Emergence of Novel WEDEx-Kerberotic Cryptographic Framework to Strengthen the Cloud Data Security against Malicious Attacks
Abstract
:1. Introduction
1.1. Cryptography
1.2. Problem Formulation
1.3. Proposed Framework
2. Related Work
3. Proposed Algorithm
3.1. Customized ASCII Table
3.2. Kerberotic System
SWJK Key Generator Algorithm
Algorithm 1: SWJK Key Generator |
Input: User-Defined Key K[x] Output: SWJK Key K[j]
K[n] = (AS0[K0]) (AS1[K1) ……. (ASn[Kn])
|
3.3. WEDEx-Kerberotic Data Encryption System
Algorithm 2: Randomized Mid-Point |
Input: Key K[x] Output: Mid-Point
|
Algorithm 3: Encryption |
Input: Plaintext P[n] Output: Ciphertext
|
3.4. WEDEx-Kerberotic Data Decryption System
Algorithm 4: Decryption |
Input: Ciphertext Output: Plaintext
|
Algorithm 5: Kasiski Test |
Input: Ciphertext Output: Key Prediction
Determine the greatest common division among all distances
Jc (Y) = (Hi/ Tc)
|
4. Testing
4.1. SWJK Key Testing
= 3…result (i)
= 4
4.2. WEDEx-Kerberotic Encryption Algorithm Testing
= [0] [1] [2] [3] [4] [5] [6]
= 4
4.3. WEDEx-Kerberotic Decryption Algorithm Testing
4.4. Text Encryption Testing
4.5. Text Decryption Testing
4.6. Testing Results
4.7. Cryptanalysis
4.7.1. Plaintext and Ciphertext Cryptanalysis
4.7.2. Key Cryptanalysis
4.8. Comparative Cost Analysis
5. Comparative Analysis
The Novelty of Proposed Work
6. Conclusions
Author Contributions
Funding
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- Gundu, S.R.; Panem, C.; Vijaylaxmi, J. A Glance View on Cloud Infrastructures Security and Solutions. Conversational Artificial Intelligence; Wiley: Hoboken, NJ, USA, 2024; pp. 1–15. [Google Scholar] [CrossRef]
- Pratyush, K.; Prasad, V.K.; Mehta, R.; Bhavsar, M. A Secure Mechanism for Safeguarding Cloud Infrastructure. In Proceedings of the International Conference on Advancements in Smart Computing and Information Security, Rajkot, India, 1–2 December 2023; Springer Nature: Cham, Switzerland, 2022; pp. 144–158. [Google Scholar]
- Alazaidah, R.; Al-Shaikh, A.; Al-Mousa, M.R.; Khafajah, H.; Samara, G.; Alzyoud, M.; Al-Shanableh, N.; Almatarneh, S. Website phishing detection using machine learning techniques. J. Stat. Appl. Probab. 2024, 13, 119–129. [Google Scholar]
- Jangjou, M.; Sohrabi, M.K. A comprehensive survey on security challenges in different network layers in cloud computing. Arch. Comput. Methods Eng. 2022, 29, 3587–3608. [Google Scholar] [CrossRef]
- Arunkumar, M.; Ashokkumar, K. A review on cloud computing security challenges, attacks and its countermeasures. AIP Conf. Proc. 2024, 3037, 020047. [Google Scholar]
- Jimmy, F.N.U. Cyber security Vulnerabilities and Remediation Through Cloud Security Tools. J. Artif. Intell. Gen. Sci. (JAIGS) ISSN 2024, 3006, 196–233. [Google Scholar]
- Zargar, S.T.; Joshi, J.; Tipper, D. A survey of defense mechanisms against distributed denial of service (DDOS) flooding attacks. IEEE Commun. Surv. Tutor. 2013, 15, 2046–2069. [Google Scholar] [CrossRef]
- Gu, Y.; Li, K.; Guo, Z.; Wang, Y. Semi-supervised K-means DDoS detection method using hybrid feature selection algorithm. IEEE Access 2019, 7, 64351–64365. [Google Scholar] [CrossRef]
- Abdulhamid, S.M.; Shuaib, M.; Osho, O. Comparative Analysis of Classification Algorithms for Email Spam Detection. Int. J. Comput. Netw. Inf. Secur. 2018, 1, 60–67. [Google Scholar] [CrossRef]
- Mohammed, C.M.; Zeebaree, S.R. Sufficient comparison among cloud computing services: IaaS, PaaS, and SaaS: A review. Int. J. Sci. Bus. 2021, 5, 17–30. [Google Scholar]
- Ali, M.; Jung, L.T.; Sodhro, A.H.; Laghari, A.A.; Belhaouari, S.B.; Gillani, Z. A Confidentiality-based data Classification-as-a-Service (C2aaS) for cloud security. Alex. Eng. J. 2023, 64, 749–760. [Google Scholar] [CrossRef]
- Butt, U.A.; Amin, R.; Mehmood, M.; Aldabbas, H.; Alharbi, M.T.; Albaqami, N. Cloud Security Threats and Solutions: A Survey. Wirel. Pers. Commun. 2023, 128, 387–413. [Google Scholar] [CrossRef]
- Aoudni, Y.; Donald, C.; Farouk, A.; Sahay, K.B.; Babu, D.V.; Tripathi, V.; Dhabliya, D. Cloud security based attack detection using transductive learning integrated with Hidden Markov Model. Pattern Recognit. Lett. 2022, 157, 16–26. [Google Scholar] [CrossRef]
- Palanisamy, C.; Kumaresan, T.; Varalakshmi, S. Combined techniques for detecting email spam using negative selection and particle swarm optimization. Int. J. Adv. Res. Trends Eng. Technol. 2016, 3, 1102. [Google Scholar]
- Upadhyay, D.; Zaman, M.; Joshi, R.; Sampalli, S. An efficient key management and multi-layered security framework for SCADA systems. IEEE Trans. Netw. Serv. Manag. 2021, 19, 642–660. [Google Scholar] [CrossRef]
- Newman, S. Under the radar: The danger of stealthy DDoS attacks. Netw. Secur. 2019, 2, 18–19. [Google Scholar] [CrossRef]
- Al-Shabi, M.A. A Survey on Symmetric and Asymmetric Cryptography Algorithms in information Security. Int. J. Sci. Res. Publ. (IJSRP) 2019, 9, 576–589. [Google Scholar] [CrossRef]
- Musa, A.; Mahmood, A. Client-side cryptography based security for cloud computing system. In Proceedings of the 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS), Coimbatore, India, 25–27 March 2021; pp. 594–600. [Google Scholar]
- Hossain, M.E. Enhancing the security of caesar cipher algorithm by designing a hybrid cryptography system. Int. J. Comput. Appl. 2021, 183, 55–57. [Google Scholar] [CrossRef]
- Akanksha, D.; Samreen, R.; Niharika, G.S.; Shruthi, A.; Kiran, M.J.; Venkatramulu, S. A hybrid cryptosystem based on modified vigenere cipher and polybius cipher. EPRA Int. J. Res. Dev. 2022, 7, 2455–7838. [Google Scholar]
- Sun, H.; Grishman, R. Lexicalized dependency paths based supervised learning for relation extraction. Comput. Syst. Sci. Eng. 2022, 43, 861–870. [Google Scholar] [CrossRef]
- Tan, C.M.S.; Arada, G.P.; Abad, A.C.; Magsino, E.R. A hybrid encryption and decryption algorithm using caesar and vigenere cipher. J. Phys. Conf. Ser. 2021, 1997, 012021. [Google Scholar] [CrossRef]
- Arshad, A.; Nadeem, M.; Riaz, S.; Zahra, S.; Dutta, A.; Alzaid, Z.; Alabdan, R.; Almutairi, B.; Alaybani, S. Hill Matrix and Radix-64 Bit Algorithm to Preserve Data Confidentiality. Comput. Mater. Contin. 2023, 75, 3065–3089. [Google Scholar] [CrossRef]
- Singh, V.; Pandey, S.K. Revisiting cloud security threats: Replay attack. In Proceedings of the 2018 4th International Conference on Computing Communication and Automation (ICCCA), Greater Noida, India, 14–15 December 2018; pp. 1–6. [Google Scholar]
- Tadapaneni, N.R. Cloud computing security challenges. Int. J. Innov. Eng. Res. Technol. 2020, 7, 1–6. [Google Scholar]
- Zaman, A.; Safarinejadian, B.; Birk, W. Security Analysis and Fault Detection Against Stealthy Replay Attacks. Int. J. Control 2022, 95, 1562–1575. [Google Scholar] [CrossRef]
- Thirumavalavasethurayar, P.; Ravi, T. Implementation of Replay Attack in Controller Area Network Bus using Universal Verification Methodology. In Proceedings of the 2021 International Conference on Artificial Intelligence and Smart Systems (ICAIS), Coimbatore, India, 25–27 March 2021; pp. 1142–1146. [Google Scholar] [CrossRef]
- Nadeem, M.; Arshad, A.; Riaz, S.; Band, S.S.; Mosavi, A. Intercept the Cloud Network From Brute Force and DDoS Attacks via Intrusion Detection and Prevention System. IEEE Access 2021, 9, 152300–152309. [Google Scholar] [CrossRef]
- Bentil, F.; Lartey, I. Cloud Cryptography—A Security Aspect. Int. J. Eng. Res. Technol. (IJERT) 2021, 10, 2278-0181. [Google Scholar]
- Supiyanto; Mandowen, S. Advanced hill cipher algorithm for security image data with the involutory key matrix. J. Phys. Conf. Ser. 2021, 1899, 012116. [Google Scholar] [CrossRef]
- Elsaeidy, A.; Jamalipour, A.; Munasinghe, K. A Hybrid Deep Learning Approach for Replay and DDoS Attack Detection in a Smart City. IEEE Access 2021, 9, 154864–154875. [Google Scholar] [CrossRef]
- Nadeem, M.; Arshad, A.; Riaz, S.; Zahra, S.; Dutta, A.; Almotairi, S. A Secure Architecture to Protect the Network from Replay Attacks during Client-to-Client Data Transmission. Appl. Sci. 2022, 12, 8143. [Google Scholar] [CrossRef]
- Bharath, K.P.; Kumar, M.R. New Replay Attack Detection Using Iterative Adaptive Inverse Filtering and High Frequency Band. Expert Syst. Appl. 2022, 195, 116597. [Google Scholar] [CrossRef]
Notation | Meaning |
---|---|
[δ1] | Odd indexes |
[δ2] | Even indexes |
∮[m n] | m-nth results of SWJK |
σ | Indexes value that will be a test |
* | Multiplying values from nth to nth |
Concatenation results of ∮n (s) | |
is the positional result of row (p) and column (q) | |
Concatenation of key-value results. | |
┼ | Concatenation |
∈ | Belong to |
Dependency |
Original Text | Proposed Algorithm Results | |||||||
---|---|---|---|---|---|---|---|---|
Testing | Plaintext [P] | Plaintext Length P[n] | User-Defined Key [K] | User-Defined Key Length K[x] | Cipher Key | Cipher Key Length K[j] | Ciphertext [C] | Ciphertext Length C[n] |
1 | Th!s Research @rticle is WriTTen bY Z@hra | 41 | N@deeM852 | 9 | &$7Fp | 5 | D×κɪOuȄÅκτ₤εEf∃85öO~D#È%£ûR¤|Íôɪ¦ö⌰Ð-6£┤εQ | 42 |
2 | mY_b@ck B0ne !s mY POWeR | 24 | @l!Arsh@d | 9 | ÊΔáG7 | 5 | TÉOɪOuS8r⟒tù¤GÆTUSÆ3⟒Í2Ð$ | 25 |
3 | @ Secure Crypt0logy P@per | 25 | Muh@MmaD NadeEM | 15 | çƻfŰBE3Ó÷ | 9 | &Ü∇┘OuZÅwö£ƧUȄOrτÅtøÆò£κ} | 25 |
4 | W@j!h@ Z@hRa | 12 | Z@iN! | 5 | _Å4CsÑ | 3 | &Ü┘OG1SQ&Àı┘Q | 13 |
Sr# | Plaintext | Text Length P[n] | Ciphertext Length [C] | Length Equalization (P[n], [C]) | Cryptanalysis Algorithm | Key Prediction Possibilities |
---|---|---|---|---|---|---|
1 | Th!s Research @rticle is WriTTen bY Z@hra | 41 | 42 | T ≠ X | No | No |
2 | mY_b@ck B0ne !s mY POWeR | 24 | 25 | T ≠ X | No | No |
3 | @ Secure Crypt0logy P@per | 25 | 26 | T ≠ X | No | No |
4 | W@j!h@ Z@hRa | 12 | 13 | T ≠ X | No | No |
Proposed Algorithm | Kasiski Test | ||||||
---|---|---|---|---|---|---|---|
Testing | User-Defined Key Length K[x] | Cipherkey Length K[j] | Repeatable Values Distance [y] | GCD Possibilities | Length Equalization (K[x], K[j]) | Index of Coincidence Algorithm | Key Identification |
1 | 7 | 4 | 2 | Not | V ≠ K | No | No |
2 | 10 | 7 | 4 | Not | V ≠ K | No | No |
3 | 12 | 7 | 4 | Yes | V ≠ K | No | No |
4 | 8 | 5 | 3 | Not | V ≠ K | No | No |
Performance | Space Complexity | Time Complexity | ||||||
---|---|---|---|---|---|---|---|---|
Servers | O.S | Plaintext Length | Cipher Key Length | Ciphertext Length | Plaintext Memory Allocation | Ciphertext Memory Allocation | Data Encryption Time (sec) | Data Decryption Time (sec) |
1 | MsWindow 7 | 41 | 5 | 42 | 30.17 KB | 32.27 KB | 10.35 | 12.41 |
2 | MsWindow 8 | 24 | 5 | 25 | 28.52 KB | 30.12 KB | 07.21 | 08.12 |
3 | MsWindow 8 | 25 | 9 | 25 | 30.17 KB | 32.81 KB | 10.24 | 22.85 |
4 | MsWindow 10 | 12 | 3 | 13 | 21.14 KB | 23.55 KB | 04.58 | 05.11 |
5 | MsWindow 10 | 37 | 6 | 38 | 27.40 KB | 29.57 KB | 09.37 | 11.19 |
6 | MsWindow 10 | 26 | 4 | 27 | 24.43 KB | 26.35 KB | 08.53 | 10.14 |
7 | MsWindow 11 | 65 | 4 | 66 | 40.31 KB | 42.48 KB | 13.25 | 15.12 |
8 | MsWindow 11 | 47 | 5 | 48 | 32.49 KB | 34.29 KB | 11.19 | 13.45 |
Sr# | 1 | 2 | 3 | 4 | 5 | Proposed Work |
---|---|---|---|---|---|---|
Reference No. | [18] | [19] | [20] | [21] | [22] | |
Used Keys | No | Static | Static | Static | Dynamic | Cipher key |
Key Generating Mechanism | No | No | No | No | generated key from Hill matrix | SWJK algorithm |
Encryption Time | No | No | No | No | No | Yes |
Decryption time | No | No | No | No | No | Yes |
ASCII table | Standard | Standard | Standard | Standard | Standard | Customized |
Proposed Algorithm | Hill cipher algorithm | Merge Caesar cipher, Stream cipher, and Playfair | Modified Vigenère cipher algorithm | Modified Hill cipher algorithm and developed Hill cipher chain algorithm | Radix-64 Bit and Hill matrix | WEDEx-Kerberotic system |
Novelty | Prevent data from man-in-the-middle attacks | Secured data with three different keys | Prevent the key from cryptanalysis attacks | Provided security to primary key | Twice ciphertext than the actual text | Cipher key, data authentication system, data encryption by WEDEx-Kerberotic system |
Gaps | The algorithm did not use a key and can be easily decrypt | Difficulty in implementing the same key on the algorithm where the key is required | Secure key can prevent the cloud from cryptanalysis attacks | Only primary key security is not sufficient for data encryption. | Cryptanalysis possibility on Hill matrix algorithm | Identified all existing problems |
Proposed Paper Solutions | Used SWJK Cipher key, not easy to decrypt | Secure data with a single cipher key | Cipher key generate from SWJK algorithm | Secure key and data at the same time. | Cryptanalysis is not possible | Solved all problems |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Zahra, S.W.; Nadeem, M.; Arshad, A.; Riaz, S.; Ahmed, W.; Abu Bakr, M.; Alabrah, A. Emergence of Novel WEDEx-Kerberotic Cryptographic Framework to Strengthen the Cloud Data Security against Malicious Attacks. Symmetry 2024, 16, 605. https://doi.org/10.3390/sym16050605
Zahra SW, Nadeem M, Arshad A, Riaz S, Ahmed W, Abu Bakr M, Alabrah A. Emergence of Novel WEDEx-Kerberotic Cryptographic Framework to Strengthen the Cloud Data Security against Malicious Attacks. Symmetry. 2024; 16(5):605. https://doi.org/10.3390/sym16050605
Chicago/Turabian StyleZahra, Syeda Wajiha, Muhammad Nadeem, Ali Arshad, Saman Riaz, Waqas Ahmed, Muhammad Abu Bakr, and Amerah Alabrah. 2024. "Emergence of Novel WEDEx-Kerberotic Cryptographic Framework to Strengthen the Cloud Data Security against Malicious Attacks" Symmetry 16, no. 5: 605. https://doi.org/10.3390/sym16050605
APA StyleZahra, S. W., Nadeem, M., Arshad, A., Riaz, S., Ahmed, W., Abu Bakr, M., & Alabrah, A. (2024). Emergence of Novel WEDEx-Kerberotic Cryptographic Framework to Strengthen the Cloud Data Security against Malicious Attacks. Symmetry, 16(5), 605. https://doi.org/10.3390/sym16050605