# Information Security

54
What is information security?

Dear collegues. Your answer is highly appreciated. I think the points that you mentioned, have been prolific for me and many of RG members.

Information security - the state of preservation of information resources and protection of the legitimate rights of the individual and society in the information sphere. Information Security - is the process of ensuring the confidentiality, integrity and availability of information.

With kind regards, Shafagat

Information security

Safe-guarding an organization's data from unauthorized access or modification to ensure its availability, confidentiality, and integrity.

12
How to encrypt/decrypt a database using elliptic curve cryptography?
I want to know about process of encryption and decryption of a database by using elliptic curve cryptography.

The well-established way to public-key encrypt using elliptic curves is the ElGamal scheme, known as ECIES-KEM in standards. Just Google ECIES, you will find 4 different standards that specify it. It is trivial to implement once you have a scalar multiplication working.

5
Can we perform ARP poisoning in one subnet, say A while we are sitting in another subnet B. These subnets are connected to each other using a router.
I want to check whether we can launch ARP poisoning attack in a subnet without really sitting in that subnet. Can we do it from a subnet which is connected to that subnet using a router?

No my friend,
You just can not without (!) Vlan hopping
If u wanna learn how it could be done, search on google

"Trunk port spoofing with Yersinia"

Best regards,
Cem.

1
Hi, could someone please point me to a numerical example showing how Mantaras distance is used to compare two partitions?

As additional context, I am planning to use this metric in clustering evaluation to calculate the distance between two partitions (each one with a set of clusters). However, I am always getting a distance of 1 (regardless of the input clusters). This issue leads me to believe that I might be interpreting incorrectly a part of the equation: Dist(Pa,Pb) = 2 - (I(Pa) + I(Pb)/I(Pa ∩ Pb)). Unfortunately, all the references I have found only show the involved equations without a detailed example.

I am the person that proposed this distance. In my paper "A distance based attribute selection measure for decision tree induction" (Machine Learning Journal, Vol. 6,nº 1, pp. 81-92, 1991. you can find all the necessary information to understand correctly my distance. If you have any difficulties please contact me (mantaras@iiia.csic.es)

2
Has single/dual n-back training any lasting effects?

Does single or dual-n-back training have any lasting, transferable effects on other cognitive skills, apart from improving the performance in running the dual-n-back game? Some research studies indicate that it may have some effect for some people with some conditions (e.g. older people, people with dysphoria etc.), however larger meta-studies indicate no or very small effect in general as well as methodological problems in the underlying studies. The research therefore seems inconclusive.

What is your research experience with this? Are there any groups or conditions where such training has been shown to have transferable, lasting effects?

If you are reading in this area you have probably already found him, but I know from his work with ACT-R that Niels Taatgen has worked with N-back, cognitive modeling, and has a long interest in transfer.

16

Dear fellows,

I am conducting a study to explore students' perceived information security and privacy (IS&P) threats landscape. For this purpose I have designed a survey and uploaded it at the following link:

http://bit.ly/StudentsPerceivedThreats

The survey targets university students (undergraduate/postgraduate/PhD). It will take 15-20 minutes to fill in the survey.

It will be really appreciated if you could help me in getting response for this survey by:

1. filling in the survey and share with your friends, if you are a student
2. sharing it among your students, if you are a faculty member

The survey doesn't have any restriction, so ANY university student from ANY university from ANY where in the world can fill this survey.A large response set is crucial for this study.

Thanking in anticipation.

Best,
Ali Farooq
Doctoral Student
University of Turku, Finland

Thanks Lidia.

Indeed there is need to educate youngsters (teenagers especially) regarding security and privacy issues, social networks is one of them. Following article by our team provides Taxonomy of Information Security and Privacy Threats that our young adults (18-35 Students) are prone too. This paper also provide a Domain model to examine and classify different threats to the students:

https://www.researchgate.net/publication/283713938_A_Taxonomy_of_Perceived_Information_Security_and_Privacy_Threats_among_IT_Security_Students

Moreover, the survey for which I have sought your help is continuation of the same publication.

It would be great, if you could share the survey link among students from your university as well.

• Source
##### Conference Paper: A Taxonomy of Perceived Information Security and Privacy Threats among IT Security Students
[Hide abstract]
ABSTRACT: The purpose of this study is to explore students’ perceived information security and privacy (IS&P) threats and to classify them in a way that helps in analyzing the problem, creating awareness measures and further improving students’ IS&P education. Using a qualitative research approach, a group of forty two Master’s degree IT students identified seventy five IS&P threats related to them. The identified threats were classified into fourteen categories. Further, using the affinity diagraming technique, the categories were grouped into four domains - Personnel, Devices, Intranet and Internet. In this way, we present a taxonomy of students’ perceived IS&P threats as well as a model that highlights the domains where students consider themselves prone to IS&P threats. The proposed taxonomy and the domain model can be used as a benchmark for designing information security awareness assessment instruments and preparing information security awareness programs. The taxonomy can also be used for highlighting areas where students lack information security related knowledge.
Full-text · Conference Paper · Dec 2015
3
How can I use decode and forward with untrusted relay?

I am a new researcher and i am working on physical layer security. I find a problem but stuck in a solving this issue.

How can we use decode and forward protocol with untrusted relay, means we want to use it and also want to hide data from him.

I am searching for any physical layer security technique to solve this problem

@Peter: Beijing was a worthwhile trip. Nonetheless, I have not relaxed meanwhile and will publish an improved IM sifter soon.

8
I aim to design on-line IDS by using nsl-kDD data set. is there any way to extract the features of NSL-KDD from a real packet?
NSL-KDD features consist of 42 features, divided into three classes TCP header, domain and 2-Minette connection. The first type is extracted easily, but the last tow type i can't seem to get. Is there any tool, program language lib. C#.net or other that could be of help?
The feature is shown below.
10 hot no. of hot indicators
12 logged in (discrete)
13 number compromised no. of compromised conditions
14 root shell
15 su attempted
16 num root no. of root accesses
17 num file creations no. of file creation operations
18 num shells no. of shell prompts
19 num access files no. of operations on access control files
20 num outbound cmds no. of outbound commands in an ftp sessionc
21 is host login (if the login belongs to the hot List)
23 count no. of connections to the same host as the current connection in
24 srv count no. of connections to the same service as the current connection in the past two seconds
25 Serror rate % of connections that have SYN errors
26 srv Serror rate % of connections that have SYN errors
27 rerror rate % of connections that have REJ errors
28 srv rerror rate % of connections that have REJ errors
29 same srv rate % of connections to the same ser-vice
30 diff srv rate % of connections to different service
31 srv diff host rate
32 dst host count
33 dst host srv count

thanx my friend

10
Is there any systematic way to identify assets during threat modeling and risk analysis?

Identifying assets is the primary, and most critical step in threat modeling, because assets are essentially threat targets.
So, How we could determine that the list of assets is complete and be sure that we have not overlooked relevant assets?

In addition to the above great feedbacks, you should also take in consideration all dependencies(1st, 2nd, etc... Order Levels) that each asset leverages and how many assets may share common dependencies.

5
Are there any new Social Engineering detection techniques?
It seems that not much work - too little in fact, is being done to find solutions to detect SE attacks. I would appreciate any references to the latest SE detection techniques research.

Hi,

I have recently had a  journal paper approved for publication in ACM Computing Surveys titled "A taxonomy of attacks and survey of defence mechanisms for semantic social engineering attacks".

The taxonomy proposed  provides a generic, linear classification structure for technically classifying any semantic attack. It is designed to inform developers/researchers of the key technical concepts that should be considered when implementing SE defence mechanisms. The paper also includes a literature on current defenses mechanisms for semantic attacks, contrasting the threat landscape and the associated mitigation techniques in a single comparative matrix.

For the pre-publication copy of the journal paper please see:

http://staffweb.cms.gre.ac.uk/~lg47/publications/HeartfieldLoukasCSUR2015.pdf

I expect it to be available in ACM CSUR early next year. I hope it helps!

12
What are the encryption schemes used in SMS?

I would like to know about the encryption systems used in SMS coding (both for the purpose of transmission data security) in mobile modern phones.

1- SMS does not encrypt in GSM .

Related to key management in GSM, this is why they using from IV.

5
What are the main parameters used to measure the strength of an information security algorithm?
To compare different techniques/algorithm what parameters are used and how can they be implemented in matlab.

for signals processing

Imperceptibilty
Amplification
Low pass filtering
Requantization
Re-sampling
Compression

__________________________________

another aspects parameters

MSE
RMSE
UIQI
SNR
MAE
PSNR
MD
NAE

13
Do we need Information Security Theory?
Any thoughts about the need for and possibility of creating a complete IS Theory as a basic science?

I would like to add we should ensure also availability, confidentiality, autenticity, non-repudiation etc. All these qualities of information and IT infrastructure assets are very important, not only integrity.

2
What are the dangers and benefits of "mass" surveillance systems and data profiling?
I would like to know the impact on both sides: people's privacy and government security.

Hi Oussama,

In terms of mass surveillance, use of metadata and the security versus privacy implications, have a look at the following papers. All are very recent and offer some insight into the dangers and benefits of mass surveillance and big data.

Lyon, D. (2014). Surveillance, snowden, and big data: capacities, consequences, critique. Big Data & Society, 1(2), 2053951714541861.

Schneier, B. (2014). Metadata= Surveillance. IEEE Security & Privacy, (2), 84-84.

Miller, K. (2014). Total Surveillance, Big Data, and Predictive Crime Technology: Privacy's Perfect Storm. J. Tech. L. & Pol'y, 19, 105.

9
How can I process data loss when applying steganography using DCT?

when hide some bits of secret message in DCT coefficients ,we note some lossy in extracting message(sorry for bad English)

Gusharanjeet Singh Kalra is right in his explanation

7
What is penetration testing? How it is implemented in information security?
I need information on penetration testing to find out the vulnerabilities in the network.

The action is to find security holes in a company or an organization to protect and secure sensitive information

3
Is there any way to perform manual assocation of random MAC addresses with the access point in a wireless environment?

I wanted to know if an attacker can do manual associations of random MAC addresses with the access point.

Can it be done in case of WPA2 encrypted networks too, i mean the complete four way handshaking involved during authentication?

It depends what type of authentication you are doing.

If you do "open authentication", it is possible for any attacker to fake a MAC address.

If you do "shared-key authentication", then it becomes more difficult because authentication is done using the pre-shared secret key, rather than a MAC address.

Bear in mind that if your wireless network uses DHCP, it is very likely that you will need to have an additional authentication layer to stop DHCP from giving out IP address automatically.

11
What steps should be considered before implementing ISMS in an organization?

Hey all

I am providing the scope of ISMS for an organization who has contract with us. We are going to test the feasibility before implementing ISMS. Does anyone have any idea about such an issue?

Thank you so much.

We have now released a set of resources from the PRECYSE EU project that are useful for implementing an Information Security Management System:

I have released a course on using the Verinice ISMS:

The YouTube playlist "PRECYSE Verinice Course" with screencast videos is here:

The arftoverinice import filter for importing OpenVAS scans into Verinice is here:
https://sourceforge.net/projects/arftoverinice/

The Magerit control catalogue and OCIL test suite is here:
https://sourceforge.net/projects/mageritcc/

7
How can we authenticate a remote program?

Suppose we have a set of API hosted on a local server. I only want legal remote programs to invoke those APIs. If the remote program is, let's say the original program that I uploaded to the remote machine, then I allow the invoke. If the remote program is a version tampered by the attacker, then I disallow it. How can I bind the program's identity to the function invocation to determine whether the remote program is not tampered?

Remote attestation based on trusted computing supports detecting changes of the remote software.

3
What is the most appropriate classification method to classify qualitative parameters of bank's risk (i.e. reputation, legal and compliance) ?

Regarding to Basel II Pillar 2, they spelled out that bank should notice other inherent risk such as compliance, reputation, legal and strategic risk. These are qualitative (as far as I know, except there is a way to quantify them).

I was thinking about Fuzzy Inference System, but looking at the high dynamic economic condition, this method is no longer applicable or not proper enough to cover the possibilities.

Regards.

47
Do you support Tom Leinster's call not to help intelligence services through mathematics?
"Intelligence agencies hire lots of mathematicians, but would-be employees must realise that their work is misused to snoop on everyone, says Tom Leinster"

New Scientist has published an article recently, where Tom Leinster asks mathematicians to stay away from supporting NSA, CIA, GCHQ, (former) KGB and all the other organizations that spy on us. I even don't know the name of their Chinese colleagues' organization.

What are your thoughts on this?

I recommend the 2014 documentary film (can be freely seen on the internet) : Citizenfour ; it shows the behind the scene of the Edward Snowden and the NSA spying scandal.  It was shot during the events. It  won the Academy Award for Best Documentary Feature at the 2015 Oscars.

15
Can anyone help me to find research in using encryption algorithms to secure Peer to peer network?

I try to find some research papers for securing Peer to peer network,

Thanks

You can have a look to the following publication. This is a particular case about certification, but you may find useful ideas.

• Source
##### Conference Paper: A Scalable Architecture for Highly Reliable Certification
[Hide abstract]
ABSTRACT: Building a certification authority (CA) that is both decentralized and fully reliable is impossible. However, the limitation thus imposed on scalability is unacceptable for many types of information systems, such as e-government services. This paper proposes a solution to build a highly reliable CA, based on a DHT and a dedicated protocol ensuring a very low probability of arbitrary failure. Thus, in practice, false positives should never occur.
Full-text · Conference Paper · Jul 2013
2
How can I simulate SLA based Information Security metrics for Cloud Computing?

I have made SLA based Information Security Metrics for Cloud Computing and desired to simulate on any simulator..

Would you please suggest me appropriate simulator and the way to simulate it

Thanks Hamza Kheddar, It is really a good material for initial study.....

I installed CloudSim and now working on this.... if you have any other material relates to my request then please send and oblige.

Regards

16
Which Information Security framework / standard/certification/guide is best for cloud organizations to maintain their security?
There are several Information Security frameworks, standards, certifications and guides to maintain security in an organization.
Would you share which one is best for said purpose?

Thanks Vito for your appreciation and Acknowledge. It is Book not paper. I will find out ISO 27001:20013 on internet :)

Warm Regards

9
How to provide better security in our online communication?
If it is on internet it is not private!!!

by using the state of the arts cryptographic methods like post quantum cryptography

2
Is there any article which discussed case study / application of privacy in distributed data mining?

I want to know about real case study of privacy threat cause of association rule mining (Distributed or centralized database).

Hi,

https://www.cs.utexas.edu/~yzhang/papers/mining-ccr06.pdf

http://www.ijcaonline.org/archives/volume76/number8/13271-0800

http://arxiv.org/ftp/arxiv/papers/1004/1004.4477.pdf

Hope it helps...

7
Can anyone help me with main principles and models usually used for visualization of information security events and incidents?
For information security managers in SIEM systems

Look at the start-ups that showed their products at CyberTech2014 as an example (https://www.cybertechisrael.com/)  - there you have both common and innovative methods.

Is it real-time monitoring or is it to reconstruct an event chain?

Should it be used for informed decision making? Purpose ?

Real-time monitoring then the process views etc. in ITIL CORBIT may be to complicated. Often different gauge meters dashboards, network views are used, which do not provide with insightin whats happening (compare to balanced score card dashboards or lean dashboards...)  In a reconstruction analysis phase ITIL, CORBIT or rather the business process view will add value for visualization.

4
Does anyone know of a simulator that supports implementing cryptography algorithms in the cloud?
I’m conducting a research on cloud computing security. I need a cloud computing simulator that supports implementation of cryptography algorithms. Please advise me which simulator to use.
Thank you

I would like to implement ECC algorithm in for securing files in CLoud.. Wat kind of implementation i can do...

3
Is this statement correct: "Mobile devices such as laptops, mobile phones, USB memories, and PDAs do not posses tamper-resistant characteristics"?

The problem is that most of authentication methods that use smart card in authentication procedures, are vulnerable against theft. Is it correct?

Ref: "Cryptanalysis and Improvement of “An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems” (Khan and Kumari, 2014)

Dear Muhamed,