for Journals by Title or ISSN
for Articles by Keywords

 A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  

       | Last   [Sort by number of followers]   [Restore default list]

  Subjects -> ELECTRONICS (Total: 184 journals)
Showing 1 - 200 of 277 Journals sorted alphabetically
Acta Electronica Malaysia     Open Access  
Advances in Biosensors and Bioelectronics     Open Access   (Followers: 7)
Advances in Electrical and Electronic Engineering     Open Access   (Followers: 6)
Advances in Electronics     Open Access   (Followers: 79)
Advances in Magnetic and Optical Resonance     Full-text available via subscription   (Followers: 8)
Advances in Microelectronic Engineering     Open Access   (Followers: 13)
Advances in Power Electronics     Open Access   (Followers: 33)
Advancing Microelectronics     Hybrid Journal  
Aerospace and Electronic Systems, IEEE Transactions on     Hybrid Journal   (Followers: 318)
American Journal of Electrical and Electronic Engineering     Open Access   (Followers: 24)
Annals of Telecommunications     Hybrid Journal   (Followers: 9)
APSIPA Transactions on Signal and Information Processing     Open Access   (Followers: 9)
Archives of Electrical Engineering     Open Access   (Followers: 13)
Autonomous Mental Development, IEEE Transactions on     Hybrid Journal   (Followers: 8)
Bell Labs Technical Journal     Hybrid Journal   (Followers: 28)
Bioelectronics in Medicine     Hybrid Journal  
Biomedical Engineering, IEEE Reviews in     Full-text available via subscription   (Followers: 19)
Biomedical Engineering, IEEE Transactions on     Hybrid Journal   (Followers: 36)
Biomedical Instrumentation & Technology     Hybrid Journal   (Followers: 6)
Broadcasting, IEEE Transactions on     Hybrid Journal   (Followers: 12)
BULLETIN of National Technical University of Ukraine. Series RADIOTECHNIQUE. RADIOAPPARATUS BUILDING     Open Access   (Followers: 1)
Bulletin of the Polish Academy of Sciences : Technical Sciences     Open Access   (Followers: 1)
Canadian Journal of Remote Sensing     Full-text available via subscription   (Followers: 47)
China Communications     Full-text available via subscription   (Followers: 8)
Chinese Journal of Electronics     Hybrid Journal  
Circuits and Systems     Open Access   (Followers: 15)
Consumer Electronics Times     Open Access   (Followers: 5)
Control Systems     Hybrid Journal   (Followers: 267)
Edu Elektrika Journal     Open Access   (Followers: 1)
Electrica     Open Access  
Electronic Design     Partially Free   (Followers: 106)
Electronic Markets     Hybrid Journal   (Followers: 7)
Electronic Materials Letters     Hybrid Journal   (Followers: 4)
Electronics     Open Access   (Followers: 86)
Electronics and Communications in Japan     Hybrid Journal   (Followers: 10)
Electronics For You     Partially Free   (Followers: 93)
Electronics Letters     Hybrid Journal   (Followers: 26)
Elkha : Jurnal Teknik Elektro     Open Access  
Embedded Systems Letters, IEEE     Hybrid Journal   (Followers: 51)
Energy Harvesting and Systems     Hybrid Journal   (Followers: 4)
Energy Storage Materials     Full-text available via subscription   (Followers: 3)
EPJ Quantum Technology     Open Access  
EURASIP Journal on Embedded Systems     Open Access   (Followers: 11)
Facta Universitatis, Series : Electronics and Energetics     Open Access  
Foundations and Trends® in Communications and Information Theory     Full-text available via subscription   (Followers: 6)
Foundations and Trends® in Signal Processing     Full-text available via subscription   (Followers: 10)
Frequenz     Hybrid Journal   (Followers: 1)
Frontiers of Optoelectronics     Hybrid Journal   (Followers: 1)
Geoscience and Remote Sensing, IEEE Transactions on     Hybrid Journal   (Followers: 195)
Haptics, IEEE Transactions on     Hybrid Journal   (Followers: 4)
IACR Transactions on Symmetric Cryptology     Open Access  
IEEE Antennas and Propagation Magazine     Hybrid Journal   (Followers: 97)
IEEE Antennas and Wireless Propagation Letters     Hybrid Journal   (Followers: 77)
IEEE Journal of Emerging and Selected Topics in Power Electronics     Hybrid Journal   (Followers: 46)
IEEE Journal of the Electron Devices Society     Open Access   (Followers: 9)
IEEE Journal on Exploratory Solid-State Computational Devices and Circuits     Hybrid Journal   (Followers: 1)
IEEE Power Electronics Magazine     Full-text available via subscription   (Followers: 67)
IEEE Transactions on Antennas and Propagation     Full-text available via subscription   (Followers: 70)
IEEE Transactions on Automatic Control     Hybrid Journal   (Followers: 56)
IEEE Transactions on Circuits and Systems for Video Technology     Hybrid Journal   (Followers: 20)
IEEE Transactions on Consumer Electronics     Hybrid Journal   (Followers: 40)
IEEE Transactions on Electron Devices     Hybrid Journal   (Followers: 19)
IEEE Transactions on Information Theory     Hybrid Journal   (Followers: 26)
IEEE Transactions on Power Electronics     Hybrid Journal   (Followers: 70)
IEEE Transactions on Signal and Information Processing over Networks     Full-text available via subscription   (Followers: 12)
IEICE - Transactions on Electronics     Full-text available via subscription   (Followers: 12)
IEICE - Transactions on Information and Systems     Full-text available via subscription   (Followers: 5)
IET Cyber-Physical Systems : Theory & Applications     Open Access   (Followers: 1)
IET Microwaves, Antennas & Propagation     Hybrid Journal   (Followers: 35)
IET Nanodielectrics     Open Access  
IET Power Electronics     Hybrid Journal   (Followers: 46)
IET Smart Grid     Open Access  
IET Wireless Sensor Systems     Hybrid Journal   (Followers: 18)
IETE Journal of Education     Open Access   (Followers: 4)
IETE Journal of Research     Open Access   (Followers: 11)
IETE Technical Review     Open Access   (Followers: 13)
IJEIS (Indonesian Journal of Electronics and Instrumentation Systems)     Open Access   (Followers: 3)
Industrial Electronics, IEEE Transactions on     Hybrid Journal   (Followers: 58)
Industry Applications, IEEE Transactions on     Hybrid Journal   (Followers: 25)
Informatik-Spektrum     Hybrid Journal   (Followers: 2)
Instabilities in Silicon Devices     Full-text available via subscription   (Followers: 1)
Intelligent Transportation Systems Magazine, IEEE     Full-text available via subscription   (Followers: 13)
International Journal of Advanced Research in Computer Science and Electronics Engineering     Open Access   (Followers: 18)
International Journal of Advances in Telecommunications, Electrotechnics, Signals and Systems     Open Access   (Followers: 10)
International Journal of Antennas and Propagation     Open Access   (Followers: 11)
International Journal of Applied Electronics in Physics & Robotics     Open Access   (Followers: 4)
International Journal of Computational Vision and Robotics     Hybrid Journal   (Followers: 6)
International Journal of Control     Hybrid Journal   (Followers: 11)
International Journal of Electronics     Hybrid Journal   (Followers: 7)
International Journal of Electronics and Telecommunications     Open Access   (Followers: 13)
International Journal of Granular Computing, Rough Sets and Intelligent Systems     Hybrid Journal   (Followers: 2)
International Journal of High Speed Electronics and Systems     Hybrid Journal  
International Journal of Hybrid Intelligence     Hybrid Journal  
International Journal of Image, Graphics and Signal Processing     Open Access   (Followers: 14)
International Journal of Microwave and Wireless Technologies     Hybrid Journal   (Followers: 8)
International Journal of Nano Devices, Sensors and Systems     Open Access   (Followers: 12)
International Journal of Nanoscience     Hybrid Journal   (Followers: 1)
International Journal of Numerical Modelling: Electronic Networks, Devices and Fields     Hybrid Journal   (Followers: 4)
International Journal of Power Electronics     Hybrid Journal   (Followers: 24)
International Journal of Review in Electronics & Communication Engineering     Open Access   (Followers: 4)
International Journal of Sensors, Wireless Communications and Control     Hybrid Journal   (Followers: 10)
International Journal of Systems, Control and Communications     Hybrid Journal   (Followers: 4)
International Journal of Wireless and Microwave Technologies     Open Access   (Followers: 6)
International Transaction of Electrical and Computer Engineers System     Open Access   (Followers: 2)
JAREE (Journal on Advanced Research in Electrical Engineering)     Open Access  
Journal of Biosensors & Bioelectronics     Open Access   (Followers: 3)
Journal of Advanced Dielectrics     Open Access   (Followers: 1)
Journal of Artificial Intelligence     Open Access   (Followers: 10)
Journal of Circuits, Systems, and Computers     Hybrid Journal   (Followers: 4)
Journal of Computational Intelligence and Electronic Systems     Full-text available via subscription   (Followers: 1)
Journal of Electrical and Electronics Engineering Research     Open Access   (Followers: 25)
Journal of Electrical Bioimpedance     Open Access  
Journal of Electrical Bioimpedance     Open Access   (Followers: 2)
Journal of Electrical Engineering & Electronic Technology     Hybrid Journal   (Followers: 7)
Journal of Electrical, Electronics and Informatics     Open Access  
Journal of Electromagnetic Analysis and Applications     Open Access   (Followers: 7)
Journal of Electromagnetic Waves and Applications     Hybrid Journal   (Followers: 8)
Journal of Electronic Design Technology     Full-text available via subscription   (Followers: 6)
Journal of Electronics (China)     Hybrid Journal   (Followers: 4)
Journal of Energy Storage     Full-text available via subscription   (Followers: 4)
Journal of Engineered Fibers and Fabrics     Open Access   (Followers: 2)
Journal of Field Robotics     Hybrid Journal   (Followers: 3)
Journal of Guidance, Control, and Dynamics     Hybrid Journal   (Followers: 169)
Journal of Information and Telecommunication     Open Access   (Followers: 1)
Journal of Intelligent Procedures in Electrical Technology     Open Access   (Followers: 3)
Journal of Low Power Electronics     Full-text available via subscription   (Followers: 7)
Journal of Low Power Electronics and Applications     Open Access   (Followers: 9)
Journal of Microelectronics and Electronic Packaging     Hybrid Journal  
Journal of Microwave Power and Electromagnetic Energy     Hybrid Journal  
Journal of Microwaves, Optoelectronics and Electromagnetic Applications     Open Access   (Followers: 10)
Journal of Nuclear Cardiology     Hybrid Journal  
Journal of Optoelectronics Engineering     Open Access   (Followers: 4)
Journal of Physics B: Atomic, Molecular and Optical Physics     Hybrid Journal   (Followers: 29)
Journal of Power Electronics & Power Systems     Full-text available via subscription   (Followers: 11)
Journal of Semiconductors     Full-text available via subscription   (Followers: 5)
Journal of Sensors     Open Access   (Followers: 26)
Journal of Signal and Information Processing     Open Access   (Followers: 9)
Jurnal ELTIKOM : Jurnal Teknik Elektro, Teknologi Informasi dan Komputer     Open Access  
Jurnal Rekayasa Elektrika     Open Access  
Jurnal Teknik Elektro     Open Access  
Jurnal Teknologi Elektro     Open Access  
Kinetik : Game Technology, Information System, Computer Network, Computing, Electronics, and Control     Open Access  
Learning Technologies, IEEE Transactions on     Hybrid Journal   (Followers: 12)
Magnetics Letters, IEEE     Hybrid Journal   (Followers: 7)
Majalah Ilmiah Teknologi Elektro : Journal of Electrical Technology     Open Access   (Followers: 2)
Metrology and Measurement Systems     Open Access   (Followers: 5)
Microelectronics and Solid State Electronics     Open Access   (Followers: 19)
Nanotechnology Magazine, IEEE     Full-text available via subscription   (Followers: 33)
Nanotechnology, Science and Applications     Open Access   (Followers: 6)
Nature Electronics     Hybrid Journal  
Networks: an International Journal     Hybrid Journal   (Followers: 5)
Open Electrical & Electronic Engineering Journal     Open Access  
Open Journal of Antennas and Propagation     Open Access   (Followers: 8)
Optical Communications and Networking, IEEE/OSA Journal of     Full-text available via subscription   (Followers: 15)
Paladyn. Journal of Behavioral Robotics     Open Access   (Followers: 1)
Power Electronics and Drives     Open Access   (Followers: 1)
Problemy Peredachi Informatsii     Full-text available via subscription  
Progress in Quantum Electronics     Full-text available via subscription   (Followers: 7)
Pulse     Full-text available via subscription   (Followers: 5)
Radiophysics and Quantum Electronics     Hybrid Journal   (Followers: 2)
Recent Advances in Communications and Networking Technology     Hybrid Journal   (Followers: 3)
Recent Advances in Electrical & Electronic Engineering     Hybrid Journal   (Followers: 9)
Research & Reviews : Journal of Embedded System & Applications     Full-text available via subscription   (Followers: 5)
Revue Méditerranéenne des Télécommunications     Open Access  
Security and Communication Networks     Hybrid Journal   (Followers: 2)
Selected Topics in Applied Earth Observations and Remote Sensing, IEEE Journal of     Hybrid Journal   (Followers: 54)
Semiconductors and Semimetals     Full-text available via subscription   (Followers: 1)
Sensing and Imaging : An International Journal     Hybrid Journal   (Followers: 2)
Services Computing, IEEE Transactions on     Hybrid Journal   (Followers: 4)
Software Engineering, IEEE Transactions on     Hybrid Journal   (Followers: 75)
Solid-State Circuits Magazine, IEEE     Hybrid Journal   (Followers: 13)
Solid-State Electronics     Hybrid Journal   (Followers: 9)
Superconductor Science and Technology     Hybrid Journal   (Followers: 2)
Synthesis Lectures on Power Electronics     Full-text available via subscription   (Followers: 3)
Technical Report Electronics and Computer Engineering     Open Access  
TELE     Open Access  
Telematique     Open Access  
TELKOMNIKA (Telecommunication, Computing, Electronics and Control)     Open Access   (Followers: 9)
Universal Journal of Electrical and Electronic Engineering     Open Access   (Followers: 6)
Visión Electrónica : algo más que un estado sólido     Open Access   (Followers: 1)
Wireless and Mobile Technologies     Open Access   (Followers: 6)
Wireless Power Transfer     Full-text available via subscription   (Followers: 4)
Women in Engineering Magazine, IEEE     Full-text available via subscription   (Followers: 11)
Електротехніка і Електромеханіка     Open Access  

       | Last   [Sort by number of followers]   [Restore default list]

Similar Journals
Journal Cover
Security and Communication Networks
Journal Prestige (SJR): 0.285
Citation Impact (citeScore): 1
Number of Followers: 2  
  Hybrid Journal Hybrid journal (It can contain Open Access articles)
ISSN (Print) 1939-0114 - ISSN (Online) 1939-0122
Published by Hindawi Homepage  [338 journals]
  • Security Cryptanalysis of NUX for the Internet of Things
    • Abstract: In order to adopt the restricted environment, such as radio frequency identification technology or sensor networking, which are the important components of the Internet of Things, lightweight block ciphers are designed. NUX is a 31-round iterative ultralightweight cipher proposed by Bansod et al. In this paper, we examine the resistance of NUX to differential and linear analysis and search for -round differential characteristics and linear approximations. In design specification, authors claimed that 25-round NUX is resistant to differential and linear attack. However, we can successfully perform 29-round differential attack on NUX with the 22-round differential characteristic found in this paper, which is 4 rounds more than the limitation given by authors. Furthermore, we present the key recovery attack on 22-round NUX using a 19-round linear approximation determined in this paper. Besides, distinguishing attack, whose distinguisher is built utilizing the property of differential propagation through NUX, is implemented on full NUX with data complexity 8.
      PubDate: Wed, 12 Jun 2019 10:05:01 +000
  • RMMDI: A Novel Framework for Role Mining Based on the Multi-Domain
    • Abstract: Role-based access control (RBAC) is widely adopted in network security management, and role mining technology has been extensively used to automatically generate user roles from datasets in a bottom-up way. However, almost all role mining methods discover the user roles from existing user-permission assignments, which neglect the dependency relationships between user permissions. To extend the ability of role mining technology, this paper proposes a novel role mining framework based on multi-domain information. The framework estimates the similarity between different permissions based on the fundamental information in the physical, network, and digital domains and attaches interdependent permissions to the same role. Three simulated network scenarios with different multi-domain configurations are used to validate the effectiveness of our method. The experimental results show that the method can not only capture the interdependent relationships between permissions, but also detect user roles and permissions more reasonably.
      PubDate: Tue, 11 Jun 2019 14:05:01 +000
  • Seeking Best-Balanced Patch-Injecting Strategies through Optimal Control
    • Abstract: To restrain escalating computer viruses, new virus patches must be constantly injected into networks. In this scenario, the patch-developing cost should be balanced against the negative impact of virus. This article focuses on seeking best-balanced patch-injecting strategies. First, based on a novel virus-patch interactive model, the original problem is reduced to an optimal control problem, in which (a) each admissible control stands for a feasible patch-injecting strategy and (b) the objective functional measures the balance of a feasible patch-injecting strategy. Second, the solvability of the optimal control problem is proved, and the optimality system for solving the problem is derived. Next, a few best-balanced patch-injecting strategies are presented by solving the corresponding optimality systems. Finally, the effects of some factors on the best balance of a patch-injecting strategy are examined. Our results will be helpful in defending against virus attacks in a cost-effective way.
      PubDate: Mon, 10 Jun 2019 08:05:12 +000
  • Cryptanalysis of a Certificateless Aggregate Signature Scheme for
           Healthcare Wireless Sensor Network
    • Abstract: Certificateless aggregate signatures aggregate signatures from different users into one signature. Therefore, a verifier can judge whether all signatures are valid by verifying once. With this advantage, certificateless aggregate signatures are widely used in the environment of limited computing resources. Recently, a novel certificateless aggregate signature scheme was proposed by Kumar et al. This scheme’s security was claimed to be secure against two types of attackers under the random oracle model. In this paper, we indicate that their scheme is unable to achieve this security goal. We show an attack algorithm that the second type of attacker could forge a valid signature under an identity without the private key of the target user. Moreover, we demonstrate that the second type of attacker could forge a valid aggregate signature.
      PubDate: Sun, 09 Jun 2019 12:05:14 +000
  • CasCP: Efficient and Secure Certificateless Authentication Scheme for
           Wireless Body Area Networks with Conditional Privacy-Preserving
    • Abstract: As the aging population of society continues to intensify, the series of problems brought about by aging is becoming more and more serious. Because the health problem of the elderly brings many social problems, people have paid close attention to it. Fortunately, as a typical smart healthcare system, wireless body area networks (WBANs) present quit nice medical care for people, especially the aged. However, personal health information is very sensitive. But, the common communication channel is used in WBANs and any malicious entity can initiate a security attack on WBANs. To ensure secure communication and privacy-preserving which are the premise of the sound development of WBANs, an improved and efficient certificateless authentication scheme with conditional privacy-preserving is proposed in this paper on the basis of analyzing the most recent presented certificateless authentication scheme for WBANs. The proposed scheme also provides batch authentication to decrease authentication and communication cost. A rigid security proof demonstrates that our proposed scheme resists every type of security attack and can provide condition privacy-preserving. The performance analysis shows that our proposed scheme has some advantages in computation and communication cost.
      PubDate: Tue, 04 Jun 2019 08:05:10 +000
  • Lightweight and Secure Three-Factor Authentication Scheme for Remote
           Patient Monitoring Using On-Body Wireless Networks
    • Abstract: On-body wireless networks (oBWNs) play a crucial role in improving the ubiquitous healthcare services. Using oBWNs, the vital physiological information of the patient can be gathered from the wearable sensor nodes and accessed by the authorized user like the health professional or the doctor. Since the open nature of wireless communication and the sensitivity of physiological information, secure communication has always been the vital issue in oBWNs-based systems. In recent years, several authentication schemes have been proposed for remote patient monitoring. However, most of these schemes are so susceptible to security threats and not suitable for practical use. Specifically, all these schemes using lightweight cryptographic primitives fail to provide forward secrecy and suffer from the desynchronization attack. To overcome the historical security problems, in this paper, we present a lightweight and secure three-factor authentication scheme for remote patient monitoring using oBWNs. The proposed scheme adopts one-time hash chain technique to ensure forward secrecy, and the pseudonym identity method is employed to provide user anonymity and resist against desynchronization attack. The formal and informal security analyses demonstrate that the proposed scheme not only overcomes the security weaknesses in previous schemes but also provides more excellent security and functional features. The comparisons with six state-of-the-art schemes indicate that the proposed scheme is practical with acceptable computational and communication efficiency.
      PubDate: Sun, 02 Jun 2019 00:05:13 +000
  • A Cancelable Template for the Low-Quality Fingerprints from Wearable
    • Abstract: Biometric authentication in wearable devices is different from the common biometric authentication systems. First of all, sensitive information such as fingerprint and iris of a user is stored in a wearable device owned by the user rather than being stored in a remote database. Wearable devices are portable, and there is a risk that the devices might be lost or stolen. In addition, the quality of the extracted image from the wearable devices is lower than that of the common biometric acquisition sensor. In the paper, we propose a novel cancelable fingerprint template which is irreversible to the original biometrics and has excellent accuracy even in low quality images.
      PubDate: Sun, 02 Jun 2019 00:00:00 +000
  • SLFAT: Client-Side Evil Twin Detection Approach Based on Arrival Time of
           Special Length Frames
    • Abstract: In general, the IEEE 802.11 network identifiers used by wireless access points (APs) can be easily spoofed. Accordingly, a malicious adversary is able to clone the identity information of a legitimate AP (LAP) to launch evil twin attacks (ETAs). The evil twin is a class of rogue access point (RAP) that masquerades as a LAP and allures Wi-Fi victims’ traffic. It enables an attacker with little effort and expenditure to eavesdrop or manipulate wireless communications. Due to the characteristics of strong concealment, high confusion, great harmfulness, and easy implementation, the ETA has become one of the most severe security threats in Wireless Local Area Networks (WLANs). Here, we propose a novel client-side approach, Speical Length Frames Arrival Time (SLFAT), to detect the ETA, which utilizes the same gateway as the LAP. By monitoring the traffic emitted by target APs at a detection node, SLFAT extracts the arrival time of the special frames with the same length to determine the evil twin’s forwarding behavior. SLFAT is passive, lightweight, efficient, hard to be escaped. It allows users to independently detect ETA on ordinary wireless devices. Through implementation and evaluation in our study, SLFAT achieves a very high detection rate in distinguishing evil twins from LAPs.
      PubDate: Sun, 02 Jun 2019 00:00:00 +000
  • Improved Cryptanalysis of a Fully Homomorphic Symmetric Encryption Scheme
    • Abstract: Homomorphic encryption is widely used in the scenarios of big data and cloud computing for supporting calculations on ciphertexts without leaking plaintexts. Recently, Li et al. designed a symmetric homomorphic encryption scheme for outsourced databases. Wang et al. proposed a successful key-recovery attack on the homomorphic encryption scheme but required the adversary to know some plaintext/ciphertext pairs. In this paper, we propose a new ciphertext-only attack on the symmetric fully homomorphic encryption scheme. Our attack improves the previous Wang et al.’s attack by eliminating the assumption of known plaintext/ciphertext pairs. We show that the secret key of the user can be recovered by running lattice reduction algorithms twice. Experiments show that the attack successfully and efficiently recovers the secret key of the randomly generated instances with an overwhelming probability.
      PubDate: Sun, 02 Jun 2019 00:00:00 +000
  • Revisiting Anonymous Two-Factor Authentication Schemes for IoT-Enabled
           Devices in Cloud Computing Environments
    • Abstract: Investigating the security pitfalls of cryptographic protocols is crucial to understand how to improve security. At ICCCS’17, Wu and Xu proposed an efficient smart-card-based password authentication scheme for cloud computing environments to cope with the vulnerabilities in Jiang et al.’s scheme. However, we reveal that Wu-Xu’s scheme actually is subject to various security flaws, such as offline password guessing attack and replay attack. Besides security, user friendly is also another great concern. In 2017, Roy et al. found that in most previous two-factor schemes a user has to manage different credentials for different services and further suggested a user-friendly scheme which is claimed to be suitable for multiserver architecture and robust against various attacks. In this work, we show that Roy et al.’s scheme fails to achieve truly two-factor security and shows poor scalability. At FGCS’18, Amin et al. pointed out that most of existing two-factor schemes are either insecure or inefficient for mobile devices due to the use of public-key techniques and thus suggested an improved protocol by using only light-weight symmetric key techniques. Almost at the same time, Wei et al. also observed this issue and proposed a new scheme based on symmetric key techniques with formal security proofs in the random oracle model. Nevertheless, we point out that both Amin et al.’s and Wei et al.’s schemes cannot achieve the claimed security goals (including the most crucial goal of “truly two-factor security”). Our results invalidate any use of the scrutinized schemes for cloud computing environments.
      PubDate: Thu, 23 May 2019 11:05:12 +000
  • A Practical Authentication Framework for VANETs
    • Abstract: In vehicular ad hoc networks (VANETs), conditional privacy preserving authentication (CPPA) scheme is widely deployed to solve security and privacy issues. Existing CPPA schemes usually require ideal tamper-proof devices (TPDs) on vehicles which, however, might be infeasible or do not exist in reality due to high security requirements. To address this problem, we propose a practical framework of CPPA scheme that supports more realistic TPDs which are less secure correspondingly. We demonstrate that this framework also manages to achieve nonframeability in addition to other security objectives including nonrepudiation, conditional privacy preserving, and unlinkability. Moreover, performance analysis shows that our framework has better efficiency in authentication. All these features make our framework practical for VANETs.
      PubDate: Thu, 23 May 2019 11:05:10 +000
  • An Enhanced and Resource-Aware RFID Multitag Grouping Protocol
    • Abstract: Several grouping proof protocols were presented to meet the security requirements of Radio Frequency Identification Systems. Nevertheless, these protocols were shown to be vulnerable to various attacks. In this work, we cryptanalyze one of the newest grouping proof protocols. Through this analysis, we show the weaknesses of the protocol and launch a full-disclosure attack to disclose all secrets in the protocol. We show that the probability of success of the protocol is one and that increasing the length of the strings adds little complexity to the attack. We follow this by proposing an enhanced version of the protocol with better overall security. We show its efficiency by providing a security and performance analysis and comparing it with some of the existing protocols in the literature.
      PubDate: Thu, 23 May 2019 11:05:08 +000
  • Intrusion Detection and Prevention in Cloud, Fog, and Internet of Things
    • PubDate: Thu, 23 May 2019 11:05:06 +000
  • Efficient Attribute-Based Encryption with Privacy-Preserving Key
           Generation and Its Application in Industrial Cloud
    • Abstract: Due to the rapid development of new technologies such as cloud computing, Internet of Things (IoT), and mobile Internet, the data volumes are exploding. Particularly, in the industrial field, a large amount of data is generated every day. How to manage and use industrial Big Data primely is a thorny challenge for every industrial enterprise manager. As an emerging form of service, cloud computing technology provides a good solution. It receives more and more attention and support due to its flexible configuration, on-demand purchase, and easy maintenance. Using cloud technology, enterprises get rid of the heavy data management work and concentrate on their main business. Although cloud technology has many advantages, there are still many problems in terms of security and privacy. To protect the confidentiality of the data, the mainstream solution is encrypting data before uploading. In order to achieve flexible access control to encrypted data, attribute-based encryption (ABE) is an outstanding candidate. At present, more and more applications are using ABE to ensure data security. However, the privacy protection issues during the key generation phase are not considered in the current ABE systems. That is to say, the key generation center (KGC) knows both of attributes and corresponding keys of each user. This problem is especially serious in the industrial big data scenario, because it will cause great damage to the business secrets of industrial enterprises. In this paper, we design a new ABE scheme that protects user’s privacy during key issuing. In our new scheme, we separate the functionality of attribute auditing and key generating to ensure that the KGC cannot know user’s attributes and that the attribute auditing center (AAC) cannot obtain the user’s secret key. This is ideal for many privacy-sensitive scenarios, such as industrial big data scenario.
      PubDate: Thu, 23 May 2019 11:05:04 +000
  • WebMTD: Defeating Cross-Site Scripting Attacks Using Moving Target Defense
    • Abstract: Existing mitigation techniques for cross-site scripting attacks have not been widely adopted, primarily due to imposing impractical overheads on developers, Web servers, or Web browsers. They either enforce restrictive coding practices on developers, fail to support legacy Web applications, demand browser code modification, or fail to provide browser backward compatibility. Moving target defense (MTD) is a novel proactive class of techniques that aim to defeat attacks by imposing uncertainty in attack reconnaissance and planning. This uncertainty is achieved by frequent and random mutation (randomization) of system configuration in a manner that is not traceable (predictable) by attackers. In this paper, we present WebMTD, a proactive moving target defense mechanism that thwarts various kinds of cross-site scripting (XSS) attacks on Web applications. Relying on built-in features of modern Web browsers, WebMTD randomizes values of certain attributes of Web elements to differentiate the application code from the injected code and disallow its execution; this is done without requiring Web developer involvement or browser code modification. Through rigorous evaluation, we show that WebMTD has very a low performance overhead. Also, we argue that our technique outperforms all competing approaches due to its broad effectiveness, transparency, backward compatibility, and low overhead.
      PubDate: Tue, 14 May 2019 08:05:07 +000
  • Secure and Efficient Searchable Public Key Encryption for Resource
           Constrained Environment Based on Pairings under Prime Order Group
    • Abstract: Searchable public key encryption scheme is a key technique for protecting data confidentiality in today’s cloud environment. Specifically, public key encryption with conjunctive and disjunctive keyword search (PECDK) can provide flexible search options without sacrificing keywords security and thus attracts a lot of attention nowadays. However, the most effective PECDK scheme is based on the inner product encryption (IPE), which needs more time and space cost. In this paper, by utilizing the bilinear pairing with a prime order group, we propose an efficient PECDK scheme needing less time and storage consumption. The proposed scheme is proven to be secure under a rigorous security definition. The theoretical analysis and experimental results demonstrate that our proposed scheme can significantly improve the time and space efficiency over the state-of-the-art scheme.
      PubDate: Mon, 13 May 2019 12:05:13 +000
  • A Lightweight BCH Code Corrector of TRNG with Measurable Dependence
    • Abstract: We propose a new lightweight BCH code corrector of the random number generator such that the bitwise dependence of the output value is controllable. The proposed corrector is applicable to a lightweight environment and the degree of dependence among the output bits of the corrector is adjustable depending on the bias of the input bits. Hitherto, most correctors using a linear code are studied on the direction of reducing the bias among the output bits, where the biased input bits are independent. On the other hand, the output bits of a linear code corrector are inherently not independent even though the input bits are independent. However, there are no results dealing with the independence of the output bits. The well-known von Neumann corrector has an inefficient compression rate and the length of output bits is nondeterministic. Since the heavy cryptographic algorithms are used in the NIST’s conditioning component to reduce the bias of input bits, it is not appropriate in a lightweight environment. Thus we have concentrated on the linear code corrector and obtained the lightweight BCH code corrector with measurable dependence among the output bits as well as the bias. Moreover, we provide some simulations to examine our results.
      PubDate: Mon, 13 May 2019 09:05:04 +000
  • Anonymous and Efficient Message Authentication Scheme for Smart Grid
    • Abstract: Smart grid has emerged as the next-generation electricity grid with power flow optimization and high power quality. Smart grid technologies have attracted the attention of industry and academia in the last few years. However, the tradeoff between security and efficiency remains a challenge in the practical deployment of the smart grid. Most recently, Li et al. proposed a lightweight message authentication scheme with user anonymity and claimed that their scheme is provably secure. But we found that their scheme fails to achieve mutual authentication and mitigate some typical attacks (e.g., impersonation attack, denial of service attack) in the smart grid environment. To address these drawbacks, we present a new message authentication scheme with reasonable efficiency. Security and performance analysis results show that the proposed scheme can satisfy the security and lightweight requirements of practical implementations and deployments of the smart grid.
      PubDate: Sun, 12 May 2019 09:05:04 +000
  • New Authentication Scheme to Secure against the Phishing Attack in the
           Mobile Cloud Computing
    • Abstract: A phishing attack is one of the severe threats to the smartphone users. As per the recent lookout report, mobile phishing attack is increasing 85% year to year and going to become a significant threat to the smartphone users. This social engineering attack attempts to get the user’s password by disguising as trusted service provider. Most of the smartphone users are using the Internet services outside of the traditional firewall. Cloud-based documents are one of the primary targets of this phishing attack in mobile cloud computing. Also, most smartphone users are using the cloud storage in their device. To secure against this password attack in a mobile cloud environment, we propose a new authentication scheme to provide novel security to the mobile cloud services. This scheme will verify the user and service provider without transmitting the password using the Zero-knowledge proof based authentication protocol. Moreover, the proposed scheme will provide mutual authentication between the communication entities. The effectiveness of proposed scheme would be verified using protocol verification tool called Scyther.
      PubDate: Thu, 09 May 2019 07:05:11 +000
  • Lightweight Privacy Preservation for Securing Large-Scale Database-Driven
           Cognitive Radio Networks with Location Verification
    • Abstract: The database-driven cognitive radio networks (CRNs) are regarded as a promising approach to utilizing limited spectrum resources in large-scale Internet of Things (IoT). However, database-driven CRNs face some security and privacy threats. Firstly, secondary users (SUs) should send identity and location information to the database (DB) to obtain a list of available channels, such that the curious DB might easily misuse and threaten the privacy of SUs. Secondly, malicious SUs might send fake location information to the DB in order to occupy channels with better quantity in advance and so gain benefits. This might also cause serious interference to primary users (PUs). In this paper, we propose a lightweight privacy-preserving location verification protocol to protect the identity and location privacy of each SU and to verify the location of SUs. In the proposed protocol, the SU does not need to provide location information to request an available channel from the DB. Therefore, the DB cannot get the location information of any SU. In the proposed protocol, the base station (BS) selects some SUs as witnesses to generate location proofs for each other in a distributed fashion. This new witness selection mechanism makes the proposed protocol reliable when a malicious SU generates fake location information to cheat the BS and also prevents SU-Witness collusion attacks. The results also show that the proposed protocol can provide strong privacy preservation for SUs and can effectively verify the location of the SUs. The security analysis shows that the proposed protocol can resist various types of attacks. Moreover, compared with previous protocols, the proposed protocol is lightweight because it relies on symmetric cryptography and it is unaffected by the area covered by the DB.
      PubDate: Mon, 06 May 2019 08:05:11 +000
  • Authentication and Authorization for Mobile IoT Devices Using Biofeatures:
           Recent Advances and Future Trends
    • Abstract: Biofeatures are fast becoming a key tool to authenticate the IoT devices; in this sense, the purpose of this investigation is to summarise the factors that hinder biometrics models’ development and deployment on a large scale, including human physiological (e.g., face, eyes, fingerprints-palm, or electrocardiogram) and behavioral features (e.g., signature, voice, gait, or keystroke). The different machine learning and data mining methods used by authentication and authorization schemes for mobile IoT devices are provided. Threat models and countermeasures used by biometrics-based authentication schemes for mobile IoT devices are also presented. More specifically, we analyze the state of the art of the existing biometric-based authentication schemes for IoT devices. Based on the current taxonomy, we conclude our paper with different types of challenges for future research efforts in biometrics-based authentication schemes for IoT devices.
      PubDate: Sun, 05 May 2019 13:30:01 +000
  • Detection of Dummy Trajectories Using Convolutional Neural Networks
    • Abstract: Nowadays, privacy in trajectory is an important issue in the coming big data era. In order to provide better protection for trajectory privacy, a number of solutions have been proposed in the literature, and the dummy trajectory method has attracted great interests in both academia and industry recently due to the following advantages: neither a third-party server nor other parties’ cooperation is necessary; location-based services are not influenced; and its algorithm is relatively simple and efficient. However, most of trajectory privacy generations usually consider the geometric shape of the trajectory; meanwhile the real human mobility feature is usually neglected. In fact, the real trajectory is not the product of random probability. In this paper, convolutional neural network (CNN) is used as the learning machine to train with lots of the real trajectory and the generated dummy trajectory sets. Then, the trained classifier is used to distinguish the dummy from the real trajectory. Experiments demonstrate that the method using CNN is very efficient, and more than 90% of dummy trajectories can be detected. Moreover, the real trajectory erroneous judgment rate is below 10% for most of real trajectories.
      PubDate: Thu, 02 May 2019 10:05:05 +000
  • Dynamic Resource Provisioning on Fog Landscapes
    • Abstract: A huge amount of smart devices which have capacity of computing, storage, and communication to each other brings forth fog computing paradigm. Fog computing is a model in which the system tries to push data processing from cloud servers to “near” IoT devices in order to reduce latency time. The execution orderings and the deployed places of services make significant effect on the overall response time of an application. Beside new research directions in fog computing, e.g., fog-cloud collaboration, service scalability, fog scalability, mobile fog computing, fog federation, trade-off between energy consumption and communication efficiency, duration of storing data locally, storage security and communication security, and semantic-aware fog computing, the service deployment problem is one of the attractive research fields of fog computing. The service deployment is a multiobjective optimization problem; there are so many proposed solutions for various targets, such as response time, communication cost, and energy consumption. In this paper, we focus on the optimization problem which minimizes the overall response time of an application with awareness of network usage and server usage. Then, we have conducted experiments on two service deployment strategies, called cloudy and foggy strategies. We analyze numerically the overall response time, network usage, and server usage of those two strategies in order to prove the effectiveness of our proposed foggy service deployment strategy.
      PubDate: Thu, 02 May 2019 08:05:19 +000
  • HeteMSD: A Big Data Analytics Framework for Targeted Cyber-Attacks
           Detection Using Heterogeneous Multisource Data
    • Abstract: In the current enterprise network environment, multistep targeted cyber-attacks with concealment and advanced characteristics have become the main threat. Multisource security data are the prerequisite of targeted cyber-attacks detection. However, these data have characters of heterogeneity and semantic diversity, and existing attack detection methods do not take comprehensive data sources into account. Identifying and predicting attack intention from heterogeneous noisy data can be meaningful work. In this paper, we first review different data fusion mechanisms of correlating heterogeneous multisource data. On this basis, we propose a big data analytics framework for targeted cyber-attacks detection and give the basic idea of correlation analysis. Our approach will offer the ability to correlate multisource heterogeneous security data and analyze attack intention effectively.
      PubDate: Thu, 02 May 2019 00:06:04 +000
  • A Server-Side JavaScript Security Architecture for Secure Integration of
           Third-Party Libraries
    • Abstract: The popularity of the JavaScript programming language for server-side programming has increased tremendously over the past decade. The Node.js framework is a popular JavaScript server-side framework with an efficient runtime for cloud-based event-driven architectures. One of its strengths is the presence of thousands of third-party libraries which allow developers to quickly build and deploy applications. These very libraries are a source of security threats as a vulnerability in one library can (and in some cases did) compromise an entire server. In order to support the secure integration of libraries, we developed NODESENTRY, the first security architecture for server-side JavaScript. Our policy enforcement infrastructure supports an easy deployment of web hardening techniques and access control policies on interactions between libraries and their environment, including any dependent library. We discuss the design and implementation of NODESENTRY and present its performance and security evaluation.
      PubDate: Thu, 02 May 2019 00:06:01 +000
  • Applying Catastrophe Theory for Network Anomaly Detection in Cloud
           Computing Traffic
    • Abstract: In spite of the tangible advantages of cloud computing, it is still vulnerable to potential attacks and threats. In light of this, security has turned into one of the main concerns in the adoption of cloud computing. Therefore, an anomaly detection method plays an important role in providing a high protection level for network security. One of the challenges in anomaly detection, which has not been seriously considered in the literature, is applying the dynamic nature of cloud traffic in its prediction while maintaining an acceptable level of accuracy besides reducing the computational cost. On the other hand, to overcome the issue of additional training time, introducing a high-speed algorithm is essential. In this paper, a network traffic anomaly detection model grounded in Catastrophe Theory is proposed. This theory is effective in depicting sudden change processes of the network due to the dynamic nature of the cloud. Exponential Moving Average (EMA) is applied for the state variable in sliding window to better show the dynamicity of cloud network traffic. Entropy is used as one of the control variables in catastrophe theory to analyze the distribution of traffic features. Our work is compared with Wei Xiong et al.’s Catastrophe Theory and achieved a maximum improvement in the percentage of Detection Rate in week 4 Wednesday (7.83%) and a 0.31% reduction in False Positive Rate in week 5 Monday. Additional accuracy parameters are checked and the impact of sliding window size in sensitivity and specificity is considered.
      PubDate: Thu, 02 May 2019 00:00:00 +000
  • Analyzing Reliability of the Communication for Secure and Highly Available
           GOOSE-Based Logic Selectivity
    • Abstract: In an electrical distribution network, Logic Selectivity significantly reduces both the number and duration of outages. Generic Object-Oriented Substation Events (GOOSE) have a key role in the decision-making process of substation protection devices using GOOSE-based Logic Selectivity. GOOSE messages are exchanged between remote protection devices over the communication network. Secured communication with low latency and high reliability is therefore required in order to ensure reliable operation as well as meeting real-time requirement of the Logic Selectivity application. There is thus a need to evaluate feasibility of the selected communication network technology for Logic Selectivity use cases. This paper analyzes reliability of cellular 4G/LTE Internet for GOOSE communication in a Logic Selectivity application. For this purpose, experimental lab set-ups are introduced for different configurations: ordinary GOOSE communication, secured GOOSE communication by IPsec in Transport mode, and redundant GOOSE communication using the IEC 62439-3 Parallel Redundancy Protocol. In each configuration, the GOOSE retransmissions are recorded for a period of three days and the average GOOSE transmission time is measured. Furthermore, the measured data is classified into histograms and a probability value for communication reliability, based on the transmission time, is calculated. The statistical analysis shows that 4G Internet satisfies the real-time and reliability requirements for secure and highly available GOOSE-based Logic Selectivity.
      PubDate: Thu, 02 May 2019 00:00:00 +000
  • Erratum to “A Novel Multiple-Bits Collision Attack Based on Double
           Detection with Error-Tolerant Mechanism”
    • PubDate: Thu, 02 May 2019 00:00:00 +000
  • The Prediction of Serial Number in OpenSSL’s X.509 Certificate
    • Abstract: In 2007, a real faked X.509 certificate based on the chosen-prefix collision of MD5 was presented by Marc Stevens. In the method, attackers needed to predict the serial number of X.509 certificates generated by CAs besides constructing the collision pairs of MD5. After that, the randomness of the serial number is required. Then, in this case, how do we predict the random serial number' Thus, the way of generating serial number in OpenSSL was reviewed. The vulnerability was found that the value of the field “not before” of X.509 certificates generated by OpenSSL leaked the generating time of the certificates. Since the time is the seed of generating serial number in OpenSSL, we can limit the seed in a narrow range and get a series of candidate serial numbers and use these candidate serial numbers to construct faked X.509 certificates through Stevens’s method. Although MD5 algorithm has been replaced by CAs, the kind of attack will be feasible if the chosen-prefix collision of current hash functions is found in the future. Furthermore, we investigate the way of generating serial numbers of certificates in other open source libraries, such as EJBCA, CFSSL, NSS, Botan, and Fortify.
      PubDate: Thu, 02 May 2019 00:00:00 +000
  • The Meeting of Acquaintances: A Cost-Efficient Authentication Scheme for
           Light-Weight Objects with Transient Trust Level and Plurality Approach
    • Abstract: Wireless sensor networks consist of a large number of distributed sensor nodes so that potential risks are becoming more and more unpredictable. The new entrants pose the potential risks when they move into the secure zone. To build a door wall that provides safety and security for the system, many recent research works applied the initial authentication process. However, the majority of the previous articles only focused on the Central Authority (CA) since this leads to an increase in the computation cost and energy consumption for the specific cases on the Internet of Things (IoT). Hence, in this article, we will lessen the importance of these third parties through proposing an enhanced authentication mechanism that includes key management and evaluation based on the past interactions to assist the objects joining a secured area without any nearby CA. We refer to a mobility dataset from CRAWDAD collected at the University Politehnica of Bucharest and rebuilt into a new random dataset larger than the old one. The new one is an input for a simulated authenticating algorithm to observe the communication cost and resource usage of devices. Our proposal helps the authenticating to be flexible, being strict with unknown devices into the secured zone. The threshold of maximum friends can modify based on the optimization of the symmetric-key algorithm to diminish communication costs (our experimental results compared to previous schemes less than 2000 bits) and raise flexibility in resource-constrained environments.
      PubDate: Sun, 14 Apr 2019 12:05:10 +000
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Tel: +00 44 (0)131 4513762
Fax: +00 44 (0)131 4513327
Home (Search)
Subjects A-Z
Publishers A-Z
Your IP address:
About JournalTOCs
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-