36,843 research outputs found

    Security of internet protocol cameras - A case example

    Get PDF
    The interaction of consumer devices and the internet, especially in relation to security, has always been tenuous. Where it is in the best interests of companies to produce products that are cheap and accessible, these traits often go against that of security. This investigation undertakes an analysis of one such device - the DCS-930L internet protocol camera from D-Link. This camera is analysed for vulnerabilities, with an emphasis on those relating to authentication mechanisms. Several vulnerabilities are identified, and potential attacks based on these are discussed. Solutions or mitigations to these vulnerabilities are presented

    Secure Identification in Social Wireless Networks

    Get PDF
    The applications based on social networking have brought revolution towards social life and are continuously gaining popularity among the Internet users. Due to the advanced computational resources offered by the innovative hardware and nominal subscriber charges of network operators, most of the online social networks are transforming into the mobile domain by offering exciting applications and games exclusively designed for users on the go. Moreover, the mobile devices are considered more personal as compared to their desktop rivals, so there is a tendency among the mobile users to store sensitive data like contacts, passwords, bank account details, updated calendar entries with key dates and personal notes on their devices. The Project Social Wireless Network Secure Identification (SWIN) is carried out at Swedish Institute of Computer Science (SICS) to explore the practicality of providing the secure mobile social networking portal with advanced security features to tackle potential security threats by extending the existing methods with more innovative security technologies. In addition to the extensive background study and the determination of marketable use-cases with their corresponding security requirements, this thesis proposes a secure identification design to satisfy the security dimensions for both online and offline peers. We have implemented an initial prototype using PHP Socket and OpenSSL library to simulate the secure identification procedure based on the proposed design. The design is in compliance with 3GPP‟s Generic Authentication Architecture (GAA) and our implementation has demonstrated the flexibility of the solution to be applied independently for the applications requiring secure identification. Finally, the thesis provides strong foundation for the advanced implementation on mobile platform in future

    Session Initiation Protocol Attacks and Challenges

    Full text link
    In recent years, Session Initiation Protocol (SIP) has become widely used in current internet protocols. It is a text-based protocol much like Hyper Text Transport Protocol (HTTP) and Simple Mail Transport Protocol (SMTP). SIP is a strong enough signaling protocol on the internet for establishing, maintaining, and terminating session. In this paper the areas of security and attacks in SIP are discussed. We consider attacks from diverse related perspectives. The authentication schemes are compared, the representative existing solutions are highlighted, and several remaining research challenges are identified. Finally, the taxonomy of SIP threat will be presented

    On an authentication scheme based on the Root Problem in the braid group

    Get PDF
    Lal and Chaturvedi proposed two authentication schemes based on the difficulty of the Root Problem in the braid group. We point out that the first scheme is not really as secure as the Root Problem, and describe an efficient way to crack it. The attack works for any group.Comment: This paper has been withdrawn by the author. One of the claims is incorrect as written. We are working on correcting and generalizing it. This will be published in another pape
    corecore