iosr-JCE   Volume-17 ~ Issue-1 ~ Jan-Feb 2015

Abstract:Nowadays Cloud computing becomes a popular research subject. Almost all types of organizations adopting cloud computing technology. Organizations use the Cloud as (SaaS, PaaS, and IaaS) and deployment models (Private, Public, Hybrid, and Community. As cloud services are more efficient to the service providers and clients but some issues in case of security Is important, which we have to take in to account. These types of issues may be faced by service providers as well as clients. In this paper we will revise some cloud security threats.
Keywords: Software as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), Application presentation Interfaces (APIs).

[1]. Top threats to cloud computing V1.0,cloud security alliance,2010
[2]. K. Thejaswi, I. Sheeba, C. Bhuvana, P. Lavanya , Insight Of Cloud-Specific Culpabilities, Risks, Threats.
[3]. Adam Swidler, seven security threats in cloud,2010.
[4]. Shaikh, F.B., Haider, S. Dept. of Comput. & Technol., SZABIST, Islamabad, Pakistan (IOSRJEN)ISBN- 978-1-4577-0884-

Abstract:The extensive applications of Mobile ad hoc networks are in civilian and military. In the MANETs nodes are joining to any point and leave the network at any point of time. This generic characteristic of MANET has rendered it vulnerable to security attacks. In our paper, we are trying to solve the problem regarding attacks by black-hole in the group of nodes. We are dealing with the identifications of multiple black holes and a remedy to generate another route avoiding black-hole attacked nodes. We are also trying to deliver security to avoid DDOS attack.

Keywords: Security, algorithms, distributed denial of attack, intrusion detection system.

[1]. C. Adams and J. Gilchrist, "RFC 2612: The CAST-256 encryption algorithm," June 1999, http://www.cis.ohiostate.edu/htbin/rfc/rfc2612.html.
[2]. J. Barlow and W. Thrower, "TFN2K – an analysis," Feb. 2000, http://packetstorm.securify.com/distributed/TFN2k_ Analysis.htm.
[3]. S. Bellovin, "Security problems in the TCP/IP protocol suite," Comput. Commun. Rev., vol. 19, no. 2, pp. 32-48, Apr. 1989.
[4]. S. Bellovin, "Distributed denial of service attacks," Feb. 2000, http://www.research.att.com/~smb/talks.
[5]. S. Bellovin, Ed., "The ICMP traceback message," Network Working Group Internet Draft, Mar. 2000, http://www. research.att.com/~smb/papers/draft-bellovin-itrace-00.txt.

Abstract: The load Balancing in the network is a severe problem in network. The data created in wireless network is kept on node. It accessed over geographic hash table. The geographic hash table is used to recover data from the nodes. The preceding approaches permit the balancing load by varying georouting protocol [1]. In our work, it is prove that it's probable to balancing the network load in geographic hash table. It can happen without any change of underlying georouting protocols. As a replacement of changing the straight line in georouting protocols, it can used to direct query after ode delivering query to the node handling queried key at the destination. It proposes to the hash functions are used to stock data in network, applying sort of load-aware task of the keys to the nodes. This new method is instantiated in to two exact approaches: analytical, which is target density function getting load balancing is characterized below uniformity conventions for concerns site of the nodes and sources; and an iterative, heuristic method that could be recycled when these consistency rules are not satisfied. It attempts to stop many request sent to single node. Here we are going to use hash algorithm for the security purpose.

Keywords: Georouting protocols, analytical, georouting protocol, heuristic, and Load balancing.

[1]. M. Elena Renda, Giovanni Resta, and Paolo Santi Load Balancing Hashing in Geographic Hash Tables, VOL. 23, NO. 8, AUGUST 2012
[2]. P. Bose, P. Morin, I. Stojmenovic, and J. Urrutia, "Routing with Guaranteed Delivery in Ad Hoc Wireless Networks," Wireless Networks, vol. 7, no. 6, pp. 609-616, 2001.
[3]. C. Canali, M.E. Renda, and P. Santi, "Evaluating Load Balancing in Peer-to-Peer Resource Sharing Algorithms for Wireless Mesh Networks," Proc. IEEE MeshTech, pp. 603-609, 2008.
[4]. D.B. Johnson and D.A. Maltz, "Dynamic Source Routing in Ad Hoc Wireless Networks," Mobile Computing, Kluwer Academic Publishers, pp. 153-181, 1996.
[5]. A. Mei and J. Stefa, "Routing in Outer Space: Fair Traffic Load in Multi-hop Wireless Networks," Proc. ACM MobiHoc, pp. 23-31, 2008.

Abstract:As networks are mushrooming, the growth and development of IPv6 is gaining more importance. The wide scale deployment of this protocol into operational networks raises certain issues with security being one of the most compelling ones. The next generation internet protocol (IPng) introduces vulnerabilities in addition to those inherent in IPv4. While the existing security infrastructure like IPSec, SSL, PKI, and DNSSec might be sufficient for IPv4, the protocol security associated with IPv6 and migration networks needs to be assessed and analyzed. Until the time complete migration to IPv6 takes place, the internet migration techniques need to be secured. If left unprotected, these techniques pose a serious threat to networks. This paper presents an analysis of network attacks that are common in IPv4 and makes a comparative analysis of how these attacks may impact the IPv6 network. The paper also establishes guidelines and principles for mitigating these attacks. Additionally, the paper addresses the security issues that arise while migrating to IPv6 and outlines the secure mitigation techniques.

Keywords: IPv4, IPv6, IPSec, SSL, PKI, DNSSec

[1]. Bradner, S. "The End-to-End Security." IEEE Security & Privacy, vol., no. pp(2006): 76-79.

[2]. Treese, Win. "The state of security on the internet." NetWorker 8.3 (2004): 13-15.

[3]. Convery, Sean, and Darrin Miller. "Ipv6 and ipv4 threat comparison and best-practice evaluation (v1. 0)." Cisco systems (2004). [4]. Caicedo, Carlos E., James BD Joshi, and Summit R. Tuladhar. "IPv6 Security Challenges." IEEE Computer 42.2 (2009): 36-42.

[5]. Ford, Matthew D. "New Internet Security and Privacy Models Enabled by IPv6." SAINT Workshops. 2005.

[6]. Popoviciu, Ciprian. Deploying ipv6 networks. Pearson Education India, 2006.
[7]. Marc "van Hauser" Heuse. THC IPv6 Attack Toolkit. http://www.thc.org/thc-ipv6/,2012.

Abstract:An SQL Injection is one of the most dangerous security issues. SQL injections are dangerous because they are a door wide open to hackers to enter your system through your Web interface and to do whatever they please - i.e. delete tables, modify databases. The principal behind SQL injection is pretty simple. When an application takes user data as an input, there is an opportunity for a malicious user to enter carefully crafted data that causes the input to be interpreted as part of a SQL query instead of data. Databases are attractive targets because they typically contain critical application information. SQL injections are a programming error and they have nothing to do with your web site hosting provider. So, if you have been searching for a secure JSP hosting, PHP hosting or any other type of web hosting packages, you need to know that prevention of an SQL injection is not a responsibility of your web site hosting provider but of your web developers. In this paper, we had firstly surveyed different SQL Injection methods and then different techniques against SQL Injection and analyzed their advantages and disadvantages and proposed a novel and effective solution to avoid attacks on login phase.
Keywords: SQLIA, Parse Tree Validation, Code Conversion, Static Query;

[1]. Oppliger, R., "Internet security enters the Middle Ages," Computer , vol.28, no.10, pp.100,101, Oct 1995 doi: 10.1109/2.467613
[2]. http://www.w3resource.com/sql/sql-injection/sql-injection.php
[3]. www.owasp.org
[4]. W.G.J. Halfond, A. Orso, "AMNESIA: analysis and monitoring for Neutralizing SQL-injection attacks," 20th IEEE/ACM International Conference on Automated Software Engineering, Long Beach, CA, USA, 2005, pp. 174–183.
[5]. Michele Spagnuolo,Politecnico di Milano,Milan "Using Parse Tree Validation to Prevent SQL Injection Attacks"
[6]. Indrani Balasundaram, E. Ramaraj "An Efficient Technique for Detection and Prevention of SQL Injection Attack using ASCII Based String Matching" International Conference on Communication Technology and System Design 2011 © 2011 Published by Elsevier Ltd. Selection and/or peer-review under responsibility of ICCTSD 2011

Abstract: Clustering is the process of grouping objects into clusters such that the objects from the same clusters are similar and objects from different clusters are dissimilar. The relationship is often expressed as similarity or dissimilarity measurement and is calculated through distance function. some of the outlier detection techniques are distance based outlier detection distribution based outlier detection density based outlier detection and depth based outlier detection The goal of this paper is the detection of outliers with high accuracy and time efficiency. The methodology discussed here is able to save a large amount of time by selecting a small subset of suspicious transactions for manual inspection which includes most of the erroneous transactions.

Keywords: PAM.CLARA, CLARANS, ECLARANS

[1]. A. Mira, D.K. Bhattacharyya, S. Saharia," RODHA: Robust Outlier Detection using Hybrid Approach", American Journal of Intelligent Systems, volume 2, pp 129-140, 2012
[2]. Al-Zoubi M. "An Effective Clustering-Based Approach for Outlier Detection"(2009)
[3]. A K Jain,M N Murthy. "Data Clustering A Review" ACN Computing Surveys Vol 31,No3.September 1999.
[4]. D Moh, Belal Al-Zoubi, Ali Al-Dahoud, Abdelfatah A Yahya "New outlier detection method based on fuzzy clustering"2011.
[5]. Deepak Soni, Naveen Jha, Deepak Sinwar," Discovery of Outlier from Database using different Clustering Algorithms", Indian J. Edu. Inf. Manage., Volume 1, pp 388-391, September 2012.
[6]. Han & Kamber & Pei," Data Mining: Concepts and Techniques (3rded.) Chapter 12, ISBN-9780123814791
[7]. Ji Zhang," Advancements of Outlier Detection: A Survey", ICST Transactions on Scalable Information Systems, Volume 13, pp 1-26 January-March 2013
[8]. Maria Halkidi, Yannis Batistakis, Michalis Vazirgiannis," On Clustering Validation Techniques", Journal of Intelligent Information Systems, pp 107–145, January 2001.

Abstract:Blind people face a number of challenges when interacting with their environments because so much information is encoded visually .There are many problems when blind people need to access visualizations such as images, objects ,information in the form of text etc. Many tool and technologies seek to help blind people solve these problems by enabling them to query for information such as color or text shown on object. Blind use Braille technique to read. Also there are many applications like screen reader which help them to read. But there is a need of special training to use these techniques and also they are not so much portable. In this work we describe main features of software modules developed for Android smart phones that are dedicated for the blind users. The main module can recognize and match scanned objects to a database of objects, e.g. food or medicine containers. The two other modules are capable of detecting major colors and locate direction of the maximum brightness regions in the captured scenes. We conclude the paper with a short summary of the tests of the software aiding activities of daily living of a blind user.

Keywords: accessible environment, blindness,image recognition

[1]. Strumillo P. (2012) Electronic navigation systems for the blind and the visually impaired, Lodz University of Technology Publishing House (in Polish).
[2]. Hersh M., Johnson M. (Eds.) (2008) Assistive technology for visually impaired and blind people, Springer, London
[3]. Gill J. (2008), Assistive devices for people with visual impairments.In: Helal S., Mokhtari M. and Abdulrazak B. (ed) The engineering handbook of smart technology for aging, disability, and independence, J Wiley and Sons, Inc, Hoboken, New Jersey, pp. 163-190.
[4]. Onishi J., Ono T. (2011) Contour pattern recognition through auditory labels of Freeman chain codes for people with visual impairments, Inter-national IEEE Systems, Man, and Cybernetics Conference, Anchorage, Alaska USA, pp. 1088-1093.

Abstract: Distributed Sensor networks (DSN) is an emerging technology and have great potential to be employed in critical situations like battlefields and commercial applications such as process management, health care monitoring, environmental/earth sensing, industrial monitoring and many more scenarios. One of the major challenges distributed sensor networks face today is security. While the deployment of sensor nodes in an unattended environment makes the networks vulnerable to a variety of potential attacks, the inherent power and memory limitations of sensor nodes makes conventional security solutions unfeasible. The sensing technology combined with processing power and wireless communication makes it profitable for being exploited in great quantity in future. The wireless communication technology also acquires various types of security threats. This paper discusses a wide variety of security, research, computational and design issues along with the challenges faced.

Keywords: Distributed Sensor Network, Design issues, Security issues, Defensive mechanisms, Challenges.

[1]. Edwin Prem, Kumar Gilbert, BaskaranKaliaperumal, and Elijah Blessing Rajsingh"Research Issues in Wireless Sensor NetworkApplications: A Survey"DOI: 10.7763/IJIEE.2012.V2.191
[2]. MahfuzulhoqChowdhury, MdFazlul Kader and Asaduzzaman" Security Issues in Wireless Sensor Networks: A Survey"International Journal of Future Generation Communication and Networking Vol.6, No.5 (2013), pp.97-116
[3]. Al-Sakib Khan Pathan, Hyung-Woo Lee, ChoongSeonHong"Security in Wireless Sensor Networks: Issues andChallenges"Feb. 20-22, 2006 ICACT2006, ISBN 89-5519-129-4
[4]. Dr. G. Padmavathi,Mrs. D. Shanmugapriya "A Survey of Attacks, Security Mechanisms andChallenges in Wireless Sensor Networks " IJCSIS Vol. 4, No. 1 & 2, 2009
[5]. Samira Kalantary, Sara Taghipour"A survey on architectures, protocols, applications, andmanagement in wireless sensor networks" Journal of Advanced Computer Science & Technology, 3 (1) (2014) 1-11, doi: 10.14419/jacst.v3i1.1583
[6]. John Paul Walters, ZhengqiangLiang,Weisong Shi, and VipinChaudhary "Wireless Sensor Network Security: A Survey"Security in Distributed, Grid, and Pervasive Computing 2006 Auerbach Publications, CRC Press

Abstract: This paper analyzed the methods and techniques used in mathematical modeling of biological epidemics to the domain of information technology. A new epidemic model has been proposed by incorporating a range of parameters rather than using constant parameters for a fixed population network. All individual nodes or computers are classified into four classes- susceptible, exposed, infected and immunized. Changes of population of these four classes with time and higher epidemic threshold are studied. Finally threshold sensitivity analysis has been analyzed to take into account the appropriate measures to control the virus epidemic.

Keywords: Computer virus epidemic, epidemic threshold, sensitivity analysis

[1]. Szor P. The Art Of Computer Virus Research And Defense. 1st Ed. Addison-Wesley Education Publishers Inc.: 2005.
[2]. Cohen F. Computer Viruses: Theory And Experiments. Computsecur 1987;6(1):22-35.
[3]. Murray WH. The Application Of Epidemiology To Computer Viruses.Computsecur 1988:7(2) 130-50.
[4]. Kephart, J., White, S., Directed-Graph Epidemiological Models Of Computer Viruses, IEEE Symposium On Security And Privacy (1991).
[5]. Faloutsos M, Faloustsos P, Faloustsos C. On Power-Lae Relationships Of The Internet Topology. ACM SIGCOMM ComputcommunRev 1999,29(4):251-62.
[6]. Albert R, Barabasi A-L. Statistical Mechanics Of Complex Networks. Rev Mod Phys 2002.74(1):47-97.
[7]. Revasz E, Barbasi A-L. Hierarchical Organization In Complex Networks.Phys Rev E 2003,27(2)(Article ID 026112).

Abstract: Leaves can be categorized based on various physical attributes but the most popular attribute is shape. For example, we can use "shape‟ as a criterion to differentiate between a mango leaf and a banana leaf. Ideally this criterion can be of immense help to the user of an image database that stores, for instance, the images of different kinds of leaves. The user would often wish to retrieve images of leaf similar to the one he/she has or categorize the leaf according to its kind. This retrieval is mostly based upon the shape of the image. We investigate shape analysis methods for retrieving images and we develop an approach for doing so. In our approach we first find out the corners of the leaf by "Harris corner detection" and then determine the convex hull by joining these "corner points". The leaves are then distinguished by finding the difference between their internal angles at each control point. The same criterion is then used to retrieve images of leaves from a plant database that are identical to the one in the input image.

Index Terms:Shape based leaf categorization, corner detection,convex hull detection,internal angle differences.

[1]. N. Sakai, S. Yonekawa, and A. Matsuzaki, "Two-dimensional image analysis of the shape of rice and its applications to separating varieties", Journal of Food Engineering, vol 27, 1996, pp. 397-407.
[2]. A. J. M. Timmermans, and A. A. Hulzebosch, "Computer vison system for on-line sorting of pot plants using an artificial neural network classifier", Computers and Electronics in Agriculture, vol. 15, 1996, pp. 41-55.
[3]. S. Abbasi, F. Mokhtarian, and J. Kittler, "Reliable classification of chrysanthemum leaves through curvature scale space", Lecture Notes in Computer Science, vol. 1252, 1997, pp. 284-295.
[4]. A. J. Perez, F. Lopez, J. V. Benlloch, and S. Christensen, "Color and shape analysis techniques for weed detection in cereal fields", Computers and Electronics in Agriculture, vol. 25, 2000, pp. 197-212.
[5]. C. Im, H. Nishida, and T. L. Kunii, "A hierarchical method of recognizing plant species by leaf shapes", IAPR Workshop on Machine Vision Applications, 1998, pp. 158-161..

Abstract: In order to control the request flow in Computer Networks, a proxy server is used. Proxy Server is a server which acts as an intermediary server between server and clients. The more adaptable and converted attack is Web proxy-based HTTP attack in the existing DDoS attacks. In most of the large-scale official proxies which are usually configured to have high security sometimes cannot avoid being abused for the proxy base attacks. This type of attacks introduces new challenges to the existing security systems of the network. Web application is a set of technologies which serves for the web service. It is a good security practice to implement additional precautions to every mitigation level including the web application level for bringing the HTTP flood attack awareness for the web application. Here we introduce the detection and prevention of these flood attacks and DDoS attacks by using their frequency of request sequence arrival.

Keywords: Traffic analysis, Distributed Denial of Service attack, Distributed Security, Web Proxy.

[1]. Yi Xie, S. Tang, , Y. Xiang, and J. Hu, "Resisting Web Proxy-Based HTTP attacksby Temporal and Spatial Locality Behavior" IEEE Transactions On Parallel And Distributed Systems, Vol. 24, No. 7, July 2013
[2]. SMs P.Rajani Reddy, Mr R.Siva and Ms C.Malathi "Techniques to Differentiate DDOS Attacks from Flash Crowd" International Journal of Advanced Research in Computer Science and Software Engineering, Volume 3, Issue 6, June 2013.
[3]. LI Jin-ling, WANG Bin-qiang, "Detecting App-DDoS Attacks Based on Marking Access and d-SVDD" in 2nd International Symposium on Computer, Communication, Control and Automation (ISCCCA-13) ,2013.
[4]. Mohamed Ibrahim AK and Lijo George, Kritika Govind and S. Selvakumar, "Threshold Based Kernel Level HTTP Filter (TBHF) for DDoS Mitigation".: I.J. Computer Network and Information Security, 2012, 12, 31-39 .
[5]. Mohammed Alenezi, Martin J Reed, "Methodologies for detecting DoS/DDoS attacks against network servers".: The Seventh International Conference on Systems and Networks Communications, ICSNC Semi-Markov models 2012.
[6]. Davide Ariu, Roberto Tronci, Giorgio Giacinto , "HMMPayl: An intrusion detection system based onden Markov Models" Elsevier December 2010 and computers & security magazine volume 30 (2011).

Abstract: Information security is the process of protecting information. It protects its availability, privacy and integrity. Access to stored information on computer databases has increased greatly. More companies store business and individual information on computer than ever before. Much of the information stored is highly confidential and not for public viewing. To write this paper we have Study about information security using cryptography technique. After the detailed study of Network security using cryptography, I am presenting my proposed work. This paper is dividing in four sections contain of basic introduction about Information Security using cryptography, detailed description of Information security using cryptography and various algorithms, also; we are presenting proposed algorithm, Presenting summary and references where we have completed my research. The proposed algorithm has the batter speed compared with the comparing encryption algorithm. Nevertheless, the proposed algorithm improves encryption security by inserting the symmetric layer. The proposed algorithm will be useful to the applications which require the same procedure of encryption and decryption.

[1]. Ajay Kakkar, Dr. M. L. Singh, Dr. P. K. Bansal, "Efficient Key Mechanisms in Multinode Network for Secured Data Transmission", International Journal of 92 Engineering Science and Technology, Vol. 2, Issue 5, 2010, pp.787-795.
[2]. Davis, R, "The data encryption standard in perspective", Communications Society Magazine, IEEE, 2003, pp. 5-9.
[3]. Ajay Kakkar, M. L. Singh, P.K. Bansal," Comparison of Various Encryption Algorithms and Techniques for Secured Data Communication in Multinode Network", International Journal of Engineering and Technology Volume 2 No. 1, January, 2012.
[4]. Diffiee, W., and Hellman, M., "New Directions in Cryptography", IEEE Transaction Information Theory IT-22, (Nov. 1976), pp. 644-654.
[5]. Vishwa gupta, Gajendra Singh ,.Ravindra Gupta," Advance cryptography algorithm for improving data security", International Journal of Advanced Research in Computer Science and Software Engineering, Volume 2, Issue 1, January 2012 ISSN: 2277 128X.
[6]. Suyash Verma, Rajnish Choubey,Roopali soni, "An Efficient Developed New Symmetric Key Cryptography Algorithm for Information Security", International Journal of Emerging Technology and Advanced Engineering Website: www.ijetae.com (ISSN 2250-2459, Volume 2, Issue 7, July 2012) 18 .

Abstract: Congestion control is a very important concept used in practical networks. Congestion of a network occurs when a network carries such high traffic of data that the quality of service deteriorates. In modern day TCP protocol (Tahoe and Reno), the network determines congestion on the basis of the number of data packets lost. We believe that this is not the most optimized way of determining congestion because of the bottleneck problem that is described later in the text.Hence, in this paper, we propose a new algorithm to deduce whether the network is congested or not and then apply proper measures to rectify it.

Keywords: Congestion control, TCP/IP, Duplicate acknowledgements, Packet Loss, Bottleneck problem of TCP/IP

[1]. Qian Wang, Dongfeng Yuan, "An Improved TCP Congestion Control Mechanism with Adaptive Congestion Window"
[2]. Dorgham Sisalem, Henning Schulzrinne, "Congestion Control in TCP: Performance of Binary Congestion Notification Enhanced TCP Compared to Reno and Tahoe TCP"
[3]. Ming Yan, Chengjun Yue, "Robust Sliding Mode Congestion Control Algorithm for TCP Networks"
[4]. Saverio Mascolo, " Smith's Predictor for Congestion Control in TCP Internet Protocol"
[5]. James F. Kurose, Keith W. Ross, "Computer Networking, A Top-Down approach"
[6]. Behrouz A. Forouzan, "Data Communications and Networking".