34,389 research outputs found
Reverse Proxy Framework using Sanitization Technique for Intrusion Prevention in Database
With the increasing importance of the internet in our day to day life, data
security in web application has become very crucial. Ever increasing on line
and real time transaction services have led to manifold rise in the problems
associated with the database security. Attacker uses illegal and unauthorized
approaches to hijack the confidential information like username, password and
other vital details. Hence the real time transaction requires security against
web based attacks. SQL injection and cross site scripting attack are the most
common application layer attack. The SQL injection attacker pass SQL statement
through a web applications input fields, URL or hidden parameters and get
access to the database or update it. The attacker take a benefit from user
provided data in such a way that the users input is handled as a SQL code.
Using this vulnerability an attacker can execute SQL commands directly on the
database. SQL injection attacks are most serious threats which take users input
and integrate it into SQL query. Reverse Proxy is a technique which is used to
sanitize the users inputs that may transform into a database attack. In this
technique a data redirector program redirects the users input to the proxy
server before it is sent to the application server. At the proxy server, data
cleaning algorithm is triggered using a sanitizing application. In this
framework we include detection and sanitization of the tainted information
being sent to the database and innovate a new prototype.Comment: 9 pages, 6 figures, 3 tables; CIIT 2013 International Conference,
Mumba
X-Ray Emission from Rotating Elliptical Galaxies
The slow inward flow of the hot gas in elliptical galaxy cooling flows is
nearly impossible to detect directly due to instrumental limitations. However,
in rotating galaxies, if the inflowing gas conserves angular momentum, it will
eventually form a disk. The X-ray signature of this phenomenon is a flattening
of the X-ray isophotes in the inner 1-10 kpc region. This effect is observable,
so we have searched for it in X-ray observations of six rotating and
non-rotating early-type galaxies, obtained mainly with the ROSAT PSPC and HRI
imagers. The ellipticities of the X-ray emission never increase toward the
central region, nor are the X-ray ellipticities significantly greater than the
ellipticities for the optical stellar emission. Central ellipticities in excess
of 0.5 were expected in rotating ellipticals whereas values of 0-0.2 are
measured. The failure to detect the expected signature requires a modification
to the standard cooling flow picture, possibly including partial galactic
winds, rapid mass drop-out, or turbulent redistribution of angular momentum.Comment: 34 postscript pages; ApJ, in press (Feb 10,2000
Graceful Termination -- Graceful Resetting
Correct ā let alone graceful ā termination of parallel systems is sometimes thought to be a difficult problem. This is particularly imagined to be so under the pure message-passing MIMD discipline of occam and transputer networks, where global operations (like setting a shared flag or abortions) are not allowed and where time-outs cannot be set for every communication. This paper describes some common, but erroneous, occam approaches to this problem and contrasts them with what can be done in Ada [0, 1, 2]. These methods are all rejected on the grounds of insecurity and performance overheads. A simple, legal, secure and efficient occam method is then presented. This method also solves a much more important problem ā the general (or partial) resetting of a parallel system (or sub-system). The resetting mechanism is quite independent of the parallel application algorithm, which can therefore be developed without worrying about such matters. This separation of concerns is good software engineering and is fully supported by the occam philosophy. Finally, an application of this resetting mechanism is described that permits the dynamic reconstruction of occam network topologies
Counter Attack on Byzantine Generals: Parameterized Model Checking of Fault-tolerant Distributed Algorithms
We introduce an automated parameterized verification method for
fault-tolerant distributed algorithms (FTDA). FTDAs are parameterized by both
the number of processes and the assumed maximum number of Byzantine faulty
processes. At the center of our technique is a parametric interval abstraction
(PIA) where the interval boundaries are arithmetic expressions over parameters.
Using PIA for both data abstraction and a new form of counter abstraction, we
reduce the parameterized problem to finite-state model checking. We demonstrate
the practical feasibility of our method by verifying several variants of the
well-known distributed algorithm by Srikanth and Toueg. Our semi-decision
procedures are complemented and motivated by an undecidability proof for FTDA
verification which holds even in the absence of interprocess communication. To
the best of our knowledge, this is the first paper to achieve parameterized
automated verification of Byzantine FTDA
Harbor Security System
Harbors and ports provide the infrastructure for commercial trade and naval facilities. It is vital to ensure the safety of these locations. The Harbor Security System provides an optical āgateā using underwater lasers and photodetectors. This system allows monitoring of both surface and submarine vessels traveling into and out of the harbor. Also, the system provides real time alerts when unauthorized vessels enter the harbor. This project provides a proof of concept for a Harbor Security System to be implemented in Portsmouth Harbor. A scaled model of the detection system was constructed and tested. This detection system is capable of detecting surface and submarine vessels along with their velocity and length. Results of the study showed that the average error of the size estimate was 15% and the average error of the velocity estimation ratio(slope) was 9%
Optimal and fast detection of spatial clusters with scan statistics
We consider the detection of multivariate spatial clusters in the Bernoulli
model with locations, where the design distribution has weakly dependent
marginals. The locations are scanned with a rectangular window with sides
parallel to the axes and with varying sizes and aspect ratios. Multivariate
scan statistics pose a statistical problem due to the multiple testing over
many scan windows, as well as a computational problem because statistics have
to be evaluated on many windows. This paper introduces methodology that leads
to both statistically optimal inference and computationally efficient
algorithms. The main difference to the traditional calibration of scan
statistics is the concept of grouping scan windows according to their sizes,
and then applying different critical values to different groups. It is shown
that this calibration of the scan statistic results in optimal inference for
spatial clusters on both small scales and on large scales, as well as in the
case where the cluster lives on one of the marginals. Methodology is introduced
that allows for an efficient approximation of the set of all rectangles while
still guaranteeing the statistical optimality results described above. It is
shown that the resulting scan statistic has a computational complexity that is
almost linear in .Comment: Published in at http://dx.doi.org/10.1214/09-AOS732 the Annals of
Statistics (http://www.imstat.org/aos/) by the Institute of Mathematical
Statistics (http://www.imstat.org
Network simulation using the simulation language for alternate modeling (SLAM 2)
The simulation language for alternate modeling (SLAM 2) is a general purpose language that combines network, discrete event, and continuous modeling capabilities in a single language system. The efficacy of the system's network modeling is examined and discussed. Examples are given of the symbolism that is used, and an example problem and model are derived. The results are discussed in terms of the ease of programming, special features, and system limitations. The system offers many features which allow rapid model development and provides an informative standardized output. The system also has limitations which may cause undetected errors and misleading reports unless the user is aware of these programming characteristics
- ā¦