eng
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2010-01-01
2
1
1
2
10.22042/isecure.2015.2.1.1
39172
Editorial
R. Jalili
jalili@sharif.ir
1
From the Editor-in-Chief
http://www.isecure-journal.com/article_39172_4c6e3fa887714d4327147b93cdcb31f9.pdf
eng
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2010-01-01
2
1
3
11
10.22042/isecure.2015.2.1.2
39173
Stream ciphers and the eSTREAM project
V. Rijmen
vincent.rijmen@esat.kuleuven.be
1
Stream ciphers are an important class of symmetric cryptographic algorithms. The eSTREAM project contributed significantly to the recent increase of activity in this field. In this paper, we present a survey of the eSTREAM project. We also review recent time/memory/data and time/memory/key trade-offs relevant for the generic attacks on stream ciphers.
http://www.isecure-journal.com/article_39173_d2ffe69361b9cba7c552fb56d1fc968a.pdf
Cryptology
Stream Ciphers
Time-Memory Trade-offs
eSTREAM
eng
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2010-01-01
2
1
13
32
10.22042/isecure.2015.2.1.3
39174
A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs
M. Abadi
abadi@modares.ac.ir
1
S. Jalili
sjalili@modares.ac.ir
2
To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also, a single countermeasure may prevent multiple exploits. We present a binary particle swarm optimization algorithm with a time-varying velocity clamping, called SwarmCAG-TVVC, for minimization analysis of cost-sensitive attack graphs. The aim is to find a critical set of countermeasures with minimum weight whose implementation causes the initial nodes and the goal nodes of the graph to be completely disconnected. This problem is in fact a constrained optimization problem. A repair method is used to convert the constrained optimization problem into an unconstrained one. A local search heuristic is used to improve the overall performance of the algorithm. We compare the performance of SwarmCAG-TVVC with a greedy algorithm GreedyCAG and a genetic algorithm GenNAG for minimization analysis of several large-scale cost-sensitive attack graphs. On average, the weight of a critical set of countermeasures found by SwarmCAG-TVVC is 6.15 percent less than the weight of a critical set of countermeasures found by GreedyCAG. Also, SwarmCAG-TVVC performs better than GenNAG in terms of convergence speed and accuracy. The results of the experiments show that SwarmCAG-TVVC can be successfully used for minimization analysis of large-scale cost-sensitive attack graphs.
http://www.isecure-journal.com/article_39174_744e0b789b546e108c4db4bc469db4bd.pdf
Particle swarm optimization
Attack Scenario
Countermeasure
Cost-Sensitive Attack Graph
Minimization Analysis
eng
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2010-01-01
2
1
33
46
10.22042/isecure.2015.2.1.4
39175
A hybridization of evolutionary fuzzy systems and ant Colony optimization for intrusion detection
M. Saniee Abadeh
saniee@modares.ac.ir
1
J. Habibi
jhabibi@sharif.edu
2
A hybrid approach for intrusion detection in computer networks is presented in this paper. The proposed approach combines an evolutionary-based fuzzy system with an Ant Colony Optimization procedure to generate high-quality fuzzy-classification rules. We applied our hybrid learning approach to network security and validated it using the DARPA KDD-Cup99 benchmark data set. The results indicate that in comparison to several traditional and new techniques, the proposed hybrid approach achieves better classification accuracies. The compared classification approaches are C4.5, Naïve Bayes, k-NN, SVM, Ripper, PNrule and MOGF-IDS. Moreover the improvement on classification accuracy has been obtained for most of the classes of the intrusion detection classification problem. In addition, the results indicate that the proposed hybrid system's total classification accuracy is 94.33% and its classification cost is 0.1675. Therefore, the resultant fuzzy classification rules can be used to produce a reliable intrusion detection system.
http://www.isecure-journal.com/article_39175_20ff18704daec7f5dd0995505accf40b.pdf
Intrusion Detection System
Evolutionary Fuzzy System
Ant Colony Optimization
Fuzzy Rule Extraction
eng
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2010-01-01
2
1
47
66
10.22042/isecure.2015.2.1.5
39176
A context-sensitive dynamic role-based access control model for pervasive computing environments
S. Emami
emami@ee.kntu.ac.ir
1
S. Zokaei
szokaei@eetd.kntu.ac.ir
2
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environments. In other words, an efficient access control model for pervasive computing environments should be aware of context information. Changes in context information imply some changes in the users' authorities. Accordingly, an access control model for a pervasive computing environment should control all accesses of unknown users to the resources based upon the participating context information, i.e., contexts of the users, resources and the environment. In this paper, a new context-aware access control model is proposed for pervasive computing environments. Contexts are classified into long-term contexts (which do not change during a session) and short-term contexts (which their steady-state period is less than an average time of a session). The model assigns roles to a user dynamically at the beginning of their sessions considering the long-term contexts. However, during a session the active permission set of the assigned roles are determined based on the short-term context conditions. Formal specification of the proposed model as well as the proposed architecture are presented in this paper. Furthermore, by presenting a real case study, it is shown that the model is applicable, decidable, and dynamic. Expressiveness and complexity of the model is also evaluated.
http://www.isecure-journal.com/article_39176_89f4363d8f61f961329b4904a5ec856b.pdf
Access Control
Pervasive Computing Environment
Long-Term Context
Short-Term Context
Dynamic Role-Assignment
Dynamic Permission-Activation