Volume 13 (2021)
Volume 12 (2020)
Volume 11 (2019)
Volume 10 (2018)
Volume 9 (2017)
Volume 8 (2016)
Volume 7 (2015)
Volume 6 (2014)
Volume 5 (2013)
Volume 4 (2012)
Volume 3 (2011)
Volume 2 (2010)
Volume 1 (2009)

Research Article
1. A New Variant of the Winternitz One Time Signature Based on Graded Encoding Schemes

Hossein Oraei; Massoud Hadian

Articles in Press, Accepted Manuscript, Available Online from 06 September 2021

http://dx.doi.org/10.22042/isecure.2021.272908.639

Abstract
  Digital signature schemes are used to guarantee for non-repudiation and authenticity of any kind of data like documents, messages or software. The Winternitz one-time signature (WOTS) scheme, which can be described using a certain number of so-called function chains, plays an important role in the designof ...  Read More

Research Article
2. SANT: Static Analysis of Native Threads for Security Vetting of Android Applications

Seyed Behnam Andarzian; Behrouz Tork Ladani

Articles in Press, Accepted Manuscript, Available Online from 05 September 2021

http://dx.doi.org/10.22042/isecure.2021.247906.572

Abstract
  Most of the current research on static analysis of Android applications for security vetting either work on Java source code or the Dalvik bytecode. Nevertheless, Android allows developers to use C or C++ code in their programs that is compiled into various binary architectures. Moreover, Java and the ...  Read More

Research Article
3. Ransomware Detection Based on PE Header Using Convolutional Neural Networks

Farnoush Manavi; Ali Hamzeh

Articles in Press, Accepted Manuscript, Available Online from 28 August 2021

http://dx.doi.org/10.22042/isecure.2021.262846.595

Abstract
  With the spread of information technology in human life, data protection is a critical task. On the other hand, malicious programs are developed, which can manipulate sensitive and critical data and restrict access to this data. Ransomware is an example of such a malicious program that encrypts data, ...  Read More

Research Article
4. A Study of Timing Side-Channel Attacks and Countermeasures on JavaScript and WebAssembly

Mohammad Erfan Mazaheri; Siavash Bayat Sarmadi; Farhad Taheri Ardakani

Articles in Press, Accepted Manuscript, Available Online from 06 September 2021

http://dx.doi.org/10.22042/isecure.2021.263565.599

Abstract
  Side-channel attacks are a group of powerful attacks in hardware security that exploit the deficiencies in the implementation of systems. Timing side-channel attacks are one of the main side-channel attack categories that use the time difference of running an operation in different states. Many powerful ...  Read More

Technical Paper
5. A Time Randomization based Countermeasure against the Template Side Channel Attack

Farshideh Kordi; Hamed Hosseintalaee; Ali Jahanian

Articles in Press, Accepted Manuscript, Available Online from 06 September 2021

http://dx.doi.org/10.22042/isecure.2021.262658.592

Abstract
  The template attack is one of the most efficient attacks for exploiting the secret key. Template-based attack extracts a model forthe behavior of side channel information from a device which is similar to the target device and then uses this model to retrievethe correct key on the target victim device. ...  Read More

Research Article
6. A Privacy Preserving Mutual Authentication Scheme Suitable for IoT-Based Medical Systems

Mahdieh Ebrahimi; Majid Bayat; Behnam Zahednejad

Articles in Press, Accepted Manuscript, Available Online from 28 August 2021

http://dx.doi.org/10.22042/isecure.2021.183936.463

Abstract
  The medical system remains among the fastest to adopt the Internet of Things. The reason for this trend is that integration Internet of Things(IoT) features into medical devices greatly improve the quality and effectiveness of service. However, there are many unsolved security problems. Due to medical ...  Read More

Research Article
7. An Efficient Pairing-Free Identity-Based Certificateless Signcryption

Saeed Banaeian Far; Maryam Rajabzadeh Assar

Articles in Press, Accepted Manuscript, Available Online from 28 August 2021

http://dx.doi.org/10.22042/isecure.2021.261788.587

Abstract
  A certificateless (CL) signcryption scheme is a cryptographic primitive that provides user authentication and message confidentiality at the same time. CL signcryption schemes (as a type of certificateless encryption scheme) have solved problems concerning malicious server presentation, and the server ...  Read More

Research Article
8. Business-Layer Session Puzzling Racer: Dynamic Security Testing against Session Puzzling Race Conditions in the Business Layer

Mitra Alidoosti; Alireza Nowroozi; Ahmad Nickabadi

Articles in Press, Accepted Manuscript, Available Online from 06 September 2021

http://dx.doi.org/10.22042/isecure.2021.272808.637

Abstract
  Parallel execution of multiple threads of a web application will result in server-side races if the web application is not synchronized correctly. Server-side race is susceptible to flaws in the relation between the server and the database. Detecting the race condition in the web applications depends ...  Read More

Research Article
9. A Binary Relevance Adaptive Model-Selection for Ensemble Steganalysis

Mahdieh Abazar; Peyman Masjedi; Mohammad Taheri

Articles in Press, Accepted Manuscript, Available Online from 06 September 2021

http://dx.doi.org/10.22042/isecure.2021.262990.596

Abstract
  Steganalysis is an interesting classification problem to discriminate the images, including hidden messages from the clean ones. There are many methods, including deep CNN networks, to extract fine features for this classification task. Also, some researches have been conducted to improve the final classifier. ...  Read More