Preferred Language
Articles
/
ijs-12444
A Secure Session Management Based on Threat Modeling
...Show More Authors

A session is a period of time linked to a user, which is initiated when he/she arrives at a web application and it ends when his/her browser is closed or after a certain time of inactivity. Attackers can hijack a user's session by exploiting session management vulnerabilities by means of session fixation and cross-site request forgery attacks.
Very often, session IDs are not only identification tokens, but also authenticators. This means that upon login, users are authenticated based on their credentials (e.g., usernames/passwords or digital certificates) and issued session IDs that will effectively serve as temporary static passwords for accessing their sessions. This makes session IDs a very appealing target for attackers. In many cases, an attacker who manages to obtain a valid ID of user’s session can use it to directly enter that session – often without arising user’s suspicion. A secure session management must be implemented in the development phase of web applications because it is the responsibility of the web application, and not the underlying web server.
Threat modeling is a systematic process that is used to identify threats and vulnerabilities in software and has become popular technique to help system designers think about the security threats that their system might face.
In this paper we design the threat modeling for session’s ID threat by using SeaMonster security modeling software, and then propose a secure session management that avoids the vulnerabilities. The proposed secure session management is designed to give trust authentication between the client and the server to avoid session hijacing attack by using both: server session’s ID and MAC address of the client.Visual Studio. Net 2008 is used in implementing the proposed system

View Publication Preview PDF
Quick Preview PDF
Publication Date
Tue Jan 18 2022
Journal Name
Iraqi Journal Of Science
Image Encryption Based on Intelligent Session Mask Keys
...Show More Authors

The revolution of multimedia has been a driving force behind fast and secured data transmission techniques. The security of image information from unapproved access is imperative. Encryptions technique is used to transfer data, where each kind of data has its own special elements; thus various methods should to be used to conserve distributing the image. This paper produces image encryption improvements based on proposed an approach to generate efficient intelligent session (mask keys) based on investigates from the combination between robust feature for ECC algebra and construction level in Greedy Randomized Adaptive Search Procedure (GRASP) to produce durable symmetric session mask keys consist of ECC points. Symmetric behavior for ECC

... Show More
View Publication Preview PDF
Publication Date
Tue Feb 28 2023
Journal Name
Iraqi Journal Of Science
A Secure Private Key Recovery Based on DNA Bio-Cryptography for Blockchain
...Show More Authors

     The existence of the Internet, networking, and cloud computing support a wide range of new technologies. Blockchain is one of these technologies; this increases the interest of researchers who are concerned with providing a safe environment for the circulation of important information via the Internet. Maintaining solidity and integrity of a blockchain’s transactions is an important issue, which must always be borne in mind. Transactions in blockchain are based on use of public and private keys asymmetric cryptography. This work proposes usage of users’ DNA as a supporting technology for storing and recovering their keys in case those keys are lost — as an effective bio-cryptographic recovery method. The RSA private key is

... Show More
View Publication Preview PDF
Scopus Crossref
Publication Date
Thu Jan 14 2021
Journal Name
Iraqi Journal Of Science
Network Authentication Protocol Based on Secure Biometric NIDN
...Show More Authors

In this paper an authentication based finger print biometric system is proposed with personal identity information of name and birthday. A generation of National Identification Number (NIDN) is proposed in merging of finger print features and the personal identity information to generate the Quick Response code (QR) image that used in access system. In this paper two approaches are dependent, traditional authentication and strong identification with QR and NIDN information. The system shows accuracy of 96.153% with threshold value of 50. The accuracy reaches to 100% when the threshold value goes under 50.

View Publication Preview PDF
Scopus Crossref
Publication Date
Mon Aug 01 2022
Journal Name
Baghdad Science Journal
A Novel Technique for Secure Data Cryptosystem Based on Chaotic Key Image Generation
...Show More Authors

The advancements in Information and Communication Technology (ICT), within the previous decades, has significantly changed people’s transmit or store their information over the Internet or networks. So, one of the main challenges is to keep these information safe against attacks. Many researchers and institutions realized the importance and benefits of cryptography in achieving the efficiency and effectiveness of various aspects of secure communication.This work adopts a novel technique for secure data cryptosystem based on chaos theory. The proposed algorithm generate 2-Dimensional key matrix having the same dimensions of the original image that includes random numbers obtained from the 1-Dimensional logistic chaotic map for given con

... Show More
View Publication Preview PDF
Scopus (7)
Crossref (1)
Scopus Clarivate Crossref
Publication Date
Fri Dec 01 2023
Journal Name
Al-khwarizmi Engineering Journal
Secure Seaport Management System using Blockchain Technology
...Show More Authors

Worldwide, shipping documents are still primarily created and handled in the traditional paper manner. Processes taking place in shipping ports as a result are time-consuming and heavily dependent on paper. Shipping documents are particularly susceptible to paperwork fraud because they involve numerous parties with competing interests. With the aid of smart contracts, a distributed, shared, and append-only ledger provided by blockchain technology allows for the addition of new records. In order to increase maritime transport and port efficiency and promote economic development, this paper examines current maritime sector developments in Iraq and offers a paradigm to secure the management system based on a hyper-ledger fabric blockchain p

... Show More
View Publication Preview PDF
Crossref
Publication Date
Fri Jun 30 2023
Journal Name
Ingénierie Des Systèmes D Information
Performance Evaluation of a Multi Organizations Secure Internet of Vehicles Based on Hyperledger Fabric Blockchain Platform
...Show More Authors

View Publication
Scopus (2)
Scopus Crossref
Publication Date
Wed Aug 30 2023
Journal Name
Iraqi Journal Of Science
Network Traffic Prediction Based on Time Series Modeling
...Show More Authors

    Predicting the network traffic of web pages is one of the areas that has increased focus in recent years. Modeling traffic helps find strategies for distributing network loads, identifying user behaviors and malicious traffic, and predicting future trends. Many statistical and intelligent methods have been studied to predict web traffic using time series of network traffic. In this paper, the use of machine learning algorithms to model Wikipedia traffic using Google's time series dataset is studied. Two data sets were used for time series, data generalization, building a set of machine learning models (XGboost, Logistic Regression, Linear Regression, and Random Forest), and comparing the performance of the models using (SMAPE) and

... Show More
View Publication Preview PDF
Scopus Crossref
Publication Date
Mon Jan 30 2023
Journal Name
Iraqi Journal Of Science
Secure Big Data Transmission based on Modified Reverse Encryption and Genetic Algorithm
...Show More Authors

      The modern systems that have been based upon the hash function are more suitable compared to the conventional systems; however, the complicated algorithms for the generation of the invertible functions have a high level of time consumption. With the use of the GAs, the key strength is enhanced, which results in ultimately making the entire algorithm sufficient. Initially, the process of the key generation is performed by using the results of n-queen problem that is solved by the genetic algorithm, with the use of a random number generator and through the application of the GA operations. Ultimately, the encryption of the data is performed with the use of the Modified Reverse Encryption Algorithm (MREA). It was noticed that the

... Show More
View Publication Preview PDF
Scopus Crossref
Publication Date
Mon Jan 01 2024
Journal Name
Baghdad Science Journal
Secure Smart Contract Based on Blockchain to Prevent the Non-Repudiation Phenomenon
...Show More Authors

Blockchain is an innovative technology that has gained interest in all sectors in the era of digital transformation where it manages transactions and saves them in a database. With the increasing financial transactions and the rapidly developed society with growing businesses many people looking for the dream of a better financially independent life, stray from large corporations and organizations to form startups and small businesses. Recently, the increasing demand for employees or institutes to prepare and manage contracts, papers, and the verifications process, in addition to human mistakes led to the emergence of a smart contract. The smart contract has been developed to save time and provide more confidence while dealing, as well a

... Show More
View Publication Preview PDF
Scopus (6)
Crossref (7)
Scopus Crossref
Publication Date
Mon May 20 2019
Journal Name
Ibn Al-haitham Journal For Pure And Applied Sciences
Modeling Dynamic Background based on Linear Equation
...Show More Authors

     Detection moving car in front view is difficult operation because of the dynamic background due to the movement of moving car and the complex environment that surround the car, to solve that, this paper proposed new method based on linear equation to determine the region of interest by building more effective background model to deal with dynamic background scenes. This method exploited the permitted region between cars according to traffic law to determine the region (road) that in front the moving car which the moving cars move on. The experimental results show that the proposed method can define the region that represents the lane in front of moving car successfully with precision over 94%and detection rate 86

... Show More
View Publication Preview PDF
Crossref