346 research outputs found
Comparing P2PTV Traffic Classifiers
Peer-to-Peer IP Television (P2PTV) applications represent one of the fastest growing application classes on the Internet, both in terms of their popularity and in terms of the amount of traffic they generate. While network operators require monitoring tools that can effectively analyze the traffic produced by these systems, few techniques have been tested on these mostly closed-source, proprietary applications. In this paper we examine the properties of three traffic classifiers applied to the problem of identifying P2PTV traffic. We report on extensive experiments conducted on traffic traces with reliable ground truth information, highlighting the benefits and shortcomings of each approach. The results show that not only their performance in terms of accuracy can vary significantly, but also that their usability features suggest different effective aspects that can be integrate
The ADSL Router Forensics Process
In 2010 the number of threats targeting ADSL routers is continually increasing. New and emergent threats have been developed to bypass authentication processes and obtain admin privileges directly to the device. As a result many malicious attempts are being made to alter the configuration data and make the device subsequently vulnerable. This paper discusses the non-invasive digital forensics approach into extracting evidence from ADSL routers. Specifically it validates an identified digital forensic process of acquisition. The paper then discusses how the approach may be utilised to extract configuration data ever after a device has been compromised to the point where a lock-out state has been initiated
Security awareness by online banking users in Western Australian of phishing attacks
Phishing involves sending e-mails pretending to be from the legitimate financial institutions to recipients and asking for personal information such as username and password. It also redirects network traffic to malicious sites, deny network traffic to web services, and modify protection mechanisms in the targeted computer systems. Consequences of successful attacks can include identity and financial losses, and unauthorised information disclosure.
The purpose of this study was to investigate the experiences of Western Australian bank users in using online banking. The study considered the relationship between the background of the Western Australian bank users and their experience in using online banking security. The research analysed phishing through case studies that highlighted some of the experiences of phishing attacks and how to deal with the problems. Emphasis was placed on knowledge of phishing and threats and how they were actually implemented, or may be used, in undermining the security of users’ online banking services. The preferences and perspectives of Western Australian bank users about the deployment of online banking security protection and about future online banking services, in order to safeguard themselves against phishing attacks, are presented. The aim was to assist such Australian bank users through exploring potential solutions and making recommendations arising from this study.
Research respondents had positive attitudes towards using online banking. Overall, they were satisfied with the security protection offered by their banks. However, although they believed that they had adequate knowledge of phishing and other online banking threats, their awareness of phishing attacks was not sufficient to protect themselves. Essentially, the respondents who had experienced a phishing attack believed it was due to weak security offered by their banks, rather than understanding that they needed more knowledge about security protection of their personal computers.
Further education is required if users are to become fully aware of the need for security within their personal online banking
Recommended from our members
Honeypots in the age of universal attacks and the Internet of Things
Today's Internet connects billions of physical devices. These devices are often immature and insecure, and share common vulnerabilities. The predominant form of attacks relies on recent advances in Internet-wide scanning and device discovery. The speed at which (vulnerable) devices can be discovered, and the device monoculture, mean that a single exploit, potentially trivial, can affect millions of devices across brands and continents.
In an attempt to detect and profile the growing threat of autonomous and Internet-scale attacks against the Internet of Things, we revisit honeypots, resources that appear to be legitimate systems. We show that this endeavour was previously limited by a fundamentally flawed generation of honeypots and associated misconceptions.
We show with two one-year-long studies that the display of warning messages has no deterrent effect in an attacked computer system. Previous research assumed that they would measure individual behaviour, but we find that the number of human attackers is orders of magnitude lower than previously assumed.
Turning to the current generation of low- and medium-interaction honeypots, we demonstrate that their architecture is fatally flawed. The use of off-the-shelf libraries to provide the transport layer means that the protocols are implemented subtly differently from the systems being impersonated. We developed a generic technique which can find any such honeypot at Internet scale with just one packet for an established TCP connection.
We then applied our technique and conducted several Internet-wide scans over a one-year period. By logging in to two SSH honeypots and sending specific commands, we not only revealed their configuration and patch status, but also found that many of them were not up to date. As we were the first to knowingly authenticate to honeypots, we provide a detailed legal analysis and an extended ethical justification for our research to show why we did not infringe computer-misuse laws.
Lastly, we present honware, a honeypot framework for rapid implementation and deployment of high-interaction honeypots. Honware automatically processes a standard firmware image and can emulate a wide range of devices without any access to the manufacturers' hardware. We believe that honware is a major contribution towards re-balancing the economics of attackers and defenders by reducing the period in which attackers can exploit vulnerabilities at Internet scale in a world of ubiquitous networked `things'.Premium Research Studentship, Department of Computer Science and Technology, University of Cambridg
- …