Arnob Paul, Md. Hasanul Islam, Md. Shohrab Hossain , and Husnu S. Narman, ”A novel zone walking protection for secure DNS Server”, Wireless Telecommunications Symposium (WTS), Washington, DC,USA, April 22-24, 2020. [PDF][Presentation] (under review)

Keywords: DNS, DNSSEC, Zone walking, Low profiling

Zone walking attack is to get all existing domain information from a secured DNS server. NSEC3 protocol was proposed to defend against zone walking attack in a secured DNS server, although NSEC3 uses more CPU time. In this paper, we have proposed two novel solutions to defend against the zone walking attack by addressing the efficiency issue of secure DNS protocol. We have simulated our proposed solution and analyzed it with different scenarios of the secure DNS server and attackers. The result of our experiment shows that our proposed solution Low Profiling can be effective against zone walking attack for up to certain server-side and client-side parameters. Our work can help researchers to understand how a new approach in the DNSSEC server can defend against zone walking attack.

Md. Shohrab Hossain, Arnob Paul, Md. Hasanul Islam, and Mohammed Atiquzzaman, ”Survey of the Protection Mechanisms to the SSL-based Session Hijacking Attacks” Journal of Network Protocols and Algorithms, Vol. 10, No. 1, pp. 83-108, Mar 2018. [DOI]

Keywords: Session hijacking, SSL stripping, Man-in-the-middle attack, HTTPS.

Web communications between the server and the client are being used extensively. However,session hijacking has become a critical problem for most of the client-server communications. Among different session hijacking attacks, SSL stripping is the most dangerous attack. There are a number of measures proposed to prevent SSL tripping-based session hijacking attacks. However, existing surveys did not summarize all the preventive measures in a comprehensive manner (without much illustration and categorization). The objective of this paper is to provide a comprehensive survey of existing measures against SSL stripping-based session hijacking attacks and compare those measures. In this paper, we have classified all the existing preventive measures for SSL stripping-based session hijacking attacks into two main categories: client-side measures and server-side measures. We have illustrated the proposed solutions comprehensively with useful diagrams for clarification. We have also compared them based on different performance criteria. This paper will help web security researchers to have a comparative analysis of all solutions for the SSL stripping based attacks, thereby improving existing solutions to better protect the users from session hijacking attacks.

T. R. Toha, A. Md. Ishmam, M. H. Islam, M. A. A. Maruf, S. S. Nandi, A. Chakraborty, S. Estyak, Md.A. A. Alamin, and A. B. M. A. A. Islam, "An Approach Towards Greening The Digital Display System", InProceedings of the 4th 2017 International Conference on Networking, Systems and Security (4th NSysS2017), IEEE, Dhaka, Bangladesh, 2017.

[IEEE Explore][Presentation]

Keywords: Light emitting diodes, Power demand, Lighting, Energy consumption, Multichip modules, Microcontrollers, Pins

Signage display, which is used to convey message or information, has evolved from conventional to digital display. Conventional signage which may be hand written or printed papers are being wiped out by digital displays used by industries because of its attractive features of efficient involvement of consumers. However, extensive use of digital signage displays contributes a notable amount of power consumption (about 1000W for a 14inch × 48inch display) of a region. In this literature, we have devised a novel approach for reducing power consumption of digital signage as well as satisfying human visibility by exploiting duty cycle. Our proposed technique is capable of relinquishing a significant amount (about 14.54% in comparison with existing display system) of power consumption occurred by digital display by keeping an eye on expected human vision.