Skip to main content

2024 | Book

Information Security, Privacy and Digital Forensics

Select Proceedings of the International Conference, ICISPD 2022

Editors: Sankita J. Patel, Naveen Kumar Chaudhary, Bhavesh N. Gohil, S. S. Iyengar

Publisher: Springer Nature Singapore

Book Series : Lecture Notes in Electrical Engineering


About this book

This volume comprises the select proceedings of the International Conference on Information Security, Privacy, and Digital Forensics (ICISPD 2022). The content discusses novel contributions and latest developments in cyber-attacks and defenses, computer forensics and cybersecurity database forensics, cyber threat intelligence, data analytics for security, anonymity, penetration testing, incident response, Internet of Things security, malware and botnets, social media security, humanitarian forensics, software and media piracy, crime analysis, hardware security, among others. This volume will be a useful guide for researchers across industry and academia working in the field of security, privacy, and digital forensics from both technological and social perspectives.

Table of Contents

Cybersecurity Resiliency for Airports as a Critical Infrastructure
As the virtual world is expanding its span for the online applications, the need of cybersecurity is increasing. The cyberattacks and its mitigation techniques are competing with each other in many areas where the critical infrastructure is applicable. One such domain is aviation industry which needs utmost cybersecurity from various types of threats and attacks. This paper aims to demonstrate types of cyberattacks on IT infrastructure of airports and also describe mitigation techniques for each type of attack. The preventive techniques suggested in this paper are helpful for taking proactive steps so the IT attacks on critical infrastructure can be avoided in advance.
Shivendra Anand, Madhavi Dave
Re-examining Laws Pertaining to Admissibility of Digital Evidence in Investigations
Multiple laws exist today in India, which deal with the admissibility of electronic evidence. While the Indian Evidence Act, 1872 is the primary law in India dealing with all aspects of evidence, there are a few other specific laws which have also attempted to deal with the issue of electronic evidence. The primary law dealing with electronic evidence, namely, Section 65B of the Indian Evidence Act, 1872 has been the subject of multiple judicial battles and has run its course. There is an urgent need to relook at laws pertaining to electronic evidence and frame uniform laws on this issue which are easy to understand, simple to follow, and, most importantly, relevant to the times. This paper attempts to examine the historic background behind electronic evidence legislations and proposes a few solutions to issues being faced by investigating agencies.
Kaushik Thinnaneri Ganesan
Fog Forensics: A Comprehensive Review of Forensic Models for Fog Computing Environment
Numerous potential social advantages are offered by fog computing, including personalized healthcare, smart cities, agri technology, automated transportation, consumer IoT, and many more. Ambient computing at previously unfathomable scales is made possible by the extremely dynamic and complex nature of fog computing and its low latency communication networks connecting sensors, devices, and actuators. The need to look for digital forensic methods that may effectively be used to solve computer-related crimes utilizing IoT devices is being driven by the rise in IoT devices. Fog computing adds greater threats to privacy and security as it is becoming challenging given the increasing number of linked devices. The existing forensics models are not sufficient to handle data from the fog cloud. In this paper, we present a thorough review of the existing state-of-the-art forensic models that can be applied to fog cloud environment and this work can further be used to promote extensive research and development of fog forensic models.
Konrad Śniatała, Yashas Hariprasad, K. J. Latesh Kumar, Naveen Kumar Chaudhary, Michał Weissenberg
Memory Forensics for Artefacts Recovery from Ether Transactions
Use of cryptocurrencies in crimes like money laundering, ransomware, narcotics trade and terror funding has been on increase. There is a disturbing trend in the use of the cryptocurrencies even in conventional crimes like cheating, scams and financial frauds. The existing research in digital forensics of cryptocurrencies is dominated by Bitcoin and very less work has been done on digital artefacts identification in Ether transactions. There has been use of Ethereum in many criminal activities hence the knowledge of Ethereum forensics is very important for law enforcement agencies. According to Bankless Times, Ethereum is now used more than Bitcoin for illegal activities. The proportion of illicit transactions on the overall flow of Ethereum has risen to 0.33% versus 0.04% for bitcoin. In market capitalization, Ethereum is the second largest cryptocurrency. This paper is an endeavour to locate the digital artefacts related with Ether transactions in volatile memory. Cryptocurrency wallet “Exodus” has been used as it does not ask for KYC and such wallets are preferred by criminals. In all, 12 important digital artefacts were found in the volatile memory. As use of different cryptocurrencies other than Bitcoin is on rise in criminal activities, such research of digital artefacts identification with a given cryptocurrency will prove helpful for law enforcement agencies.
Borase Bhushan Gulabrao, Digvijaysinh Rathod, Aishwarya Tiwari
A Lightweight Intrusion Detection and Electricity Theft Detection System for Smart Grid
Smart grid systems have improved networking for power systems and many other industrial systems, but they still have many vulnerabilities, making them an easy target for cyber attacks. Recently, the number of attacks has also increased. The present work investigates the reliability and security of Smart Grid (SG). The reliability and security are investigated in two aspects that are electricity fraud detection followed by the intrusion detection system. This work presents the lightweight Intrusion detection system for SCADA and Modbus-based control systems that can detect intrusion with very high accuracy. The IDS developed is based on the ICS (industrial control system) dataset, which has 20 features (column) and 2,74,628 rows. The IDS dataset contains the Modbus packet’s attributes and network and physical infrastructure attributes. The IDS work is followed by detecting electricity theft on a realistic electricity consumption dataset released by the State Grid Corporation of China. A total of 42,372 users’ power usage data from 1,035 days is included in the data collection (from 1 January 2014 to 31 October 2016). Eight classifiers, as well as two basic neural networks (1DCNN and ANN), have been investigated on this dataset.
Ayush Sinha, Ashutosh Kaushik, Ranjana Vyas, O. P. Vyas
Study and Analysis of Key-Predistribution Schemes Based on Hash Chain for WSN
In recent years, Wireless Sensor Network (WSN) has become a leading area of research. WSN is ad hoc, without infrastructure wireless network that connects a huge number of wireless sensors. WSN consists of multiple sensor nodes which have limited processing speed, storage capacity, communication bandwidth and base stations. They can be thought of as the network’s “sensing cells” and “brain”, respectively. They are emerging as a better technology in the future due to their large range of applications in surveillance and people-related domains. This paper proposes a study and analysis of hash-based key predistribution for a better understanding of the uses of key predistribution or random key predistribution over the wireless sensor network to prevent the makers and also provide better connectivity, lower storage overhead, lower communication overhead and less computation complexities.
Kanhaiya Kumar Yadav, Priyanka Ahlawat
CERT-In New Directives for VPN: A Growing Focus on Mass Surveillance and Data Privacy
Digitalization efforts are rewarding as Information Technology is bringing changes in almost every sector. Virtual Private Network (VPN) was expected to be a safeguard for sensitive and personal information for individuals. The focus of India’s cybersecurity watchdog, Indian Computer Emergency Response Team (CERT-In), focuses on safeguarding or prevention with feasible effort. It is difficult to maintain data privacy without hampering user identity. CERT-In directives try to enhance cybersecurity by bridging the gap in cyberincidence analysis. VPN is ever growing with Bring Your Own Device (BYOD), Work From Home (WFH) in place. A VPN allows users to browse the Internet while masking their device’s IP address, encrypting data, and routing through secure networks in other states or countries with no logs. The new CERT-In directives emphasize obligatory data collection, retention, and integration for Virtual Private Server (VPS) providers, VPN services, and Cloud providers for a minimum of 5 years. There is an urgent need to increase the security of the country’s digital infrastructure in the best feasible ways, but some new directives may not be privacy-friendly hampering user identity and data protection framework. It has major market implications and an increase in operational costs. Thus, making an Un-CERT-In time for VPN providers in India. This directive does not only defeat the purpose of VPNs but is also possibly aimed at state-sponsored surveillance. We have proposed a few solutions to go through this new rule for the end users.
Neeraj Jayant, Naman Nanda, Sushila Madan, Anamika Gupta
Addressing DIO Suppression Attack in RPL based IoT Networks
The Internet of Things (IoT) has brought a revolution in technology in the last decade. IoT is susceptible to numerous internal routing attacks because of the characteristics of the sensors used in IoT networks and the insecure nature of the Internet. The majority of the IoT ecosystem’s problems come during the routing phase. While routing, the attacking node causes a number of challenges with the packet transmission mechanism. Routing Protocol for Low-Power and Lossy Networks (RPL) is susceptible to numerous types of attacks. The effects could be disruptive to network performance and resource availability. In this paper, we investigate the impact of a novel attack known as the DIO suppression attack and propose a mitigation mechanism for this attack on RPL-based network. This attack disrupts the topology of a network, and as a result, certain number of nodes are disconnected. Attacker nodes exploit the trickle algorithm to execute this attack. The impact of DIO suppression attack in different topologies and scenarios is studied in this research. We have also proposed a lightweight mitigation technique to defend the networks from this attack. This technique leverages the trickling timer’s DIO Redundancy Constant k for each node to identify the attacking node in the network.
Rajat Kumar, Jyoti Grover, Girish Sharma, Abhishek Verma
Modelling Identity-Based Authentication and Key Exchange Protocol Using the Tamarin Prover
In real-time applications, authentication plays a vital role in enabling secure communications. The authentication protocols need to be formally verified under a defined threat model. Unless the protocols are verified for the intended security, the purpose of employing such protocols may eventually fail. There are multiple ways to formally verify the security of the authentication protocols including the use of automatic verification tools like the Tamarin Prover. The Tamarin Prover tool supports equational theories along with built-in functions. However, this tool does not support some mathematical operations such as elliptic curve point addition. It is necessary to have point addition in Identity-Based Encryption (IBE)-based authentication protocols. Chen–Kudla modelled the point addition operation in the Tamarin Prover using a technique based on concatenation. However, this technique is not applicable to all identity-based protocols including IBE-based authentication protocols. In this paper, we present a modelling technique known as normalised precomputation for point addition using a hash function. We analyse the security of a simple identity-based encryption-based key exchange protocol under extended Canetti and Krawczyk’s (eCK) adversary model. Our analysis shows that the proposed technique is secure and retains the properties of point addition. Therefore, the technique can be applied to different IBE-based authentication protocols where point addition operation is necessary.
Srijanee Mookherji, Vanga Odelu, Rajendra Prasath, Alavalapati Goutham Reddy, Basker Palaniswamy
Sensor Fusion and Pontryagin Duality
Boltzmann Machine (BM) and Brooks–Iyengar (BI) algorithm are solving similar problems in sensor fusion. Relationships between these two are established in detail. During 1984, BM was used as a toolset to solve posterior probability finding problems by Hinton (https://​youtu.​be/​kytxEr0KK7Q, [10]). During 1996, Brooks–Iyengar algorithm was published (Brooks and Iyengar in Computer, [8]) and it was trying to have robust and yet precise computation of a parameter in a sensor network, where sensor network might include some faulty sensors as well. In this work, it has shown interesting results on BM and BI, when temperature is zero in BM. Dual space of sensor network is used as a space for sensor classification and also to find computability of measurement. Pontryagin duality (Dikranjan and Stoyanov in An elementary approach to Haar integration and Pontryagin duality in locally compact abelian groups 2011 [14]; Woronowicz in QuantumE(2) group and its Pontryagin dual 2000 [15]) is used to construct dual space for a given sensor network. For example, the Fourier transform can be considered as a dual space of the given sensor network. Kolmogorov complexity is used to model measurement problems into a problem of computability of elements in dual space. Sensor fusion problem is formulated as a problem of finding one program “p” which results in many strings as output. It appears that there is no known necessary sufficient condition on group (formed by using non-faulty sensors) for “p” to exist. And also, it is shown that quantum computing is a natural choice to find such a program “p” which produces many strings as output.
S. Jayakumar, S. S. Iyengar, Naveen Kumar Chaudhary
Lightweight Malicious Packet Classifier for IoT Networks
Although the Internet of Things (IoT) devices simplify and automate everyday tasks, they also introduce a tremendous amount of security flaws. The current insufficient security measures for smart device protection make IoT devices a potential victim of breaking into a secure infrastructure. This research proposes an on-the-fly intrusion detection system (IDS) that applies machine learning (ML) to detect network-based cyber-attacks on IoT networks. A lightweight ML model is trained on network traffic to defer benign packets from normal ones. The goal is to demonstrate that lightweight machine learning models such as decision trees (in contrast with deep neural networks) are applicable for intrusion detection achieving high accuracy. As this model is lightweight, it could be easily employed in IoT networks to classify packets on-the-fly, after training and evaluation. We compare our lightweight model with a more complex one and demonstrate that it could be as accurate.
Seyedsina Nabavirazavi, S. S. Iyengar, Naveen Kumar Chaudhary
Cyber Security Issues and Challenges on Non-fungible Tokens
Blockchain Technology helps buy and sell digital assets known as Non-Fungible Tokens (NFT). It is an asset that is not fungible. It is a different type of asset that exists in the virtual world and uses cryptocurrencies. Unique individual cartoons, like the ‘Bored Ape Yacht Club’, are made available through the NFT collection with unlimited, choices. The owners of such NFTs exhibit them with pride as avatars on social media. These tokens are not merely images. They include assets in the form of art, music, video game items, collectibles, sports memorabilia, domain names, and tweets, on various websites such as ‘Decentraland’ and the ‘Sandbox’. It is interesting to note that even land in the virtual world using NFT. This process of recording the ownership details of a digital asset is sure to revolutionize the thinking in the minds of people. This paper aims to study the overview of NFTs in detail. It further focuses on the advantages and limitations of NFTs. An attempt has been made to compare NFTs with Blockchain and cryptocurrencies. This paper also deals with the standards and protocols used for NFTs. Further, the issues and challenges with cyber security and privacy in NFTs are discussed. This paper focuses on the future scope of NFTs in the context of the ‘Metaverse’.
N. Kala
The Rise of Public Wi-Fi and Threats
The rise of public Wi-Fi is increasing daily, and as it expands, it comes with many new opportunities and challenges. In this paper, you will find out why most intruders use public Wi-Fi to conduct cyber-criminal activities and how intruders can easily access your data or download your data as you have connected through malicious public Wi-Fi networks. In this research work, a survey has been done to determine why people prefer public Wi-Fi networks or private Wi-Fi. Experimental work focuses on intruders using ATHEROS (Hardware) and Wireshark & N-Map (Software) to extract data from open public Wi-Fi. At the same time, using public Wi-Fi, how to secure your data and its safety measurements and tips are given.
Prateek Bheevgade, Chirantan Saha, Rahul Nath, Siddharth Dabhade, Haresh Barot, S. O. Junare
Digital Forensic Investigation on Ponzi Schemes
The Ponzi scheme is an economic offence to lure investors by giving false assurance of huge returns with less risk. The money is provided to the older investors from the new investors in the form of payouts. Mostly the scheme would collapse or in the verge of collapse when the reduction of new investors. The scheme would try to retain later or the latest customers to reinvest or roll over the payouts into the scheme. Ponzi schemes are also performing as “Smart Ponzi Scheme” [1] where new technology (blockchain) cryptocurrency has been used indirectly. Some Ponzi scheme adopts a hybrid model without the knowledge of investors. Fugazzi financial securities are also given in the form of bonds with some security values, especially payouts are enticed to roll over again. The Ponzi scheme would initially be started and pretend to be a formal and genuine financial business and would certainly know the scheme would collapse. The scheme’s brainchild or brainchildren would counter and prepare for the easy way outs. The accumulated money is invested in real estate, movable properties, Panama papers, gold investments, cryptocurrencies, smart contracts (Cryptocurrency), and offshore investments. The new and the latest investors were victimized a lot. The financial victimization will be more from the new investors to the initial or oldest investors. The fairness of identifying actual financial loss incurred by the investors has to be justified for a fair settlement. The nature of the Ponzi scheme itself is a discrete business and the brainchild/brainchildren behind the scheme have constructed business infrastructure in such a way that they cannot be caught or tracked or detected. They have chosen complex technological infrastructure to make the investigation process difficult. The Ponzi scheme is accomplished by complex infrastructure in a way digital forensics investigation process made so difficult to detect. Ponzi scheme identification and intelligence about people and infrastructure are to be collected properly else the break in the detection chain would end up in fragile evidence collection. Understanding of infrastructure of the Ponzi scheme model is crucial to gather all information and quantifying the actual amount and people who were involved in the Ponzi scheme. The magnitude of the Ponzi scheme scam would only be identified by the proper digital forensic investigation process. This paper discusses the complex infrastructure adopted by the Ponzi schemes. The hurdles and challenges faced by the investigation team and digital forensics Investigation team to detect the magnitude of the scam involved. This paper also addresses the lacuna of policy, enforcement, and regulatory lens on the Ponzi scheme with respect to the existing monitoring system and infrastructure.
Babu Madhavan, N. Kalabaskar
Holistic Cyber Threat Hunting Using Network Traffic Intrusion Detection Analysis for Ransomware Attacks
In recent times, cybercriminals have penetrated diverse areas or sectors of the human business enterprise to initiate ransomware attacks against information technology infrastructure. They demand for money called ransom from organizations and individuals to save valuable data. There are varieties of ransomware attacks floating worldwide using intelligent algorithms and with the usage of different setup vulnerabilities. In our research work, we are exploring the latest trends in terms of sector-wise infiltration, captured the most popular among available and also the distribution of the number of attacks using the location information available at the country level. To achieve the correlation between the sectors and locations along with the parametric analysis, we have utilized artificial intelligence techniques. Accuracy of the prediction of attack based on the sector level analysis we have implemented Random Forest and XGBoost algorithm. This research work focuses primarily on two aspects, first is to explore the different aspects of ransomware attacks using intelligent machine learning algorithms. The method used insights to severity of spread of ransomware attacks, second research outcome is to forensically evidence finding of the attack traces using traffic analysis. The challenge is to learn from the previous weaknesses available in the infrastructure and at the same time to prepare the organization and countries' own prevention methods based on the lessons learnt, our exploratory analysis using the latest set of data implementing with AI will give a positive dimension in this area. Also, the proactive approach for managing the data safely is based on the finding of digital forensic analysis of infected ransomware traffic.
Kanti Singh Sangher, Arti Noor, V. K. Sharma
Cyber Security Attack Detection Framework for DODAG Control Message Flooding in an IoT Network
Advancement in the IoT technologies and the futuristic device’s usage influences the human life in all the aspects of day-to-day activities. Moreover, human reliance on smart objects makes IoT an important tool. IoT network enables communication among smart devices by embedding software, sensors, etc., which makes an object smart and intelligent. Though it offers many advantages, it is a matter of concern in protecting the privacy, integrity, and availability of the users’ data, and these issues need to be addressed in the implementation of the devices before it turns out to be a threat. DDoS is one such security threat which can bring down the resource-constrained IoT network. In this work, we have tried to address the existing availability issues in the IoT communication network and based on the analysis, proposed an attack detection framework for the DDoS traffic generated by IoT devices. The attack detection is done by keeping track of the usage of IoT devices parameter like power consumption and bandwidth, and monitoring the IoT network traffic to oversee the number of messages exchanged between the nodes as part of the RPL DODAG construction so that resources and bandwidth can be used for genuine communication. The proposed work has achieved better bandwidth and our simulation framework obtained good results in identifying DDoS attacks.
Jerry Miller, Lawrence Egharevba, Yashas Hariprasad, Kumar K. J. Latesh, Naveen Kumar Chaudhary
Application of Digital Forensic Evidence in Hit and Run: A Comparative Study with Special Reference to § 304 Part II of IPC
The developments of the new era in technology have reflected change in the existing system of investigating and judicial system with regard to evidence admissibility and reliance by the judiciary across jurisdictions. The criminal-jurisprudence has witnessed notable transformation with the use of scientific tools, procedures, and methodologies, which has become increasingly pivotal in delivering justice to the aggrieved. India accounts for 11% of all fatal traffic accident deaths worldwide despite owning only 1% of all vehicles and even fewer than 1% conviction rate, due to lack of proper evidence. How the digital forensic evidence in helping the legal system to encase allegations made under § 304A of the IPC to under § 304 Part II of the IPC is conveyed in this paper with the help of hit and run case instances. In addition to it, this paper also aims to establish the veracity and admissibility of the digital forensic evidence in the court of law and how the examination of its role has a different impact on two mostly identical cases with different investigation outcomes. In one instance, the accused was convicted due to the evaluation of digital evidence while in other he was acquitted due to lack of any proper forensic evidence. The authors have highlighted the challenges before the judges in deciding a criminal case or settle a legal dispute. Relying solely on witness testimony, who are seldom tutors or could not be relied upon might jeopardize the entire case proceedings. Thus, the authors argue for using forensics evidences to reconstruct the crime screen and corroborate the witness/victims testimony.
Hiral Thakar, Manav Kothary
A Forensic Video Upscaling Colorizing and Denoising Framework for Crime Scene Investigation
Digital videos have been widely used as key evidence sources in Forensic crime scene investigations. Resolution is one of the most dominating parameter which affects the overall quality of the video. The main goal of this paper is to find an efficient forensic video analysis framework to assist the forensic crime scene investigation. A forensic video analysis framework (FVAF) that employs an efficient video enhancing deep learning model for increasing resolution of the low quality videos is used. The low resolution video is fed as input to the model. First, the video is pre-processed using fastai deep learning library. Large videos are cropped to manage runtime efficiently. Second, the video is rescaled for increasing the resolution by Spatial Resolution method. The framework successfully increases the resolution of the video from SD-standard definition Resolution type of 480p with Aspect Ratio 4:3 of Pixel size 640 × 480 to Full Ultra HD Resolution type of 8K or 4320p with Aspect Ratio 16∶9 of Pixel Size 7680 × 4320. The rescaled videos are submitted for colorization process. DeOldify deep learning model using Self-Attention Generative Adversarial Network and Two Time-Scale Update Rule is adopted by FVAF framework for colorizing the videos. Also, the colorized videos are trained and tested by various video enhance AI models model Gaia High Quality 4K rendering and Theia fine Tune detail. 4K not rendered and Theia Fine Tune Fidelity: 4K not rendered and video denoise AI models model Standard, clear, lowlight, severe noise and Raw. The upscaled and colorized video is also trained and tested using denoise video enhance AI and video denoise AI models. The results of each model are stored for comparison. From the stored results best video enhance AI model and the best video denoise AI models is selected. Lowlight AI model and Gaia high quality 4K rendering are used in this FVAF to produce high standard video for Forensic Analysis. We run this model using GPU to efficiently pre-process the video. By this framework, we increase the resolution of the video footages to further assist the forensic crime investigation.
S. Prema, S. Anita
A Review of Face Detection Anti Spoofing Techniques on Varied Data Sets
In the recent scenario, and also during the pandemic situation everything is processed as well as transferred digitally. Nowadays from kids to an Adult, every age group relies on digital platform which may result in cybercrime. Nowadays cybercrimes are on its peak. E.g. user’s photo can simply be found on social media, these photos can be spoofed by facial recognition software (FRS). This digital face identity theft can be used to attempt varied activities related to money which can lead to banking fraud. Spoofing is a type of scam in which criminals attempt to obtain someone’s personal information by pretending to be a legitimate business, a neighbor, or some other innocent party. To intercept these problems of recognizing real faces against fake faces, various researchers determine Face Anti-Spoofing techniques on varied data sets. Existing research still faces difficulties to solve spoofing attacks in the real world, as datasets are limited in both quantity and quality. The key aim of this paper is to contribute a detail study of Face Anti-spoofing techniques and evaluation of varied Datasets. Finally, we achieved from the study that many researchers have found truthful methods which solve spoofing threats. But, existing work requires a more proficient face anti-spoofing algorithm by which cyber crimes can be reduced.
Pratiksha K. Patel, Jignesh B. Patel
Ethereum Blockchain-Based Medicine Supply Chain
The medicine supply chain is a process of transferring medicine across various stakeholders. The manual process of the supply chain needs help to locate the source of the medicine accurately. In addition, many people consume the medicine without validating it, which generates a risk for patients. To address this, in this paper, we have designed an Ethereum-based smart contract for tracking medicine in real-time accurately. We have also developed a smart contract to verify the medicine and achieve medicine compliance. Initially, the BCN verifies the credentials of each stakeholder and adds them to the BCN. Afterward, Admin can assign the roles to each stakeholder. The supplier can initiate collecting raw forms and send them to the manufacturer with the raw form ID. The manufacturer can verify the raw forms of medicine with its ID and manufacture the medicine accordingly. Further, this medicine verifies by the medical authority nodes and added medicine in the BCN. Later on, this medicine was transferred across other stakeholders, and locate the source of the medicine accurately. We have also validated our smart contract with vulnerability analysis. We have used the Oyente tool to verify our smart contract validity. Thus, the proposed scheme achieves real-time traceability, transparency, immutability, and medicine compliance.
Jigna J. Hathaliya, Priyanka Sharma, Sudeep Tanwar
Machine Learning Algorithms for Attack and Anomaly Detection in IoT
With the invention of IoT and its range of smart applications, people’s life has been reformed drastically. IoT infrastructure consists of actuators and sensors that generate a massive volume of data that requires extensive computing. Due to the constrained nature of IoT devices, they can be easily exploited. Moreover, some of the IoT nodes behaves abnormally which makes the IoT infrastructure vulnerable that could be exploited by the adversary to gain unauthorized access or to perform other malicious deed. Thus, anomaly detection is a primary concern in the IoT infrastructure, and the investigation of IoT network for detecting anomalies is a fast-emerging subject. There is a plethora of techniques which have been developed by the researchers for detecting anomalies. In this article, we have emphasized on the machine learning-based anomaly detection techniques due to their ability to bring out accurate results and predictions. Further, to provide a detailed overview, we have categorized the machine learning-based anomaly detection techniques into unsupervised and supervised learning. This study helps the researchers to get a better idea of machine learning techniques that have been employed for the detection of anomaly in the IoT infrastructure.
Rahul Kushwah, Ritu Garg
A Mini Review on—Physically Unclonable Functions: The Hardware Security Primitives
The Internet of Things (IoTs) is made up of several interconnected, resource-constrained devices, including sensors, actuators, and nodes that are connected to the Internet. These devices often have limited feature size/area and energy resources, making the cost of using traditional cryptography very expensive and infeasible. In recent years, physically unclonable functions (PUFs), a promising hardware security primitive, have emerged. In this paper, we discuss PUF as an alternative to these already available security protocols based on traditional mathematical cryptography. The PUFs are security primitives that address security issues such as IC authentication, Intellectual Property (IP) protection, etc. These PUFs are compatible with well-developed CMOS technology and are built on delay (such as; Arbiter, Loop, etc.) or memory structures (such as; RRAM, SRAM, etc.). IC Authentication Mechanism of PUFs and Types of PUFs have been discussed in brief in this paper. The potential of PUFs in different novel applications has also been discussed.
Harsh Panchal, Naveen Kumar Chaudhary, Sandeep Munjal
An Intelligent Analysis of Mobile Evidence Using Sentimental Analysis
Smartphones are compatible and easily accessible compared to computers irrespective of place and time. Smartphones merge with our routine which acts as a medium of communication in several ways such as messaging, voice and video calling, sharing of audio and video contact, and many multimedia contents. We express our emotions through words and these communications can be analyzed by a technique called Natural Language Processing (NLP). Many researchers in the field of text mining and NLP have analyzed the polarity of online product reviews, blogs, social media comments, tweets, and many more. Mobile forensics investigation will be more effective by providing the evidences based on sentimental analysis of the text where the suspected messages contain a negative content of having threats, harassments, text against the community guidelines, and some keywords related to the cases which may be the turning point during the forensics investigation. In this paper, a novel framework called Integrated Mobile Device Forensic Investigation Process (IMDFIP) with inclusion of sentimental analysis techniques in the text which is used to emotionally analyze the texts during the communication process. This framework provides additional information to forensic analysts which will trap the suspect during investigation. The proposed framework of IMDFIP identifies the important terms, emotions, and polarity of the text during the crime. IMDFIP capitulates results compared with the previous models.
G. Maria Jones, P. Santhiya, S. Godfrey Winster, R. Sundar
Forensics Analysis of TOR Browser
The Onion Router is a web browser that uses the Tor network to anonymize web traffic by making it simple to conceal one’s identity on social media. It uses the onion routing technology to access the multiple-level encrypted, Internet-impossible private mode. These features are being abused to engage in a variety of criminal activities, including cyber terrorism and the black market. The TOR erases all browsing history and other network traces, making it impossible for investigators to gather evidence. This study extracts and examines any potential artifacts that the TOR browser may have produced in local system files and memory dumps.
Adarsh Kumar, Kumar Sondarva, Bhavesh N. Gohil, Sankita J. Patel, Ramya Shah, Sarang Rajvansh, H. P. Sanghvi
Phishing Classification Based on Text Content of an Email Body Using Transformers
Phishing attacks steal sensitive credentials using different techniques, tools, and some sophisticated methods. The techniques include content injection, information re-routing, social engineering, server hacking, social networking, SMS and WhatsApp mobile applications. To overcome such attacks and minimize risks of such attacks, many phishing detection and avoidance techniques were introduced. Among various techniques, deep learning algorithms achieved the efficient results. In the proposed work, a transformers-based technique is used to classify phishing emails. The proposed method outperformed the other similar mechanisms for the classification of phishing emails. The phishing classification accuracy achieved by the proposed work is 99.51% using open-source datasets. The proposed model is also used to learn and validate the correctness of the in-house created datasets. The obtained results with in-house datasets are equally competitive.
M. Somesha, Alwyn R. Pais
Vehicle Theft Detection and Tracking Using Surveillance Video for the Modern Traffic Security Management System
The present paper is to demonstrate the identification of automobiles using an image, camera, or video clip by utilizing Python OpenCV. It is necessary to first download and then install OpenCV. The Python programming language is used for the development of the present system. This paper, focused on scenario analysis to detect and track the vehicles. Detailed instructions on how to do an analysis of video sequences obtained from an optical sensor in the paper on monitoring road sections were provided. These kinds of algorithms are able to identify road markers, count cars, and assess information about traffic flow. The proposed algorithm for vehicle recognition is built on top of an integrated platform of smart cameras, which is also utilized to test and validate the algorithm. The effectiveness of the algorithms and software has been shown via experimental testing. The findings demonstrate that the suggested algorithms make it possible to solve the problem in question in real-time and in a variety of observation settings, as was anticipated.
Charanarur Panem, Ashish Kamboj, Naveen Kumar Chaudhary, Lokesh Chouhan
Resilient Risk-Based Adaptive Authentication and Authorization (RAD-AA) Framework
In recent cyber attacks, credential theft has emerged as one of the primary vectors of gaining entry into the system. Once attacker(s) have a foothold in the system, they use various techniques including token manipulation to elevate the privileges and access protected resources. This makes authentication and token-based authorization a critical component for a secure and resilient cyber system. In this paper, we discuss the design considerations for such a secure and resilient authentication and authorization framework capable of self-adapting based on the risk scores and trust profiles. We compare this design with the existing standards such as OAuth 2.0, OIDC, and SAML 2.0. We then study popular threat models such as STRIDE and PASTA and summarize the resilience of the proposed architecture against common and relevant threat vectors. We call this framework Resilient Risk-based Adaptive Authentication and Authorization (RAD-AA). The proposed framework excessively increases the cost for an adversary to launch and sustain any cyber attack and provides much-needed strength to critical infrastructure. We also discuss the machine learning (ML) approach for the adaptive engine to accurately classify transactions and arrive at risk scores.
Jaimandeep Singh, Chintan Patel, Naveen Kumar Chaudhary
Survey on Blockchain Scalability Addressing Techniques
Decentralized, blockchain-based cryptocurrencies have received a lot of interest and have been used extensively in recent years. Blockchain technology, which is rapidly establishing itself as the most revolutionary technology of recent years is attracting the interest of both the private and public sectors. This blockchain technology has been frequently used in decentralized cryptocurrencies like Bitcoin and Ethereum. Blockchain is being widely used for purposes other than cryptocurrencies. Despite these advantages, scalability remains a major barrier to the widespread use of blockchain and thus a problem worth addressing. In this paper, initially, we discuss blockchain’s evolution in four stages, challenges of blockchain technology, and scaling quadrilemma and trilemma. Later we address the challenges associated in achieving the scalability in the blockchain network and review the approaches for addressing blockchain scalability challenges in different layers with different techniques. We envision this paper as a reference for analyzing and conducting research on the scalability of blockchains.
B. S. Anupama, N. R. Sunitha
Anti-money Laundering Analytics on the Bitcoin Transactions
Bitcoin is a popular cryptocurrency widely used for cross-border transactions. Anonymity, immutability, and decentralization are the major features of Bitcoin. However, criminals have taken advantage of these very features, resulting in the rise of illegal and fraudulent activities using the innovative technology of blockchain. This paper investigates the behavioral patterns of illicit transactions in the Bitcoin dataset and applies Machine Learning (ML) techniques to see how well they detect these transactions. The aim is to provide an insight into how ML techniques can support the proposed Anti-Money Laundering Analytics on the Bitcoin Transactions. The motivation behind this work stems from the recent COVID-19 pandemic, which saw a significant spike in various cybercrimes, particularly cybercrimes involving cryptocurrencies.
Rajendra Hegadi, Bhavya Tripathi, S. Namratha, Aqtar Parveez, Animesh Chaturvedi, M. Hariprasad, P. Priyanga
Information Security, Privacy and Digital Forensics
Sankita J. Patel
Naveen Kumar Chaudhary
Bhavesh N. Gohil
S. S. Iyengar
Copyright Year
Springer Nature Singapore
Electronic ISBN
Print ISBN

Premium Partner