty fruit bunch with furfural (LEFB-Fu) was performed. During the resinification process, the samples were taken every hour up to 4 hours. FTIR analysis of the samples was conducted to understand the progress of the reaction. It showed that the bands of 1512 cm−1 and 1692 cm−1 evolving and diminishing respectively, indicating the consumption of furfural. The postulation of polymerization was also proven as the increasing extent of substitution of aromatic ring observed

Locating and collecting cybercrime evidences on cloud storage: review

Despite the advancement of cloud storage and the benefits it brings to computer users, it cannot be denied that cloud storage is still subject to misuse by malicious users and cyber criminals. This includes the cases where criminals use cloud storage for storing and exchanging illegal material and for committing botnet attacks. In addition, the increase in the number of cybercrimes against cloud services challenges the forensic process of locating and collecting cybercrime evidence in cloud storage. Although a number of researches are proposed to address cloud storage security, several studies and surveys reported that security in cloud computing still pose several concerns and challenges to the researchers. Loss of control over the data stored in cloud storage is one of the security challenges in that cloud. Moreover, location of stored data in the cloud and the multi tenancy of customers on cloud servers are all representing security concerns. At the same time, current cloud storage technology creates challenges for digital forensic practitioners in presenting and interpreting meaning to the obtained evidence to investigators, lawyers, and, ultimately, to the jury. This paper reviews the existing works in locating and collecting cybercrime evidence in cloud storage and provides an in-depth discussion of their limitations

An Energy-Efficient Cross-Layer approach for cloud wireless green communications

In wireless sensor networks (WSN), energy consumption is one of the crucial issues. It is very important to conserve energy at each sensor node to prolong a network lifetime. The main challenge in WSN is to develop an energy efficient algorithm to minimize energy consumption during transmitting information from deployed sensors up to the cloud resources. Many researches have been studied the designing of energy efficient technique based on one-layer stack model approach. In this study, we propose Energy-Efficient Cross-Layer (EECL) approach by using the interaction of MAC layer and physical layer information to be exploited by a network layer to achieve energy efficient communication. More precisely, network layer could utilize the MAC layer and physical layer information to establish an energy efficient route path to be used in forwarding data. The proposed EECL approach uses X-MAC protocol in support of duty cycle which introduces short preambles that switches to wake-up/sensing mode only for nodes belonging to routing path while the other nodes set to be in sleep mode. The distance between nodes that influences energy consumption and Bit Error Rate (BER) are set to be the parameters which they are help in indicating the required power for each hop during route path selection in WSN and avoid the rely-hops that suffering from high average BER and with farther distance. We conduct the experiment using Matlab to evaluate the effectiveness of our proposed approach in terms of power consumption and obtained data rate. The results show that our proposed EECL approach outperforms its representatives in the ability of tuning the power utilized in respect with required data rate that could satisfy the desired Quality-of-Service (QoS)

Comprehensive survey on big data privacy protection

In recent years, the ever-mounting problem of Internet phishing has been threatening the secure propagation of sensitive data over the web, thereby resulting in either outright decline of data distribution or inaccurate data distribution from several data providers. Therefore, user privacy has evolved into a critical issue in various data mining operations. User privacy has turned out to be a foremost criterion for allowing the transfer of confidential information. The intense surge in storing the personal data of customers (i.e., big data) has resulted in a new research area, which is referred to as privacy-preserving data mining (PPDM). A key issue of PPDM is how to manipulate data using a specific approach to enable the development of a good data mining model on modified data, thereby meeting a specified privacy need with minimum loss of information for the intended data analysis task. The current review study aims to utilize the tasks of data mining operations without risking the security of individuals’ sensitive information, particularly at the record level. To this end, PPDM techniques are reviewed and classified using various approaches for data modification. Furthermore, a critical comparative analysis is performed for the advantages and drawbacks of PPDM techniques. This review study also elaborates on the existing challenges and unresolved issues in PPDM.Published versio

Deep learning-based classification model for botnet attack detection

Botnets are vectors through which hackers can seize control of multiple systems and conduct malicious activities. Researchers have proposed multiple solutions to detect and identify botnets in real time. However, these proposed solutions have difficulties in keeping pace with the rapid evolution of botnets. This paper proposes a model for detecting botnets using deep learning to identify zero-day botnet attacks in real time. The proposed model is trained and evaluated on a CTU-13 dataset with multiple neural network designs and hidden layers. Results demonstrate that the deep-learning artificial neural network model can accurately and efficiently identify botnets

Dynamic Reciprocal Authentication Protocol for Mobile Cloud Computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.A combination of mobile and cloud computing delivers many advantages such as mobility, resources, and accessibility through seamless data transmission via the Internet anywhere at any time. However, data transmission through vulnerable channels poses security threats such as man-in-the-middle, playback, impersonation, and asynchronization attacks. To address these threats, we define an explicit security model that can precisely measure the practical capabilities of an adversary. A systematic methodology consisting of 16 evaluation criteria is used for comparative evaluation, thereby leading other approaches to be evaluated through a common scale. Finally, we propose a dynamic reciprocal authentication protocol to secure data transmission in mobile cloud computing (MCC). In particular, our proposed protocol develops a secure reciprocal authentication method, which is free of Diffie–Hellman limitations, and has immunity against basic or sophisticated known attacks. The protocol utilizes multifactor authentication of usernames, passwords, and a one-time password (OTP). The OTP is automatically generated and regularly updated for every connection. The proposed protocol is implemented and tested using Java to demonstrate its efficiency in authenticating communications and securing data transmitted in the MCC environment. Results of the evaluation process indicate that compared with the existing works, the proposed protocol possesses obvious capabilities in security and in communication and computation costs

Dynamic reciprocal authentication protocol for mobile cloud computing

A combination of mobile and cloud computing delivers many advantages such as mobility, resources, and accessibility through seamless data transmission via the Internet anywhere at any time. However, data transmission through vulnerable channels poses security threats such as man-in-the-middle, playback, impersonation, and asynchronization attacks. To address these threats, we define an explicit security model that can precisely measure the practical capabilities of an adversary. A systematic methodology consisting of 16 evaluation criteria is used for comparative evaluation, thereby leading other approaches to be evaluated through a common scale. Finally, we propose a dynamic reciprocal authentication protocol to secure data transmission in mobile cloud computing (MCC). In particular, our proposed protocol develops a secure reciprocal authentication method, which is free of Diffie–Hellman limitations, and has immunity against basic or sophisticated known attacks. The protocol utilizes multifactor authentication of usernames, passwords, and a one-time password (OTP). The OTP is automatically generated and regularly updated for every connection. The proposed protocol is implemented and tested using Java to demonstrate its efficiency in authenticating communications and securing data transmitted in the MCC environment. Results of the evaluation process indicate that compared with the existing works, the proposed protocol possesses obvious capabilities in security and in communication and computation costs

Strategic priorities for hematopoietic stem cell transplantation in the EMRO region

The World Health Organization-designated Eastern Mediterranean region (EMRO) consists of 22 countries in North Africa and Western Asia with a collective population of over 679 million. The area comprises some of the wealthiest countries per capita income and some of the poorest. The population structure is also unique and contrasts with western countries, with a much younger population. The region sits in the heart of the thalassemia belt. Many countries have a significant prevalence of sickle cell disease, and cancer is on the rise in the region. Therefore, the strategic priorities for the growth and development of hematopoietic stem cell transplantation (HSCT) differ from country to country based on resources, healthcare challenges, and prevalent infrastructure. Thirty-one reporting teams to the Eastern Mediterranean Blood and Marrow Transplantation Group have active HSCT programs in 12 countries; allogeneic transplants outnumber autologous transplants, and the proportion of allotransplants for non-malignant conditions is higher in the EMRO region than in Western Europe and North America. The vast majority (99%) of allotransplants are from matched related donors. Matched unrelated donors and other alternate donor transplants are underutilized. The chance of finding a matched related donor for allografts is higher, with a significant chance of finding matched donors among non-sibling related donors. Reasons for relatively lower rates of transplants compared with other countries are multifactorial. Capacity building, development of newer centers, innovative funding, and better utilization of information technology are required to make transplantation as an accessible modality to more patients. Cost-effectiveness and cost-containment, regulation, and ensuring quality will all be priorities in planning HSCT development in the region

SoK: Contemporary Issues and Challenges to Enable Cyber Situational Awareness for Network Security

Cyber situational awareness is an essential part of cyber defense that allows the cybersecurity operators to cope with the complexity of today's networks and threat landscape. Perceiving and comprehending the situation allow the operator to project upcoming events and make strategic decisions. In this paper, we recapitulate the fundamentals of cyber situational awareness and highlight its unique characteristics in comparison to generic situational awareness known from other fields. Subsequently, we provide an overview of existing research and trends in publishing on the topic, introduce front research groups, and highlight the impact of cyber situational awareness research. Further, we propose an updated taxonomy and enumeration of the components used for achieving cyber situational awareness. The updated taxonomy conforms to the widely-accepted three-level definition of cyber situational awareness and newly includes the projection level. Finally, we identify and discuss contemporary research and operational challenges, such as the need to cope with rising volume, velocity, and variety of cybersecurity data and the need to provide cybersecurity operators with the right data at the right time and increase their value through visualization