Secure Virtualization and Multicore Platforms State-of-the-Art report

SVaM

Bayesian based intrusion detection system

AbstractIn this paper an intrusion detection system is developed using Bayesian probability. The system developed is a naive Bayesian classifier that is used to identify possible intrusions. The system is trained a priori using a subset of the KDD dataset. The trained classifier is then tested using a larger subset of KDD dataset. The Bayesian classifier was able to detect intrusion with a superior detection rate

Spatiotemporal Patterns and Predictability of Cyberattacks

Y.C.L. was supported by Air Force Office of Scientific Research (AFOSR) under grant no. FA9550-10-1-0083 and Army Research Office (ARO) under grant no. W911NF-14-1-0504. S.X. was supported by Army Research Office (ARO) under grant no. W911NF-13-1-0141. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.Peer reviewedPublisher PD

A Review on Malicious URL Detection using Machine Learning Systems

Malicious web sites pretendsignificant danger to desktop security and privacy.These links become instrumental in giving partial or full system control to the attackers. This results in victim systems, which get easily infected and, attackers can utilize systems for various cyber-crimes such as stealing credentials, spamming, phishing, denial-of-service and many more such attack. Detection of such website is difficult because of thephishing campaigns and the efforts to avoid blacklists.To look for malicious URLs, the first step is usually to gather URLs that are liveon the Internet. There are various stages to detect this URLs such as collection of dataset, extracting feature using different feature extraction techniques and Classification of extracted feature. This paper focus on comparative analysis of malicious URL detection techniques

Database Intrusion Detection: Defending Against the Insider Threat

Not only are Databases an integral and critical part of many information systems, they are critical information assets to many business enterprises. However, the network and host intrusion detection systems most enterprises use to detect attacks against their information systems cannot detect transaction-level attacks against databases. Transaction-level attacks often come from authorized users in the form of inference, query flood, or other anomalous query attacks. Insider attacks are not only growing in frequency, but remain significantly more damaging to businesses than external attacks. This paper proposes a database intrusion detection model to detect and respond to transaction-level attacks from authorized database users

Spatiotemporal patterns and predictability of cyberattacks

A relatively unexplored issue in cybersecurity science and engineering is whether there exist intrinsic patterns of cyberattacks. Conventional wisdom favors absence of such patterns due to the overwhelming complexity of the modern cyberspace. Surprisingly, through a detailed analysis of an extensive data set that records the time-dependent frequencies of attacks over a relatively wide range of consecutive IP addresses, we successfully uncover intrinsic spatiotemporal patterns underlying cyberattacks, where the term "spatio" refers to the IP address space. In particular, we focus on analyzing {\em macroscopic} properties of the attack traffic flows and identify two main patterns with distinct spatiotemporal characteristics: deterministic and stochastic. Strikingly, there are very few sets of major attackers committing almost all the attacks, since their attack "fingerprints" and target selection scheme can be unequivocally identified according to the very limited number of unique spatiotemporal characteristics, each of which only exists on a consecutive IP region and differs significantly from the others. We utilize a number of quantitative measures, including the flux-fluctuation law, the Markov state transition probability matrix, and predictability measures, to characterize the attack patterns in a comprehensive manner. A general finding is that the attack patterns possess high degrees of predictability, potentially paving the way to anticipating and, consequently, mitigating or even preventing large-scale cyberattacks using macroscopic approaches

A Design and Analysis of Graphical Password

The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, users tend to pick passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. To address this problem, some researchers have developed authentication methods that use pictures as passwords. In this paper, I conduct a comprehensive survey of the existing graphical password techniques. I classify these techniques into two categories: recognition-based and recall-based approaches. I discuss the strengths and limitations of each method and point out the future research directions in this area. I also developed three new techniques against the common problem exists in the present graphical password techniques. In this thesis, the scheme of each new technique will be proposed; the advantages of each technique will be discussed; and the future work will be anticipated

Against spyware using CAPTCHA in graphical password scheme

Text-based password schemes have inherent security and usability problems, leading to the development of graphicalpassword schemes. However, most of these alternate schemes are vulnerable to spyware attacks. We propose a new scheme, using CAPTCHA (Completely Automated Public Turing tests to tell Computers and Humans Apart) that retaining the advantages of graphical password schemes, while simultaneously raising the cost of adversaries by orders of magnitude. Furthermore, some primary experiments are conducted and the results indicate that the usability should be improved in the future work