Relevant bibliographies by topics / De-Authentication Attack / Journal articles
To see the other types of publications on this topic, follow the link: De-Authentication Attack.

Journal articles on the topic 'De-Authentication Attack'

Author: Grafiati
Published: 4 June 2025
Last updated: 14 July 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 47 journal articles for your research on the topic 'De-Authentication Attack.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Salman Al-Nuaimi, Mustafa Abdulkareem, and Abdullahi Abdu Ibrahim. "Analyzing and Detecting the De-Authentication Attack by Creating an Automated Scanner using Scapy." International Journal on Recent and Innovation Trends in Computing and Communication 11, no. 2 (2023): 131–37. http://dx.doi.org/10.17762/ijritcc.v11i2.6137.

Full text
Abstract:
with the rapid spread of internet technologies around the world, the number of people that are using the internet is increasing enormously in the last 10 years. with the increase in the number of people that are using the internet and the increase in the devices that depend on the internet such as computers, tablets, and mobile phones are raised the challenges of internet security against hackers who can steal sensitive information and exploits personal data. In this paper, we’re focusing on the home security threads and one of its famous attacks called the De-authentication attacks. The de-authentication frame is one of the Management frames that is transmitted between the AP and the connected devices and it can be used by attackers to apply a Dos attack and deny the devices from connecting to the network. In this paper. We will analyze the normal de-authentication frame and compare it with the attacking de-authentication frames to create an automated Scanner to identify whether it’s an attack, or it's a normal frame transmitted between AP and its connected devices, or vice versa.
APA, Harvard, Vancouver, ISO, and other styles
2

Gebresilassie, Samson Kahsay, Joseph Rafferty, Liming Chen, Zhan Cui, and Mamun Abu-Tair. "Transfer and CNN-Based De-Authentication (Disassociation) DoS Attack Detection in IoT Wi-Fi Networks." Electronics 12, no. 17 (2023): 3731. http://dx.doi.org/10.3390/electronics12173731.

Full text
Abstract:
The Internet of Things (IoT) is a network of billions of interconnected devices embedded with sensors, software, and communication technologies. Wi-Fi is one of the main wireless communication technologies essential for establishing connections and facilitating communication in IoT environments. However, IoT networks are facing major security challenges due to various vulnerabilities, including de-authentication and disassociation DoS attacks that exploit IoT Wi-Fi network vulnerabilities. Traditional intrusion detection systems (IDSs) improved their cyberattack detection capabilities by adapting machine learning approaches, especially deep learning (DL). However, DL-based IDSs still need improvements in their accuracy, efficiency, and scalability to properly address the security challenges including de-authentication and disassociation DoS attacks tailored to suit IoT environments. The main purpose of this work was to overcome these limitations by designing a transfer learning (TL) and convolutional neural network (CNN)-based IDS for de-authentication and disassociation DoS attack detection with better overall accuracy compared to various current solutions. The distinctive contributions include a novel data pre-processing, and de-authentication/disassociation attack detection model accompanied by effective real-time data collection and parsing, analysis, and visualization to generate our own dataset, namely, the Wi-Fi Association_Disassociation Dataset. To that end, a complete experimental setup and extensive research were carried out with performance evaluation through multiple metrics and the results reveal that the suggested model is more efficient and exhibits improved performance with an overall accuracy of 99.360% and a low false negative rate of 0.002. The findings from the intensive training and evaluation of the proposed model, and comparative analysis with existing models, show that this work allows improved early detection and prevention of de-authentication and disassociation attacks, resulting in an overall improved network security posture for all Wi-Fi-enabled real-world IoT infrastructures.
APA, Harvard, Vancouver, ISO, and other styles
3

Safkhani, Masoumeh, Nasour Bagheri, and Mahyar Shariat. "On the Security of Rotation Operation Based Ultra-Lightweight Authentication Protocols for RFID Systems." Future Internet 10, no. 9 (2018): 82. http://dx.doi.org/10.3390/fi10090082.

Full text
Abstract:
Passive Radio Frequency IDentification (RFID) tags are generally highly constrained and cannot support conventional encryption systems to meet the required security. Hence, designers of security protocols may try to achieve the desired security only using limited ultra-lightweight operations. In this paper, we show that the security of such protocols is not provided by using rotation functions. In the following, for an example, we investigate the security of an RFID authentication protocol that has been recently developed using rotation function named ULRAS, which stands for an Ultra-Lightweight RFID Authentication Scheme and show its security weaknesses. More precisely, we show that the ULRAS protocol is vulnerable against de-synchronization attack. The given attack has the success probability of almost ‘1’, with the complexity of only one session of the protocol. In addition, we show that the given attack can be used as a traceability attack against the protocol if the parameters’ lengths are an integer power of 2, e.g., 128. Moreover, we propose a new authentication protocol named UEAP, which stands for an Ultra-lightweight Encryption based Authentication Protocol, and then informally and formally, using Scyther tool, prove that the UEAP protocol is secure against all known active and passive attacks.
APA, Harvard, Vancouver, ISO, and other styles
4

Singh, Rajinder, and Satish Kumar. "A Light Weight Solution for Detecting De-Authentication Attack." International Journal of Network Security & Its Applications 11, no. 01 (2019): 15–26. http://dx.doi.org/10.5121/ijnsa.2019.11102.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Ji, Sai, Shuai Liu, Chen Wang, Rongxin Qi, and Jian Shen. "An Anonymous Mutual Authentication Scheme for RFID-Based Transportation System." Electronics 9, no. 12 (2020): 2167. http://dx.doi.org/10.3390/electronics9122167.

Full text
Abstract:
In traditional transportation, each driver usually relies on their experience to determine an appropriate route, which may shorten the driving time and transport cost. However, this may also lead to a waste of time in traffic jams or due to other problems. In recent years, by introducing Internet of Things technology into the transportation system, traffic condition data can be collected and analyzed in real-time, which makes it easier for drivers to choose appropriate routes. However, the transmitted data may be intercepted or falsified, especially in untrusted public communication channels. Some schemes have been proposed to protect personal data, while they are vulnerable to some known attacks. Therefore, we propose a mutual authentication scheme for session key agreement and information encryption before transmitting personal data. This scheme can correctly identify vehicles and information. The Burrows–Abadi–Needham logic proof and our security discussion demonstrate that this authentication scheme can resist the various known attacks, including de-synchronization, the replay attack and the reader lost attack, which is solved for the first time in this field. Compared with some typical schemes, the performance analysis shows that this new scheme realizes a balance between security and computing costs.
APA, Harvard, Vancouver, ISO, and other styles
6

Servati, Mohammad Reza, Masoumeh Safkhani, Saqib Ali, et al. "Cryptanalysis of Two Recent Ultra-Lightweight Authentication Protocols." Mathematics 10, no. 23 (2022): 4611. http://dx.doi.org/10.3390/math10234611.

Full text
Abstract:
Radio Frequency Identification (RFID) technology is a critical part of many Internet of Things (IoT) systems, including Medical IoT (MIoT) for instance. On the other hand, the IoT devices’ numerous limitations (such as memory space, computing capability, and battery capacity) make it difficult to implement cost- and energy-efficient security solutions. As a result, several researchers attempted to address this problem, and several RFID-based security mechanisms for the MIoT and other constrained environments were proposed. In this vein, Wang et al. and Shariq et al. recently proposed CRUSAP and ESRAS ultra-lightweight authentication schemes. They demonstrated, both formally and informally, that their schemes meet the required security properties for RFID systems. In their proposed protocols, they have used a very lightweight operation called Cro(·) and Rank(·), respectively. However, in this paper, we show that those functions are not secure enough to provide the desired security. We show that Cro(·) is linear and reversible, and it is easy to obtain the secret values used in its calculation. Then, by exploiting the vulnerability of the Cro(·) function, we demonstrated that CRUSAP is vulnerable to secret disclosure attacks. The proposed attack has a success probability of "1" and is as simple as a CRUSAP protocol run. Other security attacks are obviously possible by obtaining the secret values of the tag and reader. In addition, we present a de-synchronization attack on the CRUSAP protocol. Furthermore, we provide a thorough examination of ESRAS and its Rank(·) function. We first present a de-synchronization attack that works for any desired Rank(·) function, including Shariq et al.’s proposed Rank(·) function. We also show that Rank(·) does not provide the desired confusion and diffusion that is claimed by the designers. Finally, we conduct a secret disclosure attack against ESRAS.
APA, Harvard, Vancouver, ISO, and other styles
7

Sooyeon Shin, Jongshin Kim, and Taekyoung Kwon. "Cryptanalysis of the Lightweight and Anonymous Authentication and Access Control for Real-time Applications in Wireless Sensor Networks." Research Briefs on Information and Communication Technology Evolution 5 (November 30, 2019): 86–92. http://dx.doi.org/10.56801/rebicte.v5i.87.

Full text
Abstract:
In wireless sensor networks, sensor nodes collect different types of data from the environment andnot all collected data has the same security importance. Basically, for real-time applications, user authenticationto ensure that only authorized users can access sensor nodes is critical, but access controlthat allows users with different privileges to access data according to their privileges is also important.Recently, Adavoudi-Jolfaei et al. proposed an improved three-factor authentication scheme byproviding more desired security properties such as three-factor authentication and access control. Inthis paper, however, we show that the Adavoudi-Jolfaei et al.’s scheme has security flaws; a usercollusion attack, de-synchronization attack, and no providing sensor node anonymity. We presentsimple countermeasures against the security flaws we have found.
APA, Harvard, Vancouver, ISO, and other styles
8

Arisandi, Diki, Nazrul M. Ahmad, and Subarmaniam Kannan. "Invisible Scout: A Layer 2 Anomaly System for Detecting Rogue Access Point (RAP)." Emerging Science Journal 9, no. 1 (2025): 284–310. https://doi.org/10.28991/esj-2025-09-01-016.

Full text
Abstract:
Rogue Access Points (RAPs) pose a significant security threat by mimicking legitimate Wi-Fi networks and potentially compromising sensitive data. To address this issue, this research has proposed an innovative mechanism called Invisible Scout, which uses a multi-module system to identify RAPs. This study aimed to develop and validate a mechanism capable of accurately detecting RAPs in controlled setups, real-world environments, and under de-authentication attack scenarios. The proposed system consists of four key modules: sniffer, detection, probing, and comparison. To evaluate its effectiveness, tests were conducted in controlled and open environments and under de-authentication scenarios, using decision tree models and various metrics to assess performance. The decision tree model showed promising results in the controlled setup, achieving an Area Under the Curve (AUC) score of 0.921 and classification accuracy (CA) of 0.875, indicating that the model effectively distinguished between legitimate access points and RAPs. When tested in an open environment, the model's performance improved, achieving an AUC score of 0.952 and a CA of 0.994. Furthermore, under a de-authentication attack, the model achieved an AUC score of 0.955 and a CA of 0.996. To gain a deeper understanding of RAP behaviors, linear regression analysis was conducted, revealing patterns and visualizing the existence of RAPs, which could assist in further analysis. In conclusion, the results demonstrated that the proposed mechanism was highly effective in identifying RAPs. Future research should focus on refining the detection mechanism, incorporating real-time response capabilities, and expanding testing to diverse network scenarios. Doi: 10.28991/ESJ-2025-09-01-016 Full Text: PDF
APA, Harvard, Vancouver, ISO, and other styles
9

Nasser, Hiba Imad, and Mohammed Abdulridha Hussain. "Defending a wireless LAN against ARP spoofing attacks using a Raspberry Pi." Basrah Researches Sciences 48, no. 2 (2022): 123–35. http://dx.doi.org/10.56714/bjrs.48.2.12.

Full text
Abstract:
The Address Resolution Protocol (ARP) is a protocol that converts Internet Protocol (IP) addresses to Media Access Control (MAC) addresses. Due to a security issue known as "Man in the Middle," identity theft is feasible using the ARP protocol. ARP spoofing is one of the weaknesses in wireless networks when an attacker effectively masquerades as a legitimate one. Spoofing attacks will reduce network performance and break several security measures. In networks that use MAC address-based filtering to verify clients, all a spoofer needs is an actual MAC address from an authorised client to gain an unfair advantage. The research recommends developing a security system recognising and preventing ARP spoofing attacks. This system detects ARP spoofing attempts by comparing the static MAC address of the original router to the router's MAC address in the ARP cache table. After detecting the attack using information collected from the router's MAC address in the ARP cache table, the system will conduct a de-authentication attack against the attacker's MAC address. If the attacker is disconnected from the WLAN, they cannot perform ARP spoofing attacks. This system is operated using a Raspberry Pi Model B. Most ARP spoofing attacks can be detected in 0.93 seconds, and responding takes 3.05 seconds.
APA, Harvard, Vancouver, ISO, and other styles
10

Nyangaresi, Vincent Omollo, Silvance O. Abeka, and Anthony J. Rodrigues. "GUTI-Based Multi-Factor Authentication Protocol for De-synchronization Attack Prevention in LTE Handovers." International Journal of Cyber-Security and Digital Forensics 9, no. 1 (2020): 1–11. http://dx.doi.org/10.17781/p002642.

Full text
APA, Harvard, Vancouver, ISO, and other styles
11

Ballesteros, Juan. "SEGURIDAD EN REDES INALÁMBRICAS DE ACCESO LOCAL BAJO PARÁMETROS DE USO DE HERRAMIENTAS LIBRES." Revista Cientifica TECNIA 26, no. 1 (2016): 57. http://dx.doi.org/10.21754/tecnia-26012016.06.

Full text
Abstract:
RESUMENEn este documento se presenta una auditoria en redes bajo funcionamiento en protocolo IEEE 802.11xx, redesutilizadas para la comunicación entre dispositivos en casa y oficina para verificar la seguridad que garantizan lasmismas; para este propósito se utilizó software libre que funciona bajo sistema operativo Linux, específicamentela suite de Aircrack; se presenta la auditoria a las redes que funcionan con encriptación WEP y WPA, populares yutilizadas en redes inalámbricas de este tipo; de manera transversal se muestran los diferentes tipos de ataquesdisponibles por mencionar sniffers, ataques de denegación de servicio y autenticaciones falsas con clonación dedirecciones MAC, particularmente.Palabras clave.- Wife, Welan, Inalámbrico, Wpa Wep.ABSTRACTIn this paper we present an audit IEEE 802.11x networks to check how secure these networks are for use in thehome and office, will be used for this purpose free software Linux with aircrack suite, tests were done for the2 encryptions WEP and WPA these popular encryptions for security in wireless networks, also show differentforms to develop attacks for example denial of service sniffers, fake authentication, etc. The dictionary attack isthe most popular and will be the starting point for the audit, but it is important also to mention other equallyeffective methods to develop this attack.Key words.- Wife, Wlan, Wireless, Wpa Wep.
APA, Harvard, Vancouver, ISO, and other styles
12

Ballesteros, Juan, and Fabián Chaparro. "SEGURIDAD EN REDES INALÁMBRICAS DE ACCESO LOCAL BAJO PARÁMETROS DE USO DE HERRAMIENTAS LIBRES." Revista Cientifica TECNIA 26, no. 1 (2016): 57. http://dx.doi.org/10.21754/tecnia.v26i1.7.

Full text
Abstract:
RESUMENEn este documento se presenta una auditoria en redes bajo funcionamiento en protocolo IEEE 802.11xx, redesutilizadas para la comunicación entre dispositivos en casa y oficina para verificar la seguridad que garantizan lasmismas; para este propósito se utilizó software libre que funciona bajo sistema operativo Linux, específicamentela suite de Aircrack; se presenta la auditoria a las redes que funcionan con encriptación WEP y WPA, populares yutilizadas en redes inalámbricas de este tipo; de manera transversal se muestran los diferentes tipos de ataquesdisponibles por mencionar sniffers, ataques de denegación de servicio y autenticaciones falsas con clonación dedirecciones MAC, particularmente.Palabras clave.- Wife, Welan, Inalámbrico, Wpa Wep.ABSTRACTIn this paper we present an audit IEEE 802.11x networks to check how secure these networks are for use in thehome and office, will be used for this purpose free software Linux with aircrack suite, tests were done for the2 encryptions WEP and WPA these popular encryptions for security in wireless networks, also show differentforms to develop attacks for example denial of service sniffers, fake authentication, etc. The dictionary attack isthe most popular and will be the starting point for the audit, but it is important also to mention other equallyeffective methods to develop this attack.Keywords.- Wife, Wlan, Wireless, Wpa Wep.
APA, Harvard, Vancouver, ISO, and other styles
13

Kumar, Anand, Dharmesh Dhabliya, Pankaj Agarwal, et al. "Cyber-Internet Security Framework to Conquer Energy-Related Attacks on the Internet of Things with Machine Learning Techniques." Computational Intelligence and Neuroscience 2022 (September 29, 2022): 1–13. http://dx.doi.org/10.1155/2022/8803586.

Full text
Abstract:
The Internet of Things (IoT) ushers in a new era of communication that depends on a broad range of things and many types of communication technologies to share information. This new age of communication will be characterised by the following characteristics: Because all of the IoT’s objects are connected to one another and because they function in environments that are not protected, it poses a significantly greater number of issues, constraints, and challenges than do traditional computing systems. This is due to the fact that traditional computing systems do not have as many interconnected components. Because of this, it is imperative that security be prioritised in a new approach, which is not something that is currently present in conventional computer systems. The Wireless Sensor Network, often known as WSN, and the Mobile Ad hoc Network are two technologies that play significant roles in the process of building an Internet of Things system. These technologies are used in a wide variety of activities, including sensing, environmental monitoring, data collecting, heterogeneous communication techniques, and data processing, amongst others. Because it incorporates characteristics of both MANET and WSN, IoT is susceptible to the same kinds of security issues that affect those other networks. An assault known as a Delegate Entity Attack (DEA) is a subclass of an attack known as a Denial of Service (DoS). The attacker sends an unacceptable number of control packets that have the appearance of being authentic. DoS assaults may take many different forms, and one of those kinds is an SD attack. Because of this, it is far more difficult to recognise this form of attack than a simple one that depletes the battery’s capacity. One of the other key challenges that arise in a network during an SD attack is that there is the need to enhance energy management and prolong the lifespan of IoT nodes. This is one of the other significant issues that arise in a network when an SD attack is occurs. It is recommended that you make use of a Random Number Generator with Hierarchical Intrusion Detection System, abbreviated as RNGHID for short. The ecosystem of the Internet of Things is likely to be segmented into a great number of separate sectors and clusters. The HIPS system has been partitioned into two entities, which are referred to as the Delegate Entity (DE) and the Pivotal Entity, in order to identify any nodes in the network that are behaving in an abnormal manner. These entities are known, respectively, as the Delegate Entity and the Pivotal Entity (PE). Once the anomalies have been identified, it will be possible to pinpoint the area of the SD attack torture and the damaging activities that have been taken place. A warning message, generated by the Malicious Node Alert System (MNAS), is broadcast across the network in order to inform the other nodes that the network is under attack. This message classifies the various sorts of attacks based on the results of an algorithm that employs machine learning. The proposed protocol displays various desired properties, such as the capacity to conduct indivisible authentication, rapid authentication, and minimum overhead in both transmission and storage. These are only a few of the desirable attributes.
APA, Harvard, Vancouver, ISO, and other styles
14

Ms., Dilna e. p1 Ms. Maneesha Manoj2 Ms. Jiji c. j3 Ms. Jeena c. j. 4. Ms. Hrudhya k. p5. "FAKE FACE IDENTIFICATION." International Journal of Advances in Engineering & Scientific Research, ISSN: 2349 –3607 (Online) , ISSN: 2349 –4824 (Print) Vol.4,, Issue 1, Jan-2017, (2017): pp 40–48. https://doi.org/10.5281/zenodo.242479.

Full text
Abstract:
<strong>Abstract: </strong> <strong>Objective-</strong> Automatic face recognition is now widely used in applications ranging from de-duplication of identity to authentication of mobile payment. This popularity of face recognition has raised concerns about face spoof attacks (also known as biometric sensor presentation attacks), where a photo or video of an authorized person’s face could be used to gain access to facilities or services. While a number of face spoof detection techniques have been proposed, their generalization ability has not been adequately addressed. We propose an efficient and rather robust face spoof detection algorithm based on <em>Image Distortion Analysis (IDA)</em>. <strong>Design/Methodology/Approach-</strong> Four different features (specular reflection, blurriness, chromatic moment, and color diversity) are extracted to form the IDA feature vector. An ensemble classifier, consisting of multiple SVM classifiers trained for different face spoof attacks (e.g., printed photo and replayed video), is used to distinguish between genuine and spoof faces. The proposed approach is extended to multi-frame face spoof detection in videos using a voting based scheme. We also collect a face spoof database, MSU Mobile Face Spoofing Database (MSU MFSD),using two mobile devices (Google Nexus 5 and MacBook Air) with three types of spoof attacks (printed photo, replayed video with iPhone 5S and iPad Air). <strong>Limitations-</strong> It is difficulty in separating genuine and spoof faces, especially in cross-database and cross device scenarios. <strong>Practical implications-</strong> The system ensures user privacy and provides better security. <strong>Originality-</strong> Two public-domain face spoof databases (Idiap REPLAY-ATTACK and CASIA FASD), and the MSU MFSD database show that the proposed approach outperforms state-of-the-art methods in spoof detection.
APA, Harvard, Vancouver, ISO, and other styles
15

Ms., Dilna e. p1, Maneesha Manoj2 Ms., Jiji c. j3 Ms., Jeena c. j. Ms., and Hrudhya k. p5 Ms. "FAKE FACE IDENTIFICATION." International Journal of Advances in Engineering & Scientific Research 4, no. 1 (2017): 40–48. https://doi.org/10.5281/zenodo.10774726.

Full text
Abstract:
<strong>Abstract: </strong> &nbsp; <strong>Objective-</strong> Automatic face recognition is now widely used in applications ranging from de-duplication of identity to authentication of mobile payment. This popularity of face recognition has raised concerns about face spoof attacks (also known as biometric sensor presentation attacks), where a photo or video of an authorized person&rsquo;s face could be used to gain access to facilities or services. While a number of face spoof detection techniques have been proposed, their generalization ability has not been adequately addressed. We propose an efficient and rather robust face spoof detection algorithm based on <em>Image Distortion Analysis (IDA)</em>. <strong>Design/Methodology/Approach-</strong> Four different features (specular reflection, blurriness, chromatic moment, and color diversity) are extracted to form the IDA feature vector. An ensemble classifier, consisting of multiple SVM classifiers trained for different face spoof attacks (e.g., printed photo and replayed video), is used to distinguish between genuine and spoof faces. The proposed approach is extended to multi-frame face spoof detection in videos using a voting based scheme.&nbsp; We also collect a face spoof database, MSU Mobile Face Spoofing Database (MSU MFSD),using two mobile devices (Google Nexus 5 and MacBook Air) with three types of spoof attacks (printed photo, replayed video with iPhone 5S and iPad Air). <strong>Limitations-</strong> It is&nbsp; difficulty in separating genuine and spoof faces, especially in cross-database and cross device scenarios.<strong> </strong> <strong>Practical implications-</strong> The system ensures user privacy and&nbsp; provides better security. <strong>Originality-</strong> Two public-domain face spoof databases (Idiap REPLAY-ATTACK and CASIA FASD), and the MSU MFSD database show that the proposed approach outperforms state-of-the-art methods in spoof detection. <strong>Keywords</strong>- Face Recognition, Spoof Detection, Image Distortion Analysis, Ensemble Classifier, Cross-Database, Cross-Device
APA, Harvard, Vancouver, ISO, and other styles
16

Abdallah, Abdallah Elhigazi, Mosab Hamdan, Mohammed S. M. Gismalla, et al. "Detection of Management-Frames-Based Denial-of-Service Attack in Wireless LAN Network Using Artificial Neural Network." Sensors 23, no. 5 (2023): 2663. http://dx.doi.org/10.3390/s23052663.

Full text
Abstract:
Wireless Local Area Networks (WLANs) have become an increasingly popular mode of communication and networking, with a wide range of applications in various fields. However, the increasing popularity of WLANs has also led to an increase in security threats, including denial of service (DoS) attacks. In this study, management-frames-based DoS attacks, in which the attacker floods the network with management frames, are particularly concerning as they can cause widespread disruptions in the network. Attacks known as denial of service (DoS) can target wireless LANs. None of the wireless security mechanisms in use today contemplate defence against them. At the MAC layer, there are multiple vulnerabilities that can be exploited to launch DoS attacks. This paper focuses on designing and developing an artificial neural network (NN) scheme for detecting management-frames-based DoS attacks. The proposed scheme aims to effectively detect fake de-authentication/disassociation frames and improve network performance by avoiding communication interruption caused by such attacks. The proposed NN scheme leverages machine learning techniques to analyse patterns and features in the management frames exchanged between wireless devices. By training the NN, the system can learn to accurately detect potential DoS attacks. This approach offers a more sophisticated and effective solution to the problem of DoS attacks in wireless LANs and has the potential to significantly enhance the security and reliability of these networks. According to the experimental results, the proposed technique exhibits higher effectiveness in detection compared to existing methods, as evidenced by a significantly increased true positive rate and a decreased false positive rate.
APA, Harvard, Vancouver, ISO, and other styles
17

Adeyeye Oshin, Michael, Matthew Olusegun Ojewale, Oluyomi Olufemi Kabiawu, Romana Challans, and Kauna Mufeti. "Improving Remote Method Invocation via Method Authorization and Elimination of Registry: An Exploration of Java and Haxe." International Journal of Information, Communication Technology and Applications 1, no. 1 (2015): 152–79. http://dx.doi.org/10.17972/ijicta20151116.

Full text
Abstract:
Service availability in Java RMI (Remote Method Invocation) implementations can easily be compromised in a number of ways. One of the ways is when an attacker controls a directory service and mounts an attack on a RMI client and data. Stubs in a registry can be de- registered or overwritten by the attacker. In addition, he could register his own stubs as proxies to a server implementation. This project focuses on the security pitfalls of using default RMI implementation, namely the lack of access control mechanism to manage server methods (and objects) and limitations of RMI registry. The RMI registry is a weak point that could be exploited. This work addresses this concern by investigating RMI implementation and customizing the behavior to support client/method authorization, authentication and elimination of the need for an RMI registry. The contribution of this work is that it removes inherent vulnerability in RMI, which is due to weak security in RMI registry implementation. In addition, an emerging toolkit, Haxe, for platform-agnostic application development was introduced and its realization of RMI was briefly demonstrated. Haxe exhibits virtually all the features in Java and could be exploited like it. It however presents more promising features for the next generation of applications and services.
APA, Harvard, Vancouver, ISO, and other styles
18

Abhisek, Hazra, Maity Shuvajit, Pal Barnali, and Bandyopadhyay Asok. "Adversarial attacks in signature verification: a deep learning approach." Computer Science and Information Technologies 5, no. 3 (2024): 215–26. https://doi.org/10.11591/csit.v5i3.pp215-226.

Full text
Abstract:
Handwritten signature recognition in forensic science is crucial for identity and document authentication. While serving as a legal representation of a person&rsquo;s agreement or consent to the contents of a document, handwritten signatures de termine the authenticity of a document, identify forgeries, pinpoint the suspects and support other pieces of evidence like ink or document analysis. This work focuses on developing and evaluating a handwritten signature verification sys tem using a convolutional neural network (CNN) and emphasising the model&rsquo;s efficacy using hand-crafted adversarial attacks. Initially, handwritten signatures have been collected from sixteen volunteers, each contributing ten samples, fol lowed by image normalization and augmentation to boost synthetic data samples and overcome the data scarcity. The proposed model achieved a testing accu racy of 91.35% using an 80:20 train-test split. Additionally, using the five-fold cross-validation, the model achieved a robust validation accuracy of nearly 98%. Finally, the introduction of manually constructed adversarial assaults on the sig nature images undermines the model&rsquo;s accuracy, bringing the accuracy down to nearly 80%. This highlights the need to consider adversarial resilience while designing deep learning models for classification tasks. Exposing the model to real look-alike fake samples is critical while testing its robustness and refining the model using trial and error methods.
APA, Harvard, Vancouver, ISO, and other styles
19

Ferry, Eugene, John O Raw, and Kevin Curran. "Security evaluation of the OAuth 2.0 framework." Information & Computer Security 23, no. 1 (2015): 73–101. http://dx.doi.org/10.1108/ics-12-2013-0089.

Full text
Abstract:
Purpose – The interoperability of cloud data between web applications and mobile devices has vastly improved over recent years. The popularity of social media, smartphones and cloud-based web services have contributed to the level of integration that can be achieved between applications. This paper investigates the potential security issues of OAuth, an authorisation framework for granting third-party applications revocable access to user data. OAuth has rapidly become an interim de facto standard for protecting access to web API data. Vendors have implemented OAuth before the open standard was officially published. To evaluate whether the OAuth 2.0 specification is truly ready for industry application, an entire OAuth client server environment was developed and validated against the speciation threat model. The research also included the analysis of the security features of several popular OAuth integrated websites and comparing those to the threat model. High-impacting exploits leading to account hijacking were identified with a number of major online publications. It is hypothesised that the OAuth 2.0 specification can be a secure authorisation mechanism when implemented correctly. Design/methodology/approach – To analyse the security of OAuth implementations in industry a list of the 50 most popular websites in Ireland was retrieved from the statistical website Alexa (Noureddine and Bashroush, 2011). Each site was analysed to identify if it utilised OAuth. Out of the 50 sites, 21 were identified with OAuth support. Each vulnerability in the threat model was then tested against each OAuth-enabled site. To test the robustness of the OAuth framework, an entire OAuth environment was required. The proposed solution would compose of three parts: a client application, an authorisation server and a resource server. The client application needed to consume OAuth-enabled services. The authorisation server had to manage access to the resource server. The resource server had to expose data from the database based on the authorisation the user would be given from the authorisation server. It was decided that the client application would consume emails from Google’s Gmail API. The authorisation and resource server were modelled around a basic task-tracking web application. The client application would also consume task data from the developed resource server. The client application would also support Single Sign On for Google and Facebook, as well as a developed identity provider “MyTasks”. The authorisation server delegated authorisation to the client application and stored cryptography information for each access grant. The resource server validated the supplied access token via public cryptography and returned the requested data. Findings – Two sites out of the 21 were found to be susceptible to some form of attack, meaning that 10.5 per cent were vulnerable. In total, 18 per cent of the world’s 50 most popular sites were in the list of 21 OAuth-enabled sites. The OAuth 2.0 specification is still very much in its infancy, but when implemented correctly, it can provide a relatively secure and interoperable authentication delegation mechanism. The IETF are currently addressing issues and expansions in their working drafts. Once a strict level of conformity is achieved between vendors and vulnerabilities are mitigated, it is likely that the framework will change the way we access data on the web and other devices. Originality/value – OAuth is flexible, in that it offers extensions to support varying situations and existing technologies. A disadvantage of this flexibility is that new extensions typically bring new security exploits. Members of the IETF OAuth Working Group are constantly refining the draft specifications and are identifying new threats to the expanding functionality. OAuth provides a flexible authentication mechanism to protect and delegate access to APIs. It solves the password re-use across multiple accounts problem and stops the user from having to disclose their credentials to third parties. Filtering access to information by scope and giving the user the option to revoke access at any point gives the user control of their data. OAuth does raise security concerns, such as defying phishing education, but there are always going to be security issues with any authentication technology. Although several high impacting vulnerabilities were identified in industry, the developed solution proves the predicted hypothesis that a secure OAuth environment can be built when implemented correctly. Developers must conform to the defined specification and are responsible for validating their implementation against the given threat model. OAuth is an evolving authorisation framework. It is still in its infancy, and much work needs to be done in the specification to achieve stricter validation and vendor conformity. Vendor implementations need to become better aligned in order to provider a rich and truly interoperable authorisation mechanism. Once these issues are resolved, OAuth will be on track for becoming the definitive authentication standard on the web.
APA, Harvard, Vancouver, ISO, and other styles
20

Singh, Anuj Kumar, Arun Solanki, Anand Nayyar, and Basit Qureshi. "Elliptic Curve Signcryption-Based Mutual Authentication Protocol for Smart Cards." Applied Sciences 10, no. 22 (2020): 8291. http://dx.doi.org/10.3390/app10228291.

Full text
Abstract:
In the modern computing environment, smart cards are being used extensively, which are intended to authenticate a user with the system or server. Owing to the constrictions of computational resources, smart card-based systems require an effective design and efficient security scheme. In this paper, a smart card authentication protocol based on the concept of elliptic curve signcryption has been proposed and developed, which provides security attributes, including confidentiality of messages, non-repudiation, the integrity of messages, mutual authentication, anonymity, availability, and forward security. Moreover, the analysis of security functionalities shows that the protocol developed and explained in this paper is secure from password guessing attacks, user and server impersonation, replay attacks, de-synchronization attacks, insider attacks, known key attacks, and man-in-the-middle attacks. The results have demonstrated that the proposed smart card security protocol reduces the computational overhead on a smart card by 33.3% and the communication cost of a smart card by 34.5%, in comparison to the existing efficient protocols. It can, thus, be inferred from the results that using elliptic curve signcryption in the authentication mechanism reduces the computational cost and communication overhead by a significant amount.
APA, Harvard, Vancouver, ISO, and other styles
21

Yuk, Hyeong-Jun, and Kang-Bin Yim. "Enhancement of Password-based Mutual Authentication Protocol against De-synchronization Attacks." Journal of Korea Navigation Institute 17, no. 1 (2013): 24–32. http://dx.doi.org/10.12673/jkoni.2013.17.01.024.

Full text
APA, Harvard, Vancouver, ISO, and other styles
22

Gulab Gaikwad, Adwait, and Balaji Patil. "Securing the Airwaves: A Survey on De-authentication Attacks and Mitigation Strategies." International Journal of Computing and Digital Systems 15, no. 1 (2024): 1307–16. http://dx.doi.org/10.12785/ijcds/160196.

Full text
APA, Harvard, Vancouver, ISO, and other styles
23

Aghili, Seyed, Hamid Mala, and Pedro Peris-Lopez. "Securing Heterogeneous Wireless Sensor Networks: Breaking and Fixing a Three-Factor Authentication Protocol." Sensors 18, no. 11 (2018): 3663. http://dx.doi.org/10.3390/s18113663.

Full text
Abstract:
Heterogeneous wireless sensor networks (HWSNs) are employed in many real-time applications, such as Internet of sensors (IoS), Internet of vehicles (IoV), healthcare monitoring, and so on. As wireless sensor nodes have constrained computing, storage and communication capabilities, designing energy-efficient authentication protocols is a very important issue in wireless sensor network security. Recently, Amin et al. presented an untraceable and anonymous three-factor authentication (3FA) scheme for HWSNs and argued that their protocol is efficient and can withstand the common security threats in this sort of networks. In this article, we show how their protocol is not immune to user impersonation, de-synchronization and traceability attacks. In addition, an adversary can disclose session key under the typical assumption that sensors are not tamper-resistant. To overcome these drawbacks, we improve the Amin et al.’s protocol. First, we informally show that our improved scheme is secure against the most common attacks in HWSNs in which the attacks against Amin et al.’s protocol are part of them. Moreover, we verify formally our proposed protocol using the BAN logic. Compared with the Amin et al.’s scheme, the proposed protocol is both more efficient and more secure to be employed which renders the proposal suitable for HWSN networks.
APA, Harvard, Vancouver, ISO, and other styles
24

Dimitris Koutras, Panos Dimitrellos, Panayiotis Kotzanikolaou, and Christos Douligeris. "Automated Wi-Fi intrusion detection tool on 802.11 networks." ITU Journal on Future and Evolving Technologies 5, no. 1 (2024): 88–103. http://dx.doi.org/10.52953/lhxo3338.

Full text
Abstract:
Wi-Fi networks enable user-friendly network connectivity in various environments, ranging from home to enterprise networks. However, vulnerabilities in Wi-Fi implementations may allow nearby adversaries to gain an initial foothold into a network, e.g., in order to attempt further network penetration. In this paper we propose a methodology for the detection of attacks originating from Wi-Fi networks, along with a Wi-Fi Network Intrusion Detection (Wi-Fi-NID) tool, developed to automate the detection of such attacks at 802.11 networks. In particular, Wi-Fi-NID has the ability to detect and trace possible illegal network scanning attacks, which originate from attacks at the Wi-Fi access layer. We extend our initial implementation to increase the efficiency of detection, based on mathematical and statistical function techniques. A penetration testing methodology is defined, in order to discover the environmental security characteristics, related with the current configuration of the devices connected to the 802.11 network. The methodology covers known Wi-Fi attacks such as de-authentication attacks, capturing and cracking WPA-WPA/2 handshake, captive portal and WPA attacks, mostly based on various open source software tools, custom tools, as well as on specialized hardware.
APA, Harvard, Vancouver, ISO, and other styles
25

Aghili, Seyed Farhad, Maede Ashouri-Talouki, and Hamid Mala. "DoS, impersonation and de-synchronization attacks against an ultra-lightweight RFID mutual authentication protocol for IoT." Journal of Supercomputing 74, no. 1 (2017): 509–25. http://dx.doi.org/10.1007/s11227-017-2139-y.

Full text
APA, Harvard, Vancouver, ISO, and other styles
26

Kumar S, Vignesh. "A Survey of 802.1X: Securing Network Access in the Modern Age." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 05 (2024): 1–5. http://dx.doi.org/10.55041/ijsrem35325.

Full text
Abstract:
The advent of wireless and wired net- works has revolutionized the way we communicate and access information, yet it has also introduced new secu- rity challenges. Among the various pro- tocols designed to mitigate these chal- lenges, 802.1X stands out as a corner- stone for securing network access. This paper presents a comprehensive sur- vey of the 802.1X protocol, focusing on its role in modern networking, the types of Extensible Authentication Proto- col (EAP) methods it supports, and the security vulnerabilities and mitigation strategies associated with its implemen- tation. Through an examination of com- mon security vulnerabilities, such as de- nial of service (DoS) attacks, man-in-the- middle (MitM) attacks, and session hi- jacking, the paper highlights the impor- tance of robust authentication mecha- nisms in safeguarding network integrity. Furthermore, the paper delves into real- world applications and case studies, il- lustrating the practical implications of 802.1X in securing critical infrastructure like silent clients. As technology contin- ues to evolve, the paper also explores fu- ture directions and research opportuni- ties, emphasizing the need for ongoing innovation to address emerging threats and leverage new technologies effec- tively. This survey serves as a valuable re- source for network administrators, secu- rity professionals, and researchers inter- ested in understanding the current state of 802.1X and its significance in securing network access in the modern age.
APA, Harvard, Vancouver, ISO, and other styles
27

Farooq, Shaik Mullapathi, S. M. Suhail Hussain, and Taha Selim Ustun. "S-GoSV: Framework for Generating Secure IEC 61850 GOOSE and Sample Value Messages." Energies 12, no. 13 (2019): 2536. http://dx.doi.org/10.3390/en12132536.

Full text
Abstract:
Standardized communication plays an important role in substation automation system (SAS). IEC 61850 is a de-facto standard in SAS. It facilitates smooth communication between different devices located in the substation by achieving interoperability. Generic Object-Oriented Substation Event (GOOSE) and Sample Value (SV) messages developed according to IEC 61850 enable efficient monitoring and operation control of SAS. IEC 61850 is very popular due to its flexible and robust modeling. As the number of critical infrastructures that employed IEC 61850 increases, it is important to study cybersecurity aspects as well. To this end, this paper develops a software framework, S-GoSV (Secure GOOSE and SV), that generates custom GOOSE and Sample Value messages. Furthermore, security features are added to protect them from different security attacks within a substation. IEC 62351-6 specifies digital signatures to achieve node authentication and messages integrity. Therefore, S-GoSV implements RSASSA-PKCS1-v1_5 digital signature algorithm based on RFC 2313. Performance studies show that digital signature algorithms based on RSA signing and verification take long times and do not conform to timing requirements stipulated by IEC 61850 for power system communication. To address this, Message Authentication Code (MAC) based digital signature algorithm, Keyed Hash-Message Authentication Code- Secure Hash Algorithm (HMAC-SHA256), is additionally implemented in S-GoSV framework for securing GOOSE messages.
APA, Harvard, Vancouver, ISO, and other styles
28

Hazra, Abhisek, Shuvajit Maity, Barnali Pal, and Asok Bandyopadhyay. "Adversarial attacks in signature verification: a deep learning approach." Computer Science and Information Technologies 5, no. 3 (2024): 215–26. http://dx.doi.org/10.11591/csit.v5i3.p215-226.

Full text
Abstract:
Handwritten signature recognition in forensic science is crucial for identity and document authentication. While serving as a legal representation of a person’s agreement or consent to the contents of a document, handwritten signatures de termine the authenticity of a document, identify forgeries, pinpoint the suspects and support other pieces of evidence like ink or document analysis. This work focuses on developing and evaluating a handwritten signature verification sys tem using a convolutional neural network (CNN) and emphasising the model’s efficacy using hand-crafted adversarial attacks. Initially, handwritten signatures have been collected from sixteen volunteers, each contributing ten samples, fol lowed by image normalization and augmentation to boost synthetic data samples and overcome the data scarcity. The proposed model achieved a testing accu racy of 91.35% using an 80:20 train-test split. Additionally, using the five-fold cross-validation, the model achieved a robust validation accuracy of nearly 98%. Finally, the introduction of manually constructed adversarial assaults on the sig nature images undermines the model’s accuracy, bringing the accuracy down to nearly 80%. This highlights the need to consider adversarial resilience while designing deep learning models for classification tasks. Exposing the model to real look-alike fake samples is critical while testing its robustness and refining the model using trial and error methods.
APA, Harvard, Vancouver, ISO, and other styles
29

Tewari, Aakanksha, and Brij B. Gupta. "Secure Timestamp-Based Mutual Authentication Protocol for IoT Devices Using RFID Tags." International Journal on Semantic Web and Information Systems 16, no. 3 (2020): 20–34. http://dx.doi.org/10.4018/ijswis.2020070102.

Full text
Abstract:
Internet of Things (IoT) is playing more and more important roles in our daily lives in the last decade. It can be a part of traditional machine or equipment to daily household objects as well as wireless sensor networks and devices. IoT has a huge potential which is still to be unleashed. However, as the foundation of IoT is the Internet and all the data collected by these devices is over the Internet, these devices also face threats to security and privacy. At the physical or sensor layer of IoT devices the most commonly used technology is RFID. Thus, securing the RFID tag by cryptographic mechanisms can secure our data at the device as well as during communication. This article first discusses the flaws of our previous ultra-lightweight protocol due to its vulnerability to passive secret disclosure attack. Then, the authors propose a new protocol to overcome the shortcomings of our previous work. The proposed scheme uses timestamps in addition to bitwise operation to provide security against de-synchronization and disclosure. This research also presents a security and performance analysis of our approach and its comparison with other existing schemes.
APA, Harvard, Vancouver, ISO, and other styles
30

Nath, Seema, Subhranil Som, and Mukesh Chandra Negi. "Cryptanalysis of a novel bitwise XOR rotational algorithm and security for IoT devices." International Journal of Knowledge-based and Intelligent Engineering Systems 25, no. 1 (2021): 139–47. http://dx.doi.org/10.3233/kes-210059.

Full text
Abstract:
The internet of things (IoT) is a multiple devices, which connects with the internet for communication, in order to obtain the updated from the cloud. The fog can act as a controller and it is located between the IoT devices and cloud. The major attacks like de-synchronization, and disclosure has arises in the devices, this has been prevented. The major contribution in this work is key generation and authentication, for key generation the “advanced encryption standard algorithm” is developed, in which the new and old keys are generated. The encryption is done under the source side, and decryption is done under the device side. The fog security is maintained through “device tag, and bit wise XOR rotational algorithm”. The security, and the computational complexity is defined in this work and it is given in table format. The implementations are carried out in the MATLAB R2016 a. The proposed algorithm is compared with the existing protocols like LMAP, M2AP, EMAP, SASI, and RAPP, from the comparison the proposed methodology makes the better knowledge about the security and prevents from various attacks.
APA, Harvard, Vancouver, ISO, and other styles
31

Abduljabbar, Zaid Ameen, Vincent Omollo Nyangaresi, Hend Muslim Jasim, et al. "Elliptic Curve Cryptography-Based Scheme for Secure Signaling and Data Exchanges in Precision Agriculture." Sustainability 15, no. 13 (2023): 10264. http://dx.doi.org/10.3390/su151310264.

Full text
Abstract:
Precision agriculture encompasses automation and application of a wide range of information technology devices to improve farm output. In this environment, smart devices collect and exchange a massive number of messages with other devices and servers over public channels. Consequently, smart farming is exposed to diverse attacks, which can have serious consequences since the sensed data are normally processed to help determine the agricultural field status and facilitate decision-making. Although a myriad of security schemes has been presented in the literature to curb these challenges, they either have poor performance or are susceptible to attacks. In this paper, an elliptic curve cryptography-based scheme is presented, which is shown to be formally secure under the Burrows–Abadi–Needham (BAN) logic. In addition, it is semantically demonstrated to offer user privacy, anonymity, unlinkability, untraceability, robust authentication, session key agreement, and key secrecy and does not require the deployment of verifier tables. In addition, it can withstand side-channeling, physical capture, eavesdropping, password guessing, spoofing, forgery, replay, session hijacking, impersonation, de-synchronization, man-in-the-middle, privileged insider, denial of service, stolen smart device, and known session-specific temporary information attacks. In terms of performance, the proposed protocol results in 14.67% and 18% reductions in computation and communication costs, respectively, and a 35.29% improvement in supported security features.
APA, Harvard, Vancouver, ISO, and other styles
32

Javed, Sana, Muhammad Asghar Khan, Ako Muhammad Abdullah, et al. "An Efficient Authentication Scheme Using Blockchain as a Certificate Authority for the Internet of Drones." Drones 6, no. 10 (2022): 264. http://dx.doi.org/10.3390/drones6100264.

Full text
Abstract:
The Internet of Drones (IoD) has recently gained popularity in several military, commercial, and civilian applications due to its unique characteristics, such as high mobility, three-dimensional (3D) movement, and ease of deployment. Drones, on the other hand, communicate over an unencrypted wireless link and have little computational capability in a typical IoD environment, making them exposed to a wide range of cyber-attacks. Security vulnerabilities in IoD systems include man-in-the-middle attacks, impersonation, credential leaking, GPS spoofing, and drone hijacking. To avoid the occurrence of such attacks in IoD networks, we need an extremely powerful security protocol. To address these concerns, we propose a blockchain-based authentication scheme employing Hyperelliptic Curve Cryptography (HECC). The concepts of a blockchain as a Certificate Authority (CA) and a transaction as a certificate discussed in this article are meant to facilitate the use of a blockchain without CAs or a Trusted Third Party (TTP). We offer a security analysis of the proposed scheme, which demonstrates its resistance to known and unknown attacks. The proposed scheme resists replay, man-in-the-middle, device impersonation, malicious device deployment, Denial-of-Service (DoS), and De-synchronization attacks, among others. The security and performance of the proposed scheme are compared to relevant existing schemes, and their performance is shown to be better in terms of security attributes as well as computation and communication costs than existing competitive schemes. The total computation cost of the proposed scheme is 40.479 ms, which is 37.49% and 49.79% of the two comparable schemes. This shows that the proposed scheme is better suited to the IoD environment than existing competitive schemes.
APA, Harvard, Vancouver, ISO, and other styles
33

Gulyás, Gábor György. "Gépi tanulási módszerek alkalmazása deanonimizálásra." Információs Társadalom 17, no. 1 (2017): 72. http://dx.doi.org/10.22503/inftars.xvii.2017.1.5.

Full text
Abstract:
Számos olyan adathalmaz áll a rendelkezésünkre, amelyek jelentős üzleti és kutatási potenciált hordoznak. Azonban – gondoljunk például a hordozható eszközök által gyűjtött egészségügyi adatokra – a hasznosítás mellett kiemelkedő kockázati tényező a privátszféra sérülése, amelynek elkerülésére többek között anonimizálási algoritmusokat alkalmaznak. Jelen tanulmányban az anonimizálás „visszafordítására” szakosodott algoritmusokat, az úgynevezett deanonimizációs eljárásokat, illetve azoknak egy speciális és újnak tekinthető szegmensét tekintjük át, amelyeknél gépi tanulási eljárásokat alkalmaznak a robusztusság, illetve a hatékonyság növelése érdekében. A tanulmányban a privátszféra-sértő üzleti célú támadások&#x0D; és a biztonsági alkalmazások hasonlóságára is rámutatunk: ugyanaz az algoritmus hogyan tud biztonsági indokkal a privátszférával szemben dolgozni, kontextustól függően.&#x0D; &#x0D; ---&#x0D; &#x0D; Using machine learning techniques for de-anonymization&#x0D; &#x0D; Today we have unprecedented access to datasets bearing huge potential in regard to both business and research. However, beside their unquestionable utility, privacy breaches pose a significant risk to the release of these datasets (e.g., datasets originating from healthcare are good examples), thus service providers must use anonymization techniques to minimize the risk of unwanted disclosure. In this study, we focus on de-anonymization attacks, algorithms that are designed to “reverse” the anonymization process. In particular, we focus on a novel segment of these attacks that involve machine learning to improve robustness and efficiency. Furthermore, we highlight and discuss the similarity between de-anonymization and authentication: how can these algorithms, which are generally perceived as unethical, be used legitimately for security reasons under special constraints.
APA, Harvard, Vancouver, ISO, and other styles
34

Kovalenko, O. Ye. "Security models of the Internet of Things." Mathematical machines and systems 4 (2023): 43–50. http://dx.doi.org/10.34121/1028-9763-2023-4-43-50.

Full text
Abstract:
The IoT is a cyber-convergent system that includes things, means of communication, target ap-plications, and data analysis tools that support the unique identification of each object. IoT technologies play a vital role in the creation of cyber-convergent systems due to their wide us-age in various spheres of life such as industry, social sphere, health care, and creating a com-fortable environment. The IoT security model method ensures the confidentiality, integrity, and availability of data that is transferred between devices and also guarantees the privacy and secu-rity of end users. The creation and use of IoT systems directly affect the security and privacy of the involved and connected components. The presented study introduces an analysis of IoT ar-chitecture models with end-to-end security support. The conducted literature review reveals the challenges of various aspects of security faced by the IoT environment. Some models imple-menting different security strategies at different layers of the IoT are described. These include the perception layer which provides the authentication process for identifying IoT entities, the network layer which focuses on the security processes of cloud platforms, and the application layer which provides authentication and authorization for end users. The results of the analysis show that building secure IoT systems is based on three main strategies: proper configuring and ensuring the protection of all IoT devices; using secure wireless networks to connect IoT devic-es to corporate or global networks; constant situational awareness of security threats to IoT de-vices; and implementing appropriate security solutions to protect them from attacks. The ma-turity model of the IoT security system based on the ISA/IEC 62443 document package is also described.
APA, Harvard, Vancouver, ISO, and other styles
35

Zubarev, Sergey M., Alexander V. Travin, and Aleksey I. Frolov. "TORT LIABILITY IN MAKING AND IMPLEMENTING PUBLIC MANAGEMENT DECISIONS USING DIGITAL INFORMATION SYSTEMS." Vestnik Tomskogo gosudarstvennogo universiteta. Pravo, no. 38 (2020): 121–35. http://dx.doi.org/10.17223/22253513/38/12.

Full text
Abstract:
The article provides a legal analysis of the conditions of civil liability for damage caused by the adoption and implementation of state management decisions taken during the operation of digital state information systems. An approach to assessing the guilt of the state in taking a harmful management decision in the context of digitalization, consisting in the analysis of the actions of the entire state appa-ratus as a whole, rather than a single individual body that failed, for example, to resist com-puter attacks, is proposed. The features of tort liability of the state for breach of confidentiality of digitally represented data and for harm caused by inaccurate (irrelevant) information of information systems have been considered. The principle of public reliability has been suggested as a general rule for state information systems. The opinion has been expressed that it is necessary to define unambiguously which information systems are characterized as publicly trustworthy. The paper touches on the problem of tort liability in case of breach of electronic identifi-cation and authentication rules. The author has argued that both the certification centres which violated the procedures of qualified electronic signature keys issue and public law entities when authorities and officials caused damage can be considered as a tortfeasor if there are reasons to do so. An analysis was made of judicial practice of appealing against actions and decisions of public authorities taken on the basis of applications signed with fictitious qualified electronic signatures. A special attention was paid to the tort liability associated with the activity of agents involved in the processes of adoption and implementation of state management decisions using information systems (MFC, certification centres etc.). Business entities contributing to the processes of information systems maintenance and engaged by the state bodies are suggested to be called "information systems agents". The peculiarities of civil responsibility of the state for damage caused by a management decision promoted by an information system agent were considered. It was suggested to con-sider the state as a proper subject of tort liability, the guilt of which in this case was specific and consisted in failure to take measures for control over the corresponding agent. The legal analysis of the grounds of vicarious liability of public-law entities for damage caused by information system agents was carried out. The opinion about independent liability of information system agent is argued if the harm is not in causal connection with actions (inactions) of public legal entity or if there is no guilt of public legal entity. On the basis of the practice of the European Court of Human Rights it is proposed de lege ferenda to fix the responsibility of the state for the torts committed by the persons entrusted by the state to perform public functions.
APA, Harvard, Vancouver, ISO, and other styles
36

Biran, Yahav, George Collins, Borky John M, and Joel Dubow. "Volume 2, Issue 3, Special issue on Recent Advances in Engineering Systems (Published Papers) Articles Transmit / Received Beamforming for Frequency Diverse Array with Symmetrical frequency offsets Shaddrack Yaw Nusenu Adv. Sci. Technol. Eng. Syst. J. 2(3), 1-6 (2017); View Description Detailed Analysis of Amplitude and Slope Diffraction Coefficients for knife-edge structure in S-UTD-CH Model Eray Arik, Mehmet Baris Tabakcioglu Adv. Sci. Technol. Eng. Syst. J. 2(3), 7-11 (2017); View Description Applications of Case Based Organizational Memory Supported by the PAbMM Architecture Martín, María de los Ángeles, Diván, Mario José Adv. Sci. Technol. Eng. Syst. J. 2(3), 12-23 (2017); View Description Low Probability of Interception Beampattern Using Frequency Diverse Array Antenna Shaddrack Yaw Nusenu Adv. Sci. Technol. Eng. Syst. J. 2(3), 24-29 (2017); View Description Zero Trust Cloud Networks using Transport Access Control and High Availability Optical Bypass Switching Casimer DeCusatis, Piradon Liengtiraphan, Anthony Sager Adv. Sci. Technol. Eng. Syst. J. 2(3), 30-35 (2017); View Description A Derived Metrics as a Measurement to Support Efficient Requirements Analysis and Release Management Indranil Nath Adv. Sci. Technol. Eng. Syst. J. 2(3), 36-40 (2017); View Description Feedback device of temperature sensation for a myoelectric prosthetic hand Yuki Ueda, Chiharu Ishii Adv. Sci. Technol. Eng. Syst. J. 2(3), 41-40 (2017); View Description Deep venous thrombus characterization: ultrasonography, elastography and scattering operator Thibaud Berthomier, Ali Mansour, Luc Bressollette, Frédéric Le Roy, Dominique Mottier Adv. Sci. Technol. Eng. Syst. J. 2(3), 48-59 (2017); View Description Improving customs’ border control by creating a reference database of cargo inspection X-ray images Selina Kolokytha, Alexander Flisch, Thomas Lüthi, Mathieu Plamondon, Adrian Schwaninger, Wicher Vasser, Diana Hardmeier, Marius Costin, Caroline Vienne, Frank Sukowski, Ulf Hassler, Irène Dorion, Najib Gadi, Serge Maitrejean, Abraham Marciano, Andrea Canonica, Eric Rochat, Ger Koomen, Micha Slegt Adv. Sci. Technol. Eng. Syst. J. 2(3), 60-66 (2017); View Description Aviation Navigation with Use of Polarimetric Technologies Arsen Klochan, Ali Al-Ammouri, Viktor Romanenko, Vladimir Tronko Adv. Sci. Technol. Eng. Syst. J. 2(3), 67-72 (2017); View Description Optimization of Multi-standard Transmitter Architecture Using Single-Double Conversion Technique Used for Rescue Operations Riadh Essaadali, Said Aliouane, Chokri Jebali and Ammar Kouki Adv. Sci. Technol. Eng. Syst. J. 2(3), 73-81 (2017); View Description Singular Integral Equations in Electromagnetic Waves Reflection Modeling A. S. Ilinskiy, T. N. Galishnikova Adv. Sci. Technol. Eng. Syst. J. 2(3), 82-87 (2017); View Description Methodology for Management of Information Security in Industrial Control Systems: A Proof of Concept aligned with Enterprise Objectives. Fabian Bustamante, Walter Fuertes, Paul Diaz, Theofilos Toulqueridis Adv. Sci. Technol. Eng. Syst. J. 2(3), 88-99 (2017); View Description Dependence-Based Segmentation Approach for Detecting Morpheme Boundaries Ahmed Khorsi, Abeer Alsheddi Adv. Sci. Technol. Eng. Syst. J. 2(3), 100-110 (2017); View Description Paper Improving Rule Based Stemmers to Solve Some Special Cases of Arabic Language Soufiane Farrah, Hanane El Manssouri, Ziyati Elhoussaine, Mohamed Ouzzif Adv. Sci. Technol. Eng. Syst. J. 2(3), 111-115 (2017); View Description Medical imbalanced data classification Sara Belarouci, Mohammed Amine Chikh Adv. Sci. Technol. Eng. Syst. J. 2(3), 116-124 (2017); View Description ADOxx Modelling Method Conceptualization Environment Nesat Efendioglu, Robert Woitsch, Wilfrid Utz, Damiano Falcioni Adv. Sci. Technol. Eng. Syst. J. 2(3), 125-136 (2017); View Description GPSR+Predict: An Enhancement for GPSR to Make Smart Routing Decision by Anticipating Movement of Vehicles in VANETs Zineb Squalli Houssaini, Imane Zaimi, Mohammed Oumsis, Saïd El Alaoui Ouatik Adv. Sci. Technol. Eng. Syst. J. 2(3), 137-146 (2017); View Description Optimal Synthesis of Universal Space Vector Digital Algorithm for Matrix Converters Adrian Popovici, Mircea Băbăiţă, Petru Papazian Adv. Sci. Technol. Eng. Syst. J. 2(3), 147-152 (2017); View Description Control design for axial flux permanent magnet synchronous motor which operates above the nominal speed Xuan Minh Tran, Nhu Hien Nguyen, Quoc Tuan Duong Adv. Sci. Technol. Eng. Syst. J. 2(3), 153-159 (2017); View Description A synchronizing second order sliding mode control applied to decentralized time delayed multi−agent robotic systems: Stability Proof Marwa Fathallah, Fatma Abdelhedi, Nabil Derbel Adv. Sci. Technol. Eng. Syst. J. 2(3), 160-170 (2017); View Description Fault Diagnosis and Tolerant Control Using Observer Banks Applied to Continuous Stirred Tank Reactor Martin F. Pico, Eduardo J. Adam Adv. Sci. Technol. Eng. Syst. J. 2(3), 171-181 (2017); View Description Development and Validation of a Heat Pump System Model Using Artificial Neural Network Nabil Nassif, Jordan Gooden Adv. Sci. Technol. Eng. Syst. J. 2(3), 182-185 (2017); View Description Assessment of the usefulness and appeal of stigma-stop by psychology students: a serious game designed to reduce the stigma of mental illness Adolfo J. Cangas, Noelia Navarro, Juan J. Ojeda, Diego Cangas, Jose A. Piedra, José Gallego Adv. Sci. Technol. Eng. Syst. J. 2(3), 186-190 (2017); View Description Kinect-Based Moving Human Tracking System with Obstacle Avoidance Abdel Mehsen Ahmad, Zouhair Bazzal, Hiba Al Youssef Adv. Sci. Technol. Eng. Syst. J. 2(3), 191-197 (2017); View Description A security approach based on honeypots: Protecting Online Social network from malicious profiles Fatna Elmendili, Nisrine Maqran, Younes El Bouzekri El Idrissi, Habiba Chaoui Adv. Sci. Technol. Eng. Syst. J. 2(3), 198-204 (2017); View Description Pulse Generator for Ultrasonic Piezoelectric Transducer Arrays Based on a Programmable System-on-Chip (PSoC) Pedro Acevedo, Martín Fuentes, Joel Durán, Mónica Vázquez, Carlos Díaz Adv. Sci. Technol. Eng. Syst. J. 2(3), 205-209 (2017); View Description Enabling Toy Vehicles Interaction With Visible Light Communication (VLC) M. A. Ilyas, M. B. Othman, S. M. Shah, Mas Fawzi Adv. Sci. Technol. Eng. Syst. J. 2(3), 210-216 (2017); View Description Analysis of Fractional-Order 2xn RLC Networks by Transmission Matrices Mahmut Ün, Manolya Ün Adv. Sci. Technol. Eng. Syst. J. 2(3), 217-220 (2017); View Description Fire extinguishing system in large underground garages Ivan Antonov, Rositsa Velichkova, Svetlin Antonov, Kamen Grozdanov, Milka Uzunova, Ikram El Abbassi Adv. Sci. Technol. Eng. Syst. J. 2(3), 221-226 (2017); View Description Directional Antenna Modulation Technique using A Two-Element Frequency Diverse Array Shaddrack Yaw Nusenu Adv. Sci. Technol. Eng. Syst. J. 2(3), 227-232 (2017); View Description Classifying region of interests from mammograms with breast cancer into BIRADS using Artificial Neural Networks Estefanía D. Avalos-Rivera, Alberto de J. Pastrana-Palma Adv. Sci. Technol. Eng. Syst. J. 2(3), 233-240 (2017); View Description Magnetically Levitated and Guided Systems Florian Puci, Miroslav Husak Adv. Sci. Technol. Eng. Syst. J. 2(3), 241-244 (2017); View Description Energy-Efficient Mobile Sensing in Distributed Multi-Agent Sensor Networks Minh T. Nguyen Adv. Sci. Technol. Eng. Syst. J. 2(3), 245-253 (2017); View Description Validity and efficiency of conformal anomaly detection on big distributed data Ilia Nouretdinov Adv. Sci. Technol. Eng. Syst. J. 2(3), 254-267 (2017); View Description S-Parameters Optimization in both Segmented and Unsegmented Insulated TSV upto 40GHz Frequency Juma Mary Atieno, Xuliang Zhang, HE Song Bai Adv. Sci. Technol. Eng. Syst. J. 2(3), 268-276 (2017); View Description Synthesis of Important Design Criteria for Future Vehicle Electric System Lisa Braun, Eric Sax Adv. Sci. Technol. Eng. Syst. J. 2(3), 277-283 (2017); View Description Gestural Interaction for Virtual Reality Environments through Data Gloves G. Rodriguez, N. Jofre, Y. Alvarado, J. Fernández, R. Guerrero Adv. Sci. Technol. Eng. Syst. J. 2(3), 284-290 (2017); View Description Solving the Capacitated Network Design Problem in Two Steps Meriem Khelifi, Mohand Yazid Saidi, Saadi Boudjit Adv. Sci. Technol. Eng. Syst. J. 2(3), 291-301 (2017); View Description A Computationally Intelligent Approach to the Detection of Wormhole Attacks in Wireless Sensor Networks Mohammad Nurul Afsar Shaon, Ken Ferens Adv. Sci. Technol. Eng. Syst. J. 2(3), 302-320 (2017); View Description Real Time Advanced Clustering System Giuseppe Spampinato, Arcangelo Ranieri Bruna, Salvatore Curti, Viviana D’Alto Adv. Sci. Technol. Eng. Syst. J. 2(3), 321-326 (2017); View Description Indoor Mobile Robot Navigation in Unknown Environment Using Fuzzy Logic Based Behaviors Khalid Al-Mutib, Foudil Abdessemed Adv. Sci. Technol. Eng. Syst. J. 2(3), 327-337 (2017); View Description Validity of Mind Monitoring System as a Mental Health Indicator using Voice Naoki Hagiwara, Yasuhiro Omiya, Shuji Shinohara, Mitsuteru Nakamura, Masakazu Higuchi, Shunji Mitsuyoshi, Hideo Yasunaga, Shinichi Tokuno Adv. Sci. Technol. Eng. Syst. J. 2(3), 338-344 (2017); View Description The Model of Adaptive Learning Objects for virtual environments instanced by the competencies Carlos Guevara, Jose Aguilar, Alexandra González-Eras Adv. Sci. Technol. Eng. Syst. J. 2(3), 345-355 (2017); View Description An Overview of Traceability: Towards a general multi-domain model Kamal Souali, Othmane Rahmaoui, Mohammed Ouzzif Adv. Sci. Technol. Eng. Syst. J. 2(3), 356-361 (2017); View Description L-Band SiGe HBT Active Differential Equalizers with Variable, Positive or Negative Gain Slopes Using Dual-Resonant RLC Circuits Yasushi Itoh, Hiroaki Takagi Adv. Sci. Technol. Eng. Syst. J. 2(3), 362-368 (2017); View Description Moving Towards Reliability-Centred Management of Energy, Power and Transportation Assets Kang Seng Seow, Loc K. Nguyen, Kelvin Tan, Kees-Jan Van Oeveren Adv. Sci. Technol. Eng. Syst. J. 2(3), 369-375 (2017); View Description Secure Path Selection under Random Fading Furqan Jameel, Faisal, M Asif Ali Haider, Amir Aziz Butt Adv. Sci. Technol. Eng. Syst. J. 2(3), 376-383 (2017); View Description Security in SWIPT with Power Splitting Eavesdropper Furqan Jameel, Faisal, M Asif Ali Haider, Amir Aziz Butt Adv. Sci. Technol. Eng. Syst. J. 2(3), 384-388 (2017); View Description Performance Analysis of Phased Array and Frequency Diverse Array Radar Ambiguity Functions Shaddrack Yaw Nusenu Adv. Sci. Technol. Eng. Syst. J. 2(3), 389-394 (2017); View Description Adaptive Discrete-time Fuzzy Sliding Mode Control For a Class of Chaotic Systems Hanene Medhaffar, Moez Feki, Nabil Derbel Adv. Sci. Technol. Eng. Syst. J. 2(3), 395-400 (2017); View Description Fault Tolerant Inverter Topology for the Sustainable Drive of an Electrical Helicopter Igor Bolvashenkov, Jörg Kammermann, Taha Lahlou, Hans-Georg Herzog Adv. Sci. Technol. Eng. Syst. J. 2(3), 401-411 (2017); View Description Computational Intelligence Methods for Identifying Voltage Sag in Smart Grid Turgay Yalcin, Muammer Ozdemir Adv. Sci. Technol. Eng. Syst. J. 2(3), 412-419 (2017); View Description A Highly-Secured Arithmetic Hiding cum Look-Up Table (AHLUT) based S-Box for AES-128 Implementation Ali Akbar Pammu, Kwen-Siong Chong, Bah-Hwee Gwee Adv. Sci. Technol. Eng. Syst. J. 2(3), 420-426 (2017); View Description Service Productivity and Complexity in Medical Rescue Services Markus Harlacher, Andreas Petz, Philipp Przybysz, Olivia Chaillié, Susanne Mütze-Niewöhner Adv. Sci. Technol. Eng. Syst. J. 2(3), 427-434 (2017); View Description Principal Component Analysis Application on Flavonoids Characterization Che Hafizah Che Noh, Nor Fadhillah Mohamed Azmin, Azura Amid Adv. Sci. Technol. Eng. Syst. J. 2(3), 435-440 (2017); View Description A Reconfigurable Metal-Plasma Yagi-Yuda Antenna for Microwave Applications Giulia Mansutti, Davide Melazzi, Antonio-Daniele Capobianco Adv. Sci. Technol. Eng. Syst. J. 2(3), 441-448 (2017); View Description Verifying the Detection Results of Impersonation Attacks in Service Clouds Sarra Alqahtani, Rose Gamble Adv. Sci. Technol. Eng. Syst. J. 2(3), 449-459 (2017); View Description Image Segmentation Using Fuzzy Inference System on YCbCr Color Model Alvaro Anzueto-Rios, Jose Antonio Moreno-Cadenas, Felipe Gómez-Castañeda, Sergio Garduza-Gonzalez Adv. Sci. Technol. Eng. Syst. J. 2(3), 460-468 (2017); View Description Segmented and Detailed Visualization of Anatomical Structures based on Augmented Reality for Health Education and Knowledge Discovery Isabel Cristina Siqueira da Silva, Gerson Klein, Denise Munchen Brandão Adv. Sci. Technol. Eng. Syst. J. 2(3), 469-478 (2017); View Description Intrusion detection in cloud computing based attack patterns and risk assessment Ben Charhi Youssef, Mannane Nada, Bendriss Elmehdi, Regragui Boubker Adv. Sci. Technol. Eng. Syst. J. 2(3), 479-484 (2017); View Description Optimal Sizing and Control Strategy of renewable hybrid systems PV-Diesel Generator-Battery: application to the case of Djanet city of Algeria Adel Yahiaoui, Khelifa Benmansour, Mohamed Tadjine Adv. Sci. Technol. Eng. Syst. J. 2(3), 485-491 (2017); View Description RFID Antenna Near-field Characterization Using a New 3D Magnetic Field Probe Kassem Jomaa, Fabien Ndagijimana, Hussam Ayad, Majida Fadlallah, Jalal Jomaah Adv. Sci. Technol. Eng. Syst. J. 2(3), 492-497 (2017); View Description Design, Fabrication and Testing of a Dual-Range XY Micro-Motion Stage Driven by Voice Coil Actuators Xavier Herpe, Matthew Dunnigan, Xianwen Kong Adv. Sci. Technol. Eng. Syst. J. 2(3), 498-504 (2017); View Description Self-Organizing Map based Feature Learning in Bio-Signal Processing Marwa Farouk Ibrahim Ibrahim, Adel Ali Al-Jumaily Adv. Sci. Technol. Eng. Syst. J. 2(3), 505-512 (2017); View Description A delay-dependent distributed SMC for stabilization of a networked robotic system exposed to external disturbances Fatma Abdelhedi, Nabil Derbel Adv. Sci. Technol. Eng. Syst. J. 2(3), 513-519 (2017); View Description Modelization of cognition, activity and motivation as indicators for Interactive Learning Environment Asmaa Darouich, Faddoul Khoukhi, Khadija Douzi Adv. Sci. Technol. Eng. Syst. J. 2(3), 520-531 (2017); View Description Homemade array of surface coils implementation for small animal magnetic resonance imaging Fernando Yepes-Calderon, Olivier Beuf Adv. Sci. Technol. Eng. Syst. J. 2(3), 532-539 (2017); View Description An Encryption Key for Secure Authentication: The Dynamic Solution Zubayr Khalid, Pritam Paul, Khabbab Zakaria, Himadri Nath Saha Adv. Sci. Technol. Eng. Syst. J. 2(3), 540-544 (2017); View Description Multi-Domain Virtual Network Embedding with Coordinated Link Mapping Shuopeng Li, Mohand Yazid Saidi, Ken Chen Adv. Sci. Technol. Eng. Syst. J. 2(3), 545-552 (2017); View Description Semantic-less Breach Detection of Polymorphic Malware in Federated Cloud." Advances in Science, Technology and Engineering Systems Journal 2, no. 3 (2017): 553–61. http://dx.doi.org/10.25046/aj020371.

Full text
APA, Harvard, Vancouver, ISO, and other styles
37

"Detection and Prevention of De-authentication Attack in Real-time Scenario." VOLUME-8 ISSUE-10, AUGUST 2019, REGULAR ISSUE 8, no. 10 (2019): 3324–30. http://dx.doi.org/10.35940/ijitee.j1217.0881019.

Full text
Abstract:
Wireless Local Area Network (WLAN) is an infrastructure network in which nodes are connected to a centralized system to provide Internet access to mobile users by radio waves. But WLANs are vulnerable to Medium Access Control (MAC) layer Denial of Service (DoS) attacks due to the susceptibility of the management frames. An attacker can spoof the MAC address of the legitimate client and perform de-authentication attack to disconnect WLANs users from the access point. Many free tools are available in Kali Linux Operating System (OS) by which this attack can be performed and cause a security threat to WLAN users. The consequences of de-authentication DoS attack are frequent disconnection from Internet, traffic redirection, man-in-the-middle attack, and congestion. Despite enormous efforts in combating de-authentication DoS attack in the past decade, this attack is still a serious threat to the security of the cyber world. Medium Access Control Spoof Detection and Prevention (MAC SDP) DoS algorithm performs detection and prevention of de-authentication attack caused by spoofing MAC address. This algorithm is modified to make it more immune to the de-authentication attack and implemented in real-time scenario. The results show that the proposed technique increases the packet flow rate by 20.36%, reduces the packet loss by 95.71%, and reduces the down time and recovery time by 0.39 sec and 0.9 sec respectively as compared to MAC SDP DoS algorithm.
APA, Harvard, Vancouver, ISO, and other styles
38

Rajinder, Singh, and Kumar Satish. "A LIGHT WEIGHT SOLUTION FOR DETECTING DE-AUTHENTICATION ATTACK." January 31, 2019. https://doi.org/10.5121/ijnsa.2019.11102.

Full text
Abstract:
Nowadays Wireless local area networks (WLANs) are growing very rapidly. Due to the popularity of 802.11 networks, possibilities of various attacks to the wireless network have also increased. In this paper, a special type of attack De-Authentication/disassociation attack has been investigated. In a normal scenario, a wireless client or user sends a de-authentication frame when it wants to terminate the connection. These frames are in plain text and are not encrypted. These are not authenticated by the access point. Attackers take advantage of this, and spoof these packets and disable the communication between the connected client and access point. In this paper, an algorithm based on radio-tap header information is suggested to identify whether there is a De-Authentication attack on the client or not. &nbsp;
APA, Harvard, Vancouver, ISO, and other styles
39

Nyangaresi, Vincent Omollo, Zaid Ameen Abduljabbar, Keyan Abdul-Aziz Mutlaq, et al. "Smart city energy efficient data privacy preservation protocol based on biometrics and fuzzy commitment scheme." Scientific Reports 14, no. 1 (2024). http://dx.doi.org/10.1038/s41598-024-67064-z.

Full text
Abstract:
AbstractAdvancements in cloud computing, flying ad-hoc networks, wireless sensor networks, artificial intelligence, big data, 5th generation mobile network and internet of things have led to the development of smart cities. Owing to their massive interconnectedness, high volumes of data are collected and exchanged over the public internet. Therefore, the exchanged messages are susceptible to numerous security and privacy threats across these open public channels. Although many security techniques have been designed to address this issue, most of them are still vulnerable to attacks while some deploy computationally extensive cryptographic operations such as bilinear pairings and blockchain. In this paper, we leverage on biometrics, error correction codes and fuzzy commitment schemes to develop a secure and energy efficient authentication scheme for the smart cities. This is informed by the fact that biometric data is cumbersome to reproduce and hence attacks such as side-channeling are thwarted. We formally analyze the security of our protocol using the Burrows–Abadi–Needham logic logic, which shows that our scheme achieves strong mutual authentication among the communicating entities. The semantic analysis of our protocol shows that it mitigates attacks such as de-synchronization, eavesdropping, session hijacking, forgery and side-channeling. In addition, its formal security analysis demonstrates that it is secure under the Canetti and Krawczyk attack model. In terms of performance, our scheme is shown to reduce the computation overheads by 20.7% and hence is the most efficient among the state-of-the-art protocols.
APA, Harvard, Vancouver, ISO, and other styles
40

Neelakantan, N. Pratik, and C. Nagesh. "Role of Feature Selection in Intrusion Detection Systems for 802.11 Networks." International Journal of Smart Sensor and Adhoc Network., October 2011, 98–101. http://dx.doi.org/10.47893/ijssan.2011.1030.

Full text
Abstract:
Intrusion Detection Systems are important for protecting network and its resources from illegal penetration. For 802.11network, the features used for training and testing the intrusion detection systems consist of basic information related to the TCP/IP header, with no considerable attention to the features associated with lower level protocol frames. The resulting detectors were efficient and accurate in detecting network attacks at the network and transport layers, but unfortunately, not capable of detecting 802.11-specific attacks such as de authentication attacks or MAC layer DoS attack. IDS systems can also identify and alert to the presence of unauthorized MAC addresses on the networks. The IDS is based a novel hybrid model that efficiently selects the optimal set of features in order to detect 802.11-specific intrusions. This model for feature selection uses the information gain ratio measure as a means to compute the relevance of each feature and the k-means classifier to select the optimal set of MAC layer features that can improve the accuracy of intrusion detection systems while reducing the learning time of their learning algorithm.
APA, Harvard, Vancouver, ISO, and other styles
41

"Mitigating the Threat due to Data Deduplication Attacks in Cloud Migration using User Layer Authentication with Light Weight Cryptography." International Journal of Innovative Technology and Exploring Engineering 9, no. 3 (2020): 2539–45. http://dx.doi.org/10.35940/ijitee.c8463.019320.

Full text
Abstract:
The widespread adoption of multi-cloud in enterprises is one of the root causes of cost-effectiveness. Cloud service providers reduce storage costs through advanced data de-duplication, which also provides vulnerabilities for attackers. Traditional approaches to authentication and data security for a single cloud need to be upgraded to be best suitable for cloud-to-cloud data migration security in order to mitigate the impact of dictionary and template attacks on authentication and data integrity, respectively. This paper proposes a scheme of user layer authentication along with lightweight cryptography. The proposed simulates its mathematical model to analyze the behavioral pattern of time-complexity of data security along with user auth protection. The performance pattern validates the model for scalability and reliability against both authentication and data integrity.
APA, Harvard, Vancouver, ISO, and other styles
42

Gopalan, S. Harihara, A. Manikandan, N. P. Dharani, and G. Sujatha. "Enhancing IoT Security: A Blockchain-Based Mitigation Framework for Deauthentication Attacks." International Journal of Networked and Distributed Computing, May 28, 2024. http://dx.doi.org/10.1007/s44227-024-00029-w.

Full text
Abstract:
AbstractThe proposed Blockchain-Based Mitigation of Deauthentication Attacks (BBMDA) Framework aims to enhance the security and trustworthiness of IoT environments by leveraging blockchain technology, the Elliptic Curve Digital Signature Algorithm (ECDSA) for secure authentication, and Multi-Task Transformer (MTT) for efficient traffic classification. This paper presents a novel approach to mitigate de-authentication attacks in IoT ecosystems. The research methodology involves developing and implementing the BBMDA framework, followed by a comprehensive evaluation and comparison with existing techniques. Key findings indicate that the BBMDA framework outperforms traditional methods such as Support Vector Machine (SVM), k-nearest Neighbors (KNN), and Convolutional Neural Network (CNN) in terms of accuracy, false positive rate, false negative rate, precision, recall, and F1-score. These results underscore the effectiveness and efficiency of the proposed framework in enhancing IoT security.
APA, Harvard, Vancouver, ISO, and other styles
43

Taqieddin, Eyad S. "On the Improper Use of CRC for Cryptographic Purposes in RFID Mutual Authentication Protocols." International Journal of Communication Networks and Information Security (IJCNIS) 9, no. 2 (2022). http://dx.doi.org/10.17762/ijcnis.v9i2.2376.

Full text
Abstract:
Mutual authentication is essential to guarantee the confidentiality, integrity, and availability of an RFID system. One area of interest is the design of lightweight mutual authentication protocols that meet the limited computational and energy resources of the tags. These protocols use simple operations such as permutation and cyclic redundancy code for cryptographic purposes. However, these functions are cryptographically weak and are easily broken. In this work, we present a case against the use of these functions for cryptographic purposes, due to their simplicity and linear properties, by analyzing the LPCP protocol. We evaluate the claims of the LPCP resistance to de-synchronization and full disclosure attacks and show that the protocol is weak and can be easily broken by eavesdropping on a few mutual authentication sessions. This weakness stems from the functions themselves as well as the improper use of inputs to these functions. We further offer suggestions that would help in designing more secure protocols.
APA, Harvard, Vancouver, ISO, and other styles
44

Suresh Kumar, V., Osamah Ibrahim Khalaf, Radha Raman Chandan, et al. "Implementation of a novel secured authentication protocol for cyber security applications." Scientific Reports 14, no. 1 (2024). http://dx.doi.org/10.1038/s41598-024-76306-z.

Full text
Abstract:
AbstractRobust verification protocols are crucial for maintaining the security and reliability of sensitive information due to the increasing complexity of cyber-attacks. This paper introduces a novel 5G Secure Handover Protocol aimed at addressing security and effectiveness issues encountered in existing systems. The proposed protocol is robust against various attacks, including de-synchronization, replay, man-in-the-middle (MITM), denial of services (DoS), and jamming, ensures perfect forward key secrecy, safeguarding communication confidentiality. The proposed protocol utilizes a combination of spiking neural network and fuzzy logic (SNN-FL) techniques that must choose the goal cell as carefully as possible before initiating the transfer process. By combining fuzzy logic and spiking neural networks to reduce handover latency and thwart several types of cyberattacks, the proposed 5G Secure Handover Protocol improves security. Extensive simulations show its efficacy and emphasize its potential for safe communication in large-scale cybersecurity applications. The paper presents a novel secure authentication protocol that significantly reduces handover delays and improves efficiency. Simulations show its resilience against common security threats, protecting sensitive information and maintaining secure communication channels. The protocol, with low communication expenses, complex spatial, and latency for changeover verification, is ideal for large-scale cybersecurity applications, contributing to the development of secure digital authentication mechanisms.
APA, Harvard, Vancouver, ISO, and other styles
45

Kydyrbekova, A., and D. Oralbekova. "SPEAKER IDENTIFICATION USING DISTRIBUTION-PRESERVING X-VECTOR GENERATION." Physico-mathematical series, no. 4 (December 4, 2024). https://doi.org/10.32014/2024.2518-1726.314.

Full text
Abstract:
With the increasing use of voice assistants and spoken language interfaces, important concerns have arisen regarding the privacy of voice data. In an attempt to mitigate the threat of attacks on voice data, in this paper we propose an x-vector identification and authentication system. This method modifies the speaker's pitch and accent information from the original speech signal. The proposed method produces a more natural-sounding anonymized voice in addition to the de-identified speaker. However, it yields a relative EER improvement of up to 19.30% for the identified-anonymized registration-test pairs. We observed that along with good speaker de-identification, the anonymized utterances have adequate speech intelligibility and naturalness. Our method can be easily integrated with others as an identification component of a system and eliminates the need to assign speakers to use during identification.
APA, Harvard, Vancouver, ISO, and other styles
46

Cheng, Z., and L. Chen. "Certicateless Public Key Signature Schemes from Standard Algorithms." September 7, 2020. https://doi.org/10.5281/zenodo.4017195.

Full text
Abstract:
Certi cateless public key cryptography (CL-PKC) is designed to have suc- cinct public key management without using certi cates at the same time avoid the key-escrow attribute in the identity-based cryptography. However, it ap- pears dicult to construct CL-PKC schemes from standard algorithms. Secu- rity mechanisms employing self-certi ed key (also known as implicit certi cate) can achieve same goals. But there still lacks rigorous security de nitions for implicit-certi cate-based mechanisms and such type of schemes were not ana- lyzed formally and often found vulnerable to attacks later. In this work, we rst unify the security notions of these two types of mech- anisms within an extended CL-PKC formulation. We further present a general key-pair generation algorithm for CL-PKC schemes and use it with the key pre xing technique to construct certi cateless public key signature (CL-PKS) schemes from standard algorithms. The security of the schemes is analyzed within the new model, and it shows that the applied technique helps defeat known-attacks against existing constructions. The resulting schemes could be quickly deployed based on the existing stan- dard algorithm implementations. They are particularly useful in the Internet of Things (IoT) to provide security services such as entity authentication, data integrity and non-repudiation because of their low computation cost, bandwidth consumption and storage requirement.
APA, Harvard, Vancouver, ISO, and other styles
47

Csatár, János, Péter Görgey, and Tamás Holczer. "Villamos rendszerek kiberbiztonsága az Ukrajnával kapcsolatos történések tükrében." Scientia et Securitas, March 28, 2024, 1–12. http://dx.doi.org/10.1556/112.2023.00158.

Full text
Abstract:
Összefoglalás. Minden fejlett ország erősen függ a villamosenergia-rendszerek működésétől, ami az idő előrehaladtával várhatóan növekedni fog. A stabil működést számos faktor befolyásolja, ezek egy része véletlenszerű (pl. időjárás), de az emberi tényező is nagy hatással van a megbízhatóságra. Ebben a cikkben a szándékos károkozás azon speciális eseteivel foglalkozunk, amikor a támadó a rendszert felügyelő és irányító számítógépes rendszeren keresztül befolyásolja károsan a villamosenergia-rendszer alapvető működését. Ehhez áttekintjük a két rendszer összefonódását, megvizsgáljuk az elmúlt nyolc évben Ukrajnában történt ilyen eseteket. A cikkben összegezzük és elemezzük a történéseket, valamint javaslatokat teszünk, hogy mit lehet tenni az ilyen káros események elkerülése érdekében, szem előtt tartva a „megelőzés, észlelés, reagálás” elvét. Summary. All developed countries are highly dependent on the operation of electric power systems, and this dependence will probably increase. Many factors influence stable operation, some of which are random (weather or failures of devices and cables); however, human activities also have a significant impact on reliability. In this paper, we deal with special cases of attacks that achieve a detrimental effect on the electric power system by compromising the controlling and monitoring computer systems. To support the reader, we first analyze the key components of the physical and cyber parts of the system to provide an understanding of the intertwining of these domains – it is a cyber-physical system. We further elaborate on how an event can spread from one part to the other through domains. Then, a series of actual examples underlines the importance of this topic, focusing on malicious acts committed with the goal of sabotaging the power system. Thereafter, we analyze cyber-attacks committed during the last eight years in Ukraine. Most of these attacked the Ukrainian electric power system, aiming for blackouts and device destruction. Some of the attacks had severe consequences in other European countries as well. However, some attacks were successfully stopped before any harm was made. After analyzing the events, we conclude that threat actors’ focus shifted from causing short-term blackouts to device destruction and long-term breakdowns. In the last part of our paper, we enumerate mitigation methods for operators. Our enumeration is based on the PreDeCo principle, namely prevention, detection, and correction. In conclusion, the defender must separate its different purpose networks, use strong authentication and authorization, and have proper patch management policies. These techniques must be verified with regular penetration tests. As the Ukrainian examples show, the threat actor sometimes can avoid prevention techniques; thus, good detection is necessary. The detection is based on analyzing the output of intrusion detection systems and detailed logging facilities. The analysis should be done in the security operations center by experts with knowledge of both cyberspace and electric power systems operations. In case of an incident, the security operations center must make corrective steps with the possible help of external experts. The corrective steps include the understanding of the incident, the recovery from the incident, the prevention of future similar incidents, and the digital forensic of the incident.
APA, Harvard, Vancouver, ISO, and other styles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography