Search results for: Wormhole attack

Authors: Khin Sandar Win

Abstract:

In multi hop wireless systems, such as ad hoc and sensor networks, mobile ad hoc network applications are deployed, security emerges as a central requirement. A particularly devastating attack is known as the wormhole attack, where two or more malicious colluding nodes create a higher level virtual tunnel in the network, which is employed to transport packets between the tunnel end points. These tunnels emulate shorter links in the network. In which adversary records transmitted packets at one location in the network, tunnels them to another location, and retransmits them into the network. The wormhole attack is possible even if the attacker has not compromised any hosts and even if all communication provides authenticity and confidentiality. In this paper, we analyze wormhole attack nature in ad hoc and sensor networks and existing methods of the defending mechanism to detect wormhole attacks without require any specialized hardware. This analysis able to provide in establishing a method to reduce the rate of refresh time and the response time to become more faster.

Keywords: Ad hoc network, Sensor network, Wormhole attack, defending mechanism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2247

Authors: Zaw Tun, Aung Htein Maw

Abstract:

The nature of wireless ad hoc and sensor networks make them very attractive to attackers. One of the most popular and serious attacks in wireless ad hoc networks is wormhole attack and most proposed protocols to defend against this attack used positioning devices, synchronized clocks, or directional antennas. This paper analyzes the nature of wormhole attack and existing methods of defending mechanism and then proposes round trip time (RTT) and neighbor numbers based wormhole detection mechanism. The consideration of proposed mechanism is the RTT between two successive nodes and those nodes- neighbor number which is needed to compare those values of other successive nodes. The identification of wormhole attacks is based on the two faces. The first consideration is that the transmission time between two wormhole attack affected nodes is considerable higher than that between two normal neighbor nodes. The second detection mechanism is based on the fact that by introducing new links into the network, the adversary increases the number of neighbors of the nodes within its radius. This system does not require any specific hardware, has good performance and little overhead and also does not consume extra energy. The proposed system is designed in ad hoc on-demand distance vector (AODV) routing protocol and analysis and simulations of the proposed system are performed in network simulator (ns-2).

Keywords: AODV, Wormhole attacks, Wireless ad hoc andsensor networks

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3419

Authors: He Ronghui, Ma Guoqing, Wang Chunlei, Fang Lan

Abstract:

This paper focuses on wormhole attacks detection in wireless sensor networks. The wormhole attack is particularly challenging to deal with since the adversary does not need to compromise any nodes and can use laptops or other wireless devices to send the packets on a low latency channel. This paper introduces an easy and effective method to detect and locate the wormholes: Since beacon nodes are assumed to know their coordinates, the straight line distance between each pair of them can be calculated and then compared with the corresponding hop distance, which in this paper equals hop counts × node-s transmission range R. Dramatic difference may emerge because of an existing wormhole. Our detection mechanism is based on this. The approximate location of the wormhole can also be derived in further steps based on this information. To the best of our knowledge, our method is much easier than other wormhole detecting schemes which also use beacon nodes, and to those have special requirements on each nodes (e.g., GPS receivers or tightly synchronized clocks or directional antennas), ours is more economical. Simulation results show that the algorithm is successful in detecting and locating wormholes when the density of beacon nodes reaches 0.008 per m2.

Keywords: Beacon node, wireless sensor network, worm hole attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1837

Authors: Faizal A. Samman, Thomas Hollstein, Manfred Glesner

Abstract:

A synchronous network-on-chip using wormhole packet switching and supporting guaranteed-completion best-effort with low-priority (LP) and high-priority (HP) wormhole packet delivery service is presented in this paper. Both our proposed LP and HP message services deliver a good quality of service in term of lossless packet completion and in-order message data delivery. However, the LP message service does not guarantee minimal completion bound. The HP packets will absolutely use 100% bandwidth of their reserved links if the HP packets are injected from the source node with maximum injection. Hence, the service are suitable for small size messages (less than hundred bytes). Otherwise the other HP and LP messages, which require also the links, will experience relatively high latency depending on the size of the HP message. The LP packets are routed using a minimal adaptive routing, while the HP packets are routed using a non-minimal adaptive routing algorithm. Therefore, an additional 3-bit field, identifying the packet type, is introduced in their packet headers to classify and to determine the type of service committed to the packet. Our NoC prototypes have been also synthesized using a 180-nm CMOS standard-cell technology to evaluate the cost of implementing the combination of both services.

Keywords: Network-on-Chip, Parallel Pipeline Router Architecture, Wormhole Switching, Two-Level Priority Service.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1720

Authors: J. Dubois, P. Jreije

Abstract:

Internet security attack could endanger the privacy of World Wide Web users and the integrity of their data. The attack can be carried out on today's most secure systems- browsers, including Netscape Navigator and Microsoft Internet Explorer. There are too many types, methods and mechanisms of attack where new attack techniques and exploits are constantly being developed and discovered. In this paper, various types of internet security attack mechanisms are explored and it is pointed out that when different types of attacks are combined together, network security can suffer disastrous consequences.

Keywords: DoS, internet attacks, router attack, security, trojan, virus, worm, XSS.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2062

Authors: Guruprasad Khataniar, Hitesh Tahbildar, Prakriti Prava Das

Abstract:

There are various overlay structures that provide efficient and scalable solutions for point and range query in a peer-topeer network. Overlay structure based on m-Binary Search Tree (BST) is one such popular technique. It deals with the division of the tree into different key intervals and then assigning the key intervals to a BST. The popularity of the BST makes this overlay structure vulnerable to different kinds of attacks. Here we present four such possible attacks namely index poisoning attack, eclipse attack, pollution attack and syn flooding attack. The functionality of BST is affected by these attacks. We also provide different security techniques that can be applied against these attacks.

Keywords: BST, eclipse attack, index poisoning attack, pollution attack, syn flooding attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1581

Authors: Li Qiang, Yang Ze-Ming, Liu Bao-Xu, Jiang Zheng-Wei

Abstract:

With the increasing complexity of cyberspace security, the cyber-attack attribution has become an important challenge of the security protection systems. The difficult points of cyber-attack attribution were forced on the problems of huge data handling and key data missing. According to this situation, this paper presented a reasoning method of cyber-attack attribution based on threat intelligence. The method utilizes the intrusion kill chain model and Bayesian network to build attack chain and evidence chain of cyber-attack on threat intelligence platform through data calculation, analysis and reasoning. Then, we used a number of cyber-attack events which we have observed and analyzed to test the reasoning method and demo system, the result of testing indicates that the reasoning method can provide certain help in cyber-attack attribution.

Keywords: Reasoning, Bayesian networks, cyber-attack attribution, kill chain, threat intelligence.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2621

Authors: Mohammad Ali Orumiehchi ha, R. Mirghadri

Abstract:

The COSvd Ciphers has been proposed by Filiol and others (2004). It is a strengthened version of COS stream cipher family denoted COSvd that has been adopted for at least one commercial standard. We propose a distinguish attack on this version, and prove that, it is distinguishable from a random stream. In the COSvd Cipher used one S-Box (10×8) on the final part of cipher. We focus on S-Box and use weakness this S-Box for distinguish attack. In addition, found a leak on HNLL that the sub s-boxes don-t select uniformly. We use this property for an Improve distinguish attack.

Keywords: Stream cipher, COSvd cipher, distinguish attack, nonlinear feedback shift registers, chaotic layer.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1111

Authors: Sushil Sarwa, Rajeev Kumar

Abstract:

The wireless mesh networks (WMNs) are emerging technology in wireless networking as they can serve large scale high speed internet access. Due to its wireless multi-hop feature, wireless mesh network is prone to suffer from many attacks, such as denial of service attack (DoS). We consider a special case of DoS attack which is selective forwarding attack (a.k.a. gray hole attack). In such attack, a misbehaving mesh router selectively drops the packets it receives rom its predecessor mesh router. It is very hard to detect that packet loss is due to medium access collision, bad channel quality or because of selective forwarding attack. In this paper, we present a review of detection algorithms of selective forwarding attack and discuss their advantage & disadvantage. Finally we conclude this paper with open research issues and challenges.

Keywords: CAD algorithm, CHEMAS, selective forwarding attack, watchdog & pathrater, wireless mesh network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2743

Authors: Faizal A. Samman, Thomas Hollstein, Manfred Glesner

Abstract:

This paper presents design trade-off and performance impacts of the amount of pipeline phase of control path signals in a wormhole-switched network-on-chip (NoC). The numbers of the pipeline phase of the control path vary between two- and one-cycle pipeline phase. The control paths consist of the routing request paths for output selection and the arbitration paths for input selection. Data communications between on-chip routers are implemented synchronously and for quality of service, the inter-router data transports are controlled by using a link-level congestion control to avoid lose of data because of an overflow. The trade-off between the area (logic cell area) and the performance (bandwidth gain) of two proposed NoC router microarchitectures are presented in this paper. The performance evaluation is made by using a traffic scenario with different number of workloads under 2D mesh NoC topology using a static routing algorithm. By using a 130-nm CMOS standard-cell technology, our NoC routers can be clocked at 1 GHz, resulting in a high speed network link and high router bandwidth capacity of about 320 Gbit/s. Based on our experiments, the amount of control path pipeline stages gives more significant impact on the NoC performance than the impact on the logic area of the NoC router.

Keywords: Network-on-Chip, Synchronous Parallel Pipeline, Router Architecture, Wormhole Switching

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1432

Authors: Hsien-cheng Chou, Fei-pei Lai, Hung-chang Lee

Abstract:

At present, dictionary attack has been the basic tool for recovering key passwords. In order to avoid dictionary attack, users purposely choose another character strings as passwords. According to statistics, about 14% of users choose keys on a keyboard (Kkey, for short) as passwords. This paper develops a framework system to attack the password chosen from Kkeys and analyzes its efficiency. Within this system, we build up keyboard rules using the adjacent and parallel relationship among Kkeys and then use these Kkey rules to generate password databases by depth-first search method. According to the experiment results, we find the key space of databases derived from these Kkey rules that could be far smaller than the password databases generated within brute-force attack, thus effectively narrowing down the scope of attack research. Taking one general Kkey rule, the combinations in all printable characters (94 types) with Kkey adjacent and parallel relationship, as an example, the derived key space is about 240 smaller than those in brute-force attack. In addition, we demonstrate the method's practicality and value by successfully cracking the access password to UNIX and PC using the password databases created

Keywords: Brute-force attack, dictionary attack, depth-firstsearch, password attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3435

Authors: Fangfang Chen, Chunlu Wang, Zhihong Tian, Shuyuan Jin, Tianle Zhang

Abstract:

Attack graph is an integral part of modeling the overview of network security. System administrators use attack graphs to determine how vulnerable their systems are and to determine what security measures to deploy to defend their systems. Previous methods on AGG(attack graphs generation) are aiming at the whole network, which makes the process of AGG complex and non-scalable. In this paper, we propose a new approach which is simple and scalable to AGG by decomposing the whole network into atomic domains. Each atomic domain represents a host with a specific privilege. Then the process for AGG is achieved by communications among all the atomic domains. Our approach simplifies the process of design for the whole network, and can gives the attack graphs including each attack path for each host, and when the network changes we just carry on the operations of corresponding atomic domains which makes the process of AGG scalable.

Keywords: atomic domain, vulnerability, attack graphs, generation, computer security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1608

Authors: Arash Habibi Lashkari, Azizah Abdul Manaf, Maslin Masrom

Abstract:

In today's day and age, one of the important topics in information security is authentication. There are several alternatives to text-based authentication of which includes Graphical Password (GP) or Graphical User Authentication (GUA). These methods stems from the fact that humans recognized and remembers images better than alphanumerical text characters. This paper will focus on the security aspect of GP algorithms and what most researchers have been working on trying to define these security features and attributes. The goal of this study is to develop a fuzzy decision model that allows automatic selection of available GP algorithms by taking into considerations the subjective judgments of the decision makers who are more than 50 postgraduate students of computer science. The approach that is being proposed is based on the Fuzzy Analytic Hierarchy Process (FAHP) which determines the criteria weight as a linear formula.

Keywords: Graphical Password, Authentication Security, Attack Patterns, Brute force attack, Dictionary attack, Guessing Attack, Spyware attack, Shoulder surfing attack, Social engineering Attack, Password Entropy, Password Space.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1895

Authors: Sadeghi H., Mani M., Ardakani M. A.

Abstract:

The unsteady wake of an EPPLER 361 airfoil in pitching motion has been investigated in a subsonic wind tunnel by hot-wire anemometry. The airfoil was given the pitching motion about the one-quarter chord axis at reduced frequency of 0182. Streamwise mean velocity profiles (wake profiles) were investigated at several vertically aligned points behind the airfoil at one-quarter chord downstream distance from trailing edge. Oscillation amplitude and mean angle of attack were varied to determine the effects on wake profiles. When the maximum dynamic angle of attack was below the static stall angle of attack, weak effects on wake were found by increasing oscillation amplitude and mean angle of attack. But, for higher angles of attack strong unsteady effects were appeared on the wake.

Keywords: Unsteady wake, amplitude, mean angle, EPPLER 361 airfoil.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2616

Authors: Lee Feng Koo, Tze Jin Wong, Pang Hung Yiu, Nik Mohd Asri Nik Long

Abstract:

Greater common divisor (GCD) attack is an attack that relies on the polynomial structure of the cryptosystem. This attack required two plaintexts differ from a fixed number and encrypted under same modulus. This paper reports a security reaction of Lucas Based El-Gamal Cryptosystem in the Elliptic Curve group over finite field under GCD attack. Lucas Based El-Gamal Cryptosystem in the Elliptic Curve group over finite field was exposed mathematically to the GCD attack using GCD and Dickson polynomial. The result shows that the cryptanalyst is able to get the plaintext without decryption by using GCD attack. Thus, the study concluded that it is highly perilous when two plaintexts have a slight difference from a fixed number in the same Elliptic curve group over finite field.

Keywords: Decryption, encryption, elliptic curve, greater common divisor.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 653

Authors: Tze Jin Wong, Lee Feng Koo, Pang Hung Yiu

Abstract:

Lenstra’s attack uses Chinese remainder theorem as a tool and requires a faulty signature to be successful. This paper reports on the security responses of fourth and sixth order Lucas based (LUC_4,6) cryptosystem under the Lenstra’s attack as compared to the other two Lucas based cryptosystems such as LUC and LUC₃ cryptosystems. All the Lucas based cryptosystems were exposed mathematically to the Lenstra’s attack using Chinese Remainder Theorem and Dickson polynomial. Result shows that the possibility for successful Lenstra’s attack is less against LUC_4,6 cryptosystem than LUC₃ and LUC cryptosystems. Current study concludes that LUC_4,6 cryptosystem is more secure than LUC and LUC₃ cryptosystems in sustaining against Lenstra’s attack.

Keywords: Lucas sequence, Dickson Polynomial, faulty signature, corresponding signature, congruence.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 670

Authors: Narendra M. Shekokar, Satish R. Devane

Abstract:

In a recent year usage of VoIP subscription has increased tremendously as compare to Public Switching Telephone System(PSTN). A VoIP subscriber would like to know the exact tariffs of the calls made using VoIP. As the usage increases, the rate of fraud is also increases, causing users complain about excess billing. This in turn hampers the growth of VoIP .This paper describe the common frauds and attack on VoIP based system and make an attempt to solve the billing attack by creating secured channel between caller and callee.

Keywords: VoIP, Billing-fraud, SSL/TLS, MITM, Replay-attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1607

Authors: Hyoungseob Lee, Donghyun Choi, Yunho Lee, Dongho Won, Seungjoo Kim

Abstract:

Recently, with the appearance of smart cards, many user authentication protocols using smart card have been proposed to mitigate the vulnerabilities in user authentication process. In 2004, Das et al. proposed a ID-based user authentication protocol that is secure against ID-theft and replay attack using smart card. In 2009, Wang et al. showed that Das et al.-s protocol is not secure to randomly chosen password attack and impersonation attack, and proposed an improved protocol. Their protocol provided mutual authentication and efficient password management. In this paper, we analyze the security weaknesses and point out the vulnerabilities of Wang et al.-s protocol.

Keywords: Message Alteration Attack, Impersonation Attack

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1720

Authors: Yuji Waizumi, Tohru Sato, Yoshiaki Nemoto

Abstract:

Recently, Denial of Service(DoS) attacks and Distributed DoS(DDoS) attacks which are stronger form of DoS attacks from plural hosts have become security threats on the Internet. It is important to identify the attack source and to block attack traffic as one of the measures against these attacks. In general, it is difficult to identify them because information about the attack source is falsified. Therefore a method of identifying the attack source by tracing the route of the attack traffic is necessary. A traceback method which uses traffic patterns, using changes in the number of packets over time as criteria for the attack traceback has been proposed. The traceback method using the traffic patterns can trace the attack by matching the shapes of input traffic patterns and the shape of output traffic pattern observed at a network branch point such as a router. The traffic pattern is a shapes of traffic and unfalsifiable information. The proposed trace methods proposed till date cannot obtain enough tracing accuracy, because they directly use traffic patterns which are influenced by non-attack traffics. In this paper, a new traffic pattern matching method using Independent Component Analysis(ICA) is proposed.

Keywords: Distributed Denial of Service, Independent Component Analysis, Traffic pattern

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1732

Authors: Min-Shiang Hwang, Cheng-Chi Lee, Shiang-Feng Tzeng

Abstract:

A new secure knapsack cryptosystem based on the Merkle-Hellman public key cryptosystem will be proposed in this paper. Although it is common sense that when the density is low, the knapsack cryptosystem turns vulnerable to the low-density attack. The density d of a secure knapsack cryptosystem must be larger than 0.9408 to avoid low-density attack. In this paper, we investigate a new Permutation Combination Algorithm. By exploiting this algorithm, we shall propose a novel knapsack public-key cryptosystem. Our proposed scheme can enjoy a high density to avoid the low-density attack. The density d can also exceed 0.9408 to avoid the low-density attack.

Keywords: Public key, Knapsack problem, Knapsack cryptosystem, low-density attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1894

Authors: K. Nirmalkumar

Abstract:

There is a acute water problem especially in the dry season in and around Perundurai (Erode district, Tamil Nadu, India) where there are more number of tannery units. Hence an attempt was made to use the waste water from tannery industry for construction purpose. The mechanical properties such as compressive strength, tensile strength, flexural strength etc were studied by casting various concrete specimens in form of cube, cylinders and beams etc and were found to be satisfactory. Hence some special properties such as chloride attack, sulphate attack and chemical attack are considered and comparatively studied with the conventional potable water. In this experimental study the results of specimens prepared by using treated and untreated tannery effluent were compared with the concrete specimens prepared by using potable water. It was observed that the concrete had some reduction in strength while subjected to chloride attack, sulphate attack and chemical attack. So admixtures were selected and optimized in suitable proportion to counter act the adverse effects and the results were found to be satisfactory.

Keywords: Calcium nitrite, concrete, fly ash.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1953

Authors: Yaser Mohammad Taheri, Alireza Zolghadr–asli, Mehran Yazdi

Abstract:

Video watermarking is usually considered as watermarking of a set of still images. In frame-by-frame watermarking approach, each video frame is seen as a single watermarked image, so collusion attack is more critical in video watermarking. If the same or redundant watermark is used for embedding in every frame of video, the watermark can be estimated and then removed by watermark estimate remodolulation (WER) attack. Also if uncorrelated watermarks are used for every frame, these watermarks can be washed out with frame temporal filtering (FTF). Switching watermark system or so-called SS-N system has better performance against WER and FTF attacks. In this system, for each frame, the watermark is randomly picked up from a finite pool of watermark patterns. At first SS-N system will be surveyed and then a new collusion attack for SS-N system will be proposed using a new algorithm for separating video frame based on watermark pattern. So N sets will be built in which every set contains frames carrying the same watermark. After that, using WER attack in every set, N different watermark patterns will be estimated and removed later.

Keywords: Watermark estimation remodulation (WER), Frame Temporal Averaging (FTF), switching watermark system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1446

Authors: Ramya Dorai, M. Rajaram

Abstract:

A Mobile Adhoc Network (MANET) is a collection of mobile nodes that communicate with each other with wireless links and without pre-existing communication infrastructure. Routing is an important issue which impacts network performance. As MANETs lack central administration and prior organization, their security concerns are different from those of conventional networks. Wireless links make MANETs susceptible to attacks. This study proposes a new trust mechanism to mitigate wormhole attack in MANETs. Different optimization techniques find available optimal path from source to destination. This study extends trust and reputation to an improved link quality and channel utilization based Adhoc Ondemand Multipath Distance Vector (AOMDV). Differential Evolution (DE) is used for optimization.

Keywords: Mobile Adhoc Network (MANET), Adhoc Ondemand Multi-Path Distance Vector (AOMDV), Trust and Reputation, Differential Evolution (DE), Link Quality, Channel Utilization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1611

Authors: Poonam Garg, Aditya Shastri, D.C. Agarwal

Abstract:

With the exponential growth of networked system and application such as eCommerce, the demand for effective internet security is increasing. Cryptology is the science and study of systems for secret communication. It consists of two complementary fields of study: cryptography and cryptanalysis. The application of genetic algorithms in the cryptanalysis of knapsack ciphers is suggested by Spillman [7]. In order to improve the efficiency of genetic algorithm attack on knapsack cipher, the previously published attack was enhanced and re-implemented with variation of initial assumptions and results are compared with Spillman results. The experimental result of research indicates that the efficiency of genetic algorithm attack on knapsack cipher can be improved with variation of initial assumption.

Keywords: Genetic Algorithm, Knapsack cipher, Key search.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1637

Authors: Faraji Sepideh

Abstract:

Nowadays, purchase rate of the smart device is increasing and user authentication is one of the important issues in information security. Alphanumeric strong passwords are difficult to memorize and also owners write them down on papers or save them in a computer file. In addition, text password has its own flaws and is vulnerable to attacks. Graphical password can be used as an alternative to alphanumeric password that users choose images as a password. This type of password is easier to use and memorize and also more secure from pervious password types. In this paper we have designed a more secure graphical password system to prevent shoulder surfing, smudge and brute force attack. This scheme is a combination of two types of graphical passwords recognition based and Cued recall based. Evaluation the usability and security of our proposed scheme have been explained in conclusion part.

Keywords: Brute force attack, graphical password, shoulder surfing attack, smudge attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 853

Authors: M. Mansouri, P. Jaklitsch, E. Teiniker

Abstract:

SQL injection on web applications is a very popular kind of attack. There are mechanisms such as intrusion detection systems in order to detect this attack. These strategies often rely on techniques implemented at high layers of the application but do not consider the low level of system calls. The problem of only considering the high level perspective is that an attacker can circumvent the detection tools using certain techniques such as URL encoding. One technique currently used for detecting low-level attacks on privileged processes is the tracing of system calls. System calls act as a single gate to the Operating System (OS) kernel; they allow catching the critical data at an appropriate level of detail. Our basic assumption is that any type of application, be it a system service, utility program or Web application, “speaks” the language of system calls when having a conversation with the OS kernel. At this level we can see the actual attack while it is happening. We conduct an experiment in order to demonstrate the suitability of system call analysis for detecting SQL injection. We are able to detect the attack. Therefore we conclude that system calls are not only powerful in detecting low-level attacks but that they also enable us to detect highlevel attacks such as SQL injection.

Keywords: Linux system calls, Web attack detection, Interception.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1955

Authors: Sehyun Cho, Heasook Park

Abstract:

These days MANET is attracting much attention as they are expected to gratefully influence communication between wireless nodes. Along with this great strength, there is much more chance of leave and being attacked by a malicious node. Due to this reason much attention is given to the security and the private issue in MANET. A lot of research in MANET has been doing. In this paper we present the overview of MANET, the security issues of MANET, IP configuration in MANET, the solution to puzzle out the security issues and the simulation of the proposal idea. We add the method to figure out the malicious nodes so that we can prevent the attack from them. Nodes exchange the information about nodes to prevent DAD attack. We can get 30% better performance than the previous MANETConf.

Keywords: MANETConf, DAD, Attacker, DDOS

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1622

Authors: C. Ardil

Abstract:

This paper aims to select the best military attack helicopter to purchase by the Armed Forces and provide greater reconnaissance and offensive combat capability in military operations. For this purpose, a multiple criteria decision analysis method integrated with the variance weight procedure was applied to the military attack helicopter selection problem. A real military aviation case problem is conducted to support the Armed Forces decision-making process and contributes to the better performance of the Armed Forces. Application of the methodology resulted in ranking lists for ordering and prioritizing attack helicopters, providing transparency and simplicity to the decision-making process. Nine military attack helicopter models were analyzed in the light of strategic, tactical, and operational criteria, considering attack helicopters. The selected military attack helicopter would be used for fire support and reconnaissance activities required by the Armed Forces operation. This study makes a valuable contribution to the problem of military attack helicopter selection, as it represents a state-of-the-art application of the MCDMA method to contribute to the solution of a real problem of the Armed Forces. The methodology presented in this paper can be used to solve real problems of a wide variety, especially strategic, tactical and operational, and is, therefore, a very useful method for decision making.

Keywords: aircraft selection, military attack helicopter selection, attack helicopter fleet planning, MCDMA, multiple criteria analysis, multiple criteria decision making analysis, distance function measure

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 812

Authors: Omessaad Hamdi, Ammar Bouallegue, Sami Harari

Abstract:

In [4], Kipnis and Shamir have cryptanalised a version of HFE of degree 2. In this paper, we describe the generalization of this attack of HFE of degree more than 2. We are based on Fourier Transformation to acheive partially this attack.

Keywords: Public, cryptosystem, cryptanalisis, HFE.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1345

Authors: Ruming Yin, Jian Yuan, Qiuhua Yang, Xiuming Shan, Xiqin Wang

Abstract:

Linear cryptanalysis methods are rarely used to improve the security of chaotic stream ciphers. In this paper, we apply linear cryptanalysis to a chaotic stream cipher which was designed by strictly using the basic design criterion of cryptosystem – confusion and diffusion. We show that this well-designed chaos-based stream cipher is still insecure against distinguishing attack. This distinguishing attack promotes the further improvement of the cipher.

Keywords: Stream cipher, chaos, linear cryptanalysis, distinguishing attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1700