A Secure Hybrid P2P Network Mobile Communication Device Design

2013 ◽  
Vol 479-480 ◽  
pp. 968-972
Author(s):  
Wen Hsiung Kuo ◽  
Pin Chiang Su ◽  
Jiang Lung Liu
Keyword(s):  
Wireless Network ◽  
Secure Communication ◽  
Data Transfer ◽  
Security Requirements ◽  
Message Delivery ◽  
Network Environment ◽  
Security Issues ◽  
Communication Device ◽  
Critical Issues ◽  
Shared Information

Wireless Networkinfrastructure has Developed Rapidly with the Popularity of Personal Mobiledevices. Userscan Use Mobile Devices to Roam the Wireless Network Environment Conductingtransactions such as Sending Messages and Accessing the Internet. Networkcommunication has Become a Lifestyle Necessity. the Application of Information Technologyproducts also Brings IT Security Issues. the Wireless Network Environment Makesmessages Susceptible to Eavesdropping and Data Tampering Attacks. in Addition,the Mobile Device Computation Ability Presents Power Limiting Issues. Therefore,achieving Efficiency and Security Requirements is more Difficult in Mobiledevice Data Transfer over a Wireless Network Compared with a Hard-Wiredcomputer Network. Insecurity Issues Abound in Peer to Peer (P2P) Networks.Conducting Identity Authentication Recognized Certified Legal Membership Andperforming Message Delivery and Shared Information are Critical Issues. Theidentity (ID) Authentication and Certification for this Type of Network Hasbecome an Important Issue. the Paperpresents a Secure Communication Method Using Self-Certified Sign-Cryption Witha Blind Signature Scheme Based on Elliptic Curve Cryptography (ECC) Forhybrid P2P Networks. Theoreticalanalysis Shows Better Secure Identification-and-Authentication Features.

scholarly journals Comprehensive Overview of Security and Privacy of Data Transfer in Wireless ad Hock Network

2018 ◽  
Vol 12 (12) ◽  
pp. 185
Author(s):  
Faten Hamad ◽  
Hussam N. Fakhouri ◽  
Osama Rababah
Keyword(s):  
Wireless Network ◽  
Information Exchange ◽  
Ad Hoc Network ◽  
Ad Hoc ◽  
Data Transfer ◽  
Security And Privacy ◽  
Wireless Ad Hoc Network ◽  
Comprehensive Overview ◽  
Security Issues ◽  
Secure Information

Wireless ad-hoc network is a decentralized wireless network that does not have a permanent structure. Client devices are connected to form wireless network. Each node in the network to forward data from one node to another. Based on the connectivity of the network, the node dynamically determinewhich node to forward the data main threats for a secure information exchange in ad hoc networks are the unauthorized access to private data and interference in the operation of equipment and devices in order to disrupt their activity and even disable them.A possible response to these threats is the spread of independent and decentralized networks where each device is a full participant and all share responsibility for safety and security of the network. This paper provides a comprehensive overview of possible attacks. It first explores the reason and security issues in wireless ad hoc network mainly MANET and FANET, then it analyzes various types of most common threats, attacks and unresolved problems that face these types of network. After that it presents the popular security protocols to solve attack problem.

A large-scale analysis of HTTPS deployments: Challenges, solutions, and recommendations

2020 ◽  
pp. 1-26
Author(s):  
Qinwen Hu ◽  
Muhammad Rizwan Asghar ◽  
Nevil Brownlee
Keyword(s):  
Secure Communication ◽  
Large Scale ◽  
Transport Layer ◽  
Security Level ◽  
Secure Socket Layer ◽  
Security Issues ◽  
Large Scale Analysis ◽  
Government Websites ◽  
Encrypted Communication ◽  
Specific Implementation

HTTPS refers to an application-specific implementation that runs HyperText Transfer Protocol (HTTP) on top of Secure Socket Layer (SSL) or Transport Layer Security (TLS). HTTPS is used to provide encrypted communication and secure identification of web servers and clients, for different purposes such as online banking and e-commerce. However, many HTTPS vulnerabilities have been disclosed in recent years. Although many studies have pointed out that these vulnerabilities can lead to serious consequences, domain administrators seem to ignore them. In this study, we evaluate the HTTPS security level of Alexa’s top 1 million domains from two perspectives. First, we explore which popular sites are still affected by those well-known security issues. Our results show that less than 0.1% of HTTPS-enabled servers in the measured domains are still vulnerable to known attacks including Rivest Cipher 4 (RC4), Compression Ratio Info-Leak Mass Exploitation (CRIME), Padding Oracle On Downgraded Legacy Encryption (POODLE), Factoring RSA Export Keys (FREAK), Logjam, and Decrypting Rivest–Shamir–Adleman (RSA) using Obsolete and Weakened eNcryption (DROWN). Second, we assess the security level of the digital certificates used by each measured HTTPS domain. Our results highlight that less than 0.52% domains use the expired certificate, 0.42% HTTPS certificates contain different hostnames, and 2.59% HTTPS domains use a self-signed certificate. The domains we investigate in our study cover 5 regions (including ARIN, RIPE NCC, APNIC, LACNIC, and AFRINIC) and 61 different categories such as online shopping websites, banking websites, educational websites, and government websites. Although our results show that the problem still exists, we find that changes have been taking place when HTTPS vulnerabilities were discovered. Through this three-year study, we found that more attention has been paid to the use and configuration of HTTPS. For example, more and more domains begin to enable the HTTPS protocol to ensure a secure communication channel between users and websites. From the first measurement, we observed that many domains are still using TLS 1.0 and 1.1, SSL 2.0, and SSL 3.0 protocols to support user clients that use outdated systems. As the previous studies revealed security risks of using these protocols, in the subsequent studies, we found that the majority of domains updated their TLS protocol on time. Our 2020 results suggest that most HTTPS domains use the TLS 1.2 protocol and show that some HTTPS domains are still vulnerable to the existing known attacks. As academics and industry professionals continue to disclose attacks against HTTPS and recommend the secure configuration of HTTPS, we found that the number of vulnerable domain is gradually decreasing every year.

scholarly journals Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone

Sensors ◽  
2021 ◽  
Vol 21 (6) ◽  
pp. 2057
Author(s):  
Yongho Ko ◽  
Jiyoon Kim ◽  
Daniel Gerbi Duguma ◽  
Philip Virgil Astillo ◽  
Ilsun You ◽  
...  
Keyword(s):  
Performance Evaluation ◽  
Secure Communication ◽  
Communication Protocol ◽  
Denial Of Service ◽  
Mutual Authentication ◽  
Information Leakage ◽  
Security Protocol ◽  
Security Requirements ◽  
Forward Secrecy ◽  
Perfect Forward Secrecy

Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.

scholarly journals Research trends and solutions for secure traffic management of SDN

2020 ◽  
Vol 2 (3) ◽  
pp. 97-105
Author(s):  
Ravi Shankar Pandey ◽  
Vivek Srivastava ◽  
Lal Babu Yadav
Keyword(s):  
Traffic Management ◽  
Single Point ◽  
Research Trends ◽  
Security Requirements ◽  
New Paradigm ◽  
Research Papers ◽  
Malicious Attack ◽  
Security Issues ◽  
Free Environment ◽  
New Research

Software Defined Network (SDN) decouples the responsibilities of route management and datatransmission of network devices present in network infrastructure. It integrates the control responsibility at thecentralized software component which is known as controller. This centralized aggregation of responsibilities mayresult the single point of failure in the case malicious attack at the controller side. These attacks may also affect thetraffic flow and network devices. The security issues due to such malicious attacks in SDN are dominating challengesin the implementation and utilization of opportunities provided by this new paradigm. In this paper we haveinvestigated the several research papers related to proposal of new research trends for security and suggestionswhich fulfil the security requirements like confidentiality, integrity, availability, authenticity, authorization,nonrepudiation, consistency, fast responsiveness and adaptation. We have also investigated the new future researchfor creating the attack free environment for implementing the SDN.

scholarly journals Analysis of wireless network security systems problems and those solutions

2020 ◽  
pp. 139-140
Author(s):  
Ibraim Didmanidze ◽  
Zebur Beridze ◽  
Vladimir Zaslavski
Keyword(s):  
Wireless Networks ◽  
Network Security ◽  
Wireless Network ◽  
Research Paper ◽  
Network Routing ◽  
Security Systems ◽  
Security Issues ◽  
Wireless Network Security ◽  
Open Questions ◽  
The Given

In the people's lives wireless networks play a big role. It is necessary to understand the basic concept of wireless networks, to consider the security issues related to them, and then observe how they work and what benefits they can bring in different cases. In this regard the given research paper presents the fundamental principles of security as well as related open questions. It reviews the security issues of the wireless networks. Security of protocols of wireless network routing has become an urgent necessity to stimulate the network launching and expand the area of its usage. Therefore, the presented research paper proposes and defines different solutions and concepts for security.  

scholarly journals Secure message routing in structured peer-to-peer networks

2021 ◽  
Author(s):  
Abdolkarim Hajfarajollah Dabbagh
Keyword(s):  
Public Key Cryptography ◽  
Peer To Peer ◽  
Public Key ◽  
Message Delivery ◽  
Delivery Time ◽  
P2p Networks ◽  
Security Measures ◽  
Message Routing ◽  
Security Issues ◽  
Identity Based

"Due to the lack of a centralized server in “Peer-to-Peer” (P2P) networks, users are responsible for the security of these networks. One of the security issues in P2P networks is the security of the message routing. Messages could be altered or modified by attackers while being routed. The conventional security method to avoid this has been “Public Key Cryptography” (PKC). To avoid the certificate management issue in PKC, “Identity-based Encryption” (IBE) has been suggested in which any arbitrary string could be used as a public key. Since IBE is a computationally expensive method, current proposed IBE-based methods are not effective in the message routing phase in P2P networks and highly affect the performance of message delivery time in these networks. This thesis proposes two IBE-based protocols that can be applied effectively to the message routing phase of structured P2P networks, yet provide a satisfactory message delivery time performance. Both protocols benefit from Identity-based key exchange scheme and, therefore, none of them impose any extra communication on the network to secure message routing. Protocol 1 significantly improves the performance of message delivery time compared to the current IBE-based proposed methods. Protocol 2, which requires nodes to store data, has a performance similar to the situations in which no security measures are applied for message routing."

An Implementation of Trusted Key Management Protocol (TKMP) in Wireless Network

2020 ◽  
Vol 17 (12) ◽  
pp. 5243-5249
Author(s):  
R. Jayaprakash ◽  
B. Radha
Keyword(s):  
Load Balancing ◽  
Wireless Network ◽  
Key Management ◽  
Secure Communication ◽  
Homomorphic Encryption ◽  
Selection Procedure ◽  
Communication Technologies ◽  
Path Selection ◽  
Management Protocol ◽  
Key Management Protocol

The Trusted Key Management Protocol (TKMP) provides one of the most secure communication technologies in MANET cluster-based data protection. For security reasons, TKMP is a trusted key that can be sent to all nodes in the communication cluster. This document introduces the Trusted Key Management Protocol (TKMP) feature to improve the quality of secure communications over a cluster-based wireless network. The proposed TKMP execution process includes CBPPRS (Cluster Based Privacy Preserving Routing Selection), LBCPR (Load Balancing Cluster Based Privacy Routing) and DLBPS (Dynamic Load Balancing Privacy Path Selection) procedure. To lock the data from the malicious node, the Paillier Cryptosystem (PC) encrypts packets with homomorphic encryption. The trust score makes it easier to update routing information and improves network throughput. The experimental results show that the proposed TKMP method works better than the other Trust-ECC method.

Internal Control Considerations for Information System Changes and Patches

2014 ◽  
pp. 161-179 ◽  
Author(s):  
Jeffrey S. Zanzig ◽  
Guillermo A. Francia III ◽  
Xavier P. Francia
Keyword(s):  
Information System ◽  
Information Systems ◽  
Internal Control ◽  
Security Requirements ◽  
Information Technology Professionals ◽  
Organization Management ◽  
Internal Auditors ◽  
Security Issues ◽  
System Changes ◽  
Current Change

The dependence of businesses on properly functioning information systems to allow organizational personnel and outside investors to make important decisions has never been more pronounced. Information systems are constantly evolving due to operational and security requirements. These changes to information systems involve a risk that they could occur in a way that results in improper processing of information and/or security issues. The purpose of this chapter is to consider related guidance provided in a Global Technology Audit Guide (GTAG) from The Institute of Internal Auditors in conjunction with current change and patch management literature in order to assist internal auditors and organizational personnel in better understanding a process that leads to efficient and effective information system changes. The authors describe how internal auditors and information technology professionals can work together with organization management to form a mature approach in addressing both major information system changes and patches.

Sign in / Sign up

Export Citation Format

Share Document