Osama S. Faragallah^1,*, Walid El-Shafai², Ashraf Afifi¹, Ibrahim Elashry³, Mohammed A. AlZain¹, Jehad F. Al-Amri¹, Ben Soh⁴, Heba M. El-Hoseny⁵, Hala S. El-Sayed⁶, Fathi E.Abd El-Samie²

Intelligent Automation & Soft Computing, Vol.28, No.2, pp. 353-367, 2021, DOI:10.32604/iasc.2021.016865

Abstract With the rapidly increasing rate of using online services and social media websites, cybercriminals have caused a great deterioration in the network security with enormous undesired consequences. Encryption techniques may be utilized to achieve data robustness and security in digital multimedia communication systems. From this perspective, this paper presents an optical ciphering framework using Double Random Phase Encoding (DRPE) for efficient and secure transmission of Three-Dimensional Videos (3DVs). Firstly, in the DRPE-based 3DV cybersecurity framework proposed in the paper, an optical emitter converts each frame of the transmitted 3DV into an optical signal. Then, the DRPE technique encrypts the obtained… More >

Mamdouh Alenezi^*

Computer Systems Science and Engineering, Vol.37, No.2, pp. 159-167, 2021, DOI:10.32604/csse.2021.015282

Abstract Cloud computing is the provision of hosted resources, comprising software, hardware and processing over the World Wide Web. The advantages of rapid deployment, versatility, low expenses and scalability have led to the widespread use of cloud computing across organizations of all sizes, mostly as a component of the combination/multi-cloud infrastructure structure. While cloud storage offers significant benefits as well as cost-effective alternatives for IT management and expansion, new opportunities and challenges in the context of security vulnerabilities are emerging in this domain. Cloud security, also recognized as cloud computing security, refers to a collection of policies, regulations, systematic processes that… More >

Yuhua Sun¹, Lili Yan^1,*, Zhibin Sun², Shibin Zhang¹, Jiazhong Lu¹

CMC-Computers, Materials & Continua, Vol.66, No.3, pp. 2385-2395, 2021, DOI:10.32604/cmc.2021.012696

Abstract

Private comparison is the basis of many encryption technologies, and several related Quantum Private Comparison (QPC) protocols have been published in recent years. In these existing protocols, secret information is encoded by using conjugate coding or orthogonal states, and all users are quantum participants. In this paper, a novel semi-quantum private comparison scheme is proposed, which employs Bell entangled states as quantum resources. Two semi-quantum participants compare the equivalence of their private information with the help of a semi-honest third party (TP). Compared with the previous classical protocols, these two semi-quantum users can only make some particular action, such as… More >

Roddy A. Correa¹, Juan Ramón Bermejo Higuera², Javier Bermejo Higuera², Juan Antonio Sicilia Montalvo², Manuel Sánchez Rubio², Á. Alberto Magreñán^3,*

CMES-Computer Modeling in Engineering & Sciences, Vol.126, No.1, pp. 89-124, 2021, DOI:10.32604/cmes.2021.010700

Abstract This study presents a methodology to evaluate and prevent security vulnerabilities issues for web applications. The analysis process is based on the use of techniques and tools that allow to perform security assessments of white box and black box, to carry out the security validation of a web application in an agile and precise way. The objective of the methodology is to take advantage of the synergies of semi-automatic static and dynamic security analysis tools and manual checks. Each one of the phases contemplated in the methodology is supported by security analysis tools of different degrees of coverage, so that… More >

Juan R. Bermejo Higuera^{1, *}, Javier Bermejo Higuera¹, Juan A. Sicilia Montalvo¹, Javier Cubo Villalba¹, Juan José Nombela Pérez¹

CMC-Computers, Materials & Continua, Vol.64, No.3, pp. 1555-1577, 2020, DOI:10.32604/cmc.2020.010885

Abstract To detect security vulnerabilities in a web application, the security analyst must choose the best performance Security Analysis Static Tool (SAST) in terms of discovering the greatest number of security vulnerabilities as possible. To compare static analysis tools for web applications, an adapted benchmark to the vulnerability categories included in the known standard Open Web Application Security Project (OWASP) Top Ten project is required. The information of the security effectiveness of a commercial static analysis tool is not usually a publicly accessible research and the state of the art on static security tool analyzers shows that the different design and… More >

Youngseok Park¹, Hyunsang Choi¹, Sanghyun Cho¹, Young-Gab Kim^2,*

CMC-Computers, Materials & Continua, Vol.61, No.3, pp. 1075-1090, 2019, DOI:10.32604/cmc.2019.08520

Abstract The speech recognition technology has been increasingly common in our lives. Recently, a number of commercial smart speakers containing the personal assistant system using speech recognition came out. While the smart speaker vendors have been concerned about the intelligence and the convenience of their assistants, but there have been little mentions of the smart speakers in security aspects. As the smart speakers are becoming the hub for home automation, its security vulnerabilities can cause critical problems. In this paper, we categorize attack vectors and classify them into hardware-based, network-based, and software-based. With the attack vectors, we describe the detail attack… More >