Special Issue "Information Systems Security"

A special issue of Future Internet (ISSN 1999-5903).

Deadline for manuscript submissions: 31 December 2017

Special Issue Editor

Guest Editor
Prof. Luis Javier Garcia Villalba

Universidad Complutense de Madrid, Spain
Website | E-Mail
Phone: +34 91 394 76 38
Interests: computer security; cryptography; forensics

Special Issue Information

Dear Colleagues,

The outstanding increase in both the number and complexity of computer attacks in the last few years, as well as the large profit made by them, have led to new business models based on cybercrime. This encourages the emergence of new strains, and raises the demand of defensive technologies able to confront them. However, the development of countermeasures has become a real challenge for the research community. This is mainly due to the fact that the design of defenses is lagging behind that of intruders, and new strategies for prevention, detection, and mitigation, adapted to the new trends, are required.

In order to contribute to addressing these threats, this Special Issue intends to collect the current developments and the future directions on network security. Hence, we encourage authors to submit original papers related to these fields.

Potential topics include, but are not limited to:

  • Databases and big data security
  • Electronic commerce security and digital currencies
  • E-mail security, spam, and fraud
  • Grid and cloud computing security
  • Internet security and applications
  • Intrusion detection and prevention
  • Mobile computing security
  • Multimedia forensics
  • Network forensics
  • Network steganography and steganalysis
  • Peer-to-peer network security
  • Penetration testing
  • Secure system architectures
  • Security protocols
  • Sensor network security
  • Trust and privacy
  • Vehicular ad hoc networks security

Prof. Dr. Luis Javier Garcia Villalba
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Future Internet is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 550 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • computer attack
  • cryptography
  • cybercrime
  • forensic
  • internet securit
  • intrusion detection
  • malware
  • network security
  • privacy
  • steganography
  • trust
  • vulnerability

Published Papers (11 papers)

View options order results:
result details:
Displaying articles 1-11
Export citation of selected articles as:

Research

Jump to: Review

Open AccessFeature PaperArticle TSKT-ORAM: A Two-Server k-ary Tree Oblivious RAM without Homomorphic Encryption
Future Internet 2017, 9(4), 57; doi:10.3390/fi9040057
Received: 24 August 2017 / Revised: 21 September 2017 / Accepted: 24 September 2017 / Published: 27 September 2017
PDF Full-text (400 KB) | HTML Full-text | XML Full-text
Abstract
This paper proposes TSKT-oblivious RAM (ORAM), an efficient multi-server ORAM construction, to protect a client’s access pattern to outsourced data. TSKT-ORAM organizes each of the server storages as a k-ary tree and adopts XOR-based private information retrieval (PIR) and a novel delayed
[...] Read more.
This paper proposes TSKT-oblivious RAM (ORAM), an efficient multi-server ORAM construction, to protect a client’s access pattern to outsourced data. TSKT-ORAM organizes each of the server storages as a k-ary tree and adopts XOR-based private information retrieval (PIR) and a novel delayed eviction technique to optimize both the data query and data eviction process. TSKT-ORAM is proven to protect the data access pattern privacy with a failure probability of 2 - 80 when system parameter k 128 . Meanwhile, given a constant-size local storage, when N (i.e., the total number of outsourced data blocks) ranges from 2 16 2 34 , the communication cost of TSKT-ORAM is only 22–46 data blocks. Asymptotic analysis and practical comparisons are conducted to show that TSKT-ORAM incurs lower communication cost, storage cost and access delay in practical scenarios than the compared state-of-the-art ORAM schemes. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Figure 1

Open AccessArticle A Survey of Denial-of-Service and Distributed Denial of Service Attacks and Defenses in Cloud Computing
Future Internet 2017, 9(3), 43; doi:10.3390/fi9030043
Received: 19 July 2017 / Revised: 1 August 2017 / Accepted: 1 August 2017 / Published: 5 August 2017
PDF Full-text (278 KB) | HTML Full-text | XML Full-text
Abstract
Cloud Computing is a computing model that allows ubiquitous, convenient and on-demand access to a shared pool of highly configurable resources (e.g., networks, servers, storage, applications and services). Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are serious threats to the Cloud services’ availability
[...] Read more.
Cloud Computing is a computing model that allows ubiquitous, convenient and on-demand access to a shared pool of highly configurable resources (e.g., networks, servers, storage, applications and services). Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are serious threats to the Cloud services’ availability due to numerous new vulnerabilities introduced by the nature of the Cloud, such as multi-tenancy and resource sharing. In this paper, new types of DoS and DDoS attacks in Cloud Computing are explored, especially the XML-DoS and HTTP-DoS attacks, and some possible detection and mitigation techniques are examined. This survey also provides an overview of the existing defense solutions and investigates the experiments and metrics that are usually designed and used to evaluate their performance, which is helpful for the future research in the domain. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Figure 1

Open AccessArticle Security Enhancement for Data Migration in the Cloud
Future Internet 2017, 9(3), 23; doi:10.3390/fi9030023
Received: 30 May 2017 / Revised: 14 June 2017 / Accepted: 16 June 2017 / Published: 22 June 2017
PDF Full-text (367 KB) | HTML Full-text | XML Full-text
Abstract
In today’s society, cloud computing has significantly impacted nearly every section of our lives and business structures. Cloud computing is, without any doubt, one of the strategic directions for many companies and the most dominating infrastructure for enterprises as long as end users.
[...] Read more.
In today’s society, cloud computing has significantly impacted nearly every section of our lives and business structures. Cloud computing is, without any doubt, one of the strategic directions for many companies and the most dominating infrastructure for enterprises as long as end users. Instead of buying IT equipment (hardware and/or software) and managing it themselves, many organizations today prefer to buy services from IT service providers. The number of service providers increase dramatically and the cloud is becoming the tools of choice for more cloud storage services. However, as more personal information and data are moved to the cloud, into social media sites, DropBox, Baidu WangPan, etc., data security and privacy issues are questioned. Daily, academia and industry seek to find an efficient way to secure data migration in the cloud. Various solution approaches and encryption techniques have been implemented. In this work, we will discuss some of these approaches and evaluate the popular ones in order to find the elements that affect system performance. Finally, we will propose a model that enhances data security and privacy by combining Advanced Encryption Standard-256, Information Dispersal Algorithms and Secure Hash Algorithm-512. Our protocol achieves provable security assessments and fast execution times for medium thresholds. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Figure 1

Open AccessArticle Feature-Based Image Watermarking Algorithm Using SVD and APBT for Copyright Protection
Future Internet 2017, 9(2), 13; doi:10.3390/fi9020013
Received: 8 March 2017 / Revised: 4 April 2017 / Accepted: 14 April 2017 / Published: 19 April 2017
PDF Full-text (3551 KB) | HTML Full-text | XML Full-text
Abstract
Watermarking techniques can be applied in digital images to maintain the authenticity and integrity for copyright protection. In this paper, scale-invariant feature transform (SIFT) is combined with local digital watermarking and a digital watermarking algorithm based on SIFT, singular value decomposition (SVD), and
[...] Read more.
Watermarking techniques can be applied in digital images to maintain the authenticity and integrity for copyright protection. In this paper, scale-invariant feature transform (SIFT) is combined with local digital watermarking and a digital watermarking algorithm based on SIFT, singular value decomposition (SVD), and all phase biorthogonal transform (APBT) is proposed. It describes the generation process of the SIFT algorithm in detail and obtains a series of scale-invariant feature points. A large amount of candidate feature points are selected to obtain the neighborhood which can be used to embed the watermark. For these selected feature points, block-based APBT is carried out on their neighborhoods. Moreover, a coefficients matrix of certain APBT coefficients is generated for SVD to embed the encrypted watermark. Experimental results demonstrate that the proposed watermarking algorithm has stronger robustness than some previous schemes. In addition, APBT-based digital watermarking algorithm has good imperceptibility and is more robust to different combinations of attacks, which can be applied for the purpose of copyright protection. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Figure 1

Open AccessFeature PaperArticle Towards Incidence Management in 5G Based on Situational Awareness
Future Internet 2017, 9(1), 3; doi:10.3390/fi9010003
Received: 11 September 2016 / Revised: 26 December 2016 / Accepted: 5 January 2017 / Published: 17 January 2017
Cited by 2 | PDF Full-text (741 KB) | HTML Full-text | XML Full-text
Abstract
The fifth generation mobile network, or 5G, moves towards bringing solutions to deploying faster networks, with hundreds of thousands of simultaneous connections and massive data transfer. For this purpose, several emerging technologies are implemented, resulting in virtualization and self-organization of most of their
[...] Read more.
The fifth generation mobile network, or 5G, moves towards bringing solutions to deploying faster networks, with hundreds of thousands of simultaneous connections and massive data transfer. For this purpose, several emerging technologies are implemented, resulting in virtualization and self-organization of most of their components, which raises important challenges related to safety. In order to contribute to their resolution, this paper proposes a novel architecture for incident management on 5G. The approach combines the conventional risk management schemes with the Endsley Situational Awareness model, thus improving effectiveness in different aspects, among them the ability to adapt to complex and dynamical monitoring environments, and countermeasure tracking or the role of context when decision-making. The proposal takes into account all layers for information processing in 5G mobile networks, ranging from infrastructure to the actuators responsible for deploying corrective measures. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Figure 1

Open AccessFeature PaperArticle Key Technologies in the Context of Future Networks: Operational and Management Requirements
Future Internet 2017, 9(1), 1; doi:10.3390/fi9010001
Received: 11 September 2016 / Revised: 24 November 2016 / Accepted: 7 December 2016 / Published: 22 December 2016
Cited by 3 | PDF Full-text (1392 KB) | HTML Full-text | XML Full-text
Abstract
The concept of Future Networks is based on the premise that current infrastructures require enhanced control, service customization, self-organization and self-management capabilities to meet the new needs in a connected society, especially of mobile users. In order to provide a high-performance mobile system,
[...] Read more.
The concept of Future Networks is based on the premise that current infrastructures require enhanced control, service customization, self-organization and self-management capabilities to meet the new needs in a connected society, especially of mobile users. In order to provide a high-performance mobile system, three main fields must be improved: radio, network, and operation and management. In particular, operation and management capabilities are intended to enable business agility and operational sustainability, where the addition of new services does not imply an excessive increase in capital or operational expenditures. In this context, a set of key-enabled technologies have emerged in order to aid in this field. Concepts such as Software Defined Network (SDN), Network Function Virtualization (NFV) and Self-Organized Networks (SON) are pushing traditional systems towards the next 5G network generation.This paper presents an overview of the current status of these promising technologies and ongoing works to fulfill the operational and management requirements of mobile infrastructures. This work also details the use cases and the challenges, taking into account not only SDN, NFV, cloud computing and SON but also other paradigms. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Figure 1

Open AccessArticle Applying the Action-Research Method to Develop a Methodology to Reduce the Installation and Maintenance Times of Information Security Management Systems
Future Internet 2016, 8(3), 36; doi:10.3390/fi8030036
Received: 12 February 2016 / Revised: 15 June 2016 / Accepted: 8 July 2016 / Published: 22 July 2016
PDF Full-text (1372 KB) | HTML Full-text | XML Full-text
Abstract
Society is increasingly dependent on Information Security Management Systems (ISMS), and having these kind of systems has become vital for the development of Small and Medium-Sized Enterprises (SMEs). However, these companies require ISMS that have been adapted to their special features and have
[...] Read more.
Society is increasingly dependent on Information Security Management Systems (ISMS), and having these kind of systems has become vital for the development of Small and Medium-Sized Enterprises (SMEs). However, these companies require ISMS that have been adapted to their special features and have been optimized as regards the resources needed to deploy and maintain them, with very low costs and short implementation periods. This paper discusses the different cycles carried out using the ‘Action Research (AR)’ method, which have allowed the development of a security management methodology for SMEs that is able to automate processes and reduce the implementation time of the ISMS. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Open AccessArticle Analysis of Dynamic Complexity of the Cyber Security Ecosystem of Colombia
Future Internet 2016, 8(3), 33; doi:10.3390/fi8030033
Received: 12 February 2016 / Revised: 22 June 2016 / Accepted: 28 June 2016 / Published: 19 July 2016
PDF Full-text (9354 KB) | HTML Full-text | XML Full-text
Abstract
This paper presents two proposals for the analysis of the complexity of the Cyber security Ecosystem of Colombia (CEC). This analysis shows the available knowledge about entities engaged in cyber security in Colombia and the relationships between them, which allow an understanding of
[...] Read more.
This paper presents two proposals for the analysis of the complexity of the Cyber security Ecosystem of Colombia (CEC). This analysis shows the available knowledge about entities engaged in cyber security in Colombia and the relationships between them, which allow an understanding of the synergy between the different existing components. The complexity of the CEC is detailed from the view of the Influence Diagram of System Dynamics and the Domain Diagram of Software Engineering. The resulting model makes cyber security evident as a strategic component of national security. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Open AccessArticle The Importance of the Security Culture in SMEs as Regards the Correct Management of the Security of Their Assets
Future Internet 2016, 8(3), 30; doi:10.3390/fi8030030
Received: 12 February 2016 / Revised: 10 June 2016 / Accepted: 13 June 2016 / Published: 7 July 2016
PDF Full-text (2403 KB) | HTML Full-text | XML Full-text
Abstract
The information society is increasingly more dependent on Information Security Management Systems (ISMSs), and the availability of these kinds of systems is now vital for the development of Small and Medium-Sized Enterprises (SMEs). However, these companies require ISMSs that have been adapted to
[...] Read more.
The information society is increasingly more dependent on Information Security Management Systems (ISMSs), and the availability of these kinds of systems is now vital for the development of Small and Medium-Sized Enterprises (SMEs). However, these companies require ISMSs that have been adapted to their special features, and which are optimized as regards the resources needed to deploy and maintain them. This article shows how important the security culture within ISMSs is for SMEs, and how the concept of security culture has been introduced into a security management methodology (MARISMA is a Methodology for “Information Security Management System in SMEs” developed by the Sicaman Nuevas Tecnologías Company, Research Group GSyA and Alarcos of the University of Castilla-La Mancha.) for SMEs. This model is currently being directly applied to real cases, thus allowing a steady improvement to be made to its implementation. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Open AccessArticle Development of an Expert System for the Evaluation of Students’ Curricula on the Basis of Competencies
Future Internet 2016, 8(2), 22; doi:10.3390/fi8020022
Received: 12 February 2016 / Revised: 21 April 2016 / Accepted: 21 April 2016 / Published: 18 May 2016
PDF Full-text (2562 KB) | HTML Full-text | XML Full-text
Abstract
The concept of competence, which emerged during the reform of computer engineering degrees, has not brought benefits to companies when attempting to select the most suitable candidates for their jobs. This article aims to show some of the research that has been conducted
[...] Read more.
The concept of competence, which emerged during the reform of computer engineering degrees, has not brought benefits to companies when attempting to select the most suitable candidates for their jobs. This article aims to show some of the research that has been conducted to determine why companies have not found these skills useful and how both can be aligned. Finally, we show the development of an Expert System that will enable companies to select the most suitable candidates for their jobs, considering personal and social skills, along with technical knowledge. This prototype will serve as a basis to align the competencies defined in the curricula with professional requirements, thus allowing a true alignment between degree courses and the needs of professional companies. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Review

Jump to: Research

Open AccessReview Review on Semi-Fragile Watermarking Algorithms for Content Authentication of Digital Images
Future Internet 2017, 9(4), 56; doi:10.3390/fi9040056
Received: 28 August 2017 / Revised: 18 September 2017 / Accepted: 21 September 2017 / Published: 25 September 2017
PDF Full-text (742 KB) | HTML Full-text | XML Full-text
Abstract
With the popularity of network and the continuous development of multimedia technology, saving of network bandwidth and copyright protection of multimedia content have gradually attracted people’s attention. The fragile watermark for integrity authentication of image data and protection of copyright has become a
[...] Read more.
With the popularity of network and the continuous development of multimedia technology, saving of network bandwidth and copyright protection of multimedia content have gradually attracted people’s attention. The fragile watermark for integrity authentication of image data and protection of copyright has become a hotspot. In the storage and transmission process, image data must be compressed to save network bandwidth. As a result, semi-fragile watermarking techniques, which can be used to distinguish common image processing operations from malicious tampering, are emerging. In this paper, semi-fragile watermarking algorithms for image authentication are surveyed. The basic principles and characteristics about semi-fragile watermarking algorithms are introduced, and several kinds of attack behaviors are also included. Aiming at several typical image-authentication algorithms, advantages and disadvantages are analyzed, and evaluation indexes of various algorithms are compared. Finally, we analyze the key points and difficulties in the study on semi-fragile watermarking algorithms, and the direction about future development is prospected. Full article
(This article belongs to the Special Issue Information Systems Security)
Figures

Figure 1

Journal Contact

MDPI AG
Future Internet Editorial Office
St. Alban-Anlage 66, 4052 Basel, Switzerland
E-Mail: 
Tel. +41 61 683 77 34
Fax: +41 61 302 89 18
Editorial Board
Contact Details Submit to Special Issue Edit a special issue Review for Future Internet
logo
loading...
Back to Top