Security and Communication Networks

We propose a multi-feedback approach, BotCatch, to detect bots effectively and efficiently on host by leverage of a combination of signature and behavior. BotCatch feeds back signature, behavior, and correlation results to dynamically adjust detecting modules. Our experiments indicate that BotCatch achieves an accuracy of 97.1% and F-measure value of 0.982 simultaneously. BotCatch has the ability to gradually get more robust and accurate as samples increase. The final stage even reaches an accuracy of 98.5% and F-measure value of 0.991.

We design and implement ProxyReplay to replay captured application-layer traffic for network proxies. It is an accurate and efficient tool for evaluating proxy functionalities. A proof-of-concept implementation of ProxyReplay is also provided to show that it works well with real-world network traces and proxies.

Service provider's trusted segmented approaches encourage the global smart users for preserving valuable information in cloud environment to enjoy the benefits of the cloud. Storage service is a serious issue for both the providers and the cloud users. It is noticed that preserving user's privacy as a whole during data as a service is a contemporary research in the cloud era. Framework-based approach for preserving ones personal data in storage service is a milestone for the cloud environment.

Our protocol leverages the mobile cloud computing to protect the users' privacy in location-based information survey applications.

This paper highlights the importance of time synchronization in Cloud log files from the perspective of a forensics investigator. We evaluate the existing time synchronization techniques for cloud computing (CC) and provide a list of guidelines toward the design of cloud forensics aware timekeeping techniques for CC.

We have proposed an enhanced robust and efficient group key management to secure Supervisory Control And Data Acquisition system in smart grid. The proposed scheme is characterized by adopting self-healing key to tolerant failures of the sub-master terminal units and revoking compromised users dynamically. Detailed security analysis shows that the proposed scheme meets the requirements of group communication and performance evaluation demonstrates its efficiency in terms of low storage requirement and communication overheads.

In this paper, we propose a new key management scheme, which uses key pre-distribution and post-deployment key establishment mechanisms for dynamic wireless sensor networks. The proposed approach ensures that the two communicating nodes share at least one common key. It also provides efficient ways for key generation and revocation as well as addition or deletion of mobile sensor nodes.

The study gives a methodology and a tool to design properly an application over wireless sensor networks with a high QoS degree. We have undertaken a set of experimentations in order to extract a road map in order to choose the right parameters. A classification technique has been used for many types of parameters (application, type, routing protocol, network size, and radio range coverage). The tool is able to propose an NS-2 script for the selected parameters.

A light-weight framework based on incremental sensor node deployment and a diversified one-way hash chain for countering key-swapping collusion attack is proposed in the light of two new node capture attack models: sporadic attack and continuous-time attack.

In this paper, we present a transactions based secure routing protocol for data transmission. Here, cognitive agents with behaviors-beliefs model are placed on routers to generate beliefs over the routers functionalities w.r.t. genuinity, and various transactions are classified on the basis of the transaction subtlety levels. These two factors are used in determining secure paths for data transmission of varied security levels and thereby enhancing the network performance. The results are presented to demonstrate the routing delay, latency, quality of service, and throughput.

This work introduces touchstroke dynamics aiming to explore the potential of this advanced biometric trait in serving as a second verification factor when authenticating the user of a touchscreen smartphone. Towards this goal, we explore typical scenarios used by the majority of legacy keystroke systems but also consider novel classification features and methodologies along with that employed in typical keystroke analysis. The entire experimental procedure has been carried out on a real smartphone in the Android platform.

In this paper, a new publish-based/subscribe-based certificate validation scheme is presented, which minimizes the inconsistency of certificate status information in the MANETs and increases the security and scalability of public key-based security systems.

Modal logics have been employed for authorization in distributed systems. New computing environments, however, pose new challenges in devising appropriate logics. This paper concentrates on the aspects of an effective authorization logic for pervasive computing and develops a nonmonotonic modal logic to this end. In particular, the logic proposed can handle uncertain and imperfect information about the principals and the contexts in which they make their requests.

This article presents a novel static-based solution for identifying obfuscated JavaScript code. The proposed solution emphasizes on detecting readably obfuscated scripts in addition to the encoded ones. In contrast, existing methods overlook obfuscation problem either (i) by tackling the problem from readability perspective or (ii) by detecting patterns of obfuscation that are limited to a specific kind of JavaScript malware.

In this paper, a new enhanced Kerberos protocol with non-interactive zero-knowledge proof is proposed, in which the clients and the authentication server can mutually authenticate each other without revealing any information during the authentication process. Our security analysis and experimental results have shown that the proposed scheme can resist password-guessing attacks and is more convenient and efficient than previous schemes.

In this paper, we study the open problem on constructing eCK^w secure authenticated key exchange (AKE) protocol in the standard model. A new one-round AKE protocol is introduced relying on standard cryptographic primitives and a variant of bilinear decisional Diffie-Hellman assumption. The main advantage of our proposal is its high efficiency in key exchange in contrast to the previous eCK secure protocols without random oracles and under post-specified peer setting.

Introduce anonymity and observational equivalence theory to protocol composition logic (PCL) model and extend PCL to be APCL (PCL for anonymity). In APCL, equivalent messages and equivalent traces are proposed, and three kinds of anonymity are defined. Besides, formalize the anonymity of direct anonymous attestation using APCL.

This paper proposes a new small target detection system that detects small target candidates based on morphology operations and detects actual targets using a modified Gaussian distance function. The proposed method is less sensitive to clutters than existing methods and has a detection rate of 98%.

In this paper, we present how we build our frame capture tool along with a set of implementation techniques for automatically capturing all the frames and analyzing an attack on a WiFi. In our research, we focus on the WiFi medium access control (MAC) layer for wireless network analysis. We also discuss what we learned and the limitations which we discovered when implementing the tool.