Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2
1
2010
01
01
Stream ciphers and the eSTREAM project
3
11
EN
V.
Rijmen
vincent.rijmen@esat.kuleuven.be
10.22042/isecure.2015.2.1.2
Stream ciphers are an important class of symmetric cryptographic algorithms. The eSTREAM project contributed significantly to the recent increase of activity in this field. In this paper, we present a survey of the eSTREAM project. We also review recent time/memory/data and time/memory/key trade-offs relevant for the generic attacks on stream ciphers.
Cryptology,Stream Ciphers,Time-Memory Trade-offs,eSTREAM
https://www.isecure-journal.com/article_39173.html
https://www.isecure-journal.com/article_39173_a7fab575ea1ea7b6dffe12d5a226ced8.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2
1
2010
01
26
A particle swarm optimization algorithm for minimization analysis of cost-sensitive attack graphs
13
32
EN
M.
Abadi
abadi@modares.ac.ir
S.
Jalili
0000-0002-4333-3097
sjalili@modares.ac.ir
10.22042/isecure.2015.2.1.3
To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also, a single countermeasure may prevent multiple exploits. We present a binary particle swarm optimization algorithm with a time-varying velocity clamping, called SwarmCAG-TVVC, for minimization analysis of cost-sensitive attack graphs. The aim is to find a critical set of countermeasures with minimum weight whose implementation causes the initial nodes and the goal nodes of the graph to be completely disconnected. This problem is in fact a constrained optimization problem. A repair method is used to convert the constrained optimization problem into an unconstrained one. A local search heuristic is used to improve the overall performance of the algorithm. We compare the performance of SwarmCAG-TVVC with a greedy algorithm GreedyCAG and a genetic algorithm GenNAG for minimization analysis of several large-scale cost-sensitive attack graphs. On average, the weight of a critical set of countermeasures found by SwarmCAG-TVVC is 6.15 percent less than the weight of a critical set of countermeasures found by GreedyCAG. Also, SwarmCAG-TVVC performs better than GenNAG in terms of convergence speed and accuracy. The results of the experiments show that SwarmCAG-TVVC can be successfully used for minimization analysis of large-scale cost-sensitive attack graphs.
Particle Swarm Optimization,Attack Scenario,Countermeasure,Cost-Sensitive Attack Graph,Minimization Analysis
https://www.isecure-journal.com/article_39174.html
https://www.isecure-journal.com/article_39174_46dabfb15e3074fa1a9201bf15ccbbd6.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2
1
2010
01
26
A hybridization of evolutionary fuzzy systems and ant Colony optimization for intrusion detection
33
46
EN
M.
Saniee Abadeh
saniee@modares.ac.ir
J.
Habibi
jhabibi@sharif.edu
10.22042/isecure.2015.2.1.4
A hybrid approach for intrusion detection in computer networks is presented in this paper. The proposed approach combines an evolutionary-based fuzzy system with an Ant Colony Optimization procedure to generate high-quality fuzzy-classification rules. We applied our hybrid learning approach to network security and validated it using the DARPA KDD-Cup99 benchmark data set. The results indicate that in comparison to several traditional and new techniques, the proposed hybrid approach achieves better classification accuracies. The compared classification approaches are C4.5, Naïve Bayes, <em>k</em>-NN, SVM, Ripper, PNrule and MOGF-IDS. Moreover the improvement on classification accuracy has been obtained for most of the classes of the intrusion detection classification problem. In addition, the results indicate that the proposed hybrid system's total classification accuracy is 94.33% and its classification cost is 0.1675. Therefore, the resultant fuzzy classification rules can be used to produce a reliable intrusion detection system.
Intrusion Detection System,Evolutionary Fuzzy System,ant colony optimization,Fuzzy Rule Extraction
https://www.isecure-journal.com/article_39175.html
https://www.isecure-journal.com/article_39175_e65e56a85646d08dd2edf41ed5842d16.pdf
Iranian Society of Cryptology
The ISC International Journal of Information Security
2008-2045
2008-3076
2
1
2010
01
26
A context-sensitive dynamic role-based access control model for pervasive computing environments
47
66
EN
S.
Sadat Emami
emami@ee.kntu.ac.ir
S.
Zokaei
szokaei@eetd.kntu.ac.ir
10.22042/isecure.2015.2.1.5
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environments. In other words, an efficient access control model for pervasive computing environments should be aware of context information. Changes in context information imply some changes in the users' authorities. Accordingly, an access control model for a pervasive computing environment should control all accesses of unknown users to the resources based upon the participating context information, i.e., contexts of the users, resources and the environment. In this paper, a new context-aware access control model is proposed for pervasive computing environments. Contexts are classified into long-term contexts (which do not change during a session) and short-term contexts (which their steady-state period is less than an average time of a session). The model assigns roles to a user dynamically at the beginning of their sessions considering the long-term contexts. However, during a session the active permission set of the assigned roles are determined based on the short-term context conditions. Formal specification of the proposed model as well as the proposed architecture are presented in this paper. Furthermore, by presenting a real case study, it is shown that the model is applicable, decidable, and dynamic. Expressiveness and complexity of the model is also evaluated.
Access Control,Pervasive Computing Environment,Long-Term Context,Short-Term Context,Dynamic Role-Assignment,Dynamic Permission-Activation
https://www.isecure-journal.com/article_39176.html
https://www.isecure-journal.com/article_39176_6d2452bc45a2368272f54c7589acda86.pdf