Volume 16 (2024)
Volume 15 (2023)
Volume 14 (2022)
Volume 13 (2021)
Volume 12 (2020)
Volume 11 (2019)
Volume 10 (2018)
Volume 9 (2017)
Volume 8 (2016)
Volume 7 (2015)
Volume 6 (2014)
Volume 5 (2013)
Volume 4 (2012)
Volume 3 (2011)
Volume 2 (2010)
Volume 1 (2009)
A Graph-based Online Feature Selection to Improve Detection of New Attacks

Hajar Dastanpour; Ali Fanian

Volume 14, Issue 2 , July 2022, , Pages 115-130

https://doi.org/10.22042/isecure.2022.14.2.1

Abstract
  Today, intrusion detection systems are used in the networks as one of the essential methods to detect new attacks. Usually, these systems deal with a broad set of data and many features. Therefore, selecting proper features and benefitting from previously learned knowledge is suitable for efficiently ...  Read More

Analysis of IOTA Tangle Stability in High Transaction Rates

Habibullah Yajam; Mohammad Ali Akhaee

Volume 15, Issue 2 , July 2023, , Pages 152-162

https://doi.org/10.22042/isecure.2023.380480.904

Abstract
  The future of the IoT requires new methods of payment that can handle millions of transactions per second. IOTA cryptocurrency aims at providing such a solution. It uses a consensus algorithm based on directed acyclic graphs (DAG) that is called Tangle. A tip selection algorithm (TSA) is a part of Tangle ...  Read More

Algebraic Matching of Vulnerabilities in a Low-Level Code

Oleksandr Letychevskyi; Yaroslav Hryniuk; Viktor Yakovlev; Volodymyr Peschanenko; Viktor Radchenko

Volume 11, Issue 3 , August 2019, , Pages 1-7

https://doi.org/10.22042/isecure.2019.11.0.1

Abstract
  This paper explores the algebraic matching approach for detection of vulnerabilities in binary codes. The algebraic programming system is used for implementing this method. It is anticipated that models of vulnerabilities and programs to be verified are presented as behavior algebra and ...  Read More

Access control in ultra-large-scale systems using a data-centric middleware

S. Shokrollahi; F. Shams; J. Esmaeili

Volume 6, Issue 1 , January 2014, , Pages 3-22

https://doi.org/10.22042/isecure.2014.6.1.2

Abstract
    The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between ...  Read More

A TESLA-based mutual authentication protocol for GSM networks

A. Fanian; M. Berenjkoub; T. A. Gulliver

Volume 1, Issue 1 , January 2009, , Pages 3-15

https://doi.org/10.22042/isecure.2015.1.1.2

Abstract
  The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated ...  Read More

Stream ciphers and the eSTREAM project

V. Rijmen

Volume 2, Issue 1 , January 2010, , Pages 3-11

https://doi.org/10.22042/isecure.2015.2.1.2

Abstract
  Stream ciphers are an important class of symmetric cryptographic algorithms. The eSTREAM project contributed significantly to the recent increase of activity in this field. In this paper, we present a survey of the eSTREAM project. We also review recent time/memory/data and time/memory/key trade-offs ...  Read More

Computer security in the future

M. Bishop

Volume 3, Issue 1 , January 2011, , Pages 3-27

https://doi.org/10.22042/isecure.2015.3.1.2

Abstract
  Until recently, computer security was an obscure discipline that seemed to have little relevance to everyday life. With the rapid growth of the Internet, e-commerce, and the widespread use of computers, computer security touches almost all aspects of daily life and all parts of society. Even those who ...  Read More

Improving the Rao-Nam secret key cryptosystem using regular EDF-QC-LDPC codes

R. Hooshmand; T. Eghlidos; M. R. Aref

Volume 4, Issue 1 , January 2012, , Pages 3-14

https://doi.org/10.22042/isecure.2015.4.1.2

Abstract
  This paper proposes an efficient joint secret key encryption-channel coding cryptosystem, based on regular Extended Difference Family Quasi-Cyclic Low-Density Parity-Check codes. The key length of the proposed cryptosystem decreases up to 85 percent using a new efficient compression algorithm. Cryptanalytic ...  Read More

A traceable optimistic fair exchange protocol in the standard model

R. Ganjavi; M. Rajabzadeh Asaar; M. Salmasizadeh

Volume 7, Issue 1 , January 2015, , Pages 3-14

https://doi.org/10.22042/isecure.2015.7.1.2

Abstract
  An Optimistic Fair Exchange (OFE) protocol is a good way for two parties to exchange their digital items in a fair way such that at the end of the protocol execution, both of them receive their items or none of them receive anything. In an OFE protocol there is a semi-trusted third party, named arbitrator, ...  Read More

A short introduction to two approaches in formal verification of security protocols: model checking and theorem proving

M. Pourpouneh; R. Ramezanian

Volume 8, Issue 1 , January 2016, , Pages 3-24

https://doi.org/10.22042/isecure.2016.8.1.1

Abstract
  In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in ...  Read More

An efficient certificateless signcryption scheme in the standard model

P. Rastegari; M. Berenjkoub

Volume 9, Issue 1 , January 2017, , Pages 3-16

https://doi.org/10.22042/isecure.2017.70117.368

Abstract
  Certificateless public key cryptography (CL-PKC) is a useful method in order to solve the problems of traditional public key infrastructure (i.e., large amount of computation, storage and communication costs for managing certificates) and ID-based public key cryptography (i.e., key escrow problem), simultaneously. ...  Read More

Impossible Differential Cryptanalysis of Reduced-Round Midori64 Block Cipher (Extended Version)

A. Rezaei Shahmirzdi; A. Azimi; M. Salmasizadeh; J. Mohajeri; M. R. Aref

Volume 10, Issue 1 , January 2018, , Pages 3-13

https://doi.org/10.22042/isecure.2018.110672.399

Abstract
  Impossible differential attack is a well-known mean to examine robustness of block ciphers. Using impossible differential cryptanalysis, we analyze security of a family of lightweight block ciphers, named Midori, that are designed considering low energy consumption. Midori state size can be ...  Read More

A Trust Based Probabilistic Method for Efficient Correctness Verification in Database Outsourcing

Simin Ghasemi; Mohammad Ali Hadavi; Mina Niknafs

Volume 11, Issue 1 , January 2019, , Pages 3-14

https://doi.org/10.22042/isecure.2018.141655.426

Abstract
  Correctness verification of query results is a significant challenge in database outsourcing. Most of the proposed approaches impose high overhead, which makes them impractical in real scenarios. Probabilistic approaches are proposed in order to reduce the computation overhead pertaining to the verification ...  Read More

A Survey on Digital Data Hiding Schemes: Principals, Algorithms, and Applications

M. A. Akhaee; F. Marvasti

Volume 5, Issue 1 , January 2013, , Pages 5-36

https://doi.org/10.22042/isecure.2013.5.1.2

Abstract
  This paper investigates digital data hiding schemes. The concept of information hiding will be explained at first, and its traits, requirements, and applications will be described subsequently. In order to design a digital data hiding system, one should first become familiar with the concepts and criteria ...  Read More

Investigation of Some Attacks on GAGE (v1), InGAGE (v1), (v1.03), and CiliPadi (v1) Variants

Majid Mahmoudzadeh Niknam; Sadegh Sadeghi; Mohammad Reza Aref; Nasour Bagheri

Volume 12, Issue 1 , January 2020, , Pages 13-23

https://doi.org/10.22042/isecure.2020.199099.480

Abstract
  In this paper, we present some attacks on GAGE, InGAGE, and CiliPadi which are candidates of the first round of the NIST-LWC competition. GAGE and InGAGE are lightweight sponge based hash function and Authenticated Encryption with Associated Data (AEAD), respectively and support different sets of parameters. ...  Read More

SANT: Static Analysis of Native Threads for Security Vetting of Android Applications

Seyed Behnam Andarzian; Behrouz Tork Ladani

Volume 14, Issue 1 , January 2022, , Pages 13-25

Abstract
  Most of the current research on static analysis of Android applications for security vetting either work on Java source code or the Dalvik bytecode. Nevertheless, Android allows developers to use C or C++ code in their programs that is compiled into various binary architectures. Moreover, Java and the ...  Read More

Evict+Time Attack on Intel CPUs without Explicit Knowledge of Address Offsets

Vahid Meraji; Hadi Soleimany

Volume 13, Issue 1 , January 2021, , Pages 19-27

https://doi.org/10.22042/isecure.2020.209945.500

Abstract
  Numerous studies have been conducted to present new attacks using the time difference between the processor access to main memory and cache memory. Access-driven attacks are a series of cache-based attacks using fewer measurement samples to extract sensitive key values due to the ability of the attacker ...  Read More

A Machine Learning Approach for Detecting and Categorizing Sensitive Methods in Android Malware

Hayyan Salman Hasan; Hasan Muhammad Deeb; Behrouz Tork Ladani

Volume 15, Issue 1 , January 2023, , Pages 59-71

https://doi.org/10.22042/isecure.2022.321436.741

Abstract
  Sensitive methods are those that are commonly used by Android malware to perform malicious behavior. These methods may be either evasion or malicious payload methods. Although there are several approaches to handle these methods for performing effective dynamic malware analysis, but generally most of ...  Read More

Authorization models for secure information sharing: a survey and research agenda

F. Salim; J. Reid; E. Dawson

Volume 2, Issue 2 , July 2010, , Pages 69-87

https://doi.org/10.22042/isecure.2015.2.2.2

Abstract
  This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency ...  Read More

Constructing cryptographic definitions

P. Rogaway

Volume 3, Issue 2 , July 2011, , Pages 69-76

https://doi.org/10.22042/isecure.2015.3.2.2

Abstract
  This paper mirrors an invited talk to ISCISC 2011. It is not a conventional paper so much as an essay summarizing thoughts on a little-talked-about subject. My goal is to intermix some introspection about definitions with examples of them, these examples drawn mostly from cryptography. Underpinning our ...  Read More

Moving dispersion method for statistical anomaly detection in intrusion detection systems

J. Dj. Golic'

Volume 1, Issue 2 , July 2009, , Pages 71-90

https://doi.org/10.22042/isecure.2015.1.2.2

Abstract
  A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. ...  Read More