An Attribute-Based Searchable Encryption Scheme for Non-Monotonic Access Structure

Attribute based encryption (ABE) is a widely used technique with tremendous application in cloud computing because it provides fine-grained access control capability. Owing to this property, it is emerging as a popular technique in the area of searchable encryption where the fine-grained access control is used to determine the search capabilities of a user. But, in the searchable encryption schemes developed using ABE it is assumed that the access structure is monotonic which contains AND, OR and threshold gates. Many ABE schemes have been developed for non-monotonic access structure which supports NOT gate, but this is the first attempt to develop a searchable encryption scheme for the same. The proposed scheme results in fast search and generates secret key and search token of constant size and also the ciphertext components are quite fewer than the number of attributes involved. The proposed scheme is proven secure against chosen keyword attack (CKA) in selective security model under Decisional Bilinear Diffie-Hellman (DBDH) assumption.

Auto Fill Security Solution Using Biometric Authentication for Fake Profile Detection in OSNs

This chapter discusses a model that allows the user to access social networking sites through login using smart phone-based biometric authentication. Currently, social networking websites permit the user to access their page through login and some sites provide auto fill system to login into users account through browser by permit. The browser saves the password in password protected space and automatically auto fills the password to access the account by user. This facility is not highly reliable due to the auto fill system for laptop users. When someone uses the laptop of others and visits any website, the auto fill system opens the content with saved password. Secondly, elderly people have problems logging into today's websites. To remember the password for every account is very difficult for elderly people. This chapter describes a model for security and authenticity. Authors used a hybrid model with android as the application with fingerprint authentication and chrome extension as the auto fill process for user access.

Internal and External Threat Analysis of Anonymized Dataset

In recent years, data collection and data mining have emerged as fast-paced computational processes as the amount of data from different sources has increased manifold. With the advent of such technologies, major concern is exposure of an individual's self-contained information. To confront the unusual situation, anonymization of dataset is performed before being released into public for further usage. The chapter discusses various existing techniques of anonymization. Thereafter, a novel redaction technique is proposed for generalization to minimize the overall cost (penalty) of the process being inversely proportional to utility of generated dataset. To validate the proposed work, authors assume a pre-processed dataset and further compare our algorithm with existing techniques. Lastly, the proposed technique is made scalable thus ensuring further minimization of generalization cost and improving overall utility of information gain.

Network Attack Detection With SNMP-MIB Using Deep Neural Network

Over the past decades, the Internet and information technologies have elevated security issues due to the huge use of networks. Because of this advance information and communication and sharing information, the threats of cybersecurity have been increasing daily. Intrusion Detection System (IDS) is considered one of the most critical security components which detects network security breaches in organizations. However, a lot of challenges raise while implementing dynamics and effective NIDS for unknown and unpredictable attacks. Consider the machine learning approach to developing an effective and flexible IDS. A deep neural network model is proposed to increase the effectiveness of intrusions detection system. This chapter presents an efficient mechanism for network attacks detection and attack classification using the Management Information Base (MIB) variables with machine learning techniques. During the evaluation test, the proposed model seems highly effective with deep neural network implementation with a precision of 99.6% accuracy rate.

Identification and Classification of Cyber Threats Through SSH Honeypot Systems

As the number and sophistication of cyber threats increases year after year, security systems such as antivirus, firewalls, or Intrusion Detection Systems based on misuse detection techniques are improved in detection capabilities. However, these traditional systems are usually limited to detect potential threats, since they are inadequate to spot zero-day attacks or mutations in behaviour. Authors propose using honeypot systems as a further security layer able to provide an intelligence holistic level in detecting unknown threats, or well-known attacks with new behaviour patterns. Since brute-force attacks are increasing in recent years, authors opted for an SSH medium-interaction honeypot to acquire a log set from attacker's interactions. The proposed system is able to acquire behaviour patterns of each attacker and link them with future sessions for early detection. Authors also generate a feature set to feed Machine Learning algorithms with the main goal of identifying and classifying attacker's sessions, and thus be able to learn malicious intentions in executing cyber threats.

A Survey on Detection and Analysis of Cyber Security Threats Through Monitoring Tools

Cyber crime is a serious threat for day-to-day transactions of the digital life. Overexposure of the personal details in social networks will lead to the cyber crime case. Therefore, detection and monitoring of cyber crime are challenging tasks. The cyber criminals are continually flooding the various intrusions all over the network. The cyber safety team should have a noteworthy challenge of filtering various such information. Continuous nonstop cyberattacks or intrusion examinations by security tools will significantly improve the threat alerts. However, cyber security becomes more expensive in the case of the above methods. The chapter provides systematic survey of various cyber security threats, evolution of intrusion detection systems, various monitoring mechanisms, open source cyber security monitoring tools, and various assessment techniques. The chapter also proposes a model of Cyber security detection and monitoring system and its challenges.

Machine Learning Techniques for Intrusion Detection

This chapter proposes a hybrid classifier technique for network Intrusion Detection System by implementing a method that combines Random Forest classification technique with K-Means and Gaussian Mixture clustering algorithms. Random-forest will build patterns of intrusion over a training data in misuse-detection, while anomaly-detection intrusions will be identiðed by the outlier-detection mechanism. The implementation and simulation of the proposed method for various metrics are carried out under varying threshold values. The effectiveness of the proposed method has been carried out for metrics such as precision, recall, accuracy rate, false alarm rate, and detection rate. The various existing algorithms are analyzed extensively. It is observed experimentally that the proposed method gives superior results compared to the existing simpler classifiers as well as existing hybrid classifier techniques. The proposed hybrid classifier technique outperforms other common existing classifiers with an accuracy of 99.84%, false alarm rate as 0.09% and the detection rate as 99.7%.

Improved Transmission of Data and Information in Intrusion Detection Environments Using the CBEDE Methodology

To anticipate threats, the Intrusion Detection System (IDS) enables the collection and use of information from various types of attacks to defend an entire network infrastructure. Therefore, this chapter develops a method of data transmission based on discrete event concepts, due to the fact that in this digitally globalized world, networks deal with a huge set of data all the time. Data refers to facts, events, actions, activities, and transactions which have been and can be recorded, i.e., the raw material from which information is produced, nurturing the infrastructure and components that enable modern computing. This methodology was named CBEDE and experiments were matched in the MATLAB software, where the memory consumption was evaluated, presenting great potential to intermediate users and computer systems. Results showed better computational performance related to memory utilization related to the compression of the information, showing an improvement reaching up to 114.39%.

Intelligent User Profiling Based on Sensors and Location Data to Detect Intrusions on Mobile Devices

Continuous authentication systems are considered as a promising solution to secure access to mobile devices. Their main benefit is the improvement of the users' experience when they use the services or applications of their mobile device. Specifically, continuous authentication avoids having to remember or possess any key to access an application or service that requires authentication. In this sense, having the user authenticated permanently increases the security of the device. It also allows the user interaction with applications to be much more fluid, simple, and satisfactory. This chapter proposes a new continuous authentication system for mobile devices. The system acquires data from the device sensors and the GPS location to create a dataset that represents the user's profile or normal behaviour. Then, the proposed system uses Machine Learning algorithms based on anomaly detection to perform user identification in real time. Several experiments have been carried out to demonstrate the performance and usefulness of the proposed solution.

Cybersecurity

Cybersecurity is generally considered as an information security topic, often associated with personal data and information databases: collecting, exposing, corrupting, or deleting these data. However, it is a more global problem, and related to broader aspects, such as controlling cyber-systems. In ICS, the topic of cybersecurity is considered at the operational and responsible level as a secondary threat, and much more as an IT problem. This premise has proven to lead to substantial losses. For example, dangerous aspects in some installation can stress the cybersecurity in ICS, for instance, plants dealing with hazardous materials, as the attackers can take over control of the production lines. This chapter encapsulates points in common on the topic of cybersecurity in IT and ICS. IT has already devoted significant resources into cyber-threats. ICS has yet to do so. To do so, authors review a number of papers dealing with the same topic.