JOURNAL OF ELECTRONIC AND CYBER DEFENCE
Year:2018 | Volume:6 | Issue:1 (21) |Papers Count:9

"The software protection against analysis has become an important issue in the field of computer engineering. The symbolic execution method, as an approach to explore execution paths and conditions of the program, is recently considered. Therefore, developers try to protect their code to prevent against symbolic execution. A successful symbolic execution has extracted the provisions of all paths in the form of a symbolic tree. Therefore, we can prevent the symbolic execution of a program to protect the code in several different ways and hide paths from the view of analysts. This paper focused on obfuscating the condition for behavior so that in the case of symbolic execution analyst can not find the right conditions of a behavior. For this purpose, a new agenda is presented to add some new variables to the execution path that they are related to the program variables to confuse constraint solvers and build many new fake paths in the form of the symbolic tree. Results showed that symbolic analysis tools are unable to obtain all paths after obfuscation.

In recent years, thanks to NFC technology, the GoogleWallet application has attracted the attention of many users for payment purposes. This application is installed and run on mobile platforms without considering enough security. It uses the secure element as a proper place to store users’ financial information. As a result, this application is easily susceptible to many security risks such as relay attacks. Therefore, security provision in such systems has always been one of the most important challenges. A suitable mechanism to provide security is installing and running the application in an isolated form. However, before installing and running the application in an isolated form, the mobile phone should be equipped with a secure environment that is provided by Trusted Execution Environment(TEE). The paper proposes a mutual authenticatiom method between secure element and terminal using mobile phones whose processors have two execution environments (TEE/REE) to manage the execution of google wallet applica-tion. The proposed method not only improves the security of GoogleWallet application against the relay attack, but also similar applications can use this method to increase security against such attacks.

With the development of information and communication in the last two decades, using computer networks at various levels and, as the result, the need of transferring digital images in this network have been considered important more than past. To protect images against unauthorized access, image encryp-tion is used. Many algorithms have provided to encrypt the image. In this study, a new algorithm for image encryption is designed and implemented. In the proposed method, a new, and powerful algorithm is present-ed for encrypting images. This is done through combining the Logistic map functions chaos and Xor action and inspiriting from the Beness network. Test results also show that the proposed algorithm has a proper performance.

In this paper, we consider the Time-Memory-Trade-Off (TMTO) method for analysis of block ciphers and related methods. Also, we discuss some subjects including coverage in the Hellman chains, collision in chains, cycles and rings that create a block cipher function. Hellman method is analyzed by a random graph. The random graph is made of a function block cipher, which is applied to extract non-collision chains, cycles and rings. According to the unique modes and features available in the random graph, a new method for extraction of cycles and rings in the random graph entitled "agility of graph" is offered. This meth-od extracts the cycles and rings of the lock cipher function as easily and at a very low cost. The obtained cycles and rings are used for generating non-collision chains in the block ciphers that they make a complete coverage of block ciphers in the TMTO method.

In cloud computing and the data storage services they offer, what impedes their adoption by organizations with classified data is the issue of security (confidentiality, integrity, availability). Although, the confidentiality of data could be preserved against external adversary by the server-side encryption, the cloud owner or cloud’ s super users still are in possession of encryption keys. Hence they have access to users’ data which compromise their confidentiality. In this paper, we offer the SeIDA (PAD) algorithm which enables us to confidently outsource our security-sensitive data to untrusted cloud environments and benefit their features. Despite conventional methods which store data on one specific cloud service provider, the SeIDA algorithm breaks the user’ s file into N distinct, unrecognizable segments and stores each one on a different cloud. We have accomplished this by adding a lightweight pre-processing phase to Rabin’ s information dispersal algorithm while at the same time, we have employed a novel distributed-based key management technique for achieving keyless security and hence we obviate many of the related challenges (secure key generation, preserving encryption keys etc. ). Due to SeIDA’ s efficiency, other than a web application, it can be directly implemented and utilized as a mobile application.

Monitoring of attacks carried out by botnets still has challenges of uncertainty during the attack. In this study, we have proposed a methodology in which a Botnet sends some number of packets towards the hosts under its control (vicarious) across their network. Then, we can estimate the power of a botnet by data fu-sion. The existence of defensive filtering (local and regional), failure of sensors and packet loss cause faulty estimation. Thus, using the OMNET simulator, the proposed, model was tested with three scenarios and maximum-minimum and average voting procedures were used for data fusion. And the results were com-pared and evaluated using the Euclidean method which they showed that the Min-Max method is 95% accu-rate in such conditions. The above-mentioned experiment on the Internet environment showed that by utiliz-ing labeled packets, the accuracy of 96 % is obtained.

Scrambling in exchange of information is an important issue in safeguarding information security. There are many scrambling techniques and. combining these algorithms increase the security of scrambling techniques. In this paper, we explain a new scrambling algorithm using combining Differential Evolution and Arnold transformation algorithms. Differential Evolution raises the security and robustness of algorithms because of its optimal responses. In our technique, a digital image is made by scrambling the Arnold transformation with the Differential Evolution algorithm for this scrambled image, so this increases the robustness of scrambling. Experimental results show that the proposed scheme can scramble an image with different other methods and the original image can be extractable from the scrambled image.

Protection (i. e. defense) of high voltage substation in smart grid depends on electricity utilities' considerations for threat levels and their asset value. The aim of countermeasures is to decrease threat to an acceptable level. Such countermeasures depend on protective equipment/methods e. g. software, hardware, shielding and optimal route selection of data transferring media. These measures as a whole are function of quantity, type, scheme and location of substations in the network. The focus is to estimate volume of such countermeasures based on status, investment and criticality of each substation, as proper protective measures shall cover weaknesses in the system security. This paper presents an analysis of substations criticality based on the previous experience of experts and their knowledge to provide cyber security. The substations are classified as geostrategic, strategic industries, SAS and vulnerable by the use of the data derived from polling and through fuzzy analytic hierarchy process (FAHP) method. The share of each mentioned defense method in the budget is calculated for typical substations. Validity of the proposed method is examined by the sensitivity analysis.

Detection of emotional, intellectual, physical and intuitive conditions of people is one of the major concerns before accomplishing an operation. Awareness about the degree of readiness of forces is more acute in cyber missions, due to their high sensitivity. As a solution, the biorhythm theory is a new branch of science capable of studying the properties of emotional, intellectual, physical and intuitive conditions of people. In the first step of this paper, four biorhythm periodicities have been modeled based on a Markov model. In the next step, a cyber operation mission is derived from this biorhythmic Markov model. Consistency of the proposed theoretical model has been verified by cyber experts, for whom the analytical research method using a questionnaire and the opinions of 30 experts' cyber domain is used. The results show that the division of mission-based biorhythmic Markov model is consistent with the experts' opinions. As the main result of this paper, the probability of successfully accomplishing a mission will be increased, when commanders have such a verified system to select suitable people according to their biorhythmic situations and conditions of missions.