MoBShield:A Novel XML Approach for Securing Mobile Banking

Mobile banking security has witnessed significant R&D attention from both financial institutions and academia.This is due to the growing number of mobile baking applications and their reachability and usefulness to society.However,these applications are also attractive prey for cybercriminals,who use a variety of malware to steal personal banking information.Related literature in mobile banking security requiresmany permissions that are not necessary for the application’s intended security functionality.In this context,this paper presents a novel efficient permission identification approach for securing mobile banking(MoBShield)to detect and prevent malware.A permission-based dataset is generated for mobile banking malware detection that consists large number of malicious adware apps and benign apps to use as training datasets.The dataset is generated from 1650 malicious banking apps of the Canadian Institute of Cybersecurity,University of New Brunswick and benign apps from Google Play.A machine learning algorithm is used to determine whether amobile banking application ismalicious based on its permission requests.Further,an eXplainable machine learning(XML)approach is developed to improve trust by explaining the reasoning behind the algorithm’s behaviour.Performance evaluation tests that the approach can effectively and practically identify mobile banking malware with high precision and reduced false positives.Specifically,the adapted artificial neural networks(ANN),convolutional neural networks(CNN)and XML approaches achieve a higher accuracy of 99.7%and the adapted deep neural networks(DNN)approach achieves 99.6%accuracy in comparison with the state-of-the-art approaches.These promising results position the proposed approach as a potential tool for real-world scenarios,offering a robustmeans of identifying and thwarting malware inmobile-based banking applications.Consequently,MoBShield has the potential to significantly enhance the security and trustworthiness of mobile banking platforms,mitigating the risks posed by cyber threats and ensuring a safer user experience.

Securing the Internet of Health Things with Certificateless Anonymous Authentication Scheme

Internet of Health Things(IoHT)is a subset of Internet of Things(IoT)technology that includes interconnected medical devices and sensors used in medical and healthcare information systems.However,IoHT is susceptible to cybersecurity threats due to its reliance on low-power biomedical devices and the use of open wireless channels for communication.In this article,we intend to address this shortcoming,and as a result,we propose a new scheme called,the certificateless anonymous authentication(CAA)scheme.The proposed scheme is based on hyperelliptic curve cryptography(HECC),an enhanced variant of elliptic curve cryptography(ECC)that employs a smaller key size of 80 bits as compared to 160 bits.The proposed scheme is secure against various attacks in both formal and informal security analyses.The formal study makes use of the Real-or-Random(ROR)model.A thorough comparative study of the proposed scheme is conducted for the security and efficiency of the proposed scheme with the relevant existing schemes.The results demonstrate that the proposed scheme not only ensures high security for health-related data but also increases efficiency.The proposed scheme’s computation cost is 2.88 ms,and the communication cost is 1440 bits,which shows its better efficiency compared to its counterpart schemes.

CeTrivium:A Stream Cipher Based on Cellular Automata for Securing Real-Time Multimedia Transmission

Due to their significant correlation and redundancy,conventional block cipher cryptosystems are not efficient in encryptingmultimedia data.Streamciphers based onCellularAutomata(CA)can provide amore effective solution.The CA have recently gained recognition as a robust cryptographic primitive,being used as pseudorandom number generators in hash functions,block ciphers and stream ciphers.CA have the ability to perform parallel transformations,resulting in high throughput performance.Additionally,they exhibit a natural tendency to resist fault attacks.Few stream cipher schemes based on CA have been proposed in the literature.Though,their encryption/decryption throughput is relatively low,which makes them unsuitable formultimedia communication.Trivium and Grain are efficient stream ciphers that were selected as finalists in the eSTREAM project,but they have proven to be vulnerable to differential fault attacks.This work introduces a novel and scalable stream cipher named CeTrivium,whose design is based on CA.CeTrivium is a 5-neighborhood CA-based streamcipher inspired by the designs of Trivium and Grain.It is constructed using three building blocks:the Trivium(Tr)block,the Nonlinear-CA(NCA)block,and the Nonlinear Mixing(NM)block.The NCA block is a 64-bit nonlinear hybrid 5-neighborhood CA,while the Tr block has the same structure as the Trivium stream cipher.The NM block is a nonlinear,balanced,and reversible Boolean function that mixes the outputs of the Tr and NCA blocks to produce a keystream.Cryptanalysis of CeTrivium has indicated that it can resist various attacks,including correlation,algebraic,fault,cube,Meier and Staffelbach,and side channel attacks.Moreover,the scheme is evaluated using histogramand spectrogramanalysis,aswell as several differentmeasurements,including the correlation coefficient,number of samples change rate,signal-to-noise ratio,entropy,and peak signal-to-noise ratio.The performance of CeTrivium is evaluated and compared with other state-of-the-art techniques.CeTrivium outperforms them in terms of encryption throughput while maintaining high security.CeTrivium has high encryption and decryption speeds,is scalable,and resists various attacks,making it suitable for multimedia communication.

Analyzing the Impact of Blockchain Models for Securing Intelligent Logistics through Unified Computational Techniques

Blockchain technology has revolutionized conventional trade.The success of blockchain can be attributed to its distributed ledger characteristic,which secures every record inside the ledger using cryptography rules,making it more reliable,secure,and tamper-proof.This is evident by the significant impact that the use of this technology has had on people connected to digital spaces in the present-day context.Furthermore,it has been proven that blockchain technology is evolving from new perspectives and that it provides an effective mechanism for the intelligent transportation system infrastructure.To realize the full potential of the accurate and efficacious use of blockchain in the transportation sector,it is essential to understand the most effective mechanisms of this technology and identify the most useful one.As a result,the present work offers a priority-based methodology that would be a useful reference for security experts in managing blockchain technology and its models.The study uses the hesitant fuzzy analytical hierarchy process for prioritizing the different blockchain models.Based on the findings of actual performance,alternative solution A1 which is Private Blockchain model has an extremely high level of security satisfaction.The accuracy of the results has been tested using the hesitant fuzzy technique for order of preference by similarity to the ideal solution procedure.The study also uses guidelines from security researchers working in this domain.

Randomized MILP framework for Securing Virtual Machines from Malware Attacks

Cloud computing involves remote server deployments with public net-work infrastructures that allow clients to access computational resources.Virtual Machines(VMs)are supplied on requests and launched without interactions from service providers.Intruders can target these servers and establish malicious con-nections on VMs for carrying out attacks on other clustered VMs.The existing system has issues with execution time and false-positive rates.Hence,the overall system performance is degraded considerably.The proposed approach is designed to eliminate Cross-VM side attacks and VM escape and hide the server’s position so that the opponent cannot track the target server beyond a certain point.Every request is passed from source to destination via one broadcast domain to confuse the opponent and avoid them from tracking the server’s position.Allocation of SECURITY Resources accepts a safety game in a simple format as input andfinds the best coverage vector for the opponent using a Stackelberg Equilibrium(SSE)technique.A Mixed Integer Linear Programming(MILP)framework is used in the algorithm.The VM challenge is reduced by afirewall-based controlling mechanism combining behavior-based detection and signature-based virus detection.The pro-posed method is focused on detecting malware attacks effectively and providing better security for the VMs.Finally,the experimental results indicate that the pro-posed security method is efficient.It consumes minimum execution time,better false positive rate,accuracy,and memory usage than the conventional approach.

A Framework for Securing Saudi Arabian Hospital Industry: Vision-2030 Perspective

Recent transformation of Saudi Arabian healthcare sector into a reven-ue producing one has signaled several advancements in healthcare in the country.Transforming healthcare management into Smart hospital systems is one of them.Secure hospital management systems which are breach-proof only can be termed as effective smart hospital systems.Given the perspective of Saudi Vision-2030,many practitioners are trying to achieve a cost-effective hospital management sys-tem by using smart ideas.In this row,the proposed framework posits the main objectives for creating smart hospital management systems that can only be acknowledged by managing the security of healthcare data and medical practices.Further,the proposed framework will also be helpful in gaining satisfactory rev-enue from the healthcare sector by reducing the cost and time involved in mana-ging the smart hospital system.The framework is based on a hybrid approach of three key methods which include:employing the Internet of Medical Things(IoMT)and blockchain methodologies for maintaining the security and privacy of healthcare data and medical practices,and using big data analytics methodol-ogy for raising the funds and revenue by managing the bulk volume of healthcare data.Moreover,the framework will also be helpful for both the patients and the doctors,thus enabling the Kingdom of Saudi Arabia(KSA)to meet its goals of Vision-2030 by ensuring low cost,yet credible,healthcare services.

Securing Healthcare Data in IoMT Network Using Enhanced Chaos Based Substitution and Diffusion

Patient privacy and data protection have been crucial concerns in Ehealthcare systems for many years.In modern-day applications,patient data usually holds clinical imagery,records,and other medical details.Lately,the Internet of Medical Things(IoMT),equipped with cloud computing,has come out to be a beneficial paradigm in the healthcare field.However,the openness of networks and systems leads to security threats and illegal access.Therefore,reliable,fast,and robust security methods need to be developed to ensure the safe exchange of healthcare data generated from various image sensing and other IoMT-driven devices in the IoMT network.This paper presents an image protection scheme for healthcare applications to protect patients’medical image data exchanged in IoMT networks.The proposed security scheme depends on an enhanced 2D discrete chaotic map and allows dynamic substitution based on an optimized highly-nonlinear S-box and diffusion to gain an excellent security performance.The optimized S-box has an excellent nonlinearity score of 112.The new image protection scheme is efficient enough to exhibit correlation values less than 0.0022,entropy values higher than 7.999,and NPCR values around 99.6%.To reveal the efficacy of the scheme,several comparison studies are presented.These comparison studies reveal that the novel protection scheme is robust,efficient,and capable of securing healthcare imagery in IoMT systems.

Securing User Authentication with Server-Side Voice Verification

User authentication is critical to the security of any information system. The traditional text-based passwords and even biometric systems based on face and fingerprint validation suffer from various drawbacks. Voice-based authentication systems have emerged as an effective alternative method. Within the user authentication systems, the server-side voice authentication systems added advantages. The purpose of this paper is to present an innovative approach to the use of voice verification for user authentication. This paper describes a new framework for the implementation of server-side voice authentication, ensuring that only the users who are authenticated and validated can access the system. In addition to providing enhanced security and a more pleasant user experience, this technology has potential applications in a wide range of fields.

Securing Stock Transactions Using Blockchain Technology: Architecture for Identifying and Reducing Vulnerabilities Linked to the Web Applications Used (MAHV-BC)

This paper deals with the security of stock market transactions within financial markets, particularly that of the West African Economic and Monetary Union (UEMOA). The confidentiality and integrity of sensitive data in the stock market being crucial, the implementation of robust systems which guarantee trust between the different actors is essential. We therefore proposed, after analyzing the limits of several security approaches in the literature, an architecture based on blockchain technology making it possible to both identify and reduce the vulnerabilities linked to the design, implementation work or the use of web applications used for transactions. Our proposal makes it possible, thanks to two-factor authentication via the Blockchain, to strengthen the security of investors’ accounts and the automated recording of transactions in the Blockchain while guaranteeing the integrity of stock market operations. It also provides an application vulnerability report. To validate our approach, we compared our results to those of three other security tools, at the level of different metrics. Our approach achieved the best performance in each case.

Securing a Nation

CHINA has tightened up its national security by adopting a new wide-ranging law effective July 1. The law was passed with overwhelming support from the deputies of the National People＇s Con- gress （NPC）, the country＇s top legislature, whose Standing Committee voted 154 in favor, no votes against and one abstention.

Securing Multicast Route Discovery for Mobile Ad Hoc Networks

This paper presents SMRAN, a novel securing multicast route discovery scheme for mobile ad hoc networks. The scheme relies entirely on hash chains based one-time signature mechanism, HORSEI, with very efficient signing and verifying, and we do this by improving the HORSE protocol through the introduction of intermediate hash joints. The main purpose of SMRAN is to provide source authentication for multicast routing discovery messages in mobile ad hoc networks. SMRAN will construct multicast tree with authentication constrains in ad hoc networks. The performance measure of SMRAN is evaluated using simulator NS2. The results represent that SMRAN produces less end-to-end packet latency than public key based secure routing scheme, and it is a feasible approach to securing multicast routing for mobile ad hoc networks.

Joint Trajectory and Power Optimization for Securing UAV Communications Against Active Eavesdropping

Due to both of jamming and eavesdropping,active eavesdroppers can induce more serious security threats to unmanned aerial vehicle(UAV)-enabled communications.This paper considers a secure UAV communication system including both the downlink(DL)and uplink(UL)transmissions,where the confidential information is transmitted between a UAV and a ground node in the presence of an active eavesdropper.We aim to maximize the average secrecy rates of the DL and UL communications,respectively,by jointly optimizing the UAV trajectory and the UAV/ground node’s transmit power control over a given flight period.Due to the non-convexity of the formulated problems,it is difficult to obtain globally optimal solutions.However,we propose efficient iterative algorithms to obtain high-quality suboptimal solutions by applying the block coordinate descent and successive convex optimization methods.Simulation results show that the joint optimization algorithms can effectively improve the secrecy rate performance for both the DL and UL communications,as compared with other baseline schemes.The proposed schemes can be considered as special cases of UAV-assisted non-orthogonal multiple access(NOMA)networks.

Securing Technique Using Pattern-Based LSB Audio Steganography and Intensity-Based Visual Cryptography

With the increasing need of sensitive or secret data transmission through public network,security demands using cryptography and steganography are becoming a thirsty research area of last few years.These two techniques can be merged and provide better security which is nowadays extremely required.The proposed system provides a novel method of information security using the techniques of audio steganography combined with visual cryptography.In this system,we take a secret image and divide it into several subparts to make more than one incomprehensible sub-images using the method of visual cryptography.Each of the sub-images is then hidden within individual cover audio files using audio steganographic techniques.The cover audios are then sent to the required destinations where reverse steganography schemes are applied to them to get the incomprehensible component images back.At last,all the sub-images are superimposed to get the actual secret image.This method is very secure as it uses a two-step security mechanism to maintain secrecy.The possibility of interception is less in this technique because one must have each piece of correct sub-image to regenerate the actual secret image.Without superimposing every one of the sub-images meaningful secret images cannot be formed.Audio files are composed of densely packed bits.The high density of data in audio makes it hard for a listener to detect the manipulation due to the proposed time-domain audio steganographic method.

Impact of Tools and Techniques for Securing Consultancy Services

In a digital world moving at a breakneck speed,consultancy services have emerged as one of the prominent resources for seeking effective,sustainable and economically viable solutions to a given crisis.The present day consultancy services are aided by the use of multiple tools and techniques.However,ensuring the security of these tools and techniques is an important concern for the consultants because even a slight malfunction of any tool could alter the results drastically.Consultants usually tackle these functions after establishing the clients’needs and developing the appropriate strategy.Nevertheless,most of the consultants tend to focus more on the intended outcomes only and often ignore the security-specific issues.Our research study is an initiative to recommend the use of a hybrid computational technique based on fuzzy Analytical Hierarchy Process(AHP)and fuzzy Technique for Order Preference by Similarity to Ideal Solutions(TOPSIS)for prioritizing the tools and techniques that are used in consultancy services on the basis of their security features and efficacy.The empirical analysis conducted in this context shows that after implementing the assessment process,the rank of the tools and techniques obtained is:A7>A1>A4>A2>A3>A5>A6>A7,and General Electric McKinsey(GE-McKinsey)Nine-box Matrix(A7)obtained the highest rank.Thus,the outcomes show that this order of selection of the tools and techniques will give the most effective and secure services.The awareness about using the best tools and techniques in consultancy services is as important as selecting the most secure tool for solving a given problem.In this league,the results obtained in this study would be a conclusive and a reliable reference for the consultants.

Developing a Multi-Layer Strategy for Securing Control Systems of Oil Refineries

The energy industry and in particular the Oil Refineries are extremely important elements in Iraq’s infrastructure. A terrorist attack on one oil refinery will have a catastrophic impact on oil production and the whole economy. It can also cause serious damage to the environment and even losses of human lives. The security of information systems and industrial control systems such as Supervisory Control and Data Acquisition (SCADA) systems and Distributed Control System (DCS) used in the oil industry is a major part of infrastructure protection strategy. This paper describes an attempt to use several security procedures to design a secure, robust system for the SCADA and DCS systems currently in use in the North Oil Refinery in the city of Baiji located in northern Iraq.

A Cumulative Authentication Method for Securing Source Routing Protocols in Ad Hoc Networks

Initial works in ad hoc routing have considered only the problem of providing efficient mechanisms for finding paths in such networks,without considering security as a major problem.In such a trusted environment,malicious behaviors can disturb routing process.We present the design and performance evaluation of a new secure on-demand routing protocol for ad hoc networks, called CASR.CASR is robust against attackers from outside of the network and even it prevents compromised nodes from tampering with uncompromised routes consisting of uncompromised nodes.Because of using symmetric cryptography in its structure,CASR is robust against large number of types of Denial-of -Service attacks.However,due to the applying of the random key predistributions method to the routing process our proposed scheme reaches a trade-off between the degree of security and complexity.

Securing Display Path for Security-Sensitive Applications on Mobile Devices

While smart devices based on ARM processor bring us a lot of convenience,they also become an attractive target of cyber-attacks.The threat is exaggerated as commodity OSes usually have a large code base and suffer from various software vulnerabilities.Nowadays,adversaries prefer to steal sensitive data by leaking the content of display output by a security-sensitive application.A promising solution is to exploit the hardware visualization extensions provided by modern ARM processors to construct a secure display path between the applications and the display device.In this work,we present a scheme named SecDisplay for trusted display service,it protects sensitive data displayed from being stolen or tampered surreptitiously by a compromised OS.The TCB of SecDisplay mainly consists of a tiny hypervisor and a super light-weight rendering painter,and has only^1400 lines of code.We implemented a prototype of SecDisplay and evaluated its performance overhead.The results show that SecDisplay only incurs an average drop of 3.4%.

Digital Watermarking Scheme for Securing Textual Database Using Histogram Shifting Model

Information security is one of the most important methods of protecting the confidentiality and privacy of internet users.The greater the volume of data,the more the need to increase the security methods for protecting data from intruders.This task can be challenging for researchers in terms of managing enormous data and maintaining their safety and effectiveness.Protection of digital content is a major issue in maintaining the privacy and secrecy of data.Toward this end,digital watermarking is based on the concept of information security through the insertion and detection of an embedded watermark in an efficient manner.Recent methodologies in the research on digital watermarking result in data distortion after embedding the watermark.This scenario can reduce the efficiency of detecting watermarks as well as violate data confidentiality.This study adapts a robust reversible histogram shifting(HS)technique for textual data in relational databases.Furthermore,the study presents a digital watermarking scheme intended for document copyright protection and proof of ownership.The major advantage of the proposed watermarking scheme is that it can protect digital data and preserve data quality.To the best of our knowledge,this research methodology is promising for use in the HS expansion model for watermarking data on nonnumeric databases.In addition,the results showed that despite exposing the database to an insertion attacks at 50%and 75%of the watermark,the proposed algorithm can recovermore than half of the embedded watermark in all addition and alteration attacks cases.As a result,the watermark information can be retained and restored completely.

Securing Consumer Internet of Things for Botnet Attacks: Deep Learning Approach

DDoS attacks in the Internet of Things(IoT)technology have increased significantly due to its spread adoption in different industrial domains.The purpose of the current research is to propose a novel technique for detecting botnet attacks in user-oriented IoT environments.Conspicuously,an attack identification technique inspired by Recurrent Neural networks and Bidirectional Long Short Term Memory(BLRNN)is presented using a unique Deep Learning(DL)technique.For text identification and translation of attack data segments into tokenized form,word embedding is employed.The performance analysis of the presented technique is performed in comparison to the state-of-the-art DL techniques.Specifically,Accuracy(98.4%),Specificity(98.7%),Sensitivity(99.0%),F-measure(99.0%)and Data loss(92.36%)of the presented BLRNN detection model are determined for identifying 4 attacks over Botnet(Mirai).The results show that,although adding cost to each epoch and increasing computation delay,the bidirectional strategy is more superior technique model over different data instances.

Towards Securing Machine Learning Models Against Membership Inference Attacks

From fraud detection to speech recognition,including price prediction,Machine Learning(ML)applications are manifold and can significantly improve different areas.Nevertheless,machine learning models are vulnerable and are exposed to different security and privacy attacks.Hence,these issues should be addressed while using ML models to preserve the security and privacy of the data used.There is a need to secure ML models,especially in the training phase to preserve the privacy of the training datasets and to minimise the information leakage.In this paper,we present an overview of ML threats and vulnerabilities,and we highlight current progress in the research works proposing defence techniques againstML security and privacy attacks.The relevant background for the different attacks occurring in both the training and testing/inferring phases is introduced before presenting a detailed overview of Membership Inference Attacks(MIA)and the related countermeasures.In this paper,we introduce a countermeasure against membership inference attacks(MIA)on Conventional Neural Networks(CNN)based on dropout and L2 regularization.Through experimental analysis,we demonstrate that this defence technique can mitigate the risks of MIA attacks while ensuring an acceptable accuracy of the model.Indeed,using CNN model training on two datasets CIFAR-10 and CIFAR-100,we empirically verify the ability of our defence strategy to decrease the impact of MIA on our model and we compare results of five different classifiers.Moreover,we present a solution to achieve a trade-off between the performance of themodel and the mitigation of MIA attack.