A Security Proposal Based on a Real Time Agent to Protect Web Services Against DoS Attack

This paper describes a novel proposal based on a real time agent to detect and block denial of service attacks within web services environments. The real time agent incorporates a classification mechanism based on a Case-Base Reasoning (CBR) model, where the different CBR phases are time bounded. In addition, the reuse phase of the CBR cycle incorporates a mixture of experts to choose a specific technique of classification depending on the feature of the attack and the available time to solve the classification.This paper describes a novel proposal based on a real time agent to detect and block denial of service attacks within web services environments. The real time agent incorporates a classification mechanism based on a Case-Base Reasoning (CBR) model, where the different CBR phases are time bounded. In addition, the reuse phase of the CBR cycle incorporates a mixture of experts to choose a specific technique of classification depending on the feature of the attack and the available time to solve the classification

Intrusion detection mechanisms for VoIP applications

VoIP applications are emerging today as an important component in business and communication industry. In this paper, we address the intrusion detection and prevention in VoIP networks and describe how a conceptual solution based on the Bayes inference approach can be used to reinforce the existent security mechanisms. Our approach is based on network monitoring and analyzing of the VoIP-specific traffic. We give a detailed example on attack detection using the SIP signaling protocol

HandiVote: simple, anonymous, and auditable electronic voting

We suggest a set of procedures utilising a range of technologies by which a major democratic deficit of modern society can be addressed. The mechanism, whilst it makes limited use of cryptographic techniques in the background, is based around objects and procedures with which voters are currently familiar. We believe that this holds considerable potential for the extension of democratic participation and control

INTEGRATION OF INTELLIGENCE TECHNIQUES ON THE EXECUTION OF PENETRATION TESTS (iPENTEST)

Penetration Tests (Pentests) identify potential vulnerabilities in the security of computer systems via security assessment. However, it should also benefit from widely recognized methodologies and recommendations within this field, as the Penetration Testing Execution Standard (PTES). The objective of this research is to explore PTES, particularly the three initial phases: 1. Pre-Engagement Interactions; 2. Intelligence Gathering; 3. Threat Modeling; and ultimately to apply Intelligence techniques to the Threat Modeling phase. To achieve this, we will use open-source and/or commercial tools to structure a process to clarify how the results were reached using the research inductive methodology. The following steps were implemented: i) critical review of the “Penetration Testing Execution Standard (PTES)”; ii) critical review of Intelligence Production Process; iii) specification and classification of contexts in which Intelligence could be applied; iv) definition of a methodology to apply Intelligence Techniques to the specified contexts; v) application and evaluation of the proposed methodology to real case study as proof of concept. This research has the ambition to develop a model grounded on Intelligence techniques to be applied on PTES Threat Modeling phase

DDoS-Capable IoT Malwares: comparative analysis and Mirai Investigation

The Internet of Things (IoT) revolution has not only carried the astonishing promise to interconnect a whole generation of traditionally “dumb” devices, but also brought to the Internet the menace of billions of badly protected and easily hackable objects. Not surprisingly, this sudden flooding of fresh and insecure devices fueled older threats, such as Distributed Denial of Service (DDoS) attacks. In this paper, we first propose an updated and comprehensive taxonomy of DDoS attacks, together with a number of examples on how this classification maps to real-world attacks. Then, we outline the current situation of DDoS-enabled malwares in IoT networks, highlighting how recent data support our concerns about the growing in popularity of these malwares. Finally, we give a detailed analysis of the general framework and the operating principles of Mirai, the most disruptive DDoS-capable IoT malware seen so far

Intelligent Detection and Recovery from Cyberattacks for Small and Medium-Sized Enterprises

Cyberattacks threaten continuously computer security in companies. These attacks evolve everyday, being more and more sophisticated and robust. In addition, they take advantage of security breaches in organizations and companies, both public and private. Small and Medium-sized Enterprises (SME), due to their structure and economic characteristics, are particularly damaged when a cyberattack takes place. Although organizations and companies put lots of efforts in implementing security solutions, they are not always effective. This is specially relevant for SMEs, which do not have enough economic resources to introduce such solutions. Thus, there is a need of providing SMEs with affordable, intelligent security systems with the ability of detecting and recovering from the most detrimental attacks. In this paper, we propose an intelligent cybersecurity platform, which has been designed with the objective of helping SMEs to make their systems and network more secure. The aim of this platform is to provide a solution optimizing detection and recovery from attacks. To do this, we propose the application of proactive security techniques in combination with both Machine Learning (ML) and blockchain. Our proposal is enclosed in the IASEC project, which allows providing security in each of the phases of an attack. Like this, we help SMEs in prevention, avoiding systems and network from being attacked; detection, identifying when there is something potentially harmful for the systems; containment, trying to stop the effects of an attack; and response, helping to recover the systems to a normal state