Securing Web Applications from malware attacks using hybrid feature extraction

In this technological era, many of the applications are taking the utilization of services of internet in order to cater to the needs of its users. With the rise in number of internet users, there's a substantial inflation within the internet attacks. Because of this hike, Web Services give rise to new security threats. One among the major concerns is the susceptibility of the internet services for cross site scripting (XSS). More than three fourths of the malicious attacks are contributed by XSS. This article primarily focuses on detection and exploiting XSS vulnerabilities. Generally, improper sanitization of input results in these type of susceptibilities. This article primarily focuses on fuzzing, and brute forcing parameters for XSS vulnerability. In addition, we've mentioned the planned framework for contradicting XSS vulnerability

Securing Web Applications from malware attacks using hybrid feature extraction

In this technological era, many of the applications are taking the utilization of services of internet in order to cater to the needs of its users. With the rise in number of internet users, there's a substantial inflation within the internet attacks. Because of this hike, Web Services give rise to new security threats. One among the major concerns is the susceptibility of the internet services for cross site scripting (XSS). More than three fourths of the malicious attacks are contributed by XSS. This article primarily focuses on detection and exploiting XSS vulnerabilities. Generally, improper sanitization of input results in these type of susceptibilities. This article primarily focuses on fuzzing, and brute forcing parameters for XSS vulnerability. In addition, we've mentioned the planned framework for contradicting XSS vulnerability

Cyber-security training: A comparative analysis of cyber-ranges and emerging trends

Οι επιθέσεις στον κυβερνοχώρο γίνονται όλο και πιο προηγμένες και δύσκολα ανιχνεύσιμες, προέρχονται από ποικίλες πήγες και πραγματοποιούνται λαμβάνοντας πολλαπλές διαστάσεις και παίρνοντας διάφορες μορφές. Η ανάγκη οικοδόμησης και πειραματισμού σε προηγμένους μηχανισμούς ασφάλειας στον κυβερνοχώρο, καθώς και η συνεχής κατάρτιση με τη χρήση σύγχρονων μεθοδολογιών, τεχνικών και ενημερωμένων ρεαλιστικών σεναρίων είναι ζωτικής σημασίας. Τα Cyber Ranges μπορούν να προσφέρουν το περιβάλλον μέσα στο οποίο οι ιδικοί και επαγγελματίες στον τομέα της ασφάλειας στον κυβερνοχώρο μπορούν να εφαρμόσουν τεχνικές και δεξιότητες και να εκπαιδεύονται σε προσομοιώσεις σύνθετων δικτύων μεγάλης κλίμακας, προκειμένου να ανταποκριθούν σε πραγματικά σενάρια επίθεσης στον κυβερνοχώρο. Επιπλέον, μπορούν να προσομοιώσουν ένα περιβάλλον για τους επαγγελματίες της ασφάλειας πληροφοριών, να αξιολογήσουν τις διαδικασίες χειρισμού και αντιμετώπισης περιστατικών και να δοκιμάσουν νέες τεχνολογίες, προκειμένου να βοηθήσουν στην πρόληψη επιθέσεων στον κυβερνοχώρο. Κύριος σκοπός της παρούσας εργασίας είναι να περιγράψει τις λειτουργίες διαφόρων Cyber Ranges και να τονίσει τα κύρια δομικά στοιχεία και γνωρίσματα τους, να παρουσιάσει την υψηλού επιπέδου αρχιτεκτονική ενός υπερσύγχρονου Cyber Range και ταυτόχρονα να ταξινομήσει τα χαρακτηριστικά των υπό ανάλυση Cyber Ranges σύμφωνα με τα χαρακτηριστικά του προτεινόμενου.Cyber-attacks are becoming stealthier and more sophisticated can stem from various sources, using multiple vectors and taking different forms. The need for building and experimenting on advanced cyber-security mechanisms, as well as continuous training using state-of-the-art methodologies, techniques and up-to-date realistic scenarios is vital. Cyber Ranges can provide the environment where cyber-security experts and professionals can practice technical and soft skills and be trained on emulated large-scale complex networks in the way to respond to real-world cyber-attack scenarios. Furthermore, they can simulate an environment for information security professionals, to evaluate incident handling and response procedures and to test new technologies, in order to help prevent cyber-attacks. The main objective of this paper is to describe the functionalities of various Cyber Ranges and to highlight their key components and characteristics, to demonstrate a high-level architecture of a state-of-the-art Cyber Range while classifying the features of the reviewed Cyber Ranges according to the attributes of the proposed one

UNCOVERING AND MITIGATING UNSAFE PROGRAM INTEGRATIONS IN ANDROID

Android’s design philosophy encourages the integration of resources and functionalities from multiple parties, even with different levels of trust. Such program integrations, on one hand, connect every party in the Android ecosystem tightly on one single device. On the other hand, they can also pose severe security problems, if the security design of the underlying integration schemes is not well thought-out. This dissertation systematically evaluates the security design of three integration schemes on Android, including framework module, framework proxy and 3rd-party code embedding. With the security risks identified in each scheme, it concludes that program integrations on Android are unsafe. Furthermore, new frameworks have been designed and implemented to detect and mitigate the threats. The evaluation results on the prototypes have demonstrated their effectiveness

AN ENHANCEMENT ON TARGETED PHISHING ATTACKS IN THE STATE OF QATAR

The latest report by Kaspersky on Spam and Phishing, listed Qatar as one of the top 10 countries by percentage of email phishing and targeted phishing attacks. Since the Qatari economy has grown exponentially and become increasingly global in nature, email phishing and targeted phishing attacks have the capacity to be devastating to the Qatari economy, yet there are no adequate measures put in place such as awareness training programmes to minimise these threats to the state of Qatar. Therefore, this research aims to explore targeted attacks in specific organisations in the state of Qatar by presenting a new technique to prevent targeted attacks. This novel enterprise-wide email phishing detection system has been used by organisations and individuals not only in the state of Qatar but also in organisations in the UK. This detection system is based on domain names by which attackers carefully register domain names which victims trust. The results show that this detection system has proven its ability to reduce email phishing attacks. Moreover, it aims to develop email phishing awareness training techniques specifically designed for the state of Qatar to complement the presented technique in order to increase email phishing awareness, focused on targeted attacks and the content, and reduce the impact of phishing email attacks. This research was carried out by developing an interactive email phishing awareness training website that has been tested by organisations in the state of Qatar. The results of this training programme proved to get effective results by training users on how to spot email phishing and targeted attacks

Cyber Attack Surface Mapping For Offensive Security Testing

Security testing consists of automated processes, like Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST), as well as manual offensive security testing, like Penetration Testing and Red Teaming. This nonautomated testing is frequently time-constrained and difficult to scale. Previous literature suggests that most research is spent in support of improving fully automated processes or in finding specific vulnerabilities, with little time spent improving the interpretation of the scanned attack surface critical to nonautomated testing. In this work, agglomerative hierarchical clustering is used to compress the Internet-facing hosts of 13 representative companies as collected by the Shodan search engine, resulting in an average 89% reduction in attack surface complexity. The work is then extended to map network services and also analyze the characteristics of the Log4Shell security vulnerability and its impact on attack surface mapping. The results highlighted outliers indicative of possible anti-patterns as well as opportunities to improve how testers and tools map the web attack surface. Ultimately the work is extended to compress web attack surfaces based on security relevant features, demonstrating via accuracy measurements not only that this compression is feasible but can also be automated. In the process a framework is created which could be extended in future work to compress other attack surfaces, including physical structures/campuses for physical security testing and even humans for social engineering tests

Cyber Security

This open access book constitutes the refereed proceedings of the 16th International Annual Conference on Cyber Security, CNCERT 2020, held in Beijing, China, in August 2020. The 17 papers presented were carefully reviewed and selected from 58 submissions. The papers are organized according to the following topical sections: access control; cryptography; denial-of-service attacks; hardware security implementation; intrusion/anomaly detection and malware mitigation; social network security and privacy; systems security

Cyber Security

This open access book constitutes the refereed proceedings of the 18th China Annual Conference on Cyber Security, CNCERT 2022, held in Beijing, China, in August 2022. The 17 papers presented were carefully reviewed and selected from 64 submissions. The papers are organized according to the following topical sections: ​​data security; anomaly detection; cryptocurrency; information security; vulnerabilities; mobile internet; threat intelligence; text recognition

Cyber Security of Critical Infrastructures

Critical infrastructures are vital assets for public safety, economic welfare, and the national security of countries. The vulnerabilities of critical infrastructures have increased with the widespread use of information technologies. As Critical National Infrastructures are becoming more vulnerable to cyber-attacks, their protection becomes a significant issue for organizations as well as nations. The risks to continued operations, from failing to upgrade aging infrastructure or not meeting mandated regulatory regimes, are considered highly significant, given the demonstrable impact of such circumstances. Due to the rapid increase of sophisticated cyber threats targeting critical infrastructures with significant destructive effects, the cybersecurity of critical infrastructures has become an agenda item for academics, practitioners, and policy makers. A holistic view which covers technical, policy, human, and behavioural aspects is essential to handle cyber security of critical infrastructures effectively. Moreover, the ability to attribute crimes to criminals is a vital element of avoiding impunity in cyberspace. In this book, both research and practical aspects of cyber security considerations in critical infrastructures are presented. Aligned with the interdisciplinary nature of cyber security, authors from academia, government, and industry have contributed 13 chapters. The issues that are discussed and analysed include cybersecurity training, maturity assessment frameworks, malware analysis techniques, ransomware attacks, security solutions for industrial control systems, and privacy preservation methods