submit Opinions CrossRef Open Access Subscribe New Journal Ideal

Click on image to enlarge

Indexed in Scopus

Journal of Cyber Security and Mobility

Ashutosh Dutta, Johns Hopkins University, USA
Ruby Lee, Princeton University, USA
Neeli R. Prasad, International Technological University, San Jose, USA
Wojciech Mazurczyk, Warsaw University of Technology, Poland

ISSN: 2245-1439 (Print Version),

ISSN: 2245-4578 (Online Version)
Vol: 8   Issue: 3

Published In:   July 2019

Publication Frequency: Quarterly

Articles in 2020

Search Available Volume and Issue for Journal of Cyber Security and Mobility

Journal Description        Read Full Articles        Editorial Board        Subscription        Indexed       Opinions

Anti-forensic Approach to Remove Stego Content from Images and Videos

P. P. Amritha1, M. Sethumadhavan1, R. Krishnan1 and Saibal Kumar Pal2

1TIFAC-CORE in Cyber Security, Amrita School of Engineering, Coimbatore, Amrita Vishwa Vidyapeetham, India
2Scientific Analysis Group, DRDO, Delhi, India

Abstract: [+]    |    Download File [ 11898KB ]    |   Read Article Online

Abstract: Covert transmission of information hidden in different media to either a general or targeted audience constitutes steganography. However, this technique can be misused to transmit undesirable information. Traditionally the removal of such content necessitated the knowledge of the steganographic algorithm used. However,we address the scenario where such stego is removed using generic image processing operations along with an anti forensic method without assuming any knowledge of the steganographic algorithm used. The application of generic image processing operations also causes degradation of cover image, which can also be restored using this anti forensic method. Our procedure has been tested on a variety of steganographic algorithms including HUGO-BD,WOW, Synch and J-UNIWARD. By applying universal steganalysis we found that all images which have been subjected to our procedure have become stego free. However, a direct evaluation of the stego content assuming knowledge of the stego content and its location showed that 80 percentage of the stego is removed without significantly impacting the visual image quality. Video stream containing isolated static images have been addressed in this paper. The peak signal-to-noise ratio and structural similarity metric values of cleaned images and videos are found to be in the range 30dB–40dB and 0.81–0.99 respectively.

Keywords: Steganography, Steganalysis, Image processing, Variational deconvolution, Markov features.

Prevalence of IoT Protocols in Telescope and Honeypot Measurements

Lionel Metongnon1,2 and Ramin Sadre1

1Université catholique de Louvain, Belgium
2Université d’Abomey-Calavi, Bénin

Abstract: [+]    |    Download File [ 8069KB ]    |   Read Article Online

Abstract: With the arrival of the Internet of Things (IoT), more devices appear online with default credentials or lacking proper security protocols. Consequently, we have seen a rise of powerful DDoS attacks originating from IoT devices in the last years. In most cases the devices were infected by bot malware through the telnet protocol. This has lead to several honeypot studies on telnet-based attacks. However, IoT installations also involve other protocols, for example for Machine-to-Machine communication. Those protocols often provide by default only little security. In this paper, we present a measurement study on attacks against or based on those protocols. To this end, we use data obtained from a /15 network telescope and three honey-pots with 15 IPv4 addresses. We find that telnet-based malware is still widely used and that infected devices are employed not only for DDoS attacks but also for crypto-currency mining. We also see, although at a much lesser frequency, that attackers are looking for IoT-specific services using MQTT, CoAP, UPnP, and HNAP, and that they target vulnerabilities of routers and cameras with HTTP.

Keywords: Internet measurement, IoT, IoT attacks, IoT protocols.

SPINZ: A Speculating Incident Zone System for Incident Handling

Daichi Hasumi1, Shigeyoshi Shima1 and Hiroki Takakura2

1NEC Corporation, Japan
2National Institute of Informatics, Japan

Abstract: [+]    |    Download File [ 1952KB ]    |   Read Article Online

Abstract: Organizations introducing computer and network systems need to quickly and accurately respond to information security incidents to counter intense cyber attacks. However, computer security incident response teams (CSIRTs) in organizations receive a large amount of alerts and logs that they have to investigate. Such a situation increases incident handling time. Our previous research revealed that the triage process in incident handling failed in many incident cases. In our consideration, the triage process lacks the ability to assess overall risks to modern cyber attacks. Zoning of local area networks by measuring internal-network traffic in response to such risks is important. Therefore, we propose the SPeculating INcident Zone (SPINZ) system for supporting the triage process. The SPINZ system analyzes internal-network flows and outputs an incident zone, which is composed of devices related to the incident. We evaluated the performance of the SPINZ system through simulations using two incident-flow dataset generated from two types of internal-network datasets and malicious-activity flows generated from legitimate commands. We confirm that the SPINZ system can detect an incident zone, but removing unrelated devices from an incident zone is an issue requiring further investigated.

Keywords: Cyber Security, Incident Handling, Triage, Traffic Measurement, Anomaly Detection.

The Need for Steganalysis in Image Distribution Channels

Martin Steinebach, Huajian Liu and Andre Ester

Fraunhofer SIT, Darmstadt, Germany

Abstract: [+]    |    Download File [ 762KB ]    |   Read Article Online

Abstract: The rise of social networks during the last 10 years has created a situation in which up to 100 million new images and photographs are uploaded and shared by users every day. This environment poses an ideal background for those who wish to communicate covertly by the use of steganography. It also creates a new set of challenges for steganalysts, who have to shift their field of work away from a purely scientific laboratory environment and into a diverse real-world scenario, while at the same time having to deal with entirely new problems, such as the detection of steganographic channels or the impact that even a low false positive rate has when investigating the millions of images which are shared every day on social networks. We evaluate how to address these challenges with traditional steganographic and statistical methods, rather than using high performance computing and machine learning. To achieve this we first analyze the steganographic algorithm F5 applied to images with a high degree of diversity, as would be seen in a typical social network.We show that the biggest challenge lies in the detection of images whose payload is less then 50% of the available capacity of an image.We suggest new detection methods and apply these to the problem of channel detection in social network. We are able to show that using our attacks we are able to detect the majority of covert F5 channels after a mix containing 10 stego images has been classified by our scheme.

Keywords: steganography, steganalysis.

Classifying Agricultural Crop Pest Data Using Hadoop MapReduce Based C5.0 Algorithm

R. Revathy1, S. Balamurali1 and R. Lawrance2

1Department of Computer Applications, Kalasalingam University, Krishnankoil-626126, Tamil Nadu, India
2Department of Computer Applications, Ayya Nadar Janaki Ammal College, Sivakasi-626124, Tamil Nadu, India

Abstract: [+]    |    Download File [ 7539KB ]    |   Read Article Online

Abstract: Data mining is a methodology of exploring and processing large pre-existing databases in order to find the hidden information. In agriculture sector, data mining can help farmers to develop yield. Crops can be protected from vertebrate pests and diseases by predicting and enhancing crop cultivation through efficient data mining methods. The main aim of this research is to classify agricultural crop pests which are categorized by different colours. This research includes data cleaning, feature selection and execution of C5.0 algorithm using map reduce. Data cleaning has taken away the noisy data in crop pest data that offers improved accuracy. In feature selection, Relief filter is applied for selecting particular attributes of the crop pest data set instead of using full attribute set. It performs choosing attributes by calculating the attribute weights based upon distances. As the size of the pest dataset has attained terabyte range, typical data mining techniques cannot process the big data at logical time. Hadoop MapReduce programming model has been put into practice to compact with huge data set. It is a software framework for distributed processing of large amount of data. This research work proposed MapReduce implementation of C5.0 decision tree algorithm that gives more accurate result rapidly and holding less memory of huge crop pest data set.

Keywords: Data Mining, Data cleaning, Relief feature selector, MapReduce based C5.0 Classification.

River Publishers: Journal of Cyber Security and Mobility