International Journal of Computer Network and Information Security (IJCNIS)

IJCNIS Vol. 11, No. 12, Dec. 2019

Cover page and Table of Contents: PDF (size: 174KB)

Table Of Contents

REGULAR PAPERS

Performance Analysis of Network Applications on IPv6 Cloud Connected Virtual Machine

By Zeeshan Ashraf Adnan Sohail Muhammad Yousaf

DOI: https://doi.org/10.5815/ijcnis.2019.12.01, Pub. Date: 8 Dec. 2019

The rapid growth of the Internet and a number of changes in the technology landscape have resulted to move traditional IPv4 networks to virtualized IPv6 networks. Reliable and fast delivery of network services with minimum hardware and lower cost are the main challenges for network operators in the modern technological era. Network operators are moving towards the virtual IPv6 networks. As IP protocol does not guarantee packet delivery, therefore, for reliable delivery of services like FTP, HTTP, and SMTP, the IP protocol is associated with TCP on the transport layer while audio/video live streaming, and real-time applications use UDP. QoS of video streaming and real-time applications are depended upon better network resources management and planning while QoE is dependent on network performance. Different sizes of the packet affect overall QoS. Optimum services can be achieved through the proper selection of routing protocol in the network. In this study, the performance of the IPv6 virtual machine connected to the large scale virtual IPv6 network through the cloud is measured and compared on the basis of the packet sizes of TCP and UDP. GNS3 network emulator and VMware have been used for testing and analyzing the performance of the IPv6 virtual network in terms of several parameters such as convergence, RTT, throughput, jitter, and packet loss. Results indicate that the EIGRPv6 routing protocol with the collaboration of BGPv4 delivers better performance through virtual network services over the cloud network.

[...] Read more.
Design and Implementation of Runtime Reconfigurable Encryption Algorithms using Custom ICAP Processor

By Jamuna S Dinesha P Kp Shashikala Kishore Kumar K

DOI: https://doi.org/10.5815/ijcnis.2019.12.02, Pub. Date: 8 Dec. 2019

Field programmable gate arrays (FPGAs) are the reconfigurable logic devices which are widely used in many applications like space missions, automotive electronics, complex computing systems and system prototyping. Run time reconfigurability feature supported in high end FPGAs allows the designer to optimize design with respect to resource utilization and power consumption. Using partial reconfiguration a specific part of the FPGA can be reconfigured at run time without altering the original design. In data communication, safety and confidentiality of data is achieved through a suitable encryption algorithm. Encryption is most important aspect when it comes to security. Design flexibility can be increased by providing an option to the user to select a particular algorithm as per the requirement. Instead of using a single algorithm to encrypt data, multiple algorithms can be used with an option to switch between the algorithms. Thus optimizing the resource utilization and also can avoid security breach. Through this work, an attempt is made to include reconfiguration of the design at run-time. This design implements different encryption algorithms at different instance of time. In this paper two encryption algorithms i.e. Advance Encryption Standard (AES) and TwoFish both of 128-bit are chosen to reconfigure at runtime using a custom ICAP (Internal Configuration Access Port) controller IP provided by Xilinx and is implemented on Zedboard. Main advantage of this implementation is that the user have an option to switch between two algorithms, thus helping in overall resource optimization.

[...] Read more.
IT Risk Management Based on ISO 31000 and OWASP Framework using OSINT at the Information Gathering Stage (Case Study: X Company)

By Anak Agung Bagus Arya Wiradarma Gusti Made Arya Sasmita

DOI: https://doi.org/10.5815/ijcnis.2019.12.03, Pub. Date: 8 Dec. 2019

The major IT developments lead to speed and mobility elevation of information access. One of them is using the website to share and gather information. Therefore, the mobility and information disclosure create a harmful vulnerability. Which is the leakage of information, whether organizational or sensitive information, such as bank accounts, phone number and many more. Security testing is necessarily needed on website usage. One of the website security testing method is penetration testing. Supporting framework that can be used in this method is OWASP Testing Guide Version 4. OTG Version 4 has 11 stages cover all aspects of website protection and security. Security testing is nicely done using tools / software. Tools with the concept of OSINT (Open Source Intelligence) are used to get better access and availability by using the characteristics of open source. The IT risk assessment analysis carried out by ISO 31000 framework and based on the results that have been obtained through penetration testing with OWASP framework. Significance & values of this research is finding the best and effective way to making IT risk management guidelines along with the combination of with OWASP & ISO 31000 framework, by doing website security assessment with penetration testing method based on OWASP framework to get the system vulnerabilities and analyze the risks that appears with the ISO 31000 framework. Also, the IT risk management guidelines consist of system improvement recommendations along with evaluation report which obtained from the collaboration analysis the OSINT concept, penetration testing methods, OWASP and ISO 31000 framework.

[...] Read more.
Evaluation of Quality for Semi-Structured Database System

By Rita Ganguly Anirban Sarkar

DOI: https://doi.org/10.5815/ijcnis.2019.12.04, Pub. Date: 8 Dec. 2019

The quality evaluation of transactional calculus for semi-structured database system develops metrics for data quality. A conceptual data model of higher quality leads to a higher quality information system. Quality of a data model may affect with effectiveness i.e. the quality of results and the efficiency like time, effort etc. of development of information system. Hence, boosting up the data model quality is also prone to improve quality of delivered system. An array of metrics for quality has been proposed for the semi-structured data model with proper blend of metrics framework suitable for transactional calculus for data model of semi-structured. This paper proposes a framework for quality evaluation of transactional calculus for semi-structured database system using TCSS X-Query. In the proposed quality evaluation, the viewpoint has been described using a set of proposed quality measurements. Each of these quality measurements is linked with set of related metrics. The framework comprised of direct and indirect metrics for the purpose of quality evaluation. The framework facilities a double-fold view point using a set of quality measurement. In quality evaluation two viewpoint quality dimensions are focused: like designer level viewpoint and user level viewpoint. The proposed metrics set and measurements have been validated empirically. The purpose of empirical validation is to establish the metrics are practically useful for the assessment of quality measurements and operability factor.

[...] Read more.
An Improved Machine Learning-Based Short Message Service Spam Detection System

By Odukoya Oluwatoyin Akinyemi Bodunde Gooding Titus Aderounmu Ganiyu

DOI: https://doi.org/10.5815/ijcnis.2019.12.05, Pub. Date: 8 Dec. 2019

The use of Short Message Services (SMS) as a mechanism of communication has resulted to loss of sensitive information such as credit card details, medical information and bank account details (user name and password). Several Machine learning-based approaches have been proposed to address this problem, but they are still unable to detect modified SMS spam messages more accurately. Thus, in this research, a stack- ensemble of four machine learning algorithms consisting of Random Forest (RF), Logistic Regression (LR), Multilayer Perceptron (MLP), and Support Vector Machine (SVM), were employed to detect more accurately SMS spams. The simulation was carried out using Python Scikit- learn tools. The performance evaluation of the proposed model was carried out by benchmarking it with an existing model. The evaluation results showed that the proposed model has an increase of 3.03% of accuracy, 8.94% of Recall, 2.17% of F-measure; and a decrease of 4.55% of Precision over the existing model. This indicates that the proposed model reduces the false alarm rate and thus detects spams more accurately. In conclusion, the ensemble method performed better than any individual algorithms and can be adopted by the Network service providers for better Quality of Service.

[...] Read more.