ORIGINAL_ARTICLE
A Graph-based Online Feature Selection to Improve Detection of New Attacks
Today, intrusion detection systems are used in the networks as one of the essential methods to detect new attacks. Usually, these systems deal with a broad set of data and many features. Therefore, selecting proper features and benefitting from previously learned knowledge is suitable for efficiently detecting new attacks. A new graph-based method for online feature selection is proposed in this article to increase the accuracy in detecting attacks. In the proposed method, irrelevant features are first removed by inputting a limited number of instances. Then, features are clustered based on graph theory to reduce the search space. After the arrival of new instances at each stage, new clusters of features are created that may differ from the clusters created in the previous step. Therefore, to find the appropriate clusters, these two clusters are combined to select some relevant features with minimum redundancy. The evaluation results show that the proposed method has better performance, for instance classification with a lesser run time than similar online feature selection methods. The proposed method is also faster with a suitable accuracy in instances classification compared to some offline methods.
https://www.isecure-journal.com/article_143026_3cad6d0ec938e1002cb466db57bf8d33.pdf
2022-07-01
115
130
10.22042/isecure.2022.14.2.1
Classification
Clustering
Ensemble Clustering
Intrusion Detection System
Online Feature Selection
Hajar
Dastanpour
dastanpoor_h@yahoo.com
1
Isfahan University of Technology, Isfahan, Iran
AUTHOR
Ali
Fanian
a.fanian@cc.iut.ac.ir
2
Department of Electrical and Computer Engineering, Isfahan University of Technology, Isfahan, Iran.
LEAD_AUTHOR
[1] J.McHugh, A.Christie, J.Allen, “Defending yourself: The role of intrusion detection systems”, IEEE software, vol. 17, no. 5, pp. 42-51, 2000.
1
[2] S.Aljawarneh, M.Aldwairi, M.Yassein, “Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model”, Journal of Computational Science, vol. 25, pp. 152-160, 2018.
2
[3] B. Morin and M. Ludovic, “Intrusion detection and virology: an analysis of differences, similarities and complementariness”, Journal in Computational Virology, vol. 3, no. 1, pp. 39–49, 2007.
3
[4] J. Davis and A. Clark, “Data preprocessing for anomaly-based network intrusion detection: A review”,Computers Security, vol. 30, no. 6, pp.353-357, 2011.
4
[5] “High-Speed Security Log Analytics Using Hybrid Outlier Detection”. Doctoral thesis, Universit¨at Potsdam, 2019.
5
[6] P. Garcia-Teodoro, J. Diaz-Verdejo, G. MaciaFernandez, E. Vazquez, “Anomaly-based network intrusion detection: techniques, systems and challenges”, Computer Security, vol. 28, no.1, pp. 18–28, 2009.
6
[7] H. Liao, C. Lin, Y. Lin, K. Tung, “Intrusion detection system: a comprehensive review”, Journal of Network and Computer Applications, vol.36, no. 1, pp. 16-24, 2013.
7
[8] A. Patcha, J. Park, “An overview of anomaly detection techniques: Existing solutions and latest technological trends”, Computer Networks, vol.51, no. 12, pp. 3448–3470, 2007.
8
[9] Kunal and M. Dua, “Machine Learning Approach to IDS: A Comprehensive Review,” 3rd International conference on Electronics, Communication and Aerospace Technology (ICECA), Coimbatore, India, pp. 117-121, 2019.
9
[10] A.Verma, V.Ranga, “Machine Learning Based Intrusion Detection Systems for IoT Applications”. Wireless Personal Communications, pp.2287–2310, 2020.
10
[11] A. Amouri, V. T. Alaparthy, and S. D. Morgera, “A Machine Learning Based Intrusion Detection System for Mobile Internet of Things”, Sensors(Basel), vol.20, no. 2, 2020.
11
[12] H. Bhuyan, Monowar, K.Dhruba Bhattacharyya, and K. Jugal Kalita. “Survey on incremental approaches for network anomaly detection”, International Journal of Communication Networks and Information Security (IJCNIS), vol. 3, no.
12
3, December 2011.
13
[13] T. Chou, K. Yen, J. Luo, “Network intrusion detection design using feature selection of soft computing paradigms”,International Journal of Computational Intelligence, vol. 4, no. 3, pp.196–208, 2008.
14
[14] L. Ladha, T. Deepa, “Feature Selection Method and Algorithms”, International Journal on Computer Science and Engineering, vol.3, no. 5, pp.178-179, 2011.
15
[15] I. Guyon and A. Elisseeff, “An introduction to variable and feature selection”, Journal of Machine Learning Research, vol. 3, pp. 1157–1182,2003.
16
[16] J. Wang, P. Zhao, C. Hoi, and R. Jin, “Online feature selection and its applications”, IEEE Transactions on Knowledge and Data Engineering, pp.1–14, 2013.
17
[17] U. Xindong, K. Yu, W. Ding, W. Hao, Z.Xingquan, “Online feature selection with streaming features”, IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 35, no.5, pp. 1178-1192, 2013.
18
[18] R. Collins, Y. Liu, M. Leordeanu, “Online selection of discriminative tracking features”, IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 27, no. 10, pp. 1631-1643,2005.
19
[19] K. Glocer, J. Theiler, “Online feature selection for pixel classification”, in Proceedings of the 22nd international conference on Machine learning, pp. 249–256, 2005.
20
[20] F. Amiri, M. Yousefi Rezaei, C. Lucas and A.Shakery, “Mutual information-based feature selection for intrusion detection systems”, Journal of Network and Computer Applications, vol. 34,no. 4, pp. 1184-1199, 2011.
21
[21] L. Yu, H. Liu, “Feature selection for highdimensional data: A fast correlation-based filter solution”, Proceedings of the Twentieth International Conference on Machine Learning (ICML),vol. 3, pp. 856-863, 2003.
22
[22] H. Mark, “Correlation-based Feature Selection for Machine Learning”, Ph.D. Thesis, 1999.
23
[23] Z. Zhang and E. Hancock,”A graph-based approach to feature selection”, Springer Berlin Heidelberg, pp. 205-214, 2011.
24
[24] P. Moradi and M. Rostami, “A graph theoretic approach for unsupervised feature selection””,
25
Journal of Engineering Applications of Artificial Intelligence, vol. 44, pp. 33-45, 2015.
26
[25] F. Zhang, D. Wang, “An effective feature selection approach for network intrusion detection”, IEEE Eighth International Conference on Networking, pp. 307-311, 2013.
27
[26] G. Stein, H. Wu, “Decision Tree Classifier for Network Intrusion Detection with GA-based Feature Selection”, Proceeding of the 43rd annual Southeast regional conference, pp. 136-141, 2000.
28
[27] I. Guyon and A. Elisseeff, “An introduction to variable and feature selection”, The Journal of Machine Learning Research, vol. 3, pp. 1157-1182, 2003.
29
[28] D. Zhang, S. Chen, Z. Zhou, “Constraint score: A new filter”, Pattern Recognition, vol. 41, no.5, pp. 1440–1451, 2008.
30
[29] Z. Zhao and H. Liu, “Semi-supervised feature selection via spectral analysis”, Proceedings of the 2007 SIAM International Conference on Data Mining (SDM), 2007.
31
[30] Z. Xu and R. Jin, “Discriminative semi supervised feature selection via manifold regularization”, IEEE Transactions on Neural Networks, vol. 21, no. 7, pp. 1033–1047, 2010.
32
[31] M.Javadi, S.Eskandari, “Online streaming feature selection: a minimum redundancy, maximum significance approach”, Pattern Analysis and Applications, vol.22, no. 3, pp.949-963, 2019.
33
[32] S. Perkins and J. Theiler, “Online Feature Selection Using Grafting”, Proceedings of the 20thInternational Conference on Machine Learning, pp.592-599, 2003.
34
[33] J. Zhou, D. Foster, R. Stine, and R. Ungar, “Streaming Feature Selection Using AlphaInvesting”, Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining, pp. 384 -393, 2005.
35
[34] U. Xindong, K. Yu, W. Ding, W. Hao, Z.Xingquan, “Online feature selection with streaming features”, IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 35, no.5, pp. 1178-1192, 2013.
36
[35] Y. Kui, W. Xindong, W. Wei, and P. Jian, “Towards Scalable and Accurate Online Feature Selection for Big Data”, IEEE International Conference on data mining, pp. 660-669, 2014.
37
[36] H. Grabner, H. Bischof, “Online boosting and vision”, Computer Vision and Pattern Recognition, IEEE Computer Society, vol. 1, 2006.
38
[37] J. Wang, P. Zhao, C. Hoi, and R. Jin, “Online feature selection and its applications”, IEEE Transactions on Knowledge and Data Engineering, pp.1–14, 2013.
39
[38] H. Zheng and H. Zhang, “Online Feature Selection Based on Passive-Aggressive Algorithm with Retaining Features”, Web Technologies and Applications, Springer International Publishing, pp. 707-719, 2015.
40
[39] Z.Cataltepe, U.Ekmekci, T.Cataltepe, and I.Kelebek. “Online feature selected semisupervised decision trees for network intrusion detection.” In NOMS 2016-2016 IEEE/IFIP Network Operations and Management Symposium, pp. 1085-1088, 2016.
41
[40] B.Atli, and A.Jung, “Online feature ranking for intrusion detection systems”, arXiv preprint arXiv:1803.00530, 2018.
42
[41] M. Hinkka, T. Lehto, K. Heljanko and A. Jung, “Structural feature selection for event logs”, in Business Process Management Workshops. BPM 2017, 2017.
43
[42] X. Rui and W. Donald, “Survey of clustering algorithms”, IEEE Transactions on Neural Networks, vol. 16, no. 3, pp. 645-678, 2005.
44
[43] J. Han, M. Kamber, “Data Mining: Concepts and Techniques (3rd ed.)”, San Francuisco, CA, USA: Morgan Kaufmann Publisher Inc., 2011.
45
[44] C. Zhong, M. Duoqian and W. Ruizhi, “A graph-theoretical clustering method based on two rounds of minimum spanning trees”, Pattern Recognition, vol. 43, no. 3, pp. 752-766, 2010.
46
[45] R. Ghaemi, M. Sulaiman, N. Ibrahim, “A survey: clustering ensembles techniques”, World Academy of Science, Engineering and Technology, vol. 50, pp. 636-645, 2009.
47
[46] S. Mimaroglu, E. Erdil, “An efficient and scalable family of algorithms for combining clustering”, Engineering Applications of Artificial Intelligence, vol. 26, no. 10, pp. 2525-2539,2013.
48
[47] BRAZIL, http://www.cl.cam.ac.uk/.
49
[48] M. Hosseinzadeh Aghdam and P. Kabiri, “Feature Selection for Intrusion Detection System Using Ant Colony Optimization”, International Journal of Network Security, vol. 18, no. 3, pp.420-432, 2016.
50
[49] O. Al-Jarrah and A. Elsalamouny, “MachineLearning-Based Feature Selection Techniques for Large-Scale Network Intrusion Detection”, IEEE 34th International Conference on Distributed Computing Systems Workshops (ICDCSW), 2014.
51
ORIGINAL_ARTICLE
Bypassing Web Application Firewalls Using Deep Reinforcement Learning
Web application firewalls (WAFs) are used for protecting web applications from attacks such as SQL injection, cross-site request forgery, and cross-site scripting. As a result of the growing complexity of web attacks, WAFs need to be tested and updated on a regular basis. There are various tools and techniques to verify the correct performance of WAFs but most of them are manual or use brute-force attacks, so suffer from poor efficacy. In this work, we propose a solution based on Reinforcement Learning (RL) to discover malicious payloads, which can bypass WAFs. We provide an RL framework with an environment compatible with OpenAI gym toolset standards. This environment is employed for training agents to implement WAF circumvention tasks. The agent mutates a malicious payload syntax using a set of modification operators as actions, without changes to its semantic. Then, upon WAF's reaction to the payload, the environment ascertains a reward for the agent. Eventually, based on the rewards, the agent learns a suitable sequence of mutations for any malicious payload. The payloads, which bypass the WAF can determine rules defects, which can be further used in rule tuning for rule-based WAFs. Also, it can enrich the machine learning-based datasets for retraining. We use Q-learning, advantage actor-critic (A2C), and proximal policy optimization (PPO) algorithms with the deep neural network. Our solution is successful in evading signature-based and machine learning-based WAFs. While we focus on SQL injection in this work, the method can be simply extended to use for any string-based injection attacks.
https://www.isecure-journal.com/article_148227_81815277f7b0dd99a9ba4a178adcf647.pdf
2022-07-01
131
145
10.22042/isecure.2022.323140.744
Adversarial Machine Learning
Reinforcement Learning
Sql Injection
Web Application Firewall (WAF)
Mojtaba
Hemmati
hemmatii@gmail.com
1
Faculty of Electrical and Computer Engineering
Malek-Ashtar University of Technology, Iran
AUTHOR
Mohammad Ali
Hadavi
hadavi@mut.ac.ir
2
Faculty of Electrical and Computer Engineering, Malek-Ashtar University of Technology, Iran
LEAD_AUTHOR
[1] Web application firewall. https://owasp.org/www-community/Web_Application_Firewall. Accessed: 2021-12-24.
1
[2] Ali Moradi Vartouni, Mohammad Teshnehlab, and Saeed Sedighian Kashi. Leveraging deep neural networks for anomaly-based web application firewall. IET Information Security, 13(4):352–361, 2019.
2
[3] Mojtaba Hemmati and Mohammad Ali Hadavi. Using deep reinforcement learning to evade web application firewalls. In 2021 18th International ISC Conference on Information Security and Cryptology (ISCISC), pages 35–41. IEEE, 2021.
3
[4] Ling Huang, Anthony D Joseph, Blaine Nelson, Benjamin IP Rubinstein, and J Doug Tygar. Adversarial machine learning. In Proceedings of the 4th ACM workshop on Security and artificial intelligence, pages 43–58, 2011.
4
[5] Guillermo Caminero, Manuel Lopez-Martin, and Belen Carro. Adversarial environment reinforcement learning algorithm for intrusion detection. Computer Networks, 159:96–109, 2019.
5
[6] Bhagyashree Deokar and Ambarish Hazarnis. Intrusion detection system using log files and reinforcement learning. International Journal of Computer Applications, 45(19):28–35, 2012.
6
[7] Di Wu, Binxing Fang, Junnan Wang, Qixu Liu, and Xiang Cui. Evading machine learning botnet detection models via deep reinforcement learning. In ICC 2019-2019 IEEE International Conference on Communications (ICC), pages 1–6. IEEE, 2019.
7
[8] Hyrum S Anderson, Anant Kharkar, Bobby Filar, David Evans, and Phil Roth. Learning to evade static pe machine learning malware models via reinforcement learning. arXiv preprint arXiv:1801.08917, 2018.
8
[9] Zhiyang Fang, Junfeng Wang, Boya Li, Siqi Wu, Yingjie Zhou, and Haiying Huang. Evading antimalware engines with deep reinforcement learning. IEEE Access, 7:48867–48879, 2019.
9
[10] Konstantin Pozdniakov, Eduardo Alonso, Vladimir Stankovic, Kimberly Tam, and Kevin Jones. Smart security audit: reinforcement learning with a deep neural network approximator. In 2020 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), pages 1–8. IEEE, 2020.
10
[11] Fabio Massimo Zennaro and Laszlo Erdodi. Modeling penetration testing with reinforcement learning using capture-the-flag challenges: tradeoffs between model-free learning and a priori knowledge. arXiv preprint arXiv:2005.12632, 2020.
11
[12] Mohamed C Ghanem and Thomas M Chen. Reinforcement learning for efficient network penetration testing. Information, 11(1):6, 2019.
12
[13] L´aszl´o Erd˝odi, ˚Avald ˚Aslaugson Sommervoll, and Fabio Massimo Zennaro. Simulating sql injection vulnerability exploitation using q-learning reinforcement learning agents. Journal of Information Security and Applications, 61:102903, 2021.
13
[14] Luca Demetrio, Andrea Valenza, Gabriele Costa, and Giovanni Lagorio. Waf-a-mole: evading web application firewalls through adversarial machine learning. In Proceedings of the 35th Annual ACM Symposium on Applied Computing, pages 1745– 1752, 2020.
14
[15] Dennis Appelt, Cu D Nguyen, Annibale Panichella, and Lionel C Briand. A machinelearning-driven evolutionary approach for testing web application firewalls. IEEE Transactions on Reliability, 67(3):733–757, 2018.
15
[16] H. Hu X. Wang. Evading web application firewalls with reinforcement learning. https://openreview.net/pdf?id=m5AntlhJ7Z5. Accessed: 2021-12-24.
16
[17] Dennis Appelt, Cu D Nguyen, and Lionel Briand. Behind an application firewall, are we safe from sql injection attacks? In 2015 IEEE 8th international conference on software testing, verification and validation (ICST), pages 1–10. IEEE, 2015.
17
[18] Gym-waf. https://github.com/ sanebow/gymwaf. Accessed: 2021-12-24.
18
[19] Libinjection. https://github.com/ client9/libinjection. Accessed: 2021-12-24.
19
[20] Modsecurity-nginx. https://github.com/ SpiderLabs/ModSecurity-nginx. Accessed: 2021-12-24.
20
[21] Coreruleset. https://github.com/ coreruleset/coreruleset. Accessed: 2021-12-24.
21
[22] A03:2021 – injection. https://owasp.org/ Top10/A03_2021-Injection/. Accessed: 2021-12-24.
22
[23] P Bojanowski. Grave e joulin a mikolov t. Enriching word vectors with subword information TACL, 5:135–146, 2017.
23
[24] Naxsi. https://github.com/nbs-system/ naxsi. Accessed: 2021-12-24.
24
[25] Kevin Boone. Utf-8 and the problem of over-long characters. https://kevinboone.me/
25
overlong.html?i=1. Accessed: 2021-12-24.
26
[26] Richard S Sutton and Andrew G Barto. Reinformcent learning: An introduction, 1998.
27
[27] Volodymyr Mnih, Koray Kavukcuoglu, David Silver, Andrei A Rusu, Joel Veness, Marc G Bellemare, Alex Graves, Martin Riedmiller, Andreas K Fidjeland, Georg Ostrovski, et al. Human-level control through deep reinforcement learning. nature, 518(7540):529–533, 2015.
28
[28] Hado Van Hasselt, Arthur Guez, and David Silver. Deep reinforcement learning with double qlearning. In Proceedings of the AAAI conference on artificial intelligence, volume 30, 2016.
29
[29] Tom Schaul, John Quan, Ioannis Antonoglou, and David Silver. Prioritized experience replay. arXiv preprint arXiv:1511.05952, 2015.
30
[30] Volodymyr Mnih, Adria Puigdomenech Badia, Mehdi Mirza, Alex Graves, Timothy Lillicrap, Tim Harley, David Silver, and Koray Kavukcuoglu. Asynchronous methods for deep reinforcement learning. In International conference on machine learning, pages 1928–1937.PMLR, 2016.
31
[31] John Schulman, Filip Wolski, Prafulla Dhariwal, Alec Radford, and Oleg Klimov. Proximal policy optimization algorithms. arXiv preprint arXiv:1707.06347, 2017.
32
[32] Or Rivlin. Reinforcement learning with exploration by random network distillation. https://towardsdatascience.com/ reinforcementlearning-with-exploration-by-randomnetwork-distillation-a3e412004402. Accessed: 2021-12-24.
33
[33] Yuri Burda, Harrison Edwards, Amos Storkey, and Oleg Klimov. Exploration by random network distillation. arXiv preprint
34
arXiv:1810.12894, 2018.
35
[34] nxutil. https://github.com/prajal/nxutil. Accessed: 2021-12-24.
36
[35] Waf-brain. https://github.com/BBVA/wafbrain. Accessed: 2021-12-24.
37
[36] Xavier Glorot, Antoine Bordes, and Yoshua Bengio. Deep sparse rectifier neural networks. In Proceedings of the fourteenth international conference on artificial intelligence and statistics, pages 315–323. JMLR Workshop and Conference
38
Proceedings, 2011.
39
[37] Diederik P Kingma and Jimmy Ba. Adam: A method for stochastic optimization. arXiv preprint arXiv:1412.6980, 2014.
40
[38] Lihong Li. A perspective on off-policy evaluation in reinforcement learning. Frontiers of Computer Science, 13(5):911–912, 2019.
41
ORIGINAL_ARTICLE
Perfect Recovery of Small Tampers Using a Novel Fragile Watermarking Technique Based on Distributed Hamming Code
Fragile watermarking is a technique of authenticating the originality of the media (e.g., image). Although the watermark is destroyed with any small modification (tamper), it may be used to recover the original image. There is no method yet, based on our knowledge, to guarantee the perfect recovery of small tampers. Although data-bits are embedded in Least Significant Bits of some other pixel(s), a tamper may destroy both data and authentication sets which makes recovery impossible. In this paper, a novel fragile watermarking scheme is proposed for both tamper detection and tampered image recovery. Here, all bits are reorganized in virtual pixels distributed in the image called as Distributed Pixels (DP). Distance of each pair of bits in a DP is sufficiently large. This is why; tampers smaller than a threshold, cannot destroy more than one bit of a DP. Hamming code guarantees that changing at most one bit can be perfectly detected and recovered. Then, Hamming (7,4) is extended to (8,5) to support embedding in eight-bits pixels. According to the experimental results, the proposed method could perfectly detect and recover the tampered parts not greater than a quarter of image in diameter. It also achieved acceptable performance in other conditions, compared to state-of-the-art methods.
https://www.isecure-journal.com/article_143585_f253db0ac7911284ad649c93927d7e8d.pdf
2022-07-01
147
156
10.22042/isecure.2022.284952.670
Authentication Code
Fragile Watermarking
Hamming Code
Tamper Detection and Recovery
Faeze
Rasouli
f.rasouli@shirazu.ac.ir
1
Computer Sci. & Eng. & I.T. Dept., Shiraz University, Shiraz, Iran
AUTHOR
Mohammad
Taheri
motaheri@shirazu.ac.ir
2
Computer Sci. & Eng. & I.T. Dept., Shiraz University, Shiraz, Iran
LEAD_AUTHOR
[1] Satendra Pal Singh and Gaurav Bhatnagar. A new robust watermarking system in integer dct domain. Journal of Visual Communication and Image Representation, 53:86–101, 2018.
1
[2] Xiaobing Kang, Yajun Chen, Fan Zhao, and Guangfeng Lin. Multi-dimensional particle swarm optimization for robust blind image watermarking using intertwining logistic map and hybrid domain. Soft Computing, 24(14):10561–10584, 2020.
2
[3] Phen Lan Lin, Chung-Kai Hsieh, and Po-Whei Huang. A hierarchical digital watermarking method for image tamper detection and recovery. Pattern recognition, 38(12):2519–2529, 2005.
3
[4] Tien-You Lee and Shinfeng D Lin. Dual watermark for image tamper detection and recovery. Pattern recognition, 41(11):3497–3506, 2008.
4
[5] Dipabali Sarkar, Sarbani Palit, Sukalyan Som, and KN Dey. Large scale image tamper detection and restoration. Multimedia Tools & Applications, 79, 2020.
5
[6] Chi-Shiang Chan. An image authentication method by applying hamming code on rearranged bits. Pattern Recognition Letters, 32(14):1679–1690, 2011.
6
[7] Chi-Shiang Chan and Chin-Chen Chang. An efficient image authentication method based on hamming code. Pattern Recognition, 40(2):681–690, 2007.
7
[8] Surya Bhagavan Chaluvadi and Munaga VNK Prasad. Efficient image tamper detection and recovery technique using dual watermark. In 2009 World Congress on Nature & Biologically Inspired Computing (NaBIC), pages 993–998. IEEE, 2009.
8
[9] Faranak Tohidi and Manoranjan Paul. A new image watermarking scheme for efficient tamper detection, localization and recovery. In 2019 IEEE International Conference on Multimedia & Expo Workshops (ICMEW), pages 19–24. IEEE, 2019.
9
[10] Irshad Ahmad Ansari, Millie Pant, and Chang Wook Ahn. Svd based fragile watermarking scheme for tamper localization and self-recovery. International Journal of Machine Learning and Cybernetics, 7(6):1225–1239, 2016.
10
[11] Durgesh Singh and Sanjay K Singh. Dct based efficient fragile watermarking scheme for image authentication and restoration. Multimedia Tools and Applications, 76(1):953–977, 2017.
11
[12] Behrouz Bolourian Haghighi, Amir Hossein Taherinia, and Amir Hossein Mohajerzadeh. Trlg: Fragile blind quad watermarking for image tamper detection and recovery by providing compac digests with optimized quality using lwt and ga. Information Sciences, 486:204–230, 2019.
12
[13] Navid Daneshmandpour, Habibollah Danyali, and Mohammad Sadegh Helfroush. Image tamper detection and multi-scale self-recovery using reference embedding with multi-rate data protection. China Communications, 16(11):154–166, 2019.
13
[14] Vishal Rajput and Irshad Ahmad Ansari. Image tamper detection and self-recovery using multiple
14
median watermarking. Multimedia Tools and Applications, 79(47):35519–35535, 2020.
15
[15] Assem Abdelhakim, Hassan I Saleh, and Mai Abdelhakim. Fragile watermarking for image tamper detection and localization with effective recovery capability using k-means clustering. Multimedia Tools and Applications, 78(22):32523–32563, 2019.
16
[16] Omer Hemida and Hongjie He. A self-recovery watermarking scheme based on block truncation
17
coding and quantum chaos map. Multimedia Tools & Applications, 79, 2020.
18
[17] Imran Sikder, Pranab Kumar Dhar, and Tetsuya Shimamura. A semi-fragile watermarking method using slant transform and lu decomposition for image authentication. In 2017 International Conference on Electrical, Computer and Communication Engineering (ECCE), pages 881–885. IEEE, 2017.
19
[18] Richard W Hamming. Error detecting and error correcting codes. The Bell system technical journal, 29(2):147–160, 1950.
20
[19] Zhou Wang, Eero P Simoncelli, and Alan C Bovik. Multiscale structural similarity for image quality assessment. In The Thrity-Seventh Asilomar Conference on Signals, Systems & Computers, 2003, volume 2, pages 1398–1402. Ieee, 2003.
21
ORIGINAL_ARTICLE
Revisiting the Security and Efficiency of SP2DAS, 3PDA, and EPPA Smart Grid Security Protocols
This paper analyses the security and efficiency of some notable privacy preserving data aggregation schemes, SP2DAS, 3PDA, and EPPA. For SP2DAS and 3PDA schemes, We show that despite the designers’ claims, there are efficient forgery attacks on the signature scheme used. We present aselective forgery attack on the signature scheme of SP2DAS in the key-only attack model and a selective forgery attack on the 3PDA’s signature scheme in the known-message attack model,requiring only two pairs of message-signature. These attacks enable the attacker to inject any arbitrary faulty data into the data aggregated by the network, without being detected, which is a serious threat to the performance of the whole network. We also present an improved version of the broadcast encryption scheme used in EPPA scheme, in which the decryption key is half, the decryption complexity is half, and the ciphertext size is 3=4 of the original one. The semantic security of the proposed scheme is proved under the same assumption as the original scheme.
https://www.isecure-journal.com/article_143030_2dd63f38097bf581a1c174d28f7415c4.pdf
2022-07-01
157
165
10.22042/isecure.2022.275064.645
smart grid
Privacy
data aggregation
Digital Signature
Forgery Attack
Hamid
Amiryousefi
h.a.yousefi70@gmail.com
1
Department of Electrical Engineering, Shahid Beheshti University, Tehran, Iran.
AUTHOR
Zahra
Ahmadian
zahraahmadian@yahoo.com
2
Department of Electrical Engineering, Shahid Beheshti University, Tehran, Iran.
LEAD_AUTHOR
[1] Rongxing Lu. Differentially private data aggregation with fault tolerance. In Privacy-Enhancing Aggregation Techniques for Smart Grid Communications, pages 129–151. Springer, 2016.
1
[2] Gergely Acs and Claude Castelluccia. I have a ´dream!(differentially private smart metering). In International Workshop on Information Hiding, pages 118–132. Springer, 2011.
2
[3] Rongxing Lu, Xiaohui Liang, Xu Li, Xiaodong Lin, and Xuemin Shen. Eppa: An efficient and privacy-preserving aggregation scheme for secure smart grid communications. IEEE Transactions on Parallel and Distributed Systems, 23(9):1621–1631, 2012.
3
[4] Fabian Knirsch, G¨unther Eibl, and Dominik Engel. Error-resilient masking approaches for privacy preserving data aggregation. IEEE Transactions on Smart Grid, 9(4):3351–3361, 2016.
4
[5] Asmaa Abdallah and Xuemin Sherman Shen. A lightweight lattice-based homomorphic privacypreserving data aggregation scheme for smart grid. IEEE Transactions on Smart Grid, 9(1):396–405, 2016.
5
[6] Erfaneh Vahedi, Majid Bayat, Mohammad Reza Pakravan, and Mohammad Reza Aref. A secure ecc-based privacy preserving data aggregation scheme for smart grids. Computer Networks, 129:28–36, 2017.
6
[7] Chun-I Fan, Shi-Yuan Huang, and Yih-Loong Lai. Privacy-enhanced data aggregation scheme against internal attackers in smart grid. IEEE Transactions on Industrial informatics, 10(1):666–675, 2014.
7
[8] Xuefeng Liu, Yuqing Zhang, Boyang Wang, and Huaqun Wang. An anonymous data aggregation scheme for smart grid systems. Security and communication networks, 7(3):602–610, 2014.
8
[9] Jianhong Zhang, Liying Liu, Yuanbo Cui, and Zhipeng Chen. Sp2das: self-certified pkc-based privacy-preserving data aggregation scheme in smart grid. International Journal of Distributed Sensor Networks, 9(1):457325, 2013.
9
[10] Zhiyuan Sui and Hermann de Meer. Bap: a batch and auditable privacy preservation scheme for demand response in smart grids. IEEE Transactions on Industrial Informatics, 16(2):842–853, 2019.
10
[11] Shaohua Li, Kaiping Xue, David SL Wei, Hao Yue, Nenghai Yu, and Peilin Hong. Secgrid: A secure and efficient sgx-enabled smart grid system with rich functionalities. IEEE Transactions on Information Forensics and Security, 15:1318–
11
1330, 2019.
12
[12] Xiangjian Zuo, Lixiang Li, Haipeng Peng,
13
Shoushan Luo, and Yixian Yang. Privacypreserving multidimensional data aggregation scheme without trusted authority in smart grid. IEEE Systems Journal, 15(1):395–406, 2020.
14
[13] Jiawei Qian, Zhenfu Cao, Xiaolei Dong, Jiachen Shen, Zhusen Liu, and Yunxiu Ye. Two secure and efficient lightweight data aggregation schemes for smart grid. IEEE Transactions on Smart Grid, 12(3):2625–2637, 2020.
15
[14] Yong Ding, Bingyao Wang, Yujue Wang, Kun Zhang, and Huiyong Wang. Secure metering data aggregation with batch verification in industrial smart grid. IEEE Transactions on Industrial Informatics, 16(10):6607–6616, 2020.
16
[15] Zhiyuan Sui and Hermann de Meer. An efficient signcryption protocol for hop-by-hop data aggregations in smart grids. IEEE Journal on Selected Areas in Communications, 38(1):132–140, 2019.
17
[16] Weifeng Lu, Zhihao Ren, Jia Xu, and Siguang Chen. Edge blockchain assisted lightweight privacy-preserving data aggregation for smart grid. IEEE Transactions on Network and Service Management, 18(2):1246–1259, 2021.
18
[17] Yining Liu, Wei Guo, Chun-I Fan, Liang Chang, and Chi Cheng. A practical privacy-preserving data aggregation (3pda) scheme for smart grid. IEEE Transactions on Industrial Informatics, 15(3):1767–1774, 2019.
19
[18] Jan Camenisch, Susan Hohenberger, and Michael Østergaard Pedersen. Batch verification of short signatures. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 246–263. Springer,
20
[19] Hamid Amiryousefi and Zahra Ahmadian. Cryptanalysis of sp 2 das and 3pda, two data aggregation schemes for smart grid. In 2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), pages 45–48. IEEE, 2019.
21
[20] Anna Lysyanskaya, Ronald L Rivest, Amit Sahai, and Stefan Wolf. Pseudonym systems. In International Workshop on Selected Areas in Cryptography, pages 184–199. Springer, 1999.
22
ORIGINAL_ARTICLE
Secure and Imperceptible Image Steganography in Discrete Wavelet Transform Using the XOR Logical Function and Genetic Algorithm
A steganography system must embed the message in an unseen and unrecognizable manner in the cover signal. Embedding information in transform coefficients, especially Discrete Wavelet Transform (DWT), is one of the most successful approaches in this field. The proposed method in this paper has two main steps. In the first step, the XOR logical function was used to embed two bits of data in the adjacent DWT coefficient pair. No change in the coefficients will occur if the XOR result of the two bits of low-value data of the two adjacent coefficients is identical to the two bits of secret data. Otherwise, one or both of the coefficient(s) will need a one-unit increase or decrease. In the second step, the genetic algorithm was used to select, between the two possible solutions, a new value for the adjacent coefficient pair that needs to be changed. Using the genetic algorithm, the selections were made such that the generated stego image experienced the least change relative to the cover image. The results of comparing this method with the existing methods in low- and high-level embedding showed that the proposed method was successful in producing stego images with high-quality criteria. In addition, the SPAM steganalysis method did not show high accuracy in its detection. One of the benefits of the proposed method is the need for a short key to embed and extract the secret message. This issue increases the security and feasibility of the proposed method.
https://www.isecure-journal.com/article_144759_fec49b3d8373c327a65ec124567262a2.pdf
2022-07-01
167
179
10.22042/isecure.2022.274305.641
Digital Steganography
Steganalysis
Discrete Wavelet transform
Genetic Algorithm
Vajiheh
Sabeti
vajiheh.sabeti@gmail.com
1
Department of Computer Engineering, Faculty of Engineering, Alzahra University, Tehran, Iran.
LEAD_AUTHOR
Mahsa
Amerehei
mahsa.amerehei@gmail.com
2
Department of Computer Engineering, Faculty of Engineering, Alzahra University, Tehran, Iran.
AUTHOR
[1] Inas Jawad Kadhim, Prashan Premaratne, Peter James Vial, and Brendan Halloran. Comprehensive survey of image steganography: Techniques, evaluations, and trends in future research. Neurocomputing, 335:299–326, 2019.
1
[2] Abbas Cheddad, Joan Condell, Kevin Curran, and Paul Mc Kevitt. Digital image steganography: Survey and analysis of current methods. Signal processing, 90(3):727–752, 2010.
2
[3] Mehdi Hussain, Ainuddin Wahid Abdul Wahab, Yamani Idna Bin Idris, Anthony TS Ho, and KiHyun Jung. Image steganography in spatial domain: A survey. Signal Processing: Image Communication, 65:46–66, 2018.
3
[4] Eugene T Lin and Edward J Delp. A review of data hiding in digital images. In PICS, volume 299, pages 274–278, 1999.
4
[5] Gyan Singh Yadav and Aparajita Ojha. Hamiltonian path based image steganography scheme with improved imperceptibility and undetectability. Applied Soft Computing, 73:497–507, 2018.
5
[6] Gandharba Swain and Saroj Kumar Lenka. Classification of image steganography techniques in spatial domain: a study. Journal of Computer Science & Engineering Technology (IJCSET), 5(03):219–232, 2014.
6
[7] S Arunkumar, V Subramaniyaswamy, V Vijayakumar, Naveen Chilamkurti, and R Logesh. Svd-based robust image steganographic scheme using riwt and dct for secure transmission of medical images. Measurement, 139:426–437, 2019.
7
[8] Manashee Kalita and Themrichon Tuithung. A comparative study of steganography algorithms of spatial and transform domain. International Journal of Computer Applications, 975:8887, 2016.
8
[9] Katzenbeisser Stefan, Petitcolas Fabien AP, et al.Information hiding techniques for steganography and digital watermarking. 2000.
9
[10] Shiv K Sahu, Shachi Sahu, Vahid Nourani, Chief Advisory Board, Uma Shanker, Rama Shanker, Vinita Kumari, Kapil Kumar Bansal, Deepak Garg, Vijay Anant Athavale, et al.Untitled-international journal of engineering and advanced.
10
[11] St´ephane Mallat. A wavelet tour of signal processing. Elsevier, 1999.
11
[12] Ingrid Daubechies. Ten lectures on wavelets.SIAM, 1992.
12
[13] Aparna Vyas and Joonki Paik. Review of the application of wavelet theory to image processing. IEIE Transactions on Smart Processing and Computing, 5(6):403–417, 2016.
13
[14] Inas Jawad Kadhim, Prashan Premaratne, and Peter James Vial. High capacity adaptive image steganography with cover region selection using dual-tree complex wavelet transform. Cognitive Systems Research, 60:20–32, 2020.
14
[15] KB Raja, Kiran Kumar, Satish Kumar, MS Lakshmi, H Preeti, KR Venugopal, and Lalit M Patnaik. Genetic algorithm based steganography using wavelets. In International Conference on Information Systems Security, pages 51–63. Springer, 2007.
15
[16] Elham Ghasemi, Jamshid Shanbehzadeh, and Nima Fassihi. High capacity image steganography based on genetic algorithm and wavelet transform. In Intelligent Control and Innovative Computing, pages 395–404. Springer, 2012.
16
[17] Avinash K Gulve and Madhuri S Joshi. An image steganography method hiding secret data into coefficients of integer wavelet transform using pixel value differencing approach. Mathematical Problems in Engineering, 2015, 2015.
17
[18] Hayat Al-Dmour and Ahmed Al-Ani. A steganography embedding method based on edge identification and xor coding. Expert systems with Applications, 46:293–306, 2016.
18
[19] Aref Miri and Karim Faez. Adaptive image steganography based on transform domain via genetic algorithm. Optik, 145:158–168, 2017.
19
[20] Aref Miri and Karim Faez. An image steganography method based on integer wavelet transform. Multimedia Tools and Applications, 77(11):13133–13144, 2018.
20
[21] Sabyasachi Pramanik, RP Singh, and Ramkrishna Ghosh. Application of bi-orthogonal wavelet transform and genetic algorithm in image steganography. Multimedia Tools & Applications, 79, 2020.
21
[22] Pranab K Muhuri, Zubair Ashraf, and Swati Goel. A novel image steganographic method based on integer wavelet transformation and particle swarm optimization. Applied Soft Computing, 92:106257, 2020.
22
[23] Hamidreza Rashidy Kanan and Bahram Nazeri. A novel image steganography scheme with high embedding capacity and tunable visual image quality based on a genetic algorithm. Expert systems with applications, 41(14):6123–6130, 2014.
23
[24] Ran-Zan Wang, Chi-Fang Lin, and Ja-Chen Lin. Image hiding by optimal lsb substitution and genetic algorithm. Pattern recognition, 34(3):671–683, 2001.
24
[25] Pratik D Shah and RS Bichkar. A secure spatial domain image steganography using genetic algorithm and linear congruential generator. In International Conference on Intelligent Computing and Applications, pages 119–129. Springer, 2018.
25
[26] Ranyiah Wazirali, Waleed Alasmary, Mohamed MEA Mahmoud, and Ahmad Alhindi. An optimized steganography hiding capacity and imperceptibly using genetic algorithms. IEEE Access, 7:133496–133508, 2019.
26
[27] Lifang Yu, Yao Zhao, Rongrong Ni, and Zhenfeng Zhu. Pm1 steganography in jpeg images using genetic algorithm. Soft Computing, 13(4):393–400, 2009.
27
[28] V Sabeti, S Faiazi, and H Shirinkhah. Improving security of lsbm steganography using of genetic algorithm, mmulti-key and blocking. 2020.
28
[29] Rinita Roy and Sumit Laha. Optimization of stego image retaining secret information using genetic algorithm with 8-connected psnr. Procedia Computer Science, 60:468–477, 2015.
29
[30] Amrita Khamrui, Diotima Dutta Gupta, Shatadal Ghosh, and Sambhunath Nandy. A spatial domain image authentication technique using genetic algorithm. In International Conference on Computational Intelligence, Communications, and Business Analytics, pages 577–584. Springer, 2017.
30
[31] SI Nipanikar, V Hima Deepthi, and Nikita Kulkarni. A sparse representation based image steganography using particle swarm optimization and wavelet transform. Alexandria engineering journal, 57(4):2343–2356, 2018.
31
[32] Sahib Khan and Tiziano Bianchi. Ant colony optimization (aco) based data hiding in image complex region. International Journal of Electrical & Computer Engineering (2088-8708), 8(1), 2018.
32
[33] Anan Banharnsakun. Artificial bee colony approach for enhancing lsb based image steganography. Multimedia Tools and Applications, 77(20):27491–27504, 2018.
33
[34] Chun-Hsien Chou and Yun-Chin Li. A perceptually tuned subband image coder based on the measure of just-noticeable-distortion profile. IEEE Transactions on circuits and systems for video technology, 5(6):467–476, 1995.
34
[35] Tom´aˇs Pevny, Patrick Bas, and Jessica Fridrich. Steganalysis by subtractive pixel adjacency matrix. IEEE Transactions on information Forensics and Security, 5(2):215–224, 2010.
35
ORIGINAL_ARTICLE
Ransomware Detection Based on PE Header Using Convolutional Neural Networks
With the spread of information technology in human life, data protection is a critical task. On the other hand, malicious programs are developed, which can manipulate sensitive and critical data and restrict access to this data. Ransomware is an example of such a malicious program that encrypts data, restricts users' access to the system or their data, and then request a ransom payment. Many types of research have been proposed for ransomware detection. Most of these methods attempt to identify ransomware by relying on program behavior during execution. The main weakness of these methods is that it is not explicit how long the program should be monitored to show its real behavior. Therefore, sometimes, these researches cannot detect ransomware early. In this paper, a new method for ransomware detection is proposed that does not need executing the program and uses the PE header of the executable file. To extract effective features from the PE header file, an image is constructed based on PE header. Then, according to the advantages of Convolutional Neural Networks in extracting features from images and classifying them, CNN is used. The proposed method achieves high detection rates. Our results indicate the usefulness and practicality of our method for ransomware detection.
https://www.isecure-journal.com/article_135756_6606f412d8a99b1fcc16b2e38eccaf18.pdf
2022-07-01
181
192
10.22042/isecure.2021.262846.595
convolution neural network
Ransomware
Farnoush
Manavi
farnush.manavi@gmail.com
1
Department of Computer Engineering and IT, Shiraz University, Shiraz, Iran.
LEAD_AUTHOR
Ali
Hamzeh
ali@cse.shirazu.ac.ir
2
Department of Computer Engineering and IT, Shiraz University, Shiraz, Iran.
AUTHOR
[1] Nabie Y Conteh and Paul J Schmick. Cybersecurity risks, vulnerabilities, and countermeasures to prevent social engineering attacks. In Ethical Hacking Techniques and Countermeasures for Cybercrime Prevention, pages 19–31. IGI Global,2021.
1
[2] Fakhroddin Noorbehbahani, Farzaneh Rasouli, and Mohammad Saberi. Analysis of machine learning techniques for ransomware detection. In 2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security
2
and Cryptology (ISCISC), pages 128–133. IEEE, 2019.
3
[3] Kim-Kwang Raymond Choo. Cryptocurrency and virtual currency: Corruption and money laundering/terrorism financing risks? In Handbook of digital currency, pages 283–307. Elsevier, 2015.
4
[4] Masarah Paquet-Clouston, Bernhard Haslhofer, and Benoit Dupont. Ransomware payments in the bitcoin ecosystem. Journal of Cybersecurity, 5(1):tyz003, 2019.
5
[5] Abbas Yazdinejad, Hamed HaddadPajouh, Ali Dehghantanha, Reza M Parizi, Gautam Srivastava, and Mu-Yen Chen. Cryptocurrency malware hunting: A deep recurrent neural network approach. Applied Soft Computing, 96:106630, 2020.
6
[6] Amin Azmoodeh, Ali Dehghantanha, Mauro Conti, and Kim-Kwang Raymond Choo. Detecting crypto-ransomware in iot networks base on energy consumption footprint. Journal of Ambient Intelligence and Humanized Computing, 9(4):1141–1152, 2018.
7
[7] Mamoona Humayun, NZ Jhanjhi, Ahmed Alsayat, and Vasaki Ponnusamy. Internet of things and ransomware: Evolution, mitigation and prevention. Egyptian Informatics Journal, 22(1):105–117, 2021.
8
[8] Wira Zanoramy A Zakaria, Mohd Faizal Abdollah, Othman Mohd, and Aswami Fadillah Mohd Ariffin. The rise of ransomware. In Proceedings of the 2017 International Conference on Software and e-Business, pages 66–70, 2017.
9
[9] Pierre-Luc Pomerleau and David L Lowery. The evolution of the threats to canadian financial institutions, the actual state of public and private partnerships in canada. In Countering Cyber Threats to Financial Institutions, pages 47–85. Springer, 2020.
10
[10] K Savage, P Coogan, and H Lau. The evolution of ransomware, symantec security response. Symantec Corporation, Mountain View, CA, 2015.
11
[11] Sajad Homayoun, Ali Dehghantanha, Marzieh Ahmadzadeh, Sattar Hashemi, and Raouf Khayami. Know abnormal, find evil: frequent pattern mining for ransomware threat hunting and intelligence. IEEE transactions on emerging topics in computing, 8(2):341–351, 2017.
12
[12] Bander Ali Saleh Al-Rimy, Mohd Aizaini Maarof, Mamoun Alazab, Syed Zainudeen Mohd Shaid, Fuad A Ghaleb, Abdulmohsen Almalawi, Abdullah Marish Ali, and Tawfik Al-Hadhrami. Redundancy coefficient gradual up-weighting-based mutual information feature selection technique for crypto-ransomware early detection. Future Generation Computer Systems, 115:641–658, 2021.
13
[13] Ala Bahrani and Amir Jalaly Bidgly. Ransomware detection using process mining and classification algorithms. In 2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology(ISCISC), pages 73–77. IEEE, 2019.
14
[14] Laxmi B Bhagwat and Balaji M Patil. Detection of ransomware attack: A review. In Proceeding of International Conference on Computational Science and Applications, pages 15–22. Springer,2020.
15
[15] Amir Afianian, Salman Niksefat, Babak Sadeghiyan, and David Baptiste. Malware dynamic analysis evasion techniques: A survey. ACM Computing Surveys (CSUR), 52(6):1–28, 2019.
16
[16] Daniele Sgandurra, Luis Mu˜noz-Gonz´alez, Rabih Mohsen, and Emil C Lupu. Automated dynamic analysis of ransomware: Benefits, limitations and use for detection. arXiv preprint arXiv:1609.03020, 2016.
17
[17] Manuel Egele, Theodoor Scholte, Engin Kirda, and Christopher Kruegel. A survey on automated dynamic malware-analysis techniques and tools. ACM computing surveys (CSUR), 44(2):1–42, 2008.
18
[18] Mahboobe Ghiasi, Ashkan Sami, and Zahra Salehi. Dyvsor: dynamic malware detection based on extracting patterns from value sets of registers. The ISC International Journal of Information Security, 5(1):71–82, 2013.
19
[19] Ibrahim Bello, Haruna Chiroma, Usman A Abdullahi, Abdulsalam Yau Gital, Fatsuma Jauro, Abdullah Khan, Julius O Okesola, and M Abdulhamid Shafii. Detecting ransomware attacks using intelligent algorithms: recent development
20
and next direction from deep learning and big data perspectives. Journal of Ambient Intelligence and Humanized Computing, pages 1–19,2020.
21
[20] Martina Lindorfer, Clemens Kolbitsch, and Paolo Milani Comparetti. Detecting environmentsensitive malware. In International Workshop on Recent Advances in Intrusion Detection, pages 338–357. Springer, 2011.
22
[21] Hanqi Zhang, Xi Xiao, Francesco Mercaldo, Shiguang Ni, Fabio Martinelli, and Arun Kumar Sangaiah. Classification of ransomware families with machine learning based on n-gram of opcodes. Future Generation Computer Systems, 90:211–221, 2019.
23
[22] Jeong Kyu Lee, Seo Yeon Moon, and Jong Hyuk Park. Cloudrps: a cloud analysis based enhanced ransomware prevention system. The Journal of Supercomputing, 73(7):3065–3084, 2017.
24
[23] Juan A Herrera Silva, Lorena Isabel Barona L´opez, Angel Leonardo Val- ´divieso Caraguay, and Myriam Hern´andez Alvarez. A survey on situational awareness of ´ransomware attacksdetection and prevention parameters. Remote Sensing, 11(10):1168, 2019.
25
[24] Arslan Ashraf, Abdul Aziz, Umme Zahoora, Muttukrishnan Rajarajan, and Asifullah Khan. Ransomware analysis using feature engineering and deep neural networks. arXiv preprint arXiv:1910.00286, 2019.
26
[25] Deepti Vidyarthi, CRS Kumar, Subrata Rakshit, and Shailesh Chansarkar. Static malware analysis to identify ransomware properties. International Journal of Computer Science Issues(IJCSI), 16(3):10–17, 2019.
27
[26] Ban Mohammed Khammas. Ransomware detection using random forest technique. ICT Express,6(4):325–331, 2020.
28
[27] Alberto Ferrante, Miroslaw Malek, Fabio Martinelli, Francesco Mercaldo, and Jelena Milose Extinguishing ransomware-a hybrid approach to android ransomware detection. In International Symposium on Foundations and Practice of Security, pages 242–258. Springer, 2017.
29
[28] Suyeon Yoo, Sungjin Kim, Seungjae Kim, and Brent Byunghoon Kang. Ai-hydra: Advanced hybrid approach using random forest and deep learning for malware classification. Information Sciences, 546:420–435, 2021.
30
[29] James Baldwin and Ali Dehghantanha. Leveraging support vector machine for opcode density based detection of crypto-ransomware. In Cyber threat intelligence, pages 107–136. Springer, 2018.
31
[30] Bin Zhang, Wentao Xiao, Xi Xiao, Arun Kumar Sangaiah, Weizhe Zhang, and Jiajia Zhang. Ransomware classification using patch-based cnn and self-attention network on embedded n-grams of opcodes. Future Generation Computer Systems,
32
110:708–720, 2020.
33
[31] Hyunji Kim, Jaehoon Park, Hyeokdong Kwon, Kyoungbae Jang, and Hwajeong Seo. Convolutional neural network-based cryptography ransomware detection for low-end embedded processors. Mathematics, 9(7):705, 2021.
34
[32] G Radhakrishnan, K Srinivasan, S Maheswaran, K Mohanasundaram, D Palanikkumar, and Abhay Vidyarthi. A deep-rnn and meta-heuristic feature selection approach for iot malware detection. Materials Today: Proceedings, 2021.
35
[33] Muna Al-Hawawreh and Elena Sitnikova. Leveraging deep learning models for ransomware detection in the industrial internet of things environment. In 2019 Military Communications and Information Systems Conference (MilCIS), pages
36
1–6. IEEE, 2019.
37
[34] Farnoush Manavi and Ali Hamzeh. Static detection of ransomware using lstm network and pe header. In 2021 26th International Computer Conference, Computer Society of Iran (CSICC),pages 1–5. IEEE, 2021.
38
[35] Seong Il Bae, Gyu Bin Lee, and Eul Gyu Im. Ransomware detection using machine learning algorithms. Concurrency and Computation: Practice and Experience, 32(18):e5422, 2020.
39
[36] Digit Oktavianto and Iqbal Muhardianto. Cuckoo malware analysis. Packt Publishing Ltd, 2013.
40
[37] Kaiming He, Xiangyu Zhang, Shaoqing Ren, and Jian Sun. Deep residual learning for image recognition. In Proceedings of the IEEE conference on computer vision and pattern recognition, pages 770–778, 2016.
41
[38] Asifullah Khan, Anabia Sohail, Umme Zahoora, and Aqsa Saeed Qureshi. A survey of the recent architectures of deep convolutional neural networks. Artificial Intelligence Review, 53(8):5455–5516, 2020.
42
[39] Neha Sharma, Vibhor Jain, and Anju Mishra. An analysis of convolutional neural networks for image classification. Procedia computer science,132:377–384, 2018.
43
[40] Dmytro Mishkin, Nikolay Sergievskiy, and Jiri Matas. Systematic evaluation of convolution neural network advances on the imagenet. Computer Vision and Image Understanding, 161:11–19, 2017.
44
[41] David MW Powers. Evaluation: from precision, recall and f-measure to roc, informedness, markedness and correlation. arXiv preprint arXiv:2010.16061, 2020.
45
[42] Ron Kohavi et al. A study of cross-validation and bootstrap for accuracy estimation and model selection. In Ijcai, volume 14, pages 1137–1145. Montreal, Canada, 1995.
46
[43] Daniel Gibert, Carles Mateu, Jordi Planes, and Ramon Vicens. Using convolutional neural networks for classification of malware represented as images. Journal of Computer Virology and Hacking Techniques, 15(1):15–28, 2019.
47
[44] Quan Le, Ois´ın Boydell, Brian Mac Namee, and Mark Scanlon. Deep learning at the shallow end: Malware classification for non-domain experts. Digital Investigation, 26:S118–S126, 2018.
48
[45] Ajit Kumar, KS Kuppusamy, and G Aghila. A learning model to detect maliciousness of portable executable using integrated feature set. Journal of King Saud University-Computer and Information Sciences, 31(2):252–265, 2019.
49
ORIGINAL_ARTICLE
Attacks to Some Recently Proposed CL-SC Schemes and Presenting a Secure Scheme with KSSTIS
The certificateless public key cryptography (CL-PKC) setting, makes it possible to overcome the problems of the conventional public key infrastructure and the ID-Based public key cryptography, concurrently. A certificateless signcryption (CL-SC) scheme is an important cryptographic primitive which provides the goals of a signature scheme and an encryption scheme both at once, in a certificateless setting. In addition to the basic security requirements of a CL-SC scheme (i. e. the unforgeability and the confidentiality), a new security notion called as the known session specific temporary information security (KSSTIS) has been proposed in the literature, recently. This security notion guarantees the confidentiality of the message even if the temporary information, used for creating the signcryption on the message, reveals. However, as discussed in the literature, there are not any secure CL-SC schemes in the standard model (i. e. without the assumption of random oracles) which guarantees the KSSTIS. In this paper, three recently proposed CL-SC schemes (Caixue, Shan and Ullah et al.'s schemes) are analyzed and it is shown that these schemes not only do not satisfy the KSSTIS, but also they do not even provide the basic security requirements of a CL-SC scheme. Furthermore, an enhanced secure CL-SC scheme is proposed in the standard model which satisfies the KSSTIS.
https://www.isecure-journal.com/article_144712_bb5b6d45e091f43bc29f72d0b1624c75.pdf
2022-07-01
193
213
10.22042/isecure.2022.266258.602
Certificateless Signcryption
KSSTIS
Standard Model
Random Oracle Model
Parvin
Rastegari
p.rastegari@gmail.com
1
Electrical and Computer Engineering Group, Golpayegan College of Engineering, Isfahan University of Technology, Golpayegan, Iran
LEAD_AUTHOR
[1] Adi Shamir. Identity-based cryptosystems and signature schemes. In Workshop on the theory and application of cryptographic techniques, pages 47–53. Springer, 1984.
1
[2] Sattam S Al-Riyami and Kenneth G Paterson. Certificateless public key cryptography. In International conference on the theory and application of cryptology and information security, pages 452–473. Springer, 2003.
2
[3] Yuliang Zheng. Digital signcryption or how to achieve cost (signature & encryption) cost(signature) + cost (encryption). In Annual international cryptology conference, pages 165–179. Springer, 1997.
3
[4] Manuel Barbosa and Pooya Farshim. Certificateless signcryption. In Proceedings of the 2008 ACM symposium on Information, computer and communications security, pages 369–372, 2008.
4
[5] Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 62–73, 1993.
5
[6] Zhenhua Liu, Yupu Hu, Xiangsong Zhang, and Hua Ma. Certificateless signcryption scheme in the standard model. Information Sciences, 180(3):452–464, 2010.
6
[7] S Sharmila Deva Selvi, S Sree Vivek, and C Pandu Rangan. Security weaknesses in two certificateless signcryption schemes. IACR Cryptol. ePrint Arch., 2010:92, 2010.
7
[8] Jian Weng, Guoxiang Yao, Robert H Deng, MinRong Chen, and Xiangxue Li. Cryptanalysis of a certificateless signcryption scheme in the standard model. Information Sciences, 181(3):661–667, 2011.
8
[9] Songqin Miao, Futai Zhang, Sujuan Li, and Yi Mu. On security of a certificateless signcryption scheme. Information Sciences, 232:475–481, 2013.
9
[10] Zhengping Jin, Qiaoyan Wen, and Hua Zhang. A supplement to liu et al.’s certificateless signcryption scheme in the standard model. IACR Cryptol. ePrint Arch., 2010:252, 2010.
10
[11] Hu Xiong. Toward certificateless signcryption scheme without random oracles. IACR Cryptol. ePrint Arch., 2014:162, 2014.
11
[12] Lin Cheng and Qiaoyan Wen. An improved certificateless signcryption in the standard model. Int. J. Netw. Secur., 17(3):229–237, 2015.
12
[13] Xiao Zheng and Xudong Li. An efficient certificateless signcryption in the standard model. In 2016 IEEE International Conference on Cloud Computing and Big Data Analysis (ICCCBDA), pages 199–205. IEEE, 2016.
13
[14] Caixue Zhou, Guangyong Gao, and Zongmin Cui. Certificateless signcryption in the standard model. Wireless Personal Communications, 92(2):495–513, 2017.
14
[15] Parvin Rastegari and Mehdi Berenjkoub. An improved certificateless signcryption scheme. In 2016 13th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC), pages 106–111. IEEE,2016.
15
[16] Parvin Rastegari and Mehdi Berenjkoub. An efficient certificateless signcryption scheme in the standard model. ISeCure, 9(1), 2017.
16
[17] Ming Luo and Yuwei Wan. An enhanced certificateless signcryption in the standard model. Wireless Personal Communications, 98(3):2693–2709, 2018.
17
[18] ZHOU Caixue. Certificateless signcryption scheme without random oracles. Chinese Journal of Electronics, 27(5):1002–1008, 2018.
18
[19] Shan Shan. An efficient certificateless signcryption scheme without random oracles. International Journal of Electronics and Information Engineering, 11(1):9–15, 2019.
19
[20] Parvin Rastegari, Willy Susilo, and Mohammad Dakhlalian. Efficient certificateless signcryption in the standard model: Revisiting luo and wan’s scheme from wireless personal communications(2018). The Computer Journal, 62(8):1178–1193,
20
[21] Parvin Rastegari and Mohammad Dakhilalian. Cryptanalysis of a certificateless signcryption scheme. In 2019 16th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC), pages 67–71. IEEE, 2019.
21
[22] Yumin Yuan. Security analysis of an enhanced certificateless signcryption in the standard model. Wireless Personal Communications, pages 1–8, 2020.
22
[23] Xi-Jun Lin, Lin Sun, Zhen Yan, Xiaoshuai Zhang, and Haipeng Qu. On the security of a certificateless signcryption with known session-specific temporary information security in the standard model. The Computer Journal, 63(8):1259–1262, 2020.
23
[24] Insaf Ullah, Noor Ul Amin, Mahdi Zareei, Asim Zeb, Hizbullah Khattak, Ajab Khan, and Shidrokh Goudarzi. A lightweight and provable secured certificateless signcryption approach for crowdsourced iiot applications. Symmetry,11(11):1386, 2019.
24
[25] Fangguo Zhang, Reihaneh Safavi-Naini, and Willy Susilo. An efficient signature scheme from bilinear pairings and its applications. In International Workshop on Public Key Cryptography, pages 277–290. Springer, 2004.
25
[26] Marc Girault. Self-certified public keys. In Workshop on the Theory and Application of of Cryptographic Techniques, pages 490–497. Springer, 1991.
26
[27] Yi-Fan Tseng, Chun-I Fan, and Ching-Wen Chen. Top-level secure certificateless signature scheme in the standard model. IEEE Systems Journal, 13(3):2763–2774, 2019.
27
[28] Wenjie Yang, Shangpeng Wang, Wei Wu, and Yi Mu. Top-level secure certificateless signature against malicious-but-passive kgc. IEEE Access, 7:112870–112878, 2019.
28
ORIGINAL_ARTICLE
Location Privacy Preservation for Secondary Users in a Database-Driven Cognitive Radio Network
Since their introduction, cognitive radio networks, as a new solution to the problem of spectrum scarcity, have received great attention from the research society. An important field in database driven cognitive radio network studies is pivoted on their security issues. A critical issue in this context is user's location privacy, which is potentially under serious threat. The query process by secondary users from the database is one of the points where the problem rises. In this paper, we propose a Privacy Preserving Query Process (PPQP), accordingly. PPQP is a cryptography-based protocol, which takes advantage of properties of some well-known cryptosystems. This method lets secondary users deal in the process of spectrum query without sacrificing their location information. Analytical assessment of PPQP's privacy preservation capability shows that it preserves location privacy for secondary users against different adversaries, with very high probability. Relatively low communicational cost is a significant property of our novel protocol.
https://www.isecure-journal.com/article_144758_1ade028283b0789618336a6e6bae47a1.pdf
2022-07-01
215
227
10.22042/isecure.2022.243102.568
Database-Driven CRN
Location Privacy
Homomorphic Encryption
Zeinab
Salami
z_salami@ee.kntu.ac.ir
1
Department of Electrical Engineering, K. N. Toosi University of Technology
LEAD_AUTHOR
Mahmoud
Ahmadian Attari
m_ahmadian@kntu.ac.ir
2
Department of Electrical Engineering, K. N. Toosi University of Technology
AUTHOR
Mohammad Reza
Aref
isecure@sharif.ir
3
Department of Electrical Engineering, Sharif University of Technology
AUTHOR
Hoda
Jannati
hodajannati@gmail.com
4
School of Computer Science, Institute for Research in Fundamental Sciences (IPM),Iran- Tehran
AUTHOR
[1] ECC. Report 159, technical and operational requirement for the possible operation of cognitive radio system in the white space of the frequency band 470-790 mhz. 2011.
1
[2] FCC. Third order and memorandum opinion and order, in the matter of unlicensed operation in the TV broadcast bands, additional spectrum for unlicensed devices below 900 mhz and in the 3 ghz band. 2012.
2
[3] V. Chen (Ed.), S. Das, L. Zhu, J. Malyar, and P. McCann. RFC 7545, Protocol to Access White-Space (PAWS) databases. DOI
3
10.17487/RFC7545, Available: http://www.rfceditor.org/info/rfc7545¿, 2015.
4
[4] R. Shokri, G. Theodorakopoulos, J. Y. Le Boudec, and J. P. Hubaux. Quantifiying location privacy. In IEEE Symposium on Securitand Privacy, pages –, 2011.
5
[5] M. Grissa, B. Hamdaoui, and A. A. Yavuz. Location privacy in cognitive radio networks: a survey. IEEE Communications Surveys and Tutorials, 19:1726–1760, 2017.
6
[6] R. L. Rivest, L. Adleman, and M. L. Dertouzos. On data banks and privacy homomorphisms. Foundations of Secure Computation, 19:169–179, 1978.
7
[7] I. T. Lien, Y. H. Lin, J. R. Shieh, and J. L.Wu. A novel privacy preserving location-based service protocol with secret circular shift for KNN search. IEEE Transactions on Information Forensics and Security, 8:863–873, 2013.
8
[8] J. Xu, H. Yu, C. Xu, and N. Zheng. A dynamic spatial cloaking algorithm for location privacy. In IET International Conference on Information Science and Control Engineering, pages –, 2012.
9
[9] L. Sweeney. Achieving k-anonymity privacy protection using generalization and suppression. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems, 10:571–588, 2002.
10
[10] P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In 17th Int.Conf. on Theory Application of Cryptographic Techniques, pages 223–238, 1999.
11
[11] B. Chor, E. Kushilevitz, O. Goldreich, and M. Sudan. Private information retrieval. Journal of the ACM (JACM), 45:–, 1998.
12
[12] H. Li, Q. Pei, and W. Zhang. Location privacypreserving channel allocation scheme in cognitive radio networks. International Journal of Distributed Sensor Networks, 12:–, 2016.
13
[13] L. Zhang, C. Fang, Y. Li, H. Zhu, and M. Dong.Optimal strategies for defending location inference attack in database-driven crns. In IEEE International Conference on Communications(ICC), pages 7640–7645, 2015.
14
[14] Z. Gao, H. Zhu, Y. Liu, M. Li, and Z. Cao.Location privacy in database-driven cognitive radio networks: Attacks and countermeasures. In IEEE Conference on Computer Communications(INFOCOM’13), pages 2751–2759, 2013.
15
[15] J. Trostle and A. Parrish. Efficient computationally private information retrieval from anonymity or trapdoor groups. In the 13th International Conference on Information security (ISC’10), pages 114–128, 2010.
16
[16] E. Troja and S. Bakiras. Leveraging p2p interactions for efficient location privacy in databasedriven dynamic spectrum access. In the 22nd ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems, pages –, 2014.
17
[17] C. Gentry and Z. Ramzan. Single-database private information retrieval with constant communication rate. In International Colloquium on Automata, Languages and Programming(ICALP’05), pages 803–815, 2005.
18
[18] E. Troja and S. Bakiras. On packing r-trees. In 24th IEEE International Conference on Computer Communication and Networks (ICCCN), pages 1–8, 2015.
19
[19] I. Kamel and C. Faloutsos. On packing r-trees,. In the second international conference on Information and knowledge management (ACM), pages 490–499, 1993.
20
[20] Z. Salami, M. Ahmadian-Attari, H. Jannati, and M. R. Aref. A location privacy-preserving method for spectrum sharing in database-driven cognitive radio networks. Wireless Personal Communications, 95:3687–3711, 2017.
21
[21] Z. Zhang, H. Zhang, S. He, and P. Cheng. Achieving bilateral utility maximization and location privacy preservation in database-driven cognitive radio networks. In IEEE 12th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), pages 181–189, 2015.
22
[22] M. E. Andres, N. E. Bordenabe, K. Chatzikokolakis, and C. Palamidessi. Geoindistinguishability: Differential privacy for
23
location-based systems. In ACM SIGSAC conference on Computer and communications security, pages 901–914, 2013.
24
[23] Z. Chen, L. Chen, and H. Zhong. Towards secure and verifiable database-driven spectrum sharing. In 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks(DSN), pages –, 2017.
25
[24] A. C. C. Yao. How to generate and exchange secrets. In 16th Annual Symposium on Foundations of Computer Science (FOCS), pages –,1975.
26
[25] Z. Chen, L. Huang, and L. Chen. ITSEC: An information-theoretically secure framework for truthful spectrum auctions. In International Conference on Computer Communications (INFOCOM), pages 2065–2073, 2015.
27
[26] M. Grissa, A. A. Yavuz, and B. Hamdaoui. Cuckoo filter-based location-privacy preservation in database-driven cognitive radio networks. In IEEE World Symposium on Computer Networks and Information Security (WSCNIS), pages 1–7,2015.
28
[27] B. Fan, D. G. Andersen, M. Kaminsky, and M. D.Mitzenmacher. Cuckoo filter: Practically better than bloom. In 10th ACM International on Conference on emerging Networking Experiments and Technologies, pages 75–88, 2014.
29
[28] B. Bahrak, S. Bhattarai, A. Ullah, J. Park, J. Reed, and D. Gurney. Protecting the primary users’ operational privacy in spectrum sharing. In IEEE International Symposium on Dynamic Spectrum Access Networks (DYSPAN’14), pages 236–247, 2014.
30
[29] M. Clark and K. Psounis. Can the privacy of primary networks in shared spectrum be protected? In 35th IEEE International Conference on Computer Communications (INFOCOM), pages 1–9, 2016.
31
[30] A. B. Mosbah, T. A. Hall, M. Souryal, and H. Afifi. An analytical model for inference attacks on the incumbent’s frequency in spectrum sharing. In IEEE International Symposium on Dynamic Spectrum Access Networks (DYSPAN), pages –, 2017.
32
[31] R. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21:120–126, 1978.
33
[32] C. Gentry. Fully homomorphic encryption using ideal lattices. In the 41st ACM Symposium on Theory of Computing (STOC), pages 169–178, 2009.
34
[33] I. Bilogrevic, M. Jadliwala, V. Joneja, K. Kalkan, J. P. Hubaux, and I. Aad. Privacy-preserving optimal meeting location determination on mobile devices. IEEE Trans. on Information Forensics and Security, 9:1141–1156, 2014.
35
[34] Y. Ling, S. Ma, Q. Huang, and X. Li. A general two-server framework for ciphertext-checkable encryption against offline message recovery attack. In Cloud Computing and Security (ICCCS 2018), pages 370–382, 2018.
36