Search results for: zero-day attacks
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 605

Search results for: zero-day attacks

575 Empirical Analysis of the Global Impact of Cybercrime Laws on Cyber Attacks and Malware Types

Authors: Essang Anwana Onuntuei, Chinyere Blessing Azunwoke

Abstract:

The study focused on probing the effectiveness of online consumer privacy and protection laws, electronic transaction laws, privacy and data protection laws, and cybercrime legislation amid frequent cyber-attacks and malware types worldwide. An empirical analysis was engaged to uncover ties and causations between the stringency and implementation of these legal structures and the prevalence of cyber threats. A deliberate sample of seventy-eight countries (thirteen countries each from six continents) was chosen as sample size to study the challenges linked with trending regulations and possible panoramas for improving cybersecurity through refined legal approaches. Findings establish if the frequency of cyber-attacks and malware types vary significantly. Also, the result proved that various cybercrime laws differ statistically, and electronic transactions law does not statistically impact the frequency of cyber-attacks. The result also statistically revealed that the online Consumer Privacy and Protection law does not influence the total number of cyber-attacks. In addition, the results implied that Privacy and Data Protection laws do not statistically impact the total number of cyber-attacks worldwide. The calculated value also proved that cybercrime law does not statistically impact the total number of cyber-attacks. Finally, the computed value concludes that combined multiple cyber laws do not significantly impact the total number of cyber-attacks worldwide. Suggestions were produced based on findings from the study, contributing to the ongoing debate on the validity of legal approaches in battling cybercrime and shielding consumers in the digital age.

Keywords: cybercrime legislation, cyber attacks, consumer privacy and protection law, detection, electronic transaction law, prevention, privacy and data protection law, prohibition, prosecution

Procedia PDF Downloads 41
574 A Secure Routing Algorithm for ‎Underwater Wireless Sensor Networks

Authors: Seyed Mahdi Jameii

Abstract:

Underwater wireless sensor networks have been attracting the interest of many ‎researchers lately, and the past three decades have beheld the rapid progress of ‎underwater acoustic communication. One of the major problems in underwater wireless ‎sensor networks is how to transfer data from the moving node to the base stations and ‎choose the optimized route for data transmission. Secure routing in underwater ‎wireless sensor network (UWCNs) is necessary for packet delivery. Some routing ‎protocols are proposed for underwater wireless sensor networks. However, a few ‎researches have been done on secure routing in underwater sensor networks. In this ‎article, a secure routing protocol is provided to resist against wormhole and sybil ‎attacks. The results indicated acceptable performance in terms of increasing the packet ‎delivery ratio with regards to the attacks, increasing network lifetime by creating ‎balance in the network energy consumption, high detection rates against the attacks, ‎and low-end to end delay.‎

Keywords: attacks, routing, security, underwater wireless sensor networks

Procedia PDF Downloads 418
573 Ontology for Cross-Site-Scripting (XSS) Attack in Cybersecurity

Authors: Jean Rosemond Dora, Karol Nemoga

Abstract:

In this work, we tackle a frequent problem that frequently occurs in the cybersecurity field which is the exploitation of websites by XSS attacks, which are nowadays considered a complicated attack. These types of attacks aim to execute malicious scripts in a web browser of the client by including code in a legitimate web page. A serious matter is when a website accepts the “user-input” option. Attackers can exploit the web application (if vulnerable), and then steal sensitive data (session cookies, passwords, credit cards, etc.) from the server and/or from the client. However, the difficulty of the exploitation varies from website to website. Our focus is on the usage of ontology in cybersecurity against XSS attacks, on the importance of the ontology, and its core meaning for cybersecurity. We explain how a vulnerable website can be exploited, and how different JavaScript payloads can be used to detect vulnerabilities. We also enumerate some tools to use for an efficient analysis. We present detailed reasoning on what can be done to improve the security of a website in order to resist attacks, and we provide supportive examples. Then, we apply an ontology model against XSS attacks to strengthen the protection of a web application. However, we note that the existence of ontology does not improve the security itself, but it has to be properly used and should require a maximum of security layers to be taken into account.

Keywords: cybersecurity, web application vulnerabilities, cyber threats, ontology model

Procedia PDF Downloads 172
572 Internet of Things Networks: Denial of Service Detection in Constrained Application Protocol Using Machine Learning Algorithm

Authors: Adamu Abdullahi, On Francisca, Saidu Isah Rambo, G. N. Obunadike, D. T. Chinyio

Abstract:

The paper discusses the potential threat of Denial of Service (DoS) attacks in the Internet of Things (IoT) networks on constrained application protocols (CoAP). As billions of IoT devices are expected to be connected to the internet in the coming years, the security of these devices is vulnerable to attacks, disrupting their functioning. This research aims to tackle this issue by applying mixed methods of qualitative and quantitative for feature selection, extraction, and cluster algorithms to detect DoS attacks in the Constrained Application Protocol (CoAP) using the Machine Learning Algorithm (MLA). The main objective of the research is to enhance the security scheme for CoAP in the IoT environment by analyzing the nature of DoS attacks and identifying a new set of features for detecting them in the IoT network environment. The aim is to demonstrate the effectiveness of the MLA in detecting DoS attacks and compare it with conventional intrusion detection systems for securing the CoAP in the IoT environment. Findings: The research identifies the appropriate node to detect DoS attacks in the IoT network environment and demonstrates how to detect the attacks through the MLA. The accuracy detection in both classification and network simulation environments shows that the k-means algorithm scored the highest percentage in the training and testing of the evaluation. The network simulation platform also achieved the highest percentage of 99.93% in overall accuracy. This work reviews conventional intrusion detection systems for securing the CoAP in the IoT environment. The DoS security issues associated with the CoAP are discussed.

Keywords: algorithm, CoAP, DoS, IoT, machine learning

Procedia PDF Downloads 80
571 Pre-Shared Key Distribution Algorithms' Attacks for Body Area Networks: A Survey

Authors: Priti Kumari, Tricha Anjali

Abstract:

Body Area Networks (BANs) have emerged as the most promising technology for pervasive health care applications. Since they facilitate communication of very sensitive health data, information leakage in such networks can put human life at risk, and hence security inside BANs is a critical issue. Safe distribution and periodic refreshment of cryptographic keys are needed to ensure the highest level of security. In this paper, we focus on the key distribution techniques and how they are categorized for BAN. The state-of-art pre-shared key distribution algorithms are surveyed. Possible attacks on algorithms are demonstrated with examples.

Keywords: attacks, body area network, key distribution, key refreshment, pre-shared keys

Procedia PDF Downloads 362
570 Security Risks Assessment: A Conceptualization and Extension of NFC Touch-And-Go Application

Authors: Ku Aina Afiqah Ku Adzman, Manmeet Mahinderjit Singh, Zarul Fitri Zaaba

Abstract:

NFC operates on low-range 13.56 MHz frequency within a distance from 4cm to 10cm, and the applications can be categorized as touch and go, touch and confirm, touch and connect, and touch and explore. NFC applications are vulnerable to various security and privacy attacks such due to its physical nature; unprotected data stored in NFC tag and insecure communication between its applications. This paper aims to determine the likelihood of security risks happening in an NFC technology and application. We present an NFC technology taxonomy covering NFC standards, types of application and various security and privacy attack. Based on observations and the survey presented to evaluate the risk assessment within the touch and go application demonstrates two security attacks that are high risks namely data corruption and DOS attacks. After the risks are determined, risk countermeasures by using AHP is adopted. The guideline and solutions to these two high risks, attacks are later applied to a secure NFC-enabled Smartphone Attendance System.

Keywords: Near Field Communication (NFC), risk assessment, multi-criteria decision making, Analytical Hierarchy Process (AHP)

Procedia PDF Downloads 302
569 Exploring Cybersecurity and Phishing Attacks within Healthcare Institutions in Saudi Arabia: A Narrative Review

Authors: Ebtesam Shadadi, Rasha Ibrahim, Essam Ghadafi

Abstract:

Phishing poses a significant threat as a cybercrime by tricking end users into revealing their confidential and sensitive information. Attackers often manipulate victims to achieve their malicious goals. The increasing prevalence of Phishing has led to extensive research on this issue, including studies focusing on phishing attempts in healthcare institutions in the Kingdom of Saudi Arabia. This paper explores the importance of analyzing phishing attacks, specifically focusing on those targeting the healthcare industry. The study delves into the tactics, obstacles, and remedies associated with these attacks, all while considering the implications for Saudi Vision 2030.

Keywords: phishing, cybersecurity, cyber threat, social engineering, vision 2030

Procedia PDF Downloads 61
568 Experimental Analysis of Tools Used for Doxing and Proposed New Transforms to Help Organizations Protect against Doxing Attacks

Authors: Parul Khanna, Pavol Zavarsky, Dale Lindskog

Abstract:

Doxing is a term derived from documents, and hence consists of collecting information on an organization or individual through social media websites, search engines, password cracking methods, social engineering tools and other sources of publicly displayed information. The main purpose of doxing attacks is to threaten, embarrass, harass and humiliate the organization or individual. Various tools are used to perform doxing. Tools such as Maltego visualize organization’s architecture which helps in determining weak links within the organization. This paper discusses limitations of Maltego Chlorine CE 3.6.0 and suggests measures as to how organizations can use these tools to protect themselves from doxing attacks.

Keywords: advanced persistent threat, FOCA, OSINT, PII

Procedia PDF Downloads 256
567 Ensuring Cyber Security Using Kippo Honeypots

Authors: S. Vivekananda Pandian

Abstract:

A major challenging task in this current scenario is protecting your computer and other electronic gadgets against Cyber-attacks. In this current era Cyber warfare becomes a major threat to the entire world which targets a particular organization or a country spreading the Malwares, Breaching the securities, causing major loss to the organization. Several sectors both public and private are computerized such as Energy sectors, Oil refinery sectors, Defense sectors and Aviation sectors are prone to attacks. Several attacks are unknown while accessing the internet. To study the characteristics and Intention of the Attacker Kippo Honeypots are used. Honeypots are the trap set by us which enables them to monitor the malicious activities and detailed study about attackers which leads to strengthening of the security.

Keywords: attackers, security, Kippo Honeypots, virtual machine

Procedia PDF Downloads 427
566 Countering Terrorism and Defending Human Right after 9/11: The European Perspective

Authors: Anita Blagojević

Abstract:

It is well known that the terrorist attacks on the New York City and Washington, D.C. prompted unprecedented international action to enhance international cooperation in the prevention and suppression of terrorism. In the months (and years) after September 11, the world community focused on two main efforts: first, on efforts to bring those responsible for terrorist attacks to justice, and second, on efforts to prevent future terrorist attacks. In that sense, many governments took advantage of these efforts to strengthen their national security. In that process, however, human rights and civil liberties of certain groups of people were alleged. As a consequence, part of the price paid for protecting national security against terrorist attacks was the threat of infringement on people's fundamental rights and freedoms. The aim of this paper is to analyze the role of the European Union and the Council of Europe in finding the answer to the one of the main security dilemma for the present era: how to find the balance between the protection of national security and guarantee of the people's rights and fundamental freedoms?

Keywords: terrorism, antiterrorism, European Union, Council of Europe, human rights

Procedia PDF Downloads 378
565 Security in Cyberspace: A Comprehensive Review of COVID-19 Continued Effects on Security Threats and Solutions in 2021 and the Trajectory of Cybersecurity Going into 2022

Authors: Mojtaba Fayaz, Richard Hallal

Abstract:

This study examines the various types of dangers that our virtual environment is vulnerable to, including how it can be attacked and how to avoid/secure our data. The terrain of cyberspace is never completely safe, and Covid- 19 has added to the confusion, necessitating daily periodic checks and evaluations. Cybercriminals have been able to enact with greater skill and undertake more conspicuous and sophisticated attacks while keeping a higher level of finesse by operating from home. Different types of cyberattacks, such as operation-based attacks, authentication-based attacks, and software-based attacks, are constantly evolving, but research suggests that software-based threats, such as Ransomware, are becoming more popular, with attacks expected to increase by 93 percent by 2020. The effectiveness of cyber frameworks has shifted dramatically as the pandemic has forced work and private life to become intertwined, destabilising security overall and creating a new front of cyber protection for security analysis and personal. The high-rise formats in which cybercrimes are carried out, as well as the types of cybercrimes that exist, such as phishing, identity theft, malware, and DDoS attacks, have created a new front of cyber protection for security analysis and personal safety. The overall strategy for 2022 will be the introduction of frameworks that address many of the issues associated with offsite working, as well as education that provides better information about commercialised software that does not provide the highest level of security for home users, allowing businesses to plan better security around their systems.

Keywords: cyber security, authentication, software, hardware, malware, COVID-19, threat actors, awareness, home users, confidentiality, integrity, availability, attacks

Procedia PDF Downloads 116
564 Survey of Intrusion Detection Systems and Their Assessment of the Internet of Things

Authors: James Kaweesa

Abstract:

The Internet of Things (IoT) has become a critical component of modern technology, enabling the connection of numerous devices to the internet. The interconnected nature of IoT devices, along with their heterogeneous and resource-constrained nature, makes them vulnerable to various types of attacks, such as malware, denial-of-service attacks, and network scanning. Intrusion Detection Systems (IDSs) are a key mechanism for protecting IoT networks and from attacks by identifying and alerting administrators to suspicious activities. In this review, the paper will discuss the different types of IDSs available for IoT systems and evaluate their effectiveness in detecting and preventing attacks. Also, examine the various evaluation methods used to assess the performance of IDSs and the challenges associated with evaluating them in IoT environments. The review will highlight the need for effective and efficient IDSs that can cope with the unique characteristics of IoT networks, including their heterogeneity, dynamic topology, and resource constraints. The paper will conclude by indicating where further research is needed to develop IDSs that can address these challenges and effectively protect IoT systems from cyber threats.

Keywords: cyber-threats, iot, intrusion detection system, networks

Procedia PDF Downloads 80
563 Active Cyber Defense within the Concept of NATO’s Protection of Critical Infrastructures

Authors: Serkan Yağlı, Selçuk Dal

Abstract:

Cyber-attacks pose a serious threat to all states. Therefore, states constantly seek for various methods to encounter those threats. In addition, recent changes in the nature of cyber-attacks and their more complicated methods have created a new concept: active cyber defence (ACD). This article tries to answer firstly why ACD is important to NATO and find out the viewpoint of NATO towards ACD. Secondly, infrastructure protection is essential to cyber defence. Critical infrastructure protection with ACD means is even more important. It is assumed that by implementing active cyber defence, NATO may not only be able to repel the attacks but also be deterrent. Hence, the use of ACD has a direct positive effect in all international organizations’ future including NATO.

Keywords: active cyber defence, advanced persistent treat, critical infrastructure, NATO

Procedia PDF Downloads 243
562 USBware: A Trusted and Multidisciplinary Framework for Enhanced Detection of USB-Based Attacks

Authors: Nir Nissim, Ran Yahalom, Tomer Lancewiki, Yuval Elovici, Boaz Lerner

Abstract:

Background: Attackers increasingly take advantage of innocent users who tend to use USB devices casually, assuming these devices benign when in fact they may carry an embedded malicious behavior or hidden malware. USB devices have many properties and capabilities that have become the subject of malicious operations. Many of the recent attacks targeting individuals, and especially organizations, utilize popular and widely used USB devices, such as mice, keyboards, flash drives, printers, and smartphones. However, current detection tools, techniques, and solutions generally fail to detect both the known and unknown attacks launched via USB devices. Significance: We propose USBWARE, a project that focuses on the vulnerabilities of USB devices and centers on the development of a comprehensive detection framework that relies upon a crucial attack repository. USBWARE will allow researchers and companies to better understand the vulnerabilities and attacks associated with USB devices as well as providing a comprehensive platform for developing detection solutions. Methodology: The framework of USBWARE is aimed at accurate detection of both known and unknown USB-based attacks by a process that efficiently enhances the framework's detection capabilities over time. The framework will integrate two main security approaches in order to enhance the detection of USB-based attacks associated with a variety of USB devices. The first approach is aimed at the detection of known attacks and their variants, whereas the second approach focuses on the detection of unknown attacks. USBWARE will consist of six independent but complimentary detection modules, each detecting attacks based on a different approach or discipline. These modules include novel ideas and algorithms inspired from or already developed within our team's domains of expertise, including cyber security, electrical and signal processing, machine learning, and computational biology. The establishment and maintenance of the USBWARE’s dynamic and up-to-date attack repository will strengthen the capabilities of the USBWARE detection framework. The attack repository’s infrastructure will enable researchers to record, document, create, and simulate existing and new USB-based attacks. This data will be used to maintain the detection framework’s updatability by incorporating knowledge regarding new attacks. Based on our experience in the cyber security domain, we aim to design the USBWARE framework so that it will have several characteristics that are crucial for this type of cyber-security detection solution. Specifically, the USBWARE framework should be: Novel, Multidisciplinary, Trusted, Lightweight, Extendable, Modular and Updatable and Adaptable. Major Findings: Based on our initial survey, we have already found more than 23 types of USB-based attacks, divided into six major categories. Our preliminary evaluation and proof of concepts showed that our detection modules can be used for efficient detection of several basic known USB attacks. Further research, development, and enhancements are required so that USBWARE will be capable to cover all of the major known USB attacks and to detect unknown attacks. Conclusion: USBWARE is a crucial detection framework that must be further enhanced and developed.

Keywords: USB, device, cyber security, attack, detection

Procedia PDF Downloads 397
561 Data Analysis to Uncover Terrorist Attacks Using Data Mining Techniques

Authors: Saima Nazir, Mustansar Ali Ghazanfar, Sanay Muhammad Umar Saeed, Muhammad Awais Azam, Saad Ali Alahmari

Abstract:

Terrorism is an important and challenging concern. The entire world is threatened by only few sophisticated terrorist groups and especially in Gulf Region and Pakistan, it has become extremely destructive phenomena in recent years. Predicting the pattern of attack type, attack group and target type is an intricate task. This study offers new insight on terrorist group’s attack type and its chosen target. This research paper proposes a framework for prediction of terrorist attacks using the historical data and making an association between terrorist group, their attack type and target. Analysis shows that the number of attacks per year will keep on increasing, and Al-Harmayan in Saudi Arabia, Al-Qai’da in Gulf Region and Tehreek-e-Taliban in Pakistan will remain responsible for many future terrorist attacks. Top main targets of each group will be private citizen & property, police, government and military sector under constant circumstances.

Keywords: data mining, counter terrorism, machine learning, SVM

Procedia PDF Downloads 408
560 A Blind Three-Dimensional Meshes Watermarking Using the Interquartile Range

Authors: Emad E. Abdallah, Alaa E. Abdallah, Bajes Y. Alskarnah

Abstract:

We introduce a robust three-dimensional watermarking algorithm for copyright protection and indexing. The basic idea behind our technique is to measure the interquartile range or the spread of the 3D model vertices. The algorithm starts by converting all the vertices to spherical coordinate followed by partitioning them into small groups. The proposed algorithm is slightly altering the interquartile range distribution of the small groups based on predefined watermark. The experimental results on several 3D meshes prove perceptual invisibility and the robustness of the proposed technique against the most common attacks including compression, noise, smoothing, scaling, rotation as well as combinations of these attacks.

Keywords: watermarking, three-dimensional models, perceptual invisibility, interquartile range, 3D attacks

Procedia PDF Downloads 474
559 Constructing White-Box Implementations Based on Threshold Shares and Composite Fields

Authors: Tingting Lin, Manfred von Willich, Dafu Lou, Phil Eisen

Abstract:

A white-box implementation of a cryptographic algorithm is a software implementation intended to resist extraction of the secret key by an adversary. To date, most of the white-box techniques are used to protect block cipher implementations. However, a large proportion of the white-box implementations are proven to be vulnerable to affine equivalence attacks and other algebraic attacks, as well as differential computation analysis (DCA). In this paper, we identify a class of block ciphers for which we propose a method of constructing white-box implementations. Our method is based on threshold implementations and operations in composite fields. The resulting implementations consist of lookup tables and few exclusive OR operations. All intermediate values (inputs and outputs of the lookup tables) are masked. The threshold implementation makes the distribution of the masked values uniform and independent of the original inputs, and the operations in composite fields reduce the size of the lookup tables. The white-box implementations can provide resistance against algebraic attacks and DCA-like attacks.

Keywords: white-box, block cipher, composite field, threshold implementation

Procedia PDF Downloads 168
558 Resilient Machine Learning in the Nuclear Industry: Crack Detection as a Case Study

Authors: Anita Khadka, Gregory Epiphaniou, Carsten Maple

Abstract:

There is a dramatic surge in the adoption of machine learning (ML) techniques in many areas, including the nuclear industry (such as fault diagnosis and fuel management in nuclear power plants), autonomous systems (including self-driving vehicles), space systems (space debris recovery, for example), medical surgery, network intrusion detection, malware detection, to name a few. With the application of learning methods in such diverse domains, artificial intelligence (AI) has become a part of everyday modern human life. To date, the predominant focus has been on developing underpinning ML algorithms that can improve accuracy, while factors such as resiliency and robustness of algorithms have been largely overlooked. If an adversarial attack is able to compromise the learning method or data, the consequences can be fatal, especially but not exclusively in safety-critical applications. In this paper, we present an in-depth analysis of five adversarial attacks and three defence methods on a crack detection ML model. Our analysis shows that it can be dangerous to adopt machine learning techniques in security-critical areas such as the nuclear industry without rigorous testing since they may be vulnerable to adversarial attacks. While common defence methods can effectively defend against different attacks, none of the three considered can provide protection against all five adversarial attacks analysed.

Keywords: adversarial machine learning, attacks, defences, nuclear industry, crack detection

Procedia PDF Downloads 158
557 American Criminal Justice Responses to Terrorism in the Post 9/11 Era

Authors: Summer Jackson

Abstract:

September 11, 2001 terrorist attacks exposed weaknesses in federal law enforcement’s ability to proactively counter threats to American homeland security. Following the attacks, legislative reforms and policy changes cleared both bureaucratic and legal obstacles to anti-terrorism efforts. The Federal Bureau of Investigation (FBI) transformed into a domestic intelligence agency responsible for preventing future terrorist attacks. Likewise, the passage of the 2001 USA Patriot Act gave federal agents new discretionary powers to more easily collect intelligence on those suspected of supporting terrorism. Despite these changes, there has been only limited scholarly attention paid to terrorism responses by the federal criminal justice system. This study sought to examine the investigative and prosecutorial changes made in the Post-9/11 era. The methodology employed bivariate and multivariate statistics using data from the American Terrorism Study (ATS). This analysis examined how policy changes are reflected in the nature of terrorism investigations, the handling of terrorist defendants by federal prosecutors, and the outcomes of terrorism cases since 2001. The findings indicate significant investigative and prosecutorial changes in the Post-9/11 era. Specifically, this study found terrorism cases involved younger defendants, fewer indictees per case, less use of human intelligence, less complicated attacks, less serious charges, and more plea bargains. Overall, this study highlights the important shifts in responses to terrorism following the 9/11 attacks.

Keywords: terrorism, law enforcement, post-9/11, federal policy

Procedia PDF Downloads 119
556 Mitigating Denial of Service Attacks in Information Centric Networking

Authors: Bander Alzahrani

Abstract:

Information-centric networking (ICN) using architectures such as Publish-Subscribe Internet Routing Paradigm (PSIRP) is one of the promising candidates for a future Internet, has recently been under the spotlight by the research community to investigate the possibility of redesigning the current Internet architecture to solve many issues such as routing scalability, security, and quality of services issues.. The Bloom filter-based forwarding is a source-routing approach that is used in the PSIRP architecture. This mechanism is vulnerable to brute force attacks which may lead to denial-of-service (DoS) attacks. In this work, we present a new forwarding approach that keeps the advantages of Bloom filter-based forwarding while mitigates attacks on the forwarding mechanism. In practice, we introduce a special type of forwarding nodes called Edge-FW to be placed at the edge of the network. The role of these node is to add an extra security layer by validating and inspecting packets at the edge of the network against brute-force attacks and check whether the packet contains a legitimate forwarding identifier (FId) or not. We leverage Certificateless Aggregate Signature (CLAS) scheme with a small size of 64-bit which is used to sign the FId. Hence, this signature becomes bound to a specific FId. Therefore, malicious nodes that inject packets with random FIds will be easily detected and dropped at the Edge-FW node when the signature verification fails. Our preliminary security analysis suggests that with the proposed approach, the forwarding plane is able to resist attacks such as DoS with very high probability.

Keywords: bloom filter, certificateless aggregate signature, denial-of-service, information centric network

Procedia PDF Downloads 198
555 Modelling Insider Attacks in Public Cloud

Authors: Roman Kulikov, Svetlana Kolesnikova

Abstract:

Last decade Cloud Computing technologies have been rapidly becoming ubiquitous. Each year more and more organizations, corporations, internet services and social networks trust their business sensitive information to Public Cloud. The data storage in Public Cloud is protected by security mechanisms such as firewalls, cryptography algorithms, backups, etc.. In this way, however, only outsider attacks can be prevented, whereas virtualization tools can be easily compromised by insider. The protection of Public Cloud’s critical elements from internal intruder remains extremely challenging. A hypervisor, also called a virtual machine manager, is a program that allows multiple operating systems (OS) to share a single hardware processor in Cloud Computing. One of the hypervisor's functions is to enforce access control policies. Furthermore, it prevents guest OS from disrupting each other and from accessing each other's memory or disk space. Hypervisor is the one of the most critical and vulnerable elements in Cloud Computing infrastructure. Nevertheless, it has been poorly protected from being compromised by insider. By exploiting certain vulnerabilities, privilege escalation can be easily achieved in insider attacks on hypervisor. In this way, an internal intruder, who has compromised one process, is able to gain control of the entire virtual machine. Thereafter, the consequences of insider attacks in Public Cloud might be more catastrophic and significant to virtual tools and sensitive data than of outsider attacks. So far, almost no preventive security countermeasures have been developed. There has been little attention paid for developing models to assist risks mitigation strategies. In this paper formal model of insider attacks on hypervisor is designed. Our analysis identifies critical hypervisor`s vulnerabilities that can be easily compromised by internal intruder. Consequently, possible conditions for successful attacks implementation are uncovered. Hence, development of preventive security countermeasures can be improved on the basis of the proposed model.

Keywords: insider attack, public cloud, cloud computing, hypervisor

Procedia PDF Downloads 361
554 Cryptocurrency Crime: Behaviors of Malicious Smart Contracts in Blockchain

Authors: Malaw Ndiaye, Karim Konate

Abstract:

Blockchain and smart contracts can be used to facilitate almost any financial transaction. Thanks to these smart contracts, the settlement of dividends and coupons could be automated. The blockchain would allow all these transactions to be saved in a single ledger rather than in many databases through many organizations as is currently the case. Smart contracts have become lucrative and profitable targets for attackers because they can hold a large amount of money. This paper takes stock of cryptocurrency crime by assessing attacks due to smart contracts and the cost of losses. These losses are often the result of two types of malicious contracts: vulnerable contracts and criminal smart contracts. Studying the behavior of malicious contracts allows us to understand the root causes and consequences of attacks and the defense capabilities that exist although they do not definitively solve the crime problem. It makes it possible to approach new defense perspectives which will be concretized in future work.

Keywords: blockchain, malicious smart contracts, crypto-currency, crimes, attacks

Procedia PDF Downloads 274
553 Data Security: An Enhancement of E-mail Security Algorithm to Secure Data Across State Owned Agencies

Authors: Lindelwa Mngomezulu, Tonderai Muchenje

Abstract:

Over the decades, E-mails provide easy, fast and timely communication enabling businesses and state owned agencies to communicate with their stakeholders and with their own employees in real-time. Moreover, since the launch of Microsoft office 365 and many other clouds based E-mail services, many businesses have been migrating from the on premises E-mail services to the cloud and more precisely since the beginning of the Covid-19 pandemic, there has been a significant increase of E-mails utilization, which then leads to the increase of cyber-attacks. In that regard, E-mail security has become very important in the E-mail transportation to ensure that the E-mail gets to the recipient without the data integrity being compromised. The classification of the features to enhance E-mail security for further from the enhanced cyber-attacks as we are aware that since the technology is advancing so at the cyber-attacks. Therefore, in order to maximize the data integrity we need to also maximize security of the E-mails such as enhanced E-mail authentication. The successful enhancement of E-mail security in the future may lessen the frequency of information thefts via E-mails, resulting in the data of South African State-owned agencies not being compromised.

Keywords: e-mail security, cyber-attacks, data integrity, authentication

Procedia PDF Downloads 136
552 Distributed Cyber Physical Secure Framework for DC Microgrids: DC Ship Power System Applications

Authors: Grace karimi Muriithi, Behnaz Papari, Ali Arsalan, Christopher Shannon Edrington

Abstract:

Complexity and nonlinearity of the control system design is increasing for DC microgrid applications when the cyber concept associated with the technology constraints will added to the picture. Controllers’ functionality during the critical operation mode is required to guaranteed specifically for a high profile applications such as NAVY DC ship power system (SPS) as an small-scaled DC microgrid. Thus, SPS is susceptible to cyber-attacks and, accordingly, can provide the disastrous effects. In this study, a machine learning (ML) approach is demonstrated to offer the promising performance of SPS for developing an effective and robust functionality over attacks time. Simulation results analysis demonstrate that the proposed method can improve the controllability successfully.

Keywords: controlability, cyber attacks, distribute control, machine learning

Procedia PDF Downloads 114
551 Classification of Attacks Over Cloud Environment

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed, Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: cloud computing, classification, risk, security

Procedia PDF Downloads 548
550 Clicking Based Graphical Password Scheme Resistant to Spyware

Authors: Bandar Alahmadi

Abstract:

The fact that people tend to remember pictures better than texts, motivates researchers to develop graphical passwords as an alternative to textual passwords. Graphical passwords as such were introduced as a possible alternative to traditional text passwords, in which users prove their identity by clicking on pictures rather than typing alphanumerical text. In this paper, we present a scheme for graphical passwords that are resistant to shoulder surfing attacks and spyware attacks. The proposed scheme introduces a clicking technique to chosen images. First, the users choose a set of images, the images are then included in a grid where users can click in the cells around each image, the location of the click and the number of clicks are saved. As a result, the proposed scheme can be safe from shoulder surface and spyware attacks.

Keywords: security, password, authentication, attack, applications

Procedia PDF Downloads 164
549 Cyber Attacks Management in IoT Networks Using Deep Learning and Edge Computing

Authors: Asmaa El Harat, Toumi Hicham, Youssef Baddi

Abstract:

This survey delves into the complex realm of Internet of Things (IoT) security, highlighting the urgent need for effective cybersecurity measures as IoT devices become increasingly common. It explores a wide array of cyber threats targeting IoT devices and focuses on mitigating these attacks through the combined use of deep learning and machine learning algorithms, as well as edge and cloud computing paradigms. The survey starts with an overview of the IoT landscape and the various types of attacks that IoT devices face. It then reviews key machine learning and deep learning algorithms employed in IoT cybersecurity, providing a detailed comparison to assist in selecting the most suitable algorithms. Finally, the survey provides valuable insights for cybersecurity professionals and researchers aiming to enhance security in the intricate world of IoT.

Keywords: internet of things (IoT), cybersecurity, machine learning, deep learning

Procedia PDF Downloads 31
548 Searching for Forensic Evidence in a Compromised Virtual Web Server against SQL Injection Attacks and PHP Web Shell

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 148
547 An Entropy Based Novel Algorithm for Internal Attack Detection in Wireless Sensor Network

Authors: Muhammad R. Ahmed, Mohammed Aseeri

Abstract:

Wireless Sensor Network (WSN) consists of low-cost and multi functional resources constrain nodes that communicate at short distances through wireless links. It is open media and underpinned by an application driven technology for information gathering and processing. It can be used for many different applications range from military implementation in the battlefield, environmental monitoring, health sector as well as emergency response of surveillance. With its nature and application scenario, security of WSN had drawn a great attention. It is known to be valuable to variety of attacks for the construction of nodes and distributed network infrastructure. In order to ensure its functionality especially in malicious environments, security mechanisms are essential. Malicious or internal attacker has gained prominence and poses the most challenging attacks to WSN. Many works have been done to secure WSN from internal attacks but most of it relay on either training data set or predefined threshold. Without a fixed security infrastructure a WSN needs to find the internal attacks is a challenge. In this paper we present an internal attack detection method based on maximum entropy model. The final experimental works showed that the proposed algorithm does work well at the designed level.

Keywords: internal attack, wireless sensor network, network security, entropy

Procedia PDF Downloads 455
546 Modeling Intelligent Threats: Case of Continuous Attacks on a Specific Target

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

In this paper, we treat a model that falls in the area of protecting targeted systems from intelligent threats including terrorism. We introduce the concept of system survivability, in the context of continuous attacks, as the probability that a system under attack will continue operation up to some fixed time t. We define a constant attack rate (CAR) process as an attack on a targeted system that follows an exponential distribution. We consider the superposition of several CAR processes. From the attacker side, we determine the optimal attack strategy that minimizes the system survivability. We also determine the optimal strengthening strategy that maximizes the system survivability under limited defensive resources. We use operations research techniques to identify optimal strategies of each antagonist. Our results may be used as interesting starting points to develop realistic protection strategies against intentional attacks.

Keywords: CAR processes, defense/attack strategies, exponential failure, survivability

Procedia PDF Downloads 395