Botnets enable many cyber-criminal activities, such as DDoS attacks, banking fraud and cyberespionage. Botmasters use various techniques to create, maintain and hide their complex C&C infrastructures. First, they use P2P techniques and domain fast-flux to increase the resilience against take-down actions. Second, botnets encrypt their communication payload to prevent signature based detection. ...

Thousands of organisations store important and confidential information related to them, their customers, and their business partners in databases all across the world. The stored data ranges from less sensitive (e.g. first name, last name, date of birth) to more sensitive data (e.g. password, pin code, and credit card information). Losing data, disclosing confidential information or even chang...

Key management play a central role for protecting communication in WSNs. Due to the limited memory resources and energy constraints, complex security algorithms cannot be used in sensor networks. Therefore, to secure data communication and well balance between the security level and the associated energy consumption is a challenging task. In this paper, we present an Improved Key management Sch...

ARP cache poisoning and putting host Network Interface Card (NIC) in promiscuous mode are ways of sniffer attacks. ARP cache poisoning attack is effective in an environment which is not broadcast in nature (like switch LAN environment) and other attack is effective in an environment which is broadcast in nature (like hub, bus, access point LAN environments). Sniffing is malicious activity perfo...

In this paper we propose two compilers which are designed to transform a group key exchange protocol secure against any passive adversary into an authenticated group key exchange protocol with key confirmation which is secure against any passive adversary, active adversary, or malicious insider. We show that the first proposed compiler gives protocols that are more efficient than those produced...

In this paper we propose two compilers which are designed to transform a group key exchange protocol secure against any passive adversary into an authenticated group key exchange protocol with key confirmation which is secure against any passive adversary, active adversary, or malicious insider. We show that the first proposed compiler gives protocols that are more efficient than those produced...

The cloud computing is the architecture in which hosts, virtual machines and users are involved in the communication. The cloud is the decentralized nature due to which malicious nodes enter the network and trigger various types of attacks. The impersonate attack is the denial of service attack and it reduced the efficiency of the cloud architecture. In this work, zombie attack will be isolated...

In order to protect social network security from malicious attacks, we study the propagation of malicious software in wireless networks by taking on the attacker’s perspective. Some topology control algorithms are designed for the development of effective attack strategies by a malicious mobile node based on the risk function metric, which indicates the network’s vulnerability. Our approach, in...

Wireless sensor networks (WSNs) are often deployed in potentially adverse or even hostile environment so that there are concerns on security issues in these WSNs. Sensor nodes with resource-constrained make security applications a challenging problem. Key agreement is a fundamental security service in WSNs, which enables sensor nodes to communicate securely with each other using cryptographic t...

Mobile ad hoc networks (MANETs) are extensively used in military and civilian applications. The dynamic topology of MANETs allows nodes to join and leave the network at any point of time. This generic characteristic of MANET has rendered it vulnerable to security attacks. In our research, we will address the problem of black hole attack. In this attack, a malicious node falsely advertise shorte...