Mobile computing has supplanted internet computing because of the proliferation of cloud-based applications and mobile devices (such as smartphones, palmtops, and tablets). As a result of this, workers bring their mobile devices to the workplace and use them for enterprise work. The policy of allowing the employees to work with their own personal mobile devices is called Bring Your Own Devices (BYOD). In this article, we discuss BYOD's background, prevalence, benefits, challenges, and possible security attacks. We then review contributions of academic researchers on BYOD. The Universiti Putra Malaysia online databases (such as IEEE Xplore digital library, Elsevier, Springer, ACM digital library) were used to search for peerreviewed academic publications and other relevant publications on BYOD. The Google Scholar search engine was also used. Our thorough review shows that security issues comprise the most significant challenge confronting BYOD policy and that very little has been done to tackle this security challenge. It is our hope that this review will provide a theoretical background for future research and enable researchers to identify researchable areas of BYOD.
This paper analyzes different Android malware detection techniques from several research papers, some of these techniques are novel while others bring a new perspective to the research work done in the past. The techniques are of various kinds ranging from detection using host based frameworks and static analysis of executable to feature extraction and behavioral patterns. Each paper is reviewed extensively and the core features of each technique are highlighted and contrasted with the others. The challenges faced during the development of such techniques are also discussed along with the future prospects for Android malware detection. The findings of the review have been well documented in this paper to aid those making an effort to research in the area of Android malware detection by understanding the current scenario and developments that have happened in the field thus far.
Nowadays, the usage of resource constrained devices is increasing and these devices are primarily working with sensitive data. Consequently, data security has become crucial for both producers and users. Limitation of resources is deemed as the major issue that makes these devices vulnerable. Attackers might exploit these limitations to get access to the valuable data. Therefore, carefully chosen and practically tested encryption algorithm must be applied to increase the device efficiency and mitigate the risk of sensitive data loss. This study will compare elliptic curve cryptography (ECC) algorithm with Key size of 160-bit and Rivest-Shamir-Adleman (RSA) algorithm with Key size of 1024-bit. As a result of this study utilizing ECC in resource constrained devices has advantages over RSA but ECC needs continues enhancement to satisfy the limitations of newly designed chips.
Internet of Things" (IOT) has become the everyday buzz words in recent years. As part and parcel of the Smart environment where human beings and things interact intelligently, trust and mobility becomes the basic prerequisites. However, to unify trust and mobility, a security protocol must be used for information exchanges among human and things; as well as between things and things (such as between Wi-Fi Client and Wi-Fi AP). In this paper, we present an enhancement of a security protocol for bulk data transfer amongst embedded devices (similar to the practices in IOT). We also proposed a security framework for enhancing security, trust and privacy (STP) for embedded system infrastructure. We suggested the use of lightweight symmetric encryption (for data) and asymmetric encryption (for key exchange) protocols in Trivial File Transfer Protocol (TFTP). The target implementation of TFTP is for embedded devices such as Wi-Fi Access Points (AP) and remote Base Stations (BS). We have chosen Das U-Boot (Universal Boot loader) as the horizontal security platform for this new security implementation which is suitable for Smart Environment.
Blowfish algorithm (BA) is a symmetric block cipher with a 64-bit block size and variable key lengths from 32 bits up to a maximum of 448 bits. In order to measure the degree of security of blowfish algorithm, some cryptographic tests must be applied such as randomness test, avalanche criteria and correlation coefficient. In this paper we attempt to analyze the security of blowfish using avalanche criteria and correlation coefficient. We analyzed the randomness of the Blowfish output in an earlier paper titled "Randomness Analysis on Blowfish Block Cipher using ECB and CBC Modes". The results obtained from the analysis of correlation coefficient showed that Blowfish algorithm gives a good non-linear relation between plaintext and ciphertext while the results of avalanche effect indicate that the algorithm presents good avalanche effect from the second round. C++ is used in the implementation of the blowfish algorithm; MATLAB programming (Mathworks, R., 2012a) is used in the implementation of avalanche effect and correlation coefficient.
Log analysis is a method to identify intrusions at the host or network level by scrutinizing the log events recorded by the operating systems, applications, and devices. Most work contemplates a single type of log for analysis, leading to an unclear picture of the situation and difficulty in deciding the existence of an intrusion. Moreover, most existing detection methods are knowledge-dependent, i.e. using either the characteristics of an anomaly or the baseline of normal traffic behavior, which limits the detection process to only anomalies based on the acquired knowledge. To discover a wide range of anomalies by scrutinizing various logs, this paper presents a new unsupervised framework, UHAD, which uses a two-step strategy to cluster the log events and then uses a filtering threshold to reduce the volume of events for analysis. The events from heterogeneous logs are assembled together into a common format and are analyzed based on their features to identify anomalies. Clustering accuracy of K-means, expectation-maximization, and farthest first were compared and the impact of clustering was captured in all the subsequent phases. Even though log events pass through several phases in UHAD before being concluded as anomalous, experiments have shown that the selection of the clustering algorithm and the filtering threshold significantly influences the decision. The framework detected the majority of anomalies by relating the events from heterogeneous logs. Specifically, the usage of K-means and expectationmaximization supported the framework to detect an average of 87.26% and 85.24% anomalous events respectively with various subsets.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.