Volume 16 (2024)
Volume 15 (2023)
Volume 14 (2022)
Volume 13 (2021)
Volume 12 (2020)
Volume 11 (2019)
Volume 10 (2018)
Volume 9 (2017)
Volume 8 (2016)
Volume 7 (2015)
Volume 6 (2014)
Volume 5 (2013)
Volume 4 (2012)
Volume 3 (2011)
Volume 2 (2010)
Volume 1 (2009)

A Survey of Anomaly Detection Approaches in Internet of Things

M. Behniafar; A.R. Nowroozi; H.R. Shahriari

Volume 10, Issue 2 , July 2018, , Pages 79-92

https://doi.org/10.22042/isecure.2018.116976.408

Abstract
  Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion ...  Read More

Enhanced Flush+Reload Attack on AES

Milad Seddigh; Hadi Soleimany

Volume 12, Issue 2 , July 2020, , Pages 81-89

https://doi.org/10.22042/isecure.2020.219248.519

Abstract
  In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used ...  Read More

Computationally secure multiple secret sharing: models, schemes, and formal security analysis

S. Mashhadi

Volume 7, Issue 2 , July 2015, , Pages 91-99

https://doi.org/10.22042/isecure.2016.7.2.2

Abstract
  A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. ...  Read More

ASIC design protection against reverse engineering during the fabrication process using automatic netlist obfuscation design flow

Sh. Zamanzadeh; A. Jahanian

Volume 8, Issue 2 , July 2016, , Pages 93-104

https://doi.org/10.22042/isecure.2016.8.2.1

Abstract
  Fab-less business model in semiconductor industry has led to serious concerns about trustworthy hardware. In untrusted foundries and manufacturing companies, submitted layout may be analyzed and reverse engineered to steal the information of a design or insert malicious Trojans. Understanding the netlist ...  Read More

Interdependent Security Game Design over Constrained Linear Influence Networks

Seyed Alireza Hasheminasab; Behrouz Tork Ladani; Tansu Alpcan

Volume 11, Issue 2 , July 2019, , Pages 95-111

https://doi.org/10.22042/isecure.2019.186923.467

Abstract
  In today's highly interconnected networks, security of the entities are often interdependent. This means security decisions of the agents are not only influenced by their own costs and constraints, but also are affected by their neighbors’ decisions. Game theory provides a rich set of tools to ...  Read More

Eigenvalues-based LSB steganalysis

F. Farhat; A. Diyanat; Sh. Ghaemmaghami; M. R. Aref

Volume 4, Issue 2 , July 2012, , Pages 97-106

https://doi.org/10.22042/isecure.2013.4.2.1

Abstract
  So far, various components of image characteristics have been used for steganalysis, including the histogram characteristic function, adjacent colors distribution, and sample pair analysis. However, some certain steganography methods have been proposed that can thwart some analysis approaches through ...  Read More

A risk model for cloud processes

E. Damiani; S. Cimato; G. Gianini

Volume 6, Issue 2 , July 2014, , Pages 99-123

https://doi.org/10.22042/isecure.2015.6.2.2

Abstract
  Traditionally, risk assessment consists of evaluating the probability of "feared events", corresponding to known threats and attacks, as well as these events' severity, corresponding to their impact on one or more stakeholders. Assessing risks of cloud-based processes is particularly difficult due to ...  Read More

On the computational complexity of finding a minimal basis for the guess and determine attack

Sh. Khazaei; F. Moazami

Volume 9, Issue 2 , July 2017, , Pages 101-110

https://doi.org/10.22042/isecure.2017.79681.373

Abstract
  Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, ...  Read More

File Fragment Type Classification by Bag-Of-Visual-Words

Mina Erfan; Saeed Jalili

Volume 13, Issue 2 , July 2021, , Pages 101-116

https://doi.org/10.22042/isecure.2021.243876.570

Abstract
  File fragment’s type classification in the absence of header and file system information, is a major building block in various solutions devoted to file carving, memory analysis and network forensics. Over the past decades, a substantial amount of effort has been put into developing methods to ...  Read More

A semantic-aware role-based access control model for pervasive computing environments

A. Javadi; M. Amini

Volume 5, Issue 2 , July 2013, , Pages 119-140

https://doi.org/10.22042/isecure.2014.5.2.2

Abstract
  Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information ...  Read More

Bypassing Web Application Firewalls Using Deep Reinforcement Learning

Mojtaba Hemmati; Mohammad Ali Hadavi

Volume 14, Issue 2 , July 2022, , Pages 131-145

https://doi.org/10.22042/isecure.2022.323140.744

Abstract
  Web application firewalls (WAFs) are used for protecting web applications from attacks such as SQL injection, cross-site request forgery, and cross-site scripting. As a result of the growing complexity of web attacks, WAFs need to be tested and updated on a regular basis. There are various tools and ...  Read More

MISC: Multi-Input Secure Two-Party Computation

Farhad Taheri Ardakani; Siavash Bayat Sarmadi

Volume 15, Issue 2 , July 2023, , Pages 163-177

https://doi.org/10.22042/isecure.2023.323624.745

Abstract
  Secure multi-party computation (MPC) allows a group of parties to compute a function on their private inputs securely. Classic MPC protocols for two parties use either Yao's garbled circuit (GC) or the Goldreich-Micali-Wigderson (GMW) protocol. In this paper, we propose MISC, a multi-input secure computation ...  Read More

Role and Application of RFID Technology in Internet of Things: Communication, Authentication, Risk, and Security Concerns

Saadi Hadjer; Yagoub Mustapha C.E.; Rachida TOUHAMI

Volume 11, Issue 3 , August 2019, , Pages 9-17

https://doi.org/10.22042/isecure.2019.11.0.2

Abstract
  The Internet of Things (IoT) is a very encouraging and fast-growing area that brings together the benefits of wireless systems, sensor networks, actuators, etc.A wide range of IoT applications have been targeted and several aspects of this field have been identified to address specific issues, ...  Read More

A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs

M. Abadi; S. Jalili

Volume 2, Issue 1 , January 2010, , Pages 13-32

https://doi.org/10.22042/isecure.2015.2.1.3

Abstract
  To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There ...  Read More

On the multi _ chi-square tests and their data complexity

A. Vardasbi; M. Salmasizadeh; J. Mohajeri

Volume 4, Issue 1 , January 2012, , Pages 15-24

https://doi.org/10.22042/isecure.2015.4.1.3

Abstract
  Chi-square tests are generally used for distinguishing purposes; however when they are combined to simultaneously test several independent variables, extra notation is required. In this study, the chi-square statistics in some previous works is revealed to be computed half of its real value. Therefore, ...  Read More

A novel local search method for microaggregation

R. Mortazavi; S. Jalili

Volume 7, Issue 1 , January 2015, , Pages 15-26

https://doi.org/10.22042/isecure.2015.7.1.3

Abstract
  In this paper, we propose an effective microaggregation algorithm to produce a more useful protected data for publishing. Microaggregation is mapped to a clustering problem with known minimum and maximum group size constraints. In this scheme, the goal is to cluster n records into groups of at least ...  Read More

An Incentive-Aware Lightweight Secure Data Sharing Scheme for D2D Communication in 5G Cellular Networks

A. Mohseni-Ejiyeh; M. Ashouri-Talouki; M. Mahdavi

Volume 10, Issue 1 , January 2018, , Pages 15-27

https://doi.org/10.22042/isecure.2018.111195.401

Abstract
  Due to the explosion of smart devices, data traffic over cellular networks has seen an exponential rise in recent years. This increase in mobile data traffic has caused an immediate need for offloading traffic from operators. Device-to-Device(D2D) communication is a promising solution to boost the ...  Read More

SESOS: A Verifiable Searchable Outsourcing Scheme for Ordered Structured Data in Cloud Computing

Javad Ghareh Chamani; Mohammad Sadeq Dousti; Rasool Jalili; Dimitrios Papadopoulos

Volume 11, Issue 1 , January 2019, , Pages 15-34

https://doi.org/10.22042/isecure.2019.148637.430

Abstract
  While cloud computing is growing at a remarkable speed, privacy issues are far from being solved. One way to diminish privacy concerns is to store data on the cloud in encrypted form. However, encryption often hinders useful computation cloud services. A theoretical approach is to employ the so-called ...  Read More

Steganalysis of embedding in difference of image pixel pairs by neural network

V. Sabeti; Sh. Samavi; M. Mahdavi; Sh. Shirani

Volume 1, Issue 1 , January 2009, , Pages 17-26

https://doi.org/10.22042/isecure.2015.1.1.3

Abstract
  In this paper a steganalysis method is proposed for pixel value differencing method. This steganographic method, which has been immune against conventional attacks, performs the embedding in the difference of the values of pixel pairs. Therefore, the histogram of the differences of an embedded image ...  Read More

Side channel parameter characteristics of code injection attacks

E. Aerabi; M. Kaykha; M. Fazeli; A. Patooghy; A. Akbari

Volume 9, Issue 1 , January 2017, , Pages 17-26

https://doi.org/10.22042/isecure.2017.0.0.5

Abstract
  Embedded systems are suggestive targets for code injection attacks in the recent years. Software protection mechanisms, and in general computers, are not usually applicable in embedded systems since they have limited resources like memory and process power. In this paper we investigate side channel characteristics ...  Read More

Total break of Zorro using linear and differential attacks

Sh. Rasoolzadeh; Z. Ahmadian; M. Salmasizadeh; M. R. Aref

Volume 6, Issue 1 , January 2014, , Pages 23-34

https://doi.org/10.22042/isecure.2014.6.1.3

Abstract
  An AES-like lightweight block cipher, namely Zorro, was proposed in CHES 2013. While it has a 16-byte state, it uses only 4 S-Boxes per round. This weak nonlinearity was widely criticized, insofar as it has been directly exploited in all the attacks on Zorro reported by now, including the weak key, reduced ...  Read More

New High Secure Network Steganography Method Based on Packet Length

Vajiheh Sabeti; Minoo Shoaei

Volume 12, Issue 1 , January 2020, , Pages 24-44

https://doi.org/10.22042/isecure.2020.194573.475

Abstract
  In network steganography methods based on packet length, the length of the packets is used as a carrier for exchanging secret messages. Existing methods in this area are vulnerable against detections due to abnormal network traffic behaviors. The main goal of this paper is to propose a method which has ...  Read More

On the design and security of a lattice-based threshold secret sharing scheme

H. R. Amini Khorasgani; S. Asaad; H. Pilaram; T. Eghlidos; M. R. Aref

Volume 8, Issue 1 , January 2016, , Pages 25-38

https://doi.org/10.22042/isecure.2016.8.1.2

Abstract
  In this paper, we introduce a method of threshold secret sharing scheme (TSSS) in which secret reconstruction is based on Babai's nearest plane algorithm. In order to supply secure public channels for transmitting shares to parties, we need to ensure that there are no quantum threats to these channels. ...  Read More

A Study of Timing Side-Channel Attacks and Countermeasures on JavaScript and WebAssembly

Mohammad Erfan Mazaheri; Siavash Bayat Sarmadi; Farhad Taheri Ardakani

Volume 14, Issue 1 , January 2022, , Pages 27-46

https://doi.org/10.22042/isecure.2021.263565.599

Abstract
  Side-channel attacks are a group of powerful attacks in hardware security that exploit the deficiencies in the implementation of systems. Timing side-channel attacks are one of the main side-channel attack categories that use the time difference of running an operation in different states. Many powerful ...  Read More

QTRU: quaternionic version of the NTRU public-key cryptosystems

E. Malekian; A. Zakerolhosseini; A. Mashatan

Volume 3, Issue 1 , January 2011, , Pages 29-42

https://doi.org/10.22042/isecure.2015.3.1.3

Abstract
  In this paper we will construct a lattice-based public-key cryptosystem using non-commutative quaternion algebra, and since its lattice does not fully fit within Circular and Convolutional Modular Lattice (CCML), we prove it is arguably more secure than the existing lattice-based cryptosystems such as ...  Read More