Sugata Sanyal

Adaptive neuro-fuzzy intrusion detection systems

The intrusion detection system architecture commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. In this paper, two machine-learning paradigms, artificial neural networks and fuzzy inference system, are used to design an intrusion detection system. SNORT is used to perform real time traffic analysis and packet logging on IP network during the training phase of the system. Then a signature pattern database is constructed using protocol analysis and neuro-fuzzy learning method. Using 1998 DARPA Intrusion Detection Evaluation Data and TCP dump raw data, the experiments are deployed and discussed.

Survey on Security Issues in Cloud Computing and Associated Mitigation Techniques

Computing holds the potential to eliminate the requirements for setting up of high-cost computing infrastructure for IT-based solutions and services that the industry uses. It promises to provide a flexible IT architecture, accessible through internet from lightweight portable devices. This would allow multi-fold increase in the capacity and capabilities of the existing and new software. In a cloud computing environment, the entire data resides over a set of networked resources, enabling the data to be accessed through virtual machines. Since these data-centres may be located in any part of the world beyond the reach and control of users, there are multifarious security and privacy challenges that need to be understood and addressed. Also, one can never deny the possibility of a server breakdown that has been witnessed, rather quite often in the recent times. There are various issues that need to be addressed with respect to security and privacy in a cloud computing environment. This extensive survey paper aims to elaborate and analyze the numerous unresolved issues threatening the cloud computing adoption and diffusion affecting the various stake-holders associated with it. Keywordsas a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), Interoperability, Denial of Service (DoS), Distributed Denial of Service (DDoS), Mobile Cloud Computing (MCC), Optical Character Recognition (OCR), Community of Interest (COI).

An LSB Data Hiding Technique Using Prime Numbers

In this paper, a novel data hiding technique is proposed, as an improvement over the Fibonacci LSB data-hiding technique proposed by Battisti et al. (2006), First we mathematically model and generalize our approach. Then we propose our novel technique, based on decomposition of a number (pixel-value) in sum of prime numbers. The particular representation generates a different set of (virtual) bit-planes altogether, suitable for embedding purposes. They not only allow one to embed secret message in higher bit-planes but also do it without much distortion, with a much better stego-image quality, and in a reliable and secured manner, guaranteeing efficient retrieval of secret message. A comparative performance study between the classical least significant bit (LSB) method, the Fibonacci LSB data-hiding technique and our proposed schemes has been done. Analysis indicates that image quality of the stego-image hidden by the technique using Fibonacci decomposition improves against that using simple LSB substitution method, while the same using the prime decomposition method improves drastically against that using Fibonacci decomposition technique. Experimental results show that, the stego-image is visually indistinguishable from the original cover-image.This paper deals with the retrieval of scene-of-crime (or scene) shoeprint images from a reference database of shoeprint images by using a new local feature detector and an improved local feature descriptor. Our approach is based on novel modifications and improvements of a few recent techniques in this area: (1) the scale adapted Harris detector, which is an extension to multi-scale domains of the Harris corner detector; (2) automatic scale selection by the characteristic scale of a local structure. (3) SIFT (Scale-Invariant Feature Transform), one of the most widely investigated descriptors in recent years. Like most of other local feature representations, the proposed approach can also be divided into two stages: (i) a set of distinctive local features are selected by first detecting scale adaptive Harris corners where each of them is associated with a scale factor, and then selecting as the final result only those corners whose scale matches the scale of blob-like structures around them. Here, the scale of a blob-like structure is detected by the Laplace-based scale selection, (ii). for each feature detected, an enhanced SIFT descriptor is computed to represent this feature. Our improvements lead two novel methods which we call the Modified Harris-Laplace (MHL) detector, and the enhanced SIFT descriptor. In this paper, we demonstrate the application of the proposed scheme to the shoeprint image retrieval problem using six sets of synthetic scene images, 50 images for each, and a database of 500 reference shoeprint images. The retrieval performance of the proposed approach is significantly better, in terms of cumulative matching score, than the existing methods investigated in this application area, such as edge directional histogram, power spectral distribution, and pattern & topological spectra.

Sleep Deprivation Attack Detection in Wireless Sensor Network

of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.

Particle swarm optimisation based Diophantine equation solver

The paper introduces particle swarm optimisation as a viable strategy to find numerical solution of Diophantine equation, for which there exists no general method of finding solutions. The proposed methodology uses a population of integer particles. The candidate solutions in the feasible space are optimised to have better positions through particle best and global best positions. The methodology, which follows fully connected neighbourhood topology, can offer many solutions of such equations.

Evolution Induced Secondary Immunity: An Artificial Immune System Based Intrusion Detection System

The analogy between immune systems and intrusion detection systems encourage the use of artificial immune systems for anomaly detection in computer networks. This paper describes a technique of applying artificial immune system along with genetic algorithm to develop an intrusion detection system. Far from developing primary immune response, as most of the related works do, it attempts to evolve this primary immune response to a secondary immune response using the concept of memory cells prevalent in natural immune systems. A genetic algorithm using genetic operators- selection, cloning, crossover and mutation- facilitates this. Memory cells formed enable faster detection of already encountered attacks. These memory cells, being highly random in nature, are dependent on the evolution of the detectors and guarantee greater immunity from anomalies and attacks. The fact that the whole procedure is enveloped in the concepts of approximate binding and memory cells of lightweight of natural immune systems makes this system reliable, robust and quick responding.

Analysis of Dynamic Source Routing and Destination-Sequenced Distance-Vector Protocols for Different Mobility Models

A mobile ad-hoc network (MANET) is self-configuring network of mobile nodes connected by wireless links to form an arbitrary topology without the use of existing infrastructure. In this paper, we have studied the effects of various mobility models on the performance of two routing protocols dynamic source routing (DSR-reactive protocol) and destination-sequenced distance-vector (DSDV-proactive protocol). For experiment purposes, we have considered four mobility scenarios: Random Wayward Mobility, Group Mobility, Freeway and Manhattan models. These four mobility models are selected to represent the possibility of practical application in future. Performance comparison has also been conducted across varying node densities and number of hops. Experiment results illustrate that performance of the routing protocol varies across different mobility models, node densities and length of data paths

An LSB Data Hiding Technique Using Natural Number Decomposition

In this paper, a novel data hiding technique is proposed, as an improvement over the Fibonacci LSB data-hiding technique proposed by Battisti et al. and the technique using prime number system. First we mathematically model and generalize our approach. Then we propose our novel technique, based on decomposition of a number (pixel-value) as sum of natural numbers. The particular representation generates a different set of (virtual) bit-planes altogether, suitable for embedding purposes. They not only allow one to embed secret message in higher bit- planes but also do it without much distortion and in a reliable and secured manner, guaranteeing efficient retrieval of secret message. Analysis indicates that image quality of the stego-image hidden by the technique using the natural number decomposition technique improves drastically against that using prime and Fibonacci decomposition techniques. Experimental results show that stego-image is visually indistinguishable from cover-image.

A new protocol to counter online dictionary attacks

The most popular method of authenticating users is through passwords. Though passwords are the most convenient means of authentication, they bring along themselves the threat of dictionary attacks. While offline dictionary attacks are possible only if the adversary is able to collect data for a successful protocol execution by eavesdropping on the communication channel and can be successfully countered by using public key cryptography, online dictionary attacks can be performed by anyone and there is no satisfactory solution to counter them. In this paper, we propose an authentication protocol which is easy to implement without any infrastructural changes and yet prevents online dictionary attacks. Our protocol uses only one way hash functions and eliminates online dictionary attacks by implementing a challenge-response system. This challenge-response system is designed in a fashion that it hardly poses any difficulty to a genuine user but is extremely burdensome, time consuming and computationally intensive for an adversary trying to launch as many as hundreds of thousands of authentication requests as in case of an online dictionary attack. The protocol is perfectly stateless and thus less vulnerable to denial of service (DoS) attacks.

A distributed security scheme for ad hoc networks

In an ad hoc wireless network where wired infrastructures are not feasible, energy and bandwidth conservation are the two key elements presenting challenges to researchers. Limited bandwidth makes a network easily congested by the control signals of the routing protocol. Routing schemes developed for wired networks seldom consider restrictions of this type. Instead, they assume that the network is mostly stable and that the overhead for routing messages is negligible. Considering these differences between wired and wireless network, it is necessary to develop a wireless routing protocol that limits congestion in the network [1, 5, 8, 9, 10, 11].This paper proposes minor modifications to the existing Ad hoc On Demand Vector (AODV) routing protocol (RFC 3561) in order to restrict congestion in networks during a particular type of Denial of Service (DoS) attack. In addition to this, it incurs absolutely no additional overhead [4]. We describe the DoS attack caused due to Route Request (RREQ) flooding and its implications on existing AODV-driven Mobile Ad hoc Networks (MANET) [2, 14]. To combat this DoS attack, a proactive scheme [12] is proposed. We present an illustration to describe the implications of RREQ flooding on pure AODV and the modified AODV protocols. To quantify the effectiveness of the proposed scheme, we simulated a DoS [6] attack in a mobile environment and study the performance results.