328 research outputs found
PrivMail: A Privacy-Preserving Framework for Secure Emails
Emails have improved our workplace efficiency and communication. However, they are often processed unencrypted by mail servers, leaving them open to data breaches on a single service provider. Public-key based solutions for end-to-end secured email, such as Pretty Good Privacy (PGP) and Secure/Multipurpose Internet Mail Extensions (S/MIME), are available but are not widely adopted due to usability obstacles and also hinder processing of encrypted emails.
We propose PrivMail, a novel approach to secure emails using secret sharing methods. Our framework utilizes Secure Multi-Party Computation techniques to relay emails through multiple service providers, thereby preventing any of them from accessing the content in plaintext. Additionally, PrivMail supports private server-side email processing similar to IMAP SEARCH, and eliminates the need for cryptographic certificates, resulting in better usability than public-key based solutions. An important aspect of our framework is its capability to enable third-party searches on user emails while maintaining the privacy of both the email and the query used to conduct the search.
We integrate PrivMail into the current email infrastructure and provide a Thunderbird plugin to enhance user-friendliness. To evaluate our solution, we benchmarked transfer and search operations using the Enron Email Dataset and demonstrate that PrivMail is an effective solution for enhancing email security
New Approaches to Mitigation of Malicious Traffic in VoIP Networks
Voice over IP (VoIP) telephony is becoming widespread in use, and is often integrated into computer networks. Because of this, malicious software threatens VoIP systems in the same way that traditional computer systems have been attacked by viruses, worms, and other automated agents. VoIP networks are a challenge to secure against such malware as much of the network intelligence is focused on the edge devices and access environment. This paper describes the design and implementation of a novel VoIP security architecture in which evaluation of, and mitigation against, malicious traffic is demonstrated by the use of virtual machines to emulate vulnerable clients and servers through the use of apparent attack vectors. This new architecture, which is part of an ongoing research project, establishes interaction between the VoIP backend and the end users, thus providing information about ongoing and unknown attacks to users
CERT strategy to deal with phishing attacks
Every day, internet thieves employ new ways to obtain personal identity
people and get access to their personal information. Phishing is a somehow
complex method that has recently been considered by internet thieves.The
present study aims to explain phishing, and why an organization should deal
with it and its challenges of providing. In addition, different kinds of this
attack and classification of security approaches for organizational and lay
users are addressed in this article. Finally, the CERT strategy is presented to
deal with phishing and studying some anti-phishing
VoIP security - attacks and solutions
Voice over IP (VoIP) technology is being extensively and rapidly deployed. Flexibility and cost efficiency are the key factors luring enterprises to transition to VoIP. Some security problems may surface with the widespread deployment of VoIP. This article presents an overview of VoIP systems and its security issues. First, we briefly describe basic VoIP architecture and its fundamental differences compared to PSTN. Next, basic VoIP protocols used for signaling and media transport, as well as defense mechanisms are described. Finally, current and potential VoIP attacks along with the approaches that have been adopted to counter the attacks are discussed
Using a Certificate Public Key to Protect DKIM Public Key Spoofing
Brand Indicators for Message Identification (BIMI) is a standard that allows domain owners to coordinate with Mail User Agents (MUAs) to display brand-specific indicators or logos next to properly authenticated messages. A Verified Mark Certificate allows an email service to authenticate a logo, but currently BIMI is susceptible to DNS spoofing attacks. In this work, BIMI messages are protected from DNS spoofing by aligning the messageβs DomainKeys Identified Mail (DKIM) public key with the public key associated with the VMC. The email service may validate the alignment between the keys as part of the authentication of the message. When the keys match, the email service may display the indicator or logo along with the message. When the keys do not match, the email service may reject the authentication and not display the logo or indicator
Π‘Π»ΠΎΠΆΠ½ΠΎΡΡΡ ΠΊΠ°ΠΊ Π³ΡΠ°Π½ΠΈΡΠ° ΡΠΏΡΠ°Π²Π»ΡΠ΅ΠΌΠΎΡΡΠΈ ΡΠ»ΠΎΠΆΠ½ΠΎΠΉ ΡΠΎΡΠΈΠΎΡΠ΅Ρ Π½ΠΈΡΠ΅ΡΠΊΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΠΎΠΉ
ΠΡΠ΄Π²ΠΈΠ½ΡΡΠ° Π³ΠΈΠΏΠΎΡΠ΅Π·Π° ΡΡΡΠ΅ΡΡΠ²ΠΎΠ²Π°Π½ΠΈΡ Π·Π°Π²ΠΈΡΠΈΠΌΠΎΡΡΠΈ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ ΠΎ Π³ΡΠ°Π½ΠΈΡΠ°Ρ
ΡΠΏΡΠ°Π²Π»ΡΠ΅ΠΌΠΎΡΡΠΈ ΡΠΎΡΠΈΠΎΡΠ΅Ρ
Π½ΠΈΡΠ΅ΡΠΊΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ ΠΎΡ ΡΡΡΠ΅ΠΊΡΠΈΠ²Π½ΠΎΡΡΠΈ Π΅Π΅ ΡΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ. ΠΠΏΡΠ΅Π΄Π΅Π»Π΅Π½Ρ ΡΡΠΎΠ²Π½ΠΈ ΠΎΠΏΠΈΡΠ°Π½ΠΈΡ ΡΠΎΡΠΈΠΎΡΠ΅Ρ
Π½ΠΈΡΠ΅ΡΠΊΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ ΠΈ ΠΏΡΠΈΡΠΈΠ½Ρ ΠΏΠΎΠ²ΡΡΠ΅Π½ΠΈΡ Π΅Π΅ ΡΠ»ΠΎΠΆΠ½ΠΎΡΡΠΈ. ΠΠΏΠΈΡΠ°Π½Π° ΠΌΠΎΠ΄Π΅Π»Ρ ΡΠΎΡΠΈΠΎΡΠ΅Ρ
Π½ΠΈΡΠ΅ΡΠΊΠΎΠΉ ΡΠΈΡΡΠ΅ΠΌΡ Ρ ΡΠΎΡΠΊΠΈ Π·ΡΠ΅Π½ΠΈΡ ΡΠΎΠ²ΠΎΠΊΡΠΏΠ½ΠΎΡΡΠΈ ΡΡΡΡΠΊΡΡΡ ΡΠ΅Π°Π»ΠΈΠ·ΡΡΡΠΈΡ
ΡΠ΅Π»ΠΈ, ΡΠ΅Ρ
Π½ΠΎΠ»ΠΎΠ³ΠΈΠΉ, ΡΠ°ΠΊΡΠΎΡΠΎΠ² Π²Π»ΠΈΡΡΡΠΈΡ
Π½Π° ΡΡΠ½ΠΊΡΠΈΠΎΠ½ΠΈΡΠΎΠ²Π°Π½ΠΈΠ΅.The article deals with a hypothesis of the existence depending information about the boundaries of socio-technical system of control on the effectiveness of its control. The author defines the levels of describing of socio-technical system and describes the reasons for increasing its complexity. The model of socio-technical system is made from the point of complex of structures realizing aims, technologies, factors which influence on the operation
- β¦