1,326 research outputs found

    Spear Phishing Attack Detection

    Get PDF
    This thesis addresses the problem of identifying email spear phishing attacks, which are indicative of cyber espionage. Spear phishing consists of targeted emails sent to entice a victim to open a malicious file attachment or click on a malicious link that leads to a compromise of their computer. Current detection methods fail to detect emails of this kind consistently. The SPEar phishing Attack Detection system (SPEAD) is developed to analyze all incoming emails on a network for the presence of spear phishing attacks. SPEAD analyzes the following file types: Windows Portable Executable and Common Object File Format (PE/COFF), Adobe Reader, and Microsoft Excel, Word, and PowerPoint. SPEAD\u27s malware detection accuracy is compared against five commercially-available email anti-virus solutions. Finally, this research quantifies the time required to perform this detection with email traffic loads emulating an Air Force base network. Results show that SPEAD outperforms the anti-virus products in PE/COFF malware detection with an overall accuracy of 99.68% and an accuracy of 98.2% where new malware is involved. Additionally, SPEAD is comparable to the anti-virus products when it comes to the detection of new Adobe Reader malware with a rate of 88.79%. Ultimately, SPEAD demonstrates a strong tendency to focus its detection on new malware, which is a rare and desirable trait. Finally, after less than 4 minutes of sustained maximum email throughput, SPEAD\u27s non-optimized configuration exhibits one-hour delays in processing files and links

    Participant Domain Name Token Profile for security enhancements supporting service oriented architecture

    Get PDF
    This research proposes a new secure token profile for improving the existing Web Services security standards. It provides a new authentication mechanism. This additional level of security is important for the Service-Oriented Architecture (SOA), which is an architectural style that uses a set of principles and design rules to shape interacting applications and maintain interoperability. Currently, the market push is towards SOA, which provides several advantages, for instance: integration with heterogeneous systems, services reuse, standardization of data exchange, etc. Web Services is one of the technologies to implement SOA and it can be implemented using Simple Object Access Protocol (SOAP). A SOAP-based Web Service relies on XML for its message format and common application layer protocols for message negotiation and transmission. However, it is a security challenge when a message is transmitted over the network, especially on the Internet. The Organization for Advancement of Structured Information Standards (OASIS) announced a set of Web Services Security standards that focus on two major areas. “Who” can use the Web Service and “What” are the permissions. However, the location or domain of the message sender is not authenticated. Therefore, a new secure token profile called: Participant Domain Name Token Profile (PDNT) is created to tackle this issue. The PDNT provides a new security feature, which the existing token profiles do not address. Location-based authentication is achieved if adopting the PDNT when using Web Services. In the performance evaluation, PDNT is demonstrated to be significantly faster than other secure token profiles. The processing overhead of using the PDNT with other secure token profiles is very small given the additional security provided. Therefore all the participants can acquire the benefits of increased security and performance at low cost

    De-ossifying the Internet Transport Layer : A Survey and Future Perspectives

    Get PDF
    ACKNOWLEDGMENT The authors would like to thank the anonymous reviewers for their useful suggestions and comments.Peer reviewedPublisher PD

    Styx Grid Services: Lightweight Middleware for Efficient Scientific Workflows

    Get PDF

    Performance Evaluation of Java Web Services: A Developer\u27s Perspective

    Get PDF
    With the rapid growth of traffic on the internet, further development of the web technology upon which it is based becomes extremely important. For the evolvement of Web 2.0, web services are essential. Web services are programs that allow different computer platforms to communicate interactively across the web, without the need for extra data for interfaces and formats, such as webpage structures. Since web services are a future trend for the growth of the internet, the tools used for their development are also important. Although there are many choices of web service frameworks to choose from, developers should choose the framework that best fits their applications, based on performance, time, and effort. For this project, we compared the qualitative and quantitative metrics of four common frameworks. The four frameworks were Apache Axis, JBossWS, Codehaus XFire, and Resin Hessian. After testing, the results were statistically analyzed using the Statistical Analysis System (SAS)

    Design and Implementation of a Local Area Network Based Multimedia Messaging Application

    Get PDF
    Communication these days has taken a huge turn to depend extremely on the internet. Software such as WhatsApp, Facebook, Instagram, and the general social media receive about a billion active users. This demonstrates how most communication has relied on the internet. However, this approach does not serve well under some conditions. Firstly, places without internet access suffer greatly from multimedia messaging. They are either unable to initiate a conversation at all or suffer a relatively slower user experience even when they message people in close proximity. Furthermore, the cost incurred in messaging people over these platforms with people nearby could be avoided should the communication be over a local area network rather than depending on the services of an Internet Service Provider. This project investigates the design and implementation of an efficient communication system for devices near each other that relies on any local area network that a particular device is connected to. Such targeted networks include mobile Wi-Fi and cable connections. This work designed and implemented a Local Area Network based Messaging Platform, capable of working on all local networks regardless of being cable or wireless. The system is extensible, allowing for a node to re-broadcast the network onto other networks it might be connected to and works without internet access, allowing the sending and sharing of text and media files
    • …
    corecore