220 research outputs found
Defensive Approaches on SQL Injection and Cross-Site Scripting Attacks
SQL Injection attacks are the most common attacks on the web applications Statistical analysis says that so many web sites which interact with the database are prone to SQL Injection XSS attacks Different kinds of vulnerability detection system and attack detection systems exist there is no efficient system for detecting these kinds of attacks SQL Injection attacks are possible due to the design drawbacks of the websites which interact with back-end databases Successful attacks may damage more The state-of-art web application input validation echniques fails to identify the proper SQL XSS Vulnerabilities accurately because of the systems correctness of sanity checking capability proper placement of valuators on the applications The systems fail while processing HTTP Parameter pollution attacks An extensive survey on the SQL Injection attacks is conducted to present various detection and prevension mechanism
Quire: Lightweight Provenance for Smart Phone Operating Systems
Smartphone apps often run with full privileges to access the network and
sensitive local resources, making it difficult for remote systems to have any
trust in the provenance of network connections they receive. Even within the
phone, different apps with different privileges can communicate with one
another, allowing one app to trick another into improperly exercising its
privileges (a Confused Deputy attack). In Quire, we engineered two new security
mechanisms into Android to address these issues. First, we track the call chain
of IPCs, allowing an app the choice of operating with the diminished privileges
of its callers or to act explicitly on its own behalf. Second, a lightweight
signature scheme allows any app to create a signed statement that can be
verified anywhere inside the phone. Both of these mechanisms are reflected in
network RPCs, allowing remote systems visibility into the state of the phone
when an RPC is made. We demonstrate the usefulness of Quire with two example
applications. We built an advertising service, running distinctly from the app
which wants to display ads, which can validate clicks passed to it from its
host. We also built a payment service, allowing an app to issue a request which
the payment service validates with the user. An app cannot not forge a payment
request by directly connecting to the remote server, nor can the local payment
service tamper with the request
Control Flow Analysis for BioAmbients
AbstractThis paper presents a static analysis for investigating properties of biological systems specified in BioAmbients. We exploit the control flow analysis to decode the bindings of variables induced by communications and to build a relation of the ambients that can interact with each other. We eventually apply our analysis to an example of gene regulation by positive feedback taken from the literature
Network Security Modelling with Distributional Data
We investigate the detection of botnet command and control (C2) hosts in
massive IP traffic using machine learning methods. To this end, we use NetFlow
data -- the industry standard for monitoring of IP traffic -- and ML models
using two sets of features: conventional NetFlow variables and distributional
features based on NetFlow variables. In addition to using static summaries of
NetFlow features, we use quantiles of their IP-level distributions as input
features in predictive models to predict whether an IP belongs to known botnet
families. These models are used to develop intrusion detection systems to
predict traffic traces identified with malicious attacks. The results are
validated by matching predictions to existing denylists of published malicious
IP addresses and deep packet inspection. The usage of our proposed novel
distributional features, combined with techniques that enable modelling complex
input feature spaces result in highly accurate predictions by our trained
models.Comment: Accepted and presented in CAMLIS 2022,
https://www.camlis.org/2022-conference. arXiv admin note: text overlap with
arXiv:2108.0892
Measuring inconsistency in a network intrusion detection rule set based on Snort
In this preliminary study, we investigate how inconsistency in a network intrusion detection rule set can be measured. To achieve this, we first examine the structure of these rules which are based on Snort and incorporate regular expression (Regex) pattern matching. We then identify primitive elements in these rules in order to translate the rules into their (equivalent) logical forms and to establish connections between them. Additional rules from background knowledge are also introduced to make the correlations among rules more explicit. We measure the degree of inconsistency in formulae of such a rule set (using the Scoring function, Shapley inconsistency values and Blame measure for prioritized knowledge) and compare the *This is a revised and significantly extended version of [1]
- …