Prof. (Dr.) Himanshu Gupta
@auup.amity.edu
Professor
Amity University (HQ)
RESEARCH, TEACHING, or OTHER INTERESTS
Engineering, Computer Engineering, Computer Science, Computer Science Applications
Scopus Publications
Scopus Publications
Prateek Dang and Himanshu Gupta
Springer Nature Singapore
Razdan Sanjay, Gupta Himanshu, and Seth Ashish
Totem Publisher, Inc.
Grace Odette Boussi, Himanshu Gupta, Syed Akhter Hossain, and Fila Rudy J. J
IEEE
Cybersecurity has been a trending topic for years now, different propositions, studies, and work have been suggested in various forms by other authors all over the world, but the impact of crime is still around us. In the present area, we cannot say that data is safe when it is hidden from an unauthorized person, but it is safe when the intruder cannot understand it, hence encryption is the suitable solution at the moment. Encryption is one of the techniques that we use to protect our data from unauthorized persons. In this technique, we do not stop the unauthorized person from accessing our information, but we made our data appear in an incomprehensive form to the intruder, only the person with the correct key can decrypt the encrypted message. Many encryption techniques are available, and the commonly used and modern ones are RSA, AES, and HAS, each of them is suitable for different scenarios and are all helpful for cyber security. In this paper, we will propose a framework that provides an additional layer of security for any sensitive information in general and those in the banking sector.
Sanjay Razdan, Himanshu Gupta and A. Seth
Totem Publisher, Inc.
Sanjay Razdan, Himanshu Gupta, and Ashish Seth
IEEE
Intrusion Detection Systems are used in cloud as well as in on-premises networks for detecting the intrusions. For an Intrusion Detection System, it can be computationally expensive and time consuming to process a high dimensional data to detect intrusions. Various filter as well as wrapper methods are used to select the most relevant features from the feature space for the classification. Thus, feature selection methods help to eliminate those features which do not have or have less predictive information. By using feature selection methods, we can make an Intrusion Detection System more efficient. In this paper we have selected and used four feature selection methods on NSL-KDD dataset. The reduced feature set is then used to classify the test data using Support Vector Machine. The significant outcome of this paper is the most efficient feature selection method among those discussed in this paper.
Sanjay Razdan, Himanshu Gupta, and Ashish Seth
IEEE
Cloud computing has enabled organizations to get rid of the infrastructural cost and increase the service availability. However, the risks associated with the openness and resource sharing of the cloud presents serious security challenges. Intrusion Detection System acts as a monitoring and alerting system against the security breaches. However, such a system needs to be efficient and generate least false alarms. This paper reviews the Intrusion Detection Systems proposed during the year 2015-2020 and evaluates their performance based on Accuracy, Detection Rate and False Positive Rate. This work also highlights the average performance of Intrusion Detection Systems during the period of study and method that resulted in best performance.
Sanjay Razdan, Himanshu Gupta, and Ashish Seth
IEEE
Any malicious activity on the network needs to be detected immediately to protect the user data. This helps to ensure Confidentiality, Availability, and Integrity. Machine learning algorithms are efficient tools that can be used in anomaly detection techniques to detect attacks against network. Decision Trees and Naive Bayes algorithms are the two important algorithms that can detect zero-day attacks with a great precision. While both are used for same purpose, these algorithms may produce different detection performance results on same set of data. This paper evaluates the Intrusion detection performance of these two algorithms on CIDDS-02 data set using various parameters of interest.
Aman Bhatt and Himanshu Gupta
IEEE
Cyber security plays a very important and huge role in the area of information technology and now the IT sector are growing rapidly cyber security become a complicated and fast-moving security challenge in period of information technology. Cyber security use to prevent cybercrime many governments and companies are more concern about their data. And securing a data become a major concern and challenge for many big organisations. And a lot of smart things have come to market like e-health, online banking which make our life a lot easier but with this type of application cyber security is also important. This paper mainly focused on new cyber security technique, trends and focus in application area in cyber security [1-6].
Shubham Gupta, Isha, Anando Bhattacharya, and Himanshu Gupta
IEEE
The primary objective of this research is to analyze the various types of social engineering attacks on cryptographic algorithm, the modus operandi of attackers, the damage that can be done, preventing measures, how to recover in the aftermath of such attacks and perhaps a new model of prevention against such attacks. The methodology for the analysis used in this research will be a case study method of research, done by thorough scrutiny of secondary data and the methodology used in the development of a new security model will be combination of various security algorithms to bring forth a new hybrid security model. The purpose of this study is to give an understanding regarding the matter of Social Engineering and to clarify how it may be utilized to damage a networks framework or/and trade off information and suggest a suitable model.
Suraj Vaishy and Himanshu Gupta
IEEE
The increasing growth associate degreed diversification within the methods and practices of lawbreaking has become a troublesome obstacle so as each to grasp the extent of embedded risks and to outline economic policies of bar for corporations, establishments and agencies. This study represents the foremost comprehensive review of the origin, typologies and developments of law-breaking development over the past decade therefore far. By means that of this e- laborate study, this paper tackles the difficulty initial describing and discussing former totally different criteria of classification in the field and secondly, providing a broad list of definitions and an analysis of the cybercrime practices. An abstract taxonomy of law-breaking is introduced and described. The proposal of a classification criterion is employed in con- junction with a cybercrime hierarchy derived from the degrees and scale of vulnerability and targets
Neeraj Kaushik, Mohammad Yawer Qadri, and Himanshu Gupta
IEEE
Security of the data is the utmost important in today's world scenario. To achieve completeprivacy of the data stored on various electronic devices like laptops, computers, external hard disk, USB drives etc. data storage encryption is needed to make the data more secure for any organization or any small offices. Encrypting the data provides a way out for the organization to keep a firm hold on their sensitive data or information. Intelligent devices like laptops and PC's are prone to security attacks resulting in the compromising the data. This problem can be solved by employing data encryption. Thought many encryption techniques are being used to make the data secure but a hybrid encryption algorithm should be used to make the data encryption more secure.
Khyati Kumar and Himanshu Gupta
IEEE
With the popularity of e-commerce websites, online transaction options have too gained prominence among customers. Ensuring security is still a major issue that professionals focus on. Though digital transactions enhance customer-merchant experience, there are various risks and challenges involved. Existing techniques such as Address Verification System (AVS), Card Verification Value (CVV), etc. help in verifying customer authenticity. From a customer's perspective, there are no authentication frameworks that will inform them about dishonest merchants. This paper suggests a system model that will use interactive modules to generate a Trust Factor (TF) which will help in detecting fraudulent merchant accounts at financial institutions. This financial technology will generate reports that can be used for analysis to understand the behavior of fraud activities in real time using sophisticated machine learning algorithms, thereby, mitigating merchant and transactional frauds.
Pranjal Srivastav and Himanshu Gupta
IEEE
Digital era has made work easy for all industries including marketing. With the introduction of digital marketing in the year 1990 the means of selling products and promoting businesses has completely changed, and it has seen a massive growth in recent years. In the current coronavirus pandemic situation, where interacting physically with people is not safe and people are becoming more active online on different social media platforms, digital marketing shows a ray of hope for businesses to flourish by increasing sales with lower expenses and safer means of transactions. This paper is focused on the role and applications of digital marketing to show its suitability for current situations. It starts with an introduction to digital marketing, its importance, processes involved, then it lists the steps of process involved and finally enumerates the security risks attached to it.
Anchit Agarwal, Himdweep Walia, and Himanshu Gupta
IEEE
Data privacy and encryption will still be top security priorities. Threat controls are countermeasures or safeguards used to reduce the chances that a threat will exploit a vulnerability as there is also a lack of understanding and a systematic model on which to base threat hunting operations and quantifying their effectiveness from the start of a threat hunt engagement to the end, as well as analytic rigour and completeness analysis. Threat hunting is a systematic method that aims to discover the location of attacker tactics, techniques, and procedures (TTP) in an area that has not yet been detected by current detection technologies. Using six stages: purpose, scope, equip, plan review, execute, and feedback, this research outlines a survey on this research.
Francis K. Mupila and Himanshu Gupta
Springer Singapore
Francis K. Mupila and Himanshu Gupta
Springer Singapore
Grace Odette Boussi and Himanshu Gupta
IEEE
The usage of the internet as part of our daily routine has brought many advantages and has also facilitated our lifestyle, the activities that required hours or days to be solved like sending a message to a far person has been reduced to a short time. The Internet has not only brought advantages to our community but also disadvantages, among the drawbacks of the internet we have cyber-crime activity. Cyber-crime activity is one of the biggest challenges that the world is facing. It is the concern of everyone as the main goal is to bring cybersecurity to reduce the number of losses that the crime generates across the globe. Cybercrime is happening every second anywhere, and it is causing much damage not only in terms of data or privacy breaches but financially also. Many countries are lacking an excellent policy to tackle cybercrime, and for that reason, the number of crimes is increasing day by day. As much as the number of crimes is increasing, likewise, the number of financial losses is also increasing. In this paper, we proposed a framework that will help us fight against cybercrime regardless of the place we are located by monitoring the activities done on our electronic devices.
K.Krithiga Lakshmi, Himanshu Gupta, and Jayanthi Ranjan
IEEE
In today’s world of digital economy, privacy of user’s personal data is at threat and even high security applications are found to have security breaches, leading to leak of users private, confidential and sensitive information in public domain. In addition, the absence of proper regulatory laws to protect privacy and security has facilitated no action against such identity thefts and has allowed escape of such criminals. But, now, with the introduction of European General Data Protection Regulation (GDPR) in European Union (EU) and European Economic area, it is mandatory to respect the rights and freedom of the data subject and to ensure protection and privacy of their data, failing which shall be penalized heavily. According to GDPR, anyone (a person or an organization) doing an economic activity (which includes all business house including financial institution like bank etc.,) with EU citizen must comply with it. As GDPR is in its initial stage, this paper discusses about the need for GDPR, its regulations, its stake holders, data subject rights, its impact on global economy and its benefits. The paper also discusses the challenges (by both organization as well as the mobile banking security app developer) to be met to become GDPR compliance ready.
Grace Odette Boussi and Himanshu Gupta
IEEE
Cyber-crime is not a recent crime as it began in the year 1820 and started catching people's attention by the year 2000. Due to the increase in cyber-crime, there is a huge demand for cyber-security, and organizations feel the need to protect themselves from any kind of attack, to keep their image and reputation clear and above all to protect users ' confidential information and sensitive data. People are losing a lot in terms of data, privacy as well as financial. In this paper, we will talk about credit/debit card fraud and see how multiple-factor authentication as a security measure can be helpful to reduce this crime.
Himanshu Gupta, Subhash Mondal, Rana Majumdar, Neha Sana Ghosh, Soumya Suvra Khan, Ngala Etienne Kwanyu, and Ved P Mishra
IEEE
Side channel attacks are such attacks that are being carried out on the application devices of a cryptosystem. A cryptosystem consists three algorithms as one for key generation, second for encryption and third for decryption purpose. Generally, the attacker tries to access sensitive data from the application part instead of using the brute force attack. Crucial information may be accessed through leaked data from software, hardware or protocol layers. Through monitoring the power flow or power consumption, timing information and electromagnetic radiation, we may extract the sensitive data from information technology devices to break the system is thus termed as side channel attack. The proposed countermeasures will enable the application device to generate cipher text at the same data rate and same power dissipation by the system. This paper will focus on types of side channel attack, vulnerabilities in side channels as well as its destructive effect and then will try to evaluate the proposed countermeasures.
Himanshu Gupta, Subhash Mondal, Biswajit Giri, Rana Majumdar, Neha Sana Ghosh, and Ved P Mishra
IEEE
In Secure Electronic Transactions most of them use static key word. They follow different approach to protect the transaction using technologies like 3D Secure, VeriSign, OTP (One-time password) and Session Key word. Every method has their positives and negatives. The proposed idea is to enhance the level of security for One Time Password by making it a two-way process and involving the user and the code sent two combine both and Authenticate the process. It develops much more security for the user.
Himanshu Gupta, Subhash Mondal, Srayan Ray, Biswajit Giri, Rana Majumdar, and Ved P Mishra
IEEE
In today’s world web applications have become an instant means for information broadcasting. At present, man has become so dependent on web applications that everything done through electronic means like e-banking, e-shopping, online payment of bills etc. Due to an unauthorized admittance might threat customer’s or user’s confidentiality, integrity and authority. SQL injection considered as most Spartan dangerous coercions to the databases of web applications. current scenario databases are highly susceptible to SQL Injection[4] . SQL Injection is one of the most popular and dangerous hacking or cracking technique . In this work authors projected a novel approach to mitigate SQL Injection Attacks in a database. We have illustrated a technique or method prevent SQLIA by incorporating a hybrid encryption in form of Advanced Encryption Standard (AES) and Elliptical Curve Cryptography (ECC) [5]. In this research paper integrated approach of encryption method is followed to prevent the databases of the web applications against SQL Injection Attack. Incidentally if an invader gains access to the database, then it can cause severe damage and ends up with retrieves data or information. So to prevent these type of attacks a combined approach is projected , Advanced Encryption Standard (AES) at login phase to prevent the unauthorized access to databases and on the other hand Elliptical Curve Cryptography (ECC) to encode the database so that without the key no one can access the database information [3]. This research paper illustrates the technique to prevent SQL Injection Attack.
Srijit Nair, Sunil Kumar Khatri, and Himanshu Gupta
IEEE
Factor such as Authentication, security, confidentiality & integrity are some of the most dominant Important factors required for online transaction. Online banking 24/7 availability and responsiveness has added this service into our day to day life due to location independence UPI mobile wallet. Digital financial transaction is under various threats like phishing, pharming, malware, Man-In-The-Middle (MITM) attack. Attacker would find under different attack ways to keep on attacking the digital transaction. Three factor authentications are a game changer. Security over the digital transaction continues to be a key focus area for monetary establishment. Firms must guarantee consistence strategies to meet the increasing regulatory law to safeguard the Digital transaction and save hard earned money and expressing the limitation for various authentication techniques. By using the three-factor authentication where we use a combination of three authentication techniques such as password certificate and biometric OR TOTP. We can secure the transaction from the inception to the end.
Anurag Yadav, Himanshu Gupta, and Sunil Kumar Khatri
IEEE
In today's world where everything is going towards wireless. The messages are also sent through this wireless platform. But as we all know with technology there also threats which comes alongside with it. So with wireless communication we also have a thread of someone can interfere with our communication, listen to our communication or damage our network. Attackers and unsocial elements are everywhere to cause damage to society so to overcome this kind of problem we have IDPS i.e Intrusion Detection and Prevention System. IDPS helps others to prevent interception to our network and makes wireless communication safe for us. The purpose behind this research is that the communication which takes place through the wireless system becomes more save and no intrusion takes place while passing of message and if any intrusion takes place it get notified then and there so the prevention can come in and prevent the communication from intrusion from the third party.
Sai Lahari Velagapudi and Himanshu Gupta
IEEE
Web application and web browsers generally use cookies to capture the data which is being transmitted in the sequent communication that provides continuity and state across HTTP connections. A cookie is a file which contains an end user's information and which sent by website (web server). Cookies allow us to get round the statelessness of the hypertext transfer protocol by storing information at the client-side. Due to highly sensitive nature of information involved in e-commerce, extra steps must be taken to make sure that information is secure. A preparatory form of communication enables us to avoid exploitation of cookies. Securing the cookies provide possible answer to the present drawback. As cookies are transferred in plain text there are high possibilities of that cookies can be manipulated. This paper proposes a new mechanism which helps to encrypt the cookies and protect them from possible threats.