Abstract: The nature of wireless ad hoc and sensor networks
make them very attractive to attackers. One of the most popular and
serious attacks in wireless ad hoc networks is wormhole attack and
most proposed protocols to defend against this attack used
positioning devices, synchronized clocks, or directional antennas.
This paper analyzes the nature of wormhole attack and existing
methods of defending mechanism and then proposes round trip time
(RTT) and neighbor numbers based wormhole detection mechanism.
The consideration of proposed mechanism is the RTT between two
successive nodes and those nodes- neighbor number which is needed
to compare those values of other successive nodes. The identification
of wormhole attacks is based on the two faces. The first consideration
is that the transmission time between two wormhole attack affected
nodes is considerable higher than that between two normal neighbor
nodes. The second detection mechanism is based on the fact that by
introducing new links into the network, the adversary increases the
number of neighbors of the nodes within its radius. This system does
not require any specific hardware, has good performance and little
overhead and also does not consume extra energy. The proposed
system is designed in ad hoc on-demand distance vector (AODV)
routing protocol and analysis and simulations of the proposed system
are performed in network simulator (ns-2).
Abstract: Routing security is a major concerned in Wireless
Sensor Network since a large scale of unattended nodes is deployed
in ad hoc fashion with no possibility of a global addressing due to a
limitation of node-s memory and the node have to be self organizing
when the systems require a connection with the other nodes. It
becomes more challenging when the nodes have to act as the router
and tightly constrained on energy and computational capabilities
where any existing security mechanisms are not allowed to be fitted
directly. These reasons thus increasing vulnerabilities to the network
layer particularly and to the whole network, generally. In this paper,
a Dynamic Window Secured Implicit Geographic Forwarding
(DWSIGF) routing is presented where a dynamic time is used for
collection window to collect Clear to Send (CTS) control packet in
order to find an appropriate hoping node. The DWIGF is expected to
minimize a chance to select an attacker as the hoping node that
caused by a blackhole attack that happen because of the CTS rushing
attack, which promise a good network performance with high packet
delivery ratios.
Abstract: In the project FleGSens, a wireless sensor network
(WSN) for the surveillance of critical areas and properties is currently developed which incorporates mechanisms to ensure information
security. The intended prototype consists of 200 sensor nodes for
monitoring a 500m long land strip. The system is focused on ensuring
integrity and authenticity of generated alarms and availability in the
presence of an attacker who may even compromise a limited number
of sensor nodes. In this paper, two of the main protocols developed
in the project are presented, a tracking protocol to provide secure
detection of trespasses within the monitored area and a protocol for secure detection of node failures. Simulation results of networks
containing 200 and 2000 nodes as well as the results of the first prototype comprising a network of 16 nodes are presented. The focus of the simulations and prototype are functional testing of the protocols
and particularly demonstrating the impact and cost of several attacks.
Abstract: This paper introduces a hardware solution to password
exposure problem caused by direct accesses to the keyboard hardware
interfaces through which a possible attacker is able to grab user-s
password even where existing countermeasures are deployed. Several
researches have proposed reasonable software based solutions to the
problem for years. However, recently introduced hardware
vulnerability problems have neutralized the software approaches and
yet proposed any effective software solution to the vulnerability.
Hardware approach in this paper is expected as the only solution to the
vulnerability
Abstract: Today’s technology is heavily dependent on web applications. Web applications are being accepted by users at a very rapid pace. These have made our work efficient. These include webmail, online retail sale, online gaming, wikis, departure and arrival of trains and flights and list is very long. These are developed in different languages like PHP, Python, C#, ASP.NET and many more by using scripts such as HTML and JavaScript. Attackers develop tools and techniques to exploit web applications and legitimate websites. This has led to rise of web application security; which can be broadly classified into Declarative Security and Program Security. The most common attacks on the applications are by SQL Injection and XSS which give access to unauthorized users who totally damage or destroy the system. This paper presents a detailed literature description and analysis on Web Application Security, examples of attacks and steps to mitigate the vulnerabilities.
Abstract: SQL injection on web applications is a very popular
kind of attack. There are mechanisms such as intrusion detection
systems in order to detect this attack. These strategies often rely on
techniques implemented at high layers of the application but do not
consider the low level of system calls. The problem of only
considering the high level perspective is that an attacker can
circumvent the detection tools using certain techniques such as URL
encoding. One technique currently used for detecting low-level
attacks on privileged processes is the tracing of system calls. System
calls act as a single gate to the Operating System (OS) kernel; they
allow catching the critical data at an appropriate level of detail. Our
basic assumption is that any type of application, be it a system
service, utility program or Web application, “speaks” the language of
system calls when having a conversation with the OS kernel. At this
level we can see the actual attack while it is happening. We conduct
an experiment in order to demonstrate the suitability of system call
analysis for detecting SQL injection. We are able to detect the attack.
Therefore we conclude that system calls are not only powerful in
detecting low-level attacks but that they also enable us to detect highlevel
attacks such as SQL injection.
Abstract: Nowadays wireless technology plays an important
role in public and personal communication. However, the growth of
wireless networking has confused the traditional boundaries between
trusted and untrusted networks. Wireless networks are subject to a
variety of threats and attacks at present. An attacker has the ability to
listen to all network traffic which becoming a potential intrusion.
Intrusion of any kind may lead to a chaotic condition. In addition,
improperly configured access points also contribute the risk to
wireless network. To overcome this issue, a security solution that
includes an intrusion detection and prevention system need to be
implemented. In this paper, first the security drawbacks of wireless
network will be analyzed then investigate the characteristics and also
the limitations on current wireless intrusion detection and prevention
system. Finally, the requirement of next wireless intrusion prevention
system will be identified including some key issues which should be
focused on in the future to overcomes those limitations.
Abstract: As the Internet continues to grow at a rapid pace as
the primary medium for communications and commerce and as
telecommunication networks and systems continue to expand their
global reach, digital information has become the most popular and
important information resource and our dependence upon the
underlying cyber infrastructure has been increasing significantly.
Unfortunately, as our dependency has grown, so has the threat to the
cyber infrastructure from spammers, attackers and criminal
enterprises. In this paper, we propose a new machine learning based
network intrusion detection framework for cyber security. The
detection process of the framework consists of two stages: model
construction and intrusion detection. In the model construction stage,
a semi-supervised machine learning algorithm is applied to a
collected set of network audit data to generate a profile of normal
network behavior and in the intrusion detection stage, input network
events are analyzed and compared with the patterns gathered in the
profile, and some of them are then flagged as anomalies should these
events are sufficiently far from the expected normal behavior. The
proposed framework is particularly applicable to the situations where
there is only a small amount of labeled network training data
available, which is very typical in real world network environments.