Sharif Digital Repository

Nowadays, security has become an important issue for organizations especially in e-commerce applications. The spreading of networks and increasing of their complexity has complicated the task of security analysis, therefore automatic approaches have received more attention recently. This paper proposes a model-based approach to analyze the overall security of a network, based on the interaction of hosts within the network. A simple language is introduced far modeling securityrelated behaviours of networks and systems. Using the language, a case study is described and its formal model and security properties are presented. © 2004 IEEE  

Proxy signatures allow an entity to delegate its signing capability to a proxy which can sign messages on behalf of the delegator. We examine identity-based versions of proxy signatures which employ identity strings in place of randomly generated public keys. First, we give a new generic construction of identity-based proxy signatures from identity-based standard signatures and show that our generic construction is secure if the underlying identity-based standard signature is secure. In addition, we present the first identity-based proxy signature from Rivest, Shamir and Adleman (RSA), secure under the one-wayness of RSA in the random oracle model. We should highlight that the proxy key... 

The hard corona, the protein shell that is strongly attached to the surface of nano-objects in biological fluids, is recognized as the first layer that interacts with biological objects (e.g., cells and tissues). The decoration of the hard corona (i.e., the type, amount, and conformation of the attached proteins) can define the biological fate of the nanomaterial. Recent developments have revealed that corona decoration strongly depends on the type of disease in human patients from which the plasma is obtained as a protein source for corona formation (referred to as the 'personalized protein corona'). In this study, we demonstrate that graphene oxide (GO) sheets can trigger different... 

Mobile Ad-hoc Networks (MANETs) are forming dynamically by joining or leaving the nodes into/from the network without any fix infrastructure. It is also possible that each mobile node act as a host or router. This kind of wireless network is prone to various security threats or attacks due to its unique characteristics like dynamic topology, open medium, lack of central monitoring, etc. So security is a vital scope in MANET to protect communication between mobile nodes. Ad-hoc On-demand Distance Vector (AODV) is one of the on-demand reactive routing protocols in MANET that initially was improved without considering security protection. Significant attempts have been done to secure AODV... 

The increased penetration of cellular networks has made voice channels widely available ubiquitously. On the other hand, mobile voice channels possess properties that make them an ideal choice for high priority, low-rate real-time communications. Mobile voice channel with the mentioned properties, could be utilised in emergency applications in vehicular communications area such as the standardised emergency call system planned to be launched in 2015. This study aims to investigate the challenges of data transmission through these channels and proposes an efficient data transfer structure. To this end, a proper statistical model for the channel distortion is proposed and an optimum detector... 

The developing of RFID systems in sensitive applications like e-passport, e-health, credit cards, and personal devices, makes it necessary to consider the related issues such as maximum reading distance, communication speed and data security. The use of signal processing methods is an efficient and convenient way to achieve the maximum reading distance and communication rate. However, the signal processing techniques are not adequate to provide a reasonable level of security and privacy for RFID systems. Thus, it is necessary to employ specific authentication protocols which assure data security and preserve the user’s privacy. Among other security and privacy characteristic of an RFID... 

The Tor anonymous network has become quite popular with regular users on the Internet. In the Tor network, an anonymous path is created by selecting three relays through which the connection is redirected. Nevertheless, as the number of Tor users has increased substantially in recent years, the algorithm with which the relays are selected affects the performance provided by the Tor network. More importantly as the performance suffers, users will leave the network, resulting in a lower anonymity set and in turn lower security provided by Tor network. In this paper, we proposed an algorithm for improving performance and security of the Tor network, by employing a combination of different... 

Based on the risk analysis done in the GSM network of Iran a methodology for cellular mobile network risk management is established. Primarily we focus on the importance of risk management in the GSM Network and then introduce very briefly the suggested method for managing risk in Iranian GSM security. GSM Security risk evaluation is a method for increasing the efficiency of security policy in the manner that security threats and vulnerabilities against the mobile network is identified and prioritized. © 2009 IEEE  

In this study, the authors consider the secrecy of a one-receiver, two-eavesdropper broadcast channel (BC) with three degraded message sets. Consider a three-receiver BC with three messages, where the first message is decoded by all the receivers. The second message is decoded by the first and the second receivers and is to be kept secret from the third receiver. The third message is decoded by the first receiver and is to be kept secret from the second and the third receivers. The authors consider the imperfect secrecy condition at the second receiver, that is, it is allowed to partially decode the third message. However, the perfect secrecy condition at the third receiver, does not allow... 

Polar codes are a new class of error correcting linear block codes, whose generator matrix is specified by the knowledge of transmission channel parameters, code length and code dimension. Moreover, regarding computational security, it is assumed that an attacker with a restricted processing power has unlimited access to the transmission media. Therefore, the attacker can construct the generator matrix of polar codes, especially in the case of binary erasure channels, on which this matrix can be easily constructed. In this paper, we introduce a novel method to keep the generator matrix of polar codes in secret in a way that the attacker cannot access the required information to decode the... 

Radio frequency identification (RFID) technology is a prominent technology which has been used in most authentication and identification applications. Above all, recently RFID systems have got more attention as an interesting candidate to implement in the internet of things systems. Although RFID systems provide useful and interest services to users, they can also threat the security and the privacy of the end-users. In order to provide the security and the privacy of RFID users, different authentication protocols have been proposed. In this study, we analyze the privacy of three RFID authentication protocols that proposed recently. For our privacy analysis, we use a formal RFID privacy... 

A major challenge organizations face when hosting or moving their data to the Cloud is how to support complex queries over outsourced data while preserving their confidentiality. In principle, encryption-based systems can support querying encrypted data, but their high complexity has severely limited their practical use. In this paper, we propose an efficient yet secure secret sharing-based approach for outsourcing relational data to honest-but-curious data servers. The problem with using secret sharing in a data outsourcing scenario is how to efficiently search within randomly generated shares. We present multiple partitioning methods that enable clients to efficiently search among shared... 

The authors address the use of sparse representation to securely hide a message within non-overlapping blocks of a given colour image in the wavelet domain. All four sub-images of the two-dimensional wavelet transform of two colour bands are used for data embedding without affecting the image perceptibility. Bit error rate of hidden data extraction is reduced to zero by introducing a novel refinement procedure in the proposed algorithm. The refinement procedure introduced solves the hidden bit extraction errors caused by the rounding process, the overflows and the nature of approximation in sparse decomposition. Capacity of the proposed method is calculated using necessary conditions for... 

In order to provide anonymity, universal cryptosystems have been used in various applications, including mixnets with multiple receivers. Unlike ordinary re-encryption cryptosystems, universal cryptosystems for re-encryption of ciphertexts do not require knowledge of the public key of the receiver. Golle et al. introduced universal cryptosystems for public key cryptography. Contrary to public key cryptography, in ID-based cryptography, a public key infrastructure is not needed, which makes it suitable for situations where it is not cost-effective to distribute certificates or establish a public key infrastructure. In this paper, we first generalize the definition of universal cryptosystems... 

Proxy ring (anonymous proxy) signatures allow an entity to delegate its signing capability to a group of entities (proxy group) such that only one of the members in the proxy group can generate a proxy signature on behalf of the delegator, while privacy of the proxy signer is protected. Identity-based versions of proxy ring signatures employ identity strings in place of randomly generated public keys. Our contribution is twofold. First, we formalize a security model for identity-based proxy ring signatures. We note that there exists no formal security model for identity-based proxy ring signatures prior to our work. Second, we present the first provably secure identity-based proxy ring... 

Today, from information security perspective, prevention methods are not enough solely. Early Warning Systems (EWSs) are in the category of reactive methods. These systems are complementing Intrusion Detection Systems (IDSs) where their main goals include early detection of potential malicious behavior in large scale environments such as national level. An important process in EWSs is the analysis and correlation of alerts aggregated from the installed sensors (e.g., IDSs, IP telescopes, and botnet detection systems). In this paper, an efficient framework for alert correlation in EWSs is proposed. The framework includes a correlation scheme based on a combination of statistical and stream... 

The 3rd Generation Partnership Project (3GPP) defined a new architecture, called Home eNode B (HeNB). HeNB is able to provide new services with higher data rate in a low cost. Security is a critical aspect of HeNB. In order to have HeNB secure access to core network, 3GPP defines an authentication protocol based on IKEv2. A number of security vulnerabilities such as HeNB masquerading have not been addressed and solved by 3GPP technical specification yet. In this paper an improved HeNB authentication protocol is introduced which does not allow an attacker to connect unauthorized network users using a mask. Finally, we evaluate our protocol performance and verify it by Automated Validation of... 

This study presents an efficient fractional frequency reuse scheme for macrocell network which uses six directional antennas to cover the outer region and analyses the performance. Cross-tier interference between macrocell and femtocell networks leading to throughput and outage probability degradation is a major issue in two-tier networks when femtocells are deployed in co-channel with macrocells. In this study, the received interference from the macrocell network to femtocell network is analysed. Then, based on the degree of received interference, an algorithm for orthogonal resource allocation to femtocells with low cross-tier interference is presented. According to the introduced scheme,... 

In this paper, we consider to seek vulnerabilities and we conduct possible attacks on the crucial and essential parts of Android OSs architecture including the framework and the Android kernel layers. As a regard, we explain the Binder component of Android OS from security point of view. Then, we demonstrate how to penetrate into the Binder and control data exchange mechanism in Android OS by proposing a kernel level attack model based on the hooking method. As a result, by implementing the attack model, it is illustrated that the Android processes are detectable and the data can be extracted from any process and system calls. © 2016 IEEE  

Dynamic nature of mobile ad hoc networks combined with their lack of centralized infrastructure make security problem the most challenging issue in such networks. The main contribution of this paper is to propose a secure and efficient key management algorithm, able to satisfying the requirement of such networks and facing their specific characteristics. The proposed algorithm is a fully distributed ID-based system which is built based on elliptic curve cryptography. The main advantage of the proposed algorithm, that gives it the superiority in its field of research, is the improvement of the performance and the security strength together. The proposed algorithm is implemented with much...