Your search keyword '"William J Buchanan"' showing total 42 results

1. Exploring the Need For an Updated Mixed File Research Data Set

Author

Simon R. Davies, Richard Macfarlane, and William J. Buchanan

Published

2021

2. Review of Current Ransomware Detection Techniques

Author

Simon R. Davies, Richard Macfarlane, and William J. Buchanan

Published

2021

3. Evaluating Tooling and Methodology when Analysing Bitcoin Mixing Services After Forensic Seizure

Author

Edward Henry Young, Christos Chrysoulas, Nikolaos Pitropakis, Pavlos Papadopoulos, and William J Buchanan

Subjects

FOS: Computer and information sciences, Computer Science - Cryptography and Security, Data_FILES, ComputingMilieux_LEGALASPECTSOFCOMPUTING, Cryptography and Security (cs.CR)

Abstract

Little or no research has been directed to analysis and researching forensic analysis of the Bitcoin mixing or 'tumbling' service themselves. This work is intended to examine effective tooling and methodology for recovering forensic artifacts from two privacy focused mixing services namely Obscuro which uses the secure enclave on intel chips to provide enhanced confidentiality and Wasabi wallet which uses CoinJoin to mix and obfuscate crypto currencies. These wallets were set up on VMs and then several forensic tools used to examine these VM images for relevant forensic artifacts. These forensic tools were able to recover a broad range of forensic artifacts and found both network forensics and logging files to be a useful source of artifacts to deanonymize these mixing services., Comment: Accepted for publication in the International Conference on Data Analytics for Business and Industry (ICDABI) 2021 - (DATA'21)

Published

2021

4. Chaos-Based Confusion and Diffusion of Image Pixels Using Dynamic Substitution

Author

Wadii Boulila, Fawad Khan, Fawad Masood, Saeed Rubaiee, Abdullah Qayyum, Arshad, William J Buchanan, and Jawad Ahmad

Subjects

General Computer Science, Computer science, TK, chaos, Ikeda map, 02 engineering and technology, Cyber-security, Encryption, Henon Map, Ikeda Map, Chaos, Encryption, Substitution Box, 0202 electrical engineering, electronic engineering, information engineering, Centre for Distributed Computing, Networking and Security, Cryptosystem, Entropy (information theory), General Materials Science, Henon map, encryption, Pixel, business.industry, Key space, General Engineering, 020206 networking & telecommunications, AI and Technologies, substitution box, 020201 artificial intelligence & image processing, Confusion and diffusion, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, Algorithm, lcsh:TK1-9971

Abstract

The evolution of wireless and mobile communication from 0G to the upcoming 5G gives rise to data sharing through the Internet. This data transfer via open public networks are susceptible to several types of attacks. Encryption is a method that can protect information from hackers and hence confidential data can be secured through a cryptosystem. Due to the increased number of cyber attacks, encryption has become an important component of modern-day communication. In this article, a new image encryption algorithm is presented using chaos theory and dynamic substitution. The proposed scheme is based on two-dimensional Henon, Ikeda chaotic maps, and substitution box (S-box) transformation. Through Henon, a random S-Box is selected and the image pixel is substituted randomly. To analyze security and robustness of the proposed algorithm, several security tests such as information entropy, histogram investigation, correlation analysis, energy, homogeneity, and mean square error are performed. The entropy values of the test images are greater than 7.99 and the key space of the proposed algorithm is 2798. Furthermore, the correlation values of the encrypted images using the proposed scheme are close to zero when compared with other conventional schemes. The number of pixel change rate (NPCR) and unified average change intensity (UACI) for the proposed scheme are higher than 99.50% and 33, respectively. The simulation results and comparison with the state-of-the-art algorithms prove the efficiency and security of the proposed scheme.

Published

2020

5. Mitigation Mechanisms Against the DAO Attack on the Routing Protocol for Low Power and Lossy Networks (RPL)

Author

William J Buchanan, Craig Thomson, Baraq Ghaleb, Ahmed Al-Dubai, and Isam Wadhaj

Subjects

Routing protocol, General Computer Science, Computer science, Reliability (computer networking), Internet of Things, Context (language use), 02 engineering and technology, Internet of Things, Low Power and Lossy Networks, Security in RPL, DAO attack, 0202 electrical engineering, electronic engineering, information engineering, Centre for Distributed Computing, Networking and Security, Overhead (computing), General Materials Science, Network performance, security in RPL, low power and lossy networks, Network packet, business.industry, Node (networking), General Engineering, 020206 networking & telecommunications, Energy consumption, AI and Technologies, 020201 artificial intelligence & image processing, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, Computer network, DAO attack

Abstract

Destination Advertisement Objects (DAOs) are sent upward by RPL nodes toward the DODAG root, to build the downward routing paths carrying traffic from the root to its associated nodes. This routing mechanism can be exploited by a malicious node periodically transmitting a large volume of DAO messages towards its parent, which in turn will forward such messages to its own parent and so on, until they arrive at the Direction-Oriented Directed Acyclic Graph (DODAG) root. This ultimately results in a negative effect on network performance in terms of energy consumption, latency and reliability. The first objective of this paper is to evaluate the effect of such a DAO attack in the context of an RPL IoT network. In particular, identifying the particular performance metrics and network resources affected most greatly. The second objective is the proposal of mitigating security mechanisms in relation to DAO attacks and to evaluate their effectiveness. The simulation results have shown how the attack can damage the network performance by significantly increasing the DAO overhead and power consumption. It also demonstrated that the DAO attack affect the reliability of the downward traffic under specific conditions. The proposed mechanisms showed a good capacity in restoring the optimal performance of the network by up to 205%, 181%, 87% and 6%, in terms of overhead, latency, power consumption and packet delivery ratio respectively.

Published

2020

6. Towards Continuous User Authentication Using Personalised Touch-Based Behaviour

Author

William J. Buchanan, Peter Aaby, Mario Valerio Giuffrida, and Zhiyuan Tan

Subjects

021110 strategic, defence & security studies, Authentication, Computer science, 0211 other engineering and technologies, 020206 networking & telecommunications, Context (language use), Feature selection, 02 engineering and technology, Mutual information, computer.software_genre, Discriminative model, 0202 electrical engineering, electronic engineering, information engineering, Feature (machine learning), Data mining, Set (psychology), computer, Selection (genetic algorithm)

Abstract

In this paper, we present an empirical evaluation of 30 features used in touch-based continuous authentication. It is essential to identify the most significant features for each user, as behaviour is different amongst humans. Thus, a fixed feature set cannot be applied to all models. We highlight this importance by selecting features accordingly using our approach, seeking to individually select and empirically test the discriminative power of a range of features as well as feature interaction in the context of individual users. We test five different feature selection techniques: Mutual Information, Sequential Forward Selection, Sequential Floating Forward Selection, Sequential Backwards Selection, and Sequential Floating Backwards Selection. Our results show that a unique set of features can be selected for each user, while increasing or maintaining performance, i.e. up to 27 out of 30 features were removed for one user without affecting performance. We also show that distinctive features should be evaluated on a user basis, as particular features may be significant for some, while redundant for others. Moreover, for each user, the same features are selected for horizontal and vertical strokes while performance persists when using a horizontal model to predict vertical behaviour and vice versa.

Published

2020

7. TRUSTD: Combat Fake Content using Blockchain and Collective Signature Technologies

Author

Mohamad Alissa, Xiaodong Liu, Zakwan Jaroucheh, and William J Buchanan

Subjects

0303 health sciences, business.industry, Computer science, Digital content, Internet privacy, 02 engineering and technology, 021001 nanoscience & nanotechnology, 03 medical and health sciences, Knowledge-based systems, Politics, Credibility, Disinformation, Social media, Misinformation, 0210 nano-technology, business, 030304 developmental biology

Abstract

The growing trend of sharing news/contents, through social media platforms and the World Wide Web has been seen to impact our perception of the truth, altering our views about politics, economics, relationships, needs and wants. This is because of the growing spread of misinformation and disinformation intentionally or unintentionally by individuals and organizations. This trend has grave political, social, ethical, and privacy implications for society due to 1) the rapid developments in the field of Machine Learning (ML) and Deep Learning (DL) algorithms in creating realistic-looking yet fake digital content (such as text, images, and videos), 2) the ability to customize the content feeds and to create a polarized so-called "filter-bubbles" leveraging the availability of the big-data. Therefore, there is an ethical need to combat the flow of fake content. This paper attempts to resolves some of the aspects of this combat by presenting a high-level overview of TRUSTD, a blockchain and collective signature based ecosystem to help content creators in getting their content backed by the community, and to help users judge on the credibility and correctness of these contents.

Published

2020

8. Trust-based Ecosystem to Combat Fake News

Author

Zakwan Jaroucheh, William J. Buchanan, and Mohamad Alissa

Subjects

Public-key cryptography, Politics, Correctness, business.industry, Credibility, Internet privacy, Peer to peer computing, ComputingMilieux_COMPUTERSANDSOCIETY, Business, Misinformation, Fake news

Abstract

The growing spread of misinformation and dis-information has grave political, social, ethical, and privacy implications for society. Therefore, there is an ethical need to combat the flow of fake news. This paper attempts to resolves some of the aspects of this combat by presenting a high-level overview of TRUSTD, a blockchain and collective signature based ecosystem to help news creators getting their news backed by the community, and to help users to judge on the credibility and correctness of these news.

Published

2020

9. A Novel Multi-Chaos Based Compressive Sensing Encryption Technique

Author

Ahsen Tahir, Atif Jameel, Qammer H. Abbasi, Jan Sher Khan, Jawad Ahmad, and William J. Buchanan

Subjects

Secure Hash Algorithm, business.industry, Computer science, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Cryptography, Plaintext, Data_CODINGANDINFORMATIONTHEORY, Random permutation, Encryption, Computer Science::Computer Vision and Pattern Recognition, Computer Science::Multimedia, Discrete cosine transform, Orthogonal matrix, Hardware_ARITHMETICANDLOGICSTRUCTURES, business, Block size, Algorithm, Computer Science::Cryptography and Security

Abstract

Compressive sensing is a compression technique that can be effectively utilised in multimedia encryption. This paper proposes a new compressive sensing image encryption scheme using the Secure Hash Algorithm (SHA-512), Discrete Cosine Transform (DCT), orthogonal matrix and discrete Chirikov map-based random permutation. DCT is applied on a plaintext image and a block of DCT coefficients is multiplied with an orthogonal matrix. Inverse DCT and scaling are performed to restrict the values between 0 and 255. Furthermore, values are shuffled using Chirikov-based pseudo-random permutation. A strong trade-off exists between DCT block size and computational efficiency. The quality and Signal to Noise Ratio (SNR) of the decrypted image decreases when the size of the DCT matrix is reduced, increasing the speed of the encryption algorithm. An extensive security analyses of the proposed scheme are performed, which establishes the robustness, computational efficiency and security of the technique against cryptographic attacks.

Published

2020

10. Requirements for 5G based telemetric cardiac monitoring

Author

Claudia Rolffs, Andreas Bollmann, William J Buchanan, Christoph Thuemmler, and Gerhard Hindricks

Subjects

Geriatrics, medicine.medical_specialty, Geriatric rehabilitation, Network Functions Virtualization, Computer science, medicine.medical_treatment, 020206 networking & telecommunications, 02 engineering and technology, Care of the elderly, medicine.disease, humanities, Unit (housing), Conservative treatment, 0202 electrical engineering, electronic engineering, information engineering, medicine, 020201 artificial intelligence & image processing, Medical emergency, Cardiac monitoring

Abstract

Several white papers have been published on general requirements for 5G in the health vertical. As 5G research and implementation continue more detailed real world information for application research are needed. This paper is focusing on the requirements for telemetric cardiac monitoring based on real world experiences from a joint project on early geriatric rehabilitation of elderly patients in a care of the elderly department after minimal invasive and conservative treatment in a highly specialized cardiology unit in Leipzig, Germany.

Published

2018

11. An applied pattern-driven corpus to predictive analytics in mitigating SQL injection attack

Author

Solomon Ogbomon Uwagbole, Lu Fan, and William J Buchanan

Subjects

SQL, business.industry, Computer science, Big data, Supervised learning, 020207 software engineering, 02 engineering and technology, Predictive analytics, computer.software_genre, Machine learning, Data modeling, SQL injection, 0202 electrical engineering, electronic engineering, information engineering, Web application, 020201 artificial intelligence & image processing, The Internet, Data mining, Artificial intelligence, business, computer, computer.programming_language

Abstract

Emerging computing relies heavily on secure backend storage for the massive size of big data originating from the Internet of Things (IoT) smart devices to the Cloud-hosted web applications. Structured Query Language (SQL) Injection Attack (SQLIA) remains an intruder's exploit of choice to pilfer confidential data from the back-end database with damaging ramifications. The existing approaches were all before the new emerging computing in the context of the Internet big data mining and as such will lack the ability to cope with new signatures concealed in a large volume of web requests over time. Also, these existing approaches were strings lookup approaches aimed at on-premise application domain boundary, not applicable to roaming Cloud-hosted services' edge Software-Defined Network (SDN) to application endpoints with large web request hits. Using a Machine Learning (ML) approach provides scalable big data mining for SQLIA detection and prevention. Unfortunately, the absence of corpus to train a classifier is an issue well known in SQLIA research in applying Artificial Intelligence (AI) techniques. This paper presents an application context pattern-driven corpus to train a supervised learning model. The model is trained with ML algorithms of Two-Class Support Vector Machine (TC SVM) and Two-Class Logistic Regression (TC LR) implemented on Microsoft Azure Machine Learning (MAML) studio to mitigate SQLIA. This scheme presented here, then forms the subject of the empirical evaluation in Receiver Operating Characteristic (ROC) curve.

Published

2017

12. Performance evaluation of a fragmented secret share system

Author

Elochukwu Ukwandu, Gordon Russell, and William J Buchanan

Subjects

Scheme (programming language), business.industry, Computer science, Distributed computing, Big data, Cryptography, Computer security, computer.software_genre, Secret sharing, File size, Computer data storage, Data_FILES, Key (cryptography), business, computer, Computer memory, computer.programming_language

Abstract

There are many risks in moving data into public storage environments, along with an increasing threat around large-scale data leakage. Secret sharing scheme has been proposed as a keyless and resilient mechanism to mitigate this, but scaling through large scale data infrastructure has remained the bane of using secret sharing scheme in big data storage and retrievals. This work applies secret sharing methods as used in cryptography to create robust and secure data storage and retrievals in conjunction with data fragmentation. It outlines two different methods of distributing data equally to storage locations as well as recovering them in such a manner that ensures consistent data availability irrespective of file size and type. Our experiments consist of two different methods — data and key shares. Using our experimental results, we were able to validate previous works on the effects of threshold on file recovery. Results obtained also revealed the varying effects of share writing to and retrieval from storage locations other than computer memory. The implication is that increase in fragment size at varying file and threshold sizes rather than add overheads to file recovery, do so on creation instead, underscoring the importance of choosing a varying fragment size as file size increases.

Published

2017

13. Applied Machine Learning predictive analytics to SQL Injection Attack detection and prevention

Author

Solomon Ogbomon Uwagbole, Lu Fan, and William J Buchanan

Subjects

SQL, Database, Application programming interface, business.industry, Computer science, Big data, 020206 networking & telecommunications, 020207 software engineering, 02 engineering and technology, Predictive analytics, computer.software_genre, Machine learning, SQL injection, 0202 electrical engineering, electronic engineering, information engineering, Web application, Attack patterns, Artificial intelligence, Web service, business, computer, computer.programming_language

Abstract

The back-end database is pivotal to the storage of the massive size of big data Internet exchanges stemming from cloud-hosted web applications to Internet of Things (IoT) smart devices. Structured Query Language (SQL) Injection Attack (SQLIA) remains an intruder's exploit of choice on vulnerable web applications to pilfer confidential data from the database with potentially damaging consequences. The existing solutions of mostly signature approaches were all before the recent challenges of big data mining and at such lacks the functionality and ability to cope with new signatures concealed in web requests. An alternative Machine Learning (ML) predictive analytics provides a functional and scalable mining to big data in detection and prevention of SQLIA. Unfortunately, lack of availability of readymade robust corpus or data set with patterns and historical data items to train a classifier are issues well known in SQLIA research. In this paper, we explore the generation of data set containing extraction from known attack patterns including SQL tokens and symbols present at injection points. Also, as a test case, we build a web application that expects dictionary word list as vector variables to demonstrate massive quantities of learning data. The data set is pre-processed, labelled and feature hashing for supervised learning. The trained classifier to be deployed as a web service that is consumed in a custom dot NET application implementing a web proxy Application Programming Interface (API) to intercept and accurately predict SQLIA in web requests thereby preventing malicious web requests from reaching the protected back-end database. This paper demonstrates a full proof of concept implementation of an ML predictive analytics and deployment of resultant web service that accurately predicts and prevents SQLIA with empirical evaluations presented in Confusion Matrix (CM) and Receiver Operating Curve (ROC).

Published

2017

14. Protecting documents with sticky policies and identity-based encryption

Author

William J Buchanan and Grzegorz Spyra

Subjects

business.industry, Computer science, computer.internet_protocol, Client-side encryption, Access control, Encryption, Computer security, computer.software_genre, World Wide Web, Filesystem-level encryption, 40-bit encryption, 56-bit encryption, On-the-fly encryption, business, computer, XML

Abstract

Cloud-based systems are increasing being used to store sensitive documents, but which increasingly exposes them to the access from malicious entities. A major problem with this is that it is often difficult to apply access control policies which can be scaled into the Cloud. Along with this, modern cryptography methods tend to encrypt and control access to complete documents, and where, increasingly we need to control access to parts of a document. This paper outlines the integration of sticky policies that are embedded into OOXML (Open Office XML) and which protects each individual element of a data entity rather than the entire document, and without content granular access control. Finally it combines with modern public key Identity-Based Encryption (IBE) scheme to securely attach the sticky policy onto data.

Published

2016

15. HI-risk: A method to analyse health information risk intelligence

Author

Nicole van Deursen and William J Buchanan

Subjects

020206 networking & telecommunications, 02 engineering and technology, Risk factor (computing), Asset (computer security), Computer security, computer.software_genre, Security information and event management, Threat, Information security audit, Risk analysis (engineering), Information security management, Information security standards, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Business, computer, Vulnerability (computing)

Abstract

Information security threat intelligence is a prevalent topic amongst researchers, long-established IT-vendors and start-ups. The possibilities of Big Data analytics to security threat and vulnerability scanning offer a significant development in the protection of infrastructures. At the same time, industry research reports continue to state that the main contributing factor in the events leading to a data breach is human error. The common response of information security professionals is to resort to technological solutions to prevent these human errors. However, some very important information security intelligence is not hidden within the network traffic: it's available from the people that work with sensitive information. This article describes the Health Information risk (HI-risk) method to identify non-technical information security risks in healthcare. The method includes risks related to skills, behaviour, processes, organisational culture, physical security, and external influences. HI-risk offers a solution to collect intelligence about nontechnical information security incidents from across the healthcare sector to demonstrate past trends and to be ahead of future incidents. A test of a HI-risk forecast proved the feasibility of this approach in healthcare and beyond. It is suggested that HI-risk could become a valuable addition to existing technical threat and vulnerability monitoring tools.

Published

2016

16. Sticky policy enabled authenticated OOXML

Author

Grzegorz Spyra, Elias Ekonomou, and William J Buchanan

Subjects

business.industry, computer.internet_protocol, XACML, Cloud computing, Access control, Cryptography, Encryption, Computer security, computer.software_genre, Public-key cryptography, World Wide Web, Data sharing, business, computer, XML, computer.programming_language

Abstract

This paper proposes a secure document sharing construction, which addresses confidentiality and authenticity concerns related to cloud-based data sharing. The goal of this research is to find an efficient way to share data in the cloud across various security boundaries and in different access contexts for large enterprises as well as for small business market and private use. This work extends the popular Office Open XML (OOXML) document format with an eXtensible Access Control Mark-up Language (XACML) data piece, which defines a sticky-policy. The defined model leverages the original Identity Based Encryption (IBE) primitive properties by using sticky-policy to construct a public key. Research shows that Sticky-policy successfully followed the protected data in the cloud and only authorized subject accessed the data. Cryptographic operations on the client side during document encryption and decryption here were marginally faster than in other RSA based Information Rights Management IRM systems. Technologies used for proposed construction are not new, therefore only their unique combination with sticky-policy used as a public key constitutes novelty of this research.

Published

2016

17. Numerical encoding to Tame SQL injection attacks

Author

William J Buchanan, Lu Fan, and Solomon Ogbomon Uwagbole

Subjects

SQL, Finite-state machine, Computer science, business.industry, Supervised learning, 020207 software engineering, 02 engineering and technology, computer.software_genre, Machine learning, Perceptron, 03 medical and health sciences, 0302 clinical medicine, SQL injection, Web traffic, Scalability, 0202 electrical engineering, electronic engineering, information engineering, Data mining, Pattern matching, Artificial intelligence, business, computer, 030215 immunology, computer.programming_language

Abstract

Recent years have seen an astronomical rise in SQL Injection Attacks (SQLIAs) used to compromise the confidentiality, authentication and integrity of organisations' databases. Intruders becoming smarter in obfuscating web requests to evade detection combined with increasing volumes of web traffic from the Internet of Things (IoT), cloud-hosted and on-premise business applications have made it evident that the existing approaches of mostly static signature lack the ability to cope with novel signatures. A SQLIA detection and prevention solution can be achieved through exploring an alternative bio-inspired supervised learning approach that uses input of labelled dataset of numerical attributes in classifying true positives and negatives. We present in this paper a Numerical Encoding to Tame SQLIA (NETsQlIA) that implements a proof of concept for scalable numerical encoding of features to a dataset attributes with labelled class obtained from deep web traffic analysis. In the numerical attributes encoding: the model leverages proxy in the interception and decryption of web traffic. The intercepted web requests are then assembled for front-end SQL parsing and pattern matching by applying traditional Non-Deterministic Finite Automaton (NFA). This paper is intended for a technique of numerical attributes extraction of any size primed as an input dataset to an Artificial Neural Network (ANN) and statistical Machine Learning (ML) algorithms implemented using Two-Class Averaged Perceptron (TCAP) and Two-Class Logistic Regression (TCLR) respectively. This methodology then forms the subject of the empirical evaluation of the suitability of this model in the accurate classification of both legitimate web requests and SQLIA payloads.

Published

2016

18. Secret shares to protect health records in Cloud-based infrastructures

Author

Nicole van Deursen, William J Buchanan, Gordon Russell, Owen Lo, Elochukwu Ukwandu, Christoph Thuemmler, and Lu Fan

Subjects

Computer science, business.industry, Internet privacy, Key distribution, Cloud computing, Data loss, Encryption, Computer security, computer.software_genre, Failover, Public-key cryptography, Key (cryptography), Architecture, business, computer

Abstract

Increasingly health records are stored in cloud-based systems, and often protected by a private key. Unfortunately the loss of this key can cause large-scale data loss. This paper outlines a novel Cloud-based architecture (SECRET) which supports keyless encryption methods and which can be used for the storage of patient information, along with supporting failover and a break-glass policy.

Published

2015

19. RESCUE: Resilient Secret Sharing Cloud-Based Architecture

Author

Elochukwu Ukwandu, William J. Buchanan, Lu Fan, Gordon Russell, and Owen Lo

Published

2015

20. A new efficient distributed route discovery for wireless mobile ad hoc networks

Author

Mustafa Bani Khalaf, William J Buchanan, and Ahmed Al-Dubai

Subjects

business.industry, Network packet, Computer science, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Broadcast domain, Mobile ad hoc network, Atomic broadcast, Communication in small groups, Broadcast communication network, Redundancy (engineering), business, Broadcast radiation, Computer network

Abstract

High performance group communication, such as broadcast, requires matching efficient broadcast algorithms to effective route discovery approach. Broadcast communication in MANETs is essential for a wide range of important applications. Nevertheless, existing broadcast schemes in MANETs suffer in terms of several issues such as rebroadcast redundancy and collisions. Consequently, this degrades the communication quality especially when dealing with high bandwidth applications. Thus, this paper adopts a new strategy that presents a new distributed route discovery (DRD) scheme to handle the broadcast operation efficiently by reducing the number of the broadcast redundancy request (RREQ) packets and the number of collision and contentions. We examined the performance of the proposed scheme DRD in MANETs; in terms of RREQ rebroadcast number and RREQ collision number. Our experiments confirm the superiority of the proposed scheme over its counterparts in different communication constraints.

Published

2012

21. An Integrated Cloud-based Healthcare Infrastructure

Author

Christoph Thuemmler, William J Buchanan, Lu Fan, and Elias Ekonomou

Subjects

Information privacy, Knowledge management, Cloud computing security, Computer science, computer.internet_protocol, business.industry, Cloud computing, Service-oriented architecture, Permission, Computer security, computer.software_genre, Encryption, complex mixtures, Health care, sense organs, business, computer, Healthcare system

Abstract

We present a cloud-based healthcare system that integrates a formal care system (DACAR) with an informal care system (Microsoft Health Vault). The system provides high levels of security and privacy within a cloud environment, enabling sharing of both health records and the access rights, along the patient pathway. We also define a case study that can help in evaluating and in demonstrating the usefulness of a cloud-based integrated health care system.

Published

2011

22. DACAR Platform for eHealth Services Cloud

Author

William J Buchanan, C. Thummler, Abou Sofyane Khedim, Alistair Lawson, Omair Uthmani, Lu Fan, Derek Bell, and Owen Lo

Subjects

Service (systems architecture), Computer science, business.industry, SOAP, computer.internet_protocol, Information sharing, Automatic identification and data capture, Authorization, Cloud computing, Computer security, computer.software_genre, Underdevelopment, Identification (information), Software deployment, Health care, eHealth, business, computer

Abstract

The use of digital technologies in providing health care services is collectively known as eHealth. Considerable progress has been made in the development of eHealth services, but concerns over service integration, large scale deployment, and security, integrity and confidentiality of sensitive medical data still need to be addressed. This paper presents a solution proposed by the Data Capture and Auto Identification Reference (DACAR) project to overcoming these challenges. The key contributions of this paper include a Single Point of Contact (SPoC), a novel rule based information sharing policy syntax, and Data Buckets hosted by a scalable and cost-effective Cloud infrastructure. These key components and other system services constitute DACAR's eHealth platform, which allows the secure capture, storage and consumption of sensitive health care data. Currently, a prototype of the DACAR platform has been implemented. To assess the viability and performance of the platform, a demonstration application, namely the Early Warning Score (EWS), has been developed and deployed within a private Cloud infrastructure at Edinburgh Napier University. Simulated experimental results show that the end-to-end communication latency of 97.8% of application messages were below 100ms. Hence, the DACAR platform is efficient enough to support the development and integration of time critical eHealth services. A more comprehensive evaluation of the DACAR platform in a real life clinical environment is under development at Chelsea & Westminster Hospital in London.

Published

2011

23. Privacy-preserving data acquisition protocol

Author

Duncan A Spiers, William J Buchanan, and Zbigniew Kwecka

Subjects

Protocol (science), Information privacy, business.industry, Computer science, Cryptographic protocol, Encryption, Computer security, computer.software_genre, Data acquisition, Suspect, business, Register of data controllers, computer, Private information retrieval

Abstract

Current1 investigative data acquisition techniques often breach human and natural rights of the data subject and can jeopardize an investigation. Often the investigators need to reveal to the data controller precise details of their suspect's identity or suspect's profile. In this research a novel approach to investigative data acquisition is presented and privacy preserving Investigative Data Acquisition Protocol (IDAP) is defined. This protocol is the first that allows for performing private information retrieval of records matching multiple selection criteria.

Published

2010

24. A new adaptive broadcasting approach for mobile ad hoc networks

Author

Ahmed Al-Dubai, Mustsfa Bani Khalaf, and William J Buchanan

Subjects

Computer science, business.industry, Wireless ad hoc network, Distributed computing, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Probabilistic logic, Mobile computing, Mobile ad hoc network, Broadcasting, Ad hoc On-Demand Distance Vector Routing, Broadcast communication network, business, Broadcast radiation, Computer network

Abstract

Mobile ad hoc networks (MANETs) have been gaining tremendous attention owing to the advances in wireless technologies accompanied by many applications and implementations. However, there are still a number of issues in MANETs which require further investigations and efficient solutions. Out of these issues, broadcasting in MANETs has been a major problem for both industry and the research community. The broadcast communication is usually required to disseminate a message to all the nodes of a network. This operation is highly required in MANETs to distribute necessary information and ensure efficient control and coordination over the network nodes. However, broadcasting in MANETs is usually susceptible to several challenging communication issues, including, flooding, packets contentions and collisions, i.e., these problems all together are called the Broadcast Storm Problem (BSP). Despite a number of suggested solutions for BSP, the probabilistic scheme is considered the most promising solution due to its simplicity and suitability for MANETs. Under the umbrella of this scheme, many dynamic probabilistic broadcasting algorithms have been proposed in the literature to solve the BSP. However, most of them are not suitable for many applications including those real life scenarios as there are many limitations such as the probability of rebroadcasting operation and thresholds rebroadcasting permission, which is caused by collecting local neighbourhoods' connectivity by broadcasting HELLO packets. In an attempt to enhance and promote the quality of the probabilistic scheme, this paper proposes a new probabilistic approach to overcome these limitations. Our proposed approach is augmented with a well-know ad hoc routing protocols including Ad hoc On demand Distance Victor protocol (AODV). We have conducted intensive simulation experiments under different operating condition. The simulation results show that our proposed approach outperforms its counterparts including the well known blind flooding, fixed probabilistic and traditional dynamic probabilistic approaches.

Published

2010

25. Ad-hoc Routing Metrics and Applied Weighting for QoS support

Author

William J Buchanan and Nikos Migas

Subjects

Routing protocol, Wireless ad hoc network, Computer science, business.industry, Distributed computing, Reliability (computer networking), Quality of service, Throughput, Energy consumption, Metrics, Weighting, Ad hoc routing, business, Computer network

Abstract

In the vast majority of ad-hoc routing protocols, the hop-counting mechanisms for identifying the optimal route are dominant. However, this approach oversimplifies such a complex decision by ignoring the fact that participating devices may have considerably unequal performance characteristics and current utilisation status. Accordingly, it is possible for an optimal route to be composed of devices with high utilisation status, or, low battery reserves, which results in an overall unreliable route. This research work tackles this by identifying the best metrics that can describe any route within a graph, in terms of overall throughput, reliability, and minimum energy consumption. Simulations were carried out by varying critical factors of mobile devices such as battery reserves, memory and CPU utilisation, and results recorded the effect that this has on the device's overall routing metric. This paper also presents the threshold values, which turn the device from routing-capable to routing-incapable state.

Published

2008

26. 7th international workshop on Performance Modeling, Evaluation, and Optimization of Ubiquitous Computing and Networked Systems (PMEO-UCNS’08)

Author

William J Buchanan, Geyong Min, Khalid Al-Begain, Hong Liu, D. K. Arvind, Laurence T. Yang, S. Loucif, A. Touzene, Paul Cockshott, S. Helal, Khaled Day, Xiaolong Jin, Azzedine Boukerche, Li Xiao, Keqin Li, A. Katangur, Imed Romdhani, E. Song, Karim Djemame, Stephen A. Jarvis, Albert Y. Zomaya, Mohamed Ould-Khaoua, Michele Colajanni, Rod Fatoohi, Hamid Sarbazi-Azad, Irfan-Ullah Awan, W. Knottenbelt, Dhiraj K. Pradhan, H. Hassanein, Mirela Sechi Moretti Annoni Notare, Alireza Shahrabi, Ahmad Khonsari, Helen D. Karatza, L. M. Mackenzie, Hamid R. Arabnia, Ahmed Al-Dubai, Nigel Thomas, Tarek El-Ghazawi, M. Woodward, Xiaobo Zhou, Jeremy T. Bradley, Jie Wu, Wim Vanderbauwhede, B. Al-Hashimi, Yi Pan, Tao Xie, and M. Gueroui

Subjects

Ubiquitous computing, Human–computer interaction, Computer science

Published

2008

27. Investigating False Positive Reduction in HTTP via Procedure Analysis

Author

William J Buchanan, Jose Munoz, and Abiola Abimbola

Subjects

Reduction (complexity), Computer science, business.industry, Network communication, The Internet, False positive rate, Intrusion detection system, Data mining, Intrusion prevention system, business, computer.software_genre, Computer security, computer

Abstract

This paper focuses on high false-positive rate of attacks. First, the merits and demerits of research work in curbing false positive rate of attacks in intrusion detection systems (IDSs) are discussed. Then we present our research efforts in the form of an IDS called NetHost-Sensor, recap on past NetHost-Sensor research contributions and discusses in detail its novel procedure analysis technique in curbing false-positive. We discuss in detail, the NetHost-Sensor methodology, its procedure analysis technique and report on our experimental investigation that shows the reduction of false-positives, using HTTP network communication as a medium for analysis. Finally, we validate our research work by comparing false-positives with Snort IDS

Published

2006

28. An auto-configurable, and, adaptable, metric-driven cluster-head organisation for hybrid multi-hop routing

Author

Nikos Migas and William J Buchanan

Subjects

Routing protocol, Backbone network, Engineering, Static routing, Routing domain, business.industry, Wireless ad hoc network, Routing table, Distributed computing, Network topology, business, Hierarchical routing, Computer network

Abstract

Multi-hop ad-hoc routing is a challenging issue, because of the dynamic network topology, and limited capabilities of resource-constrained mobile devices. This paper proposes a metric-driven clustering organisation of participating nodes which provides an effective way to reduce network overhead, in contrast to traditional flooding methods. This novel method creates a network backbone for data routing and location management, which is composed of the fittest nodes. The key metrics are: mobility, buffering capabilities, throughput, network state, utilisation, and battery reserves. The paper presents the overall agent-based model, and describes the adaptability of the cluster-head metrics, and the automated reconfigurability of an ad-hoc network.

Published

2006

29. Metric Evaluation of Embedded Java-Based Proxies on Handheld Devices in Cluster-Based Ad Hoc Routing

Author

N. Migas and William J Buchanan

Subjects

Mobile radio, Backbone network, Computer science, Wireless network, business.industry, Wireless ad hoc network, Embedded Java, Mobile computing, computer.software_genre, Proxy server, business, computer, Mobile device, Computer network

Abstract

Ad-hoc wireless networks, which use ad-hoc routing methods may prove a good solution in certain applications, especially where networks have to be constructed where there is no possibly of creating a network backbone, and in emergency situations. They may also lead to more flexible networks, which require reduced configuration, and allow for optimised routes. There is thus a requirement to use mobile devices as intermediate routing devices, which forward data from one device to another. One of the best methods is to run a proxy server on the mobile device, as it allows for a simple implementation on the device. A key factor in this is determining the fitness of a mobile device, especially a limited one, such as a handheld PDA. This paper discusses the metrics that could be used to assess the potential of devices and their environment to route certain types of data, and presents results from iPAQ devices using a range of differing operating systems. It shows how performance of a proxy device varies depending on several factors including the Java environment used, and the operating system used. The paper shows that Linux versions for handheld devices out-perform the equivalent Windows systems for the key performance metrics for proxy devices, such as battery usage and network performance.

Published

2005

30. Enhanced methods of coursework provision in computer networks

Author

Lionel Saliou and William J Buchanan

Subjects

Large class, business.industry, Computer science, Coursework, ComputingMilieux_COMPUTERSANDEDUCATION, The Internet, business, Female students, Multiple choice, Test (assessment), Computer network

Abstract

Many computing-related programmes and modules have many problems caused with large class sizes, large-scale plagiarism, module franchising, and an increasing requirement from students for increased amounts of hands-on, practical work. This paper presents a practical computer networks module which uses a mixture of on-line examinations and a practical skills-based test to assess student performance. Many academics have observed a strong link between examination and coursework performance, where academically strong students generally work hard for both examinations and courseworks. This paper shows that it is possible to design hand-on practicals which have a strong correlation between performance in practical skills-based tests and in examination-type assessments. The paper shows results which grades students for two on-line, multiple choice tests, and then analyses the average time these students take to complete a practical on-line test It shows that, on average, the average time taken to complete the test increases for weaker students. Along with this the paper shows that female students in the practical test out-perform male students by a factor of 25%.

Published

2005

31. Migration of mobile agents in ad-hoc, wireless networks

Author

William J Buchanan, Nikos Migas, and Kevin McArtney

Subjects

Static routing, business.industry, Computer science, Wireless ad hoc network, Distributed computing, Mobile computing, Mobile database, Wireless Routing Protocol, Mobile search, Mobile agent, business, Computer network, Triangular routing

Abstract

This paper focuses on the design and development of a novel architecture called MARIAN, which utilises static agents, mobile agents, and also a hybrid approach, in order to perform routing, network discovery, and automatic network reconfiguration, in wireless ad-hoc networks. The paper shows that, in most cases, the static agent approach is faster than the mobile agent approach in retrieving data from a wireless remote database. However, if the amount of data to be retrieved is relatively large, such as in the gathering of data for routing information, the mobile agents are more capable of filtering data according to the required preferences. It also shows that the time taken to gather routing information can be significantly reduced using a mobile agent approach, as compared with the static agent approach.

Published

2004

32. A True Random Number Generator Based on Race Hazard and Jitter of Braided and Cross-Coupled Logic Gates Using FPGA

Author

Hossam O. Ahmed, Donghoon Kim, and William J. Buchanan

Subjects

True random number generator (TRNG), race hazard, ring oscillator, field programmable gate array (FPGA), jitter, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In the contemporary digital landscape, security has become a vital element of our existence. The growing volume of sensitive information being stored and transmitted over networks necessitates the implementation of robust security measures. Cryptographic algorithms, which are critical for protecting user data privacy, rely on cryptographic keys to ensure data security. True Random Number Generators (TRNGs) are essential to numerous vital security applications. In this paper, we propose a novel Braided and Hybrid Cross-Coupled Entropy Source (B+HCCES) TRNG module. The proposed B+HCCES TRNG module generates random numbers based on the race hazard and jitter of braided and cross-coupled combinational logic gates. The B+HCCES architecture has been designed using VHDL, and the targeted Field-Programmable Gate Array (FPGA) is the Intel Cyclone V 5CGXFC9D6F27C7 chip. The B+HCCES module operates at a fixed sampling frequency of 300 MHz, generated by an embedded phase-locked loop. The B+HCCES module demonstrates an enhanced throughput of 3.33 times compared to the state-of-the-art, while still maintaining a comparably lightweight architecture. The experimental results demonstrate that the generated random sequence successfully passes the NIST SP800-90B and BSI AIS-31 tests.

Published

2024

33. SkipGateNet: A Lightweight CNN-LSTM Hybrid Model With Learnable Skip Connections for Efficient Botnet Attack Detection in IoT

Author

Mohammed S. Alshehri, Jawad Ahmad, Sultan Almakdi, Mimonah Al Qathrady, Yazeed Yasin Ghadi, and William J. Buchanan

Subjects

Botnets, botnet attacks, bashlite, intrusion detection, Mirai, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The rise of Internet of Things (IoT) has led to increased security risks, particularly from botnet attacks that exploit IoT device vulnerabilities. This situation necessitates effective Intrusion Detection Systems (IDS), that are accurate, lightweight, and fast (having less inference time), designed particularly to detect botnet attacks in resource constrained IoT devices. This paper proposes SkipGateNet, a novel deep learning model designed for detecting Mirai and Bashlite botnet attacks in resource constrained IoT and fog computing environments. SkipGateNet is a lightweight, fast model combining 1D-Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) layers. The novelty of this model lies in the integration of ‘Learnable Skip Connections’. These connections feature gating mechanisms that enhance detection by focusing on relevant features and ignoring irrelevant ones. They add adaptability to the architecture, performing feature selection and propagating only essential features to deeper layers. Tested on the N-BaIoT dataset, SkipGateNet efficiently detects ten types of botnet attacks, with a remarkable test accuracy of 99.91%. It is also compact (2596.87 KB) and demonstrates a quick inference time of 8.0 milliseconds, suitable for real-time implementation in resource-limited settings. While evaluating its performance, parameters like precision, recall, accuracy, and F1 score were considered, along with statistical reliability measures like Cohen’s Kappa Coefficient and Matthews Correlation Coefficient. These highlight its reliability and effectiveness in IoT security challenges. The paper also compares SkipGateNet to existing models and four other deep learning architectures, including two sequential CNN architectures, a simple CNN+LSTM architecture, and a CNN+LSTM with standard skip connections. SkipGateNet surpasses all in accuracy and inference time, demonstrating its superiority in addressing IoT security issues.

Published

2024

34. Design and Evaluation of Memory Efficient Data Structure Scheme for Energy Drainage Attacks in Wireless Sensor Networks

Author

David Samuel Bhatti, Shahzad Saleem, Zulfiqar Ali, Tae-Jin Park, Beomkyu Suh, Ali Kamran, William J. Buchanan, and Ki-Il Kim

Subjects

WSN, LEACH, cellular automata, CM sketch, Bloom filter, energy drainage, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Wireless Sensor Networks (WSN) are deployed on a large scale and require protection from malicious energy drainage attacks, particularly those directed at the routing layer. The complexity increases during critical operations like cluster head selection where detection of such attacks is challenging. The dependency of WSN on batteries elevates the concern posed by these threats, making detection and isolation crucial, especially within the framework of energy-efficient clustering protocols such as Low Energy Adaptive Clustering Hierarchy (LEACH). Various approaches have been proposed in prior research to deal with such attacks. However, the use of memory-efficient data structures has yet to be effectively addressed. In this article, considering the limitations of WSN, we utilize memory-efficient data structures named Bloom filters, count-min (CM) sketch, and cellular automata (CA) to address abnormal energy drainage. A CA-based trust model is used to choose the legitimate node as the cluster head. CM sketch is used to control the frequency of a node selected as a cluster head, achieving fairness in the cluster head selection process, and Bloom filters maintain the record of malicious nodes blocked from participating in the communication or cluster head selection process. CA and trust functions collectively keep a record of neighbors’ energy and their trust in the network. Grayhole, blackhole, and scheduling attacks are three well-known threats that lead to abnormal energy drainage in legitimate nodes. The proposed solution effectively detects and addresses abnormal energy drainage in WSN. Its impact is simulated and observed using ns2 IEEE 802.15.4 medium access control (MAC) and LEACH clustering protocols, specifically in the context of the mentioned attacks. The effectiveness of the proposed model was rigorously analysed, and it was observed that it reduces the energy consumption of WSN by approximately 16.66%, 48.33%, and 43.33% in the cases of grayhole, blackhole, and scheduling attacks, respectively. In terms of space/time complexity, its growth is linear O(n). The proposed solution also consumes 0.08-0.10 J more energy compared to the original LEACH as a cost of the solution, which is not more than 2% of the total initial energy. The trade-off of implementing heightened security is worthwhile, as the proposed approach outperforms the original LEACH and related methods, effectively mitigating abnormal energy drainage in WSN and extending network lifetime, especially in challenging environments with persistent battery recharging challenges.

Published

2024

35. LiSP-XK: Extended Light-Weight Signcryption for IoT in Resource-Constrained Environments

Author

Tai-Hoon Kim, Gulshan Kumar, Rahul Saha, William J. Buchanan, Tannishtha Devgun, and Reji Thomas

Subjects

Internet, IoT, security, authentication, signcryption, attacks, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

There is an increasing drive to provide improved levels of trust within an Internet-of-Things (IoTs) environments, but the devices and sensors used tend to be limited in their capabilities for dealing with traditional cryptography methods. Resource constraints and security are often the two major concerns of IIoT (Industrial IoT applications and big data generation at the present time. The strict security measures are often not significantly resource-managed and therefore, negotiation normally takes place between these. Following this, various light-weight versions of generic security primitives have been developed for IIoT and other resource-constrained sustainability. In this paper, we address the authentication concerns for resource-constrained environments by designing an efficient authentication protocol. Our authentication scheme is based on LiSP (light-weight Signcryption Protocol); however, some further customization has been performed on it to make it more suitable for IIoT-like resource-constrained environments. We use Keccack as the hash function in the process and Elli for light-weight public-key cryptography. We name our authentication scheme: Extended light-weight Signcryption Protocol with Keccack (LiSP-XK). The paper outlines a comparative analysis on our new design of authentication against a range of state-of-the-art schemes. We find the suitability of LiSP-XK for IIoT like environments due to its lesser complexity and less energy consumption. Moreover, the signcryption process is also beneficial in enhancing security. Overall the paper shows that LiSP-XK is overall 35% better in efficiency as compared to the other signcryption approaches.

Published

2021

36. Chaos-Based Confusion and Diffusion of Image Pixels Using Dynamic Substitution

Author

Abdullah Qayyum, Jawad Ahmad, Wadii Boulila, Saeed Rubaiee, Arshad, Fawad Masood, Fawad Khan, and William J. Buchanan

Subjects

Henon map, Ikeda map, chaos, encryption, substitution box, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The evolution of wireless and mobile communication from 0G to the upcoming 5G gives rise to data sharing through the Internet. This data transfer via open public networks are susceptible to several types of attacks. Encryption is a method that can protect information from hackers and hence confidential data can be secured through a cryptosystem. Due to the increased number of cyber attacks, encryption has become an important component of modern-day communication. In this article, a new image encryption algorithm is presented using chaos theory and dynamic substitution. The proposed scheme is based on two-dimensional Henon, Ikeda chaotic maps, and substitution box (S-box) transformation. Through Henon, a random S-Box is selected and the image pixel is substituted randomly. To analyze security and robustness of the proposed algorithm, several security tests such as information entropy, histogram investigation, correlation analysis, energy, homogeneity, and mean square error are performed. The entropy values of the test images are greater than 7.99 and the key space of the proposed algorithm is 2798. Furthermore, the correlation values of the encrypted images using the proposed scheme are close to zero when compared with other conventional schemes. The number of pixel change rate (NPCR) and unified average change intensity (UACI) for the proposed scheme are higher than 99.50% and 33, respectively. The simulation results and comparison with the state-of-the-art algorithms prove the efficiency and security of the proposed scheme.

Published

2020

37. CASCF: Certificateless Aggregated SignCryption Framework for Internet-of-Things Infrastructure

Author

Tai-Hoon Kim, Gulshan Kumar, Rahul Saha, Mamoun Alazab, William J. Buchanan, Mritunjay Kumar Rai, G. Geetha, and Reji Thomas

Subjects

Authentication, signature, signcryption, security, IoT, confidentiality, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The increasing number of devices in the age of Internet-of-Thing (IoT) has arisen a number of problems related to security. Cryptographic processes, more precisely the signatures and the keys, increase and generate an overhead on the network resources with these huge connections. Therefore, in this paper we present a signcryption framework to address the above problems. The solution highlights the use of aggregate signcryption and certificaless approach based on bilinear pairings. The use of signcryption with aggregation and certificateless authentication reduces the time consumption, overhead and complexity. The solution is also able to solve the key staling problems. Experimental results and comparative analysis based on key parameters, memory utilization and bandwidth utilization have been measured. It confirms that the presented work is efficient for IoT infrastructure.

Published

2020

38. DNA and Plaintext Dependent Chaotic Visual Selective Image Encryption

Author

Jan Sher Khan, Wadii Boulila, Jawad Ahmad, Saeed Rubaiee, Atique Ur Rehman, Roobaea Alroobaea, and William J. Buchanan

Subjects

Security, deoxyribonucleic acid (DNA), diffusion, confusion, encryption, chaos, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Visual selective image encryption can both improve the efficiency of the image encryption algorithm and reduce the frequency and severity of attacks against data. In this article, a new form of encryption is proposed based on keys derived from Deoxyribonucleic Acid (DNA) and plaintext image. The proposed scheme results in chaotic visual selective encryption of image data. In order to make and ensure that this new scheme is robust and secure against various kinds of attacks, the initial conditions of the chaotic maps utilized are generated from a random DNA sequence as well as plaintext image via an SHA-512 hash function. To increase the key space, three different single dimension chaotic maps are used. In the proposed scheme, these maps introduce diffusion in a plain image by selecting a block that have greater correlation and then it is bitwise XORed with the random matrix. The other two chaotic maps break the correlation among adjacent pixels via confusion (row and column shuffling). Once the ciphertext image has been divided into the respective units of Most Significant Bits (MSBs) and Least Significant Bit (LSBs), the host image is passed through lifting wavelet transformation, which replaces the low-frequency blocks of the host image (i.e., HL and HH) with the aforementioned MSBs and LSBs of ciphertext. This produces a final visual selective encrypted image and all security measures proves the robustness of the proposed scheme.

Published

2020

39. Mitigation Mechanisms Against the DAO Attack on the Routing Protocol for Low Power and Lossy Networks (RPL)

Author

Isam Wadhaj, Baraq Ghaleb, Craig Thomson, Ahmed Al-Dubai, and William J. Buchanan

Subjects

Internet of Things, low power and lossy networks, security in RPL, DAO attack, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Destination Advertisement Objects (DAOs) are sent upward by RPL nodes toward the DODAG root, to build the downward routing paths carrying traffic from the root to its associated nodes. This routing mechanism can be exploited by a malicious node periodically transmitting a large volume of DAO messages towards its parent, which in turn will forward such messages to its own parent and so on, until they arrive at the Direction-Oriented Directed Acyclic Graph (DODAG) root. This ultimately results in a negative effect on network performance in terms of energy consumption, latency and reliability. The first objective of this paper is to evaluate the effect of such a DAO attack in the context of an RPL IoT network. In particular, identifying the particular performance metrics and network resources affected most greatly. The second objective is the proposal of mitigating security mechanisms in relation to DAO attacks and to evaluate their effectiveness. The simulation results have shown how the attack can damage the network performance by significantly increasing the DAO overhead and power consumption. It also demonstrated that the DAO attack affect the reliability of the downward traffic under specific conditions. The proposed mechanisms showed a good capacity in restoring the optimal performance of the network by up to 205%, 181%, 87% and 6%, in terms of overhead, latency, power consumption and packet delivery ratio respectively.

Published

2020

40. A Privacy Preserving Distributed Ledger Framework for Global Human Resource Record Management: The Blockchain Aspect

Author

Tai-Hoon Kim, Gulshan Kumar, Rahul Saha, Mritunjay Kumar Rai, William J. Buchanan, Reji Thomas, and Mamoun Alazab

Subjects

Blockchain, distributed ledger, human resource, management, privacy, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Blockchain is a technology used with the series of users in peer-to-peer transactions to utilize the usability properties of the immutable data records. The distributed nature of this technology has given the wide acceptance to its range of applications in various sectors. Seeing the prospect of this new technology, we have chosen the field of human resource management as these data needs to be privacy preserving and confidential along with significant research value. Distributed ledger approach is a novel idea in this field of work specifically for the application of human resource records management. We have used a privacy preserving framework that provides a transparent system for human resource record management. Wallets are generated with organization id and outputting with public-private key pair along with privacy parameter mapping with hash. Keys are used to provide confidentiality, integrity and authentication. Smart contract uses distributed but converged decision with privacy level classification. Performance of the proposed work has been measured based on time, memory consumptions, failure point identification and read-write latencies. The analysis of the results confirms the efficiency of the system.

Published

2020

41. MRC4: A Modified RC4 Algorithm Using Symmetric Random Function Generator for Improved Cryptographic Features

Author

Rahul Saha, G. Geetha, Gulshan Kumar, Tai-Hoon Kim, and William J. Buchanan

Subjects

RC4, random number, security, cipher, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The Rivest Cipher 4 (RC4) has been one of the most popular stream ciphers for providing symmetric key encryption, and is now proposed as an efficient cipher within light-weight cryptography. As an algorithm it has been considered to be one of the fastest stream ciphers and one of the easiest to implement. Unfortunately, despite its simplicity of usage, a number of attacks on it have been found. Therefore, various improvements of this algorithm exist in cryptography, but none of them use proper randomness. This paper outlines modified version of RC4 and which has the desirable features of an efficient stream cipher algorithm, and which integrates the Symmetric Random Function Generator (SRFG) method. Though RC4 uses pseudorandom features with an initialisation vector and a seed value, the use of true randomness in RC4 is novel in this domain. Therefore, this paper proposes a modified RC4 as MRC4, and which then evaluates the statistical features of MRC4 based upon parameters such as non-linearity, resiliency, balancedness, propagation and immunity. Further, we have compared the security features and confusion-diffusion attributes with some recent variants of RC4 and have found that MRC4 is efficient in withstanding against attacks. The experimental results show that MRC4 supports a 60% better confusion property and 50% better diffusion as compared to the original RC4 method.

Published

2019

42. A Novel Trust Evaluation Process for Secure Localization Using a Decentralized Blockchain in Wireless Sensor Networks

Author

Tai-Hoon Kim, Rekha Goyat, Mritunjay Kumar Rai, Gulshan Kumar, William J. Buchanan, Rahul Saha, and Reji Thomas

Subjects

Beacon nodes, blockchain, localization, security, trust, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In this research paper, blockchain-based trust management model is proposed to enhance trust relationship among beacon nodes and to eradicate malicious nodes in Wireless Sensor Networks (WSNs). This composite trust evaluation involves behavioral-based trust as well as data-based trust. Various metrics such as closeness, honesty, intimacy and frequency of interaction are taken into account to compute behavioral-based trust of beacon nodes. Further, the composite (behavior and data) trust value of each beacon nodes is broadcast to Base Stations (BS) to generate a blockchain of trust values. Subsequently, the management model discards the beacon node with least trust value and that ensures reliability and consistency of localization in WSNs. The simulated results of the proposed algorithm are compared with the existing ones in terms of detection accuracy, False Positive Rate (FPR) and False Negative Rate (FNR) and Average Energy Consumption (AEC).

Published

2019