Search results for: dictionary attack

Authors: M. Mansouri, P. Jaklitsch, E. Teiniker

Abstract:

SQL injection on web applications is a very popular kind of attack. There are mechanisms such as intrusion detection systems in order to detect this attack. These strategies often rely on techniques implemented at high layers of the application but do not consider the low level of system calls. The problem of only considering the high level perspective is that an attacker can circumvent the detection tools using certain techniques such as URL encoding. One technique currently used for detecting low-level attacks on privileged processes is the tracing of system calls. System calls act as a single gate to the Operating System (OS) kernel; they allow catching the critical data at an appropriate level of detail. Our basic assumption is that any type of application, be it a system service, utility program or Web application, “speaks” the language of system calls when having a conversation with the OS kernel. At this level we can see the actual attack while it is happening. We conduct an experiment in order to demonstrate the suitability of system call analysis for detecting SQL injection. We are able to detect the attack. Therefore we conclude that system calls are not only powerful in detecting low-level attacks but that they also enable us to detect highlevel attacks such as SQL injection.

Keywords: Linux system calls, Web attack detection, Interception.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1955

Authors: Sehyun Cho, Heasook Park

Abstract:

These days MANET is attracting much attention as they are expected to gratefully influence communication between wireless nodes. Along with this great strength, there is much more chance of leave and being attacked by a malicious node. Due to this reason much attention is given to the security and the private issue in MANET. A lot of research in MANET has been doing. In this paper we present the overview of MANET, the security issues of MANET, IP configuration in MANET, the solution to puzzle out the security issues and the simulation of the proposal idea. We add the method to figure out the malicious nodes so that we can prevent the attack from them. Nodes exchange the information about nodes to prevent DAD attack. We can get 30% better performance than the previous MANETConf.

Keywords: MANETConf, DAD, Attacker, DDOS

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1622

Authors: C. Ardil

Abstract:

This paper aims to select the best military attack helicopter to purchase by the Armed Forces and provide greater reconnaissance and offensive combat capability in military operations. For this purpose, a multiple criteria decision analysis method integrated with the variance weight procedure was applied to the military attack helicopter selection problem. A real military aviation case problem is conducted to support the Armed Forces decision-making process and contributes to the better performance of the Armed Forces. Application of the methodology resulted in ranking lists for ordering and prioritizing attack helicopters, providing transparency and simplicity to the decision-making process. Nine military attack helicopter models were analyzed in the light of strategic, tactical, and operational criteria, considering attack helicopters. The selected military attack helicopter would be used for fire support and reconnaissance activities required by the Armed Forces operation. This study makes a valuable contribution to the problem of military attack helicopter selection, as it represents a state-of-the-art application of the MCDMA method to contribute to the solution of a real problem of the Armed Forces. The methodology presented in this paper can be used to solve real problems of a wide variety, especially strategic, tactical and operational, and is, therefore, a very useful method for decision making.

Keywords: aircraft selection, military attack helicopter selection, attack helicopter fleet planning, MCDMA, multiple criteria analysis, multiple criteria decision making analysis, distance function measure

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 813

Authors: Omessaad Hamdi, Ammar Bouallegue, Sami Harari

Abstract:

In [4], Kipnis and Shamir have cryptanalised a version of HFE of degree 2. In this paper, we describe the generalization of this attack of HFE of degree more than 2. We are based on Fourier Transformation to acheive partially this attack.

Keywords: Public, cryptosystem, cryptanalisis, HFE.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1346

Authors: Ruming Yin, Jian Yuan, Qiuhua Yang, Xiuming Shan, Xiqin Wang

Abstract:

Linear cryptanalysis methods are rarely used to improve the security of chaotic stream ciphers. In this paper, we apply linear cryptanalysis to a chaotic stream cipher which was designed by strictly using the basic design criterion of cryptosystem – confusion and diffusion. We show that this well-designed chaos-based stream cipher is still insecure against distinguishing attack. This distinguishing attack promotes the further improvement of the cipher.

Keywords: Stream cipher, chaos, linear cryptanalysis, distinguishing attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1700

Authors: Hesamodin Ebnodin Hamidi, Mojtaba Rahimi

Abstract:

Along with increasing development of generation of supersonic planes especially fighters and request for increasing the performance and maneuverability scientists and engineers suggested the delta and double delta wing design. One of the areas which was necessary to be researched, was the Aerodynamic review of this type of wings in high angles of attack at low speeds that was very important in landing and takeoff the planes and maneuvers. Leading Edges of the wings,cause the separation flow from wing surface and then formation of powerful vortex with high rotational speed which studing the mechanism and location of formation and also the position of the vortex breakdown in high angles of attack is very important. In this research, a double delta wing with 76o/45o sweep angles at high angle of attack in steady state and incompressible flow were numerically analyzed with Fluent software. With analaysis of the numerical results, we arrived the most important characteristic of the double delta wings which is keeping of lift at high angles of attacks.

Keywords: Double delta wing, high angle of attack, vortex breakdown, incompressible flow.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2528

Authors: Erika Pigliapoco, Valerio Freschi, Alessandro Bogliolo

Abstract:

This work presents a new phonetic transcription system based on a tree of hierarchical pronunciation rules expressed as context-specific grapheme-phoneme correspondences. The tree is automatically inferred from a phonetic dictionary by incrementally analyzing deeper context levels, eventually representing a minimum set of exhaustive rules that pronounce without errors all the words in the training dictionary and that can be applied to out-of-vocabulary words. The proposed approach improves upon existing rule-tree-based techniques in that it makes use of graphemes, rather than letters, as elementary orthographic units. A new linear algorithm for the segmentation of a word in graphemes is introduced to enable outof- vocabulary grapheme-based phonetic transcription. Exhaustive rule trees provide a canonical representation of the pronunciation rules of a language that can be used not only to pronounce out-of-vocabulary words, but also to analyze and compare the pronunciation rules inferred from different dictionaries. The proposed approach has been implemented in C and tested on Oxford British English and Basic English. Experimental results show that grapheme-based rule trees represent phonetically sound rules and provide better performance than letter-based rule trees.

Keywords: Automatic phonetic transcription, pronunciation rules, hierarchical tree inference.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1880

Authors: Nidhi Gupta, Sanjoy Das, Khushal Singh

Abstract:

A Mobile Ad-hoc Network (MANET) is a self managing network consists of versatile nodes that are capable of communicating with each other without having any fixed infrastructure. These nodes may be routers and/or hosts. Due to this dynamic nature of the network, routing protocols are vulnerable to various kinds of attacks. The black hole attack is one of the conspicuous security threats in MANETs. As the route discovery process is obligatory and customary, attackers make use of this loophole to get success in their motives to destruct the network. In Black hole attack the packet is redirected to a node that actually does not exist in the network. Many researchers have proposed different techniques to detect and prevent this type of attack. In this paper, we have analyzed various routing protocols in this context. Further we have shown a critical comparison among various protocols. We have shown various routing metrics are required proper and significant analysis of the protocol.

Keywords: Black Hole, MANET, Performance Parameters, Routing Protocol.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2687

Authors: Eun-Jun Yoon, Kee-Young Yoo

Abstract:

In order to guarantee secure communication for wireless sensor networks (WSNs), many user authentication schemes have successfully drawn researchers- attention and been studied widely. In 2012, He et al. proposed a robust biometric-based user authentication scheme for WSNs. However, this paper demonstrates that He et al.-s scheme has some drawbacks: poor reparability problem, user impersonation attack, and sensor node impersonate attack.

Keywords: Security, authentication, biometrics, poor reparability, impersonation attack, wireless sensor networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1827

Authors: Eun-Jun Yoon, Kee-Young Yoo

Abstract:

Recently, Jia et al. proposed a remote user authentication scheme using bilinear pairings and an Elliptic Curve Cryptosystem (ECC). However, the scheme is vulnerable to privileged insider attack at their proposed registration phase and to forgery attack at their proposed authentication phase. In addition, the scheme can be vulnerable to server spoofing attack because it does not provide mutual authentication between the user and the remote server. Therefore, this paper points out that the Jia et al. scheme is vulnerable to the above three attacks.

Keywords: Cryptography, authentication, smart card, password, cryptanalysis, bilinear pairings.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1802

Authors: C. Kalamani, K. Paramasivam

Abstract:

In VLSI, testing plays an important role. Major problem in testing are test data volume and test power. The important solution to reduce test data volume and test time is test data compression. The Proposed technique combines the bit maskdictionary and 2n pattern run length-coding method and provides a substantial improvement in the compression efficiency without introducing any additional decompression penalty. This method has been implemented using Mat lab and HDL Language to reduce test data volume and memory requirements. This method is applied on various benchmark test sets and compared the results with other existing methods. The proposed technique can achieve a compression ratio up to 86%.

Keywords: Bit Mask dictionary, 2n pattern run length code, system-on-chip, SOC, test data compression.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1873

Authors: Taher Fodeibou, Ziaul Huque, Jenny Galvis

Abstract:

A parametric study of a mixed-compression supersonic inlet is performed and reported. The effects of inlet Mach Numbers, varying from 4 to 10, and angle of attack, varying from 0 to 10, are reported for a constant inlet dynamic pressure. The paper looked at the variations of mass flow rates through the inlet, gain in entropy through the inlet, and the angles of the external oblique shocks. The mass flow rates were found to decrease monotonically with Mach numbers and increase with angle of attacks. On the other hand the entropy gain through the inlet increased with increasing Mach number and angle of attack. The variation in static pressure was found to be identical from the inlet throat to the exit for Mach number values higher than 6.

Keywords: Angle of attack, entropy gain, mass flow rates, supersonic inlets.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2569

Authors: V. Praveena, N. Kiruthika

Abstract:

In this paper, we explore a new scheme for filtering spoofed packets (DDOS attack) which is a combination of path fingerprint and client puzzle concepts. In this each IP packet has a unique fingerprint is embedded that represents, the route a packet has traversed. The server maintains a mapping table which contains the client IP address and its corresponding fingerprint. In ingress router, client puzzle is placed. For each request, the puzzle issuer provides a puzzle which the source has to solve. Our design has the following advantages over prior approaches, 1) Reduce the network traffic, as we place a client puzzle at the ingress router. 2) Mapping table at the server is lightweight and moderate.

Keywords: Client puzzle, DDOS attack, Egress, Ingress, IP Spoofing, Spoofed Packet.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1577

Authors: Sayed Ahmed E. Sayed Ahmed, Emad Z. Ibrahiem, Osama M. Mesalhy, Mohamed A. Abdelatief

Abstract:

An experimental and numerical study has been conducted to clarify heat transfer characteristics and effectiveness of a cross-flow heat exchanger employing staggered wing-shaped tubes at different angels of attack. The water-side Rew and the air-side Rea were at 5 x 102 and at from 1.8 x 103 to 9.7 x 103, respectively. The tubes arrangements were employed with various angles of attack θ1,2,3 from 0° to 330° at the considered Rea range. Correlation of Nu, St, as well as the heat transfer per unit pumping power (ε) in terms of Rea, design parameters for the studied bundle were presented. The temperature fields around the staggered wing-shaped tubes bundle were predicted by using commercial CFD FLUENT 6.3.26 software package. Results indicated that the heat transfer was increased by increasing the angle of attack from 0° to 45°, while the opposite was true for angles of attack from 135° to 180°. The best thermal performance and hence η of studied bundle was occurred at the lowest Rea and/or zero angle of attack. Comparisons between the experimental and numerical results of the present study and those, previously, obtained for similar available studies showed good agreements.

Keywords: Wing-shaped tubes, Cross-flow cooling, Staggered arrangement, and CFD.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2023

Authors: Zaw Tun, Aung Htein Maw

Abstract:

The nature of wireless ad hoc and sensor networks make them very attractive to attackers. One of the most popular and serious attacks in wireless ad hoc networks is wormhole attack and most proposed protocols to defend against this attack used positioning devices, synchronized clocks, or directional antennas. This paper analyzes the nature of wormhole attack and existing methods of defending mechanism and then proposes round trip time (RTT) and neighbor numbers based wormhole detection mechanism. The consideration of proposed mechanism is the RTT between two successive nodes and those nodes- neighbor number which is needed to compare those values of other successive nodes. The identification of wormhole attacks is based on the two faces. The first consideration is that the transmission time between two wormhole attack affected nodes is considerable higher than that between two normal neighbor nodes. The second detection mechanism is based on the fact that by introducing new links into the network, the adversary increases the number of neighbors of the nodes within its radius. This system does not require any specific hardware, has good performance and little overhead and also does not consume extra energy. The proposed system is designed in ad hoc on-demand distance vector (AODV) routing protocol and analysis and simulations of the proposed system are performed in network simulator (ns-2).

Keywords: AODV, Wormhole attacks, Wireless ad hoc andsensor networks

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3419

Authors: Arash Mir Abdolah Lavasani

Abstract:

The pressure drag from a cam shaped tube in cross flows have been investigated experimentally using pressure distribution measurement. The range of angle of attack and Reynolds number based on an equivalent circular tube are within 0≤α≤360° and 2×104< Reeq < 3.4 ×104, respectively. It is found that the pressure drag coefficient is at its highest at α=90° and 270° over the whole range of Reynolds number. Results show that the pressure drag coefficient of the cam shaped tube is lower than that of circular tube with the same surface area for more of the angles of attack. Furthermore, effects of the diameter ratio and finite length of the cam shaped tube upon the pressure drag coefficient are discussed.

Keywords: Pressure Drag, Cam Shaped, Experimental.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2338

Authors: Dinesh M., Kenny Mark V., Dharni Vasudhevan Venkatesan, Santhosh Kumar B., Sree Radesh R., V. R. Sanal Kumar

Abstract:

Comprehensive numerical studies have been carried out to examine the best aerodynamic performance of subsonic aircraft at different winglet cant angles using a validated 3D k-ω SST model. In the parametric analytical studies NACA series of airfoils are selected. Basic design of the winglet is selected from the literature and flow features of the entire wing including the winglet tip effects have been examined with different cant angles varying from 150 to 600 at different angles of attack up to 140. We have observed, among the cases considered in this study that a case, with 150 cant angle the aerodynamics performance of the subsonic aircraft during takeoff was found better up to an angle of attack of 2.80 and further its performance got diminished at higher angles of attack. Analyses further revealed that increasing the winglet cant angle from 150 to 600 at higher angles of attack could negate the performance deterioration and additionally it could enhance the peak CL/CD on the order of 3.5%. The investigated concept of variable-cant-angle winglets appears to be a promising alternative for improving the aerodynamic efficiency of aircraft.

Keywords: Aerodynamic efficiency, Cant-angle, Drag reduction, Flexible Winglets.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3563

Authors: Jeong-Tae Kim, Tchanghee Hyun

Abstract:

The number of intrusions and attacks against critical infrastructures and other information networks is increasing rapidly. While there is no identified evidence that terrorist organizations are currently planning a coordinated attack against the vulnerabilities of computer systems and network connected to critical infrastructure, and origins of the indiscriminate cyber attacks that infect computers on network remain largely unknown. The growing trend toward the use of more automated and menacing attack tools has also overwhelmed some of the current methodologies used for tracking cyber attacks. There is an ample possibility that this kind of cyber attacks can be transform to cyberterrorism caused by illegal purposes. Cyberterrorism is a matter of vital importance to national welfare. Therefore, each countries and organizations have to take a proper measure to meet the situation and consider effective legislation about cyberterrorism.

Keywords: Cyberterrorism, cyber attack, information security, legislation

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2734

Authors: Souleymane Oumtanaga, Prosper Kimou, Kouadio Gaza Kevin

Abstract:

The security of their network remains the priorities of almost all companies. Existing security systems have shown their limit; thus a new type of security systems was born: honeypots. Honeypots are defined as programs or intended servers which have to attract pirates to study theirs behaviours. It is in this context that the leurre.com project of gathering about twenty platforms was born. This article aims to specify a model of honeypots attack. Our model describes, on a given platform, the evolution of attacks according to theirs hours. Afterward, we show the most attacked services by the studies of attacks on the various ports. It is advisable to note that this article was elaborated within the framework of the research projects on honeyspots within the LABTIC (Laboratory of Information Technologies and Communication).

Keywords: Honeypot, networks, attack, leurrecom, computer network

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1427

Authors: G. Poonkuzhali, K.Thiagarajan, K.Sarukesi, G.V.Uma

Abstract:

The emergence of the Internet has brewed the revolution of information storage and retrieval. As most of the data in the web is unstructured, and contains a mix of text, video, audio etc, there is a need to mine information to cater to the specific needs of the users without loss of important hidden information. Thus developing user friendly and automated tools for providing relevant information quickly becomes a major challenge in web mining research. Most of the existing web mining algorithms have concentrated on finding frequent patterns while neglecting the less frequent ones that are likely to contain outlying data such as noise, irrelevant and redundant data. This paper mainly focuses on Signed approach and full word matching on the organized domain dictionary for mining web content outliers. This Signed approach gives the relevant web documents as well as outlying web documents. As the dictionary is organized based on the number of characters in a word, searching and retrieval of documents takes less time and less space.

Keywords: Outliers, Relevant document, , Signed Approach, Web content mining, Web documents..

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2305

Authors: Yi-Tun Huang, Chih-Yang Wu, Shu-Wei Huang

Abstract:

In this work, we examine fluid mixing in a full three-stream mixing channel with longitudinal vortex generators (LVGs) built on the channel bottom by numerical simulation and experiment. The effects of the asymmetrical arrangement and the attack angle of the LVGs on fluid mixing are investigated. The results show that the micromixer with LVGs at a small asymmetry index (defined by the ratio of the distance from the center plane of the gap between the winglets to the center plane of the main channel to the width of the main channel) is superior to the micromixer with symmetric LVGs and that with LVGs at a large asymmetry index. The micromixer using five mixing modules of the LVGs with an attack angle between 16.5 degrees and 22.5 degrees can achieve excellent mixing over a wide range of Reynolds numbers. Here, we call a section of channel with two pairs of staggered asymmetrical LVGs a mixing module. Besides, the micromixer with LVGs at a small attack angle is more efficient than that with a larger attack angle when pressure losses are taken into account.

Keywords: Microfluidics, Mixing, Longitudinal vortex generators, Two stream interfaces.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2002

Authors: S. Swain, P. S Khuntia

Abstract:

In this paper, the unstable angle of attack of a FOXTROT aircraft is controlled by using Genetic Algorithm based flight controller and the result is compared with the conventional techniques like Tyreus-Luyben (TL), Ziegler-Nichols (ZN) and Interpolation Rule (IR) for tuning the PID controller. In addition, the performance indices like Mean Square Error (MSE), Integral Square Error (ISE), and Integral Absolute Time Error (IATE) etc. are improved by using Genetic Algorithm. It was established that the error by using GA is very less as compared to the conventional techniques thereby improving the performance indices of the dynamic system.

Keywords: Angle of Attack, Genetic Algorithm, Performance Indices, PID Controller.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1710

Authors: A. Ben Yaghlane, M. N. Azaiez, M. Mrad

Abstract:

We investigate the large scale of networks in the context of network survivability under attack. We use appropriate techniques to evaluate and the attacker-based- and the defenderbased- network survivability. The attacker is unaware of the operated links by the defender. Each attacked link has some pre-specified probability to be disconnected. The defender choice is so that to maximize the chance of successfully sending the flow to the destination node. The attacker however will select the cut-set with the highest chance to be disabled in order to partition the network. Moreover, we extend the problem to the case of selecting the best p paths to operate by the defender and the best k cut-sets to target by the attacker, for arbitrary integers p,k>1. We investigate some variations of the problem and suggest polynomial-time solutions.

Keywords: Defense/attack strategies, large scale, networks, partitioning a network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1433

Authors: C. Ardil

Abstract:

In this paper, composite programming is discussed for aircraft evaluation and selection problem using the multiple criteria decision analysis method. The decision criteria and aircraft alternatives were identified from the literature review. The importance of criteria weights was determined by the standard deviation method. The proposed model is applied to a practical decision problem for evaluating and selecting advanced jet trainer and light attack aircraft. The proposed technique gives robust and efficient results in modeling multiple criteria decisions. As a result of composite programming analysis, Hürjet, an advanced jet trainer and light attack aircraft alternative (a3), was chosen as the most suitable aircraft candidate.  

Keywords: composite programming, additive weighted model, multiplicative weighted model, multiple criteria decision making analysis, MCDMA, aircraft selection, advanced jet trainer and light attack aircraft, M-346, FA-50, Hürjet

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 425

Authors: Rakesh Kumar, A. K. Ghosh

Abstract:

The paper presents the modeling of nonlinear longitudinal aerodynamics using flight data of Hansa-3 aircraft at high angles of attack near stall. The Kirchhoff-s quasi-steady stall model has been used to incorporate nonlinear aerodynamic effects in the aerodynamic model used to estimate the parameters, thereby, making the aerodynamic model nonlinear. The Maximum Likelihood method has been applied to the flight data (at high angles of attack) for the estimation of parameters (aerodynamic and stall characteristics) using the nonlinear aerodynamic model. To improve the accuracy level of the estimates, an approach of fixing the strong parameters has also been presented.

Keywords: Maximum Likelihood, nonlinear, parameters, stall.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2168

Authors: Jaimin Patel

Abstract:

Cloud computing is one of the most sharp and important movement in various computing technologies. It provides flexibility to users, cost effectiveness, location independence, easy maintenance, enables multitenancy, drastic performance improvements, and increased productivity. On the other hand, there are also major issues like security. Being a common server, security for a cloud is a major issue; it is important to provide security to protect user’s private data, and it is especially important in e-commerce and social networks. In this paper, encryption algorithms such as Advanced Encryption Standard algorithms, their vulnerabilities, risk of attacks, optimal time and complexity management and comparison with other algorithms based on software implementation is proposed. Encryption techniques to improve the performance of AES algorithms and to reduce risk management are given. Secure Hash Algorithms, their vulnerabilities, software implementations, risk of attacks and comparison with other hashing algorithms as well as the advantages and disadvantages between hashing techniques and encryption are given.

Keywords: Cloud computing, encryption algorithm, secure hashing algorithm, brute force attack, birthday attack, plaintext attack, man-in-the-middle attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1684

Authors: Naghmeh Moradpoor Sheykhkanloo

Abstract:

Thousands of organisations store important and confidential information related to them, their customers, and their business partners in databases all across the world. The stored data ranges from less sensitive (e.g. first name, last name, date of birth) to more sensitive data (e.g. password, pin code, and credit card information). Losing data, disclosing confidential information or even changing the value of data are the severe damages that Structured Query Language injection (SQLi) attack can cause on a given database. It is a code injection technique where malicious SQL statements are inserted into a given SQL database by simply using a web browser. In this paper, we propose an effective pattern recognition neural network model for detection and classification of SQLi attacks. The proposed model is built from three main elements of: a Uniform Resource Locator (URL) generator in order to generate thousands of malicious and benign URLs, a URL classifier in order to: 1) classify each generated URL to either a benign URL or a malicious URL and 2) classify the malicious URLs into different SQLi attack categories, and a NN model in order to: 1) detect either a given URL is a malicious URL or a benign URL and 2) identify the type of SQLi attack for each malicious URL. The model is first trained and then evaluated by employing thousands of benign and malicious URLs. The results of the experiments are presented in order to demonstrate the effectiveness of the proposed approach.

Keywords: Neural Networks, pattern recognition, SQL injection attacks, SQL injection attack classification, SQL injection attack detection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2774

Authors: Nidhi Gupta, Sanjoy Das, Khushal Singh

Abstract:

Mobile Ad hoc Network is a set of self-governing nodes which communicate through wireless links. Dynamic topology MANETs makes routing a challenging task. Various routing protocols are there, but due to various fundamental characteristic open medium, changing topology, distributed collaboration and constrained capability, these protocols are tend to various types of security attacks. Black hole is one among them. In this attack, malicious node represents itself as having the shortest path to the destination but that path not even exists. In this paper, we aim to develop a routing protocol for detection and prevention of black hole attack by modifying AODV routing protocol. This protocol is able to detect and prevent the black hole attack. Simulation is done using NS-2, which shows the improvement in network performance.

Keywords: Ad hoc, AODV, Back Bone, routing, Security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2113

Authors: Salvador Mandujano

Abstract:

This paper describes the design and results of FROID, an outbound intrusion detection system built with agent technology and supported by an attacker-centric ontology. The prototype features a misuse-based detection mechanism that identifies remote attack tools in execution. Misuse signatures composed of attributes selected through entropy analysis of outgoing traffic streams and process runtime data are derived from execution variants of attack programs. The core of the architecture is a mesh of self-contained detection cells organized non-hierarchically that group agents in a functional fashion. The experiments show performance gains when the ontology is enabled as well as an increase in accuracy achieved when correlation cells combine detection evidence received from independent detection cells.

Keywords: Outbound intrusion detection, knowledge management, multiagent systems, ontology.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1617

Authors: Yuri Boiko, Iluju Kiringa, Tet Yeap

Abstract:

Current drainage attack suggested previously is further studied in regular settings of closed-loop controlled Brushless DC (BLDC) motor with Kalman filter in the feedback loop. Modeling and simulation experiments are conducted in a MATLAB environment, implementing the closed-loop control model of BLDC motor operation in position sensorless mode under Kalman filter drive. The current increase in the motor windings is caused by the controller (p-controller in our case) affected by false data injection of substitution of the angular velocity estimates with distorted values. Operation of multiplication to distortion coefficient, values of which are taken from the distortion function synchronized in its periodicity with the rotor’s position change. A saw function with a triangular tooth shape is studied herewith for the purpose of carrying out the bias injection with current drainage consequences. The specific focus here is on how the asymmetry of the tooth in the saw function affects the flow of current drainage. The purpose is two-fold: (i) to produce and collect the signature of an asymmetric saw in the attack for further pattern recognition process, and (ii) to determine conditions of improving stealthiness of such attack via regulating asymmetry in saw function used. It is found that modification of the symmetry in the saw tooth affects the periodicity of current drainage modulation. Specifically, the modulation frequency of the drained current for a fully asymmetric tooth shape coincides with the saw function modulation frequency itself. Increasing the symmetry parameter for the triangle tooth shape leads to an increase in the modulation frequency for the drained current. Moreover, such frequency reaches the switching frequency of the motor windings for fully symmetric triangular shapes, thus becoming undetectable and improving the stealthiness of the attack. Therefore, the collected signatures of the attack can serve for attack parameter identification via the pattern recognition route.

Keywords: Bias injection attack, Kalman filter, BLDC motor, control system, closed loop, P-controller, PID-controller, current drainage, saw-function, asymmetry.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 89