JOURNAL OF ELECTRONIC AND CYBER DEFENCE
Year:2021 | Volume:8 | Issue:4 (32)|Papers Count:14

Detection of overlapping communities in large complex social networks with intelligent agents, is an NP problem with great time complexity and large memory usage and no simultaneous online solution. Proposing a novel distributed label propagation approach can help to decrease the searching time and reduce the memory space usage. This paper presents a scalable distributed overlapping community detection approach based on the label propagation method by proposing a novel algorithm and three new metrics to expand scalability and improve modularity through agent-based implementation and good memory allocation in a multi-core architecture. The experimental results of large real datasets over the state-of-the-art SLPA approach show that the execution time speeds up by 900% and the modularity improves by 3% to 100% thus producing fast and accurate detection of overlapped communities.

Domain generation algorithms (DGAs) are used in Botnets as rendezvous points to their command and control (C&C) servers, and can continuously provide a large number of domains which can evade detection by traditional methods such as Blacklist. Internet security vendors often use blacklists to detect Botnets and malwares, but the DGA can continuously update the domain to evade blacklist detection. In this paper, first, using features engineering; the three types of structural, statistical and linguistic features are extracted for the detection of DGAs, and then a new dataset is produced by using a dataset with normal DGAs and two datasets with malicious DGAs. Using supervised machine learning algorithms, the classification of DGAs has been performed and the results have been compared to determine a DGA detection model with a higher accuracy and a lower error rate. The results obtained in this paper show that the random forest algorithm offers accuracy rate, detection rate and receiver operating characteristic (ROC) equal to 89. 32%, 91. 67% and 0. 889, respectively. Also, compared to the results of the other investigated algorithms, the random forest algorithm presents a lower false positive rate (FPR) equal to 0. 373.

Software defined networks have attracted enormous attention because they simplify the process of setting up the network. They have been able to leave behind in a short time, most of the technologies that were used in traditional networks by industrialists and researchers. The ease and efficiency are due to the separation of control and data planes from each other such that the control plane is a logically centralized controller and the data plane switches in as the flow table has been implemented. In these networks, network topology adjustment is done using a flow table that has special flow rules and network services, such as Qos, security and etc., which operate as programs on the network. Flow tables can be directly or indirectly changed by any of these services in the network. Although access to the table of current units simplifies network configurations, it could lead to anomalies between flow rules for separate modules. In addition to consuming too much switch memory, these anomalies can cause problems for network security and applications. Fortunately, so far, some researches on the detection of anomalies in flow tables of software defined networks has been done but this method is not only imposing a great deal of time and processing on the controller, in some cases only conflict resolution has been performed. In this paper we have shown how to speed up the detection algorithm and then tried to improve the speed of anomaly detection algorithm in the flow table of switches in the software defined networks using different variables.

The network overhead and multiple networks disconnection faults are the main challenges of anonymous servers implemented in VANETs. The block chain technology has been entered into the wide range of preserving privacy. The robust anonymity mechanism existence and the traceability of all transactions are the main advantages of this technology. The primary model of the block chain was able to complete the process with the anonymity stored data. In distributed models, the authentication, storage and retrieval of transactions are applied by all user’ s consensus. The asymmetric cryptography, preserves the identity anonymity and aggregating transactions of different users into a block which is ready to send, preserves the path anonymity. The proposed method is aimed to ensure anonymity by mounting the block chain on VANETs. Before delivering any transaction to the block chain, the risk of user’ s privacy is high. To achieve low risk, we combine the graph processing methods with Silent Period, Cloaking-Region and Dummy Node methods. The block chain simulation on VANET is driven by python and the anonymity risks are simulated with ARX. The results suggest that the block chain is stabled and the optimal risk reduction is achieved on the VANET.

Quantum-dot cellular automata (QCA) is one of the new technologies in the design of digital nano circuits. This technology is an appropriate alternative to today's silicon technology. The inherent features of this technology include very small dimensions, high speed and very low power consumption. Therefore, it can be used to design special memories that require high operating speed such as the content addressable memory. These types of memory are widely used in designing hardware systems, especially routers. In this type of memory, speedy operations are very necessary due to the large number of search and comparison errands. In this paper, we propose a structure for the content addressable memory in QCA that has a mask capability for comparison. The proposed structure consists of a memory cell, a comparator and a matching unit designed using Multiplexer and XNOR gate. The performance of the designed structure is studied by QCADesigner software. The result proves its effectiveness. The proposed structure has 11% improvement in cell number, 57% improvement in gate number and 5% improvement in area occupancy compared to the previous structure.

In today's critical situation, wireless sensor networks have attracted much attention as one of the newest communication technologies for use in passive defense applications. In this regard, the limited energy resources of these networks and consequently their limited network lifetime, is a serious problem in applying them for such critical applications. Recently with the advent of energy harvesting methods, it has become possible to overcome this problem. In this paper, a new cluster-based multipath routing protocol called R-DEARER is proposed for use in energy harvesting wireless sensor networks. In this protocol, inter-cluster routing is used to make possible the multi-hop communication between cluster heads and the sink. For this purpose, the cluster-heads send their collected data packets to relay cluster-heads that are near the sink and then the relay cluster-heads send packets to the sink. By using this method, the energy consumption of the cluster-head nodes will be reduced; therefore, the network lifetime and energy efficiency will be increased significantly. The performance of the proposed protocol is examined by analyzing and evaluating the numerical results. The results show that in terms of energy efficiency, packet delivery rate, and network outage probability, the proposed R-DEARER protocol performs better than the same method in which the communication from cluster-heads to the sink is single hop.

The use of web applications has become increasingly popular in our routine activities, such as reading the news, paying bills, and shopping on-line. As the availability of these services grows, we are witnessing an increase in the number and sophistication of attacks that target web applications. SQL injection attacks are a serious security threat to web applications in the cyberspace. SQL injection attacks allow attackers to gain unlimited access to a database that includes applications and potentially sensitive information. Although researchers and practitioners have proposed different methods to solve the SQL injection problem, current approaches either fail to solve the full scope of the problem or have limitations that prevent their use and adoption. This study is designed to provide a method for detecting and preventing SQL injection attacks at runtime, which can detect and continuously monitor the existing and new attacks. The proposed detection and prevention method by runtime monitoring and implementation of the decision tree classification on the SQL injection database, blocks existing SQL injection attacks and also detects new attacks using the database supervisor. In the end, the proposed method is compared with other methods for detecting and preventing existing SQL injection attacks, the results showing that the proposed method is significantly successful in detecting and preventing SQL injection attacks. Compared to the two methods explored in this article, the presented method increases the accuracy by 12% for one method and 16% for the other.

As nowadays the GPS navigation system has more usage in different areas, increasing its efficiency and accuracy has gained more importance. The transmitted signal travels a long distance from the satellites to reach the receivers on the ground, so its power fades. This faded signal can easily be affected by intentional noises, the so-called jamming, or unintentional noises. One of the most destructive kinds of jamming is the continuous wave (CW) jamming. The most favored method for countering this jamming is the notch filter. Therefore, in this paper, an adaptive notch filter (ANF) with a narrow response in proposed to reduce the effects of CW jamming. A kind of PSO evolutionary algorithm called the improved particle swarm optimization algorithm (IPSO) is used to adapt the filter’ s coefficients according to the power and frequency of the jamming signal. Evolutionary algorithms are used in problems without any straight forward answer, and that is why we chose this method for designing the filter. It also reduces the complexity of solving such mathematical problems. Finally, the efficiency of the proposed method is compared to other similar solutions, showing a significant improvement in the similarity of recovered signal to the original signal (up to 99%), as well as an increase in the number of observed satellites up to 6, and error reduction in determining the user coordinates which is the primary goal of the GPS system.

In recent years, the tendency for ransomware-based cyberattacks has increased dramatically. One of the defensive methods is the behavioral detection of the ransomware by system functions. Literature review and related studies and investigations in this field show that these researches are not optimum concerning the accuracy and speed of ransomware detection. Because all datasets used in these studies are limited in scope, they have shortcomings such as high false positive or false negative rates and even high indiscriminate rates. Another drawback of these schemes is the failure to expedite the debate on extortion ransom. Therefore, in this study, the first step is to generate an initial dataset with 126 attributes containing all types of ransomware families. Then, by performing 4-step experiments and tests and applying a feature selection algorithm, this initial set is processed and optimized and reduced to a dataset with 67 attributes without loss of detection precision. In the final step, by providing an optimal and so-called lightweight dataset, the best classification model for the detection of ransomware is obtained being capable of identifying ransomwares with an optimum precision rate of 95. 11 in 0. 21 seconds, a false positive rate of 0. 047 and a true positive rate of 0. 951 by using a random forest classification algorithm (using 10-part cross-validation method).

The ability to easily and quickly access information through radio frequency identification (RFID) systems has led to the ever-expanding use of this technology in a variety of usages such as tactical applications. This technology provides the conditions for better situational awareness in tactical environments or logistics. But, on the other hand, the process of identification in a scenario with different and numerous actors, faces the collision challenge. The collision of tags in RFID systems is inevitable, and it affects the performance of RFID systems, especially in environments with a large number of tags. In this report, a hybrid (of ALOHA and tree-based) anti-collision protocol is proposed. In the provided protocol, each frame and slot have prefixes, and in each slot, tags whose identities match the prefixes of the frame and the slot, send their responses to the reader. In this protocol, using the Manchester Coding method, the position of the collision bits is specified, and then collision tags are split into separate subgroups to reduce the collision rate in the identification process. The simulation results of this protocol indicate that compared to other benchmark protocols, the identification time and the bit number of transferred tags in the proposed method are lower, which improve its performance.

Block ciphers have the main role in the communication and information security and also electronic and cyber defense. A secure block cipher must be resistant against the known attacks, such as the differential cryptanalysis. Kim et al. presented seven block cipher constructions with provable security against differential cryptanalysis in 2008, which can be used to design the block ciphers. In this paper, for five of the seven mentioned block cipher constructions, the upper bounds on the probability of differential characteristics have been presented. This has been done using an automated differential cryptanalysis approach based on linear programming. This approach formally introduced by Mouha et al. in 2011, was used for the analysis of several block ciphers. Using the Mouha et al. ’ s approach, it is shown that the five-round differential characteristics of the constructions have the upper bound P4 which are approvable in comparison with the upper bounds of the differentials obtained by Kim et al. where p is the differential probability of the round function used in the constructions.

Consequences such as increasing computational load, increasing time complexity, inability or inefficiency to implement some algorithms and processes, along with the increasing volume of information and data, bring about almost an end to classical calculations. In recent decades, quantum computing has emerged as one of the promising new technologies to overcome the limitations of classical computing, and a new generation of computers and communication networks is being formed based on it. Digital signal processing is one of the areas that has tried to use the capabilities of quantum computing. In this regard, there are a few methods for representing audio signals in quantum form, which are either unable to display accurately a digital signal in quantum form or can't be used for single-channel or multi-channel audio signals. Therefore, a comprehensive and precise method is needed. Accordingly, in this paper, a comprehensive quantum representation of digital signals (CQRDS) is proposed, which can accurately display each digital audio signal in the quantum form. Besides, it can be used to represent a variety of single-channel or multi-channel audio signals. The proposed representation uses three entangled qubit sequences, including a 2's complement fractional sequence, to store the amplitude of the samples, and two quantum sequences in true form to store the channel information and the time information of the samples. Representation, preparation, retrieval, and compression of quantum audio signals are described by the proposed method of this paper. Also, a precise comparison between the capabilities and features of the proposed method with that of the existing methods is presented, indicating its comprehensiveness.

In this paper, a new numerical method for solving the fractional optimal control problem of the time delay is presented. The fractional integral and the fractional derivative are the Riemann-Liouville type and the Caputo type, respectively. In this method, the cardinal Hermite functions are used as a basis to approximate functions. Moreover, we obtain the fractional and delay integral operational matrices and use them to solve this optimal control problem. Using the collocation method, the problem leads to a system of algebraic equations, that is solved by Newton's iterative method. Finally, numerical examples are presented to investigate the efficiency of this method.

Preventing damage in cyberspace involves complex mechanisms such as threat, punishment, nonadmission, plight and norms. The purpose of this article is to clarify some of these conceptual terms and the policy of using deterrence theory in the cyber territory of the Islamic Republic of Iran. Formulation of an effective strategy in the cyber arena, requires a deeper recognition of the various dimensions of deterrence and prevention in cyber domains. Developing the base theory of deterrence against enemy cyber threats in the country's cyberspace requires accurate knowledge of the domain of defense and formulation of strategies based on the base theory of deterrence in cyberspace which has unfortunately been neglected. Our problem in this research is the lack of a codified theory to create deterrence in the country's cyberspace in face of cyber threats and, consequently, the recognition of deterrence requirements based on upstream documents and existing approaches such that in the face of enemy threats, the country's cyberspace stands firm and resistant with the ability to continue the required functions and at the same time retaliate enemy threats. Creating and using all possible human and technical cyber capabilities in order to be ready for adaptation (resilience) in variable and dynamic cyber conditions is an undeniable necessity that while sustaining resistance and sovereignty, it will maintain and increase national interests and goals. This issue should be considered as a fundamental and national value in the theory of deterrence. Considering the uncertainty of the cyberspace in addition to its dynamics and threats, and given the challenge of identifying the source of the threat, in order to prevent the failure of deterrence, the evolutionary theory is proposed which seems capable of obtaining desirable, preferable and sustainable strategies, and their constant updating and restoration. In this research, the strategic benefits of cyber deterrence (vision, macro goals, dominant basic values, principles, requirements in upstream documents) have been enumerated, based on the opinion of communication, information technology and passive defense experts in the academic and executive bodies, and finally gained the necessary approvals in expert assemblies.