Search results for: network attack
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 5047

Search results for: network attack

5017 Non-Targeted Adversarial Image Classification Attack-Region Modification Methods

Authors: Bandar Alahmadi, Lethia Jackson

Abstract:

Machine Learning model is used today in many real-life applications. The safety and security of such model is important, so the results of the model are as accurate as possible. One challenge of machine learning model security is the adversarial examples attack. Adversarial examples are designed by the attacker to cause the machine learning model to misclassify the input. We propose a method to generate adversarial examples to attack image classifiers. We are modifying the successfully classified images, so a classifier misclassifies them after the modification. In our method, we do not update the whole image, but instead we detect the important region, modify it, place it back to the original image, and then run it through a classifier. The algorithm modifies the detected region using two methods. First, it will add abstract image matrix on back of the detected image matrix. Then, it will perform a rotation attack to rotate the detected region around its axes, and embed the trace of image in image background. Finally, the attacked region is placed in its original position, from where it was removed, and a smoothing filter is applied to smooth the background with foreground. We test our method in cascade classifier, and the algorithm is efficient, the classifier confident has dropped to almost zero. We also try it in CNN (Convolutional neural network) with higher setting and the algorithm was successfully worked.

Keywords: adversarial examples, attack, computer vision, image processing

Procedia PDF Downloads 298
5016 Parallel Hybrid Honeypot and IDS Architecture to Detect Network Attacks

Authors: Hafiz Gulfam Ahmad, Chuangdong Li, Zeeshan Ahmad

Abstract:

In this paper, we proposed a parallel IDS and honeypot based approach to detect and analyze the unknown and known attack taxonomy for improving the IDS performance and protecting the network from intruders. The main theme of our approach is to record and analyze the intruder activities by using both the low and high interaction honeypots. Our architecture aims to achieve the required goals by combing signature based IDS, honeypots and generate the new signatures. The paper describes the basic component, design and implementation of this approach and also demonstrates the effectiveness of this approach reducing the probability of network attacks.

Keywords: network security, intrusion detection, honeypot, snort, nmap

Procedia PDF Downloads 514
5015 Implementation of the Interlock Protocol to Enhance Security in Unmanned Aerial Vehicles

Authors: Vikram Prabhu, Mohammad Shikh Bahaei

Abstract:

This paper depicts the implementation of a new infallible technique to protect an Unmanned Aerial Vehicle from cyber-attacks. An Unmanned Aerial Vehicle (UAV) could be vulnerable to cyber-attacks because of jammers or eavesdroppers over the network which pose as a threat to the security of the UAV. In the field of network security, there are quite a few protocols which can be used to establish a secure connection between UAVs and their Operators. In this paper, we discuss how the Interlock Protocol could be implemented to foil the Man-in-the-Middle Attack. In this case, Wireshark has been used as the sniffer (man-in-the-middle). This paper also shows a comparison between the Interlock Protocol and the TCP Protocols using cryptcat and netcat and at the same time highlights why the Interlock Protocol is the most efficient security protocol to prevent eavesdropping over the communication channel.

Keywords: interlock protocol, Diffie-Hellman algorithm, unmanned aerial vehicles, control station, man-in-the-middle attack, Wireshark

Procedia PDF Downloads 268
5014 A Game of Information in Defense/Attack Strategies: Case of Poisson Attacks

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

In this paper, we briefly introduce the concept of Poisson attacks in the case of defense/attack strategies where attacks are assumed to be continuous. We suggest a game model in which the attacker will combine both criteria of a sufficient confidence level of a successful attack and a reasonably small size of the estimation error in order to launch an attack. Here, estimation error arises from assessing the system failure upon attack using aggregate data at the system level. The corresponding error is referred to as aggregation error. On the other hand, the defender will attempt to deter attack by making one or both criteria inapplicable. The defender will build his/her strategy by both strengthening the targeted system and increasing the size of error. We will formulate the defender problem based on appropriate optimization models. The attacker will opt for a Bayesian updating in assessing the impact on the improvement made by the defender. Then, the attacker will evaluate the feasibility of the attack before making the decision of whether or not to launch it. We will provide illustrations to better explain the process.

Keywords: attacker, defender, game theory, information

Procedia PDF Downloads 420
5013 Analysis of the Impact of Suez Canal on the Robustness of Global Shipping Networks

Authors: Zimu Li, Zheng Wan

Abstract:

The Suez Canal plays an important role in global shipping networks and is one of the most frequently used waterways in the world. The 2021 canal obstruction by ship Ever Given in March 2021, however, completed blocked the Suez Canal for a week and caused significant disruption to world trade. Therefore, it is very important to quantitatively analyze the impact of the accident on the robustness of the global shipping network. However, the current research on maritime transportation networks is usually limited to local or small-scale networks in a certain region. Based on the complex network theory, this study establishes a global shipping complex network covering 2713 nodes and 137830 edges by using the real trajectory data of the global marine transport ship automatic identification system in 2018. At the same time, two attack modes, deliberate (Suez Canal Blocking) and random, are defined to calculate the changes in network node degree, eccentricity, clustering coefficient, network density, network isolated nodes, betweenness centrality, and closeness centrality under the two attack modes, and quantitatively analyze the actual impact of Suez Canal Blocking on the robustness of global shipping network. The results of the network robustness analysis show that Suez Canal blocking was more destructive to the shipping network than random attacks of the same scale. The network connectivity and accessibility decreased significantly, and the decline decreased with the distance between the port and the canal, showing the phenomenon of distance attenuation. This study further analyzes the impact of the blocking of the Suez Canal on Chinese ports and finds that the blocking of the Suez Canal significantly interferes withChina's shipping network and seriously affects China's normal trade activities. Finally, the impact of the global supply chain is analyzed, and it is found that blocking the canal will seriously damage the normal operation of the global supply chain.

Keywords: global shipping networks, ship AIS trajectory data, main channel, complex network, eigenvalue change

Procedia PDF Downloads 123
5012 11-Round Impossible Differential Attack on Midori64

Authors: Zhan Chen, Wenquan Bi

Abstract:

This paper focuses on examining the strength of Midori against impossible differential attack. The Midori family of light weight block cipher orienting to energy-efficiency is proposed in ASIACRYPT2015. Using a 6-round property, the authors implement an 11-round impossible differential attack on Midori64 by extending two rounds on the top and three rounds on the bottom. There is enough key space to consider pre-whitening keys in this attack. An impossible differential path that minimises the key bits involved is used to reduce computational complexity. Several additional observations such as partial abort technique are used to further reduce data and time complexities. This attack has data complexity of 2 ⁶⁹·² chosen plaintexts, requires 2 ¹⁴·⁵⁸ blocks of memory and 2 ⁹⁴·⁷ 11- round Midori64 encryptions.

Keywords: cryptanalysis, impossible differential, light weight block cipher, Midori

Procedia PDF Downloads 243
5011 External Sulphate Attack: Advanced Testing and Performance Specifications

Authors: G. Massaad, E. Roziere, A. Loukili, L. Izoret

Abstract:

Based on the monitoring of mass, hydrostatic weighing, and the amount of leached OH- we deduced the nature of leached and precipitated minerals, the amount of lost aggregates and the evolution of porosity and cracking during the sulphate attack. Using these information, we are able to draw the volume / mass changes brought by mineralogical variations and cracking of the cement matrix. Then we defined a new performance indicator, the averaged density, capable to resume along the test of sulphate attack the occurred physicochemical variation occurred in the cementitious matrix and then highlight.

Keywords: monitoring strategy, performance indicator, sulphate attack, mechanism of degradation

Procedia PDF Downloads 282
5010 BFDD-S: Big Data Framework to Detect and Mitigate DDoS Attack in SDN Network

Authors: Amirreza Fazely Hamedani, Muzzamil Aziz, Philipp Wieder, Ramin Yahyapour

Abstract:

Software-defined networking in recent years came into the sight of so many network designers as a successor to the traditional networking. Unlike traditional networks where control and data planes engage together within a single device in the network infrastructure such as switches and routers, the two planes are kept separated in software-defined networks (SDNs). All critical decisions about packet routing are made on the network controller, and the data level devices forward the packets based on these decisions. This type of network is vulnerable to DDoS attacks, degrading the overall functioning and performance of the network by continuously injecting the fake flows into it. This increases substantial burden on the controller side, and the result ultimately leads to the inaccessibility of the controller and the lack of network service to the legitimate users. Thus, the protection of this novel network architecture against denial of service attacks is essential. In the world of cybersecurity, attacks and new threats emerge every day. It is essential to have tools capable of managing and analyzing all this new information to detect possible attacks in real-time. These tools should provide a comprehensive solution to automatically detect, predict and prevent abnormalities in the network. Big data encompasses a wide range of studies, but it mainly refers to the massive amounts of structured and unstructured data that organizations deal with on a regular basis. On the other hand, it regards not only the volume of the data; but also that how data-driven information can be used to enhance decision-making processes, security, and the overall efficiency of a business. This paper presents an intelligent big data framework as a solution to handle illegitimate traffic burden on the SDN network created by the numerous DDoS attacks. The framework entails an efficient defence and monitoring mechanism against DDoS attacks by employing the state of the art machine learning techniques.

Keywords: apache spark, apache kafka, big data, DDoS attack, machine learning, SDN network

Procedia PDF Downloads 131
5009 A Survey on Countermeasures of Cache-Timing Attack on AES Systems

Authors: Settana M. Abdulh, Naila A. Sadalla, Yaseen H. Taha, Howaida Elshoush

Abstract:

Side channel attacks are based on side channel information, which is information that is leaked from encryption systems. This includes timing information, power consumption as well as electromagnetic or even sound leaking which can exploited by an attacker. Implementing side channel attacks are possible if and only if an attacker has access to a cryptosystem. In this case, the attacker can exploit bad implementation in software or hardware which is not controlled by encryption implementer. Thus, he/she will represent a real threat to the security system. Several countermeasures have been proposed to eliminate side channel information vulnerability.Cache timing attack is a special type of side channel attack. Here, timing information is collected and analyzed by an attacker to guess sensitive information such as encryption key or plaintext. This paper reviews the technique applied in this attack and surveys the countermeasures against it, evaluating the feasibility and usability of each. Based on this evaluation, finally we pose several recommendations about using these countermeasures.

Keywords: AES algorithm, side channel attack, cache timing attack, cache timing countermeasure

Procedia PDF Downloads 259
5008 Achieving Better Security by Using Nonlinear Cellular Automata as a Cryptographic Primitive

Authors: Swapan Maiti, Dipanwita Roy Chowdhury

Abstract:

Nonlinear functions are essential in different cryptoprimitives as they play an important role on the security of the cipher designs. Rule 30 was identified as a powerful nonlinear function for cryptographic applications. However, an attack (MS attack) was mounted against Rule 30 Cellular Automata (CA). Nonlinear rules as well as maximum period CA increase randomness property. In this work, nonlinear rules of maximum period nonlinear hybrid CA (M-NHCA) are studied and it is shown to be a better crypto-primitive than Rule 30 CA. It has also been analysed that the M-NHCA with single nonlinearity injection proposed in the literature is vulnerable against MS attack, whereas M-NHCA with multiple nonlinearity injections provide maximum length cycle as well as better cryptographic primitives and they are also secure against MS attack.

Keywords: cellular automata, maximum period nonlinear CA, Meier and Staffelbach attack, nonlinear functions

Procedia PDF Downloads 272
5007 Public Wi-Fi Security Threat Evil Twin Attack Detection Based on Signal Variant and Hop Count

Authors: Said Abdul Ahad Ahadi, Elyas Baray, Nitin Rakesh, Sudeep Varshney

Abstract:

Wi-Fi is a widely used internet source that is used to provide internet access in many areas such as Stores, Cafes, University campuses, Restaurants and so on. This technology brought more facilities in communication and networking. On the other hand, due to the transmission of data over the air, which makes the network vulnerable, so it becomes prone to various threats such as Evil Twin and etc. The Evil Twin is a kind of adversary which impersonates a legitimate access point (LAP) as it can happen by spoofing the name (SSID) and MAC address (BSSID) of a legitimate access point (LAP). And this attack can cause many threats such as MITM, Service Interruption, Access point service blocking. Various Evil Twin Attack Detection Techniques are proposed, but they require additional hardware, or they require protocol modification. In this paper, we proposed a new technique based on Access Point’s two fingerprints, Received Signal Strength Indicator (RSSI) and Hop Count, that is hard to copy by an adversary. And we implemented the technique in a system called “ETDetector,” which can detect and prevent the attack.

Keywords: evil twin, LAP, SSID, Wi-Fi security, signal variation, ETAD, kali linux, scapy, python

Procedia PDF Downloads 111
5006 Malware Beaconing Detection by Mining Large-scale DNS Logs for Targeted Attack Identification

Authors: Andrii Shalaginov, Katrin Franke, Xiongwei Huang

Abstract:

One of the leading problems in Cyber Security today is the emergence of targeted attacks conducted by adversaries with access to sophisticated tools. These attacks usually steal senior level employee system privileges, in order to gain unauthorized access to confidential knowledge and valuable intellectual property. Malware used for initial compromise of the systems are sophisticated and may target zero-day vulnerabilities. In this work we utilize common behaviour of malware called ”beacon”, which implies that infected hosts communicate to Command and Control servers at regular intervals that have relatively small time variations. By analysing such beacon activity through passive network monitoring, it is possible to detect potential malware infections. So, we focus on time gaps as indicators of possible C2 activity in targeted enterprise networks. We represent DNS log files as a graph, whose vertices are destination domains and edges are timestamps. Then by using four periodicity detection algorithms for each pair of internal-external communications, we check timestamp sequences to identify the beacon activities. Finally, based on the graph structure, we infer the existence of other infected hosts and malicious domains enrolled in the attack activities.

Keywords: malware detection, network security, targeted attack, computational intelligence

Procedia PDF Downloads 214
5005 Attack Redirection and Detection using Honeypots

Authors: Chowduru Ramachandra Sharma, Shatunjay Rawat

Abstract:

A false positive state is when the IDS/IPS identifies an activity as an attack, but the activity is acceptable behavior in the system. False positives in a Network Intrusion Detection System ( NIDS ) is an issue because they desensitize the administrator. It wastes computational power and valuable resources when rules are not tuned properly, which is the main issue with anomaly NIDS. Furthermore, most false positives reduction techniques are not performed during the real-time of attempted intrusions; instead, they have applied afterward on collected traffic data and generate alerts. Of course, false positives detection in ‘offline mode’ is tremendously valuable. Nevertheless, there is room for improvement here; automated techniques still need to reduce False Positives in real-time. This paper uses the Snort signature detection model to redirect the alerted attacks to Honeypots and verify attacks.

Keywords: honeypot, TPOT, snort, NIDS, honeybird, iptables, netfilter, redirection, attack detection, docker, snare, tanner

Procedia PDF Downloads 122
5004 Induced Pulsation Attack Against Kalman Filter Driven Brushless DC Motor Control System

Authors: Yuri Boiko, Iluju Kiringa, Tet Yeap

Abstract:

We use modeling and simulation tools, to introduce a novel bias injection attack, named the ’Induced Pulsation Attack’, which targets Cyber Physical Systems with closed-loop controlled Brushless DC (BLDC) motor and Kalman filter driver in the feedback loop. This attack involves engaging a linear function with a constant gradient to distort the coefficient of the injected bias, which falsifies the Kalman filter estimates of the rotor’s angular speed. As a result, this manipulation interaction inside the control system causes periodic pulsations in a form of asymmetric sine wave of both current and voltage in the circuit windings, with a high magnitude. It is shown that by varying the gradient of linear function, one can control both the frequency and structure of the induced pulsations. It is also demonstrated that terminating the attack at any point leads to additional compensating effort from the controller to restore the speed to its equilibrium value. This compensation effort produces an exponentially decaying wave, which we call the ’attack withdrawal syndrome’ wave. The conditions for maximizing or minimizing the impact of the attack withdrawal syndrome are determined. Linking the termination of the attack to the end of the full period of the induced pulsation wave has been shown to nullify the attack withdrawal syndrome wave, thereby improving the attack’s covertness.

Keywords: cyber-attack, induced pulsation, bias injection, Kalman filter, BLDC motor, control system, closed loop, P- controller, PID-controller, saw-function, cyber-physical system

Procedia PDF Downloads 34
5003 Aerodynamic Modeling Using Flight Data at High Angle of Attack

Authors: Rakesh Kumar, A. K. Ghosh

Abstract:

The paper presents the modeling of linear and nonlinear longitudinal aerodynamics using real flight data of Hansa-3 aircraft gathered at low and high angles of attack. The Neural-Gauss-Newton (NGN) method has been applied to model the linear and nonlinear longitudinal dynamics and estimate parameters from flight data. Unsteady aerodynamics due to flow separation at high angles of attack near stall has been included in the aerodynamic model using Kirchhoff’s quasi-steady stall model. NGN method is an algorithm that utilizes Feed Forward Neural Network (FFNN) and Gauss-Newton optimization to estimate the parameters and it does not require any a priori postulation of mathematical model or solving of equations of motion. NGN method was validated on real flight data generated at moderate angles of attack before application to the data at high angles of attack. The estimates obtained from compatible flight data using NGN method were validated by comparing with wind tunnel values and the maximum likelihood estimates. Validation was also carried out by comparing the response of measured motion variables with the response generated by using estimates a different control input. Next, NGN method was applied to real flight data generated by executing a well-designed quasi-steady stall maneuver. The results obtained in terms of stall characteristics and aerodynamic parameters were encouraging and reasonably accurate to establish NGN as a method for modeling nonlinear aerodynamics from real flight data at high angles of attack.

Keywords: parameter estimation, NGN method, linear and nonlinear, aerodynamic modeling

Procedia PDF Downloads 400
5002 Off-Policy Q-learning Technique for Intrusion Response in Network Security

Authors: Zheni S. Stefanova, Kandethody M. Ramachandran

Abstract:

With the increasing dependency on our computer devices, we face the necessity of adequate, efficient and effective mechanisms, for protecting our network. There are two main problems that Intrusion Detection Systems (IDS) attempt to solve. 1) To detect the attack, by analyzing the incoming traffic and inspect the network (intrusion detection). 2) To produce a prompt response when the attack occurs (intrusion prevention). It is critical creating an Intrusion detection model that will detect a breach in the system on time and also challenging making it provide an automatic and with an acceptable delay response at every single stage of the monitoring process. We cannot afford to adopt security measures with a high exploiting computational power, and we are not able to accept a mechanism that will react with a delay. In this paper, we will propose an intrusion response mechanism that is based on artificial intelligence, and more precisely, reinforcement learning techniques (RLT). The RLT will help us to create a decision agent, who will control the process of interacting with the undetermined environment. The goal is to find an optimal policy, which will represent the intrusion response, therefore, to solve the Reinforcement learning problem, using a Q-learning approach. Our agent will produce an optimal immediate response, in the process of evaluating the network traffic.This Q-learning approach will establish the balance between exploration and exploitation and provide a unique, self-learning and strategic artificial intelligence response mechanism for IDS.

Keywords: cyber security, intrusion prevention, optimal policy, Q-learning

Procedia PDF Downloads 193
5001 Modeling Intelligent Threats: Case of Continuous Attacks on a Specific Target

Authors: Asma Ben Yaghlane, Mohamed Naceur Azaiez

Abstract:

In this paper, we treat a model that falls in the area of protecting targeted systems from intelligent threats including terrorism. We introduce the concept of system survivability, in the context of continuous attacks, as the probability that a system under attack will continue operation up to some fixed time t. We define a constant attack rate (CAR) process as an attack on a targeted system that follows an exponential distribution. We consider the superposition of several CAR processes. From the attacker side, we determine the optimal attack strategy that minimizes the system survivability. We also determine the optimal strengthening strategy that maximizes the system survivability under limited defensive resources. We use operations research techniques to identify optimal strategies of each antagonist. Our results may be used as interesting starting points to develop realistic protection strategies against intentional attacks.

Keywords: CAR processes, defense/attack strategies, exponential failure, survivability

Procedia PDF Downloads 351
5000 Effect of Waste Foundry Slag and Alccofine on Durability Properties of High Strength Concrete

Authors: Devinder Sharma, Sanjay Sharma, Ajay Goyal, Ashish Kapoor

Abstract:

The present research paper discussed the durability properties of high strength concrete (HSC) using Foundry Slag(FD) as partial substitute for fine aggregates (FA) and Alccofine (AF) in addition to portland pozzolana (PPC) cement. Specimens of Concrete M100 grade with water/binder ratio 0.239, with Foundry Slag (FD) varying from 0 to 50% and with optimum quantity of AF(15%) were casted and tested for durability properties such as Water absorption, water permeability, resistance to sulphate attack, alkali attack and nitrate attack of HSC at the age of 7, 14, 28, 56 and 90 days. Substitution of fine aggregates (FA) with up to 45% of foundry slag(FD) content and cement with 15% substitution and addition of alccofine showed an excellent resistance against durability properties at all ages but showed a decrease in these properties with 50% of FD contents. Loss of weight in concrete samples due to sulphate attack, alkali attack and nitrate attack of HSC at the age of 365 days was compared with loss in compressive strength. Correlation between loss in weight and loss in compressive strength in all the tests was found to be excellent.

Keywords: alccofine, alkali attack, foundry slag, high strength concrete, nitrate attack, water absorption, water permeability

Procedia PDF Downloads 291
4999 Experimental Studies on the Corrosion Effects of the Concrete Made with Tannery Effluent

Authors: K. Nirmalkumar

Abstract:

An acute water scarcity is prevailing in the dry season in and around Perundurai (Erode district, Tamil Nadu, India) where there are more number of tannery units. Hence an attempt was made to use the effluent from the tannery industry for construction purpose. The mechanical properties such as compressive strength, tensile strength, flexural strength and the special properties such as chloride attack, sulphate attack and chemical attack were studied by casting various concrete specimens in form of cube, cylinders and beams, etc. It was observed that the concrete had some reduction in strength while subjected to chloride attack, sulphate attack and chemical attack. So admixtures were selected and optimized in suitable proportion to counter act the adverse effects and the results were found to be satisfactory. In this research study the corrosion results of specimens prepared by using treated and untreated tannery effluent were compared with the concrete specimens prepared by using potable water. It was observed that by the addition of admixtures, the adverse effects due to the usage of the treated and untreated tannery effluent are counteracted.

Keywords: corrosion, calcium nitrite, concrete, fly ash

Procedia PDF Downloads 234
4998 An Aspiring Solution to the Man in the Middle Bootstrap Vulnerability

Authors: Mouad Zouina, Benaceur Outtaj

Abstract:

The proposed work falls within the context of improving data security for m-commerce systems. In this context we have placed under the light some flaws encountered in HTTPS the most used m-commerce protocol, particularly the man in the middle attack, shortly MITM. The man in the middle attack is an active listening attack. The idea of this attack is to target the handshake phase of the HTTPS protocol which is the transition from a non-secure connection to a secure connection in our case HTTP to HTTPS. This paper proposes a solution to fix those flaws based on the upgrade of HSTS standard handshake sequence using the DNSSEC standard.

Keywords: m-commerce, HTTPS, HSTS, DNSSEC, MITM bootstrap vulnerability

Procedia PDF Downloads 358
4997 Service Life Modelling of Concrete Deterioration Due to Biogenic Sulphuric Acid (BSA) Attack-State-of-an-Art-Review

Authors: Ankur Bansal, Shashank Bishnoi

Abstract:

Degradation of Sewage pipes, sewage pumping station and Sewage treatment plants(STP) is of major concern due to difficulty in their maintenance and the high cost of replacement. Most of these systems undergo degradation due to Biogenic sulphuric acid (BSA) attack. Since most of Waste water treatment system are underground, detection of this deterioration remains hidden. This paper presents a literature review, outlining the mechanism of this attack focusing on critical parameters of BSA attack, along with available models and software to predict the deterioration due to this attack. This paper critically examines the various steps and equation in various Models of BSA degradation, detail on assumptions and working of different softwares are also highlighted in this paper. The paper also focuses on the service life design technique available through various codes and method to integrate the servile life design with BSA degradation on concrete. In the end, various methods enhancing the resistance of concrete against Biogenic sulphuric acid attack are highlighted. It may be concluded that the effective modelling for degradation phenomena may bring positive economical and environmental impacts. With current computing capabilities integrated degradation models combining the various durability aspects can bring positive change for sustainable society.

Keywords: concrete degradation, modelling, service life, sulphuric acid attack

Procedia PDF Downloads 272
4996 A Blockchain-Based Protection Strategy against Social Network Phishing

Authors: Francesco Buccafurri, Celeste Romolo

Abstract:

Nowadays phishing is the most frequent starting point of cyber-attack vectors. Phishing is implemented both via email and social network messages. While a wide scientific literature exists which addresses the problem of contrasting email spam-phishing, no specific countermeasure has been so far proposed for phishing included into private messages of social network platforms. Unfortunately, the problem is severe. This paper proposes an approach against social network phishing, based on a non invasive collaborative information-sharing approach which leverages blockchain. The detection method works by filtering candidate messages, by distilling them by means of a distance-preserving hash function, and by publishing hashes over a public blockchain through a trusted smart contract (thus avoiding denial of service attacks). Phishing detection exploits social information embedded into social network profiles to identify similar messages belonging to disjoint contexts. The main contribution of the paper is to introduce a new approach to contrasting the problem of social network phishing, which, despite its severity, received little attention by both research and industry.

Keywords: phishing, social networks, information sharing, blockchain

Procedia PDF Downloads 279
4995 Variance-Aware Routing and Authentication Scheme for Harvesting Data in Cloud-Centric Wireless Sensor Networks

Authors: Olakanmi Oladayo Olufemi, Bamifewe Olusegun James, Badmus Yaya Opeyemi, Adegoke Kayode

Abstract:

The wireless sensor network (WSN) has made a significant contribution to the emergence of various intelligent services or cloud-based applications. Most of the time, these data are stored on a cloud platform for efficient management and sharing among different services or users. However, the sensitivity of the data makes them prone to various confidentiality and performance-related attacks during and after harvesting. Various security schemes have been developed to ensure the integrity and confidentiality of the WSNs' data. However, their specificity towards particular attacks and the resource constraint and heterogeneity of WSNs make most of these schemes imperfect. In this paper, we propose a secure variance-aware routing and authentication scheme with two-tier verification to collect, share, and manage WSN data. The scheme is capable of classifying WSN into different subnets, detecting any attempt of wormhole and black hole attack during harvesting, and enforcing access control on the harvested data stored in the cloud. The results of the analysis showed that the proposed scheme has more security functionalities than other related schemes, solves most of the WSNs and cloud security issues, prevents wormhole and black hole attacks, identifies the attackers during data harvesting, and enforces access control on the harvested data stored in the cloud at low computational, storage, and communication overheads.

Keywords: data block, heterogeneous IoT network, data harvesting, wormhole attack, blackhole attack access control

Procedia PDF Downloads 25
4994 A Distributed Mobile Agent Based on Intrusion Detection System for MANET

Authors: Maad Kamal Al-Anni

Abstract:

This study is about an algorithmic dependence of Artificial Neural Network on Multilayer Perceptron (MPL) pertaining to the classification and clustering presentations for Mobile Adhoc Network vulnerabilities. Moreover, mobile ad hoc network (MANET) is ubiquitous intelligent internetworking devices in which it has the ability to detect their environment using an autonomous system of mobile nodes that are connected via wireless links. Security affairs are the most important subject in MANET due to the easy penetrative scenarios occurred in such an auto configuration network. One of the powerful techniques used for inspecting the network packets is Intrusion Detection System (IDS); in this article, we are going to show the effectiveness of artificial neural networks used as a machine learning along with stochastic approach (information gain) to classify the malicious behaviors in simulated network with respect to different IDS techniques. The monitoring agent is responsible for detection inference engine, the audit data is collected from collecting agent by simulating the node attack and contrasted outputs with normal behaviors of the framework, whenever. In the event that there is any deviation from the ordinary behaviors then the monitoring agent is considered this event as an attack , in this article we are going to demonstrate the  signature-based IDS approach in a MANET by implementing the back propagation algorithm over ensemble-based Traffic Table (TT), thus the signature of malicious behaviors or undesirable activities are often significantly prognosticated and efficiently figured out, by increasing the parametric set-up of Back propagation algorithm during the experimental results which empirically shown its effectiveness  for the ratio of detection index up to 98.6 percentage. Consequently it is proved in empirical results in this article, the performance matrices are also being included in this article with Xgraph screen show by different through puts like Packet Delivery Ratio (PDR), Through Put(TP), and Average Delay(AD).

Keywords: Intrusion Detection System (IDS), Mobile Adhoc Networks (MANET), Back Propagation Algorithm (BPA), Neural Networks (NN)

Procedia PDF Downloads 154
4993 Providing a Secure Hybrid Method for Graphical Password Authentication to Prevent Shoulder Surfing, Smudge and Brute Force Attack

Authors: Faraji Sepideh

Abstract:

Nowadays, purchase rate of the smart device is increasing and user authentication is one of the important issues in information security. Alphanumeric strong passwords are difficult to memorize and also owners write them down on papers or save them in a computer file. In addition, text password has its own flaws and is vulnerable to attacks. Graphical password can be used as an alternative to alphanumeric password that users choose images as a password. This type of password is easier to use and memorize and also more secure from pervious password types. In this paper we have designed a more secure graphical password system to prevent shoulder surfing, smudge and brute force attack. This scheme is a combination of two types of graphical passwords recognition based and Cued recall based. Evaluation the usability and security of our proposed scheme have been explained in conclusion part.

Keywords: brute force attack, graphical password, shoulder surfing attack, smudge attack

Procedia PDF Downloads 106
4992 The Journey of a Malicious HTTP Request

Authors: M. Mansouri, P. Jaklitsch, E. Teiniker

Abstract:

SQL injection on web applications is a very popular kind of attack. There are mechanisms such as intrusion detection systems in order to detect this attack. These strategies often rely on techniques implemented at high layers of the application but do not consider the low level of system calls. The problem of only considering the high level perspective is that an attacker can circumvent the detection tools using certain techniques such as URL encoding. One technique currently used for detecting low-level attacks on privileged processes is the tracing of system calls. System calls act as a single gate to the Operating System (OS) kernel; they allow catching the critical data at an appropriate level of detail. Our basic assumption is that any type of application, be it a system service, utility program or Web application, “speaks” the language of system calls when having a conversation with the OS kernel. At this level we can see the actual attack while it is happening. We conduct an experiment in order to demonstrate the suitability of system call analysis for detecting SQL injection. We are able to detect the attack. Therefore we conclude that system calls are not only powerful in detecting low-level attacks but that they also enable us to detect high-level attacks such as SQL injection.

Keywords: Linux system calls, web attack detection, interception, SQL

Procedia PDF Downloads 310
4991 A POX Controller Module to Prepare a List of Flow Header Information Extracted from SDN Traffic

Authors: Wisam H. Muragaa, Kamaruzzaman Seman, Mohd Fadzli Marhusin

Abstract:

Software Defined Networking (SDN) is a paradigm designed to facilitate the way of controlling the network dynamically and with more agility. Network traffic is a set of flows, each of which contains a set of packets. In SDN, a matching process is performed on every packet coming to the network in the SDN switch. Only the headers of the new packets will be forwarded to the SDN controller. In terminology, the flow header fields are called tuples. Basically, these tuples are 5-tuple: the source and destination IP addresses, source and destination ports, and protocol number. This flow information is used to provide an overview of the network traffic. Our module is meant to extract this 5-tuple with the packets and flows numbers and show them as a list. Therefore, this list can be used as a first step in the way of detecting the DDoS attack. Thus, this module can be considered as the beginning stage of any flow-based DDoS detection method.

Keywords: matching, OpenFlow tables, POX controller, SDN, table-miss

Procedia PDF Downloads 159
4990 Detect QOS Attacks Using Machine Learning Algorithm

Authors: Christodoulou Christos, Politis Anastasios

Abstract:

A large majority of users favoured to wireless LAN connection since it was so simple to use. A wireless network can be the target of numerous attacks. Class hijacking is a well-known attack that is fairly simple to execute and has significant repercussions on users. The statistical flow analysis based on machine learning (ML) techniques is a promising categorization methodology. In a given dataset, which in the context of this paper is a collection of components representing frames belonging to various flows, machine learning (ML) can offer a technique for identifying and characterizing structural patterns. It is possible to classify individual packets using these patterns. It is possible to identify fraudulent conduct, such as class hijacking, and take necessary action as a result. In this study, we explore a way to use machine learning approaches to thwart this attack.

Keywords: wireless lan, quality of service, machine learning, class hijacking, EDCA remapping

Procedia PDF Downloads 4
4989 Feature Based Unsupervised Intrusion Detection

Authors: Deeman Yousif Mahmood, Mohammed Abdullah Hussein

Abstract:

The goal of a network-based intrusion detection system is to classify activities of network traffics into two major categories: normal and attack (intrusive) activities. Nowadays, data mining and machine learning plays an important role in many sciences; including intrusion detection system (IDS) using both supervised and unsupervised techniques. However, one of the essential steps of data mining is feature selection that helps in improving the efficiency, performance and prediction rate of proposed approach. This paper applies unsupervised K-means clustering algorithm with information gain (IG) for feature selection and reduction to build a network intrusion detection system. For our experimental analysis, we have used the new NSL-KDD dataset, which is a modified dataset for KDDCup 1999 intrusion detection benchmark dataset. With a split of 60.0% for the training set and the remainder for the testing set, a 2 class classifications have been implemented (Normal, Attack). Weka framework which is a java based open source software consists of a collection of machine learning algorithms for data mining tasks has been used in the testing process. The experimental results show that the proposed approach is very accurate with low false positive rate and high true positive rate and it takes less learning time in comparison with using the full features of the dataset with the same algorithm.

Keywords: information gain (IG), intrusion detection system (IDS), k-means clustering, Weka

Procedia PDF Downloads 254
4988 Air Flow Characteristics and Pressure Distributions for Staggered Wing Shaped Tubes Bundle

Authors: Sayed A. Elsayed, Emad Z. Ibrahim, Osama M. Mesalhy, Mohamed A. Abdelatief

Abstract:

An experimental and numerical study has been conducted to clarify fluid flow characteristics and pressure drop distributions of a cross-flow heat exchanger employing staggered wing-shaped tubes at different angels of attack. The water-side Rew and the air-side Rea were at 5 x 102 and at from 1.8 x 103 to 9.7 x 103, respectively. Three cases of the tubes arrangements with various angles of attack, row angles of attack and 90° cone angles were employed at the considered Rea range. Correlation of pressure drop coefficient Pdc in terms of Rea, design parameters for the studied cases were presented. The flow pattern around the staggered wing-shaped tubes bundle were predicted by using commercial CFD FLUENT 6.3.26 software package. Results indicated that the values of Pdc were increased by increasing the angle of attack from 0° to 45°, while the opposite was true for angles of attack from 135° to 180°. Comparisons between the experimental and numerical results of the present study and those, previously, obtained for similar available studies showed good agreements.

Keywords: wing-shaped tubes, cross-flow cooling, staggered arrangement, CFD

Procedia PDF Downloads 317