Azman Samsudin

A symmetric image encryption scheme based on combination of nonlinear chaotic maps

Abstract During the recent years several chaotic image encryption algorithms have been proposed, but most of them encountered some drawbacks such as small key space, low speed, lack of robustness and low security. In this paper, we have proposed an image algorithm based on the combination of a one-dimensional polynomial chaotic map and a piecewise nonlinear chaotic map. Theoretical analysis and computer simulations, both confirm that the new algorithm possesses high security, robust fast encryption speed for practical image encryption and solves the problem of small key space.

A novel parallel hash function based on 3D chaotic map

As the core of cryptography, hash function is one of the basic techniques for information security. During the last few years, considerable effort has been devoted to research on chaos-based hash functions. Nevertheless, the corresponding analysis of them lag far behind. In this paper, a new efficient scheme for parallel hash function based on high-dimensional chaotic map is proposed. In the proposed scheme, the confusion as well as the diffusion effect is enhanced significantly by utilizing two nonlinear coupling parameters. Theoretical and experimental results indicate that the proposed scheme can satisfy all performance requirements of hash function such as desired statistical properties and strong collision resistance. At the same time, the proposed scheme can keep the parallel merit and message sensitivity with high potential to be adopted for network security.

Grid-based intrusion detection system

Computational grid scientists had spent tireless amount of effort to come up with a secure environment for sharing resources. However, advance intruders still compromising machines on the grid, which justify the research in intrusion detection system for grid environment. This paper describes the detail concept of having a grid-based intrusion detection system (GIDS) for the grid environment. We give few scenarios on how GIDS can take place on the grid environment. We also discuss some issues of the GIDS on grid environment with suggested solutions. A proposed solution is discussed from conceptual framework toward technical architecture.

Image encryption based on the Jacobian elliptic maps

An image encryption algorithm based chaotic Jacobian elliptic maps is presented.The proposed scheme is subjected to some security analyses as well as statistical tests suites.Security analysis and simulation results indicate that the scheme possesses high security. In this paper, a novel image encryption algorithm based on the Jacobian elliptic maps is presented. To illustrate the effectiveness of the proposed scheme, some security analyses are presented. It can be concluded that, the proposed image encryption technique can be applied for practical applications. Although the Jacobian elliptic maps presented in this paper aim at image encryption, it is not just limited to this experience and can be directly applied in other information security fields such as video encryption.

A novel dynamic model of pseudo random number generator

An interesting hierarchy of random number generators is introduced in this paper based on the review of random numbers characteristics and chaotic functions theory. The main objective of this paper is to produce an ergodic dynamical system which can be implemented in random number generators. In order to check the efficacy of pseudo random number generators based on this map, we have carried out certain statistical tests on a series of numbers obtained from the introduced hierarchy. The results of the tests were promising, as the hierarchy passed the tests satisfactorily, and offers a great capability to be employed in a pseudo random number generator.

False positives reduction via intrusion alert quality framework

Existing security monitoring sensors such as IDS/IPS, firewalls, filtering routers, and others often record logs and subsequently generate alerts to warn security analysts of what is perceived as posing security threat to the environment or organization they are monitoring. Unfortunately, these logs and alerts are not only huge in number but also poor in data quality i.e. containing false logs/alerts. This in turn poses two main challenges to higher-level operations; first computationally efficient algorithms are needed to process and shift through large unverified logs and alerts. Second is the need to develop algorithms that avoid making wrong conclusions due to poor quality logs and alerts. In this paper, we implement intrusion alert quality framework to reduce false positive alerts in IDS. Using this framework, we enrich each alert with quality parameters such as correctness, accuracy, reliability, and sensitivity. To compliment this effort, we normalize the enriched alerts in the IDMEF format. In this form (enriched and normalized), higher level operations are given the option to utilize the quality parameters values tagged in the alerts in their core operations in order to produce good conclusions. Finally, we demonstrate the efficacy of the framework in reducing false positive alerts using DARPA 2000 network traffic.

Efficient Mental Card Shuffling via Optimised Arbitrary-Sized Benes Permutation Network

The presumption of player distrust and untrustworthiness in mental card gaming results in the formulation of complex and compute-intensive protocols, particularly for shuffling. We present a robust, verifiable and efficient card shuffling protocol based on an optimisation of Chang-Melham arbitrary-sized (AS) Benes permutation network (PN), which can flexibly accommodates variable pack sizes, achieving optimal shuffling performance. We also outline the use of these PNs in a distributed (among ? players) construction, which combines the best attributes of Abe and Jakobsson-Juels mix-net formalisms. Card shuffling can therefore be executed on a structurally simple mix-net - with only t + 1 PNs required for operational robustness against collusion by t cheating players, and efficient zero knowledge proofs (ZKP) to verify correct shuffling by each player. Shuffling efficiency is also enhanced by our limited application of verifiable secret sharing (VSS) on the ElGamal keys. The resultant protocol achieves an asymptotic complexity of O(tN lg N) for N inputs; which is comparable or superior to previous schemes.

Distributed hierarchical IDS for MANET over AODV

In this paper, we introduce background knowledge of wireless ad hoc network in mobile ad hoc networks (MANET) as well as intrusion detection systems (IDS) and mobile agents. This research study surveys, studies and compares the existing intrusion detection based on mobile agent for mobile ad hoc networks. Based on our best knowledge from previous researches we design distributed hierarchical IDS inclusive of network-based and host-based intrusion detection system with due consideration to their characteristics on ad hoc on-demand distance vector routing protocol (AODV+). In addition, distributed hierarchical IDS model consists of two layers, cluster member layer and cluster head layer. Designing distributed hierarchical IDS is the main part of our methodology, where we try to show some improvement for ideal and accurate IDS for wireless ad hoc network. We propose some enhancement based on the characteristics and measure the efficiency of IDS in term of accuracy and detection rate and CPU usage.

Development of penetration testing model for increasing network security

With the emergence of network globalization and advent of Internet being the major tool for international information exchange and platform for the future, security has always been the most talked about topics. Network administrators have often tried their best by improving their network security, however with rapid surface of new exploits; the best way of ensuring that the system is secure is to attempt penetration testing. This would be the most effective way to find exploits and to proof whether a system is vulnerable. Penetration testing often allows the security analyst to find new vulnerabilities. This study is aimed at producing a model for security professionals on insight of penetration testing.

Honeypots: why we need a dynamics honeypots?

The security and privacy of each local network or each user become more and more important issue. There are many technologies that provide this kind of abilities such as intrusion detection system, firewall and other security measures. But all these tools often give us too many information that need us to dig the useful information from a few gigabytes data a day. Honeypots come in to help us in three ways that is prevention, detection and how we react to an attack. There are two general types of honeypots which is low interaction honeypots such as Honeyd, Specter and KFSensor. The highly interactive honeypots is like Honeynet. Honeypots basically sit on an unused IP where any attempt connection to that IP is considered as an authorized and malicious attack. This help to reduce the size of the information logged and the security professional can easily detect an intrusion and can response to it more effectively and fast.