انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 7 2 2019 3 1 Fundamental Issues in Criminalization of Virtal Cybercrime 14 3 FA afsaneh zamani Fars afsaneh.s.zamani@gmail.com Y amin pazhouhesh malekashtar university of technolohy N This paper tries to investigate the question of how virtual cybercrimes fall within the realm of criminal law and what their principles and conditions of criminalization are. Despite the large number of Internet users in virtual worlds, such as "Second Life", there has been limited literature and research especially on the extent and scope of the issue, the identity of the perpetrators and victims, as well as the consequences of cybercrimes. The present study is an applied and qualitative research and according to data collection, it is a library research (meta-analysis secondary studies) on the basis of internal and external online resources. The article provides necessary and sufficient conditions to include virtual cybercrime in a subset of criminal law by using philosophical ontology as well as philosophy of law. It is concluded that necessary condition for virtual-cyber acts as a crime to be placed under law to obtain a Meta-Virtual outcome. The sufficient condition is that the outcome of this entity, justifies interference with the freedom of citizens to use the criminal law on the basis of a principle limiting freedom of Feinberg. Virtal Cybercrime, Criminalization http://monadi.isc.org.ir/article-1-105-en.html http://monadi.isc.org.ir/article-1-105-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 7 2 2019 3 1 IEC 60870-5-104 Protocol Security Challenges and Countermeasures Identification 30 15 FA Mohammad mehdi Ahmadian amirkabir university of technology mm.Ahmadian@aut.ac.ir N Mehdi Shajari amirkabir university of technology mshajari@aut.ac.ir Y Industrial control systems (ICSs) which are used in critical infrastructure and other industries mostly use various communication protocols. Most of these communication protocols have various cyber security challenges and weakness that give the attackers the opportunity to gain to their malicious intentions. In this paper, we assess IEC 60870-5-104 protocols from security perspective which is used in the ICSs as telemetry communication. According to achievement of these goals, we have analyzed the IEC 60870-5-104 design phase carefully and used experimental test bed to identify the security threats and vulnerabilities and characterize the technical attacks. Finally we review the design of hardening mechanisms and their challenges.   Secutiy Vulnerability, Secutiy Threat, Industrial Control System Protocol, IEC 60870-5-104, SCADA http://monadi.isc.org.ir/article-1-123-en.html http://monadi.isc.org.ir/article-1-123-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 7 2 2019 3 1 Investigating Methods of Kleptography 40 31 FA Hadi Soleimany h_soleimany@sbu.ac.ir Y Farokh Lagha Moazemi f_moazemi@sbu.ac.ir N Due to the fast development in information and communication technology, new challenging problems appear in the security. So, it is important and vital that the scientific society of our country focuses on research and studies these problems and by providing new proposal try to respond to these critical needs of our country. Hence, our aim in this paper is to study and highlight one of the important problems of applied cryptography that appear recently in cryptography society but in our country, there is not much research about it. In this paper, we investigate a special and applied category of a backdoor in cryptography systems which is named Kleptography. In this paper, in addition to the investigation of the kleptographic attack, we study its application. Our purpose in this paper is to shed some new light on the kleptographic attack by studying new concepts that recently have appeared about it. Kleptography, malicious cryptography, backdoor http://monadi.isc.org.ir/article-1-126-en.html http://monadi.isc.org.ir/article-1-126-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 7 2 2019 3 1 Survey the Security Function of Integration of vehicular ad hoc Networks with Software-defiend Networks 54 41 FA Mozhgan ghasabi mozhgan.ghasabi@srbiau.ac.ir N Mahmood Deypir University mdeypir@ssau.ac.ir Y In recent years, Vehicular Ad Hoc Networks (VANETs) have emerged as one of the most active areas in the field of technology to provide a wide range of services, including road safety, passenger's safety, amusement facilities for passengers and emergency facilities. Due to the lack of flexibility, complexity and high dynamic network topology, the development and management of current Vehicular Ad Hoc Networks faces many challenges. To simplify network management of the current networks, the architecture of the software defined networks is introduced, which this architecture reduces the complexity of the networks by decoupled the control plane from the data plane. Software defined networks with flexibility and programmable capabilities can help the performance and management requirements for VANETs. In this paper, we focus on the possibility of using software defined networks in a Vehicular ad hoc network environment. First the architecture of VANET based on software defined networks and its operational mode is examined, then the benefits and services which are described by this architecture are presented.  Finally, some of the potential challenges in the architecture of Software defined vehicular ad hoc networks are expressed. Vehicular ad hoc Networks, Software defined Networks, Software defined vehicular ad hoc networks, Wireless Networks http://monadi.isc.org.ir/article-1-144-en.html http://monadi.isc.org.ir/article-1-144-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 7 2 2019 3 1 Overview of Intrusion Detection Techniques in Database 62 55 FA javad moradi Imam Hussein University of Technology jmoradi@ihu.ac.ir Y majid ghayoori sales Imam Hussein University of Technology ghayoori@ihu.ac.ir N Data is one of the most valuable assets in today's world and is used in the everyday life of every person and organization. This data stores in a database in order to restore and maintain its efficiently. Since there is a database that can be exploited by SQL injection attacks, internal threats, and unknown threats, there are always concerns about the loss or alteration of data by unauthorized people. To overcome these concerns, there are several security layers between the user and the data in the network layer, host, and database. For instance, security mechanisms, including firewall, data encryption, intrusion detection systems, etc., are used to prevent infiltration. Database Intrusion Detection System uses a variety of data mining techniques to detect abnormalities and detect malicious and intrusive activities. In this paper, a category of intrusion detection techniques is presented first in the database, and a review of the general algorithms for intrusion detection in databases is demonstrated. Since signature-based methods are elder and less complex and less diverse, the main focus of this paper is on behavioral methods. Database security, database intrusion detection, database attacks http://monadi.isc.org.ir/article-1-125-en.html http://monadi.isc.org.ir/article-1-125-en.pdf

انجمن رمز ایران Biannual Journal Monadi for Cyberspace Security (AFTA) 2476-3047 2476-3047 7 2 2019 3 1 A Performance Survey of Meta-Heuristic And Brute-Force Search Algorithms to Cryptanalysis The SDES Encryption Algorithm 72 63 FA Meysam Moradi Department Of Computer Engineering, College Of Computer, Hamedan Science And Research Branch, Islamic Azad University, Hamedan, Iran en.m.morad.co@gmail.com Y Mahdi Abbasi Department Of Computer Engineering, Engineering Faculty, Bu-Ali Sina University, Hamedan, Iran abbasi@basu.ac.ir N For many years, cryptanalysis has been considered as an attractive topic in jeopardizing the security and resistance of an encryption algorithm. The SDES encryption algorithm is a symmetric cryptography algorithm that performs a cryptographic operation using a crypt key. In the world of encryption, there are many search algorithms to cryptanalysis. In these researches, brute force attack algorithm has been used as a complete search algorithm, genetic algorithm as an evolutionary intelligence algorithm, and standard particle swarm as an optimization a swarm intelligence as algorithm. Along with these algorithms, a genetic algorithm has been also introduced by adjusting and designing the parameters and design algorithms has been introduced to discover of crypt key. There are attempts to evaluate the performance of different algorithms for cryptanalysis of the SDES encryption algorithm. Cryptanalysis, Simplified-Data Encryption Standard(S-DES), Brute-Force Attack Search Algorithm, Standard Particle Swarm Optimization Algorithm, Genetic Algorithm, Encryption Key http://monadi.isc.org.ir/article-1-116-en.html http://monadi.isc.org.ir/article-1-116-en.pdf