Book Chapters
-
K. R. Namuduri and S. Kadiyala, “Design, Implementation and Management of Secure Biometric Systems”, Readings and Case Studies in the Management of Information Security, Editors. Michael E. Whitman and Herbert J. Mattord, 2005.
Abstract: Biometric systems are increasingly being considered as better fool-proof methods of ensuring security in several areas ranging from national security to credit card processing as opposed to traditional methods such as alphanumeric passwords and personal identification numbers (PINS) [1]. Biometrics includes physical characteristics such as a fingerprint, hand geometry, voice, face, retina, and iris. Jain, Ross and Prabhakar [2] noted that a biometric characteristic is a human physiological and/or behavioral characteristic that satisfies the requirements of universality, distinctiveness, permanence, and collectability. -
P. Kahai, M. Srinivasan, K. R. Namuduri, and R. Pendse, “Forensic Profiling System”, in Springer-Verlog Lecture Notes, 2005.
Abstract:Incidents related to hacking and network intrusion are on the increase. Most organizations safeguard themselves against cyber attacks by employing security methods such as encryption technologies, network monitoring tools, deploying firewalls and intrusion detection and response mechanisms. Even though prevention mechanisms are in place the vulnerabilities associated with any computer network or security tool can be exploited by hackers to generate attacks. A major drawback in apprehending cyber criminals is lack of efficient attribution mechanisms. This paper proposes a forensic profiling system which accommodates real-time evidence collection as a network feature to address the difficulties involved in collecting evidence against cyber attackers. -
P. Kahai, K. R. Namuduri, and R. Pendse, “Tracing Cyber Crimes with a Privacy-Enabled Forensic Profiling System”, in "Digital Crime and Forensic Science in CyberSpace", Idea Group Publishing, 2006.
Abstract: Security incidents that threaten the normal functioning of the organization are on the rise. In order to resist network attacks most organizations employ security measures. However, there are two sides of the problem at hand. First, it is important to secure the networks against new vulnerabilities. Second, collection of evidence without intruding on the privacy, in the event of an attack is also necessary. The lack of robust attribution mechanism precludes the apprehension of cyber criminals. The implementation of security features and forensic analysis should be such that privacy is preserved. We propose a forensic profiling system which accommodates real-time evidence collection as a network feature and uses a mechanism to keep the privacy intact.
4. R. Norville and K. R. Namuduri, “Zero-Knowledge Proofs for Node Authentication”, in "Web Services Security and E-Business", Idea Group Publishing, 2006.
Abstract: ZKP based authentication protocols provide a smart way to prove an identity of a node without giving away any information about the secret of that identity. There are many advantages to using this protocol over other authentication schemes as well as challenges to overcome in order to make it practical for general use. This paper examines the viability of ZKPs for use in authentication protocols in ad hoc networks. It is concluded that nodes in ad-hoc network can achieve a desired level of security by trading off key size, interactivity, and other parameters of the authentication protocol. This paper provides data analysis which can be useful in determining expected authentication times based on device capabilities. Pseudo-code is provided for implementing a graph based ZKP on small or limited processing devices.