Volume 16 (2024)
Volume 15 (2023)
Volume 14 (2022)
Volume 13 (2021)
Volume 12 (2020)
Volume 11 (2019)
Volume 10 (2018)
Volume 9 (2017)
Volume 8 (2016)
Volume 7 (2015)
Volume 6 (2014)
Volume 5 (2013)
Volume 4 (2012)
Volume 3 (2011)
Volume 2 (2010)
Volume 1 (2009)

An Obfuscation Method Based on CFGLUTs for Security of FPGAs

Mansoureh Labafniya; Shahram Etemadi Borujeni

Volume 13, Issue 2 , July 2021, , Pages 157-162

https://doi.org/10.22042/isecure.2021.234848.557

Abstract
  There are many different ways of securing FPGAs to prevent successful reverse engineering. One of the common forms is obfuscation methods. In this paper, we proposed an approach based on obfuscation to prevent FPGAs from successful reverse engineering and, as a result, Hardware Trojan Horses (HTHs) insertion. ...  Read More

Anomaly Detection Using SVM as Classifier and Decision Tree for Optimizing Feature Vectors

Elham Serkani; Hossein Gharaee Garakani; Naser Mohammadzadeh

Volume 11, Issue 2 , July 2019, , Pages 159-171

https://doi.org/10.22042/isecure.2019.164980.448

Abstract
  Abstract- With the advancement and development of computer network technologies, the way for intruders has become smoother; therefore, to detect threats and attacks, the importance of intrusion detection systems (IDS) as one of the key elements of security is increasing. One of the challenges of intrusion ...  Read More

An extended feature set for blind image steganalysis in contourlet domain

E. Shakeri; Sh. Ghaemmaghami

Volume 6, Issue 2 , July 2014, , Pages 169-181

https://doi.org/10.22042/isecure.2014.6.2.6

Abstract
  The aim of image steganalysis is to detect the presence of hidden messages in stego images. We propose a blind image steganalysis method in Contourlet domain and then show that the embedding process changes statistics of Contourlet coefficients. The suspicious image is transformed into Contourlet space, ...  Read More

Ransomware Detection Based on PE Header Using Convolutional Neural Networks

Farnoush Manavi; Ali Hamzeh

Volume 14, Issue 2 , July 2022, , Pages 181-192

https://doi.org/10.22042/isecure.2021.262846.595

Abstract
  With the spread of information technology in human life, data protection is a critical task. On the other hand, malicious programs are developed, which can manipulate sensitive and critical data and restrict access to this data. Ransomware is an example of such a malicious program that encrypts data, ...  Read More

Convertible limited (multi-) verifier signature: new constructions and applications

S. Avizheh; M. Rajabzadeh Asaar; M. Salmasizadeh

Volume 5, Issue 2 , July 2013, , Pages 189-208

https://doi.org/10.22042/isecure.2014.5.2.6

Abstract
  A convertible limited (multi-) verifier signature (CL(M)VS) provides controlled verifiability and preserves the privacy of the signer. Furthermore, limited verifier(s) can designate the signature to a third party or convert it into a publicly verifiable signature upon necessity. In this proposal, we ...  Read More

An Auto-Encoder based Membership Inference Attack against Generative Adversarial Network

Maryam Azadmanesh; Behrouz Shahgholi Ghahfarokhi; Maede Ashouri-Talouki

Volume 15, Issue 2 , July 2023, , Pages 240-253

https://doi.org/10.22042/isecure.2022.320282.735

Abstract
  Using generative models to produce unlimited synthetic samples is a popular replacement for database sharing. Generative Adversarial Network (GAN) is a popular class of generative models which generates synthetic data samples very similar to real training datasets. However, GAN models do not necessarily ...  Read More

Face Recognition Based Rank Reduction SVD Approach

Omed Hassan Ahmed; Joan Lu; Qiang Xu; Muzhir Shaban Al-Ani

Volume 11, Issue 3 , August 2019, , Pages 39-50

https://doi.org/10.22042/isecure.2019.11.0.6

Abstract
  Standard face recognition algorithms that use standard feature extraction techniques always suffer from image performance degradation. Recently, singular value decomposition and low-rank matrix are applied in many applications,including pattern recognition and feature extraction. The main objective ...  Read More

SEIMCHA: a new semantic image CAPTCHA using geometric transformations

M. Mehrnejad; A. Ghaemi Bafghi; A. Harati; E. Toreini

Volume 4, Issue 1 , January 2012, , Pages 63-76

https://doi.org/10.22042/isecure.2015.4.1.7

Abstract
  As protection of web applications are getting more and more important every day, CAPTCHAs are facing booming attention both by users and designers. Nowadays, it is well accepted that using visual concepts enhance security and usability of CAPTCHAs. There exist few major different ideas for designing ...  Read More

A Decentralized Online Sortition Protocol

R. Ramezanian; M. Pourpouneh

Volume 10, Issue 1 , January 2018, , Pages 63-69

https://doi.org/10.22042/isecure.2018.113240.403

Abstract
  We propose a new online sortition protocol which is decentralized. We argue that our protocol has safety, fairness, randomness, non-reputation and openness properties. Sortition is a process that makes random decision and it is used in competitions and lotteries to determine who is the winner. In the ...  Read More

A new method for accelerating impossible differential cryptanalysis and its application on LBlock

A. Khalesi; H. Bahramgiri; D. Mansuri

Volume 8, Issue 1 , January 2016, , Pages 73-84

https://doi.org/10.22042/isecure.2016.8.1.5

Abstract
  Impossible differential cryptanalysis, the extension of differential cryptanalysis, is one of the most efficient attacks against block ciphers. This cryptanalysis method has been applied to most of the block ciphers and has shown significant results. Using structures, key schedule considerations, early ...  Read More

An automatic test case generator for evaluating implementation of access control policies

M. Safarzadeh; M. Taghizadeh; B. Zamani; B. Tork Ladani

Volume 9, Issue 1 , January 2017, , Pages 73-91

https://doi.org/10.22042/isecure.2017.0.0.3

Abstract
  One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access ...  Read More

Security-aware register placement to hinder malicious hardware updating and improve Trojan detectability

M. Vosoughi; A. Jahanian

Volume 7, Issue 1 , January 2015, , Pages 75-81

https://doi.org/10.22042/isecure.2015.7.1.7

Abstract
  Nowadays, bulk of the designers prefer to outsource some parts of their design and fabrication process to the third-part companies due to the reliability problems, manufacturing cost and time-to-market limitations. In this situation, there are a lot of opportunities for malicious alterations by the off-shore ...  Read More

A New Ring-Based SPHF and PAKE Protocol On Ideal Lattices

Reza Ebrahimi Atani; Shahabaddin Ebrahimi Atani; Amir Hassani Karbasi

Volume 11, Issue 1 , January 2019, , Pages 75-86

https://doi.org/10.22042/isecure.2018.109810.398

Abstract
  \emph{ Smooth Projective Hash Functions } ( SPHFs ) as a specific pattern of zero knowledge proof system are fundamental tools to build many efficient cryptographic schemes and protocols. As an application of SPHFs, \emph { Password - Based Authenticated Key Exchange } ( PAKE ) protocol is well-studied ...  Read More

A density based clustering approach to distinguish between web robot and human requests to a web server

M. Zabihi; M. Vafaei Jahan; J. Hamidzadeh

Volume 6, Issue 1 , January 2014, , Pages 77-89

https://doi.org/10.22042/isecure.2014.6.1.7

Abstract
  Today world's dependence on the Internet and the emerging of Web 2.0 applications is significantly increasing the requirement of web robots crawling the sites to support services and technologies. Regardless of the advantages of robots, they may occupy the bandwidth and reduce the performance of web ...  Read More

Business-Layer Session Puzzling Racer: Dynamic Security Testing Against Session Puzzling Race Conditions in Business Layer

Mitra Alidoosti; Alireza Nowroozi; Ahmad Nickabadi

Volume 14, Issue 1 , January 2022, , Pages 83-104

https://doi.org/10.22042/isecure.2021.272808.637

Abstract
  Parallel execution of multiple threads of a web application will result in server-side races if the web application is not synchronized correctly. Server-side race is susceptible to flaws in the relation between the server and the database. Detecting the race condition in the web applications depends ...  Read More

Image encryption based on chaotic tent map in time and frequency domains

E. Hassani; M. Eshghi

Volume 5, Issue 1 , January 2013, , Pages 97-110

https://doi.org/10.22042/isecure.2013.5.1.7

Abstract
  The present paper is aimed at introducing a new algorithm for image encryption using chaotic tent maps and the desired key image. This algorithm consists of two parts, the first of which works in the frequency domain and the second, in the time domain. In the frequency domain, a desired key image is ...  Read More

A New Social Multi-Secret Sharing Scheme using Birkhoff Interpolation and Chinese Remainder Theorem

Mohammad Ebrahim Ebrahimi Kiasari; Nasrollah Pakniat; Abdolrasoul Mirghadri; Mojtaba Nazari

Volume 15, Issue 1 , January 2023, , Pages 125-135

https://doi.org/10.22042/isecure.2022.293948.689

Abstract
  Secret sharing (SS) schemes allow the sharing of a secret among a set of trustees in such a way that only some qualified subsets of them can recover the secret. Ordinary SS schemes assume that the trust to each trustee is fixed over time. However, this is not the case in many real scenarios. Social secret ...  Read More

Feature-based Malicious URL and attack type detection using multi-class classification

Dharmaraj Rajaram Patil; Jayantrao Patil

Volume 10, Issue 2 , July 2018, , Pages 141-162

https://doi.org/10.22042/isecure.2021.113973.404

Abstract
  Nowadays, malicious URLs are the common threat to the businesses, social networks, net-banking etc. However, malicious URLs deal with various Web attacks like phishing, spamming and malware distribution. Existing approaches have focused on binary detection i.e. either the URL is malicious or benign. ...  Read More

A confidence-aware interval-based trust model

H. Shakeri; A. Ghaemi Bafghi

Volume 4, Issue 2 , July 2012, , Pages 151-165

https://doi.org/10.22042/isecure.2013.4.2.6

Abstract
  It is a common and useful task in a web of trust to evaluate the trust value between two nodes using intermediate nodes. This technique is widely used when the source node has no experience of direct interaction with the target node, or the direct trust is not reliable enough by itself. If trust is used ...  Read More

A collusion mitigation scheme for reputation systems

M. Niknafs; S. Dorri Nogoorani; R. Jalili

Volume 7, Issue 2 , July 2015, , Pages 151-166

https://doi.org/10.22042/isecure.2016.7.2.7

Abstract
  Reputation management systems are in wide-spread use to regulate collaborations in cooperative systems. Collusion is one of the most destructive malicious behaviors in which colluders seek to affect a reputation management system in an unfair manner. Many reputation systems are vulnerable to collusion, ...  Read More

A note on the security of two improved RFID protocols

M. Safkhani; N. Bagheri

Volume 8, Issue 2 , July 2016, , Pages 155-160

https://doi.org/10.22042/isecure.2016.8.2.6

Abstract
  Recently, Baghery et al. [1, 2] presented some attacks on two RFID protocols, namely Yoon and Jung et al. protocols, and proposed the improved version of them. However, in this note, we show that the improved version of the Jung et al. protocol suffers from desynchronization attack and the improved version ...  Read More

Analyzing new features of infected web content in detection of malicious web pages

J. Hajian Nezhad; Majid Vafaei Jahan; M. Tayarani-N; Z. Sadrnezhad

Volume 9, Issue 2 , July 2017, , Pages 161-181

https://doi.org/10.22042/isecure.2017.9.2.2

Abstract
  Recent improvements in web standards and technologies enable the attackers to hide and obfuscate infectious codes with new methods and thus escaping the security filters. In this paper, we study the application of machine learning techniques in detecting malicious web pages. In order to detect malicious ...  Read More

Detection of Fake Accounts in Social Networks Based on One Class Classification

Mohammad Reza Mohammadrezaei; Mohammad Ebrahim Shiri; Amir Masoud Rahmani

Volume 11, Issue 2 , July 2019, , Pages 173-183

https://doi.org/10.22042/isecure.2019.165312.450

Abstract
  Detection of fake accounts on social networks is a challenging process. The previous methods in identification of fake accounts have not considered the strength of the users’ communications, hence reducing their efficiency. In this work, we are going to present a detection method based on the users’ ...  Read More

A two-phase wormhole attack detection scheme in MANETs

Sh. Shamaei; A. Movaghar

Volume 6, Issue 2 , July 2014, , Pages 183-191

https://doi.org/10.22042/isecure.2015.6.2.7

Abstract
  Mobile ad-hoc networks (MANETs) have no fixed infrastructure, so all network operations such as routing and packet forwarding are done by the nodes themselves. However, almost all common existing routing protocols basically focus on performance measures regardless of security issues. Since these protocols ...  Read More

Attacks to Some Recently Proposed CL-SC Schemes and Presenting a Secure Scheme with KSSTIS

Parvin Rastegari

Volume 14, Issue 2 , July 2022, , Pages 193-213

https://doi.org/10.22042/isecure.2022.266258.602

Abstract
  The certificateless public key cryptography (CL-PKC) setting, makes it possible to overcome the problems of the conventional public key infrastructure and the ID-Based public key cryptography, concurrently. A certificateless signcryption (CL-SC) scheme is an important cryptographic primitive which provides ...  Read More