Editors Selim Aissi Hamid R. Arabniaturgut/Research/Publications/Download/SAM07... · than a...

PROCEEDINGS OF THE 2007 INTERNATIONAL CONFERENCE ON

SECURITY amp MANAGEMENT

Editors

Selim Aissi Hamid R Arabnia

Associate Editors

Kevin Daimi Danilo Gligoroski George Markowsky

Ashu M G Solo

WORLDCOMP07 June 25-28 2007 Las Vegas Nevada USA wwwworld-academy-of-scienceorg

copyCSREA Press

-

Contents

SESSION INTRUSION DETECTION

Intrusion Detection System to Detect Wormhole Using Fault Localization Techniques

Maitreya Natu Adarshpal Sethi

3

Intrusion Detection in Wireless Sensor Networks

Hong Nguyen Ravi Palaniappan Nevin Aydin Shiyuan lin Damla Turgut

10

Distance Measures for Anomaly Intrusion Detection

Wei Wang Sylvain Gombault

17

An Intrusion Detection Model Based on Intention Modeling

lun Lu Chong-jun Wang lun Wang Shi-fu Chen

24

Intelligent Mobile Agent for Intrusion Detection System

Reginalds Lips Nabil EL Kadhi

30

SESSION BIOMETRIC AUTHENTICATION STEGANOGRAPHY

An Overview of Multi-modal Biometrics for Authentication 39 Slobodan Dokic Andrea Kulesh Megha Dombal Huirong Fu

A study on biometric key generation from fingerprints Fingerprint-key generation 45 from stable feature value

Yoichi Shibata Masahiro Mimura Kenta Takahashi Masakatsu Nishigaki

On the Generation of X509v3 Certificates with Biometric Information 52

Guillermo Martinez-Silva Francisco Rodriguez-Henriquez Nareli Cruz-Cortes Levent Ertaul

Improvement of User Authentication Using Schema of Visual Memory Guidance by 58 Verbal Cue

Takumi Yamamoto Atsushi Harada Takeo lsarida Masakatsu Nishigaki

An Efficient Authentication Protocol for GSM 65

Ashutosh Saxena Shaiaja Gummadidala Phani Kumar Kancharla

Combinatorial Approach For Authentication Based on Face Recognition 70 Atluri Kavitha Dhavala Lalitha Bhaskari Peri S Avadhani

-

User Authentication via Mouse Biometrics and the usage of Graphic User Interfaces 76 An Application Approach

1 Octavio Gutierrez-Garda Felix F Ramos-Corchado Herwig Unger

A Unified Approach To Construct Non-perfect Secret Sharing And Traitor Tracing 83 Schemes

Kannan Karthik Dimitrios Hatzinakos

Visual Multi-Secret Sharing Scheme with Cheater Identification 90 Nu-El Choi Eun-Jun Yoon Hyun-Jin Park Kee-Young Yoo

ParseKey+ A Five-Way Strong Authentication Procedure as an Approach to 97 ClienUServer Impersonation A voidance using Steganography for Key Encryption

Behnam Rahnama Atilla Elci

Steganographic File System Development Based On The Information Hiding Scheme 107 By Permutation Of Sequence Elements

Hayk Ghazaryan

Proposal on Automatic Authentication of Cellular Phones by Using Force Sensor 112

Jujia Wang Yoichi Muraoka

A New Steganography Scheme using a Frame 118

Hyunjin Park Eun Jun Yoon Kee Young Yoo

Performance Optimization of Close-Color Pair Steganalysis 123

Paul Seymer George Dimitog lou

SESSION CRYPTOGRAPHY

A Time-Bound Hierarchical Key Assignment Cryptosystem with No Lifetime Limit 131

Jyh-Iww Yeh

Colored Probabilistic Visual Cryptography Scheme with Reversing 138

Feng Yi Daoshun Wan g Xiaobo Li Yiqi Dai

RSA and Elliptic Curve- EIGamal Threshold Cryptography (ECCEG-TC) 142 Implementations for Secure Data Forwarding in MANETs

Leven Ertaul Nitu Chavan

Using Generated Digital Images to Modify the PGP Cryptography Protocol 147

Hilal M Yousif Al-Bayalti Abdul Monem Rahlna Hala Bahjat AbdulWahab

Solving Semantic Problems in Chaff and Winnowing Problem by Using Cryptography 152

bull

Sara Mohamadrezaei Bahram Sadeghi Bigham

Exploiting Silence for Ciphertext Only Cryptanalysis of Stream Ciphered Digitized Voice

Liaqat Ali Khan M Shamim Baig M AshrafAshraf

157

SESSION SECURITY AND PRIVACY

A Formal Approach for Security Policy Enforcement in Concurrent Programs

Mahjoub Langar Mohamed Mejri Kamel Adi

165

Triangulating the Views of Human and Non-Human Stakeholders in Information System Security Risk Assessment

Lizzie Coles-Kemp Richard Overill

172

Security Based Heuristic SAX for XML Parsing

Wei Wang

179

Calculating the Return on Security Investments - An Approach Based on Principle Capital Budgeting

Jan V0111 Brocke Heinz Lothar Grob Gereon Strauch Christian Buddendick

of 186

Security and Privacy Open Issues with RFID

Shoua Yang Shanti Sukumaran Dipali Yennalkar Hesiri We erasinghe Huirong Fu

192

Universally Unique Identifiers How To Ensure Uniqueness While Protecting The Issuers Privacy

Martin Schaffer Peter Schartner Stefan Rass

198

Enhanced User Privacy on Trusted Processors

Valli Kumari Vatsavayi Raju KVSVN

205

Implementation of Protections as the Element of Information System Security Management Experiences of Polish Enterprises

Adam Nowicki Artur Rot Leszek Ziora

211

Secure Web Applications A Systematic Approach

Habtamu Bogale Jigang Liu

217

Modeling the Security Objectives According to the Common Criteria Methodology

Andrzej Bialas

223

Extending SecuritySustainability through Pervasive Spider Web Networks in Urbanism

230

-

Li- Yen Hsu Shin-Shin Kao

Advance Diagnosis of Information Security for the Mobile RFID Service 236

Ki-Hyang Hong Gang Shin Lee lae-l Lee Ik-Sub Lee

A Study of Estimate Risk Level Model Based on Security Maturity 242

lin-Sub Park Young-Sun Shin lung-lin Park Sung-Gi Kang

More Security on Tunisian e-Commerce Payments by Using SMS for Customers 248 Authenticity With National Post Office

Ben Salah Abderrazak

A Brief Study of Students Attitudes Curiosity Interest and Perceptions of 255 Information and National Security

Sarah North Max North

A Key-Set Label Model for Protecting Information Security 260 Min Guo Meng Cao

A Secure Key Distribution Scheme in Wireless Sensor Networks Using Dynamic 267 Clustering Algorithms

Dongmin Choi Yeojin Lee Choongyong ClIo Okbin Lee Yongkeun Bae lyong Chung

Enhanced Multi-Level Security Secure Sharing 274

Shima Izadpanahi Muhammad Reza Fatemi

A Trusted Domain-based Approach for Authorization and Delegation on Mobile 277 Distributed S)stem

Guoqing Tu Pingxiang Li

4G and Manet Wireless Network of Future Battlefield 282

Marcin Szczodrak linwoo Kim

SESSION ANALYSIS AND EVALUATION

Economic Evaluation of IT Security 291 Mohammed Ketel

A Generic Metric for Evaluation of Database Security 298 Gregory Vert Phanid Dogiparthi

Evaluation of the S-Box Construction Using Arithmetic Modulo Prime Numbers 306

Eltayeb Abuelyaman Mohammed El-Affendi

bull

On the Security of 80211 and 8021X Evaluating an Embedded Network Stack

Hareesh Khatfri Salvador Mandujano

310

Analysis of Probabilistic Information Flow Security Properties

Bo Chen Baohua Zhao Chao Lu

317

Analysis of Smart Card-Based Remote User Authentication Schemes

Ronggong Song Larry Korba George Yee

323

Analysis of Software Vulnerability in Sensor Nodes

Qijun Gu

330

The Analysis of Key Typing Sounds using Self Organizing Maps

Hiroshi Dozono Shinsuke Ito Hisao Tokushima Masanori Nakakuni

337

A Survey on Digital Watermarking Technologies

Hesham EL-Zouka Farma Zada

342

A Study about DDoS Attacks in SIP Environments

Luigi Alcuri Pietro Cassara

350

Survey on Reputation Management Systems in P2P Network

EunJoung Byun SungJin Choi ChongSun Hwang SangKeun Lee

358

SESSION SYSTEMS AND ALGORITHMS

Software Protection by Hardware and Obfuscation

Bin Fu Sai Aravalli John Abraham

367

An Ontology for the Management of Heteregenous Alerts of Information System

Fatiha Benali Veronique Legrand Stephane Ubeda

374

Allocation of Partitioned Data by Using A Neural Network Based Approach

Manghui Tu Dongfeng Wang Peng Li Nasser Tadayon

381

Reducing Spam Using Network Management Techniques

Tobias Eggendoifer

388

Immunity to Passive Attacks on Generic RNG Model

Iltor Vasyltsov Eduard Hambardzwnyan

395

Platform Trust Beyond BIOS Using the Unified Extensible Firmware Interface

Vincent Zimmer

400

-

Contextual Risk-Based Access Control

Nguyen Ngoc Diep Sungyoung Lee Young-Koo Lee HeeJo Lee

406

A Practical English Auction Based on the Discrete Logarithms

Ming-Jheng Li Justie Su- Tzu Juan

413

Efficient Encrypted Storage Structure for Prevention of Information Leakage

Meixing Le Jiajin Le

420

Finding the Change-Point in a Binary Stream with Two Unknown but Distant Distributions

Phillip Bradford Daniel Ray

426

Non-linear and Non-group Cellular Automata for Cryptographic Applications

Se-Min Kim Jun-Cheol Jeon Byung-Hun Kang Sang-Ho Shin Kee-Young Yoo

432

SESSION APPLIED CRYPTOLOGY AND NETWORK SECURITY

A Secure E-cash Scheme with Optional Traceability 439

Chih-Hung Wang Chien-Chang Feng

Totally Asynchronous Stream Ciphers + Redundancy = Cryptcoding 446

Danilo Gligoroski Smile Markovski Ljupco Kocarev

A PDA Implementation of an Off-line e-Cash Protocol 452

Efren Clemente-Cuervo Francisco Rodriguez Henriquez Daniel Ortiz-Arroyo Levent Ertaul

Design and Performance Analysis of an Enhanced Group Key Generation Protocol 459

Sunghyuck Hong Noe Lopez-Benitez

SESSION SECURITY OF SUPERCOMPUTING CLUSTERS

Security Tools for GRID- Systems 467

A Palagin N Alishov George Markowsky Anatoly Sachenko Volodymyr Turchenko

10

I Canf an Security and Management I SAMO I


Hong N Nguyen School of Electrical Engineering and Computer Science

University of Central Florida Orlando Florida USA

Ravi Palaniappan Institute for Simulation and Training


Nevin Aydin Department of International Logistics and Transportation

Beykent University Istanbul Turkey

Shiyuan Jin School of Electrical Engineering and Computer Science


Damla Turgut School of Electrical Engineering and Computer Science


Abstract

There are several applications that use sensor motes and researchers continue to explore addishytional applications For the intruder detection application we use a set of Berkley mica2 motes on TinyOS operating system Different types of sensors such as pressure light and so on can be used to identify the presence of an intruder in the field In our case we choose light sensors for the detection When an intruder crosses the monitored environment the system detects the changes on the light values A ny change greater than a pre-defined threshold indicates the presshyence of an intruder An integrated webcam is used to take snapshot of the intruder and transshymit the pictures through the network to a remote station The basic motivation of this paper is that a sensor-based web system can be used to detect any intruder in a specific area from a remote loshycation

Keywords intrusion detection sensor networks

1 Intruction

Over the years many people have seen the use of alarm systems and video cameras in combination to detect and prevent intruders A complete security system requires large numbers of cameras with alert operators who are actively looking for intruders or suspicious activity which is not an effective way to detect intruders Therefore this paper is conshycentrated on looking for a technology that is easy to deploy and non-intrusively locate targets a nd inshytruders A system should alert the operator to look at a specific area only where intrusion is detected by the sensor motes

There are several sensor motes which collect varshyious types of data such as light level pressure and so on The sensor nodes will use different threshold values for different types of applications Each senshysor node communicates with each other and transshymits the data to the central control station which is the stargate computer More details of thi st argate computer will be discussed later on Sensor motes operating at 900 IvIHz frequency in ad hoc mode

11Cont on Security and Management I SAM07 I

bull

Figure 1 System overview

will be used to detect intruders in a monitored field The real-time sensor data are used to check for the presence of an intruder First these motes are proshygrammed to send the sensor data at a preset freshyquencv then this data is collected and monitored from the motes using a stargate computer in a wireshyless mode Finally a web cam takes pictures of the intruder and transmits them to the Apache web server where such pictures can be accessed by seshycurity personnels through the Internet A baseline data and background noise calibrations are needed in order to carry out the measurements For exshyample when someone crosses close to the motes located on the ground there would be a change in pressure or light sensitivity which in turn migh t inshydicate an intruder Figure 1 illustrates the system overview

The connection between sensors and MIB510 or between clients and stargate computer are all wireshyless The MIB510 is linked to a local computer by RS-232 serial port cable The same connection is used between this local computer and stargate computer A webcam is connected to stargate comshyputer by a regular cable through a USB port proshyvided on stargate The system has a unique feashyture of remote monitoring that helps the user to control the system from a distant location This work is done as part of a large sensor web project for the Office of Naval Research to develop a long term monitoring systems for border security along the southern borders of Arizona Our contribution is the development of this proof-of-concept sensor

web system which can be deployed ullder different environments

2 Related wark

Much research work has been done in wirles s ushysor networks with varying degree of success Mo t researches are focused on simulation analysis Onat et aI [1] introduced a novel anomaly dptectioll based security scheme for large scale s nsor netshyworks that exploits the stability in their neiOhbotshyhood information In the simulation each node builds a simple stat istical model of its neighborgti s behavior and changes can be detec ted based on these statistics Roman et al [2J propo eel a general intrusion detection system architecture for static sensor networks where some nodes are able to choose independently to monitor the communishycat ions in their neighborhood Blumenthal et al [3] described a software architecture for 111 bile elishysor networks This work mainly discusses tt frameshywork to simpl ify the development of software for sensor network applications Additional researdt work can be found on [4] and [5]

Lubrin et aI [6] developed a mote based wireshyless sensor network with remote monitoring capashybilities using a PDA to display patient vital inforshymation such as heart rate body temperature and so on The PDA (mobile monitor) sends this data through the internet to a central database serv r which uses Microsoft IIS to interface with the PDA With this type of approach there is a possibility of data interception when transferring vital and conshyfidential patient data over the internet Using seshycure shell software can be one solution to avoid this problem

Hamrit a et al [7] demonstrated an event driven smart sensor and RFID reader integrated system by deploying wireless smart sensors in a conshytrolled environment enventListener program a piece of software package in nesC is used t o write the sensor readings of the environmelltal parameshyters to the database enabling real time remote monshyitoring of the system The authors also discuss setshyting up a database on a server and access the netshywork by querying t hrough a web form to be able to monitor the system However they were unable to find sufficient documentation on the RFID readeI to integrate it with the lVIICA2DOT mote thus they cannot capture the actual RFID read event

In [8] the authors discussed the problem of tracking objects with sparsely located binaTY senshysors They argued that tracking with sensor netshy

-

12 Cant an Security and Management I SAM07 I

work localization was complicated and presented many problems such as the inaccuracy of sensors Also sensor network had a low detection probabilshyity of tracking and high false detection probabilities due to a limited power supply and operates in the low signal to noise ratio (SNR) regime Thus they developed a distributed tracking algorithm based on the formulation and over the finite state space of sensor without sensor model and sensor network localization In summary this system was suitable to addnii indoor tracking problems where both the level of tracking an object movement and sensor network self-localization were high For outdoor tracking application it was only helpful when the degree of the passage connectivity graph of a sensor network was small

Demirkol et aI [9] conducted simulations of packet traffic modeling on wireless sensor networks for intrusion detection Simulation parameters used are the number of sensor nodes surveillance area sensing range and sampling interval

3 Hardware and software components

This work requires many different components most of which are from Crossbow Inc [10] In this section a greater detail on the components used will be explained The hardware components inshyclude stargate computer tvIICA2 motes MIB510 serial interface board MTS310 sensor board and a webcam The software components are Xlisten cygwin Java JDK and apache web-server

Stargate Stargate is a powerful single board computer with enhanced communications and senshysor signal processing capabilities It supports applishycations around TinyOS based wireless sensor netshyworks and smart dust technology Figure 2 shows a typical stargate

Stargate has 400 MHz RISC processor 64MB RAM 32MB flash with a size of 35 x 25 inches [11] It also has one type II compact flash dot (a 802llb wireless compact flash card) A 256MB SanDisk compact flash card is used to have sufficient storage space for our database This size of card should provide a couple years worth of space to store sensor data

One of the interesting uses for the stargate is an application server It is a remotely deployed stargate configured with software for local manageshyment of a sensor network There are two server software that can be installed Apache web-server for web-based applications and a Java runtime A

Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock

Figure 3 Crossbow MICA2 mea3Urement middotstem

Figure 4 Serial interface board

version of the Apache web-server is located on t he stargate support CDROM In this particular applishycation Apache web-server is used to display picture of the intruder

MICA2 Motes The MICA2 mote is a third generation mote sensors It is designed mostly for embedded sensor networks Its frequency is 916 MHz and can be chosen in any single frequency range from 903 MHz to 927 MHz For outdoor apshyplication the range can reach to 70 feet If the MICA2 is on the ground however its range deshycrease to 40 feet Similarly for indoor app lication its range changes between 50 and 70 feet Vhen there is multipath distortion which can block the process of transmitting data its range is 30 feet Figure 3 shows a typical MICA2 used

MIB510 Serial Interface Board This serial interface board allows for the aggregation of sensor network data on any standard computer platforms It acts as a base station for wireless sensor network with the MICA2 motes Figure 4 shows a typical MIB510 used

MTS310 Sensor Board This is a flexible sensor board with a variety of sensing modalities

___

Cant an Security and Management I SAM07 I 13

F igure 2 Stargate development platform processor board (left) and daughter card (right)

including 2-ax is accelerometer (ADXL202) 2-axis magnetometer light temperature acoustic and sounder

Because of the fast growth in this technology the price of motes fall and their capabilities rise along with the rest of semicond uctor technology those wireless s(nsors are used for boosting productivity opening fw~h avenues for scientific research and enabling creative ways to prevent and respond to emergencies environmental and military applicashytions This type of sensor nodes run on TinyOS operating system These sensors link up with their neighbors fro m the moment they are turned on Depending on the foliage and environmental conshyditions the radio range differ lower the radio freshyquencies longer the ranges in an outdoor deployshyment At 433 MHz the range can be between 200 to 500 feet and at 916 MHz on the other hand the range varies from 100 to 300 feet MTS310 is suitable for a wide range of applications keeping in mind that sensor units shou ld be placed at least 1 to 3 feet above the ground to maximize the comshymunication range Placing units at ground grass or other foliage are factors of decreasing the communishycation radius Figure 5 illustrates the components of MTS310

Webcam The webcam is used to take picture of any intruder and send it to the web-server in a real-time However there are only two suitable units with stargate because of their special drivers The reason is that stargate uses Linux which proshyvides support for Philips USB webcams and OVshycam drivers

X listen This program is supplied by Crossbow Inc [10] As its name indicates its main funcshytion is to listen for incoming sensor data messages

Mlcroptone lone ~ Tem~tlJfe Pan alKlnc ER T-JiVRI03J

UaiMtomer ~tli l HMC1OO2 (MTSalOCA ontr ~1MrnG

AcUIItfO~ 0[)1~XL202

liTS3lOC- ollf)1 2

R~I~oOT lG

Figure 5 MTS310 sensor board

such as temperature humidity and so on in a BEshy

rial port On stargate it acts as the intermediary between the sensor readings from the wireless netshywork of sensors and the Postgres database installfd 00 stargate Xlisten is able to recognize and inshyterpret packets in a st andardized format includshying node ID parent sensor- board ID and voltage Data transmitted by the motes is either a raw anashylog or digital reading

As mentioned earlier final conversion to engishyneering units is done by Xlisten The full C source code for conversion is available and provides a good reference for converting sensor readings for the enshytire line of Crossbow wireless product [101

Cygwin Cygwin is developed by Cygnus Solushytions Inc [12] Cygwin allows many UMX applicashytions to run on a windows platform Mainly it is used to port software that runs on POSIX systems to run on Windows Cygwin has a GNU developshyment toolchain which allows basic software developshyment tasks and some application programs equivshyalent to common programs on the UnL system to run on windows

Java JDK JDK is used to compile and run

-

14 Conf on Security and Management I SAM07 I

mote-test and other software applications The communications API package javaxcomm proshyvides applications an access to RS-232 hardware or serial ports

Apache web-server The Apache web-server allows secure and reliable remote web-based client connections For example in our work the files of a personal computer can be shared over the Intershynet Here Apache web-server is installed at starshygate computer Since the files are located in the Apache s document root they can be easily shared This software provides the designer an ability to preview and test the code while the code is being developed Basically this server is used to upload and update new images of any intruders collected from the stargate The stargate runs an HTML file to check the intruder detection signal sent from the local computer When there is a change in the sigshynal the html file immediately triggers the remote machine to execute the bash shell (webcamsh) to take a picture This web-server is refreshed every second to ensure that new pictures are updated

Vhen an intruder crosses the monitored field ome of the sensor motes detect a change in the inshytensity of the light since the intruder might obstruct the ambient light conditions in the environment in which the sensors are programmed for Vhen this happens the system concludes that the light intenshysity crossed the threshold for triggering the alarm to indicate the presence of an intruder

4 System Implementation

Sensor data can be accessed either from PostshygreSQL database or from raw data streams It is ineffici nt to read real-time data directly from the database because each time a packet is read the JDBC record-set need to be updated The following is an example of a raw data packet The first three bytes in the packets are used to indicate the start of a new set of data according to Crossbows manual for the raw datas message format

FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000

Each data packet contains several fields of data The overa ll message format is as follows

Destination address 7D 1D Message handler ID 84 Group ID 01

NO _ 0 in ddIo- ftIe

Figure 6 Calculation on the chan s of the light values

Source address 05 00 Temperature F2 01 Light 16 02 Microphone EF 01 accelX 38 00 accelY 78 02 magX 29 03 magY 27 03

where accelX and accelY represent values of acshycelerometer magX and magY are values of nmgshynetometer which measures the strength of magnet field The MTS310 MICA sensor board has five senshysors accelerometer magnetometer microphone light and temperature In our application we are interested in the changes of the light values which trigger an intruder detection mechattism Figure 6 is presents our design

In our application we have used three sensors two senders and one receiver In our experimenshytal set up the threshold is set as 55 However it can be tuned to different testing environments Initially our program waits for 5 seconds for signal stabilization since the initial signals are unstable Upon activation the local computer collects spttsor data from the motes placed at random locations on the field through the serial MIB510 connector Afshyter receiving each packet the 14th and 15th bytes (corresponding to light data) of each packet are seshylected and converted into decimal data values The variations of light data is obtained from remotc senshysors Instead of having the sensor system to read a threshold level the local computer writes a binary

bull

15Canf an Security and Management I SAM07 I

SECURE CONNECTION

LOCAL COMPUTER === STARGATE COMPUTER

l _ __ SEJiSORmiddot _ SENSOR

MIB510 I

SEN SCR SENSOR

Figure 7 Secure connection

code to a data-file If the lighLchanges parameter (standard deviation) exceeds a pre-defined threshshyold the Listenjava code starts to write a value of 1 to the data-file meaning that there is an intruder Otherwise a 0 is written to indicate an absence of an intruder This file writing operation in the sensor Jav- code is continuously run by the local computer After the detection is achieved the sysshytem delays the next set of data collection for 5 secshyonds for the system to synchronize and convey the p resence of the intruder to the stargate This datashyfile is then transfered to the apache web-server

Vlhenever an intruder crosses the change of the light value triggers the remote camera and an alarm This is achieved by sending the data file to the stargate a t each instance by a network cashyble This is done by establishing a trusted seshycure connection between the local computer and the stargate as demonstrated in Figure 7

This secure connection is necessary in order to prevent data interruption and corruption This file transfer operation is critical for the sensor web sysshytem since this will be used to locate the presence of an intruder In order to achieve the file transfer operation a Unix command scp which is embedshyded in the Java code is used This operation takes place after the use of ssh-keygen method which use private and public keys to enable the stargate and the local computer to recognize each other as trusted hosts

Once the data file is secured at the stargate it runs continuously to detect the presence or absence of an intruder To do this a bash script is run on the stargate to check for the binary value written in the data file If it finds a value of 1 it means an intruder is det ect ed and the stargate triggers the web camera to t ake a picture of the intruder This picture is then transferred to the apache web-server The picture is embedded in HTML file which can be accessed by all the client machines If the bash script reads a 0 from the data file no immedishy

ate action is taken d ue to absence of t he int[ud r The webcam can be configured to take pi tures at

various resolutions For example a picture call be taken with 640 x 480 settings to have a high resoshylution image of the intruder However the system usually is set at a lower resolution to r duce Ybtelll power consumption and also bandwidth required to access the pictures from the web it

Using apache web-server enables users to monshyitor the system from a remote location If a mer is connected to the internet h she would be able to access the apache web-server on the stargate to retrieve the intruder pictures from anywhere

Even though the stargate is a small low-power computer it has some high-end capabilities such as the ability to act as an HTTP apache web-server and run Java applications When the stargate takes the picture of the intruder it automatically trclllSshyfers a copy of the picture to the apache se r such that it can be accessed by users at remote locations A time delay for 2 seconds is included in I It slmiddotarshygate system such that it can synchronize with f he local computer A webpage is designed to holtl thP pictures from the intruders and it refreshes every second to reload the page This ensures t hlt t no target or intruder is missed

41 Raw Data

Here is an example of raw data that is collected during the testing period

temp [0] [0] =885 FF FF 00 7D ID 84010100 C701 F3017503 DF 014A 00170019031603000000000000000000 temp [0] [1] =841 LighLchanges [0] 3111269837220809 intruder1 I I

FF FF 007D ID 84010100 C701 F3014903 EC 014A 00170019031703000000000000000000 temp [0] [0] =830 FF FF 007D ID 84010100 C701 F3013E 03 EB 014A 00170019031603000000000000000000 temp [0] [1] =834 Light_changes [0] 28284271247461903 No intruder FF FF 00 7D ID 84010100 C701 F4014203 F3014A 00170019031703000000000000000000 temp [0] [0] =838 FF FF 007D ID 84010100 C701 F4014603 F2014A 00170019031603000000000000000000 temp [0] [1] =806 Light_changes [0] 22627416997969522 intruder

-

16

The Listenjava is programmed to collect every two packets of the sensor data and calculate the light-changes parameter Based on those calculated values a message of intruder or no intruder is displayed for the users The light value such as temp[Oj [1]= 806 is already conshyverted into decimal data The first and second numbers in the array indicate the sensor node and the packet number respectively For exshyample temp[Oj[1]= 806 indicates that light value is 806 from node ID 0 and this is the second packet

42 HTTP Webpage

A simple webpage was created to show an image of the intruder The HTTP address is the IP address of the stargate As we discussed earlier this webshyserver will be refreshed every second to ensure t he pictures are updated If there is no intruder this browser does not display any image

In conclusion the time-line of operation of the sensor web system can be summarized as follows

bull Activate sensor web system by starting the sensor data collection by running t he Lisshytenjava code in the local machine-verify the sensors are returning data through the seria l connection

bull Activate t he stargate bash script which checks for the bin ary code in the data file

bull Intruder enters t he environment light threshshyold value is crossed sensors indicate presence of intruder Local machine now sends a dat ashyfile with 1 to the stargate through a secure link

bull Stargate bash sc ript webcamsh finds that there is a T in the data-file and triggers the camera to take a picture of the intruder It waits 2 seconds and checks for data-file again for the binary code

bull Apache server in the stargate stores the picture in a jpeg format and waits for a client webpage to access the server It also refreshes the webshypage every second Vhen a user at remote locat ion opens up a webpage the apache webshyserver accepts t he connection and sends the picture to the client machine through HTTP protocol This client machine then displays the pict ure of the intruder

Cant an Security and Management I SAMO I

5 Conclusions

In th is paper we implement an intrusion dCtCct ioo system in sensor networks using small size low cost low power Berkeley motes An intrudpr a ll be RUl shy

cessfully detected when crossing the mOlt itortd Il shy

vironment Once t he system detect an intruder the webcam automatically takes pictures which ill turn will be transferred to our stargate serVPL

References [I] I O nat and A Miri An in lrusion detect io n S) stem for

wire less sensor networks)) in Proceedin ys Il j IEE E intershyn atio n al ConJerence on Wireless and Mo bile Comput l Networking and Communi cations vo l 3 A ugust 2005 pp 253-259

[2] R Roman J Zho u and J Lopez App ly ing in Lrusian dtlshyteet jon systems to wireless se nsor ne lwork II In P Toceed ing8 of Bid Consumer C ornrll11n ica tio1ts and Net1J)ork--ing ConJerence CCNC06) vo l I J Duary 20U6 pp 64U-MI

[31 J Blumenthal M Hand y F G olntowski M Haaltr and D T immermann utVire les sp nsor net works - neuro 1

chall e nges in software eng in eering in f roccedlTlgs of IEEE Emerging Technol ogies and Factory Au tomation (ETFA) ConJerence vol I Sep te mber 2003 pp 551 556

[4 ] A da Silva M Martins B Rocha A Lo ure iro L Hlliz and H Won~ (Decentralized intrusion de tecti n in wireshyIeS sensor networks in Proceedin gs oj th J lt1 A C M 111shyt CT n ational Workshop on Qual tty oj S prvice an d ecshyrity in Wireless and Mobile Networks October 200f pp 16- 23

15] P lnverardi L Mostarda and A Navarra Dis tributed lOSs for enhancing security in mobile wi re less se nsor netshyworks in Proceedings oj 20th In ternation al Conference on Advanced InJormatwn Networking and Applicat lOllS (A[NA 06) vo l 2 April 2006 pp 115-1 20

161 E Lubrin E Lawrence and K avarro Iireless re mot e healthcare monitoring w ith mot es in PToceed iny~ 0 International ConJe ren ce on Mobile Business (f e MB ) j uly 2005 pp 235- 241

[7] T Hamrita N Kalus kar and K W olfe Advances in s ma rt sensor technology11 in P ro ceedings of In dust ry A pshyplicati on s ConJerence vo l 3 O c to ber 2005 pp 2059shy2062

[8] S Oh and S Sast ry Tracking on gr aph in Pruceedin gs oj the Fourth International Symposium on [formation Processing in Sen sor Networks (IPS N) April 20U pp 195-202

[9 ] l Demirkol F A lagoz H Delic and C E rs oy W ire shyless sensor networks for intrusion detection packe t Lra tii c modeling iEEE Communications Letters vo l 10 no 1 pp 22- 24 January 2006

[10] ((C rossbow Technology Inc httpw wwxbow com

[11] laquoCrossbow technology manual S targate de ve loper s guide processor board (spb400cb) and daughtc r card (sdc400ca) wwwx b owcom Fe burary 2004

[l 2] HCygnus Solutio ns Inc ht t pwwwcygn ll sshysolution s com

bull

Contents

SESSION INTRUSION DETECTION

Intrusion Detection System to Detect Wormhole Using Fault Localization Techniques

Maitreya Natu Adarshpal Sethi

3


Hong Nguyen Ravi Palaniappan Nevin Aydin Shiyuan lin Damla Turgut

10

Distance Measures for Anomaly Intrusion Detection

Wei Wang Sylvain Gombault

17

An Intrusion Detection Model Based on Intention Modeling

lun Lu Chong-jun Wang lun Wang Shi-fu Chen

24

Intelligent Mobile Agent for Intrusion Detection System

Reginalds Lips Nabil EL Kadhi

30

SESSION BIOMETRIC AUTHENTICATION STEGANOGRAPHY

An Overview of Multi-modal Biometrics for Authentication 39 Slobodan Dokic Andrea Kulesh Megha Dombal Huirong Fu

A study on biometric key generation from fingerprints Fingerprint-key generation 45 from stable feature value

Yoichi Shibata Masahiro Mimura Kenta Takahashi Masakatsu Nishigaki

On the Generation of X509v3 Certificates with Biometric Information 52

Guillermo Martinez-Silva Francisco Rodriguez-Henriquez Nareli Cruz-Cortes Levent Ertaul

Improvement of User Authentication Using Schema of Visual Memory Guidance by 58 Verbal Cue

Takumi Yamamoto Atsushi Harada Takeo lsarida Masakatsu Nishigaki

An Efficient Authentication Protocol for GSM 65

Ashutosh Saxena Shaiaja Gummadidala Phani Kumar Kancharla

Combinatorial Approach For Authentication Based on Face Recognition 70 Atluri Kavitha Dhavala Lalitha Bhaskari Peri S Avadhani

-









Hayk Ghazaryan









Jyh-Iww Yeh








bull




157




165



172


Wei Wang

179



of 186



192



198



205



211



217


Andrzej Bialas

223


230

-
























bull



310



317



323


Qijun Gu

330



337



342



350



358




367



374



381


Tobias Eggendoifer

388



395


Vincent Zimmer

400

-



406



413



420



426



432













10













Abstract



1 Intruction




bull





2 Related wark





-









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull









Hayk Ghazaryan









Jyh-Iww Yeh








bull




157




165



172


Wei Wang

179



of 186



192



198



205



211



217


Andrzej Bialas

223


230

-
























bull



310



317



323


Qijun Gu

330



337



342



350



358




367



374



381


Tobias Eggendoifer

388



395


Vincent Zimmer

400

-



406



413



420



426



432













10













Abstract



1 Intruction




bull





2 Related wark





-









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull




157




165



172


Wei Wang

179



of 186



192



198



205



211



217


Andrzej Bialas

223


230

-
























bull



310



317



323


Qijun Gu

330



337



342



350



358




367



374



381


Tobias Eggendoifer

388



395


Vincent Zimmer

400

-



406



413



420



426



432













10













Abstract



1 Intruction




bull





2 Related wark





-









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull
























bull



310



317



323


Qijun Gu

330



337



342



350



358




367



374



381


Tobias Eggendoifer

388



395


Vincent Zimmer

400

-



406



413



420



426



432













10













Abstract



1 Intruction




bull





2 Related wark





-









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull



310



317



323


Qijun Gu

330



337



342



350



358




367



374



381


Tobias Eggendoifer

388



395


Vincent Zimmer

400

-



406



413



420



426



432













10













Abstract



1 Intruction




bull





2 Related wark





-









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull



406



413



420



426



432













10













Abstract



1 Intruction




bull





2 Related wark





-









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull

10













Abstract



1 Intruction




bull





2 Related wark





-









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull


bull





2 Related wark





-









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull









Microprocessor

Antenna Connector

ExpansIOnCon clQl

8011 ry Pock







___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull

___










liTS3lOC- ollf)1 2

R~I~oOT lG







-







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull







FF FF 007D 1D 84010500 A801 F2011602 EF 013800780229032703000000000000000000








bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull


SECURE CONNECTION



MIB510 I

SEN SCR SENSOR










41 Raw Data




-

16


42 HTTP Webpage









5 Conclusions


















bull

16


42 HTTP Webpage









5 Conclusions


















bull

Date post:	21-Mar-2020
Category:	Documents
Upload:	others
View:	0 times
Download:	0 times

Editors Selim Aissi Hamid R. Arabniaturgut/Research/Publications/Download/SAM07... · than a...

Documents