**About the book**

This book discusses some of the critical security challenges being faced by today's computing world, as well as mechanisms to defend against them using classical and modern techniques of cryptography. With this goal, the book presents a collection of research work from experts in the field of cryptography and network security.

The book is organized into two sections. Section 1 contains six chapters that focus on various aspects of network security. Section 2 consists of three chapters dealing with various mechanisms of cryptography. In Chapter 1, "Introductory Chapter: Machine Learning in Misuse and Anomaly Detection," Sen and Mehtab examine how various machine learning approaches can be gainfully utilized in network security and intrusion detection systems. They illustrate systems exploiting supervised learning, unsupervised learning, and hybrid learning, and discuss their relative advantages and disadvantages. In Chapter 2, "A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks," Ekonde proposes a scheme for enforcing security in a cross-layer mode by using a coding technique in the physical layer in the communication protocol stack in a wireless environment. The coding scheme is implemented using *residue number system* (RNS) and non-linear convolution coding at the physical layer, and the RSA security protocol in the higher layer of the protocol stack, to achieve security in communication. The error correction ability is achieved using a non-linear convolution code. The chapter also presents details about an FPGA implementation of the proposed scheme. In Chapter 3, "Anomaly-Based Intrusion Detection System," Jyothsna emphasizes the need for efficient and effective intrusion detection systems for defending against anomaly-based attacks, and then proposes some approach to detect anomalybased intrusions in a network using unsupervised learning methods. The chapter also presents a brief review of various intrusion detection approaches, such as statistical approaches, knowledge-based techniques, data mining-based methods, and approaches based on machine learning. The author discusses two specific methods of anomaly detection—*feature correlation analysis and association impact scale* (FCAAIS) and *feature association impact scale* (FAIS)—and analyzes their performance. In Chapter 4, "Security in Wireless Local Area Networks (WLANs) ," Singh and Sharma discusse various currently available security and authentication mechanisms for handoff, and confidentiality of messages in a *wireless local area network* (WLAN) environment. The authors argue that security protocols in a WLAN environment should be lightweight in computation and should not also involve heavy message communication. In this context, the authors propose two protocols—*control and provisioning of wireless access points* (CAPWAP) and

**V**

different key size.

network security algorithms and protocols.

*hand over keying* (HOKEY)—for secure handoff in a WLAN. In Chapter 5, "Analysis of Network Protocols: The Ability of Concealing the Information," Noskov discusses methods of hiding data in a network communication using various approaches of steganography. The author compares performances of various schemes including *transcoding steganography* (TransSteg), *lost audio packets* (LACK), *hidden communication system for corrupted networks* (HICCUPS), *retransmission steganography* (RSTEG), modifications in the headers of TCP and IP packets, modification in the data blocks in *stream control transmission protocol* (SCTP) protocols, hybrid SCTP protocol, and SCTP multi-homing method. In Chapter 6, "Multifactor Authentication Methods: A Framework for Their Comparison and Selection," Velasquez et al. propose a detailed guideline for choosing various multifactor authentication systems for secure access to information. The guidelines have been designed using an extensive action-research methodology in collaboration with experts in the field of secure information system design. In Chapter 7, "Secure Communication Using Cryptography and Covert Channel," Fatayer proposes a scheme of merging encryption, authentication, and covert channel to realize a covert channel of communication that ensures integrity and confidentiality of information communicated over the channel. This covert channel is also used for generating keys for encrypting messages. The chapter also presents results of the performance of the proposed scheme. In Chapter 8, "High-Speed Area-Efficient Implementation of AES Algorithm on Reconfigurable Platform," Mane and Mulani present a scheme of implementation of the *advanced encryption standard* (AES) of a symmetric key encryption algorithm. The scheme uses Xilinx SysGen on Nexys4 and simulates the encryption environment using Simulink. The experimental results show that the scheme produces an overall data throughput of 14.1125 GBPS while consuming 121 slice registers. In Chapter 9, "Hybrid Approaches to Block Cipher," Chitrakar et al. propose two schemes of DNA cryptography. The authors first present a *DNA hybridization scheme* (DHES) in which DNA cryptography is used for encryption and decryption using a *onetime password* (OTP)–based approach for key generation. In the second scheme the authors propose a *hybrid graphical encryption algorithm* (HGEA) utilizing pattern recognition and transformation using mono-alphabetic or poly-alphabetic substitution with a range of characters consisting of 256 possible values. The chapter presensts results of the performance of both schemes with plaintexts of different length and content using

We hope that the volume will be useful for researchers, engineers, graduate and doctoral students, and faculty members of graduate schools and universities who work in the field of cryptography and network security. However, since it is not an introductory book on the subject, the subject matter does not deal with any basic information. Rather, the chapters in the book present some in-depth cryptography and network security-related theories, as well as some of the latest updates that might be of interest to advanced students and researchers in identifying their research problems and focussing on their solutions. It is assumed that readers have knowledge of mathematical and theoretical backgrounds of cryptography and

We express our sincere thanks to all authors for their valuable contributions. Without their cooperation and eagerness to contribute, this project would never have been successfully completed. All the authors have been extremely cooperative and punctual during the submission, editing, and publication processes. We express our heartfelt thanks to Ms. Kristina Kardum, Publishing Process Manager at IntechOpen Publishing, London, for support, encouragement, patience, and

*hand over keying* (HOKEY)—for secure handoff in a WLAN. In Chapter 5, "Analysis of Network Protocols: The Ability of Concealing the Information," Noskov discusses methods of hiding data in a network communication using various approaches of steganography. The author compares performances of various schemes including *transcoding steganography* (TransSteg), *lost audio packets* (LACK), *hidden communication system for corrupted networks* (HICCUPS), *retransmission steganography* (RSTEG), modifications in the headers of TCP and IP packets, modification in the data blocks in *stream control transmission protocol* (SCTP) protocols, hybrid SCTP protocol, and SCTP multi-homing method. In Chapter 6, "Multifactor Authentication Methods: A Framework for Their Comparison and Selection," Velasquez et al. propose a detailed guideline for choosing various multifactor authentication systems for secure access to information. The guidelines have been designed using an extensive action-research methodology in collaboration with experts in the field of secure information system design. In Chapter 7, "Secure Communication Using Cryptography and Covert Channel," Fatayer proposes a scheme of merging encryption, authentication, and covert channel to realize a covert channel of communication that ensures integrity and confidentiality of information communicated over the channel. This covert channel is also used for generating keys for encrypting messages. The chapter also presents results of the performance of the proposed scheme. In Chapter 8, "High-Speed Area-Efficient Implementation of AES Algorithm on Reconfigurable Platform," Mane and Mulani present a scheme of implementation of the *advanced encryption standard* (AES) of a symmetric key encryption algorithm. The scheme uses Xilinx SysGen on Nexys4 and simulates the encryption environment using Simulink. The experimental results show that the scheme produces an overall data throughput of 14.1125 GBPS while consuming 121 slice registers. In Chapter 9, "Hybrid Approaches to Block Cipher," Chitrakar et al. propose two schemes of DNA cryptography. The authors first present a *DNA hybridization scheme* (DHES) in which DNA cryptography is used for encryption and decryption using a *onetime password* (OTP)–based approach for key generation. In the second scheme the authors propose a *hybrid graphical encryption algorithm* (HGEA) utilizing pattern recognition and transformation using mono-alphabetic or poly-alphabetic substitution with a range of characters consisting of 256 possible values. The chapter presensts results of the performance of both schemes with plaintexts of different length and content using different key size.

We hope that the volume will be useful for researchers, engineers, graduate and doctoral students, and faculty members of graduate schools and universities who work in the field of cryptography and network security. However, since it is not an introductory book on the subject, the subject matter does not deal with any basic information. Rather, the chapters in the book present some in-depth cryptography and network security-related theories, as well as some of the latest updates that might be of interest to advanced students and researchers in identifying their research problems and focussing on their solutions. It is assumed that readers have knowledge of mathematical and theoretical backgrounds of cryptography and network security algorithms and protocols.

We express our sincere thanks to all authors for their valuable contributions. Without their cooperation and eagerness to contribute, this project would never have been successfully completed. All the authors have been extremely cooperative and punctual during the submission, editing, and publication processes. We express our heartfelt thanks to Ms. Kristina Kardum, Publishing Process Manager at IntechOpen Publishing, London, for support, encouragement, patience, and

**IV**

communications.

**About the book**

parallel architecture for computing and intelligent software. As security systems design becomes more and more complex to meet these challenges, a common mistake made most often by security specialists is not comprehensively analyzing the system to be secured before making a choice about which security mechanism to deploy. On many occasions, the security mechanism chosen turns out to be either incompatible with or inadequate for handling the complexities of the system. This, however, does not vitiate the ideas, algorithms, and protocols of the security mechanisms. While the same old security mechanism, even with appropriate extensions and enhancements, may not be strong enough to secure the multiplicity of complex systems today, the underlying principles will continue to work on the next-generation systems, and indeed, for next era of computing and

This book discusses some of the critical security challenges being faced by today's computing world, as well as mechanisms to defend against them using classical and modern techniques of cryptography. With this goal, the book presents a collection of research work from experts in the field of cryptography and network security.

The book is organized into two sections. Section 1 contains six chapters that focus on various aspects of network security. Section 2 consists of three chapters dealing with various mechanisms of cryptography. In Chapter 1, "Introductory Chapter: Machine Learning in Misuse and Anomaly Detection," Sen and Mehtab examine how various machine learning approaches can be gainfully utilized in network security and intrusion detection systems. They illustrate systems exploiting supervised learning, unsupervised learning, and hybrid learning, and discuss their relative advantages and disadvantages. In Chapter 2, "A New Cross-Layer FPGA-Based Security Scheme for Wireless Networks," Ekonde proposes a scheme for enforcing security in a cross-layer mode by using a coding technique in the physical layer in the communication protocol stack in a wireless environment. The coding scheme is implemented using *residue number system* (RNS) and non-linear convolution coding at the physical layer, and the RSA security protocol in the higher layer of the protocol stack, to achieve security in communication. The error correction ability is achieved using a non-linear convolution code. The chapter also presents details about an FPGA implementation of the proposed scheme. In Chapter 3, "Anomaly-Based Intrusion Detection System," Jyothsna emphasizes the need for efficient and effective intrusion detection systems for defending against anomaly-based attacks, and then proposes some approach to detect anomalybased intrusions in a network using unsupervised learning methods. The chapter also presents a brief review of various intrusion detection approaches, such as statistical approaches, knowledge-based techniques, data mining-based methods, and approaches based on machine learning. The author discusses two specific methods of anomaly detection—*feature correlation analysis and association impact scale* (FCAAIS) and *feature association impact scale* (FAIS)—and analyzes their performance. In Chapter 4, "Security in Wireless Local Area Networks (WLANs) ," Singh and Sharma discusse various currently available security and authentication mechanisms for handoff, and confidentiality of messages in a *wireless local area network* (WLAN) environment. The authors argue that security protocols in a WLAN environment should be lightweight in computation and should not also involve heavy message communication. In this context, the authors propose two protocols—*control and provisioning of wireless access points* (CAPWAP) and

cooperation during the period of publishing the volume. Our sincere thanks also go to Ms. Ana Pantar, Senior Commissioning Editor at IntechOpen, for having faith in us and delegating to us the critical responsibility of editing such a prestigious academic volume. We would surely be failing in our duty if we do not acknowledge the encouragement, motivation, and assistance that we received from graduate students of the School of Computing and Analytics of NSHM Knowledge Campus, Kolkata, India. While there are too many to name, the contributions of Abhishek Dutta, Manjari Mukherjee, Saikat Mondal, and Ashmita Paul stand out as being invaluable in ensuring this volume is as error-free as possible. Last but not the least, we would like to thank all members of our respective families for being the major sources of our motivation, inspiration, and strength.

> **Jaydip Sen** Department of Computing and Analytics, NSHM Knowledge Campus, Kolkata, India

> > **1**

Section 1

Network Security

Section 1
