Iranian Society of CryptologyThe ISC International Journal of Information Security2008-20451220090725Moving dispersion method for statistical anomaly detection in intrusion detection systems71903916810.22042/isecure.2015.1.2.2ENJ. Dj.Golic'Journal Article20090527A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as techniques for their efficient estimation are proposed. In particular, the method can be used for detecting network traffic anomalies due to network failures and network attacks such as (distributed) denial of service attacks, scanning attacks, SPAM and SPIT attacks, and massive malicious software attacks.https://www.isecure-journal.com/article_39168_371828506e964cfe2685e139edaebfde.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20451220090725Security testing of session initiation protocol implementations911033916910.22042/isecure.2015.1.2.3ENI. G.HarrisT. AlrahemA. ChenN. DiGiuseppeJ. GeeSh. P.HsiaoS. MattoxT. ParkS. SelvarajA. TamM. CarlssonJournal Article20090212The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Initiation Protocol (SIP) is the widespread standard for establishing and ending VOIP communication sessions. Our tool generates an input sequence for a SIP phone which is designed to reveal security vulnerabilities in the SIP phone application. The input sequence includes SIP messages and external graphical user interface (GUI) events which might contribute to triggering vulnerability. The input sequence is generated to perform a random walk through the state space of the protocol. The generation of external GUI events is critical to testing a stateful protocol such as SIP because GUI interaction is required to explore a significant portion of the state space. We have used our security testing tool to identify a previously unknown vulnerability in an existing open source SIP phone.https://www.isecure-journal.com/article_39169_928e80d03efd687f9af52544d1c72238.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20451220090725Image flip CAPTCHA1051233917010.22042/isecure.2015.1.2.4ENM. Tariq BandayN. A. ShahJournal Article20090319The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether the "user" is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web service providers to secure human interaction assumed services from Web bots. Several Web services that include and are not limited to free e-mail accounts, online polls, chat rooms, search engines, blogs, password systems, etc. use CAPTCHA as a defensive mechanism against automated Web bots. In this paper, we present a new clickable image-based CAPTCHA technique. The technique presents user with a CAPTCHA image composed of several sub-images. Properties of the proposed technique offer all of the benefits of image-based CAPTCHAs; grant improved security than that of usual OCR-based techniques, consume less Web page area than most of image-based techniques and at the same time improve the user-friendliness of the Web page.https://www.isecure-journal.com/article_39170_40e624cd410df4827a7d5a5120370ef0.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20451220090725An efficient blind signature scheme based on the elliptic curve discrete logarithm problem1251313917110.22042/isecure.2015.1.2.5ENM. NikooghadamA. ZakerolhosseiniJournal Article20081114Elliptic Curve Cryptosystems (ECC) have recently received significant attention by researchers due to their high performance such as low computational cost and small key size. In this paper a novel untraceable blind signature scheme is presented. Since the security of proposed method is based on difficulty of solving discrete logarithm over an elliptic curve, performance of the proposed scheme is quite commendable in comparison with the previous work in terms of security and time complexity.https://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf