Abstract This paper describes literature works in intrusion detection field. After that, we propose an intrusion detection method in Linux/Unix commands using supervisor synthesis. This method was applied to distinct normal user behavior from intruders behavior. The main features of this work are twofold. It exploits supervisor synthesis in the intrusion detection field. It presents our approach by behavior specification. Two... This paper describes literature works in intrusion detection field. After that, we propose an intrusion detection method in Linux/Unix commands using supervisor synthesis. This method was applied to distinct normal user behavior from intruders behavior. The main features of this work are twofold. It exploits supervisor synthesis in the intrusion detection field. It presents our approach by behavior specification. Two advantages characterize our proposed algorithm for detection. The first advantage is that the algorithm result is a structure. The second advantage is the way of searching faults or intrusions. Read More Read Less

Abstract IPSec is a suite of protocols that provides security for internet communications at the IP layer. The security properties of IPSec mainly depend on the key exchange protocols where the efficiency and security of the key management are important parts of IPSec. Internet Key Exchange (IKE) protocol is the most common mechanism for the two hosts to exchange key materials.... IPSec is a suite of protocols that provides security for internet communications at the IP layer. The security properties of IPSec mainly depend on the key exchange protocols where the efficiency and security of the key management are important parts of IPSec. Internet Key Exchange (IKE) protocol is the most common mechanism for the two hosts to exchange key materials. However, IKE is complex and vulnerable due to attacks such as (DOS, Replay and Man in the middle). In this paper, we propose a new IKE protocol based on D-H. This protocol uses three round-trips the exchange message. The advantages of our contribution are: one phase (vs. two phases on standard IKE), Best efficiency ie. optimizes transmission time (vs. longer negotiation time). The security analysis and formal verification using Automated Validation of Internet Security Protocols and Applications (AVISPA) show that our contribution can resist to various attack types such as ( Replay, DOS, man in the middle). We compare our IKE with other IKE protocols; the proposed protocol is more secure with less computation complexity. Read More Read Less

Abstract With the spread of the internet and networks, more people are relying on information sharing to research any subject. The number of Websites that are providing information on a single subject is huge. Some subjects and issues are somehow more sensitive to some people than others. However, there is no agreed upon mechanism for authenticating the content provider Web sites... With the spread of the internet and networks, more people are relying on information sharing to research any subject. The number of Websites that are providing information on a single subject is huge. Some subjects and issues are somehow more sensitive to some people than others. However, there is no agreed upon mechanism for authenticating the content provider Web sites or preserving the integrity of its contents. One aim of this paper is to develop frame work architecture protocol for Web site content authentication to build a trusted Web sites directory called Islamic trust (ITRUST). We cannot treat all documents with the same measure of security. Another aim is to solely focus on the data integrity rather than intellectual property rights and to provide different documents with different security levels. The proposed protocol we will employ public key infrastructure (PKI) and Digital Certificates (DC) for Website authentication and watermarking techniques for document integrity. Read More Read Less

Abstract The Trusted Service Manager is a key actor in the Near Field Communication technology ecosystem. It is responsible for the management of secure elements and/or applications life cycle on behalf of Issuers, Mobile Network Operators and Service Providers. The Issuer is the actor owning the keys of the secure element present in an NFC-enabled equipment. Some of them such as... The Trusted Service Manager is a key actor in the Near Field Communication technology ecosystem. It is responsible for the management of secure elements and/or applications life cycle on behalf of Issuers, Mobile Network Operators and Service Providers. The Issuer is the actor owning the keys of the secure element present in an NFC-enabled equipment. Some of them such as personal computer, laptop, or tablet manufacturers can see the key management process as a barrier to the integration of the NFC technology. We propose a novel scheme for on-demand distribution of secure element keys. This scheme allows to subcontract the business and technical key management processes to a trusted third party that will distribute on-demand the keys to accredited TSMs. Read More Read Less