Proposed architecture for intrusion detection system for software as a service in cloud computing environment

The purpose of this paper is to propose an architecture for intrusion detection based on Software as a Service (SaaS) called Software as a Service Intrusion Detection Services (SaaSIDS) in a cloud environment. Therefore, this research focusing on developing Software As A Service IDS (SaaSIDS) where the traffic at different points of the network is sniffed and the interested packets would be transferred to the SaaSIDS for further inspection. The main engine of SaaSIDS is the hybrid analysis engine where the signature based engine and anomaly based engine which using artificial immune system will work in parallel. The SaaSIDS is able to identify malicious activity and would generate appropriate alerts and notification accordingly

Traditional security risk assessment methods in cloud computing environment: usability analysis

The term "Cloud Computing" has become very common in our daily life. Cloud computing has emerged with promises to decrease the cost of computing implementation and deliver the computing as service, where the clients pay only for what he needed and used. However, due to the new structure of the cloud computing model, several security concerns have been raised and many other security threats have been needed to be reevaluated according to the cloud structure. Besides, the traditional security risk assessment methods become unfit for cloud computing model due to its new distinguished characteristics. In this paper, we analysis the ability to assess the security risks in cloud computing environments

Security source code analysis of applications in Android OS

It is a known fact that Android mobile phones' security has room for improvement. Many malicious app developers have targeted android mobile phones, mainly because android as an open operating system provides great flexibility to developers and there are many android phones which do not have the latest security updates. With the update of marshmallow in android, applications request permission only during runtime, but not all users have this update. This is important because user permission is required to perform certain actions. The permissions may be irrelevant to the features provided by an application. The purpose of this research is to investigate the use and security risk of seeming irrelevant permissions in applications available from Google store. Two different applications which seem to ask irrelevant permissions during installation were selected from Google store. To test these applications, static analysis, dynamic analysis and reverse engineering tools were used. Findings show potentially malicious behavior, demonstrating that downloading apps from Google play store do not guarantee security

Preventive measures for cross site request forgery attacks on web-based applications

Today's contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL

IoT security for smart grid environment: Issues and solutions

The Internet of Things (IoT) is the Internet's latest innovation today, where every physical object is situated or where measurement, as well as communication capacities, can be seamlessly synchronized to the Internet at various rates. The most important infrastructure, the smart grid, is called the extended version of the power grid with comprehensive Internet infrastructure. The smart grid will include billions of intelligent appliances: intelligent meters, actuators, vehicles and so on, despite a few correspondence infrastructures, whether public or private. Notwithstanding, security is viewed as one of the primary considerations hampering the large scope reception and arrangement of both the IoT vision and the smart grid. To date, the issues of IoT for the smart grid are rarely discussed empirically in any academic research. This study aims to examine security problems and challenges in the IoT smart grid system. Findings show various issues that we can categorize into three parts; component issues, system issues and network issues. As a result, this study proposes a mitigation plan for the problems highlighted by developing an IoT smart grid security component model

Digital forensic investigation challenges based on cloud computing characteristics

One of the most popular computing technologies is cloud computing. There are many benefits in adopting cloud computing such as high-performance, flexibility and availability ondemand, more focused on the business objective and low-cost. However, the characteristics of the cloud computing environment have created many difficulties and challenges for digital forensic investigation processes. Therefore, this paper focuses on the digital forensic investigation challenges based on cloud computing characteristics

Analysis of Feature Categories for Malware Visualization

It is important to know which features are more effective for certain visualization types. Furthermore, selecting an appropriate visualization tool plays a key role in descriptive, diagnostic, predictive and prescriptive analytics. Moreover, analyzing the activities of malicious scripts or codes is dependent on the extracted features. In this paper, the authors focused on reviewing and classifying the most common extracted features that have been used for malware visualization based on specified categories. This study examines the features categories and its usefulness for effective malware visualization. Additionally, it focuses on the common extracted features that have been used in the malware visualization domain. Therefore, the conducted literature review finding revealed that the features could be categorized into four main categories, namely, static, dynamic, hybrid, and application metadata. The contribution of this research paper is about feature selection for illustrating which features are effective with which visualization tools for malware visualization