Volume 13 (2021)
Volume 12 (2020)
Volume 11 (2019)
Volume 10 (2018)
Volume 9 (2017)
Volume 8 (2016)
Volume 7 (2015)
Volume 6 (2014)
Volume 5 (2013)
Volume 4 (2012)
Volume 3 (2011)
Volume 2 (2010)
Volume 1 (2009)
Research Article
1. A New Variant of the Winternitz One Time Signature Based on Graded Encoding Schemes

Hossein Oraei; Massoud Hadian Dehkordi

Volume 14, Issue 1 , Winter and Spring 2022, Pages 1-11

http://dx.doi.org/10.22042/isecure.2021.272908.639

Abstract
  Digital signature schemes are used to guarantee for non-repudiation and authenticity of any kind of data like documents, messages or software. The Winternitz one-time signature (WOTS) scheme, which can be described using a certain number of so-called “function chains”, plays an important ...  Read More

Research Article
2. SANT: Static Analysis of Native Threads for Security Vetting of Android Applications

Seyed Behnam Andarzian; Behrouz Tork Ladani

Volume 14, Issue 1 , Winter and Spring 2022, Pages 13-25

Abstract
  Most of the current research on static analysis of Android applications for security vetting either work on Java source code or the Dalvik bytecode. Nevertheless, Android allows developers to use C or C++ code in their programs that is compiled into various binary architectures. Moreover, Java and the ...  Read More

Research Article
3. A Study of Timing Side-Channel Attacks and Countermeasures on JavaScript and WebAssembly

Mohammad Erfan Mazaheri; Siavash Bayat Sarmadi; Farhad Taheri Ardakani

Volume 14, Issue 1 , Winter and Spring 2022, Pages 27-46

http://dx.doi.org/10.22042/isecure.2021.263565.599

Abstract
  Side-channel attacks are a group of powerful attacks in hardware security that exploit the deficiencies in the implementation of systems. Timing side-channel attacks are one of the main side-channel attack categories that use the time difference of running an operation in different states. Many powerful ...  Read More

Short Paper
4. A Time Randomization-Based Countermeasure Against the Template Side-Channel Attack

Farshideh Kordi; Hamed Hosseintalaee; Ali Jahanian

Volume 14, Issue 1 , Winter and Spring 2022, Pages 47-55

http://dx.doi.org/10.22042/isecure.2021.262658.592

Abstract
  The template attack is one of the most efficient attacks for exploiting the secret key. Template-based attack extracts a model for the behavior of side channel information from a device that is similar to the target device and then uses this model to retrieve the correct key on the target victim device. ...  Read More

Research Article
5. A Privacy Preserving Mutual Authentication Scheme Suitable for IoT-Based Medical Systems

Mahdieh Ebrahimi; Majid Bayat; Behnam Zahednejad

Volume 14, Issue 1 , Winter and Spring 2022, Pages 57-68

http://dx.doi.org/10.22042/isecure.2021.183936.463

Abstract
  The medical system remains among the fastest to adopt the Internet of Things. The reason for this trend is that integration Internet of Things(IoT) features into medical devices greatly improve the quality and effectiveness of service. However, there are many unsolved security problems. Due to medical ...  Read More

Research Article
6. An Efficient Pairing-Free Identity-Based Certificateless Signcryption

Saeed Banaeian Far; Maryam Rajabzadeh Assar

Volume 14, Issue 1 , Winter and Spring 2022, Pages 69-82

http://dx.doi.org/10.22042/isecure.2021.261788.587

Abstract
  A certificateless (CL) signcryption scheme is a cryptographic primitive that provides user authentication and message confidentiality at the same time. CL signcryption schemes (as a type of certificateless encryption scheme) have solved problems concerning malicious server presentation, and the server ...  Read More

Research Article
7. Business-Layer Session Puzzling Racer: Dynamic Security Testing Against Session Puzzling Race Conditions in Business Layer

Mitra Alidoosti; Alireza Nowroozi; Ahmad Nickabadi

Volume 14, Issue 1 , Winter and Spring 2022, Pages 83-104

http://dx.doi.org/10.22042/isecure.2021.272808.637

Abstract
  Parallel execution of multiple threads of a web application will result in server-side races if the web application is not synchronized correctly. Server-side race is susceptible to flaws in the relation between the server and the database. Detecting the race condition in the web applications depends ...  Read More

Research Article
8. A Binary Relevance Adaptive Model-Selection for Ensemble Steganalysis

Mahdieh Abazar; Peyman Masjedi; Mohammad Taheri

Volume 14, Issue 1 , Winter and Spring 2022, Pages 105-113

http://dx.doi.org/10.22042/isecure.2021.262990.596

Abstract
  Steganalysis is an interesting classification problem to discriminate the images, including hidden messages from the clean ones. There are many methods, including deep CNN networks, to extract fine features for this classification task. Also, some researches have been conducted to improve the final classifier. ...  Read More