نشریه منادی امنیت فضای تولید و تبادل اطلاعات (افتا)
سال هفتم شماره 1 (پیاپی 13، بهار و تابستان 1397)

Block cipher attacks have found new aspects, due to the advancement of the technology and the development of the software and hardware tools. In many cases, the attackers try to use the weaknesses of the block ciphers implementation, instead of the theoretical cryptanalyses. Increasing the attacker’s accessibility to the details of the block ciphers implementation will increase the chance of success of his attacks. Hence, it is important to design secure block cipher schemes, those are unbreakable whether the attackers have access to the details of the implementation or not. In this paper, first we will introduce the different models of the block ciphers implementation, then we will explain the fundamental concepts of the white-box cryptography, and why it is useful. Later we will discuss several white-box schemes.

The growth of data production in the world brings with it capacities and requirements. On the one hand, the storage of generated data provides the possibility of reuse and analysis on the data that leads to the production of data science. On the other hand, large amounts of data require storage space and the ability to search over them. Cloud computing is a technological and operational model that addresses the storage and computing limitations of data storage and utilization. As well as searchable encryption as a cloud-based, highly used, technique, in addition to maintaining data security, it can search over them. In this paper, the searchable encryption methods and the limitations and capabilities of each one are examined. At the end, there are some explanations on how to use searchable encryption in medical data.

With growing expanding usage of computer systems in safety-critical applications, the use of safety and reliability improvements in early design and production phases has become important. Because the bug occurrence or incidence of failure in these critical systems not only costs a lot to make the manufacturer imposes but can humans and property as well as the environment. In this article the four raised the standard C++ programming called the MISRA C++، JSF AV C++، HI C++،ESCR C++ is Has been examined. That will be able to benchmark safety in the codes posted in code, design stage. Hence in this article, initially the amount of overlap of these standards in order to find the most comprehensive assessment standard & Continue to the extent of the richness of the standards of the six for reliability, maintenance, readability, testability, performance and safety test Has been paid. At the end of the tools that the ability to checkout these standards during production are examined.

The purpose of the present article is studying continuation of the cycle of cybercrime and providing strategies for its prevention management. Cybercrime is a range that one side relies on technology and the other side, relies on interpersonal relationships. The aim of the present study, functional and in terms of type, quality and according to the method of data collection, library and study based on internal and external online resources. Paper reviews the literature and concludes the interval between supply technology and related crime and criminal laws do not fit and often the possibility of transferring experience to the field of cybercrime is not possible. However, due to the widespread nature of the phenomenon, appropriate, dynamic and agile legal framework is an urgent need for investigation and prosecution. This research has some preventive strategies such as threat assessment and strategic analyzes, development of cooperation between national, regional and international levels, and to increase awareness and educate points.

The widespread use of information and communication technology in industrial control systems has exposed many cyber attacks to these systems. The first step in providing security solutions is to recognize the threats and vulnerabilities of a system at first. Therefore, in this work, after providing a general overview of the SCADA security, we provide a survey on actual cyber attacks from 2000 up to now. To be able to assess the risk of these attacks, we perform profiling them based on the target systems of the attack, the geographical area of it, the method used in the attack and its impact. This profiling provides a clear view of the most important security incidents in SCADA systems and could be useful in the defining suitable strategies for preventing and defending against the major SCADA security attacks.

Malware writers leverage several techniques for thwarting the detection method of antimalware software. An effective technique is applying obfuscation techniques to make metamorphic malware. Metamorphism modifies the code structure in a way that while retaining the behavior, the pattern and structure of the code is changed. Recently, researchers have proposed a new method for metamorphic malware detection that works based on static analysis of malware code. However, some obfuscation techniques exist that when applied, the efficacy of static analyzes is adversely affected. To overcome this issue, in this paper, we apply a dynamic analysis in addition to static analysis. The new method elicits some information from both static and dynamic analyzes, combines them, and uses the resultant information to learn a classifier. The obtained classifier is then used to detect a new instance of an existing family of metamorphic malwares. In fact, the combination of both static and dynamic information is intended to address the weaknesses of each individual analysis and leads to an overall better effectiveness. In order to evaluate the proposed method, experiments on 450 files including benign files and 5 families of metamorphic malwares, namely MPCGEN, G2, VLC, NGVCK, and MWOR, have been conducted. The experiments were performed in three cases: static analysis, dynamic analysis, and the combination of both. The results of comparison among three cases show that metamorphic malware detection is not reached to 100 percent precision via either static or dynamic analysis individually. However, using the combination of both static and dynamic information could have consistently led to detection with 100 percent precision, which have been measured using ROC metric.