Nayeem khan

The Internet of Things (IoT) depicts a giant network where every “thing” can be interconnected through the communication network. The communication can be initiated between people-people, people-things, and things-things. Meanwhile, the fifth generation (5G) mobile communicating systems are the mainspring to power the IoT concept in the upcoming future. However, the heterogeneous environment in 5G networks as well as the high dependency on radio spectrum have raised deep concerns about the security assurance against network attacks such as eavesdropping. In this paper, we propose an end-to-end security mechanism to ensure the multi-hop relay communications in 5G based IoT networks to stay secured. We design a scenario to explain the insecure multi-hop relay communications which involves Base Station (BS), Subscriber Station (SS) and Relay Station (RS). Next, we utilize Quantum Cryptography between BS to RS and RS to RS as well as adopting Elliptic Curve Cryptography between BS to SS...

5G is a promising technology that will support high connectivity and device to device communication. It also promises to improve the existing technologies and will support them. Existing LTE-A utilize centralized communication scheme where all the authentication mechanisms need to go through the base station. This centralized authentication mechanism may generate authentication and key management overhead as well as computational complexity, thus not in line with the 5G requirements. On the other hand, distributed communication scheme lacks hop by hop authentication, thus, it is challenging to share the initial security credentials within the relay stations at multi-hop. Secondly, distributed communication scheme required decode and forward relays, a partial intelligent relays that can act as a semi base stations. Such relays are known as non-transparent relays. However, inclusion of such intelligent relays can leads towards a ROGUE RELAY STATION (RRS) attacks, which consequently ge...

The web application has become a primary target for cyber criminals by injecting malware especially JavaScript to perform malicious activities for impersonation. Thus, it becomes an imperative to detect such malicious code in real time before any malicious activity is performed. This study proposes an efficient method of detecting previously unknown malicious java scripts using an interceptor at the client side by classifying the key features of the malicious code. Feature subset was obtained by using wrapper method for dimensionality reduction. Supervised machine learning classifiers were used on the dataset for achieving high accuracy. Experimental results show that our method can efficiently classify malicious code from benign code with promising results.

With increased interest in 6G (6th Generation) cellular networks that can support intelligently small-cell communication will result in effective device-to-device (D2D) communication. High throughput requirement in 5G/6G cellular technology requires each device to act as intelligent transmission relays. Inclusion of such intelligence relays and support of quantum computing at D2D may compromise existing security mechanisms and may lead towards primitive attacks such as impersonation attack, rouge device attack, replay attack, MITM attack, and DoS attack. Thus, an effective yet lightweight security scheme is required that can support existing low computation devices and can address the challenges that 5G/6G poses. This paper proposes a Lightweight ECC (elliptic curve cryptography)-based Multifactor Authentication Protocol (LEMAP) for miniaturized mobile devices. LEMAP is the extension of our previous published work TLwS (trust-based lightweight security scheme) which utilizes ECC with Elgamal for achieving lightweight security protocol, confidentiality, integrity, and non-repudiation. Multi-factor Authentication is based on OTP (Biometrics, random number), timestamp, challenge, and password. This scheme has mitigated the above-mentioned attacks with significantly lower computation cost, communication cost, and authentication overhead. We have proven the correctness of the scheme using widely accepted Burrows-Abadi-Needham (BAN) logic and analyzed the performance of the scheme by using a simulator. The security analysis of the scheme has been conducted using the Discrete Logarithm Problem to verify any quantum attack possibility. The proposed scheme works well for 5G/6G cellular networks for single and multihop scenarios.

The rapid growth and uptake of network-based communication technologies have made cybersecurity a significant challenge as the number of cyber-attacks is also increasing. A number of detection systems are used in an attempt to detect known attacks using signatures in network traffic. In recent years, researchers have used different machine learning methods to detect network attacks without relying on those signatures. The methods generally have a high false-positive rate which is not adequate for an industry-ready intrusion detection product. In this study, we propose and implement a new method that relies on a modular deep neural network for reducing the false positive rate in the XSS attack detection system. Experiments were performed using a dataset consists of 1000 malicious and 10000 benign sample. The model uses 50 features selected by using Pearson correlation method and will be used in the detection and preventions of XSS attacks. The results obtained from the experiments depict improvement in the detection accuracy as high as 99.96% compared to other approaches.

5G is a promising technology that will support high connectivity and device to device communication. It also promises to improve the existing technologies and will support them. Existing LTE-A utilize centralized communication scheme where all the authentication mechanisms need to go through the base station. This centralized authentication mechanism may generate authentication and key management overhead as well as computational complexity, thus not in line with the 5G requirements. On the other hand, distributed communication scheme lacks hop by hop authentication, thus, it is challenging to share the initial security credentials within the relay stations at multi-hop. Secondly, distributed communication scheme required decode and forward relays, a partial intelligent relays that can act as a semi base stations. Such relays are known as non-transparent relays. However, inclusion of such intelligent relays can leads towards a ROGUE RELAY STATION (RRS) attacks, which consequently generate Replay attacks, DoS and the MITM (where mutual authentication is absent). RRS can generate interleaving attack even in the presence of mutual authentication.

The Internet of Things (IoT) depicts a giant network where every " thing " can be interconnected through the communication network. The communication can be initiated between people-people, people-things, and things-things. Meanwhile, the fifth generation (5G) mobile communicating systems are the mainspring to power the IoT concept in the upcoming future. However, the heterogeneous environment in 5G networks as well as the high dependency on radio spectrum have raised deep concerns about the security assurance against network attacks such as eavesdropping. In this paper, we propose an end-to-end security mechanism to ensure the multi-hop relay communications in 5G based IoT networks to stay secured. We design a scenario to explain the insecure multi-hop relay communications which involves Base Station (BS), Subscriber Station (SS) and Relay Station (RS). Next, we utilize Quantum Cryptography between BS to RS and RS to RS as well as adopting Elliptic Curve Cryptography between BS to SS or RS to SS to mitigate the network against typical replay attacks. By using the concept of integrating both cryptographic methods, the secret key that yield from Quantum Cryptography will be used in Elliptic Curve Cryptography to secure the transmission of information across IoT networks. Thereupon, extensive discussion has been carried out and it shows that the suggested mechanism has potential to ensure confidentiality, integrity, availability and non-repudiation in the proposed scenario. In the final part of this paper, we conclude our study by a comparison analysis between the two proposed cryptographic solutions. The comparison analysis illustrates the performance of each proposed strategy in terms of the achievable level of secrecy in IoT networks. INDEX TERMS

— Cross Site Scripting (XSS) is popular security vulnerability in modern web applications. XSS attacks are malicious scripts which are embedded by attackers into the source code of web page to be executed at client side by browsers. Researchers have proposed many techniques for detection and prevention of XSS, but eliminating XSS still remains a challenge. In this paper the authors propose a web security model for XSS vulnerability prevention for web browsers using interceptor approach. Several client and server side solution have been proposed but they degrade the browsing performance and increases configuration overheads. The proposed model is an effective solution with minimal performance overheads using both Client and Server side location in detection and prevention of XSS.