Volume 12 (2020)
Volume 11 (2019)
Volume 10 (2018)
Volume 9 (2017)
Volume 8 (2016)
Volume 7 (2015)
Volume 6 (2014)
Volume 5 (2013)
Volume 4 (2012)
Volume 3 (2011)
Volume 2 (2010)
Volume 1 (2009)
26. Algebraic Matching of Vulnerabilities in a Low-Level Code

Oleksandr Letychevskyi; Yaroslav Hryniuk; Viktor Yakovlev; Volodymyr Peschanenko; Viktor Radchenko

Volume 11, Issue 3 , Summer and Autumn 2019, , Pages 1-7


  This paper explores the algebraic matching approach for detection of vulnerabilities in binary codes. The algebraic programming system is used for implementing this method. It is anticipated that models of vulnerabilities and programs to be verified are presented as behavior algebra and ...  Read More

27. Access control in ultra-large-scale systems using a data-centric middleware

S. Shokrollahi; F. Shams; J. Esmaeili

Volume 6, Issue 1 , Winter and Spring 2014, , Pages 3-22


    The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between ...  Read More

28. A TESLA-based mutual authentication protocol for GSM networks

A. Fanian; M. Berenjkoub; T. A. Gulliver

Volume 1, Issue 1 , Winter and Spring 2009, , Pages 3-15


  The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated ...  Read More

29. Stream ciphers and the eSTREAM project

V. Rijmen

Volume 2, Issue 1 , Winter and Spring 2010, , Pages 3-11


  Stream ciphers are an important class of symmetric cryptographic algorithms. The eSTREAM project contributed significantly to the recent increase of activity in this field. In this paper, we present a survey of the eSTREAM project. We also review recent time/memory/data and time/memory/key trade-offs ...  Read More

30. Computer security in the future

M. Bishop

Volume 3, Issue 1 , Winter and Spring 2011, , Pages 3-27


  Until recently, computer security was an obscure discipline that seemed to have little relevance to everyday life. With the rapid growth of the Internet, e-commerce, and the widespread use of computers, computer security touches almost all aspects of daily life and all parts of society. Even those who ...  Read More

31. Improving the Rao-Nam secret key cryptosystem using regular EDF-QC-LDPC codes

R. Hooshmand; T. Eghlidos; M. R. Aref

Volume 4, Issue 1 , Winter and Spring 2012, , Pages 3-14


  This paper proposes an efficient joint secret key encryption-channel coding cryptosystem, based on regular Extended Difference Family Quasi-Cyclic Low-Density Parity-Check codes. The key length of the proposed cryptosystem decreases up to 85 percent using a new efficient compression algorithm. Cryptanalytic ...  Read More

32. A traceable optimistic fair exchange protocol in the standard model

R. Ganjavi; M. Rajabzadeh Asaar; M. Salmasizadeh

Volume 7, Issue 1 , Winter and Spring 2015, , Pages 3-14


  An Optimistic Fair Exchange (OFE) protocol is a good way for two parties to exchange their digital items in a fair way such that at the end of the protocol execution, both of them receive their items or none of them receive anything. In an OFE protocol there is a semi-trusted third party, named arbitrator, ...  Read More

33. A short introduction to two approaches in formal verification of security protocols: model checking and theorem proving

M. Pourpouneh; R. Ramezanian

Volume 8, Issue 1 , Winter and Spring 2016, , Pages 3-24


  In this paper, we shortly review two formal approaches in verification of security protocols; model checking and theorem proving. Model checking is based on studying the behavior of protocols via generating all different behaviors of a protocol and checking whether the desired goals are satisfied in ...  Read More

34. An efficient certificateless signcryption scheme in the standard model

P. Rastegari; M. Berenjkoub

Volume 9, Issue 1 , Winter and Spring 2017, , Pages 3-16


  Certificateless public key cryptography (CL-PKC) is a useful method in order to solve the problems of traditional public key infrastructure (i.e., large amount of computation, storage and communication costs for managing certificates) and ID-based public key cryptography (i.e., key escrow problem), simultaneously. ...  Read More

35. Impossible Differential Cryptanalysis of Reduced-Round Midori64 Block Cipher (Extended Version)

A. Rezaei Shahmirzdi; A. Azimi; M. Salmasizadeh; J. Mohajeri; M. R. Aref

Volume 10, Issue 1 , Winter and Spring 2018, , Pages 3-13


  Impossible differential attack is a well-known mean to examine robustness of block ciphers. Using impossible differential cryptanalysis, we analyze security of a family of lightweight block ciphers, named Midori, that are designed considering low energy consumption. Midori state size can be ...  Read More

36. A Trust Based Probabilistic Method for Efficient Correctness Verification in Database Outsourcing

Simin Ghasemi; Mohammad Ali Hadavi; Mina Niknafs

Volume 11, Issue 1 , Winter and Spring 2019, , Pages 3-14


  Correctness verification of query results is a significant challenge in database outsourcing. Most of the proposed approaches impose high overhead, which makes them impractical in real scenarios. Probabilistic approaches are proposed in order to reduce the computation overhead pertaining to the verification ...  Read More

37. A survey on digital data hiding schemes: principals, algorithms, and applications

M. A. Akhaee; F. Marvasti

Volume 5, Issue 1 , Winter and Spring 2013, , Pages 5-36


  This paper investigates digital data hiding schemes. The concept of information hiding will be explained at first, and its traits, requirements, and applications will be described subsequently. In order to design a digital data hiding system, one should first become familiar with the concepts and criteria ...  Read More

38. Investigation of Some Attacks on GAGE (v1), InGAGE (v1), (v1.03), and CiliPadi (v1) Variants

Majid Mahmoudzadeh Niknam; Sadegh Sadeghi; Mohammad Reza Aref; Nasour Bagheri

Volume 12, Issue 1 , Winter and Spring 2020, , Pages 13-23


  In this paper, we present some attacks on GAGE, InGAGE, and CiliPadi which are candidates of the first round of the NIST-LWC competition. GAGE and InGAGE are lightweight sponge based hash function and Authenticated Encryption with Associated Data (AEAD), respectively and support different sets of parameters. ...  Read More

39. Authorization models for secure information sharing: a survey and research agenda

F. Salim; J. Reid; E. Dawson

Volume 2, Issue 2 , Summer and Autumn 2010, , Pages 69-87


  This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency ...  Read More

40. Constructing cryptographic definitions

P. Rogaway

Volume 3, Issue 2 , Summer and Autumn 2011, , Pages 69-76


  This paper mirrors an invited talk to ISCISC 2011. It is not a conventional paper so much as an essay summarizing thoughts on a little-talked-about subject. My goal is to intermix some introspection about definitions with examples of them, these examples drawn mostly from cryptography. Underpinning our ...  Read More

41. Moving dispersion method for statistical anomaly detection in intrusion detection systems

J. Dj. Golic'

Volume 1, Issue 2 , Summer and Autumn 2009, , Pages 71-90


  A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. ...  Read More

42. A Survey of Anomaly Detection Approaches in Internet of Things

M. Behniafar; A.R. Nowroozi; H.R. Shahriari

Volume 10, Issue 2 , Summer and Autumn 2018, , Pages 79-92


  Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion ...  Read More

43. Enhanced Flush+Reload Attack on AES

Milad Seddigh; Hadi Soleimany

Volume 12, Issue 2 , Summer and Autumn 2020, , Pages 81-89


  In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used ...  Read More

44. Computationally secure multiple secret sharing: models, schemes, and formal security analysis

S. Mashhadi

Volume 7, Issue 2 , Summer and Autumn 2015, , Pages 91-99


  A multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants. in such a way a multi-secret sharing scheme (MSS) allows a dealer to share multiple secrets among a set of participants, such that any authorized subset of participants can reconstruct the secrets. ...  Read More

45. ASIC design protection against reverse engineering during the fabrication process using automatic netlist obfuscation design flow

Sh. Zamanzadeh; A. Jahanian

Volume 8, Issue 2 , Summer and Autumn 2016, , Pages 93-104


  Fab-less business model in semiconductor industry has led to serious concerns about trustworthy hardware. In untrusted foundries and manufacturing companies, submitted layout may be analyzed and reverse engineered to steal the information of a design or insert malicious Trojans. Understanding the netlist ...  Read More

46. Interdependent Security Game Design over Constrained Linear Influence Networks

Seyed Alireza Hasheminasab; Behrouz Tork Ladani; Tansu Alpcan

Volume 11, Issue 2 , Summer and Autumn 2019, , Pages 95-111


  In today's highly interconnected networks, security of the entities are often interdependent. This means security decisions of the agents are not only influenced by their own costs and constraints, but also are affected by their neighbors’ decisions. Game theory provides a rich set of tools to ...  Read More

47. Eigenvalues-based LSB steganalysis

F. Farhat; A. Diyanat; Sh. Ghaemmaghami; M. R. Aref

Volume 4, Issue 2 , Summer and Autumn 2012, , Pages 97-106


  So far, various components of image characteristics have been used for steganalysis, including the histogram characteristic function, adjacent colors distribution, and sample pair analysis. However, some certain steganography methods have been proposed that can thwart some analysis approaches through ...  Read More

48. A risk model for cloud processes

E. Damiani; S. Cimato; G. Gianini

Volume 6, Issue 2 , Summer and Autumn 2014, , Pages 99-123


  Traditionally, risk assessment consists of evaluating the probability of "feared events", corresponding to known threats and attacks, as well as these events' severity, corresponding to their impact on one or more stakeholders. Assessing risks of cloud-based processes is particularly difficult due to ...  Read More

49. On the computational complexity of finding a minimal basis for the guess and determine attack

Sh. Khazaei; F. Moazami

Volume 9, Issue 2 , Summer and Autumn 2017, , Pages 101-110


  Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, ...  Read More

50. A semantic-aware role-based access control model for pervasive computing environments

A. Javadi; M. Amini

Volume 5, Issue 2 , Summer and Autumn 2013, , Pages 119-140


  Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information ...  Read More