Search results for: dictionary attack

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: Web forensic, SQL injection, web shell, investigation.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1190

Authors: Halabi Hasbullah, Irshad Ahmed Soomro, Jamalul-lail Ab Manan

Abstract:

Vehicular Ad-hoc Network (VANET) is taking more attention in automotive industry due to the safety concern of human lives on roads. Security is one of the safety aspects in VANET. To be secure, network availability must be obtained at all times since availability of the network is critically needed when a node sends any life critical information to other nodes. However, it can be expected that security attacks are likely to increase in the coming future due to more and more wireless applications being developed and deployed onto the well-known expose nature of the wireless medium. In this respect, the network availability is exposed to many types of attacks. In this paper, Denial of Service (DOS) attack on network availability is presented and its severity level in VANET environment is elaborated. A model to secure the VANET from the DOS attacks has been developed and some possible solutions to overcome the attacks have been discussed.

Keywords: Vehicular Ad hoc Network (VANET); security;availability; security attack; Denial of Service (DOS).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5994

Authors: Marine Segui, Ruxandra Mihaela Botez

Abstract:

OpenVSP is an aerodynamic solver developed by National Aeronautics and Space Administration (NASA) that allows building a reliable model of an aircraft. This software performs an aerodynamic simulation according to the angle of attack of the aircraft makes between the incoming airstream, and its speed. A reliable aerodynamic model of the Cessna Citation X was designed but it required a lot of computation time. As a consequence, a prediction method was established that allowed predicting lift and drag coefficients for all Mach numbers and for all angles of attack, exclusively for stall conditions, from a computation of three angles of attack and only one Mach number. Aerodynamic coefficients given by the prediction method for a Cessna Citation X model were finally compared with aerodynamics coefficients obtained using a complete OpenVSP study.

Keywords: Aerodynamic, coefficient, cruise, improving, longitudinal, OpenVSP, solver, time.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1385

Authors: Marcio Leal, Marta Villamil

Abstract:

Computacional recognition of sign languages aims to allow a greater social and digital inclusion of deaf people through interpretation of their language by computer. This article presents a model of recognition of two of global parameters from sign languages; hand configurations and hand movements. Hand motion is captured through an infrared technology and its joints are built into a virtual three-dimensional space. A Multilayer Perceptron Neural Network (MLP) was used to classify hand configurations and Dynamic Time Warping (DWT) recognizes hand motion. Beyond of the method of sign recognition, we provide a dataset of hand configurations and motion capture built with help of fluent professionals in sign languages. Despite this technology can be used to translate any sign from any signs dictionary, Brazilian Sign Language (Libras) was used as case study. Finally, the model presented in this paper achieved a recognition rate of 80.4%.

Keywords: Sign language recognition, computer vision, infrared, artificial neural network, dynamic time warping.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 818

Authors: Luc Cessieux, French Navy, Adrien Derock, DCNS/IMATH

Abstract:

Security risk models have been successful in estimating the likelihood of attack for simple security threats. However, modeling complex system and their security risk is even a challenge. Many methods have been proposed to face this problem. Often difficult to manipulate, and not enough all-embracing they are not as famous as they should with administrators and deciders. We propose in this paper a new tool to model big systems on purpose. The software, takes into account attack threats and security strength.

Keywords: Security, risk management, threat, modelization.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1279

Authors: Hesham A. El Zouka, Mustafa M. Hosni

Abstract:

The Radio Frequency Identification (RFID) technology has a diverse base of applications, but it is also prone to security threats. There are different types of security attacks which limit the range of the RFID applications. For example, deploying the RFID networks in insecure environments could make the RFID system vulnerable to many types of attacks such as spoofing attack, location traceability attack, physical attack and many more. Therefore, security is often an important requirement for RFID systems. In this paper, RFID mutual authentication protocol is implemented based on mobile agent technology and timestamp, which are used to provide strong authentication and integrity assurances to both the RFID readers and their corresponding RFID tags. The integration of mobile agent technology and timestamp provides promising results towards achieving this goal and towards reducing the security threats in RFID systems.

Keywords: RFID, security, authentication protocols, privacy, agent-based architecture, time-stamp, digital signature.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1746

Authors: Labiba Gilani, Asifullah Khan, Anwar M. Mirza

Abstract:

This paper introduces a technique of distortion estimation in image watermarking using Genetic Programming (GP). The distortion is estimated by considering the problem of obtaining a distorted watermarked signal from the original watermarked signal as a function regression problem. This function regression problem is solved using GP, where the original watermarked signal is considered as an independent variable. GP-based distortion estimation scheme is checked for Gaussian attack and Jpeg compression attack. We have used Gaussian attacks of different strengths by changing the standard deviation. JPEG compression attack is also varied by adding various distortions. Experimental results demonstrate that the proposed technique is able to detect the watermark even in the case of strong distortions and is more robust against attacks.

Keywords: Blind Watermarking, Genetic Programming (GP), Fitness Function, Discrete Cosine Transform (DCT).

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1662

Authors: El-Sayed Atlam, Masao Fuketa, Kazuhiro Morita, Jun-ichi Aoe

Abstract:

Field Association (FA) terms are a limited set of discriminating terms that give us the knowledge to identify document fields which are effective in document classification, similar file retrieval and passage retrieval. But the problem lies in the lack of an effective method to extract automatically relevant Arabic FA Terms to build a comprehensive dictionary. Moreover, all previous studies are based on FA terms in English and Japanese, and the extension of FA terms to other language such Arabic could be definitely strengthen further researches. This paper presents a new method to extract, Arabic FA Terms from domain-specific corpora using part-of-speech (POS) pattern rules and corpora comparison. Experimental evaluation is carried out for 14 different fields using 251 MB of domain-specific corpora obtained from Arabic Wikipedia dumps and Alhyah news selected average of 2,825 FA Terms (single and compound) per field. From the experimental results, recall and precision are 84% and 79% respectively. Therefore, this method selects higher number of relevant Arabic FA Terms at high precision and recall.

Keywords: Arabic Field Association Terms, information extraction, document classification, information retrieval.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1693

Authors: Yang Zhou, Kangfeng Zheng, Wei Ni, Ren Ping Liu

Abstract:

Software-defined networking (SDN) provides a solution for scalable network framework with decoupled control and data plane. However, this architecture also induces a particular distributed denial-of-service (DDoS) attack that can affect or even overwhelm the SDN network. DDoS attack detection problem has to date been mostly researched as entropy comparison problem. However, this problem lacks the utilization of SDN, and the results are not accurate. In this paper, we propose a DDoS attack detection method, which interprets DDoS detection as a signature matching problem and is formulated as Earth Mover’s Distance (EMD) model. Considering the feasibility and accuracy, we further propose to define the cost function of EMD to be a generalized Kullback-Leibler divergence. Simulation results show that our proposed method can detect DDoS attacks by comparing EMD values with the ones computed in the case without attacks. Moreover, our method can significantly increase the true positive rate of detection.

Keywords: DDoS detection, EMD, relative entropy, SDN.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 710

Authors: HongIl Ju, JongWook Han

Abstract:

In this paper we describes the authentication for DHCP (Dynamic Host Configuration Protocol) message which provides the efficient key management and reduces the danger replay attack without an additional packet for a replay attack. And the authentication for DHCP message supports mutual authentication and provides both entity authentication and message authentication. We applied the authentication for DHCP message to the home network environments and tested through a home gateway.

Keywords: DHCP, authentication, key management, replayattack, home network.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2425

Authors: Yanru Wu, Qing Sun

Abstract:

Sightseeing glass bridges located in steep valley area are being built on a large scale owing to the development of tourism. Consequently, their aerostatic stability is seriously affected by the wind field characteristics created by strong wind and special terrain, such as wind speed and wind attack angle. For instance, a cable-stayed pedestrian bridge without backstays comprised of a 60-m cantilever girder and the glass bridge deck is located in an abrupt valley, acting as a viewing platform. The bridge’s nonlinear aerostatic stability was analyzed by the segmental model test and numerical simulation in this paper. Based on aerostatic coefficients of the main girder measured in wind tunnel tests, nonlinear influences caused by the structure and aerostatic load, inhomogeneous distribution of torsion angle along the bridge axis, and the influence of initial attack angle were analyzed by using the incremental double iteration method. The results show that the aerostatic response varying with speed shows an obvious nonlinearity, and the aerostatic instability mode is of the characteristic of space deformation of bending-twisting coupling mode. The vertical and torsional deformation of the main girder is larger than its lateral deformation, with the wind speed approaching the critical wind speed. The flow of negative attack angle will reduce the bridges’ critical stability wind speed, but the influence of the negative attack angle on the aerostatic stability is more significant than that of the positive attack angle. The critical wind speeds of torsional divergence and lateral buckling are both larger than 200 m/s; namely, the bridge will not occur aerostatic instability under the action of various wind attack angles.

Keywords: Aerostatic nonlinearity, cable-stayed pedestrian bridge, numerical simulation, nonlinear aerostatic stability.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 501

Authors: S. M. Dash, K. B. Lua, T. T. Lim

Abstract:

This paper presents results of numerical and experimental studies on a two-dimensional (2D) flapping elliptic airfoil in a forward flight condition at Reynolds number of 5000. The study is motivated from an earlier investigation which shows that the deterioration in thrust performance of a sinusoidal heaving and pitching 2D (NACA0012) airfoil at high flapping frequency can be recovered by changing the effective angle of attack profile to square wave, sawtooth, or cosine wave shape. To better understand why such modifications lead to superior thrust performance, we take a closer look at the transient aerodynamic force behavior of an airfoil when the effective angle of attack profile changes gradually from a generic smooth trapezoidal profile to a sinusoid shape by modifying the base length of the trapezoid. The choice of using a smooth trapezoidal profile is to avoid the infinite acceleration condition encountered in the square wave profile. Our results show that the enhancement in the time-averaged thrust performance at high flapping frequency can be attributed to the delay and reduction in the drag producing valley region in the transient thrust force coefficient when the effective angle of attack profile changes from sinusoidal to trapezoidal.  

Keywords: Two-dimensional Flapping Airfoil, Thrust Performance, Effective Angle of Attack, CFD and Experiments.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1772

Authors: Konstantinos Sotiriadis, Radosław Mróz

Abstract:

In the present work the internal sulfate attack on pastes made from pure clinker phases was studied. Two binders were produced: (a) a binder with 2% C3A and 18% C4AF content; (b) a binder with 10% C3A and C4AF content each. Gypsum was used as the sulfate bearing compound, while calcium carbonate added to differentiate the binders produced. The phases formed were identified by XRD analysis. The results showed that ettringite was the deterioration phase detected in the case of the low C3A content binder. Carbonation occurred in the specimen without calcium carbonate addition, while portlandite was observed in the one containing calcium carbonate. In the case of the high C3A content binder, traces of thaumasite were detected when calcium carbonate was not incorporated in the binder. A solid solution of thaumasite and ettringite was found when calcium carbonate was added. The amount of C3A had not fully reacted with sulfates, since its corresponding peaks were detected.

Keywords: Tricalcium aluminate, calcium aluminate ferrite, sulfate attack, calcium carbonate, low temperature.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1929

Authors: Seo-Hee Kim, Kee-Won Kim, Seung-Hoon Kim

Abstract:

The most important elements of a novel are the characters, events and background. The background represents the time, place and situation that character appears, and conveys event and atmosphere more realistically. If readers have the proper knowledge about background of novels, it may be helpful for understanding the atmosphere of a novel and choosing a novel that readers want to read. In this paper, we are targeting Korean historical novels because spatio-temporal background especially performs an important role in historical novels among the genre of Korean novels. To the best of our knowledge, we could not find previous study that was aimed at Korean novels. In this paper, we build a Korean historical national dictionary. Our dictionary has historical places and temple names of kings over many generations as well as currently existing spatial words or temporal words in Korean history. We also present a method for recognizing spatio-temporal background based on patterns of phrasal words in Korean sentences. Our rules utilize postposition for spatial background recognition and temple names for temporal background recognition. The knowledge of the recognized background can help readers to understand the flow of events and atmosphere, and can use to visualize the elements of novels.

Keywords: Data mining, Korean historical novels, Korean linguistic feature, spatio-temporal background.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1080

Authors: Haydar Teymourlouei

Abstract:

It is important to take security measures to protect your computer information, reduce identify theft, and prevent from malicious cyber-attacks. With cyber-attacks on the continuous rise, people need to understand and learn ways to prevent from these attacks. Cyber-attack is an important factor to be considered if one is to be able to protect oneself from malicious attacks. Without proper security measures, most computer technology would hinder home users more than such technologies would help. Knowledge of how cyber-attacks operate and protective steps that can be taken to reduce chances of its occurrence are key to increasing these security measures. The purpose of this paper is to inform home users on the importance of identifying and taking preventive steps to avoid cyberattacks. Throughout this paper, many aspects of cyber-attacks will be discuss: what a cyber-attack is, the affects of cyber-attack for home users, different types of cyber-attacks, methodology to prevent such attacks; home users can take to fortify security of their computer.

Keywords: Cyber-attacks, home user, prevention, security, technology.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 7705

Authors: N. S. Usha, E. A. Mary Anita

Abstract:

Recent innovations in the field of technology led to the use of   wireless sensor networks in various applications, which consists of a number of small, very tiny, low-cost, non-tamper proof and resource constrained sensor nodes. These nodes are often distributed and deployed in an unattended environment, so as to collaborate with each other to share data or information. Amidst various applications, wireless sensor network finds a major role in monitoring battle field in military applications. As these non-tamperproof nodes are deployed in an unattended location, they are vulnerable to many security attacks. Amongst many security attacks, the node replication attack seems to be more threatening to the network users. Node Replication attack is caused by an attacker, who catches one true node, duplicates the first certification and cryptographic materials, makes at least one or more copies of the caught node and spots them at certain key positions in the system to screen or disturb the network operations. Preventing the occurrence of such node replication attacks in network is a challenging task. In this survey article, we provide the classification of detection schemes and also explore the various schemes proposed in each category. Also, we compare the various detection schemes against certain evaluation parameters and also its limitations. Finally, we provide some suggestions for carrying out future research work against such attacks.

Keywords: Clone node, data security, detection schemes, node replication attack, wireless sensor networks.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 747

Authors: Hoai-Vu Nguyen, Yongsun Choi

Abstract:

Distributed denial-of-service (DDoS) attacks pose a serious threat to network security. There have been a lot of methodologies and tools devised to detect DDoS attacks and reduce the damage they cause. Still, most of the methods cannot simultaneously achieve (1) efficient detection with a small number of false alarms and (2) real-time transfer of packets. Here, we introduce a method for proactive detection of DDoS attacks, by classifying the network status, to be utilized in the detection stage of the proposed anti-DDoS framework. Initially, we analyse the DDoS architecture and obtain details of its phases. Then, we investigate the procedures of DDoS attacks and select variables based on these features. Finally, we apply the k-nearest neighbour (k-NN) method to classify the network status into each phase of DDoS attack. The simulation result showed that each phase of the attack scenario is classified well and we could detect DDoS attack in the early stage.

Keywords: distributed denial-of-service (DDoS), k-nearestneighbor classifier (k-NN), anti-DDoS framework, DDoS detection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3289

Authors: L. Wong, H. Asrah, M.E. Rahman, M.A. Mannan

Abstract:

The storage of chemical fertilizers in concrete building often leads to durability problems due to chemical attack. The damage of concrete is mostly caused by certain ammonium salts. The main purpose of the research is to investigate the durability properties of concrete being exposed to ammonium nitrate solution. In this investigation, experiments are conducted on concrete type G50 and G60. The leaching process is achieved by the use of 20% concentration solution of ammonium nitrate. The durability properties investigated are water absorption, volume of permeable voids, and sorptivity. Compressive strength, pH value, and degradation depth are measured after a certain period of leaching. A decrease in compressive strength and an increase in porosity are found through the conducted experiments. Apart from that, the experimental data shows that pH value decreases with increased leaching time while the degradation depth of concrete increases with leaching time. By comparing concrete type G50 and G60, concrete type G60 is more resistant to ammonium nitrate attack.

Keywords: Normal weight concrete durability, Aggressive Ammonium Nitrate Solution, G50 & G60 concretes, Chemical attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 6604

Authors: Chih-Neng Liang, Huang-Bin Huang, Bo-Chiuan Chen

Abstract:

Nowadays, keyless entry systems are widely adopted for vehicle immobilizer systems due to both advantages of security and convenience. Keyless entry systems could overcome brute-force key guessing attack, statistics attack and masquerade attack, however, they can't prevent from thieves stealing behavior. In this paper, we proposed a new architecture try to improve the existent flaws. The integration of the keyless entry system and the fingerprint identification technology is more suitable to implement on the portable transponder to achieve higher security needs. We also adopt and modify AES security protocol for life expectancy and security of the portable transponder. In addition, the identification of a driver's fingerprint makes the service of automatic reinstatement of a driver's preferences become possible. Our design can satisfy not only the three kinds of previous illegal attacks, but also the stealing situation. Furthermore, many practical factors, such as costs, life expectancy and performance, have been well considered in the design of portable transponder.

Keywords: Keyless entry-system, fingerprint identification, AES security protocol, vehicle immobilizer system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2702

Authors: Z.M. Hanapi, M. Ismail, K. Jumari, M. Mahdavi

Abstract:

Routing security is a major concerned in Wireless Sensor Network since a large scale of unattended nodes is deployed in ad hoc fashion with no possibility of a global addressing due to a limitation of node-s memory and the node have to be self organizing when the systems require a connection with the other nodes. It becomes more challenging when the nodes have to act as the router and tightly constrained on energy and computational capabilities where any existing security mechanisms are not allowed to be fitted directly. These reasons thus increasing vulnerabilities to the network layer particularly and to the whole network, generally. In this paper, a Dynamic Window Secured Implicit Geographic Forwarding (DWSIGF) routing is presented where a dynamic time is used for collection window to collect Clear to Send (CTS) control packet in order to find an appropriate hoping node. The DWIGF is expected to minimize a chance to select an attacker as the hoping node that caused by a blackhole attack that happen because of the CTS rushing attack, which promise a good network performance with high packet delivery ratios.

Keywords: sensor, security, routing, attack, random.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1360

Authors: Morteza Mirhosseini, Amir B. Khoshnevis

Abstract:

The boundary layer separation and new active flow control of a NACA 0025 airfoil were studied experimentally. This new flow control is sometimes known as a co-flow jet (cfj) airfoil. This paper presents the fluctuating velocity in a wall jet over the co-flow jet airfoil subjected to an adverse pressure gradient and a curved surface. In these results, the fluctuating velocity at the inner part increasing by increased the angle of attack up to 12^o and this has due to the jet energized, while the angle of attack 20^o has different. The airfoil cord based Reynolds number has 10⁵.

Keywords: Adverse pressure gradient, fluctuating velocity, wall jet, co-flow jet airfoil.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1417

Authors: Thomas Bryan, Veton Kepuska, Ivica Kostanic

Abstract:

Speaker recognition is performed in high Additive White Gaussian Noise (AWGN) environments using principals of Computational Auditory Scene Analysis (CASA). CASA methods often classify sounds from images in the time-frequency (T-F) plane using spectrograms or cochleargrams as the image. In this paper atomic decomposition implemented by matching pursuit performs a transform from time series speech signals to the T-F plane. The atomic decomposition creates a sparsely populated T-F vector in “weight space” where each populated T-F position contains an amplitude weight. The weight space vector along with the atomic dictionary represents a denoised, compressed version of the original signal. The arraignment or of the atomic indices in the T-F vector are used for classification. Unsupervised feature learning implemented by a sparse autoencoder learns a single dictionary of basis features from a collection of envelope samples from all speakers. The approach is demonstrated using pairs of speakers from the TIMIT data set. Pairs of speakers are selected randomly from a single district. Each speak has 10 sentences. Two are used for training and 8 for testing. Atomic index probabilities are created for each training sentence and also for each test sentence. Classification is performed by finding the lowest Euclidean distance between then probabilities from the training sentences and the test sentences. Training is done at a 30dB Signal-to-Noise Ratio (SNR). Testing is performed at SNR’s of 0 dB, 5 dB, 10 dB and 30dB. The algorithm has a baseline classification accuracy of ~93% averaged over 10 pairs of speakers from the TIMIT data set. The baseline accuracy is attributable to short sequences of training and test data as well as the overall simplicity of the classification algorithm. The accuracy is not affected by AWGN and produces ~93% accuracy at 0dB SNR.

Keywords: Time-frequency plane, atomic decomposition, envelope sampling, Gabor atoms, matching pursuit, sparse dictionary learning, sparse autoencoder.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1517

Authors: Syed Fahad Tahir, Asifullah Khan, Abdul Majid, Anwar M. Mirza

Abstract:

In this paper, we present an innovative scheme of blindly extracting message bits from an image distorted by an attack. Support Vector Machine (SVM) is used to nonlinearly classify the bits of the embedded message. Traditionally, a hard decoder is used with the assumption that the underlying modeling of the Discrete Cosine Transform (DCT) coefficients does not appreciably change. In case of an attack, the distribution of the image coefficients is heavily altered. The distribution of the sufficient statistics at the receiving end corresponding to the antipodal signals overlap and a simple hard decoder fails to classify them properly. We are considering message retrieval of antipodal signal as a binary classification problem. Machine learning techniques like SVM is used to retrieve the message, when certain specific class of attacks is most probable. In order to validate SVM based decoding scheme, we have taken Gaussian noise as a test case. We generate a data set using 125 images and 25 different keys. Polynomial kernel of SVM has achieved 100 percent accuracy on test data.

Keywords: Bit Correct Ratio (BCR), Grid Search, Intelligent Decoding, Jackknife Technique, Support Vector Machine (SVM), Watermarking.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1622

Authors: JooHyung Oh, Dongwan Kang, Sekwon Kim, ChaeTae Im

Abstract:

Currently, there has been a 3G mobile networks data traffic explosion due to the large increase in the number of smartphone users. Unlike a traditional wired infrastructure, 3G mobile networks have limited wireless resources and signaling procedures for complex wireless resource management. And mobile network security for various abnormal and malicious traffic technologies was not ready. So Malicious or potentially malicious traffic originating from mobile malware infected smart devices can cause serious problems to the 3G mobile networks, such as DoS and scanning attack in wired networks. This paper describes the DoS security threat in the 3G mobile network and proposes a detection technology.

Keywords: 3G, WCDMA, DoS, Security Threat

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3225

Authors: Moad Alhamaty , Ali Yazdian , Fathi Al-qadasi

Abstract:

A common way to elude the signature-based Network Intrusion Detection System is based upon changing a recognizable attack to an unrecognizable one via the IDS. For example, in order to evade sign accommodation with intrusion detection system markers, a hacker spilt the payload packet into many small pieces or hides them within messages. In this paper we try to model the main fragmentation attack and create a new module in the intrusion detection architecture system which recognizes the main fragmentation attacks through verification of integrity checking of TCP packet in order to prevent elusion of the system and also to announce the necessary alert to the system administrator.

Keywords: Intrusion detection system, Evasion techniques, Fragmentation attacks, TCP Packet integrity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1799

Authors: S. Umarani, D. Sharmila

Abstract:

A Distributed Denial of Service (DDoS) attack is a major threat to cyber security. It originates from the network layer or the application layer of compromised/attacker systems which are connected to the network. The impact of this attack ranges from the simple inconvenience to use a particular service to causing major failures at the targeted server. When there is heavy traffic flow to a target server, it is necessary to classify the legitimate access and attacks. In this paper, a novel method is proposed to detect DDoS attacks from the traces of traffic flow. An access matrix is created from the traces. As the access matrix is multi dimensional, Principle Component Analysis (PCA) is used to reduce the attributes used for detection. Two classifiers Naive Bayes and K-Nearest neighborhood are used to classify the traffic as normal or abnormal. The performance of the classifier with PCA selected attributes and actual attributes of access matrix is compared by the detection rate and False Positive Rate (FPR).

Keywords: Distributed Denial of Service (DDoS) attack, Application layer DDoS, DDoS Detection, K- Nearest neighborhood classifier, Naive Bayes Classifier, Principle Component Analysis.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5219

Authors: Zulkiflee M., Robiah Y., Nur Azman Abu, Shahrin S.

Abstract:

Malware is software which was invented and meant for doing harms on computers. Malware is becoming a significant threat in computer network nowadays. Malware attack is not just only involving financial lost but it can also cause fatal errors which may cost lives in some cases. As new Internet Protocol version 6 (IPv6) emerged, many people believe this protocol could solve most malware propagation issues due to its broader addressing scheme. As IPv6 is still new compares to native IPv4, some transition mechanisms have been introduced to promote smoother migration. Unfortunately, these transition mechanisms allow some malwares to propagate its attack from IPv4 to IPv6 network environment. In this paper, a proof of concept shall be presented in order to show that some existing IPv4 malware detection technique need to be improvised in order to detect malware attack in dual-stack network more efficiently. A testbed of dual-stack network environment has been deployed and some genuine malware have been released to observe their behaviors. The results between these different scenarios will be analyzed and discussed further in term of their behaviors and propagation methods. The results show that malware behave differently on IPv6 from the IPv4 network protocol on the dual-stack network environment. A new detection technique is called for in order to cater this problem in the near future.

Keywords: Dual-Stack, Malware, Worm, IPv6;IDS

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1957

Authors: Andrii Shalaginov, Katrin Franke, Xiongwei Huang

Abstract:

One of the leading problems in Cyber Security today is the emergence of targeted attacks conducted by adversaries with access to sophisticated tools. These attacks usually steal senior level employee system privileges, in order to gain unauthorized access to confidential knowledge and valuable intellectual property. Malware used for initial compromise of the systems are sophisticated and may target zero-day vulnerabilities. In this work we utilize common behaviour of malware called ”beacon”, which implies that infected hosts communicate to Command and Control servers at regular intervals that have relatively small time variations. By analysing such beacon activity through passive network monitoring, it is possible to detect potential malware infections. So, we focus on time gaps as indicators of possible C2 activity in targeted enterprise networks. We represent DNS log files as a graph, whose vertices are destination domains and edges are timestamps. Then by using four periodicity detection algorithms for each pair of internal-external communications, we check timestamp sequences to identify the beacon activities. Finally, based on the graph structure, we infer the existence of other infected hosts and malicious domains enrolled in the attack activities.

Keywords: Malware detection, network security, targeted attack.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 5980

Authors: Amany M. Alshawi, Khaled Alduhaiman

Abstract:

This paper proposes a technique to protect against email bombing. The technique employs a statistical approach, Naïve Bayes (NB), and Neural Networks to show that it is possible to differentiate between good and bad traffic to protect against email bombing attacks. Neural networks and Naïve Bayes can be trained by utilizing many email messages that include both input and output data for legitimate and non-legitimate emails. The input to the model includes the contents of the body of the messages, the subject, and the headers. This information will be used to determine if the email is normal or an attack email. Preliminary tests suggest that Naïve Bayes can be trained to produce an accurate response to confirm which email represents an attack.

Keywords: Email bombing, Legitimate email, Naïve Bayes, Neural networks, Non-legitimate email.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1364

Authors: Yatin Wadhawan, Clifford Neuman, Anas Al Majali

Abstract:

In this paper, we evaluate the resilience of the smart grid system in the presence of multiple cyber-physical attacks on its distinct functional components. We discuss attack-defense scenarios and their effect on smart grid resilience. Through contingency simulations in the Network and PowerWorld Simulator, we analyze multiple cyber-physical attacks that propagate from the cyber domain to power systems and discuss how such attacks destabilize the underlying power grid. The analysis of such simulations helps system administrators develop more resilient systems and improves the response of the system in the presence of cyber-physical attacks.

Keywords: Smart grid, resilience, gas pipeline, cyber-physical attack, security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 969