List of Articles attack

• Open Access Article
  • Abstract Page
  • Full-Text
  
  1 - Design of An intrusion detection system with new architecture for malware attacks on flash disks
  Soheil Afraz
  Development and variety of flash disks, portability and increasing popularity use of their has led to all four of malware released today in cyberspace, a specific malware attacks on these devices and USB-based attacks increasingly and to become a serious problem .Hence More

  Development and variety of flash disks, portability and increasing popularity use of their has led to all four of malware released today in cyberspace, a specific malware attacks on these devices and USB-based attacks increasingly and to become a serious problem .Hence, this paper outlines the most important communication port USB based attacks discussed with practical solutions to deal with these attacks in seven ways and A host-based intrusion detection software systems were developed that Simultaneously utilizes the advantages of both methods of intrusion detection based on misuse and anomaly, its own Guidelines a accurately such attacks recognize and to deal with them. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  2 - modified division and replication of data in cloud for optimal performace and security (MDROPS)
  hossein hassanpour
  The tendency of organizations to use cloud services is increasing every day, due to the economic benefits that can be contained, the adoption of every service of information security topic is the most critical basic needs. Hence the need to Outsourcing data as well as t More

  The tendency of organizations to use cloud services is increasing every day, due to the economic benefits that can be contained, the adoption of every service of information security topic is the most critical basic needs. Hence the need to Outsourcing data as well as the significant growth of the hacker's knowledge may be considered as a major obstacle in the path of securing the cloud services. One of the proposed techniques to secure cloud computing using network platform, is divide and replicate data [5]. That this method suffers from problems like disclosure of Information through telephone (internet) tapping, incompleteness of encryption of location's data storage algorithm. Therefore, in this article we have tried to present a way to optimize the performance and increase the level of security, by dividing and replicating data using a methodology with the encryption of location's respondents and Finally, we want to indicate the increase of efficiency and security with the implementation of the algorithm in the context of data center networks that simulated with Cloudsim software, and also to compare the algorithm using the same proposed approaches. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  3 - Identifying Cloned Profiles on Online Social Networks by Identifying Nodes in Overlapping Communities and User Interactions
  Zahra Hamzehzadeh
  With the growing popularity of social networks, identifying Profile Cloning Attacks (PCAs) is an important challenge within the scope of privacy in the communications world. Until now, researchers have identified these attacks by using features such as profile informati More

  With the growing popularity of social networks, identifying Profile Cloning Attacks (PCAs) is an important challenge within the scope of privacy in the communications world. Until now, researchers have identified these attacks by using features such as profile information, link information, and interactions information that are based on methods like similarities and network structure. Previously suggested approaches lack specific routine and logic to track an attacker, and begin identifying PCAs with victim direct requests or according to the time of a friend request from an attacker. This research offers a new approach with a total of two major steps. Step one emphasizes that  legitimate users are attracted to interactions within their local communities; conversely, attackers are attracted to more dense areas. Step two was designed according to the analysis of the interactive behavior that is obtained from users 'earlier research. With this approach, according to a logic based on network structure, search cloned profiles can be identified.   Finally, a list of suspicious nodes to cloned nodes has been introduced with their scores that show the accuracy of selection. During the research, a logical relation between the average degrees of social network graph and the selection of the appropriate suspicious nodes with high priority was extracted. Finally, a general framework is proposed. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  4 - Cyber Threats Foresight Against Iran Based on Attack Vector
  mahdi omrani masoud shafiee siavash khorsandi
  Cyber ​​threats have been extraordinary increased in recent years. Cyber ​​attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of More

  Cyber ​​threats have been extraordinary increased in recent years. Cyber ​​attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of Iran. The complexity of cyber threats and the devastating effects of them on critical systems highlights necessity of cyber threats Foresight. This research can prepare the country for countering cyber threats based on existing and potential attack Vectors. First of all, 18 major cyber threats drivers base on attack Vectors through reviewing resources and interviewing with seven experts were identified. We use cross-impact analysis Future studies method to indicate main drivers of future cyber threats such as social engineering, Denial of service, ransomwares, spoofing and fraud and non-state actors. Mic Mac software will be used for this step. Finally, future scenarios for cyber threats were identified by using scenario-based approach. Scenario Wizard software will be used. The results of the research include two strong scenarios and 18 possible scenarios, based on the strongest scenario, ransomware, spoofing, fraud, social engineering and Denial of service are the most likely cyber threats by non-state actors through in a limited level Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  5 - Defense against SYN Flooding Attacks: A Scheduling Approach
  Shahram Jamali Gholam Shaker
  10.7508/jist.2014.01.007
  The TCP connection management protocol sets a position for a classic Denial of Service (DoS) attack, called the SYN flooding attack. In this attack attacker sends a large number of TCP SYN segments, without completing the third handshaking step to quickly exhaust connec More

  The TCP connection management protocol sets a position for a classic Denial of Service (DoS) attack, called the SYN flooding attack. In this attack attacker sends a large number of TCP SYN segments, without completing the third handshaking step to quickly exhaust connection resources of the victim server. Therefore it keeps TCP from handling legitimate requests. This paper proposes that SYN flooding attack can be viewed metaphorically as result of an unfair scheduling that gives more opportunity to attack requests but prevents legal connections from getting services. In this paper, we present a scheduling algorithm that ejects the half connection with the longest duration, when number of half open connections reaches to the upper bound. The simulation results show that the proposed defense mechanism improves performance of the under attack system in terms of loss probability of requests and share of regular connections from system resources. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  6 - SIP Vulnerability Scan Framework
  Mitra Alidoosti Hassan Asgharian Ahmad akbari
  10.7508/jist.2014.04.003
  The purpose of this paper is to provide a framework for detecting vulnerabilities in SIP (Session Initiation Protocol) networks. We try to find weaknesses in SIP enabled entities that an attacker by exploiting them is able to attack the system and affect it. This framew More

  The purpose of this paper is to provide a framework for detecting vulnerabilities in SIP (Session Initiation Protocol) networks. We try to find weaknesses in SIP enabled entities that an attacker by exploiting them is able to attack the system and affect it. This framework is provided by the concept of penetration testing and is designed to be flexible and extensible, and has the capability to customize for other similar session based protocols. To satisfy the above objectives, the framework is designed with five main modules for discovery, information modeling, operation, evaluation and report. After setting up a test-bed as a typical VoIP system to show the validity of the proposed framework, this system has been implemented as a SIP vulnerability scanner. We also defined appropriate metrics for gathering the performance statistics of SIP components. Our test bed is deployed by open-source applications and used for validation and also evaluation of the proposed framework. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  7 - Security Analysis of Scalar Costa Scheme Against Known Message Attack in DCT-Domain Image Watermarking
  Reza Samadi Seyed Alireza  Seyedin
  10.7508/jist.2014.04.006
  This paper proposes an accurate information-theoretic security analysis of Scalar Costa Scheme (SCS) when the SCS is employed in the embedding layer of digital image watermarking. For this purpose, Discrete Cosine Transform (DCT) coefficients are extracted from the cove More

  This paper proposes an accurate information-theoretic security analysis of Scalar Costa Scheme (SCS) when the SCS is employed in the embedding layer of digital image watermarking. For this purpose, Discrete Cosine Transform (DCT) coefficients are extracted from the cover images. Then, the SCS is used to embed watermarking messages into mid-frequency DCT coefficients. To prevent unauthorized embedding and/or decoding, the SCS codebook is randomized using the pseudorandom dither signal which plays the role of the secret key. A passive attacker applies Known Message Attack (KMA) on the watermarked messages to practically estimate the secret key. The security level is measured using residual entropy (equivocation) of the secret key provided that the attacker’s observations are available. It can be seen that the practical security level of the SCS depends on the host statistics which has contradiction with previous theoretical result. Furthermore, the practical security analysis of the SCS leads to the different values of the residual entropy in comparison with previous theoretical equation. It will be shown that these differences are mainly due to existence of uniform regions in images that cannot be captured by previous theoretical analysis. Another source of such differences is ignoring the dependencies between the observations of non-uniform regions in previous theoretical analysis. To provide an accurate reformulation, the theoretical equation for the uniform regions and the empirical equation for the non-uniform regions are proposed. Then, by combining these equations a new equation is presented for the whole image which considers both host statistics and observations dependencies. Finally, accuracy of the proposed formulations is examined through exhaustive simulations. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  8 - Modeling the Inter-arrival Time of Packets in Network Traffic and Anomaly Detection Using the Zipf’s Law
  Ali Naghash Asadi Mohammad  Abdollahi Azgomi
  10.7508/jist.2018.02.003
  In this paper, a new method based on the Zipf’s law for modeling the features of the network traffic is proposed. The Zipf's law is an empirical law that provides the relationship between the frequency and rank of each category in the data set. Some data sets may follow More

  In this paper, a new method based on the Zipf’s law for modeling the features of the network traffic is proposed. The Zipf's law is an empirical law that provides the relationship between the frequency and rank of each category in the data set. Some data sets may follow from the Zipf’s law, but we show that each data set can be converted to the data set following from the Zipf’s law by changing the definition of categories. We use this law to model the inter-arrival time of packets in the normal network traffic and then we show that this model can be used to simulate the inter-arrival time of packets. The advantage of this law is that it can provide high similarity using less information. Furthermore, the Zipf’s law can model different features of the network traffic that may not follow from the mathematical distributions. The simple approach of this law can provide accuracy and lower limitations in comparison to existing methods. The Zipf's law can be also used as a criterion for anomaly detection. For this purpose, the TCP_Flood and UDP_Flood attacks are added to the inter-arrival time of packets and they are detected with high detection rate. We show that the Zipf’s law can create an accurate model of the feature to classify the feature values and obtain the rank of its categories, and this model can be used to simulate the feature values and detect anomalies. The evaluation results of the proposed method on MAWI and NUST traffic collections are presented in this paper. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  9 - Stability Analysis of Networked Control Systems under Denial of Service Attacks using Switching System Theory
  Mohammad SayadHaghighi Faezeh Farivar
  With the development of computer networks, packet-based data transmission has found its way to Cyber-Physical Systems (CPS) and especially, networked control systems (NCS). NCSs are distributed industrial processes in which sensors and actuators exchange information bet More

  With the development of computer networks, packet-based data transmission has found its way to Cyber-Physical Systems (CPS) and especially, networked control systems (NCS). NCSs are distributed industrial processes in which sensors and actuators exchange information between the physical plant and the controller via a network. Any loss of data or packet in the network links affects the performance of the physical system and its stability. This loss could be due to natural congestions in network or a result of intentional Denial of Service (DoS) attacks. In this paper, we analytically study the stability of NCSs with the possibility of data loss in the feed-forward link by modelling the system as a switching one. When data are lost (or replaced with a jammed or bogus invalid signal/packet) in the forward link, the physical system will not receive the control input sent from the controller. In this study, NCS is regarded as a stochastic switching system by using a two-position Markov jump model. In State 1, the control signal/packet passes through and gets to the system, while in State 2, the signal or packet is lost. We analyze the stability of system in State 2 by considering the situation as an open-loop control scenario with zero input. The proposed stochastic switching system is studied in both continuous and discrete-time spaces to see under what conditions it satisfies Lyapunov stability. The stability conditions are obtained according to random dwell times of the system in each state. Finally, the model is simulated on a DC motor as the plant. The results confirm the correctness of the obtained stability conditions. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  10 - Analyzing Weighted Attack Graphs Using Genetic Algorithms
  M. Abadi Saeed Jalili
  Each attack graph represents a collection of possible attack scenarios in a computer network. In this paper, we use weighted attack graphs (WAGs) for vulnerability assessment of computer networks. In these directed graphs, a weight is assigned to each exploit by the sec More

  Each attack graph represents a collection of possible attack scenarios in a computer network. In this paper, we use weighted attack graphs (WAGs) for vulnerability assessment of computer networks. In these directed graphs, a weight is assigned to each exploit by the security analyst. The weight of an exploit is proportionate to the cost required to prevent that exploit. The aim of analyzing a weighted attack graph is to find a critical set of exploits such that the sum of their weights is minimum and by preventing them no attack scenario is possible. In this paper, we propose a greedy algorithm, a genetic algorithm with a greedy mutation operator, and a genetic algorithm with a dynamic fitness function for analyzing the weighted attack graphs. The proposed algorithms are used to analyze a sample weighted attack graph and several randomly generated large-scale weighted attack graphs. The results of experiments show that the proposed genetic algorithms outperform the greedy algorithm and find a critical set of exploits with less total weight. Finally, we compare the performance of the second genetic algorithm with an approximation algorithm for analyzing several randomly generated large-scale simple attack graphs. The results of experiments show that our proposed genetic algorithm has better performance than the approximation algorithm and finds a critical set of exploits with less cardinality. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  11 - The Effects of SIP Register Flood Attack and Detection by Using Kullback–Leibler Distance
  S. R. Chogan M. Fathy M. Ramezani
  Voice communications through internet uses VOIP which includes several protocols while its secrecy is very important issue. SIP is the most important signaling protocol whose attack detection may help system immunization. This paper is dedicated to the issue of SIP regi More

  Voice communications through internet uses VOIP which includes several protocols while its secrecy is very important issue. SIP is the most important signaling protocol whose attack detection may help system immunization. This paper is dedicated to the issue of SIP registration flood attacks. Attackers can send registration signals which have several dangers for registration server. In this paper, SIP register flood attacks is investigated by details and the effects of attack over registration server is illustrated. Finally, the effects of attack, regarding the ratios compared with a regular situation of the network, are evaluated in experiments done in a real network. Moreover, instead of Hellinger distance, Kullback–Leibler distance is used for register flood attacks detection and corresponding ROC curves show this approach has better performance. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  12 - Identifying Primary User Emulation Attacks in Cognitive Radio Network Based on Bayesian Nonparametric Bayesian
  K. Akbari J. Abouei
  Cognitive radio as a key technology is taken into consideration widely to cope with the shortage of spectrum in wireless networks. One of the major challenges to realization of CR networks is security. The most important of these threats is primary user emulation attack More

  Cognitive radio as a key technology is taken into consideration widely to cope with the shortage of spectrum in wireless networks. One of the major challenges to realization of CR networks is security. The most important of these threats is primary user emulation attack, thus malicious user attempts to send a signal same as primary user's signal to deceive secondary users and prevent them from sending signals in the spectrum holes. Meanwhile, causing traffic in CR network, malicious user obtains a frequency band to send their information. In this thesis, a method to identify primary user emulation attack is proposed. According to this method, primary users and malicious users are distinguished by clustering. In this method, the number of active users is recognized in the CR network by clustering. Indeed, by using Dirichlet process mixture model classification based on the Bayesian Nonparametric method, primary users are clustered. In addition, to achieve higher convergence rate, Chinese restaurant process method to initialize and non-uniform sampling is applied to select clusters parameter. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  13 - A Lightweight Intrusion Detection System Based on Two-Level Trust for Wireless Sensor Networks
  M. sadeghizade O. R. Marouzi
  Wireless sensor networks (WSNs) are one of the useful and attractive technologies that have received much attention in recent years. These networks have been used in a variety of applications, due to their ease of use and inexpensive deployment. Due to the criticality o More

  Wireless sensor networks (WSNs) are one of the useful and attractive technologies that have received much attention in recent years. These networks have been used in a variety of applications, due to their ease of use and inexpensive deployment. Due to the criticality of most applications of these networks, security is considered as one of the essential parameters of the quality of service (QoS), and thus Intrusion Detection System (IDS) is considered as a fundamental requirement for security in these networks. This paper provides a trust-based IDS to protect the WSN against all network layer and routing attacks based on the features extracted from them. Through simulations, the proposed IDS has been evaluated with all performance criteria. The results show that the proposed IDS, in comparison with existing works, which often focuses on a specific attack, covers all network layer and routing attacks in WSNs, and also, due to high detection accuracy, low false alarms rate, and low energy consumption is considered as a desirable and lightweight IDS for WSNs. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  14 - An On-Chip Detection Mechanism to Detect Scan-Based Attack in Crypto-Chips
  F. Jamali Zavareh H. Beitollahi
  Since the advent of cryptographic chips, the side channel attacks have become a serious threat to cryptographic algorithms and security systems. The side channel attacks use weaknesses in the chip implementation instead of using the computational weaknesses of the algor More

  Since the advent of cryptographic chips, the side channel attacks have become a serious threat to cryptographic algorithms and security systems. The side channel attacks use weaknesses in the chip implementation instead of using the computational weaknesses of the algorithms. The scan chain that is widely used in the chip test is one of these side channels. To avoid an attack using a scan chain, one can remove the scan chain after the construction test, but this method makes it impossible to test the post-construction and updating the circuit. Therefore, in addition to preserving the testability of the scan chain, it is necessary to look for a method to prevent the side channel attacks. In this article, a method is proposed to identify the attacker and prevent his scan-based attacks. In this way, by the user authorization, the corresponding output will be generated and the attacker's access to sensitive information is prevented. The proposed method, with an area overhead of less than 1%, power overhead around 1% and a negligible delay overhead retains testability and can prevent differential and signature-based scan attacks better than previous state-of-the-art techniques. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  15 - SAHAR: An Architecture to Strengthen the Control Plane of the Software-Defined Network Against Denial of Service Attacks
  mehran shetabi Ahmad Akbari
  Software-defined network (SDN) is the next generation of network architecture thatby separating the data plane and the control plane enables centralized control with the aim of improving network management and compatibility. However, due to the centralized control polic More

  Software-defined network (SDN) is the next generation of network architecture thatby separating the data plane and the control plane enables centralized control with the aim of improving network management and compatibility. However, due to the centralized control policy, this type of network is prone to Inaccessibility of control plane against a denial of service (DoS) attack. In the reactive mode, a significant increase in events due to the entry of new flows into the network puts a lot of pressure on the control plane. Also, the presence of recurring events such as the collection of statistical information from the network, which severely interferes with the basic functionality of the control plane, can greatly affect the efficiency of the control plane. To resist attack and prevent network paralysis, this paper introduces a new architecture called SAHAR, which consists of a control box consisting of a coordinator controller, a primary flow setup controller, and one or more (as needed) secondary flow setup controller(s). Assigning monitoring and managing tasks to the coordinator controller reduces the load of flow setup controllers. In addition, dividing the incoming traffic between the flow setup controllers by the coordinator controller distributes the load at the control plane. Thus, by assigning the traffic load resulting from a denial-of-service attack to one or more secondary flow setup controller(s), the SAHAR architecture can prevent the primary flow setup controller from impairment and resist DoS attacks. Tests show that SAHAR performs better in the face of a DoS attack than existing solutions. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  16 - Detection and Mitigation of a Combined Cyber Attack on Automatic Generation Control
  Tina Hajiabdollah H. Seifi Hamed Delkhosh
  Recent advances in power system monitoring and control require communication infrastructure to send and receive measurement data and control commands. These cyber-physical interactions, despite increasing efficiency and reliability, have exposed power systems to cyber a More

  Recent advances in power system monitoring and control require communication infrastructure to send and receive measurement data and control commands. These cyber-physical interactions, despite increasing efficiency and reliability, have exposed power systems to cyber attacks. The Automatic Generation Control (AGC) is one of the most important control systems in the power system, which requires communication infrastructure and has been highly regarded by cyber attackers. Since a successful attack on the AGC, not only has a direct impact on the system frequency, but can also affect the stability and economic performance of the power system. Therefore, understanding the impact of cyber attacks on AGC and developing strategies to defend against them have necessity and research importance. In most of the research in the field of attack-defense of AGC, the limitations of AGC in modeling such as governor dead band and communication network transmission delay have been ignored. On the other hand, considering two cyber attacks on the AGC and proposing a way to defend against them simultaneously, have not been considered. In this paper, while using the improved AGC model including governor dead band and communication network transmission delay, the effect of two attacks - data injection attack (FDI) and delay attack which are the most important cyber attacks on AGC - has been investigated. Also, the simultaneous effect of these two attacks is discussed as a combined cyber attack. The Kalman filter-based three-step defense method has been proposed to detect, estimate and mitigate the impact of the attacks and its effectiveness has been tested on the two-area AGC system. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  17 - Robust Planning of False Data Injection Attack on Electricity Markets in Smart Grids
  Hamed Badrsimaei R. Hooshmand Soghra  Nobakhtian
  False data injection attack (FDIA) is a destructive cyber threat to the economic performance of electricity markets in smart grids. A cyber attacker can make a huge financial profit by implementing an FDIA through penetrating the virtual transactions of the electricity More

  False data injection attack (FDIA) is a destructive cyber threat to the economic performance of electricity markets in smart grids. A cyber attacker can make a huge financial profit by implementing an FDIA through penetrating the virtual transactions of the electricity markets and manipulating electricity prices. In this paper, a new approach to planning an absolutely stealthily FDIA is presented with the aim of achieving maximum financial profit from the perspective of a cyber attacker participating in virtual transactions from two markets of day-ahead (DA) and real-time (RT). A common hypothesis in studies of FDIAs against electricity markets is that the attacker has complete information about the smart grid. But the fact is that the attacker has limited resources and can hardly access all the network information. This paper proposes a robust approach in designing an attack strategy under incomplete network information conditions. In particular, it is assumed that the attacker has uncertainties about the network modeling matrices. The validity of the proposed method is evaluated based on the IEEE 14-bus standard system using the Matpower tool. Numerical results confirm the relative success of the proposed attack in cases of varying degrees of incomplete information. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  18 - Proposing a Detection and Mitigation Approach for DDoS Attacks on SDN-Based IoT Networks
  fatemeh MotieShirazi Seyedakbar Mostafavi
  Internet of Things (IoT) is a network of objects on which objects can communicate with other objects. The Internet of Things is currently constantly under numerous attacks due to technical, legal and human problems. One of the most important of these attacks is the Deni More

  Internet of Things (IoT) is a network of objects on which objects can communicate with other objects. The Internet of Things is currently constantly under numerous attacks due to technical, legal and human problems. One of the most important of these attacks is the Denial of Service (DoS) attack, in which normal network services are out of service and it is impossible for objects and users to access the server and other resources. Existing security solutions have not been able to effectively prevent interruption attacks in Internet of Things services. Software-oriented network (SDN) is a new architecture in the network based on the separation of the control and data plane of the network. Programmability and network management capability by SDN can be used in IoT services because some IoT devices send data periodically and in certain time intervals. SDN can help reduce or prevent the data flood caused by IoT if properly deployed in the data center. In this article, a method to detect DDoS attacks in Internet of Things based on SDN is presented and then an algorithm to reduce DDoS attacks is presented. The proposed method is based on the entropy criterion, which is one of the most important concepts in information theory and is calculated based on the characteristics of the flow. In this method, by using two new components on the controller to receive incoming packets and considering the time window and calculating entropy and flow rate, a possible attack is detected in the network, and then based on the statistics of the flow received from the switches, the certainty of the attack is determined. Compared to the existing methods, the proposed method has improved 12% in terms of attack detection time and 26% in terms of false positives/negatives. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  19 - computer security models and proposing a new perspective: A review paper
  Hadi sadjadi Reza Kalantari
  In this article first the use of computer security models and its benefits are discussed in a novel way. Then, while briefly introducing the space of computer security encounters in the form of ontology, for the first time, three perspectives in the study of patterns in More

  In this article first the use of computer security models and its benefits are discussed in a novel way. Then, while briefly introducing the space of computer security encounters in the form of ontology, for the first time, three perspectives in the study of patterns in this field have been identified and distinguished from each other. These three perspectives include the view of secure models, the view of security models, and the view of the framework and system to security models. The first and third perspectives are briefly explained and the second perspective is studied in detail from the perspective of the organization of patterns, including the five types of organization. The five types mentioned include software-based lifecycle organization, logical-level organization-based organization, threat-based classification-based organization, attack-based classification-based organization, and application-based organization. In this type of introduction of patterns, the audience acquires a comprehensive view of the discourse of computer security patterns and acquires the necessary knowledge to make better use of these patterns. Finally, the analysis and idea of this research is presented in the form of introducing a new type of organization in order to facilitate the proper use and addressing of patterns. In this idea, it is stated that the existing categories are mostly static and forward-looking and do not have the necessary dynamism and backwardness, and the idea of covering all stakeholders and security ontology can have this feature and, in addition, include agile patterns as well. . Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  20 - Fake Websites Detection Improvement Using Multi-Layer Artificial Neural Network Classifier with Ant Lion Optimizer Algorithm
  Farhang Padidaran Moghaddam Mahshid Sadeghi B.
  In phishing attacks, a fake site is forged from the main site, which looks very similar to the original one. To direct users to these sites, Phishers or online thieves usually put fake links in emails and send them to their victims, and try to deceive users with social More

  In phishing attacks, a fake site is forged from the main site, which looks very similar to the original one. To direct users to these sites, Phishers or online thieves usually put fake links in emails and send them to their victims, and try to deceive users with social engineering methods and persuade them to click on fake links. Phishing attacks have significant financial losses, and most attacks focus on banks and financial gateways. Machine learning methods are an effective way to detect phishing attacks, but this is subject to selecting the optimal feature. Feature selection allows only important features to be considered as learning input and reduces the detection error of phishing attacks. In the proposed method, a multilayer artificial neural network classifier is used to reduce the detection error of phishing attacks, the feature selection phase is performed by the ant lion optimization (ALO) algorithm. Evaluations and experiments on the Rami dataset, which is related to phishing, show that the proposed method has an accuracy of about 98.53% and has less error than the multilayer artificial neural network. The proposed method is more accurate in detecting phishing attacks than BPNN, SVM, NB, C4.5, RF, and kNN learning methods with feature selection mechanism by PSO algorithm. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  21 - A Survey on Computer Security Patterns and Proposing a New Perspective
  Hadi sadjadi Reza Kalantari
  In this article, at the beginning, the use of computer security models and its benefits are discussed in a new way. Then, while briefly introducing the space of computer security encounters in the form of ontology, three perspectives in the study of patterns in this fie More

  In this article, at the beginning, the use of computer security models and its benefits are discussed in a new way. Then, while briefly introducing the space of computer security encounters in the form of ontology, three perspectives in the study of patterns in this field have been identified and distinguished from each other. These three perspectives are secure models, security models, and the framework and system to security models. The first and last perspectives are briefly explained and the second perspective is studied in detail from the perspective of the organization of patterns, including the five types of organization. The five types mentioned include software-based lifecycle organization, logical-level organization-based organization, threat-based classification-based organization, attack-based classification-based organization, and application-based organization. In this type of introduction of patterns, the audience acquires a comprehensive view of the discourse of computer security patterns and acquires the necessary knowledge to make better use of these patterns. Finally, the analysis and idea of this research are presented in the form of introducing a new type of organization in order to facilitate the proper use and addressing of patterns. It is stated that the existing categories are mostly static and forward-looking and do not have the necessary dynamism and backwardness, and the idea of covering all stakeholders and security ontology can have this feature and, include agile patterns as well. Based on this idea and related analyzes, the atmosphere of future research activities will be revealed to the audience. Manuscript profile