Abstract: One of the leading problems in Cyber Security today
is the emergence of targeted attacks conducted by adversaries with
access to sophisticated tools. These attacks usually steal senior level
employee system privileges, in order to gain unauthorized access to
confidential knowledge and valuable intellectual property. Malware
used for initial compromise of the systems are sophisticated and
may target zero-day vulnerabilities. In this work we utilize common
behaviour of malware called ”beacon”, which implies that infected
hosts communicate to Command and Control servers at regular
intervals that have relatively small time variations. By analysing
such beacon activity through passive network monitoring, it is
possible to detect potential malware infections. So, we focus on
time gaps as indicators of possible C2 activity in targeted enterprise
networks. We represent DNS log files as a graph, whose vertices
are destination domains and edges are timestamps. Then by using
four periodicity detection algorithms for each pair of internal-external
communications, we check timestamp sequences to identify the
beacon activities. Finally, based on the graph structure, we infer the
existence of other infected hosts and malicious domains enrolled in
the attack activities.
Abstract: The Radio Frequency Identification (RFID) technology
has a diverse base of applications, but it is also prone to security
threats. There are different types of security attacks which limit the
range of the RFID applications. For example, deploying the RFID
networks in insecure environments could make the RFID system
vulnerable to many types of attacks such as spoofing attack, location
traceability attack, physical attack and many more. Therefore, security
is often an important requirement for RFID systems. In this paper,
RFID mutual authentication protocol is implemented based on mobile
agent technology and timestamp, which are used to provide strong
authentication and integrity assurances to both the RFID readers and
their corresponding RFID tags. The integration of mobile agent
technology and timestamp provides promising results towards
achieving this goal and towards reducing the security threats in RFID
systems.
Abstract: A new approach for timestamp ordering problem in
serializable schedules is presented. Since the number of users using
databases is increasing rapidly, the accuracy and needing high
throughput are main topics in database area. Strict 2PL does not
allow all possible serializable schedules and so does not result high
throughput. The main advantages of the approach are the ability to
enforce the execution of transaction to be recoverable and the high
achievable performance of concurrent execution in central databases.
Comparing to Strict 2PL, the general structure of the algorithm is
simple, free deadlock, and allows executing all possible serializable
schedules which results high throughput. Various examples which
include different orders of database operations are discussed.
Abstract: Most of the concurrent transactional protocols consider
serializability as a correctness criterion of the transactions execution.
Usually, the proof of the serializability relies on mathematical proofs
for a fixed finite number of transactions. In this paper, we introduce
a protocol to deal with an infinite number of transactions which are
iterated infinitely often. We specify serializability of the transactions
and the protocol using a specification language based on temporal
logics. It is worthwhile using temporal logics such as LTL (Lineartime
Temporal Logic) to specify transactions, to gain full automatic
verification by using model checkers.