An evolutionary computation attack on one-round TEA

AbstractIn this work, one-round Tiny Encryption Algorithm (TEA) is attacked with an Evolutionary Computation method inspired by a combination of Genetic Algorithm (GA) and Harmony Search (HS). The system presented evaluates and evolves a population of candidate keys and compares paintext-ciphertext pairs of the known key against said population. We verify that randomly generated keys are the hardest to derive. Keys composed of words containing all on-bits are more difficult to break than keys composed of words containing all off-bits. Keys which have repeated words are easiest to derive. Finally, the present EC strategy is capable of deriving degenerate keys; this is most evident when keys are front loaded so that the first byte of each word has the highest density of on-bits

Multiple SOFMs Working Cooperatively In a Vote-based Ranking System For Network Intrusion Detection

AbstractProtection from hackers on networks is currently of great importance. Recent examples of victims include the recent repeated hacking of Sony PS3, which involved 24.6 million customer accounts being vulnerable, and the hacking of websites both includ-ing US and Canadian government sites. Thus there is a drear need for effective Intrusion Detection and Prevention systems. Anomaly intrusion detection is a popular method of detecting Intrusions on Computer Networks. In 2011, Wilson and Obimbo proved that the use of Self-Organized Feature Maps (SOFM) could be used to increase the performance on KDD-99 dataset. This paper introduces a vote-based ranking system for intrusion detection based on SOFM. The experimental results are promising and are an improvement in both Wilson and Obimbo's system and the Winning system of the KDD IDS Competition

Towards Vehicular Digital Forensics from Decentralized Trust: An Accountable, Privacy-preservation, and Secure Realization

With the increasing number of traffic accidents and terrorist attacks by modern vehicles, vehicular digital forensics (VDF) has gained significant attention in identifying evidence from the related digital devices. Ensuring the law enforcement agency to accurately integrate various kinds of data is a crucial point to determine the facts. However, malicious attackers or semi-honest participants may undermine the digital forensic procedures. Enabling accountability and privacy-preservation while providing secure data access control in VDF is a non-trivial challenge. To mitigate this issue, in this paper, we propose a blockchain-based decentralized solution for VDF named BB-VDF, in which the accountable protocols and algorithm are constructed. The desirable security properties and fine-grained data access control are achieved based on smart contract and the customized cryptographic construction. Specifically, we design a distributed key-policy attribute based encryption scheme with partially hidden access structures, named DKP-ABE-H, to realize the secure fine-grained forensics data access control. Further, a novel smart contract is designed to model the forensics procedures as a finite state machine, which guarantees accountability that each participant performs auditable cooperation under tamper-resistant and traceable transactions. Systematic security analysis and extensive experimental results show the feasibility and practicability of our proposed BB-VDF scheme

Vulnerabilities of LDAP as an Authentication Service Abstract

Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in enterprise level networks. Organizations such as universities and small to medium-sized businesses use LDAP for a variety of applications including E-mail clients, SSH, and workstation authentication. Since many organizations build dependencies on the LDAP service, a Denial-of-Service (DoS) attack to the service can cause a greater number of services disrupted. This paper examines the danger in the use of LDAP for user authentication by executing a DoS attack exploiting the TCP three-way handshake required when initializing a connection to an LDAP server

Protecting Digital Images Using Keys Enhanced by 2D Chaotic Logistic Maps

This research paper presents a novel digital color image encryption approach that ensures high-level security while remaining simple and efficient. The proposed method utilizes a composite key r and x of 128-bits to create a small in-dimension private key (a chaotic map), which is then resized to match the color matrix dimension. The proposed method is uncomplicated and can be applied to any image without any modification. Image quality, sensitivity analysis, security analysis, correlation analysis, quality analysis, speed analysis, and attack robustness analysis are conducted to prove the efficiency and security aspects of the proposed method. The speed analysis shows that the proposed method improves the performance of image cryptography by minimizing encryption–decryption time and maximizing the throughput of the process of color cryptography. The results demonstrate that the proposed method provides better throughput than existing methods. Overall, this research paper provides a new approach to digital color image encryption that is highly secure, efficient, and applicable to various images