An Improved LSTM-PCA Ensemble Classifier for SQL Injection and XSS Attack Detection

The Repository Mahasiswa(RAMA)is a national repository of research reports in the form of final assignments,student projects,theses,dissertations,and research reports of lecturers or researchers that have not yet been published in journals,conferences,or integrated books from the scientific repository of universities and research institutes in Indonesia.The increasing popularity of the RAMA Repository leads to security issues,including the two most widespread,vulnerable attacks i.e.,Structured Query Language(SQL)injection and cross-site scripting(XSS)attacks.An attacker gaining access to data and performing unauthorized data modifications is extremely dangerous.This paper aims to provide an attack detection system for securing the repository portal from the abovementioned attacks.The proposed system combines a Long Short–Term Memory and Principal Component Analysis(LSTM-PCA)model as a classifier.This model can effectively solve the vanishing gradient problem caused by excessive positive samples.The experiment results show that the proposed system achieves an accuracy of 96.85%using an 80%:20%ratio of training data and testing data.The rationale for this best achievement is that the LSTM’s Forget Gate works very well as the PCA supplies only selected features that are significantly relevant to the attacks’patterns.The Forget Gate in LSTM is responsible for deciding which information should be kept for computing the cell state and which one is not relevant and can be discarded.In addition,the LSTM’s Input Gate assists in finding out crucial information and stores specific relevant data in the memory.

Efficient-Cost Task Offloading Scheme in Fog-Internet of Vehicle Networks

Fog computing became a traditional OffLad Destination(OLD)to compute the offloaded tasks of the Internet of Vehicles(IoV).Nevertheless,the limited computing resources of the fog node leads to re-offload these tasks to the neighboring fog nodes or the cloud.Thus,the IoV will incur additional offloading costs.In this paper,we propose a new offloading scheme by utilizing RoadSide Parked Vehicles(RSPV)as an alternative OLD for IoV.The idle computing resources of the RSPVs can compute large tasks with low offloading costs compared with fog nodes and the cloud.Finally,a performance evaluation of the proposed scheme has been presented and discussed with other benchmark offloading schemes.

An Efficient Lightweight Authentication and Key Agreement Protocol for Patient Privacy

Tele-medical information system provides an efficient and convenient way to connect patients at home with medical personnel in clinical centers.In this system,service providers consider user authentication as a critical requirement.To address this crucial requirement,various types of validation and key agreement protocols have been employed.The main problem with the two-way authentication of patients and medical servers is not built with thorough and comprehensive analysis that makes the protocol design yet has flaws.This paper analyzes carefully all aspects of security requirements including the perfect forward secrecy in order to develop an efficient and robust lightweight authentication and key agreement protocol.The secureness of the proposed protocol undergoes an informal analysis,whose findings show that different security features are provided,including perfect forward secrecy and a resistance to DoS attacks.Furthermore,it is simulated and formally analyzed using Scyther tool.Simulation results indicate the protocol’s robustness,both in perfect forward security and against various attacks.In addition,the proposed protocol was compared with those of other related protocols in term of time complexity and communication cost.The time complexity of the proposed protocol only involves time of performing a hash function Th,i.e.,:O(12Th).Average time required for executing the authentication is 0.006 seconds;with number of bit exchange is 704,both values are the lowest among the other protocols.The results of the comparison point to a superior performance by the proposed protocol.

Robust Authentication and Session Key Agreement Protocol for Satellite Communications

Satellite networks are recognized as the most essential communication infrastructures in the world today,which complement land networks and provide valuable services for their users.Extensive coverage and service stability of these networks have increased their popularity.Since eavesdropping and active intrusion in satellite communications are much easier than in terrestrial networks,securing satellite communications is vital.So far,several protocols have been proposed for authentication and key exchange of satellite communications,but none of them fullymeet the security requirements.In this paper,we examine one of these protocols and identify its security vulnerabilities.Moreover,we propose a robust and secure authentication and session key agreement protocol using the elliptic curve cryptography(ECC).We show that the proposed protocol meets common security requirements and is resistant to known security attacks.Moreover,we prove that the proposed scheme satisfies the security features using the Automated Validation of Internet Security Protocols and Applications(AVISPA)formal verification tool and On-the fly Model-Checker(OFMC)and ATtack SEarcher(ATSE)model checkers.We have also proved the security of the session key exchange of our protocol using theReal orRandom(RoR)model.Finally,the comparison of our scheme with similar methods shows its superiority.

Kernel Search-Framework for Dynamic Controller Placement in Software-Defined Network

In software-defined networking(SDN)networks,unlike traditional networks,the control plane is located separately in a device or program.One of the most critical problems in these networks is a controller placement problem,which has a significant impact on the network’s overall performance.This paper attempts to provide a solution to this problem aiming to reduce the operational cost of the network and improve their survivability and load balancing.The researchers have proposed a suitable framework called kernel search introducing integer programming formulations to address the controller placement problem.It demonstrates through careful computational studies that the formulations can design networks with much less installation cost while accepting a general connected topology among controllers and user-defined survivability parameters.The researchers used the proposed framework on six different topologies then analyzed and compared with Iterated Local Search(ILS)and Expansion model for the controller placement problem(EMCPP)along with considering several evaluation criteria.The results show that the proposed framework outperforms the ILS and EMCPP.Thus,the proposed framework has a 38.53%and 38.02%improvement in reducing network implementation costs than EMCPP and ILS,respectively.

User Behavior Traffic Analysis Using a Simplified Memory-Prediction Framework

As nearly half of the incidents in enterprise security have been triggered by insiders,it is important to deploy a more intelligent defense system to assist enterprises in pinpointing and resolving the incidents caused by insiders or malicious software(malware)in real-time.Failing to do so may cause a serious loss of reputation as well as business.At the same time,modern network traffic has dynamic patterns,high complexity,and large volumes that make it more difficult to detect malware early.The ability to learn tasks sequentially is crucial to the development of artificial intelligence.Existing neurogenetic computation models with deep-learning techniques are able to detect complex patterns;however,the models have limitations,including catastrophic forgetfulness,and require intensive computational resources.As defense systems using deep-learning models require more time to learn new traffic patterns,they cannot perform fully online(on-the-fly)learning.Hence,an intelligent attack/malware detection system with on-the-fly learning capability is required.For this paper,a memory-prediction framework was adopted,and a simplified single cell assembled sequential hierarchical memory(s.SCASHM)model instead of the hierarchical temporal memory(HTM)model is proposed to speed up learning convergence to achieve onthe-fly learning.The s.SCASHM consists of a Single Neuronal Cell(SNC)model and a simplified Sequential Hierarchical Superset(SHS)platform.The s.SCASHMis implemented as the prediction engine of a user behavior analysis tool to detect insider attacks/anomalies.The experimental results show that the proposed memory model can predict users’traffic behavior with accuracy level ranging from 72%to 83%while performing on-the-fly learning.

Binary Image Reconstruction Based on Prescribed Numerical Information

The problem of reconstruction of a binary image in the field of discrete tomography is a classic instance of seeking solution applying mathematical techniques. Here two such binary image reconstruction problems are considered given some numerical information on the image. Algorithms are developed for solving these problems and correctness of the algorithms are discussed.