THE ISC INTERNATIONAL JOURNAL OF INFORMATION SECURITY
Year:2020 | Volume:12 | Issue:1|Papers Count:6

In this study, we propose a secure communication scheme based on the synchronization of two identical fractional-order chaotic systems. The fractional-order derivative is in Caputo sense, and for synchronization, we use a robust sliding-mode control scheme. The designed sliding surface is taken simply due to using special technic for fractional-order systems. Also, unlike most manuscripts, the fractional-order derivatives of state variables can be chosen differently. The stability of the error system is proved using the Lyapunov stability of fractional-order systems. Numerical simulations illustrate the ability and effectiveness of the proposed method. Moreover, synchronization results are applied to secure communication using the masking method. The security analysis demonstrates that the introduced algorithm has a large keyspace, high sensitivity to encryption keys, higher security, and the acceptable performance speed.

Cube Attack is a successful case of Algebraic Attack. Cube Attack consists of two phases, linear equation extraction and solving the extracted equation system. Due to the high complexity of the equation extraction phase in finding linear equations, we can extract nonlinear ones that could be approximated to linear equations with high probability. The probabilistic equations could be considered as linear ones under some noises. Existing approaches to solving noisy equation systems work well provided that the equation system has a low error rate; however, as the error rate increases, the success rate of finding the exact solution diminishes, making them rather inefficient in high error rate. In this paper, we extend Cube Attack to probabilistic equations. First, an approximation approach based on linear combinations of nonlinear equations is presented to find probabilistic linear equations with high probability. Then, we present an approach to improve the efficiency of current solving approaches and make them practical to solve a high error rate linear equation system. Finally, utilizing proposed approaches, we find the right key under an extended noisy equation system with lower complexity in comparison to the original Cube Attack.

In this paper, we present some attacks on GAGE, InGAGE, and CiliPadi, which are candidates of the first round of the NIST-LWC competition. GAGE and InGAGE are lightweight sponge based hash function and Authenticated Encryption with Associated Data (AEAD), respectively, and support different sets of parameters. The length of hash, key, and tag are always 256, 128, and 128 bits, respectively. We show that the security bounds for some variants of its hash and AEAD are less than the designers’ claims. For example, the designers’ security claim of the preimage attack for a hash function when the rate is 128 bits, and the capacity is 256 bits, is 2256. However, we show that the security of preimage for this parameter set is 2128. Also, the designer claimed security of confidentiality for an AEAD, when the rate is 8 bits, and the capacity is 224 bits, is 2116. However, we show the security of confidentiality for it is 2112. We also investigate the structure of the permutation used in InGAGE and present an attack to recover the key for reduced rounds of a variant of InGAGE. In an instance of AEAD of InGAGE, when the rate is 8 bits and the capacity is 224 bits, we recover the key when the number of the composition of the main permutation with itself, i. e., r1, is less than 8. We also show that CiliPadi is vulnerable to the length extension attack by presenting concrete examples of forged messages.

In the network steganography methods based on packet length, the length of the packets is used as a carrier for exchanging secret messages. Existing methods in this area are vulnerable to detections due to abnormal network traffic behaviors. The main goal of this paper is to propose a method which has great resistance to network traffic detections. In the first proposed method, the sender embeds a bit of data in each pair that includes two non-identical packet lengths. In the current situation, if the first packet length of the pair is larger than the second one, it shows a ‘ 1’ bit, and otherwise, it shows a ‘ 0’ bit. If the intended bit of the sender is in conflict with the current status, he/she will create the desired status by swapping the packet lengths. In this method, the paired packets can be selected freely, but in the second proposed method, the packets are divided into buckets, and only packets within a single bucket can be paired together. In this case, the embedding method is similar to the previous one. The results show that the second method, despite having low embedding capacity, will be more secure in real traffic compared to the other methods. Since the packet lengths of UDP protocol are more random in comparison to TCP, the proposed methods have higher embedding capacity, and they are more secure for UDP-based packets. However, these methods are only applicable to the protocols in which the packet length has not a constant value.

Privacy issues during data publishing is an increasing concern of involved entities. The problem is addressed in the field of statistical disclosure control with the aim of producing protected datasets that are also useful for interested end users such as government agencies and research communities. The problem of producing useful protected datasets is addressed in multiple computational privacy models such as k-anonymity in which data is clustered into groups of at least k members. Microaggregation is a mechanism to realize k-anonymity. The objective is to assign records of a dataset to clusters and replace the original values with their associated cluster centers which are the average of assigned values to minimize information loss in terms of the sum of within group squared errors (SSE). While the problem is shown to be NP-hard in general, there is an optimal polynomial-time algorithm for univariate datasets. This paper shows that the assignment of the univariate microaggregation algorithm cannot produce optimal partitions for integer observations where the computed centroids have to be integer values. In other words, the integrality constraint on published quantities has to be addressed within the algorithm steps and the optimal partition cannot be attained using only the results of the general solution. Then, an effective method that considers the constraint is proposed and analyzed which can handle very large numerical volumes. Experimental evaluations confirm that the developed algorithm not only produces more useful datasets but also is more efficient in comparison with the general optimal univariate algorithm.

Today, most activities and important data are placed on Internet websites, so attempts to intrude into these websites have grown exponentially. Intrusion detection systems (IDS) of web attacks are an approach to protect users. But, these systems are suffering from such drawbacks as low accuracy in detecting new attacks. To tackle this problem, various machine learning methods have been developed in recent years. Since attack requests differ from normal requests slightly, these anomaly detection methods have failed to exhibit good accuracy in new attack detection. In web requests and responses, a great deal of interconnected data is usually moved, and anomaly detection attempts need to consider all these connections, but this is a very complicated task. Thus, some research works on attack detection are confined to the analysis of just URL and a part of the request. This paper presents a new method for web attack detection using seq2seq networks using attention. The method is shown to successfully classify the traffic by predicting the possible responses and calculating differences from real responses of the webserver. The higher accuracy of this method versus similar methods shows that the use of the attention mechanism can cope with the challenge of analyzing long web requests and responses to a great extent. The proposed model exhibited a high result in terms of the specificity criterion when it came to such attacks as SQL Injection and XSS whose success highly depends on the server’ s response. This can be attributed to the inclusion of the link between the request and response in identifying web attacks in the proposed method.