STM Journals, a strong initiative by Consortium E-Learning Network Private Ltd. (established 2006), was
launched in the year 2010 under the support and guidance by our esteemed Editorial and Advisory Board
Membersfromrenownedinstitutes.
Objectives:
 Promotion of Scientific, Technical and Medical research.
 Publication of Original Research/Review, Short Articles and Case Studies through
Peer Review process.
 Publishing Special Issues on Conferences.
 Preparing online platform for print journals.
 Empowering the libraries with online and print Journals in Scientific, Technical
and Medical domains.
 Publishing and distribution of books on various subjects in the category of Nanotechnology,
Scientific and Technical Writing, and Environment, Health and Safety.
SalientFeatures:
 A bouquet of 100+ Journals that fall under Science, Technical and Medical domains.
 Employs Open Journals System (OJS)—a journal management and publishing system.
 The first and one of the fastest growing publication website in India as well as in abroad
for its quality and coverage.
 Rapid online submission and publication of papers, soon after their formal
acceptance/finalization.
 Facilitates linking with the other authors or professionals.
 Worldwide circulation and visibility.
Journal of Network Security
ISSN: 2395-6739(online), ISSN: 2321-8517(print)
Focus andScopeCovers
 Internet,Network andWirelessNetwork Security&Applications
 Mobile,Sensor Network, DatabaseandSystemSecurity
 Virus, worms,TrojanProtection,E-mailsecurity, Spam,PhishingandE-mailfraud
 Securitythreats&countermeasures(DDoS, MiM, Session Hijacking,Replayattacketc,)
 Cryptographicprotocols
 IntrusionDetectionandPrevention
Journal of Network Security is published (frequency: three times a year) in India by STM Journals (division of
Consortium e-Learning Network Private Ltd. Pvt.) The views expressed in the articles do not necessarily reflect of the
Publisher. The publisher does not endorse the quality or value of the advertised/sponsored products described therein.
Pleaseconsultfullprescribinginformationbeforeissuingaprescriptionfor anyproductsmentionedinthispublication.
No part of this publication may be reproduced, stored in retrieval system or transmitted in any from without written
permissionof thepublisher.
To cite any of the material contained in this Journal, in English or translation, please use the full English reference at the
beginningof eacharticle.Toreuseanyofthematerial,pleasecontactSTM Journals (info@stmjournals.com)
STM Journals

STM Journals (division of Consortium e-Learning Network Private Ltd. ) having its Marketing office located at Office
No. 4, First Floor, CSC pocket E Market, Mayur Vihar Phase II, New Delhi-110091, India is the Publisher of Journal.
Statements and opinions expressed in the Journal reflect the views of the author(s) and are not the opinion of STM
Journals unless so stated.
Subscription Information and Order:
 NationalSubscription:
Print- Rs 3750/-perJournal( includes3printissues), SingleIssue copypurchase:Rs 1500.
Online - Rs 3750/- per Journal inclusive Service Tax ( includes 3 online issues), Single Issue purchase: Rs 1500
inclusiveServiceTax
Print+Online-Rs 5000/-perJournalinclusiveServiceTax( includes3print&onlineissues).
 International Subscription:
 Online Only- $199, Print Only-$299 (includes 3 print issues)
 Online + Print-$399 (includes 3 print issues + online access of published back volumes )
To purchase print compilation of back issues please send your query at info@stmjournals.com
Subscription must be prepaid. Rates outside of India includes delivery. Prices subject to change without notice.
Mode of Payment: At par cheque, Demand draft, and RTGS (payment to be made in favor of
Consortium E-Learning Network. Pvt. ltd., payable at Delhi/New Delhi.
Online Access Policy
A). For Authors:
In order to provide maximum citation and wide publicity to the authors work, STM Journals also have Open Access
Policy, authors who would like to get their work open access can opt for Optional Open Access publication at
nominal cost as follows
India, SARC and African Countries: INR 2500 or 100 USD including single hard copy of Author's Journal.
Other Countries: USD 200 including single hard copy of Author's Journal.
B). For Subscribers:
 Online access will be activated within 72 hours of receipt of the payment (working days), subject to receipt of
correct information on user details/Static IP address of the subscriber.
 The access will be blocked:
 If the user requests for the same and furnishes valid reasons for blocking.
 Due to technical issue.
 Misuse of the access rights as per the access policy.
Advertising and Commercial Reprint Inquiries: STM Journals with wide circulation and visibility offer an excellent
media for showcasing/promotion of your products/services and the events-namely, Conferences, Symposia/Seminars
etc. These journals have very high potential to deliver the message across the targeted audience regularly with each
published issue. The advertisements on bulk subscriptions, gift subscriptions or reprint purchases for distribution etc. are
alsoverywelcome.
Lost Issue Claims: Please note the following when applying for lost or missing issues:
 Claims for print copies lost will be honored only after 45 days of the dispatch date and before publication of the
next issue as per the frequency.
 Tracking id for the speed post will be provided to all our subscribers and the claims for the missing Journals will
be entertained only with the proofs which will be verified at both the ends.
 Claims filed due to insufficient (or no notice) of change of address will not be honored.
 Change of Address of Dispatch should be intimated to STM Journals at least 2 months prior to the dispatch
schedule as per the frequency by mentioning subscriber id and the subscription id.
 Refund requests will not be entertained.
Legal Disputes
All the legal disputes are subjected to Delhi Jurisdiction only. If you have any questions, please contact the Publication
Management Team: info@stmjournals.com; Tel : +91 0120-4781211.

Gargi Asha Jha
Manager (Publications)
PUBLICATION MANAGEMENT TEAM
Internal Members
External Members
Bimlesh Lochab
Assistant Professor
Department of Chemistry
School of Natural Sciences, Shiv Nadar University
Gautam Buddha Nagar, Uttar Pradesh, India
Dr. Rajiv Prakash
Professor and Coordinator
School of Materials Science and Technology
Indian Institute of Technology (BHU), Varanasi
Uttar Pradesh, India
Dr. Rakesh Kumar
Assistant Professor
Department of Applied Chemistry
BIT Mesra, Patna,
Bihar, India
Prof. S. Ramaprabhu
Alternative Energy and Nanotechnology Technology
Laboratory, Department of Physics
Indian Institute of Technology, Chennai
Tamil Nadu, India
Himani Pandey
Isha Chandra
Senior Associate Editors
Dr. Yog Raj Sood
Dean (Planning and Development)
Professor, Department of Electrical Engineering
National Institute of Technology, Hamirpur
Himachal Pradesh, India
Prof. Chris Cannings
Professor, School of Mathematics and Statistics
University of Sheffield,
Sheffield
United Kingdom
Dr. D. K. Vijaykumar
MS, MCh (Surgical Oncology), Professor and
Head Department of Surgical Oncology
Amrita Institute of Medical Sciences and Research Centre
Ponekkara, Cochin, Kerala, India
Dr. Durgadas Naik
Associate Professor (Microbiology)
Management and Science University,
University Drive, Seksyen13
Selangor, Malaysia
Prof. José María Luna Ariza
Department of Computer Sciences and
Numerical Analysis
Campus of Rabanales
University of Córdoba, Spain
Dr. Khaiser Nikam
Professor, Library and Information Science
Department of Library and Information Science
University of Mysore
Mysore, India
Quaisher J Hossain
Senior Editor
Group Managing Editor
Dr. Archana Mehrotra
Managing Director
CELNET, Delhi, India
Meenakshi Tripathi
Shivani Sharma
Chairman
Mr. Puneet Mehrotra
Director
Shambhavi Mishra
Associate Editors
Sugandha Mishra

Prof. Priyavrat Thareja
Director Principal
Rayat Institute of Engineering and
Information Technology
Punjab, India
Dr Baldev Raj
Director, National Institute of Advanced Studies
Indian Institute of Science campus Bangalore
Karnataka, India
Former Director
Indira Gandhi Centre for Atomic Research,
Kalpakkam, Tamil Nadu, India
Dr. Pankaj Poddar
Senior Scientist
Physical and Materials Chemistry Division,
National Chemical Laboratory
Pune, Maharastra India
Prof. D. N. Rao
Professor and Head
Department of Biochemistry
All India Institute of Medical Sciences
New Delhi, India
Dr. Nandini Chatterjee Singh
Additional Professor
National Brain Research Centre
Manesar, Gurgaon
Haryana, India
Dr. Ashish Runthala
Lecturer, Biological Sciences Group
Birla Institute of Technology and Science
Pilani, Rajasthan,
India
Dr. Bankim Chandra Ray
Professor and Ex-Head of the Department
Department of Metallurgical and
Materials Engineering
National Institute of Technology, Rourkela
Odisha, India
Prof. Yuwaraj Marotrao Ghugal
Professor and Head
Department of Applied Mechanics
Government College of Engineering
Vidyanagar, Karad
Maharashtra, India
Dr. Hardev Singh Virk
Visiting Professor, Department of Physics
University of SGGS World University
Fatehgarh Sahib, Punjab,
India
Former Director Research
DAV Institute of Engineering and Technology
Jallandhar, India
Dr. Shrikant Balkisan Dhoot
Senior Research Scientist, Reliance
Industries Limited, Mumbai, India
Former Head (Research and Development)
Nurture Earth R&D Pvt Ltd., MIT Campus
Beed Bypass Road, Aurangabad
Maharashtra, India
STM JOURNALS
ADVISORY BOARD

Dr. Rakesh Kumar
Assistant Professor
Department of Applied Chemistry
Birla Institute of Technology
Patna, Bihar, India
Prof. Subash Chandra Mishra
Professor
Department of Metallurgical and
Materials Engineering
National Institute of Technology, Rourkela
Odisha, India
Dr. Shankargouda Patil
Assistant Professor
Department of Oral Pathology
KLE Society's Institute of Dental Sciences
Bangalore, Karnataka, India
Prof. Sundara Ramaprabhu
Professor
Department of Physics
Indian Institute of Technology Madras
Chennai, Tamil Nadu
India
Dr. Baskar Kaliyamoorthy
Associate Professor
Department of Civil Engineering
National Institute of Technology, Trichy
Tiruchirappalli, Tamil Nadu, India
STM JOURNALS
ADVISORY BOARD

Editorial Board
Dr. Divakar Singh Yadav
Dept. of Computer Science & Engineering,
Institute of Engineering and Technology
UP Technical University, Lucknow, India
Maj. Gen Anil kumar Jain
Amity University, India
Dr. Mark Burgin
Dept. of Mathematics, UCLA, Los Angeles,
CA 90095, USA, United States
Yaduvir Singh
Department of Electrical and
Instrumentation Engineering,
Thapar University, Patiala Punjab, India
Dr. Gunamani Jena
ME CSE, PhD, FIE, MIEEE,
LMISTE, MCSI, India
Senthil Kumar A.V.
Hindusthan College of Arts
and Science, Coimbatore, India
Dr. Adesh Kumar Sharma
National Dairy Research Institute
(Deemed University),
Indian Council of Agriculture, Haryana, India
Prof. Prasanta K. Jana
Indian School of Mines, Dhanbad
Dr. B.L. Shivakumar
Assoc. Prof., Dept. of Computer Applications,
Sri Ramakrishna Engineering College,
NGGO Colony Post, Coimbatore, India

It is my privilege to present the print version of the [Volume 4 Issue 3] of our Journal of Network
Security, 2016. The intension of JoNS is to create an atmosphere that stimulates vision, research and
growthintheareaof Networksecurity.
Timely publication, honest communication, comprehensive editing and trust with authors and
readers have been the hallmark of our journals. STM Journals provide a platform for scholarly
research articles to be published in journals of international standards. STM journals strive to publish
qualitypaperinrecordtime,makingitaleaderinserviceandbusiness offerings.
The aim and scope of STM Journals is to provide an academic medium and an important reference
for the advancement and dissemination of research results that support high level learning, teaching
andresearchinalltheScientific,TechnicalandMedicaldomains.
Finally, I express my sincere gratitude to our Editorial/ Reviewer board, Authors and publication
team for their continued support and invaluable contributions and suggestions in the form of
authoring writeups/reviewing and providing constructive comments for the advancement of the
journals.With regards to their due continuous support and co-operation, we have been able to publish
qualityResearch/Reviewsfindingsfor our customersbase.
Ihopeyouwillenjoyreadingthisissue andwewelcomeyourfeedbackonanyaspectof theJournal.
Dr.ArchanaMehrotra
ManagingDirector
STM Journals
Director's Desk
STM JOURNALS

1. Mobile Ad Hoc Network Gray Hole and Black Hole Attack Detection and Defences: Review
Ashish Jain, Shashank Gahoi 1
2. Selfish Node Detection in Opportunistic Networks
Vikram, Sandeep Kumar 7
3. Examining the Effects of MIST in RSA and CRT-RSA to Resist Power Analysis Attacks
Ajoy Kumar Khan, Hridoy Jyoti Mahanta 11
4. An Innovative Methodology to Detect and Prevent Black Hole Attacks in Wireless Sensor Networks
Avneet Kaur, Mandeep Kaur 23
5. Design and Performance Comparison of Secure Routing Protocol in Integrated
UMTS and WLAN Ad Hoc Networks
Shashank Tripathi, A.K. Jain 28
6. Secure and Parallel Access Mechanism for Network File System
Raju Dara, T. Sowjanya 42
7. Vulnerability Assessment and Management Using Qualys Guard
Shashank Gahoi, Ashish Jain 49
ContentsJournal of Network Security

JoNS (2016) 1-6 © STM Journals 2016. All Rights Reserved Page 1
Volume 4, Issue 3
www.stmjournals.com
Mobile Ad Hoc Network Gray Hole and Black Hole
Attack Detection and Defences: Review
Ashish Jain1
, Shashank Gahoi2,
*
1
Department of Computer Engineering, Institute of Engineering and Technology, Devi Ahilya
University, Indore, Madhya Pradesh, India
2
Department of Information Technology, Institute of Engineering and Technology,
Devi Ahilya University, Indore, Madhya Pradesh, India
Abstract
Mobile ad hoc network (MANET) is an infrastructure less dynamic network which is created
on demand. MANET is an assembly of mobile nodes which is a temporary network. Mobile
nodes frequently come and go out of the network. Because of self-motivated or mobility in
nature, nodes are very important factor for the security perspective. In this paper, a review on
a various type of network attacks, such as black hole attack, gray hole attack, worm hole
attack an many other attacks, which are most dangerous threats for MANET. In this paper, we
have presented a review on eliminating and defensive techniques for such kind of attacks in
the MANET.
Keywords: Mobile ad hoc network (MANET), gray hole attack , black hole attack, AODV (ad
hoc on demand distance vector) routing protocol
INTRODUCTION
Mobile ad hoc network (MANET) is
distinguishable from the cellular network
(Figure 1). Since it is not depended on
infrastructure and it is not static network. It is
a gathering of autonomous hubs that speak
with one another through radio waves. Ad hoc
network system needs a particular security
system but there is no single approach as the
nodes can be any device. Each node in the
network behaves like a station or router.
Nodes can communicate directly to other node
if they are in the radio coverage range of each
other otherwise uses the multihop concept.
Each node participates in the routing and the
performance depends upon the cooperation
between the mobile nodes [1].
Fig. 1: Mobile Ad hoc Network.
Routing has been more critical part of this
network. Sophisticated amount of work has
been done to provide security to the routing
but none of them provides the security at a
good level. So, these protocols are more
concerned of being attacked by various kind of
network attack.
Malicious selfish nodes affect the mobile ad
hoc network. There are some dangerous kind
of attack such as DOS (denial of service)
attack, gray hole (selective forwarding) attack,
black hole (packet dropping) attack, worm
hole attack, flooding (RERP) attack, Byzantine
attack, Sybil attack, etc. MANET has
disadvantages also, such as dynamic changing
topologies, limited battery power and limited
bandwidth. So, these make the routing more
difficult in MANET. In this paper, we have
deliberated common network attacks such as
black hole attack, gray hole attack in mobile
ad hoc network and given a countermeasures
and techniques to detect and prevent these
kind of attack [2]. This paper is arranged as
the gray hole and black hole attack is
explained in the upcoming heading, and the
defences along with techniques to prevent
these attacks is discussed later in the paper.

Volume 4, Issue 3
www.stmjournals.com
Selfish Node Detection in Opportunistic Networks
Vikram, Sandeep Kumar
Department of Computer Science, Ganpati Institute of Technology and Management,
Kurukshetra University, Kurukshetra, Haryana, India
Abstract
In recent years, Opportunistic Networks (OPPNET) are grown at very fast rate. These
networks are designed for the areas in which no end-to-end connectivity is available for
communication. OPPNET works on the principle of store carry and forward mechanism.
Transmission of messages takes place through intermediate nodes in OPPNET. It means that
OPPNET depends on intermediate nodes. If any intermediate nod behaves maliciously then
data transmission may cause. This paper presents selfish node attack and impact of this
attack. Next, we discussed various existing techniques that are designed to deal with selfish
node.
Keywords: OPPNET (Opportunistic Networks), Selfish node, Selfishness, Reputation and
Credit
INTRODUCTION
Opportunistic Networks (OPPNET) is an
intermittently linked Network where the end-
to-end ways may not exist and correspondence
routes might just be accessible through time
and versatility. Because of absence of reliable
availability, OPPNET uses store carry and
forward mechanism, i.e., in the wake of
accepting a few bundles, a node carried them
until it contacts another node and afterward
advances the messages. Since OPPNET
routing depends on portable nodes to forward
bundles for one another, the directing
execution (e.g., the quantity of messages
conveyed to their destinations) relies on upon
whether the nodes interact with one another or
not [1]. If these intermediate nodes behave
maliciously then security of network may be
caused by malicious node. There are number
of malicious attacks occurred in network it
may be black hole attack worm hole attack and
selfish node attack.
In this paper, we only deal with selfish node
attack. Selfish nodes are nodes whose aim is to
drop every packets received from neighbour
node because to send their packets they
consumed there battery and to save their
energy they drops the packets. Node
selfishness may be called when a node does
not perform its required task. Selfishness may
be of two types.
In first type, selfish node cannot forward the
packet and store packet into its own buffer. In
second type, selfish node drops all the packets
received from previous nodes.
A selfish node may become selfish because of
strategic conditions of network, limited
storage space and limited battery life [2].
Types of Selfishness
Social Selfishness: In social selfishness, nodes
forward the packets of those nodes having
good interaction with each other. We can say
that a group of nodes known each other can
communicate and transmit messages within
their particular group.
Individual Selfishness: In individual
selfishness nodes cannot send packet to any
node except its own packets [3, 4]. The
Classification of Selfish Behavior is given in
Figure 1.
Non-forwarding of messages and dropping of
messages: Non-forwarding of messages means
that a selfish nodes that refuses to transmit
messages are come in the category of non-
forwarding of messages. Dropping of
messages means nodes drops the messages
after receiving messages from previous
nodes [4].

Volume 4, Issue 3
www.stmjournals.com
Examining the Effects of MIST in RSA and CRT-RSA to
Resist Power Analysis Attacks
Ajoy Kumar Khan,* Hridoy Jyoti Mahanta
Department of Computer Science and Engineering, Assam University, Silchar, Assam, India
Abstract
The need of security has turned into a vital area of research in domain of computer science.
The evolution of side channel attacks has challenged the vulnerability of almost all the
symmetric and asymmetric cryptographic techniques available worldwide. This has raised the
urgency in designing mitigation techniques against such volatile attacks. Power analysis
attacks, which is the most popular side channel attacks has proved to be a challenge for most
of the common cryptosystems like AES, DES, RSA, ECC, etc. MIST is an algorithm which was
designed for computing exponentiation. As the most important operation of RSA is the
modular exponentiation for encryption and decryption, MIST can play an important role in
designing modified RSA to resist power analysis attacks. We have extended our work CRT-
RSA, which is more widely used in computation. The analysis results shows that modified RSA
can perform better in computing RSA specially when CRT is has been used.
Keywords: Power analysis attacks, cryptosystems, RSA, RSA-CRT, MIST, performance
INTRODUCTION
Security has been the most important
component in technological scenario as it is
responsible for securing all information passed
through networked computers. Cryptographic
algorithm has been widely used in network
computers for secure transactions of secret
information. But despite of these various
security schemes provided by different
cryptosystems, attackers have been successful
to find a loophole to break the security of these
systems. Side-channel attacks (SCA) are
closely related to the existence of physically
observable phenomenon caused by the
execution of computing tasks in present
microelectronic devices. Side channel attacks
are those attacks that are based on Side
Channel Information. Side channel
information is that information that can be
retrieved from the microelectronic devices
without any temperament in the device.
Presently the Cryptographic devices are under
the potential threat of side channel attacks.
Side channel attacks are powerful methods to
recover sensitive data of cryptographic
devices. In cryptography, a side-channel attack
is a kind of attack that based on information
gained from the physical implementation of a
cryptosystem, rather than brute force or
theoretical weaknesses in the algorithms. For
example, timing information, power
consumption, electromagnetic leaks or even
sound can provide an extra-source of
information, which can be exploited to break
the system some side channel attacks require
technical knowledge of the internal operation
of the system. Attackers use some or all of
these side channel information along with
other cryptanalytic techniques to reveal the
secret key that using by the device. Side
channel analysis techniques are of high
concern because these attacks can be mounted
quickly.
Power analysis attacks have been
demonstrated as one of the most powerful
attacks for most straightforward
implementation of symmetric and asymmetric
cipher. Power analysis attacks are based on the
analysis of power consumption of a
cryptographic device. Execution of
cryptographic algorithms consumes power,
these power consumption acts as side channel
information. Power consumption of a device
depends on data it processes and operations it
performs. Cryptographic algorithms such as
Advanced Encryption Standard (AES), Data
Encryption Standard (DES), Rivest-Shamir-
Adleman (RSA), etc. are implemented in

Volume 4, Issue 3
www.stmjournals.com
An Innovative Methodology to Detect and Prevent Black
Hole Attacks in Wireless Sensor Networks
Avneet Kaur*, Mandeep Kaur
Department of Computer Science and Engineering, Chandigarh Group of Colleges,
Landran, Punjab, India
Abstract
Due to the particular characteristics, wireless sensor network (WSN) is severely unsafe and
are receptive malicious attacks. One amongst the foremost malicious threats to WSN is within
the sort of part attack that focuses on the routing protocols. This genre of attacks will have an
awfully serious impact on ranked routing protocols. A range of security solutions is place
forth to safeguard WSNs from part attacks. However, a majority of the solutions are
cumbersome and vitality inefficient. During this paper, an jury-rigged classified energy
efficient black hole detection & interference model is planned to guard device network
from part attacks. Our planned approach is straightforward and relies on reserve path choice
between device node and base station. The results show that our planned algorithmic program
is effective in detection and preventing with efficiency the part attacks.
Keywords: WSN, black hole attack, networking, attack detection, routing
INTRODUCTION
In latest analysis on wireless sensor network
(WSN), the researchers arrange to conclude
and overcome limitations of the wireless
device networks such as restricted energy
resources, varied energy consumption
supported location, high value of transmission,
and restricted process capabilities. All of those
characteristics of wireless device networks
area unit complete opposites of their wired
network counterparts, within which energy
consumption is not a problem, transmission
value is comparatively low cost, and therefore
the network nodes have lots of process
capabilities [1]. Routing approaches that have
worked thus well in ancient networks for over
twenty years would not do for this new
generation of networks. Besides increasing the
time period of the device nodes, it is preferred
to distribute the energy dissipated throughout
the wireless device network so as to attenuate
maintenance and maximize overall system
performance. Any communication protocol
that involves synchronization between peer
nodes incurs some overhead of fixing the
communication. WSN routing or
agglomeration protocols confirm whether or
not the advantages of additional complicated
routing algorithms overshadow the additional
management messages every node must
communicate. Every node may create the
foremost hip to call concerning its
communication choices if they had complete
information of the complete constellation and
power levels of all the nodes within the
network [2]. This so proves to yield the most
effective performance if the synchronization
messages do not seem to be taken into
consideration. However, since all the nodes
would continually have to be compelled to
have world information, the price of the
synchronization messages would ultimately be
terribly high-priced [3]. For each the diffusion
and agglomeration algorithms, we are going to
analyze each realistic and optimum scheme so
as to realize additional insight within the
properties of each approach.
The standard topology of wireless device
networks involves having several network
nodes distributed throughout a particular
physical space. There are sometimes no
specific design or hierarchy in situ and thus,
the wireless device networks are thought of to
be impromptu networks. A commercial ad hoc
wireless device network might operate in a
very standalone fashion, or it is going to be
connected to alternative networks, akin to the
larger net through a base station [4]. Base
stations are sometimes additional complicated

Volume 4, Issue 3
www.stmjournals.com
Design and Performance Comparison of Secure Routing
Protocol in Integrated UMTS and WLAN Ad Hoc
Networks
Shashank Tripathi*, A.K. Jain
Department of Instrumentation and Control Engineering, Dr. B. R. Ambedkar National Institute of
Technology Jalandhar, Punjab, India
Abstract
The impact of routing attack on the Integrated Universal Mobile Telecommunications System
(UMTS) and Wireless Local Area Network (WLAN) ad hoc network can be minimized by
choosing a suitable secure routing protocol. This paper introduces a new secure inter-domain
routing protocol SNAuth_SPERIPv2 and its performance comparison with other secure
routing protocols for Constant Bit-Rate (CBR) voice conversational traffic.
Keywords: Integrated UMTS and WLAN Ad Hoc network, Scalability, QoS, Routing, Security,
WHA
INTRODUCTION
The choice of security schemes against WHA
in next generation heterogeneous networks is
based on major factors: authentication,
confidentiality, and integrity and data
availability. The impact of routing attack on
QoS on the Integrated UMTS and WLAN Ad
Hoc network can be minimized by choosing a
suitable secure inter-domain routing protocol.
The inter-domain routing protocols of multi-
hop integrated network are particularly
vulnerable to various routing attacks. The
design of secure and robust routing protocols
can tackle the security issues in the integrated
networks. The integrated network is mainly
useful to connect both healthy infrastructured
area and remote natural disaster prone area for
regular communication.
A severe wormhole may attack on the integrated
multi-hop network routing protocol. The effect
of this active threat on QoS of the Integrated
Universal Mobile Telecommunications System
(UMTS) and Wireless Local Area Network
(WLAN) Ad Hoc network can be minimized by
a suitable secure routing protocol.
The Integrated UMTS and WLAN multi-hop
networks support different class of services,
namely: conversational, streaming, interactive,
and background class service [1–4]. First two
classes are guaranteed QoS classes (highly
delay sensitive) and next two are
nonguaranteed QoS classes (loss sensitive) [5].
Only CBR conversation class is selected in
this work that is used for voice conversational
application. Hear inter-domain traffic model is
based on real symmetric voice conversation
under large network scalability with and
without inter base station soft handoff. Here,
scalability is ability of particular network to
extend their network size (increasing number
of active user nodes while keeping network
base infrastructure fixed/network load
scalability) without compromising its QoS.
Our main contribution is development and
analysis of new secure robust neighbor
authenticated distance vector routing protocol
and its performance comparison with other
security protocols.
The rest of the paper is organized as follows:
Next section discusses background: integrated
UMTS and WLAN ad hoc network
vulnerabilities and attacks, subsequent section
discusses secure routing requirements and
design of secure routing protocol for the
integrated network, performance evaluation
and results are discussed in separate section.
Finally, last section concludes this paper.

Volume 4, Issue 3
www.stmjournals.com
Secure and Parallel Access Mechanism for Network
File System
Raju Dara1,
*, T. Sowjanya2
1
Department of Computer Science Engineering, Krishna Murthy Institute of Technology and
Engineering, Jawaharlal Nehru Technological University, Hyderabad, Telangana, India
Abstract
Secure communication is an important requirement in the real world as the number of such
systems is in process. A standard for large scale distributed file systems that can support
parallel access to multiple storage devices is parallel Network File System (pNFS). This file
system provides security using Kerberos. Kerberos is one of the network authentication
protocol used by client server applications. This is based on secret key cryptography. In this
paper, we build a custom simulator application that shows how secure authentication takes
place in the context of a parallel network file system. We proposed and implemented a
mechanism to have secure authentication and parallel communications besides reducing
overhead of metadata servers. The empirical results revealed that the proposed system
supports secure authentication.
Keywords: Key establishment, many-to-many communications, secure authentication
INTRODUCTION
Parallel processing systems play a vital role in
real world applications. The data are stored in
a central place and that can be accessed in a
distributed fashion, or it is possible to have
different storage devices and a network file
system to access the devices simultaneously.
Thus, it is possible to have more freedom in
using the file systems. pNFS is a standard that
supports Kerberos authentication mechanism
for secure and simultaneous access to users
across the network. The problem with
Kerberos is that it is causing more overhead
due to the maintenance of metadata.
As shown in Figure 1, it is evident that the
pNFS standard is dealing with state
synchronization and metadata exchange. It is
causing time and overhead. There are
heterogeneous clients accessing servers and
pNFS. The storage devices and servers are
linked to metadata server and clients in one
way or other.

Volume 4, Issue 3
www.stmjournals.com
Vulnerability Assessment and Management Using
Qualys Guard
Shashank Gahoi1,
*, Ashish Jain2
1
Department of Information Technology, Institute of Engineering and Technology,
Devi Ahilya University, Indore, India
2
Department of Computer Engineering, Institute of Engineering and Technology,
Devi Ahilya University, Indore, India
Abstract
Vulnerability is some flaw or loophole in our environment that a malicious attacker can use to
exploit to harm or damage, in computer security. Vulnerability is a weakness which allows a
malicious attacker to reduce a systems information assurance. There are various types of tools
and techniques proposed over the year to assess the vulnerabilities and to manage them.
These tools and techniques use various approaches to implement the basic functionality of
vulnerability assessment and management i.e. to secure the environment by assessing the
vulnerabilities and remediating them. This survey describes the various aspects of VS/VM
tools and techniques and various issue related to vulnerability assessment and management.
Keywords: Vulnerability assessment, vulnerability management, Qualys Guard tool,
remediation, reports
INTRODUCTION
This given paper provides the understanding
about the basic overview of the vulnerability
assessment and management and their
proposed solution and remediation. In order to
improve the security in the computer networks
the key objectives and overview of the work is
presented.
Overview
The process of defining, identifying and
prioritizing the vulnerability in the system is
called as vulnerability assessment, and on the
other hand, vulnerability management is the
cyclic process of identifying, categorizing,
remediating, and detracting the vulnerability.
Vulnerability management is the obligatory to
computer security and the networks security.
Every day there can be zero day vulnerability
discovered which is then used to exploit the
data from the environment. A zero day
vulnerability refers to a hole in software
environment that is unknown to the vendor.
This security hole is then exploited by a
hacker before the vendor becomes aware and
hurries to fix it; this exploitation is called zero
day attack. In addition, it is extremely difficult
to detect the zero day attacks, especially with
the traditional cyber defenses.
The recent top 10 [4] targeted high risk
vulnerabilities by US-CERT are listed below
with their CVE ID.
 Microsoft Windows (CVE-2014-4114)
 Microsoft Internet Explorer 6 and 7 (CVE-
2014-0322)
 Microsoft Internet Explorer 8 and 9 (CVE-
2013-1347)
 Microsoft Silverlight and Developer
runtime (CVE-2013-0074)
 Microsoft Excel (CVE-2011-0101)
 Oracle Java Development Kit, SDK and
JRE (CVE-2012-1723)
 Oracle Java Developer Kit and JRE (CVE-
2013-2465).
 Adobe Reader Acrobat (CVE-2013-2729)
 Adobe Flash Player, AIR SDK and
Compiler (CVE-2014-0564)
 OpenSSL (CVE-2014-0160)
WHY VULNERABILITIES OCCUR?
Vulnerability is the intersection of these three
principles: flaw (weakness) or susceptibility of
the system, an access to the flaw for an
attacker and capability of an attacker to exploit
the weakness. There are several reasons for
occurrence of vulnerability; some of them are
listed below.

Journal of Network Security vol 4 issue 3

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (16)

Similar to Journal of Network Security vol 4 issue 3

Similar to Journal of Network Security vol 4 issue 3 (11)

More from STM Journals

More from STM Journals (13)

Recently uploaded

Recently uploaded (20)

Journal of Network Security vol 4 issue 3