A Constructive Multilevel Security System with

Cryptographic Techniques by using cyber-physical

system in the Defense sector
J Vijay Gopal J Aishwarya Laxmi Merlin Ann Nelson
Department of C.S.E Department of C.S.E Department of C.S.E
St. Peter’s Engineering College St. Peter’s Engineering College St.Peter’s Engineering College
Hyderabad, India Hyderabad, India Hyderabad, India
vijayjagadam@gmail.com jaishwaryaraju222@gmail.com merlinannnelson94@gmail.com

Abstract— Protecting sensitive data and maintaining the the NSA to detach diverse servers running on a machine —
confidentiality is the most important role in this world. so that regardless of the fact that your web server is hacked,
Especially many areas like Defense, Education, Finance, it doesn't as a matter of course take after that your DNS
Communications, international affairs sectors. The MLS server gets assumed control as well. Vista has a multilevel
approach provides a relevant framework for the analysis of trustworthiness approach under which Internet Explorer
security systems regarding cross-level approach through the
keeps running as a matter of course at "Low" — which
cyber-physical system. We propose a new key management
system for multilevel security in the threat model security implies that regardless of the possibility that it gets assumed
policies- security mechanism. The new approach is to construct control over, the assailant ought not have the capacity to
the MLS through CPS in association with advanced change framework documents or whatever else with a
cryptographic tools to protect the defense confidential data higher uprightness level. These systems are still generally
from unauthorized, and also to make sure that the data is not imperceptible to the household PC client, yet their expert
released to any counterfeit users. In this paper, a prototype is use is expand
selected to explain the security of cryptographic strategy like 4. Normally these concepts are usually applied wherever
symmetric encryption, message authentication codes, public they’re harmful, owing to the massive unconditional
key encryption, key agreement protocols, and digital signature
interests. This can also lead to the failure of enormous
schemes.
Keywords—MLS, symmetric, key management, cps system projects, particularly within the public sector.
II. BRIEF INTRODUCTION OF MLS
I. INTRODUCTION
A MLS working environment regularly requires a very
As said in theory that military database frameworks, which secure data preparing framework frequently based on a
can hold data for some distinctive levels of characterization MLS operating system (OS), however not so much. Most
(Confidential, Secret, Top Secret, ...), need to guarantee that MLS usefulness can be assisted by a framework made
information must be perusud by a chief whose level is in totally out of untrusted pcs, despite the fact that it requires
any event is high as the information's order. The approaches various separate pcs connected by hardware security-
they actualize are referred to as multilevel secure or as agreeable channels. An illustration of equipment
compulsory access control or MAC. The multilevel security implemented MLS lacks isolation. On the off chance that
framework bargains for the most part with giving security to one PC is being utilized as a part of MLS mode, then that
the framework at various levels. Multilevel secure PC must utilize a trusted operating system (OS). Since all
frameworks are basic in light of the fact that: data in a MLS domain is physically available by the OS,
1. A vast research was done on the military model of high intelligent controls must exist to guarantee that
protection in a detail way where many examples relating to entrance to data is entirely controlled. Ordinarily this
the effects of the second-order and third-order includes compulsory access control that uses security
implementation on security policy. names, similar to the Bell–LaPadula mode
2. Multilevel were actually developed to regarding the Clients that convey trusted operating systems for the most
confidentiality in military systems, most of the commercial part require that the item finishes a formal PC security
systems use multilevel integrity policies. Likewise, the assessment
ability to watch the functioning of switching system by the The evaluation is strict for more extensive security range,
telecom operators and not affect it. which is the most minimal and most higher grouping levels
3. As of late, items, for example, Microsoft Vista and Red the framework can prepare.
Hat Linux began to join required access control
components, and they likewise showed up in camouflage in III. EVALUATION OF MLS
computerized rights administration frameworks. For In a multilevel secure is a database administration system
instance, Red Hat utilizes SELinux instruments created by (MLS),special each information thing is allocated an order
in view of its affectability level, The part of a MLS is to individual information, compensation, assignment,
guarantee clients question or control just those information incorporate the Mastercard number, bank. In the event that
to which their exceptional status entitles them. ALL security the programmers or unapproved client can get to and
guard database gets to quick through a cyber physical recover the database rapidly, therefore the charge card
system (cps).To guarantee anticipation of any unapproved numbers or hacking the worker of Master cards can be
access to the information. To figure out if a client ought to changed and their record numbers too. In this manner we
be permitted to get to an information thing, the client's actualize cryptographic strategies and hereditary calculation
freedom is contrasted and the order level of the information to secure the databases. Cryptography is a technique utilized
thing. as a part of securing information either over the system or in
any stand alone gadget. It has two techniques, encryption,
and decoding. Encryption is the strategy to change over
plain content to figure content, and Decryption is the
converse procedure. Both cryptography and decryption are
done using the private keys. The end users know these keys
and makes it extremely confidential. The cryptographic
techniques are divided into two types, Symmetric
encryption, and Asymmetric encryption. Before initiating
security in symmetric encryption, the keys used are secretly
shared by the user. The keys are applied practically by the
end users throughout the method of an asymmetric
encryption. The application may be subject to some form of
Fig. 1. Example of a Layered security model (Defence-in-depth) hacker attacks, of which 60% may be subject to SQL
injection attacks. Especially the financial and defense
The above figure shows the various levels of security
services are i.e. hacking credit card numbers, account
required for any organization to maintain its Data
numbers and banking details and online retail website.
confidentially. In this paper, the major part which is
Sophos’s network security threat confirmed SQL Injection
concentrated is the following implementation can illustrate
attack will be the top five network security threats.
the defense security at network layer by the multi level
Therefore, defense against SQL injection attacks is
security approach and the application of MLS into the
significant.
defense security illustrated by the following
implementation. V. IMPLEMENTATION
IV. EXISTING PROBLEMS The solution to the present problem in the defense sector
can be achieved by classifying the data into multiple levels
It is a strategy by the database security which is used to
according to its sensitive levels of information.
protect the database from unapproved access, programmers,
snoopers furthermore avoid accident harms. The significant
The classification of information is
zones of misfortunes are robbery and misrepresentation
works, loss of classification, loss of protection, loss of
security, loss of trustworthiness and accessibility. This
security predominantly concentrates on both its database
administration and wellbeing. The information assurance of
system database is the insurance of information's security,
uprightness and simultaneousness of information. The
security dangers in the database are the unapproved
movement or misuse by approved database clients, database Fig.2 : Multi-level frame for defense sector
directors, or system administrators, or illicit informers or
programmers. The malware diseases bringing on troubles, The multi level classification of data is divided into four
for example, unapproved access, spillage or disclosure of levels.
individual or restrictive information, erases records or harm 1. High Confidential
to the information, intrusion or dismissal of approved access 2. Confidential
to the database, assaults on different frameworks and the 3. Sensitive
sudden disappointment of database administrations. To 4. Public
conquer this issue they proposed two strategies to secure the
databases, one is confirmation trailed by hereditary the total information (ids )= h∪c∪s∪u
calculation. In SQL Server, 2003 every client had singular where ids = total information
client login Id and secret key. For instance in the
organization they keeping up the database of worker subtle
elements, in that they having representative name,
 Level Description Type of data VI. SOLUTION TO THE PROBLEM
Information
A. 6.1 Implementation Of cryptographic keys:
unlocked Information regarding
Highly only after War locations, maps,
confidential 100% battle camps, security
authenticatio codes
n
Information Information regarding
unlocked by Capacity of defense in
Confidential
special war with weapons and
permissions transactions
Information
Information about
which is not
Employee details,
Sensitive allowed to be
pensioneers, funds to
changed
defense.
easily
Information
which can be Directions of defense
Public accessed by housing, defense
any person of management details.
defense
Table1: Description Of Multiple Levels Of Data

B. Implementation of Cryptographic Keys between

Multiple Users:
Algorithm of CPS Control on the Defense DataBase

MODULE MODULE CPS

PROMPT the ADMIN for input //in the form of paragraph
SAVE input to IN
GO TO NAÏVE-BAYES
COMPUTE Sub main(IN)
DECLARE word[20]
DECLARE freq[20]
DECLARE N
DECLARE length=NAÏVE-BAYES(s.length)
FOR N=0 to length
Word[N]=NAÏVE-BAYES(s[N])
Freq[N]=NAÏVE-BAYES(freq[N])
GO TO MODULE KMEANS
COMPUTE Sub main(word[N],length)
//returned c[N] elements
DECLARE c[N]
FOR N=0 to length
c[N]=KMEANS(c[N])
fig.3 : The Architecture diagram of MLS END FOR
GO TO MODULE CPS-WORK
The above figure show the overall architecture of the MLS COMPUTE Sub main(c[N])
system in which the CPS (Cyber Physical Systems ) acts the END Sub
END MODULE
monitor for the users and the backend of the system.
The above algorithm clearly stipulates the control
The primary functionality of the CPS is to mine the defense established by cyber physical system which is responsible in
data through the text mining technique and segregate the accepting the input from the ADMIN of the defence data
data into multi-level using the clustering techniques and base.
store it into the database.The CPS generates the secret key The input accepted is further passed to the naïve Bayes
for the multi-level classification such that only an system to perform the process of text mining and ultimately
authorized user can access the data. generates the individual data . CPS again transfers the
individual data to k means algorithm which treats the data as Clustering by K-Means Algorithm
individual data items and performs the task of clustering
which finally leads to the formation of four kinds of MODULE MODULE KMEANS
classification of data in four different levels as illustrated in Sub main(s[N],length)
DECLARE N,i,j
the figure. PROMPT the user for number of clusters
Text mining by Naïve Bayes SAVE the input to p
PROMPT the user to enter center of clusters
MODULE MODULE NAÏVE-BAYES DECLARE µ[p],c[p],ED[N]
Sub main(IN) FOR N=0 to p
DECLARE N µ[N]=input from ADMIN
INITIALIZE count[1000]=0 ED[N]=d(s[N],µ[N]) //Euclidian distance
//fetch the input in a string c[N]={j:ED[N]/€.d, j=1,…,N}
STRING s END FOR
FOR N=0 TO s.length() //LEVEL2
IF s[N]!=NULL then FOR N=0 to p
ARRANGE s[N] in the table of column 1 µ[N]=1/(|c[N] ∑i€cj Xj ,ᵾ i
Count[N]++ //increment END FOR
ELSE RETURN c[N] //elements of each cluster
EXIT(0) END Sub
END IF END MODULE
END FOR
//generate frequency table K-means clustering algorithm decides the number of
DECLARE freq[1000]=0
FOR N=0 to s.length()
clusters “P”. The center of each cluster should be initialized.
IF s[N]!=NULL then The initialization involves two methods(i.e.)
Freq[N]=count[N] *Forgy: Assigning center to P clusters to close P
ELSE observations.
EXIT(0)
END IF
*Random Partition: Randomly assigning the positions of P-
END FOR clusters followed by calculation of means of each cluster.
RETURN s[N] Calculate the Euclidian distance between the “data points”
RETURN freq[N] and center of P clusters. Continue to Calculate the new
RETURN s.length()
END Sub
centers of P clusters by assigning to the mean value of all
END MODULE the data items of an individual cluster until the data items
are properly assigned to their clusters and the positions are
assigned.
Above algorithm explains the process of text mining
performed on the input data given by ADMIN. Text mining
process is done with the help of Naive Bayes algorithm. It is C. Clusters Formed By Using K-Means Algorithm
a classification technique based on Bayes’ Theorem which
assumes the independence between the attributes.
Depending on the type of input data given classify into a
table according to its attributes and calculate the individual
frequencies of each data item in the extracted table to
generate a frequency table.

The frequencies here are the measure of no of occurrence of

a data item. The resultant data items in the frequency table
Fig6. clusters formed Fig7. clusters formed used forgy
act as an input data to the clustering algorithm. using forgy where P=2 where P=3

Fig8. clusters formed using forgy where p=4

Fig5. Formation of frequencies from individual data items

D. CPS Control over the users Access function is mainly concerned with the validation of
MODULE MODULE CPS-WORK user authentication with the help of secret cryptographic
Structure user keys. The secret key issued to the user is compared with the
Char category; instant secret key generated by CPS. If match found then the
Integer counter;
Integer level;
user is provided with the access of his required level of
Integer sk; information.
End Structure U[n]; //this is an object for the users to enter their fields for
accessing the data
Sub main (c[N])
Declare n as an integer variable //initialized to zero
FOR n=1 to 100
Prompt the user to enter his category
DISPLAY “enter ‘MDB’ if you are a manager of database”
DISPLAY “enter ‘DSB’ if you are a defense subordinate of database”
DISPLAY “enter ‘GOD’ if you are a guiding team of defense sector”
DISPLAY “enter ‘LLE’ if you are a lower level employee of defense
sector”
Save the input to U[n].category //type of user is defined
Prompt the user to enter his required level of access
Save the input to U[n].level //type of level to be accessed is defined
INITIALIZE U[n].counter = 1
GO TO MODULE ACCESS
COMPUTE Sub main (n, U[n].level,c[N])
END FOR
END Sub Fig10.Categories of users
END MODULE
F. Generation of Secret Key
Above procedure is responsible in serving the users of MODULE MODULE GENERATE-SK
Sub main (n, U[n].level)
defense database who establish their request under the FETCH the level of user
control of the central authority CPS. Constraints of users Save the input to U[n].level
like working category, number of times of access, ARRANGING the requested level in matrix notation
confidentiality level of data requested etc. This process Save the result to levelmatri[p][q]
//initial values of p and q are considered as 4
guides a particular user for his further access of data by Prompt the cps to select two sets of instant position in the
issuing a counter number. required level of matrix notation
Save the inputs to p1, q1, p2, q2
//make sure they r prime numbers
COMPUTE gsk=levelmatri [p1][q1] * levelmatri [p2][q2]
Return gsk;
END Sub
END MODULE
Above module deals with the generation of instant secret
key process generated by CPS. This process initially
involves to referring matrix notations formed in four levels
of data. Selection of two instant positions of requested level
of matrix is selected by CPS and they are multiplied to
Fig9. CPS control on the users of defense DB generate a secret key which is compared to user’s secret
key.
E. Verification of User Authentication
MODULE MODULE ACCESS
Sub main (n, U[n].level)
FETCH the level of user
Save the input in U[n].level
Prompt the user for his given secret key
Save the input in U[n].sk
//generation of secret key with two items in the level
GO TO MODULE GENERATE-SK
COMPUTE Sub main (n, U[n].level)
Save the input of returned key in gsk
IF gsk=U[n].sk then
GOTO MODULE READ
COMPUTE Sub main (n, U[n].level, U[n].counter,c[N])
ELSE
DISPLAY invalid request try again
END IF
END Sub
END MODULE Fig. 11 shows the secret key generation
 VII. RESULT ANALYSIS Various security approaches to protect the confidential
information of defence location such as latitudes and
A. K-means Clustring Generation longitudes of battle sides will be worked under the future
paper.
REFERENCES
[1] Chao Lee, China Li-Hua Yin,Yun-Chuan Guo"A Multilevel
Security Model for
Wireless Sensor Networks",lnstitute of Computing Technology
Chinese Academy of Sciences, Graduate University of Chinese
Academy of Sciences, Beijing, China,

[2] h p://www.Cryptosmith.Com/mlslintro. "MLS Introduction

Cryptosmith. "

Fig11. Data Clustering [3] Mrs. Sharada Mangipudi, J. Vijay Gopal, Dr. P. Suresh Verma
Dr. M.Srinivasa Rao "Developing Multi Level Security System
The above graph is generated for the K-means clustering Using ESPTechnique By An Advanced Data Mining Concepts".
where the value of k=4, it shows the multi level Abbrev., in press.
classification of information of the defense data.
[4] h p://technet.mircoso .comlem-us/library/cc959510.aspx,
"Encapsulating Security Payload"
B. Secert key generation using CPS
The above graphs shows the generation of secret to various [5] Raymond T.Ng, Simon Fraser "Ef cient and Effective
Clustering Methods for Spatial Data Mining", Department of
Levels using CPS. The generated keys are used to access the
Computer Science, Universityof BritishColumbia, Vancouver,
Data which are stored in MLS. B.C., V6T 124, C ada,liawei Han School of Computing Sciences,
University Bu aby, B.C., V5A IS6, Canada.
[6] Micheline Kamber, Jian Pei, Simon, "Data Mining Concepts
and Techniques"byJiawei Han University of Illinois at Urbana­
Champaign, Fraser University.

[7] Mrs. Sharada Mangipudi, Dr.P.SureshVer a, Dr. M.Srinivasa

Rao,"Pragmatic Approach for Financial Networking System Using
Cyber Physical Systems Through Advanced Data Mining
Concepts".

[8] Lee, E.A. EECS, Center for Hybrid & Embedded So ware
Syst., Univ. Of California at Berkeley, Berkeley, CA "Cyber
Physical Systems: Design".

[9] Neelamadhab Padhy, Dr. Pragnyaban Mishra, and Rasmita

Panigr i3, 'The Survey of Data Mining Applications And Feature
Scope" (IJCSEIT), Vo1.2, No.3, June 2012.

[10] Codd,E.F.,S.B.Codd, C.T.Salley,"Providing OLAP (On-Line

Analytical Processing) to User Analyst: An IT Mandate."Available
from Arbor So ware's web site h p://www.arborso
.com/OLAP.html..
Fig12. Key generation to various levels.
[11] Kimball, R. The Data Warehouse Toolkit. John Wiley, 1996.
VIII. CONCLUSION AND FURTHER SCOPE Barclay, T., R. Barnes, J. Gray, P. Sundaresan, "Loading
Data stored in the defence database is undergone through Databases using Data Flow Parallelism." SIGMOD Record, Vol.
23, No. 4, Dec.1994.
text mining process which stipulates and produces
meaningful independent data items which are further
[12] Daron Acemoglu, Asuman Ozdaglar, Alireza Tahbaz-Salehi.
clustered into different levels based on the similarities in "Systemic Risk and Stability in Financial Networks".
their properties. CPS acts as central authority in the
organization of important data in different levels and [13] Han Chen d Shaun Wang "A Network Model Approach to
generates secret keys on the user side which are distributed Systemic Risk in the Financial System", January 2013,
based on their request of access to different levels.
[14] Castren, O. And Kavonius, I. K. "Balance Sheet Interlinkages
and Macro- n cial Risk Analysis in the Euro Area." European
Central B k Working Paper Series 1124, December 2009. Abbrev.,
in press.

[15] International Journal of Emerging Technology and Advanced

Engineering Web Site: www.ijetae.com (ISSN 2250-2459, ISO
9001:2008 Certi ed Journal, Volume 3, Issue 8, August 2013)

[16] K. Chitra, B. Subashini,"International Conference on

Information Technology, Alzaytoonah University, Amman,
Jordan, www.zuj.edujo/conferences/icitll/paperlist/Papers/

[17] K. Chitra, B. Subashini, Automatic Credit Approval uses

Classi cation Method, International Journal of Scienti c &
Engineering Research (IJSER), Volume 4, Issue 7, July-2013 2027
ISSN 2229-5518.

[18] Kazi Imran Moin, Dr. Qazi Baser Ahmed I International

Journal of Engineering Research d Applications (IJERA) ISSN:
2248-9622 www.ijera.com Vol. 2, Issue 2, Mar-Apr 2012, pp. 738-
742 -7381 P a g e Use of Data Mining in B king.

[19] Vivek Bhambri "Application of Data Mining in Banking

Sector", International Journal of Computer Science and
Technology Vol. 2, Issue 2, June 2011.

[20] Dr. Madan Lal Bhasin, "Data Mining: A Competitive Tool in

the Banking and Retail Industries", The Chartered Accountant
October 2006.

[22] "Network Security Essentials (Applications d St dards)" by

William Stallings, Pearson Education 4th Edition.

[23] International Journal Of Engineering Sciences & Research

technology "Design and Implementation of IPsec VPN's and its
Con guration of ISP Network" Poral Vandana, B. Srinivasa Rao,
4
CDamini, K.S.Himaja

[24] Deepika Sharma"A Review on Clustering Techniques in Data

Mining",Eternal University, Baru Sahib, Himachal Pradesh-
17310I, India

[25] Jim Gray "Data Mining: Concepts d Techniques", 3'd edition.,

The Morgan Kau ann Series in Data Management Systems,Series
Editor, Morgan Kau ann Publishers, May 2011.

[26] h p://politicosl.com!2012/08/banking-act-2012-regulations­
powersof-bsl

[27]http://www.downloads.netgear.com/leS/GDC/FVS336GV2IV
PN%20BaSiCS%20Internet%20ProtOCOI%20security%20IPsec.h
tml

[28]http://www.downloads.netgear.comlles/GDC/FVS336Gv2IVP
N%2OBasics%20Internet%20Protocol%20Security%20IPSec.html