Bio-Inspired Mechanism For Securing Distributed Networked Component Based Software

Distributed Networked systems and applications are created by composing a complex set of component-based software. These components are subject to continuous upgrade, replacement, and scaling, and also anomaly attacks. These conditions must be monitored and controlled in order to have these behaviors seem normal and routine. Self-regenerative systems are new and software paradigm in survivable system design. Self-regeneration ensures the property that a system must have and cannot be vulnerable to external factors and fail. In order to establish the utility of self-regenerative capability in design of survivable systems, it is important to ensure that a system satisfying the self-regenerative requirement is survivable. Studies have been carried out to build self-regenerative systems using multi agent paradigm in order to ensure network software survivability, and a secure system. In this thesis, the architecture based on distributed concept and cell regeneration system is presented. To ensure that the system satisfy the self-regenerative requirements, the model support and execute its mission in the presence of attacks, by implementing the multi agent system. The concept of an agent provides a convenient and powerful way to describe a complex software entity that is capable of acting with a certain degree of autonomy in order to accomplish tasks on behalf of its user, multiple agent are implemented for robustness. Our model consists of four agents. The first agent will perform the monitoring and detection of any malicious activities by observing behavior of the attack. The second agent will be activated from the action of replications of the component, and the third agent will carry out the prevention of attack. The fourth provide routing management services. Result has been generated by implementing and developing the four agents as a standalone by JADE (java agent development framework)

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

Detecting malicious VBscripts using anomaly host based IDS based on principal component analysis (PCA)

Intrusion detection research over the last twenty years has focused on the threat of individuals illegally hacking into systems. Nowadays, intrusion threat to computer systems has changed radically. Instead of dealing with hackers, most current works focus on defending the system against code-driven attacks. Today’s web script codes such as VBScript are receiving increasing focus as a backdoor for attacking many computers through e-mail attachments or infected web sites. The nature of these malicious codes is that they can spread widely causing serious damages to many applications. Moreover, the majority of anti-virus tools used today are able to detect known attacks but are unable to detect new and unknown attacks. The work in this thesis presents an Anomaly host based Intrusion Detection System (IDS) that provides protection against web attacks from malicious VBScripts. The core of the system treats anomalies as outliers and this IDS model uses a Multivariate Statistical technique, Principal Component Analysis (PCA) to reduce the dimensionality of the problem while keeping the major principal components of benign instances. Hence, the system can easily filter malicious scripts that deviate from normal behavior and allow for normal scripts to bypass; so any future or unknown VBScript attacks are effectively captured while maintaining a low rate of false alarms

Strategic Techniques for Enhancing Web Services Security in Cloud Computing Model

The 21st century has witnessed an integration of enterprise business process with emerging techniques in a quest to maximize opportunities and organisational strength. In spite of these, vulnerabilities and risks still abound due to the integration for an effective operational mechanism. Mitigating against these requires strategic techniques for enhancing web services security. It is on this background that this paper has been presented. A critical study of web services architecture and cloud computing model as an emerging technology has been given a succinct digest. Furthermore, an evaluation of recent trends in web services and cloud computing model security issues were x-rayed. The threat to web services application deployed in cloud computing were identified hence presenting strategic techniques for enhancing web services security as a proactive measure to enhancing enterprise success. This paper concludes by re-iterating the need to understanding various security threats and proactively and dynamically reacting to them. Keywords: Web Services, Cloud Computing, Cross Site Scripting, SQL Injection and Web Securit

Security of the Internet of Things: Vulnerabilities, Attacks and Countermeasures

Wireless Sensor Networks (WSNs) constitute one of the most promising third-millennium technologies and have wide range of applications in our surrounding environment. The reason behind the vast adoption of WSNs in various applications is that they have tremendously appealing features, e.g., low production cost, low installation cost, unattended network operation, autonomous and longtime operation. WSNs have started to merge with the Internet of Things (IoT) through the introduction of Internet access capability in sensor nodes and sensing ability in Internet-connected devices. Thereby, the IoT is providing access to huge amount of data, collected by the WSNs, over the Internet. Hence, the security of IoT should start with foremost securing WSNs ahead of the other components. However, owing to the absence of a physical line-of-defense, i.e., there is no dedicated infrastructure such as gateways to watch and observe the flowing information in the network, security of WSNs along with IoT is of a big concern to the scientific community. More specifically, for the application areas in which CIA (confidentiality, integrity, availability) has prime importance, WSNs and emerging IoT technology might constitute an open avenue for the attackers. Besides, recent integration and collaboration of WSNs with IoT will open new challenges and problems in terms of security. Hence, this would be a nightmare for the individuals using these systems as well as the security administrators who are managing those networks. Therefore, a detailed review of security attacks towards WSNs and IoT, along with the techniques for prevention, detection, and mitigation of those attacks are provided in this paper. In this text, attacks are categorized and treated into mainly two parts, most or all types of attacks towards WSNs and IoT are investigated under that umbrella: “Passive Attacks” and “Active Attacks”. Understanding these attacks and their associated defense mechanisms will help paving a secure path towards the proliferation and public acceptance of IoT technology

Mechanisms for analysis and detection of ransomware in desktop operating systems

Mestrado de dupla diplomação com a UTFPR - Universidade Tecnológica Federal do ParanáRansomware attacks have become a danger to computer systems, leading to data loss, monetary losses, and business interruptions. We propose a machine learning-based method for ransomware detection on Linux to identify these attacks. To detect ransomware activity on the system, our approach combines the file system with a predictive model. To obtain sufficient infection information we use the data from the alteration calls to the files on the file system. This data is then fed into a machine-learning algorithm. Using a dataset we collected from uninfected files and files infected with various types of ransomware and were able to achieve a high detection rate with a low false positive rate. Our methodology can be incorporated into current security programs to improve detection and defense against ransomware attacks in the Linux environment.Os ataques de ransomware se tornaram um perigo para os sistemas de computador, levando à perda de dados, perdas monetárias e interrupções nos negócios. Propomos um método baseado em aprendizado de máquina para detecção de ransomware no Linux para identificar esses ataques. Para detectar a atividade de ransomware no sistema, nossa abordagem combina o sistema de arquivos com um modelo preditivo. Para obter informações suficientes sobre a infecção, usamos os dados das chamadas de alteração dos arquivos no sistema de arquivos. Esses dados são então inseridos em um algoritmo de aprendizado de máquina. Usando um conjunto de dados que coletamos de arquivos não infectados e arquivos infectados com vários tipos de ransomware, conseguimos atingir uma alta taxa de detecção com uma baixa taxa de falsos positivos. Esta metodologia pode ser incorporada nos programas de segurança atuais para melhorar a detecção e a defesa contra ataques de ransomware no ambiente Linux

Security Analysis and Improvement Model for Web-based Applications

Today the web has become a major conduit for information. As the World Wide Web?s popularity continues to increase, information security on the web has become an increasing concern. Web information security is related to availability, confidentiality, and data integrity. According to the reports from http://www.securityfocus.com in May 2006, operating systems account for 9% vulnerability, web-based software systems account for 61% vulnerability, and other applications account for 30% vulnerability. In this dissertation, I present a security analysis model using the Markov Process Model. Risk analysis is conducted using fuzzy logic method and information entropy theory. In a web-based application system, security risk is most related to the current states in software systems and hardware systems, and independent of web application system states in the past. Therefore, the web-based applications can be approximately modeled by the Markov Process Model. The web-based applications can be conceptually expressed in the discrete states of (web_client_good; web_server_good, web_server_vulnerable, web_server_attacked, web_server_security_failed; database_server_good, database_server_vulnerable, database_server_attacked, database_server_security_failed) as state space in the Markov Chain. The vulnerable behavior and system response in the web-based applications are analyzed in this dissertation. The analyses focus on functional availability-related aspects: the probability of reaching a particular security failed state and the mean time to the security failure of a system. Vulnerability risk index is classified in three levels as an indicator of the level of security (low level, high level, and failed level). An illustrative application example is provided. As the second objective of this dissertation, I propose a security improvement model for the web-based applications using the GeoIP services in the formal methods. In the security improvement model, web access is authenticated in role-based access control using user logins, remote IP addresses, and physical locations as subject credentials to combine with the requested objects and privilege modes. Access control algorithms are developed for subjects, objects, and access privileges. A secure implementation architecture is presented. In summary, the dissertation has developed security analysis and improvement model for the web-based application. Future work will address Markov Process Model validation when security data collection becomes easy. Security improvement model will be evaluated in performance aspect