Search results for: SQL injection attack classification
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 3498

Search results for: SQL injection attack classification

3498 A Pattern Recognition Neural Network Model for Detection and Classification of SQL Injection Attacks

Authors: Naghmeh Moradpoor Sheykhkanloo

Abstract:

Structured Query Language Injection (SQLI) attack is a code injection technique in which malicious SQL statements are inserted into a given SQL database by simply using a web browser. Losing data, disclosing confidential information or even changing the value of data are the severe damages that SQLI attack can cause on a given database. SQLI attack has also been rated as the number-one attack among top ten web application threats on Open Web Application Security Project (OWASP). OWASP is an open community dedicated to enabling organisations to consider, develop, obtain, function, and preserve applications that can be trusted. In this paper, we propose an effective pattern recognition neural network model for detection and classification of SQLI attacks. The proposed model is built from three main elements of: a Uniform Resource Locator (URL) generator in order to generate thousands of malicious and benign URLs, a URL classifier in order to: 1) classify each generated URL to either a benign URL or a malicious URL and 2) classify the malicious URLs into different SQLI attack categories, and an NN model in order to: 1) detect either a given URL is a malicious URL or a benign URL and 2) identify the type of SQLI attack for each malicious URL. The model is first trained and then evaluated by employing thousands of benign and malicious URLs. The results of the experiments are presented in order to demonstrate the effectiveness of the proposed approach.

Keywords: neural networks, pattern recognition, SQL injection attacks, SQL injection attack classification, SQL injection attack detection

Procedia PDF Downloads 424
3497 Searching for Forensic Evidence in a Compromised Virtual Web Server against SQL Injection Attacks and PHP Web Shell

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 108
3496 The Journey of a Malicious HTTP Request

Authors: M. Mansouri, P. Jaklitsch, E. Teiniker

Abstract:

SQL injection on web applications is a very popular kind of attack. There are mechanisms such as intrusion detection systems in order to detect this attack. These strategies often rely on techniques implemented at high layers of the application but do not consider the low level of system calls. The problem of only considering the high level perspective is that an attacker can circumvent the detection tools using certain techniques such as URL encoding. One technique currently used for detecting low-level attacks on privileged processes is the tracing of system calls. System calls act as a single gate to the Operating System (OS) kernel; they allow catching the critical data at an appropriate level of detail. Our basic assumption is that any type of application, be it a system service, utility program or Web application, “speaks” the language of system calls when having a conversation with the OS kernel. At this level we can see the actual attack while it is happening. We conduct an experiment in order to demonstrate the suitability of system call analysis for detecting SQL injection. We are able to detect the attack. Therefore we conclude that system calls are not only powerful in detecting low-level attacks but that they also enable us to detect high-level attacks such as SQL injection.

Keywords: Linux system calls, web attack detection, interception, SQL

Procedia PDF Downloads 310
3495 Induced Pulsation Attack Against Kalman Filter Driven Brushless DC Motor Control System

Authors: Yuri Boiko, Iluju Kiringa, Tet Yeap

Abstract:

We use modeling and simulation tools, to introduce a novel bias injection attack, named the ’Induced Pulsation Attack’, which targets Cyber Physical Systems with closed-loop controlled Brushless DC (BLDC) motor and Kalman filter driver in the feedback loop. This attack involves engaging a linear function with a constant gradient to distort the coefficient of the injected bias, which falsifies the Kalman filter estimates of the rotor’s angular speed. As a result, this manipulation interaction inside the control system causes periodic pulsations in a form of asymmetric sine wave of both current and voltage in the circuit windings, with a high magnitude. It is shown that by varying the gradient of linear function, one can control both the frequency and structure of the induced pulsations. It is also demonstrated that terminating the attack at any point leads to additional compensating effort from the controller to restore the speed to its equilibrium value. This compensation effort produces an exponentially decaying wave, which we call the ’attack withdrawal syndrome’ wave. The conditions for maximizing or minimizing the impact of the attack withdrawal syndrome are determined. Linking the termination of the attack to the end of the full period of the induced pulsation wave has been shown to nullify the attack withdrawal syndrome wave, thereby improving the attack’s covertness.

Keywords: cyber-attack, induced pulsation, bias injection, Kalman filter, BLDC motor, control system, closed loop, P- controller, PID-controller, saw-function, cyber-physical system

Procedia PDF Downloads 34
3494 Classification of Attacks Over Cloud Environment

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed, Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: cloud computing, classification, risk, security

Procedia PDF Downloads 496
3493 Achieving Better Security by Using Nonlinear Cellular Automata as a Cryptographic Primitive

Authors: Swapan Maiti, Dipanwita Roy Chowdhury

Abstract:

Nonlinear functions are essential in different cryptoprimitives as they play an important role on the security of the cipher designs. Rule 30 was identified as a powerful nonlinear function for cryptographic applications. However, an attack (MS attack) was mounted against Rule 30 Cellular Automata (CA). Nonlinear rules as well as maximum period CA increase randomness property. In this work, nonlinear rules of maximum period nonlinear hybrid CA (M-NHCA) are studied and it is shown to be a better crypto-primitive than Rule 30 CA. It has also been analysed that the M-NHCA with single nonlinearity injection proposed in the literature is vulnerable against MS attack, whereas M-NHCA with multiple nonlinearity injections provide maximum length cycle as well as better cryptographic primitives and they are also secure against MS attack.

Keywords: cellular automata, maximum period nonlinear CA, Meier and Staffelbach attack, nonlinear functions

Procedia PDF Downloads 272
3492 Current Drainage Attack Correction via Adjusting the Attacking Saw-Function Asymmetry

Authors: Yuri Boiko, Iluju Kiringa, Tet Yeap

Abstract:

Current drainage attack suggested previously is further studied in regular settings of closed-loop controlled Brushless DC (BLDC) motor with Kalman filter in the feedback loop. Modeling and simulation experiments are conducted in a Matlab environment, implementing the closed-loop control model of BLDC motor operation in position sensorless mode under Kalman filter drive. The current increase in the motor windings is caused by the controller (p-controller in our case) affected by false data injection of substitution of the angular velocity estimates with distorted values. Operation of multiplication to distortion coefficient, values of which are taken from the distortion function synchronized in its periodicity with the rotor’s position change. A saw function with a triangular tooth shape is studied herewith for the purpose of carrying out the bias injection with current drainage consequences. The specific focus here is on how the asymmetry of the tooth in the saw function affects the flow of current drainage. The purpose is two-fold: (i) to produce and collect the signature of an asymmetric saw in the attack for further pattern recognition process, and (ii) to determine conditions of improving stealthiness of such attack via regulating asymmetry in saw function used. It is found that modification of the symmetry in the saw tooth affects the periodicity of current drainage modulation. Specifically, the modulation frequency of the drained current for a fully asymmetric tooth shape coincides with the saw function modulation frequency itself. Increasing the symmetry parameter for the triangle tooth shape leads to an increase in the modulation frequency for the drained current. Moreover, such frequency reaches the switching frequency of the motor windings for fully symmetric triangular shapes, thus becoming undetectable and improving the stealthiness of the attack. Therefore, the collected signatures of the attack can serve for attack parameter identification via the pattern recognition route.

Keywords: bias injection attack, Kalman filter, BLDC motor, control system, closed loop, P-controller, PID-controller, current drainage, saw-function, asymmetry

Procedia PDF Downloads 38
3491 Adversarial Attacks and Defenses on Deep Neural Networks

Authors: Jonathan Sohn

Abstract:

Deep neural networks (DNNs) have shown state-of-the-art performance for many applications, including computer vision, natural language processing, and speech recognition. Recently, adversarial attacks have been studied in the context of deep neural networks, which aim to alter the results of deep neural networks by modifying the inputs slightly. For example, an adversarial attack on a DNN used for object detection can cause the DNN to miss certain objects. As a result, the reliability of DNNs is undermined by their lack of robustness against adversarial attacks, raising concerns about their use in safety-critical applications such as autonomous driving. In this paper, we focus on studying the adversarial attacks and defenses on DNNs for image classification. There are two types of adversarial attacks studied which are fast gradient sign method (FGSM) attack and projected gradient descent (PGD) attack. A DNN forms decision boundaries that separate the input images into different categories. The adversarial attack slightly alters the image to move over the decision boundary, causing the DNN to misclassify the image. FGSM attack obtains the gradient with respect to the image and updates the image once based on the gradients to cross the decision boundary. PGD attack, instead of taking one big step, repeatedly modifies the input image with multiple small steps. There is also another type of attack called the target attack. This adversarial attack is designed to make the machine classify an image to a class chosen by the attacker. We can defend against adversarial attacks by incorporating adversarial examples in training. Specifically, instead of training the neural network with clean examples, we can explicitly let the neural network learn from the adversarial examples. In our experiments, the digit recognition accuracy on the MNIST dataset drops from 97.81% to 39.50% and 34.01% when the DNN is attacked by FGSM and PGD attacks, respectively. If we utilize FGSM training as a defense method, the classification accuracy greatly improves from 39.50% to 92.31% for FGSM attacks and from 34.01% to 75.63% for PGD attacks. To further improve the classification accuracy under adversarial attacks, we can also use a stronger PGD training method. PGD training improves the accuracy by 2.7% under FGSM attacks and 18.4% under PGD attacks over FGSM training. It is worth mentioning that both FGSM and PGD training do not affect the accuracy of clean images. In summary, we find that PGD attacks can greatly degrade the performance of DNNs, and PGD training is a very effective way to defend against such attacks. PGD attacks and defence are overall significantly more effective than FGSM methods.

Keywords: deep neural network, adversarial attack, adversarial defense, adversarial machine learning

Procedia PDF Downloads 150
3490 WebAppShield: An Approach Exploiting Machine Learning to Detect SQLi Attacks in an Application Layer in Run-time

Authors: Ahmed Abdulla Ashlam, Atta Badii, Frederic Stahl

Abstract:

In recent years, SQL injection attacks have been identified as being prevalent against web applications. They affect network security and user data, which leads to a considerable loss of money and data every year. This paper presents the use of classification algorithms in machine learning using a method to classify the login data filtering inputs into "SQLi" or "Non-SQLi,” thus increasing the reliability and accuracy of results in terms of deciding whether an operation is an attack or a valid operation. A method Web-App auto-generated twin data structure replication. Shielding against SQLi attacks (WebAppShield) that verifies all users and prevents attackers (SQLi attacks) from entering and or accessing the database, which the machine learning module predicts as "Non-SQLi" has been developed. A special login form has been developed with a special instance of data validation; this verification process secures the web application from its early stages. The system has been tested and validated, up to 99% of SQLi attacks have been prevented.

Keywords: SQL injection, attacks, web application, accuracy, database

Procedia PDF Downloads 108
3489 Surface Pressure Distribution of a Flapped-Airfoil for Different Momentum Injection at the Leading Edge

Authors: Mohammad Mashud, S. M. Nahid Hasan

Abstract:

The aim of the research work is to modify the NACA 4215 airfoil with flap and rotary cylinder at the leading edge of the airfoil and experimentally study the static pressure distribution over the airfoil completed with flap and leading-edge vortex generator. In this research, NACA 4215 wing model has been constructed by generating the profile geometry using the standard equations and design software such as AutoCAD and SolidWorks. To perform the experiment, three wooden models are prepared and tested in subsonic wind tunnel. The experiments were carried out in various angles of attack. Flap angle and momentum injection rate are changed to observe the characteristics of pressure distribution. In this research, a new concept of flow separation control mechanism has been introduced to improve the aerodynamic characteristics of airfoil. Control of flow separation over airfoil which experiences a vortex generator (rotating cylinder) at the leading edge of airfoil is experimentally simulated under the effects of momentum injection. The experimental results show that the flow separation control is possible by the proposed mechanism, and benefits can be achieved by momentum injection technique. The wing performance is significantly improved due to control of flow separation by momentum injection method.

Keywords: airfoil, momentum injection, flap, pressure distribution

Procedia PDF Downloads 104
3488 A Reasoning Method of Cyber-Attack Attribution Based on Threat Intelligence

Authors: Li Qiang, Yang Ze-Ming, Liu Bao-Xu, Jiang Zheng-Wei

Abstract:

With the increasing complexity of cyberspace security, the cyber-attack attribution has become an important challenge of the security protection systems. The difficult points of cyber-attack attribution were forced on the problems of huge data handling and key data missing. According to this situation, this paper presented a reasoning method of cyber-attack attribution based on threat intelligence. The method utilizes the intrusion kill chain model and Bayesian network to build attack chain and evidence chain of cyber-attack on threat intelligence platform through data calculation, analysis and reasoning. Then, we used a number of cyber-attack events which we have observed and analyzed to test the reasoning method and demo system, the result of testing indicates that the reasoning method can provide certain help in cyber-attack attribution.

Keywords: reasoning, Bayesian networks, cyber-attack attribution, Kill Chain, threat intelligence

Procedia PDF Downloads 400
3487 Field Scale Simulation Study of Miscible Water Alternating CO2 Injection Process in Fractured Reservoirs

Authors: Hooman Fallah

Abstract:

Vast amounts of world oil reservoirs are in natural fractured reservoirs. There are different methods for increasing recovery from fractured reservoirs. Miscible injection of water alternating CO2 is a good choice among this methods. In this method, water and CO2 slugs are injected alternatively in reservoir as miscible agent into reservoir. This paper studies water injection scenario and miscible injection of water and CO2 in a two dimensional, inhomogeneous fractured reservoir. The results show that miscible water alternating CO2¬ gas injection leads to 3.95% increase in final oil recovery and total water production decrease of 3.89% comparing to water injection scenario.

Keywords: simulation study, CO2, water alternating gas injection, fractured reservoirs

Procedia PDF Downloads 249
3486 Evaluating the effects of Gas Injection on Enhanced Gas-Condensate Recovery and Reservoir Pressure Maintenance

Authors: F. S. Alavi, D. Mowla, F. Esmaeilzadeh

Abstract:

In this paper, the Eclipse 300 simulator was used to perform compositional modeling of gas injection process for enhanced condensate recovery of a real gas condensate well in south of Iran here referred to as SA4. Some experimental data were used to tune the Peng-Robinson equation of state for this case. Different scenarios of gas injection at current reservoir pressure and at abandonment reservoir pressure had been considered with different gas compositions. Methane, carbon dioxide, nitrogen and two other gases with specified compositions were considered as potential gases for injection. According to the obtained results, nitrogen leads to highest pressure maintenance in the reservoir but methane results in highest condensate recovery among the selected injection gases. At low injection rates, condensate recovery percent is strongly affected by gas injection rate but this dependency shifts to zero at high injection rates. Condensate recovery is higher in all cases of injection at current reservoir pressure than injection at abandonment pressure. Using a constant injection rate, increasing the production well bottom hole pressure results in increasing the condensate recovery percent and time of gas breakthrough.

Keywords: gas-condensate reservoir, case-study, compositional modelling, enhanced condensate recovery, gas injection

Procedia PDF Downloads 154
3485 Evaluating Classification with Efficacy Metrics

Authors: Guofan Shao, Lina Tang, Hao Zhang

Abstract:

The values of image classification accuracy are affected by class size distributions and classification schemes, making it difficult to compare the performance of classification algorithms across different remote sensing data sources and classification systems. Based on the term efficacy from medicine and pharmacology, we have developed the metrics of image classification efficacy at the map and class levels. The novelty of this approach is that a baseline classification is involved in computing image classification efficacies so that the effects of class statistics are reduced. Furthermore, the image classification efficacies are interpretable and comparable, and thus, strengthen the assessment of image data classification methods. We use real-world and hypothetical examples to explain the use of image classification efficacies. The metrics of image classification efficacy meet the critical need to rectify the strategy for the assessment of image classification performance as image classification methods are becoming more diversified.

Keywords: accuracy assessment, efficacy, image classification, machine learning, uncertainty

Procedia PDF Downloads 168
3484 Mathematical Based Forecasting of Heart Attack

Authors: Razieh Khalafi

Abstract:

Myocardial infarction (MI) or acute myocardial infarction (AMI), commonly known as a heart attack, occurs when blood flow stops to part of the heart causing damage to the heart muscle. An ECG can often show evidence of a previous heart attack or one that's in progress. The patterns on the ECG may indicate which part of your heart has been damaged, as well as the extent of the damage. In chaos theory, the correlation dimension is a measure of the dimensionality of the space occupied by a set of random points, often referred to as a type of fractal dimension. In this research by considering ECG signal as a random walk we work on forecasting the oncoming heart attack by analyzing the ECG signals using the correlation dimension. In order to test the model a set of ECG signals for patients before and after heart attack was used and the strength of model for forecasting the behavior of these signals were checked. Results shows this methodology can forecast the ECG and accordingly heart attack with high accuracy.

Keywords: heart attack, ECG, random walk, correlation dimension, forecasting

Procedia PDF Downloads 496
3483 Experimental and Theoretical Study of Melt Viscosity in Injection Process

Authors: Chung-Chih Lin, Wen-Teng Wang, Chin-Chiuan Kuo, Chieh-Liang Wu

Abstract:

The state of melt viscosity in injection process is significantly influenced by the setting parameters due to that the shear rate of injection process is higher than other processes. How to determine plastic melt viscosity during injection process is important to understand the influence of setting parameters on the melt viscosity. An apparatus named as pressure sensor bushing (PSB) module that is used to evaluate the melt viscosity during injection process is developed in this work. The formulations to coupling melt viscosity with fill time and injection pressure are derived and then the melt viscosity is determined. A test mold is prepared to evaluate the accuracy on viscosity calculations between the PSB module and the conventional approaches. The influence of melt viscosity on the tensile strength of molded part is proposed to study the consistency of injection quality.

Keywords: injection molding, melt viscosity, tensile test, pressure sensor bushing (PSB)

Procedia PDF Downloads 431
3482 Laboratory Investigation of Alkali-Surfactant-Alternate Gas (ASAG) Injection – a Novel EOR Process for a Light Oil Sandstone Reservoir

Authors: Vidit Mohan, Ashwin P. Ramesh, Anirudh Toshniwal

Abstract:

Alkali-Surfactant-Alternate-Gas(ASAG) injection, a novel EOR process has the potential to improve displacement efficiency over Surfactant-Alternate-Gas(SAG) by addressing the problem of surfactant adsorption by clay minerals in rock matrix. A detailed laboratory investigation on ASAG injection process was carried out with encouraging results. To further enhance recovery over WAG injection process, SAG injection was investigated at laboratory scale. SAG injection yielded marginal incremental displacement efficiency over WAG process. On investigation, it was found that, clay minerals in rock matrix adsorbed the surfactants and were detrimental for SAG process. Hence, ASAG injection was conceptualized using alkali as a clay stabilizer. The experiment of ASAG injection with surfactant concentration of 5000 ppm and alkali concentration of 0.5 weight% yields incremental displacement efficiency of 5.42% over WAG process. The ASAG injection is a new process and has potential to enhance efficiency of WAG/SAG injection process.

Keywords: alkali surfactant alternate gas (ASAG), surfactant alternate gas (SAG), laboratory investigation, EOR process

Procedia PDF Downloads 436
3481 A New Mathematical Method for Heart Attack Forecasting

Authors: Razi Khalafi

Abstract:

Myocardial Infarction (MI) or acute Myocardial Infarction (AMI), commonly known as a heart attack, occurs when blood flow stops to part of the heart causing damage to the heart muscle. An ECG can often show evidence of a previous heart attack or one that's in progress. The patterns on the ECG may indicate which part of your heart has been damaged, as well as the extent of the damage. In chaos theory, the correlation dimension is a measure of the dimensionality of the space occupied by a set of random points, often referred to as a type of fractal dimension. In this research by considering ECG signal as a random walk we work on forecasting the oncoming heart attack by analysing the ECG signals using the correlation dimension. In order to test the model a set of ECG signals for patients before and after heart attack was used and the strength of model for forecasting the behaviour of these signals were checked. Results show this methodology can forecast the ECG and accordingly heart attack with high accuracy.

Keywords: heart attack, ECG, random walk, correlation dimension, forecasting

Procedia PDF Downloads 455
3480 Reservoir Fluids: Occurrence, Classification, and Modeling

Authors: Ahmed El-Banbi

Abstract:

Several PVT models exist to represent how PVT properties are handled in sub-surface and surface engineering calculations for oil and gas production. The most commonly used models include black oil, modified black oil (MBO), and compositional models. These models are used in calculations that allow engineers to optimize and forecast well and reservoir performance (e.g., reservoir simulation calculations, material balance, nodal analysis, surface facilities, etc.). The choice of which model is dependent on fluid type and the production process (e.g., depletion, water injection, gas injection, etc.). Based on close to 2,000 reservoir fluid samples collected from different basins and locations, this paper presents some conclusions on the occurrence of reservoir fluids. It also reviews the common methods used to classify reservoir fluid types. Based on new criteria related to the production behavior of different fluids and economic considerations, an updated classification of reservoir fluid types is presented in the paper. Recommendations on the use of different PVT models to simulate the behavior of different reservoir fluid types are discussed. Each PVT model requirement is highlighted. Available methods for the calculation of PVT properties from each model are also discussed. Practical recommendations and tips on how to control the calculations to achieve the most accurate results are given.

Keywords: PVT models, fluid types, PVT properties, fluids classification

Procedia PDF Downloads 28
3479 Intelligent System for Diagnosis Heart Attack Using Neural Network

Authors: Oluwaponmile David Alao

Abstract:

Misdiagnosis has been the major problem in health sector. Heart attack has been one of diseases that have high level of misdiagnosis recorded on the part of physicians. In this paper, an intelligent system has been developed for diagnosis of heart attack in the health sector. Dataset of heart attack obtained from UCI repository has been used. This dataset is made up of thirteen attributes which are very vital in diagnosis of heart disease. The system is developed on the multilayer perceptron trained with back propagation neural network then simulated with feed forward neural network and a recognition rate of 87% was obtained which is a good result for diagnosis of heart attack in medical field.

Keywords: heart attack, artificial neural network, diagnosis, intelligent system

Procedia PDF Downloads 613
3478 Effect of Intraperitoneal Administration of Ghrelin on Serum Glucose and Insulin Levels in Turkey

Authors: Habib Aghdam Shahryar

Abstract:

The aim of the present study was investigation on the effect of intraperipheral (IP) injection of ghrelin on serum insulin and glucose levels in native turkey. Seventy-two 28 day (d)-old native turkey were assigned into three treatments and four replicate for 40 days experimental rearing period: group 1, intact without any injection, group 2, injected 50 ng ghrelin/kg body weight (BW), and group 3, injected 100 ng ghrelin/kg BW. Intraperitoneal injection of rat ghrelin was conducted on d 28 and before the onset of the experimental rearing period. Blood samples were taken 12 hr after injection and 40 days after injection. The result showed glucose concentrations have been affected by administered ghrelin and significant between groups (P<0.01). Injection of ghrelin at G 100 increased glucose level of serum in 12 hr after injection and 40 days after injection (276.6 and 260.0 mg/dl, respectively). Also, by increasing the dose of injected ghrelin, insulin levels than the control group showed an increase (P < 0.001). This study suggests roles of ghrelin in serum biochemical regulation may show a different effect of ghrelin on blood parameters in avian species.

Keywords: ghrelin injection, insulin, glucose, turkey

Procedia PDF Downloads 440
3477 Non-Targeted Adversarial Image Classification Attack-Region Modification Methods

Authors: Bandar Alahmadi, Lethia Jackson

Abstract:

Machine Learning model is used today in many real-life applications. The safety and security of such model is important, so the results of the model are as accurate as possible. One challenge of machine learning model security is the adversarial examples attack. Adversarial examples are designed by the attacker to cause the machine learning model to misclassify the input. We propose a method to generate adversarial examples to attack image classifiers. We are modifying the successfully classified images, so a classifier misclassifies them after the modification. In our method, we do not update the whole image, but instead we detect the important region, modify it, place it back to the original image, and then run it through a classifier. The algorithm modifies the detected region using two methods. First, it will add abstract image matrix on back of the detected image matrix. Then, it will perform a rotation attack to rotate the detected region around its axes, and embed the trace of image in image background. Finally, the attacked region is placed in its original position, from where it was removed, and a smoothing filter is applied to smooth the background with foreground. We test our method in cascade classifier, and the algorithm is efficient, the classifier confident has dropped to almost zero. We also try it in CNN (Convolutional neural network) with higher setting and the algorithm was successfully worked.

Keywords: adversarial examples, attack, computer vision, image processing

Procedia PDF Downloads 298
3476 Reliable and Energy-Aware Data Forwarding under Sink-Hole Attack in Wireless Sensor Networks

Authors: Ebrahim Alrashed

Abstract:

Wireless sensor networks are vulnerable to attacks from adversaries attempting to disrupt their operations. Sink-hole attacks are a type of attack where an adversary node drops data forwarded through it and hence affecting the reliability and accuracy of the network. Since sensor nodes have limited battery power, it is essential that any solution to the sinkhole attack problem be very energy-aware. In this paper, we present a reliable and energy efficient scheme to forward data from source nodes to the base station while under sink-hole attack. The scheme also detects sink-hole attack nodes and avoid paths that includes them.

Keywords: energy-aware routing, reliability, sink-hole attack, WSN

Procedia PDF Downloads 356
3475 Water Injection in One of the Southern Iranian Oil Field, a Case Study

Authors: Hooman Fallah

Abstract:

Seawater injection and produced water re-injection are presently the most commonly used approach to enhanced recovery. The dominant factors for total oil recovery are the reservoir temperature, reservoir pressure, crude oil and water composition. In this study, the production under water injection in Soroosh, one of the southern Iranian heavy oil field has been simulated (the fluid properties are focused). In order to reveal the dominant factors in this production process, the sensitivity analysis has been done for the following effective factors, fluid viscosity, initial water saturation, gravity force and injection well strategy. It is crystal clear that the study of the dominant factors in production processes will help the engineers to design the best production mechanisms in our numerous hydrocarbon reservoirs.

Keywords: water injection, initial water saturation, oil viscosity, gravity force, injection well strategy

Procedia PDF Downloads 369
3474 Non-Targeted Adversarial Object Detection Attack: Fast Gradient Sign Method

Authors: Bandar Alahmadi, Manohar Mareboyana, Lethia Jackson

Abstract:

Today, there are many applications that are using computer vision models, such as face recognition, image classification, and object detection. The accuracy of these models is very important for the performance of these applications. One challenge that facing the computer vision models is the adversarial examples attack. In computer vision, the adversarial example is an image that is intentionally designed to cause the machine learning model to misclassify it. One of very well-known method that is used to attack the Convolution Neural Network (CNN) is Fast Gradient Sign Method (FGSM). The goal of this method is to find the perturbation that can fool the CNN using the gradient of the cost function of CNN. In this paper, we introduce a novel model that can attack Regional-Convolution Neural Network (R-CNN) that use FGSM. We first extract the regions that are detected by R-CNN, and then we resize these regions into the size of regular images. Then, we find the best perturbation of the regions that can fool CNN using FGSM. Next, we add the resulted perturbation to the attacked region to get a new region image that looks similar to the original image to human eyes. Finally, we placed the regions back to the original image and test the R-CNN with the attacked images. Our model could drop the accuracy of the R-CNN when we tested with Pascal VOC 2012 dataset.

Keywords: adversarial examples, attack, computer vision, image processing

Procedia PDF Downloads 148
3473 An Attack on the Lucas Based El-Gamal Cryptosystem in the Elliptic Curve Group Over Finite Field Using Greater Common Divisor

Authors: Lee Feng Koo, Tze Jin Wong, Pang Hung Yiu, Nik Mohd Asri Nik Long

Abstract:

Greater common divisor (GCD) attack is an attack that relies on the polynomial structure of the cryptosystem. This attack required two plaintexts differ from a fixed number and encrypted under same modulus. This paper reports a security reaction of Lucas Based El-Gamal Cryptosystem in the Elliptic Curve group over finite field under GCD attack. Lucas Based El-Gamal Cryptosystem in the Elliptic Curve group over finite field was exposed mathematically to the GCD attack using GCD and Dickson polynomial. The result shows that the cryptanalyst is able to get the plaintext without decryption by using GCD attack. Thus, the study concluded that it is highly perilous when two plaintexts have a slight difference from a fixed number in the same Elliptic curve group over finite field.

Keywords: decryption, encryption, elliptic curve, greater common divisor

Procedia PDF Downloads 206
3472 Cross Site Scripting (XSS) Attack and Automatic Detection Technology Research

Authors: Tao Feng, Wei-Wei Zhang, Chang-Ming Ding

Abstract:

Cross-site scripting (XSS) is one of the most popular WEB Attacking methods at present, and also one of the most risky web attacks. Because of the population of JavaScript, the scene of the cross site scripting attack is also gradually expanded. However, since the web application developers tend to only focus on functional testing and lack the awareness of the XSS, which has made the on-line web projects exist many XSS vulnerabilities. In this paper, different various techniques of XSS attack are analyzed, and a method automatically to detect it is proposed. It is easy to check the results of vulnerability detection when running it as a plug-in.

Keywords: XSS, no target attack platform, automatic detection,XSS detection

Procedia PDF Downloads 361
3471 Cryptographic Attack on Lucas Based Cryptosystems Using Chinese Remainder Theorem

Authors: Tze Jin Wong, Lee Feng Koo, Pang Hung Yiu

Abstract:

Lenstra’s attack uses Chinese remainder theorem as a tool and requires a faulty signature to be successful. This paper reports on the security responses of fourth and sixth order Lucas based (LUC4,6) cryptosystem under the Lenstra’s attack as compared to the other two Lucas based cryptosystems such as LUC and LUC3 cryptosystems. All the Lucas based cryptosystems were exposed mathematically to the Lenstra’s attack using Chinese Remainder Theorem and Dickson polynomial. Result shows that the possibility for successful Lenstra’s attack is less against LUC4,6 cryptosystem than LUC3 and LUC cryptosystems. Current study concludes that LUC4,6 cryptosystem is more secure than LUC and LUC3 cryptosystems in sustaining against Lenstra’s attack.

Keywords: Lucas sequence, Dickson polynomial, faulty signature, corresponding signature, congruence

Procedia PDF Downloads 121
3470 Effects of Injector Nozzle Geometry on Spray Atomization Characteristics

Authors: Arya Pirooz

Abstract:

Air and fuel must be mixed correctly so that there is perfect combustion, which calls for fuel atomization by injection. In this study, the effects of different parameters such as number of orifices, length and diameter of orifices, diameter of nozzle sac and the angle of needle seat in injectors were investigated with the use of rate of injection and sac pressure. The unit pump of the OM-457 diesel engine was modelled on Avl-Hydsim. The results illustrate that the sac pressure decreased by 46% when the number of holes were doubled, although the rate of injection had an immense change. Also, the sac pressure increased up to 60% when the diameter of orifices decreased by 40% in spite of the semi-constant injection rate.

Keywords: injection, OM-457 engine, nozzle geometry, atomization

Procedia PDF Downloads 463
3469 Experimental Investigation of Compressed Natural Gas Injector for Direct Injection System

Authors: Rafal Sochaczewski, Grzegorz Baranski, Adam Majczak

Abstract:

This paper presents the bench research results on a CNG injector at steady state. The quantities measured included voltage and current in a solenoid, pressure of gas behind an injector and injector’s flow rate. Accordingly, injector’s operation parameters were determined according to needle’s lift and injection pressure. The discrepancies between the theoretical (electric) and actual time of injection were defined to specify injector’s opening and closing lag times and the uniqueness of these values in successive cycles of gas injection. It has been demonstrated that needle’s lift has got a stronger impact on injector’s operating parameters than injection pressure. With increasing injection pressure, the force increases and closes an injection valve, which adversely affects uniqueness of injector’s operation. The paper also describes the concept of an injector dedicated to direct CNG injection into a combustion chamber in a dual-fuel engine. The injector’s design enables us to replace 80% of diesel fuel in a dual-fuel engine with a maximum power of 85 kW. Minimum injection pressure is 1,4 MPa then. Simultaneously, injector’s characteristics for varied needle’s lifts and injector’s nonlinear operating points were developed. Acknowledgement: This work has been financed by the Polish National Centre for Research and Development, under Grant Agreement No. PBS1/A6/4/2012.

Keywords: CNG injector, diesel engine, direct injection, dual fuel

Procedia PDF Downloads 241