نشریه منادی امنیت فضای تولید و تبادل اطلاعات (افتا)
سال یازدهم شماره 2 (پیاپی 22، پاییز و زمستان 1401)

Quantum dialogue is a type of quantum communication in which users can simultaneously send messages to each other. The earliest instances of quantum dialogue protocols faced security problems such as information leakage and were vulnerable to intercept and resend attacks. Therefore, several protocols have been presented that try to solve these defects. Despite these improvements, the quantum dialogue still faces some challenges. Currently, the limited number of participants and the impossibility of expanding users during the conversation are among the most important challenges of this kind of protocol. In this research, we have designed a multi-user quantum dialogue protocol that solves the mentioned challenges. The proposed protocol is a generalized type of quantum dialogue in which users can communicate simultaneously. The number of participating users is not limited and can be changed dynamically (i.e. without the need to restart the protocol). It means that, during the execution of the protocol, a user can leave the conversation, or a new user can join it. Communication between users is established through a central semi-trusted server. The investigations show that the proposed protocol does not have information leakage. In other words, no unauthorized entity (not even the intermediate server) can access the raw data exchanged between users.

Under the coverage of legitimate commerce, criminals money-launder their illicit incomes through the payment gateways provided by Payment Service Providers (PSP). In order to do money-laundering forensics in transactions of PSP companies, a new method was proposed by Hojati et al which is done through detecting deviations from class behavior based on peer group analysis (PGA) method. Our experiments showed that using the proposed method for money laundering detection leads to a false positive rate of about 13%. In this paper, we improved the proposed method and reduced the false positive rate to less than 1%. To achieve this, we analyzed the amount of financial transactions of sellers along with the number of visitors to their websites in PGA. Based on the number of visitors, we estimated the volume of transactions for each seller. If the volume of sales was much higher than expected, we considered it abnormal. We achieved a higher detection accuracy by using a restricted Boltzmann machine to separate out-of-class transactions. We also reduced rate of false negative alarms by the help of CBR method. Our proposed system detects money laundering online using a four-week sliding window. The experimental results confirmed the detection accuracy of 99% for our proposed system.

Consensus protocols are used to establish coordination between network nodes and increase the resistance of distributed systems against errors. In this paper, a new synchronous consensus protocol is introduced. The proposed protocol is an improved version of Abraham protocol in which we have used aggregate signature to reduce the communication load. In the Abraham protocol, communication load and calculation load of the protocol are of the order O(n3ss) and O(n3), respectively, while in the proposed protocol, communication load and calculation load are of the order O(ma n2 log kt) and O(ma n2), respectively, where n is the number of network nodes, ss is the size of a digital signature, kt is the maximum number of protocol iterations, and ma is a security parameter that can be much smaller than n. Therefore, in networks with a large number of nodes, the reduction of communication load and computing load will be noticeable. Also, in this protocol, we need at least n = 2f + 1 nodes to resist f Byzantine node, and the consensus process is done correctly with a probability of at least .

The proposed method for implementing cryptographic traffic detector systems and evasive tools in this article is a method based on deep learning, which due to the importance of optimal and automatic extraction of features from the input data set, an automatic encoder network has been used in the feature extraction phase. Then, the output of the middle hidden layer of this network is applied to a deep convolutional neural network. Deep convolutional neural networks can play an effective role in improving the performance of the system by taking into account the spatial connections between features. Finally, the output of deep convolutional neural network is also applied to two fully connected layers in order to perform the classification process. So that the number of neurons in the second fully connected layer will be equal to the expected number of layers of the system. In the first part of this article, the specifications of the proposed systems for the implementation of cryptographic traffic detectors and evasion tools will be mentioned in terms of operational architecture and features. Then, the characteristics of the networks used in the implementation of the system, and the method of their integration to form the final identifier system are briefly stated. After that, the training stage of the system and its implementation method will be introduced and at the end, how to adjust the parameters of the model and the mechanisms used to improve the overall performance of the system and the results of its performance evaluation will be presented.

In medical fields, a wearable body area sensors network is a network of sensors placed inside human bodies or on their skin. These multi-functional sensors provide all patients and medical personnel with optimized and comfortable services. The patient’s physiological information transferred in this network is very sensitive and confidential; Therefore, transmitting through an insecure channel requires high anonymity, un-traceability, and privacy-preserving of personal data. Furthermore, the wearable body area network is a small part of the Internet of Things (IoT) community, and as the devices are resource-constraint, lightweight protocols are needed to guarantee the information’s authenticity, confidentiality, and integrity. Hence, a large number of schemes were proposed by different researchers to improve the reliability of the protocols. Recently Ankur Gupta and his colleagues proposed a lightweight mutual authentication and key agreement protocol and proved its security against well-known attacks. In this paper, we will demonstrate that their proposed protocol is vulnerable to the sensor node impersonation attack and does not provide the necessary security for communicating data; Then, we will offer a new solution to overcome this problem.

How to exploit vulnerabilities and their damage potentials are mainly affected by the capability of attackers. The more powerful the attacker, the greater risk of threats and vulnerabilities. Therefore, the security analysis of a web application and choosing risk mitigation countermeasures depend on the ability of the attackers threaten the application. Focusing on SQL injection attacks, this paper is aimed at modeling the attacker’s capability to be further used for appropriate security evaluation and choosing cost-effective security controls. We model the attacker’s capability with the triple ⟨Type, Technique, Entry_Point⟩. The value in each component of the triple is obtained from the payloads through which the attacker tries to exploit the injection vulnerabilities. The Type represents the injection type, including a known set of injection attack types namely, Error_based, Union_based, Boolean_based_Blind and etc. The Technique represents the techniques, which are used by the attacker during the attack, e.g. using Special Character, using UNION, using Complex Query, using Encoding and etc. Finally, the Entry_Point represents the set of known injection entry points including GET/POST method, Http_Variables, Frequenc_based_Primary_Application and etc. This model is used for leveling and comparing the attacker’s capabilities as well as for leveling the security of a web application with respect to the level of the attacker who is able to compromise the web application. The results of the experimental evaluation show that the proposed model can be used to determine the attacker’s capability level. The model can be simply extended to adopt other security vulnerabilities attacks.

Steganography is the science and art of hiding the existence of communication. In steganography, by hiding information in a digital media, the existence of communication remains hidden from the enemy’s view. The idea of spatial-based adaptive methods is to embed more in the edge areas of the image. In these methods, areas of the image that have more changes are prioritized for embedding. On the other hand, wavelet-based methods perform embedding in high frequency subbands to match the human vision system. The proposed idea in this paper is embedding with higher priority in areas of high frequency subbands resulting from wavelet transform that have many changes. First, according to the length of the data, a threshold value is determined, based on which suitable embedding areas are identified in each high frequency subband, and then the embedding process is performed in them. This process is such that the receiver can extract the data completely by repeating it. The implementation results show that in the proposed method, the use of Integer Wavelet Transform (IWT) is more successful than Discrete Wavelet Transform (DWT). The quality of the resulted stego image is higher and its security is more than the other wavelet-based methods.