ABSTRACT

Cloud computing has gained significant popularity due to its reliability and scalability, making it a compelling area of research. However, this technology is not without its challenges, including network connectivity dependencies, downtime, vendor lock-in, limited control, and most importantly, its vulnerability to attacks. Therefore, guarding the cloud is the objective of this paper, which focuses, in a novel approach, on two prevalent cloud attacks: Distributed Denial-of-service (DDoS) attacks and Man-in-the-Cloud (MitC) computing attacks. To tackle the detection of these malicious activities, machine learning algorithms, namely Decision Trees, Support Vector Machine (SVM), Naive Bayes, and K-Nearest Neighbors (KNN), are utilized. Experimental simulations of DDoS and MitC attacks are conducted within a cloud environment, and the resultant data is compiled into a dataset for training and evaluating the machine learning algorithms. The study reveals the effectiveness of these algorithms in accurately identifying and classifying malicious activities, effectively distinguishing them from legitimate network traffic. The finding highlights Decision Trees algorithm with most promising potential of guarding the cloud and mitigating the impact of various cyber threats.

Abstract
Decentralized applications leveraging blockchain technology are gaining widespread adoption within the decentralized applications ecosystem. Interoperability, a fundamental concept facilitating seamless data and processing power exchange across diverse blockchain networks, is paramount in this context. The primary objective of this paper is to explore the transformative potential of “blockchain bridges” in facilitating secure and transparent electronic voting processes across multiple blockchain networks. The study employs a comprehensive analysis of various approaches, including atomic exchanges, sidechains, cross-chain bridges, token wrappers, and interledger protocols. The selection of a specific method is guided by the unique requirements and privacy considerations of the electronic voting use case. The application of two distinct blockchains serves as a practical demonstration, illustrating the principles of blockchain bridges in real-world scenarios. The research reveals that blockchain bridges not only streamline the exchange of data between diverse blockchain networks but also establish a dual decentralization paradigm. This paradigm enables the creation of openly maintained, purpose-specific, decentralized ledgers for electronic voting. The integration of blockchain bridges significantly reduces the risk of fraud, instilling greater confidence in the accuracy of election results. Thus, by presenting a comprehensive array of approaches and emphasizing their practical application, this research contributes to advancing the understanding and implementation of blockchain technology in the critical domain of electronic voting.

Keywords: Blockchain; Bridge; e-Voting; Trustworthiness; Interoperability.

Abstract: The rapid evolution of the internet, particularly the emergence of Web3, has transformed the ways people interact and share data. Web3, although still not well defined, is thought to be a return to the decentralisation of corporations’ power over user data. Despite the obsolescence of the idea of building systems to detect and prevent cyber intrusions, this is still a topic of interest. This paper proposes a novel conceptual approach for implementing decentralised collaborative intrusion detection networks (CIDN) through a proof-of-concept. The study employs an analytical and comparative methodology, examining the synergy between cutting-edge Web3 technologies and information security. The proposed model incorporates blockchain concepts, cyber non-fungible token (cyberNFT) rewards, machine learning algorithms, and publish/subscribe architectures. Finally, the paper discusses the strengths and limitations of the proposed system, offering insights into the potential of decentralised cybersecurity models.
Keywords: decentralisation; blockchain; Web3; intrusion detection; machine learning; non-fungible token; NFT; cyber security; cyberNFT; publish-subcribe systems.

Abstract

Exchange of information through the web took place inside a trusted environment and thus user privacy was assured by default. Nowadays, ensuring user privacy is becoming one of the most desirable features of new technology, and Blockchain is not an exception. The Blockchain is a decentralized technology, open, and public platform where all transactions are stored and viewed
from nodes, an approach known as “Web of Trust.” Although these transactions tend to be anonymous but in the case of the banking sector, user privacy requires special attention. In centralized systems, the implementation of privacy is no longer a challenge, using a hierarchical approach such as Public Key Infrastructure. This paper presents a broad landscape and state of art of user transaction privacy in Blockchain technology using the Web of Trust approach. Furthermore, we present a novel approach using the Public Key Infrastructure for assuring user privacy adding an optionally encrypted field in blocks in transactions. We have used Bithomp, as a free and opensource tool with the Testnet platform, and Ripple as the best known in the implementation of the payment system to implement the proposed approach. The paper concludes with the strengths and limitations of the proposed approach.

Abstract

Today’s web represents the most extensive engineered system ever created by humankind. Web security is critical to web application providers and end-users. Burp Suite is established as a state-of-the-art and fully featured set of tools for web vulnerability scanners. This paper presents a novel approach using state of the art Machine Learning algorithms applied to
the Burp Suite extension. These algorithms were used to scan for: SQL injection, Cross-Site Request Forgery, and XML External Entity vulnerabilities in university web applications. The results show that the best algorithm is Long Short-Term Memory and that the targeted website is safe to use.

Abstract

The OAuth 2.0 authorization framework is one of the most commonly used authorization frameworks. In its specification many implementation details are loosely defined, including the relationship between resource servers and authorization servers. This paper presents an approach for establishing trust between servers by using the authorization server as a broker, and examines an implementation for secure exchange of scholarship information between parties. To specify access rights, claims such as roles and capabilities are assigned to resource servers. These claims are asserted by the authorization server in form of access tokens. Instead of relying on shared databases, the issued access tokens are used to exchange messages between resource servers. This approach is useful in scenarios where applications have no shared infrastructure or are implemented by different parties.

Keywords

Authorization, OAuth, Trust, Security

Abstract

Digitalization of public services has already changed the way how we interact with government. The electronic signature, based on public key cryptography, has strengthened the trust towards this transformation. With the recent appearance of the electronic seal, this digital transformation is complete. The new European Union regulation for electronic Identification, Authentication and trust Services (eIDAS) has repealed the old directive and provides a regulatory environment. In the meantime, a novel technology based in cryptography rose as an alternative to fulfill these objectives – the blockchain. This paper, analyses the properties of the electronic seal, based on eIDAS regulation, with and without blockchain technology. The developed application uses local X.509 digital certificates and the MultiChain platform for the creation and deployment of private blockchains. At the end of the paper an overview of this comparison is provided, using different documents, pointing out the pros and cons of each technology.

Keywords

Digital signature, electronic seal, eIDAS, blockchain, cryptography

Abstract

Recently crowdsourcing is being established as the new platform for capturing ideas from multiple users, i.e., the crowd. Many companies have already shifted their approach towards utilising the power of the crowd. Transparency and quality of election process is the main factor for acknowledging the general election results. Voters, crowd feedback can be utilised to maintain a desired election process transparency and quality. This paper presents an efficient solution using crowdsourcing techniques for increasing transparency and the quality of election processes through a simple feedback web form in polling stations. These polling stations are securely connected to central election commission monitoring room, where the overall transparency and quality in national scale can be monitored. The survey conducted with more than 600 respondents shows that this approach will be acceptable from citizens and will increase the overall transparency, quality, and acceptance of election results.

Keywords

crowdsourcing, crowd voting, privacy, security

Abstract

Information technology (IT) systems have great potential to improve the efficiency and methods of operation in each government organization, providing added convenience and flexibility. Currently, most of government law enforcement agencies have digitized their methods of work by advancing their user services. With this new approach, have come new threats, therefore, it is necessary to develop and implement standard policies to enhance information security and privacy on all classified information systems. In this paper a novel solution is presented for protection of information up to the record level encryption by applying the Advanced Encryption Standard (AES) algorithm using derived symmetric master key. The master key is unique per each record and is calculated in the client application. The uniqueness of the derived master key is assured by applying the exclusive or operation of the key of each record and the unique key of the client. Furthermore, this paper includes a critical approach on existing cryptographic methods and proposes additional methods to protect information, such us authentication, access control, and audit.

Keywords

Information security, Privacy, Encryption, Decryption, Access control, Audit

Abstract

Applications that requires true random number generator (TRNG), which uses raw analog data generated from any noise source in nature, must convert the source normal distribution to uniform distribution. Many up to date implementations convert the raw analog data into digital data by employing a comparator or a Schmitt trigger. This method wastes a large amount of random input data, lowering the throughput of the TRNG. In new national electronic identity card (eID) beyond the true identity of his bearer and to address the increasing concern of user privacy while doing business in Internet an additional pseudo profile is set. This pseudo profile uses 20-byte random value generated by database server, using a script during personalization process. In this paper, we present a novel algorithm that enables efficient distribution conversion in low power devices. The low memory requirements and efficient processing make it suitable for implementation low power cryptographic devices but also in complex personalization systems. Furthermore, we compare the random data generated by our efficient TRNG vs. those generated by database server.

Keywords

eID, privacy, security, random, TRNG

Abstract

Teachers’ contribution in the process of improving the contemporary school performance is manifold and permanent. This study elaborates the contribution of the Kosovan teachers towards the improvement of the  quality of work in primary and lower secondary school. Data were collected from 1080 teachers working in schools located in different areas in Kosovo. The data processing was done through the descriptive statistics method with the aim of extracting the characteristics of the data (average  standard deviation) and the inferential statistics method in the function of the validity scale of assumptions that result from the data. The research results indicate that today, the Kosovan teachers enjoy more opportunities to influence the policies for the functionalisation and improvement of the work at school, whereas teachers with a higher level of education are more sceptical concerning the issues of influencing the policies of functionalisation and improvement of the work at school.

Keywords

reform; Kosovo; teacher commitment; school performance; school improvement; decision-making.

Abstract

Personal mobile devices currently have access to a significant portion of their user’s private sensitive data and are increasingly used for processing mobile payments. Consequently, securing access to these mobile devices is a requirement for securing access to the sensitive data and potentially costly services. Face authentication is one of the promising biometrics-based user authentication mechanisms that has been widely available in this era of mobile computing. With a built-in camera capability on smartphones, tablets, and laptops, face authentication provides an attractive alternative of legacy passwords for its memory-less authentication process, which is so sophisticated that it can unlock the device faster than a fingerprint. Nevertheless, face authentication in the context of smartphones has proven to be vulnerable to attacks. In most current implementations, a sufficiently high-resolution face image displayed on another mobile device will be enough to circumvent security measures and bypass the authentication process. In order to prevent such bypass attacks, gesture recognition together with location is proposed to be additionally modeled. Gestures provide a faster and more convenient method of authentication compared to a complex password. The focus of this paper is to build a secure authentication system with face, location and gesture recognition as components. User gestures and location data are a sequence of time series; therefore, in this paper we propose to use unsupervised learning in the long short-term memory recurrent neural network to actively learn to recognize, group and discriminate user gestures and location. Moreover, a clustering-based technique is also implemented for recognizing gestures and location.

Keywords

authentication; face; smartphones; gestures; location; LSTM; neural network

Abstract

In the beginning of Bologna’s process and creation of European Higher Education Area (EHEA), great importance has been to the transparency, increase of quality and concurrency between institutions of higher education. Nowadays, hot topic in higher education institutions in Europe are real-time learning outcomes, they are analyzed, projected and are evaluated today in all Europe and abroad. Traditional models and methods of success expression in learning and the degree of qualification is substituted with modern online systems. This paper proposes best practices for competence based teaching in higher education by using eCompetence software. The way these competences are organized, activities which are related to these competences and course contents which will help us to continuously evaluate students and prepare them for the labor market. Our results suggest that by implementing competence based teaching system in university evaluation and competence gaining would be more productive and would better prepare students for labor market. Consequently, this paper draws attention on provision of implementation of such a system in higher education by providing competence matrix, a competence software, and evaluation process.

Keywords

Competence, E-learning, Evaluation, Competence Management System

Abstract

Energy and spectral efficiency are the main challenges in 5th generation of mobile cellular networks. In this paper, we propose an optimization algorithm
to optimize the energy efficiency by maximizing the spectral efficiency. Our simulation results show a significant increase in terms of spectral efficiency as well as energy efficiency whenever the mobile user is connected to a low power indoor base station. By applying the proposed algorithm, we show the network performance improvements up to 9 bit/s/Hz in spectral efficiency and 20 Gbit/Joule increase in energy efficiency for the mobile user served by the indoor base station rather than by the outdoor base station.

Keywords

Energy efficiency, 5G, radio resources, power allocation, optimization convexity

Abstract

Today, we are witnessing increased demand for more speed and capacity in the Internet, and more processing power and storage in every end user device. Demand for greater performance is present in every system. Electronic devices and their hosted applications need to be fast, but not to lose their main security features. Authentication and encryption are the main processes in the security aspect, and are required for a secure communication. These processes can be executed in different devices, among them PCs, microprocessors, microcontrollers, biometric cards or mobile devices. Biometric identity cards are becoming increasingly popular, challenging traditional PC devices. This paper compares two processing systems, the efficiency of encryption and signatures on the data executed in national identity biometric card versus PC, known also as the match-on-card versus the match-off-card. It considers how different parameters impact the process and the role they play on the overall process. The results, executed with a predefined set of test vectors, determine which processing system to use in a certain situation. Final conclusions and recommendations are given taking into consideration the efficiency and security of the data.

Keywords

cryptography; digital signature; match-on-card; match-off-card; eID biometric card

Abstract

The mobile networks use femtocells as low power nodes to improve indoor coverage and thus achieve a high network capacity. In this paper, we focus on a combination of macrocells and femtocells in Long Term Evolution (LTE) networks. To achieve a high LTE network performance, we investigate the influence of power allocated to Evolved NodeB (eNodeBs) and Home Evolved NodeB (HeNodeBs) respectively. Using the Round Robin scheduling, while decreasing the eNodeBs transmit power and increasing the HeNodeBs transmit power, improve the user’s throughput significantly. We further demonstrate, by simulations, that applying other scheduling algorithms under the low eNodeBs transmit power and high eNodeBs, results in a significantly increased performance of LTE network.

Keywords

Scheduling, transmit power, HetNet, LTE, resource block

Abstract

Quality of election process is a main factor for acknowledging the general election results. In this sense a feedback from voters is critical to maintain a desired process quality. Crowdsourcing is establishing as standard platform to capture feedback and new ideas from the participating stakeholders. This paper presents an efficient solution using crowdsourcing techniques for improving the quality of election processes through a simple feedback web form in polling stations. These polling stations are securely connected to Central Election Commission monitoring room, where the overall quality in national scale can be monitored. The survey conducted with more 600 respondents shows that this approach will be acceptable from citizens and will improve the total quality and acceptance of election results.

Keywords

Crowdsourcing; crowd voting; privacy; security;

Abstract

Authentication and privacy are central issues for acceptance of any e-Voting system in particular and growth of e-Services in general. This paper aims to: (i) to analyze the appropriate architecture and propose new efficient architecture of electronic voting system in Kosovo, and (ii) to analyze the threat vectors and their avoidance in such system. The novelty of implemented solution is based on using dynamic queue list generated based on voters arrivals and identification at the polling station. The proposed architecture enables citizens to cast their vote in any polling station, in opposite to paper form voting where citizen is linked to his predefined polling station. The national election commission configures the smart card, as part of electronic voting infrastructure, to allow decryption of number of records that matches the number of voters in final country wide voting list. The communication between polling stations and central server is encrypted with server’s public key stored in digital certificate and every casted vote is digitally signed by ballot box private key. The developed model is used to compare the costs and efficiency of e-Voting against the traditional paper based voting system in Kosovo.

Keywords

Digital Signature, Privacy, Security, Smart Cards, e-Voting, X.509 Digital Certificates

Abstract

In this paper is presented a novel approach for fulfilling the data security criteria in a Student Lifecycle Management System at the University of Prishtina. The four main criteria of data security such as: privacy, authentication, integrity and non-repudiation are fulfilled through carefully selected security policies. Student data privacy is achieved using the Secure Socket Layer protocol for web communication with web server. Each user, being student, academic or administrative staff is provided with unique user name and initial password in the Student Lifecycle Management System. Data integrity and non-repudiation are fulfilled using digital signatures. The novelty of implemented solution is based on extending the subject name in X.509 digital certificates and using this certificate for securing student grades, which is in full compliance with the Kosovo Law on Information Society. Public Key Infrastructure and X.509 digital certificates have been established as the most trustworthy methods for assuring data security criteria in modern software applications. Security policy enforces that digital certificate and its associated private key shall be stored in a smart card. Access to private key stored in a smart card is protected by Personal Identification Number, known only by smart card holder. This implementation was installed at the Faculty of Electrical and Computer Engineering and has successfully passed a six semester testing period and students were, for the first time in the history of the University of Prishtina, able to apply online to take an exam.

Keywords

Digital Signature, Privacy, Security, Smart Cards, X.509 Digital Certificates