Design and Analysis of Security Protocol for Communication

The purpose of designing this book is to discuss and analyze security protocols available for communication. Objective is to discuss protocols across all layers of TCP/IP stack and also to discuss protocols independent to the stack. Authors will be aiming to identify the best set of security protocols for the similar applications and will also be identifying the drawbacks of existing protocols. The authors will be also suggesting new protocols if any.

S. BALAMURUGAN is the Director of Research and Development, Intelligent Research Consultancy Services(iRCS), Coimbatore, Tamilnadu, India. He also serves as R&D Consultant for many companies, startups, SMEs and MSMEs. He has published 40 books, 200+ articles in international journals/conferences as well as 27 patents. He is Editor-in-Chief of Information Science Letters and International Journal of Robotics and Artificial Intelligence. His research interests include artificial intelligence, IoT, big data analytics, cloud computing, industrial automation and wearable computing. He is a life member of IEEE, ACM, ISTE and CSI. DINESH GOYAL received his PhD in 2014 on "Secure Video Transmission in a Cloud Network" and is now Dean of Academics as well as a member of the Dept. of Computer Science & Engineering, Suresh Gyan Vihar University, India. His research interests are related to information & network security, image processing, data analytics and cloud computing. O. P. VERMA is the Principal at GB Pant Govt. Engineering College, New Delhi, India. Previously, he was at the Department of Computer Science & Engineering, Delhi Technical University, New Delhi, India. His research interests include image processing, soft computing, machine learning, evolutionary computing. SHENG-LUNG PENG is a Professor of the Department of Computer Science and Information Engineering at National Dong Hwa University, Hualien, Taiwan. He received PhD degree in Computer Science from the National Tsing Hua University, Taiwan. He is an honorary Professor of Beijing Information Science and Technology University of China, a supervisor of the Chinese Information Literacy Association and of the Association of Algorithms and Computation Theory. His research interests are in designing and analyzing algorithms for bioinformatics, combinatorics, data mining, and networks. He has published more than 100 international conference and journal papers. Preface xiii

1 HISTORY AND GENERATIONS OF SECURITY PROTOCOLS 1

Bright Keswani, Poonam Keswani and Rakhi Purohit

1.1 Introduction 2

1.2 Network Security 2

1.3 Historical Background of Network Security and Network Timeline 4

1.4 Internet Architecture and Security Aspects 5

1.4.1 IPv4 and IPv6 Architecture 6

1.4.1.1 Structure of IPv4 6

1.4.1.2 IPv6 Architecture 7

1.4.2 Attack Through IPv4 8

1.4.2.1 Internet Attacks Common Methods 8

1.4.2.2 Internet Security Technology 10

1.4.3 IPv6 IP Security Issues 11

1.5 Different Aspects of Security of the Network 12

1.6 Evolution of Security Protocols for Network 13

1.6.1 Understanding the Key Components of Network Security 13

1.6.2 A Deep Defense Strategy 14

1.6.3 How Does the Next Generation Network Security System Work Best 15

1.7 Network Security Protocols 17

1.7.1 Application Layer 17

1.7.1.1 Good Privacy (PGP) 17

1.7.1.2 Email/Multipurpose Security (S/MIME) 18

1.7.1.3 HTTP Secure (S-HTTP) 18

1.7.1.4 Hypertext Transfer Protocol (HTTPS) in Secure Sockets Layer 19

1.7.1.5 Secure E-Commerce (SET) 19

1.7.1.6 Kerberos 19

1.7.2 Transport Layer 20

1.7.2.1 Secure Sockets Layer (SSL) 20

1.7.2.2 Transport Layer Security (TLS) 21

1.7.3 Network Layer 21

1.7.3.1 Internet Protocol Security (IPSec) 22

1.7.3.2 Virtual Private Network (VPN) 23

1.7.4 Data Link Layer 24

1.7.4.1 Point-to-Point Protocol (PPP) 24

1.7.4.2 Remote Authentication User Service (RADIO) 24

1.7.4.3 Terminal System Access Control Access Control Equipment (TACACS +) 25

1.8 Current Evolution of Red Security 25

1.8.1 Hardware Development 25

1.8.2 Software Development 27

1.9 Future Security Trends 27

References 27

2 EVOLUTION OF INFORMATION SECURITY ALGORITHMS 29

Anurag Jagetiya and C. Rama Krishna

2.1 Introduction to Conventional Encryption 30

2.2 Classical Encryption Techniques 31

2.2.1 Substitution Based 32

2.2.1.1 Caesar Cipher 32

2.2.1.2 Monoalphabetic Cipher 32

2.2.1.3 Playfair Cipher 33

2.2.1.4 Polyalphabetic Cipher 35

2.2.2 Transposition Based 36

2.2.2.1 Simple Columnar 36

2.2.2.2 Rail Fence Cipher 37

2.3 Evolutions of Modern Security Techniques 38

2.3.1 Stream Cipher Algorithms 38

2.3.1.1 One Time Pad (OTP) 40

2.3.1.2 RC-4 41

2.3.1.3 A5/1 43

2.3.2 Block Cipher Algorithms 44

2.3.2.1 Feistel Cipher Structure 46

2.3.2.2 Data Encryption Standard (DES) 48

2.3.2.3 Triple Data Encryption Standard (TDES) 56

2.3.2.4 International Data Encryption Algorithm (IDEA) 58

2.3.2.5 Blowfish 60

2.3.2.6 CAST-128 62

2.4 Conclusion 66

References 67

Practice Set 67

Review Questions and Exercises 70

3 PHILOSOPHY OF SECURITY BY CRYPTOSTAKES SCHEMES 79

Hemant Kumar Saini

3.1 Philosophy of Public Key Cryptosystems (p-k Cryptography) 79

3.2 RSA Algorithm 81

3.3 Security Analysis of RSA 84

3.4 Exponentiation in Modular Arithmetic 85

3.5 Distribution of Public Keys 87

3.6 Distribution of Secret Keys Using Public Key Cryptosystems 89

3.7 Discrete Logarithms 91

3.8 Diffie–Hellman Key Exchange 91

3.9 Review Exercise 93

References 94

4 ZERO-SHARE KEY MANAGEMENT FOR SECURE COMMUNICATION ACROSS A CHANNEL 95

P. R. Mahalingam and K. A. Fasila

4.1 Introduction 95

4.2 Background 96

4.3 Zero-Share Key Management System 98

4.4 Simulation 100

4.5 Complexity and Analysis 103

4.6 Conclusion and Future Trends 106

References 107

5 SOFT COMPUTING-BASED INTRUSION DETECTION SYSTEM WITH REDUCED FALSE POSITIVE RATE 109

Dharmendra G. Bhatti and Paresh V. Virparia

5.1 Introduction 109

5.1.1 Soft Computing for Intrusion Detection 111

5.1.2 False Positive 112

5.1.3 Reasons of False Positive 113

5.2 Existing Technology and Its Review 115

5.3 Research Design 118

5.3.1 Conceptual Framework 118

5.3.2 Preprocessing Module 121

5.3.3 Alert Monitoring Module 123

5.4 Results With Implications 124

5.4.1 Preprocessing Module Benchmark 126

5.4.2 Alert Monitoring Module Benchmark 129

5.4.3 Overall Benchmark 130

5.4.4 Test Bed Network Benchmark 131

5.5 Future Research and Conclusion 133

References 135

6 RECURSIVELY PAIRED ARITHMETIC TECHNIQUE (RPAT): AN FPGA-BASED BLOCK CIPHER SIMULATION AND ITS CRYPTANALYSIS 141

Rajdeep Chakraborty and J.K. Mandal

6.1 Introduction 141

6.2 Recursively Paired Arithmetic Technique (RPAT) 142

6.2.1 An Example of RPAT 144

6.2.2 Options of RPAT 145

6.2.3 Session Key Generation 146

6.3 Implementation and Simulation 147

6.4 Cryptanalysis 150

6.5 Simulation Based Results 152

6.6 Applications 152

6.7 Conclusion 153

Acknowledgment 153

References 153

7 SECURITY PROTOCOL FOR MULTIMEDIA STREAMING 155

N. Brindha, S. Deepa and S. Balamurugan

7.1 Introduction 156

7.1.1 Significance of Video Streaming 156

7.2 Existing Technology and Its Review 162

7.3 Methodology and Research Design 166

7.4 Findings 167

7.5 Future Research and Conclusion 169

References 169

8 NATURE INSPIRED APPROACH FOR INTRUSION DETECTION SYSTEMS 171

Mohd Shahid Husain

8.1 Introduction 171

8.1.1 Types of Intrusion Detection Systems 172

8.2 Approaches Used for Intrusion Detection Systems 173

8.2.1 Intrusion Detection and Prevention Systems 173

8.2.2 Performance Criteria of Intrusion Detection Systems 174

8.3 Intrusion Detection Tools 175

8.4 Use of Machine Learning to Build Dynamic IDS/IPS 176

8.5 Bio-Inspired Approaches for IDS 178

8.6 Conclusion 179

References 181

9 THE SOCIO-BEHAVIORAL CIPHER TECHNIQUE 183

Harshit Bhatia, Rahul Johari and Kalpana Gupta

9.1 Introduction 183

9.2 Existing Technology 184

9.3 Methodology 186

9.3.1 Key Arrangement 187

9.3.2 Key Selection 188

9.3.3 Mathematical Operations 189

9.3.4 Algorithm 191

9.3.5 Encryption Operation 192

9.3.6 Decryption Operation 193

9.3.7 Mathematical Modeling 201

9.4 Conclusion: Future Scope and Limitations 205

References 208

10 INTRUSION DETECTION STRATEGIES IN SMART GRID 211

P. Ponmurugan, C. Venkatesh, M. Divya Priyadharshini and S. Balamurugan

10.1 Introduction 212

10.2 Role of Smart Grid 212

10.3 Technical Challenges Involved in Smart Grid 213

10.4 Intrusion Detection System 216

10.5 General Architecture of Intrusion Detection System 217

10.6 Basic Terms in IDS 218

10.7 Capabilities of IDS 219

10.8 Benefits of Intrusion Detection Systems 219

10.9 Types of IDS 220

10.10 IDS in a Smart Grid Environment 222

10.10.1 Smart Meter 223

10.10.2 Metering Module 223

10.10.3 Central Access Control 224

10.10.4 Smart Data Collector 224

10.10.5 Energy Distribution System 225

10.10.6 SCADA Controller 225

10.11 Security Issues of Cyber-Physical Smart Grid 225

10.12 Protecting Smart Grid From Cyber Vulnerabilities 227

10.13 Security Issues for Future Smart Grid 229

10.14 Conclusion 230

References 230

11 SECURITY PROTOCOL FOR CLOUD-BASED COMMUNICATION 235

R. Suganya and S. Sujatha

11.1 Introduction 236

11.2 Existing Technology and Its Review 237

11.3 Methodology (To Overcome the Drawbacks of Existing Protocols) 238

11.4 Findings: Policy Monitoring Techniques 238

11.5 Future Research and Conclusion 240

Reference 241

12 SECURITY PROTOCOLS FOR MOBILE COMMUNICATIONS 243

Divya Priyadharshini M., Divya R., Ponmurugan P. and Balamurugan S.

12.1 Introduction 244

12.2 Evolution of Mobile Communications 246

12.3 Global System for Mobiles (GSM) 248

12.4 Universal Mobile Telecommunications System (UMTS) 250

12.5 Long Term Evolution (LTE) 251

12.6 5G Wireless Systems 254

12.7 LoRA 257

12.8 5G Integrated With LoRA 258

12.9 Physical Layer Security and RFID Authentication 259

12.10 Conclusion 259

References 260

13 USE OF MACHINE LEARNING IN DESIGN OF SECURITY PROTOCOLS 265

M. Sundaresan and D. Boopathy

13.1 Introduction 266

13.2 Review of Related Literature 269

13.3 Joint and Offensive Kinetic Execution Resolver 271

13.3.1 Design of JOKER Protocol 273

13.3.2 Procedure 276

13.3.3 Procedure 278

13.3.4 Simulation Details and Parameters 279

13.3.4.1 Packet Delivering Ratio Calculation 279

13.3.4.2 Packet Loss Ratio Calculation 279

13.3.4.3 Latency (Delay) Calculation 279

13.3.4.4 Throughput Calculation 280

13.4 Results and Discussion 280

13.5 Conclusion and Future Scope 283

References 283

14 PRIVACY AND AUTHENTICATION ON SECURITY PROTOCOL FOR MOBILE COMMUNICATIONS 287

Brajesh Kumar Gupta “Mewadev”

14.1 Introduction 288

14.2 Mobile Communications 289

14.3 Security Protocols 291

14.4 Authentication 294

14.5 Next Generation Networking 298

14.6 Conclusion 302

References 303

15 CLOUD COMMUNICATION: DIFFERENT SECURITY MEASURES AND CRYPTOGRAPHIC PROTOCOLS FOR SECURE CLOUD COMPUTING 305

Anjana Sangwan

15.1 Introduction 305

15.2 Need of Cloud Communication 306

15.3 Application 309

15.4 Cloud Communication Platform 310

15.5 Security Measures Provided by the Cloud 310

15.6 Achieving Security With Cloud Communications 312

15.7 Cryptographic Protocols for Secure Cloud Computing 314

15.8 Security Layer for the Transport Protocol 315

15.9 Internet Protocol Security (IPSec) 317

15.9.1 How IPsec Works 318

15.10 Kerberos 320

15.11 Wired Equivalent Privacy (WEP) 326

15.11.1 Authentication 326

15.12 WiFi Protected Access (WPA) 327

15.13 Wi-Fi Protected Access II and the Most Current Security Protocols 328

15.13.1 Wi-Fi Protected Access 329

15.13.2 Difference between WEP, WPA: Wi-Fi Security Through the Ages 329

15.14 Wired Equivalent Privacy (WEP) 329

15.15 Wi-Fi Protected Access (WPA) 330

15.16 Conclusions 330

References 331

Index 333