Due to polymorphic nature of malware attack,a signature-based analysis is no longer sufficient to solve polymorphic and stealth nature ofmalware attacks.On the other hand,state-of-the-art methods like deep learning re...Due to polymorphic nature of malware attack,a signature-based analysis is no longer sufficient to solve polymorphic and stealth nature ofmalware attacks.On the other hand,state-of-the-art methods like deep learning require labelled dataset as a target to train a supervised model.This is unlikely to be the case in production network as the dataset is unstructured and has no label.Hence an unsupervised learning is recommended.Behavioral study is one of the techniques to elicit traffic pattern.However,studies have shown that existing behavioral intrusion detection model had a few issues which had been parameterized into its common characteristics,namely lack of prior information(p(θ)),and reduced parameters(θ).Therefore,this study aims to utilize the previously built Feature Selection Model subsequently to design a Predictive Analytics Model based on Bayesian Network used to improve the analysis prediction.Feature Selection Model is used to learn significant label as a target and Bayesian Network is a sophisticated probabilistic approach to predict intrusion.Finally,the results are extended to evaluate detection,accuracy and false alarm rate of the model against the subject matter expert model,Support Vector Machine(SVM),k nearest neighbor(k-NN)using simulated and ground-truth dataset.The ground-truth dataset from the production traffic of one of the largest healthcare provider in Malaysia is used to promote realism on the real use case scenario.Results have shown that the proposed model consistently outperformed other models.展开更多
Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from t...Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user con- venience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Never- theless, ctwrent implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files' read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.展开更多
Securing digital images is becoming an important concern in today's information security due to the extensive use of secure images that are either transmitted over a network or stored on disks. Image encryption is...Securing digital images is becoming an important concern in today's information security due to the extensive use of secure images that are either transmitted over a network or stored on disks. Image encryption is the most effective way to fulfil confidentiality and protect the privacy of images. Nevertheless, owing to the large size and complex structure of digital images, the computational overhead and processing time needed to carry out full image encryption prove to be limiting factors that inhibit it of being used more heavily in real time. To solve this problem, many recent studies use the selective encryption approach to encrypt significant parts of images with a hope to reduce the encryption overhead. However, it is necessary to realistically evaluate its performance compared to full encryption. In this paper, we study the performance and efficiency of image segmentation methods used in the selective encryption approach, such as edges and face detection methods, in determining the most important parts of visual images. Experiments were performed to analyse the computational results obtained by selective image encryption compared to full image encryption using symmetric encryption algorithms. Experiment results have proven that the selective encryption approach based on edge and face detection can significantly reduce the time of encrypting still visual images as compared to full encryption. Thus, this approach can be considered a good alternative in the implementation of real-time applications that require adequate security levels.展开更多
基金The work is fully sponsored by the research project grant FRGS/1/2021/ICT07/UITM/02/3。
文摘Due to polymorphic nature of malware attack,a signature-based analysis is no longer sufficient to solve polymorphic and stealth nature ofmalware attacks.On the other hand,state-of-the-art methods like deep learning require labelled dataset as a target to train a supervised model.This is unlikely to be the case in production network as the dataset is unstructured and has no label.Hence an unsupervised learning is recommended.Behavioral study is one of the techniques to elicit traffic pattern.However,studies have shown that existing behavioral intrusion detection model had a few issues which had been parameterized into its common characteristics,namely lack of prior information(p(θ)),and reduced parameters(θ).Therefore,this study aims to utilize the previously built Feature Selection Model subsequently to design a Predictive Analytics Model based on Bayesian Network used to improve the analysis prediction.Feature Selection Model is used to learn significant label as a target and Bayesian Network is a sophisticated probabilistic approach to predict intrusion.Finally,the results are extended to evaluate detection,accuracy and false alarm rate of the model against the subject matter expert model,Support Vector Machine(SVM),k nearest neighbor(k-NN)using simulated and ground-truth dataset.The ground-truth dataset from the production traffic of one of the largest healthcare provider in Malaysia is used to promote realism on the real use case scenario.Results have shown that the proposed model consistently outperformed other models.
基金Project partly supported by the Ministry of Higher Education of Malaysia under Grant LRGS/TD/2011/UKM/ICT/02
文摘Real-time encryption and decryption of digital images stored on end-user devices is a challenging task due to the inherent features of the images. Traditional software encryption applications generally suffered from the expense of user con- venience, performance efficiency, and the level of security provided. To overcome these limitations, the concept of transparent encryption has been proposed. This type of encryption mechanism can be implemented most efficiently with kernel file systems. However, this approach has some disadvantages since developing a new file system and attaching it in the kernel level requires a deep understanding of the kernel internal data structure. A filesystem in userspace (FUSE) can be used to bridge the gap. Never- theless, ctwrent implementations of cryptographic FUSE-based file systems suffered from several weaknesses that make them less than ideal for deployment. This paper describes the design and implementation of ImgFS, a fully transparent cryptographic file system that resides on user space. ImgFS can provide a sophisticated way to access, manage, and monitor all encryption and key management operations for image files stored on the local disk without any interaction from the user. The development of ImgFS has managed to solve weaknesses that have been identified on cryptographic FUSE-based implementations. Experiments were carried out to measure the performance of ImgFS over image files' read and write against the cryptographic service, and the results indicated that while ImgFS has managed to provide higher level of security and transparency, its performance was competitive with other established cryptographic FUSE-based schemes of high performance.
文摘Securing digital images is becoming an important concern in today's information security due to the extensive use of secure images that are either transmitted over a network or stored on disks. Image encryption is the most effective way to fulfil confidentiality and protect the privacy of images. Nevertheless, owing to the large size and complex structure of digital images, the computational overhead and processing time needed to carry out full image encryption prove to be limiting factors that inhibit it of being used more heavily in real time. To solve this problem, many recent studies use the selective encryption approach to encrypt significant parts of images with a hope to reduce the encryption overhead. However, it is necessary to realistically evaluate its performance compared to full encryption. In this paper, we study the performance and efficiency of image segmentation methods used in the selective encryption approach, such as edges and face detection methods, in determining the most important parts of visual images. Experiments were performed to analyse the computational results obtained by selective image encryption compared to full image encryption using symmetric encryption algorithms. Experiment results have proven that the selective encryption approach based on edge and face detection can significantly reduce the time of encrypting still visual images as compared to full encryption. Thus, this approach can be considered a good alternative in the implementation of real-time applications that require adequate security levels.
