Fahad Bin Muhaya

Estimating Twitter User Location Using Social Interactions--A Content Based Approach

Microblogging services such as Twitter allow users to interact with each other by forming a social network. The interaction between users in a social network group forms a dialogue or discussion. A typical dialogue between users involves a set of topics. We make the assumption that this set of topics remains constant throughout the conversation. Using this model of social interaction between users in the Twitter social network, along with content-derived location information, we employ a probabilistic framework to estimate the city-level location of a Twitter user, based on the content of the tweets in their dialogues, using reply-tweet messages. We estimate the city-level user location based purely on the content of the tweets, which may include reply-tweet information, without the use of any external information, such as a gazetteer, IP information etc. The current framework for estimating user location does not consider the underlying social interaction, i.e. the structure of interactions between the users. In this paper, we calculate a baseline probability estimate of the distribution of words used by a user. This distribution is formed by using the fact that terms used in the tweets of a certain discussion may be related to the location information of the user initiating the discussion. We also estimate the top K probable cities for a given user and measure the accuracy. We find that our baseline estimation yields an accuracy higher that the 10% accuracy of the current state of the art estimation.

Chaotic and AES cryptosystem for satellite imagery

The rapid development, advancement, and growing use of satellite imagery and information technologies have made the security of data storage and transmission essential to prevent unlawful, unofficial, unauthorized, and illegal use/access. This paper proposes a secure satellite image encryption technique based on chaotic and Advanced Encryption Standard (AES) techniques to protect critical and confidential satellite imagery. Arnold’s cat map is used to shuffle the pixel values. A chaotic Henon map is used to generate a random sequence for the AES algorithm, and the shuffled-image is encrypted using the AES algorithm. The security and performance is acceptable to deal with high resolution and multi-spectral satellite imagery. The experimental results are shown, along with those for some traditional encryption techniques, for a comparison and evaluation. Detailed experimental results are also given of the security, statistical, and performance analyses of the complete implementation of the new proposed solution. The proposed technique presents numerous interesting and attractive features, including a high level of security, sufficiently large key-space with improved key sensitivity, pixel distributing uniformity, and acceptable speed.

Polymorphic Malware Detection Using Hierarchical Hidden Markov Model

Binary signatures have been widely used to detect malicious software on the current Internet. However, this approach is unable to achieve the accurate identification of polymorphic malware variants, which can be easily generated by the malware authors using code generation engines. Code generation engines randomly produce varying code sequences but perform the same desired malicious functions. Previous research used flow graph and signature tree to identify polymorphic malware families. The key difficulty of previous research is the generation of precisely defined state machine models from polymorphic variants. This paper proposes a novel approach, using Hierarchical Hidden Markov Model (HHMM), to provide accurate inductive inference of the malware family. This model can capture the features of self-similar and hierarchical structure of polymorphic malware family signature sequences. To demonstrate the effectiveness and efficiency of this approach, we evaluate it with real malware samples. Using more than 15,000 real malware, we find our approach can achieve high true positives, low false positives, and low computational cost.

Multimedia Information Security Architecture Framework

This paper presents a state-of-the-art overview of distinguishable approaches, overview of some writings that have themes and a similar discussion, with the background to provide an overview to the readers of control and things related to multimedia information security, all attempting to define multimedia information security architecture, followed by a proposition of requirements for multimedia integrated security architecture. There is no standardized and comprehensive of multimedia information security architecture currently exists. Multimedia information security as part of Information security has holistic approach towards the implementation of information security by introducing the concept and model of multimedia security architecture.

Performance Evaluation of Video Streaming in Vehicular Adhoc Network

In Vehicular Ad-Hoc Networks (VANETs) wireless-equipped vehicles form a temporary network for sharing information among vehicles. Secure Multimedia communication enhances the safety of passenger by providing visual picture of accidents and danger situations. In this paper we will evaluate the performance of multimedia data in VANETS scenario and consider the impact of malicious node using NS-2 and Evalvid video evaluation tool.

A Comprehensive Study of Email Spam Botnet Detection

The problem of email spam has grown significantly over the past few years. It is not just a nuisance for users but also it is damaging for those who fall for scams and other attacks. This is due to the complexity intensification of email spamming techniques which are advancing from traditional spamming (direct spamming) techniques to a more scalable, elusive and indirect approach of botnets for distributing email spam messages. In this paper, we first discuss the sources and architectures used by the spamming botnets for sending massive amount of email spam. Then we present detailed chronicles of spamming botnets which systematically describes the timeline of events and notable occurrences in the advancement of these spamming botnets. This paper also aims to represent a comprehensive analysis of particular email spamming botnet detection techniques proposed in the literature. We attempt to categorize them according to both their nature of defense and method of detection, also revealing and comparing their advantages and disadvantages extensively. We also present a qualitative analysis of these techniques. Finally, we summarize the future trends and challenges in detecting email spamming botnets.

Modified AES using chaotic key generator for satellite imagery encryption

In this paper, we propose a new modified version of Advanced Encryption Standard (AES) using chaotic key generator for satellite imagery security. We analyze and examine the Modified AES and chaotic key generator to enhance the key space and sensitivity, performance, and security level for reducing the risk of different attacks. The chaotic key generator utilizes multiple chaotic maps named as Logistic, Henon, Tent, Cubic, Sine and Chebyshev. The proposed algorithm presents numerous interesting and attractive features, such as a high level of security, large enough key-space with improved key sensitivity, pixel distributing uniformity and an acceptable encryption and decryption speed. The presented algorithm is ideal for real-time applications to deal with redundant, bulky, complex and stubborn satellite imagery.

Cryptanalysis of truong et al.'s fingerprint biometric remote authentication scheme using mobile device

In 2010, Chen et al. focused at the vulnerability of smart card based authentication systems owing to leakage of secret information from smart card. They proposed a scheme with a view to boost the security of such authentication systems. However, in 2012, Truong et al. found Chen et al.s scheme weak at resisting replay attack and spoofing attacks; thereby they proposed an improved scheme to counterfeit these weaknesses. Undoubtedly, the improved scheme by Truong et al. is free from defects pointed out on Chen et al.s scheme, but here we show that problems like impersonation attacks, password guessing, etc are adhered with its design. We show that Truong et al.s scheme violates Chen et al.s aim to get rid of information-leak hazard from the smart card or mobile device based authentication schemes.

Efficient identity-based signcryption in the standard model

Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than that required by the traditional signature-then-encryption approach. Signcryption has been shown to be useful in many applications, such as electronic commerce, mobile communications and smart cards. Recently, three identity-based signcryption schemes in the standard model were proposed. However, the three schemes are broken soon. How to construct a secure identity-based signcryption scheme in the standard model is still an open problem. In this paper, we solve this problem and propose an efficient identity-based signcryption scheme in the standard model. We prove that our scheme has the indistinguishability against adaptive chosen ciphertext attacks under the modified decisional bilinear Diffie-Hellman assumption and the existential unforgeability against adaptive chosen messages attacks under the computational Diffie-Hellman assumption.

Cryptanalysis of "A Robust Smart-Card-Based Remote User Password Authentication Scheme"

Smart card is a widely accepted user authentication tool to ensure only authorized access to resources available via open networks. In 2010, Sood et al. and Song independently examined a smart card based authentication scheme proposed by Xu et al. They showed that in Xu et al.s scheme an internal user of the system could turn hostile to impersonate other users of the system. Sood et al. and Song also proposed schemes in order to improve scheme proposed by Xu et al.s. Recently, Chen et al. identified some security problems in the improvements proposed by Sood et al. and Song. To fix these problems Chen et al. presented another scheme, which they claimed to provide mutual authentication and withstand, lost smart card attack. Undoubtedly, in their scheme user can also verify the legitimacy of server but we find that the scheme fails to resist impersonation attacks and privileged insider attack. We also show that the scheme does not provide user anonymity and confidentiality to air messages. In addition, an attacker can guess a users password from his lost/stolen smart card.