65 research outputs found

    Proposed architecture for intrusion detection system for software as a service in cloud computing environment

    Get PDF
    The purpose of this paper is to propose an architecture for intrusion detection based on Software as a Service (SaaS) called Software as a Service Intrusion Detection Services (SaaSIDS) in a cloud environment. Therefore, this research focusing on developing Software As A Service IDS (SaaSIDS) where the traffic at different points of the network is sniffed and the interested packets would be transferred to the SaaSIDS for further inspection. The main engine of SaaSIDS is the hybrid analysis engine where the signature based engine and anomaly based engine which using artificial immune system will work in parallel. The SaaSIDS is able to identify malicious activity and would generate appropriate alerts and notification accordingly

    Traditional security risk assessment methods in cloud computing environment: usability analysis

    Get PDF
    The term "Cloud Computing" has become very common in our daily life. Cloud computing has emerged with promises to decrease the cost of computing implementation and deliver the computing as service, where the clients pay only for what he needed and used. However, due to the new structure of the cloud computing model, several security concerns have been raised and many other security threats have been needed to be reevaluated according to the cloud structure. Besides, the traditional security risk assessment methods become unfit for cloud computing model due to its new distinguished characteristics. In this paper, we analysis the ability to assess the security risks in cloud computing environments

    Security source code analysis of applications in Android OS

    Get PDF
    It is a known fact that Android mobile phones' security has room for improvement. Many malicious app developers have targeted android mobile phones, mainly because android as an open operating system provides great flexibility to developers and there are many android phones which do not have the latest security updates. With the update of marshmallow in android, applications request permission only during runtime, but not all users have this update. This is important because user permission is required to perform certain actions. The permissions may be irrelevant to the features provided by an application. The purpose of this research is to investigate the use and security risk of seeming irrelevant permissions in applications available from Google store. Two different applications which seem to ask irrelevant permissions during installation were selected from Google store. To test these applications, static analysis, dynamic analysis and reverse engineering tools were used. Findings show potentially malicious behavior, demonstrating that downloading apps from Google play store do not guarantee security

    Preventive measures for cross site request forgery attacks on web-based applications

    Get PDF
    Today's contemporary business world has incorporated Web Services and Web Applications in its core of operating cycle nowadays and security plays a major role in the amalgamation of such services and applications with the business needs worldwide. OWASP (Open Web Application Security Project) states that the effectiveness of security mechanisms in a Web Application can be estimated by evaluating the degree of vulnerability against any of the nominated top ten vulnerabilities, nominated by the OWASP. This paper sheds light on a number of existing tools that can be used to test for the CSRF vulnerability. The main objective of the research is to identify the available solutions to prevent CSRF attacks. By analyzing the techniques employed in each of the solutions, the optimal tool can be identified. Tests against the exploitation of the vulnerabilities were conducted after implementing the solutions into the web application to check the efficacy of each of the solutions. The research also proposes a combined solution that integrates the passing of an unpredictable token through a hidden field and validating it on the server side with the passing of token through URL

    IoT security for smart grid environment: Issues and solutions

    Get PDF
    The Internet of Things (IoT) is the Internet's latest innovation today, where every physical object is situated or where measurement, as well as communication capacities, can be seamlessly synchronized to the Internet at various rates. The most important infrastructure, the smart grid, is called the extended version of the power grid with comprehensive Internet infrastructure. The smart grid will include billions of intelligent appliances: intelligent meters, actuators, vehicles and so on, despite a few correspondence infrastructures, whether public or private. Notwithstanding, security is viewed as one of the primary considerations hampering the large scope reception and arrangement of both the IoT vision and the smart grid. To date, the issues of IoT for the smart grid are rarely discussed empirically in any academic research. This study aims to examine security problems and challenges in the IoT smart grid system. Findings show various issues that we can categorize into three parts; component issues, system issues and network issues. As a result, this study proposes a mitigation plan for the problems highlighted by developing an IoT smart grid security component model

    Digital forensic investigation challenges based on cloud computing characteristics

    Get PDF
    One of the most popular computing technologies is cloud computing. There are many benefits in adopting cloud computing such as high-performance, flexibility and availability ondemand, more focused on the business objective and low-cost. However, the characteristics of the cloud computing environment have created many difficulties and challenges for digital forensic investigation processes. Therefore, this paper focuses on the digital forensic investigation challenges based on cloud computing characteristics

    Comprehensive literature review on delay tolerant network (DTN) framework for improving the efficiency of internet connection in rural regions of Malaysia

    Get PDF
    This paper brief in detail the technology reviews of current available technologies and literature reviews that starts with the history of the Internet and the understanding of the working of the Internet through a conceptual model of TCP/IP and OSI models, the numerous technologies developed to cater for different connectivity environments and recent popular topics in the field of communication technologies. Detailed review is done on the subject of Delay-Tolerant Networking (DTN), the chosen technology from which the intended framework can be proposed for improving the efficiency of internet connections. From these literatures, comparisons are made to find the best possible combinations of technologies to design a mini- mum viable product, followed by a generic DTN framework

    Systematic literature review for malware visualization techniques

    Get PDF
    Analyzing the activities or the behaviors of malicious scripts highly depends on extracted features. It is also significant to know which features are more effective for certain visualization types. Similarly, selecting an appropriate visualization technique plays a key role for analytical descriptive, diagnostic, predictive and prescriptive. Thus, the visualization technique should provide understandable information about the malicious code activities. This paper followed systematic literature review method in order to review the extracted features that are used to identify the malware, different types of visualization techniques and guidelines to select the right visualization techniques. An advanced search has been performed in most relevant digital libraries to obtain potentially relevant articles. The results demonstrate significant resources and types of features that are important to analyze malware activities and common visualization techniques that are currently used and methods to choose the right visualization technique in order to analyze the security events effectively
    corecore