Data Mining and Knowledge Engineering

Abstract

Cloud computing is a new computing paradigm that enables organizations and users to store data in a highly available space of different shared applications and services, instead of storing and managing their data on the company's local server. There are some challenges that face cloud users when they use cloud storage services like inability of accessing their data physically, so if the user doesn't know the Cloud Service Provider (CSP), malicious activity on untrusted servers can alter or destroy their data and applications. As a conclusion content auditing, must be a requirement, a scheduled check for data is done as a correction purpose and this method is called data integrity. This paper proposed a model that provides content auditing of cloud user data which can be personal data or web pages by periodically checks data integrity by using keyed hashing algorithms and check trustiness of Cloud Service Provider, finally ensure the fast recovery of data.

Keywords

Full Text

Abstract

Malware affects computing systems like cloud systems through its malicious actions towards confidentiality, availability, and integrity of system resources and services. Because of the deployment of Cloud Computing environment is increasingly common, and we are implicitly reliant on them for many services as it offers cost-saving service for Cloud user. So, it is important to take care of Cloud Security.

In this paper, we investigate a survey on malware types that may exploit Cloud Computing systems; in the next sections, different aspects of malware detection techniques and types are discussed and how these malware detection systems fit into the cloud computing system architecture. Finally, a comparison between malware detection sensors is provided through many points like modeling techniques, main components, scalability, open source availability, and a risk analysis for those detection systems.

Keywords

Full Text

Abstract

Personal computer or system security relies upon basic objectives, keeping unauthorized persons from accessing resources and guaranteeing that approved persons can get to the resources they require. The most fundamental type of client authentication, especially on the Web, is the password authentication protocol. This strategy constrains you to use username/password to get into client accounts or a resource on a private system, these methods have some disadvantages; password depends on user memory, and most people use default password which is vulnerable to attacks. Hence, security is totally based on confidentiality; i.e. the quality of the password utilized and this doesn't give a solid identity check. To overcome these problems, multi-factor authentication is used. A Method called OTP (One-Time password) is used for different authentication purposes and it works only for one login session on any computing device. The first system introduced to apply one-time password was the S/KEY system which was developed to authenticate the user to the UNIX-like operating system, in which users don't have to type a long password and at the same time accessing the system doesn't depend on a single username and password combination. Many systems have evolved to the S/KEY system as a development to the idea of One-time password technique, like HMAC-Based One-Time Password Algorithm (HOTP), Time-Based One-Time Password Algorithm (TOTP), OATH Challenge-Response Algorithm (OCRA) and Short Message Service (SMS) OTP. In this paper, we conducted a survey of these one-time password techniques and how OTP tokens are generated in each one.

This paper is divided into six sections; the first one is the introduction which presents simple password attack methodologies in the field of user authentication techniques and how OTP fits into this category, and classification of available used methods; section two is a literature review of OTP methods and algorithms; in section three, we list the possible OTP attacks that can face OTP methods on the internet; section four presents the history of OTP methods by priority of appearance in technology and usage; finally we end up the paper with the conclusion in section five, while section six contains the references of the articles used in this paper.

Keywords

Full Text

Abstract

Building a secure hash function from a symmetric key block cipher is a challenge. This hash function uses an RC6 modified version named BTS KHF (Basheer, Tarek, Salwa keyed hashing function) that produce a variable length hash. The use of hash functions is a crucial in cryptographic security applications for example it secures the integrity of users message on his device. Choosing a robust block cipher algorithm like RC6 is the aim to build a secure hash function. According to the security analysis of RC6 presented by its authors, this algorithm is highly resistant to linear and differential attacks.

This paper is divided into nine sections; the first section the introduction that talks about cryptography and its mathematical techniques, section two refers to the goals and services of the field of cryptography. Section three introduces the concepts of hash functions and its structure. Section four gives a brief introduction to block ciphers and their definition. Section five illustrates the BTS algorithm and how it enhanced the RC6 algorithm, in section six an implementation for BTSKHF (BTS Keyed hashing Function) is illustrated. Section seven the performance and analysis of the newly created algorithm is depicted to show comparisons with other algorithms; finally   the paper ended up with the conclusion in section eight, while section nine contains the references of the articles used in this paper.

Keywords

Full Text