45 research outputs found
XSS-FP: Browser Fingerprinting using HTML Parser Quirks
There are many scenarios in which inferring the type of a client browser is
desirable, for instance to fight against session stealing. This is known as
browser fingerprinting. This paper presents and evaluates a novel
fingerprinting technique to determine the exact nature (browser type and
version, eg Firefox 15) of a web-browser, exploiting HTML parser quirks
exercised through XSS. Our experiments show that the exact version of a web
browser can be determined with 71% of accuracy, and that only 6 tests are
sufficient to quickly determine the exact family a web browser belongs to
Discordance in cathepsin B and cystatin C expressions in bronchoalveolar fluids between murine bleomycin-induced fibrosis and human idiopathic fibrosis
International audienceAbstractThe activity of cysteine cathepsin B increased markedly in lung homogenates and in bronchoalveolar lavage fluids (BALF) of the mouse model of bleomycin-induced lung fibrosis after 14Â days of challenge. In contrast the level of the cysteine cathepsin inhibitor cystatin C was unaffected in BALF of wild-type and cathepsin B-deficient mice. Therefore, murine cystatin C is not a reliable marker of fibrosis during bleomycin-induced lung fibrosis. Current data are in sharp contrast to previous analysis carried on human BALF from patients with idiopathic pulmonary fibrosis, for which the level of cathepsin B remained unchanged while cystatin C was significantly increased
A training-resistant anomaly detection system
Modern network intrusion detection systems rely on machine learning techniques to detect traffic anomalies and thus intruders. However, the ability to learn the network behaviour in real-time comes at a cost: malicious software can interfere with the learning process, and teach the intrusion detection system to accept dangerous traffic. This paper presents an intrusion detection system (IDS) that is able to detect common network attacks including but not limited to, denial-of-service, bot nets, intrusions, and network scans. With the help of the proposed example IDS, we show to what extent the training attack (and more sophisticated variants of it) has an impact on machine learning based detection schemes, and how it can be detected. © 2018 Elsevier Lt
La sécurité inter-domaines à l'aide de l'analyseur de sécurité
National audienceLa sécurité des réseaux est un problème souvent négligé car les solutions aujourd'hui proposées imposent soit des contraintes importantes aux utilisateurs, soit des modifications au niveau applicatif. L'analyseur de sécurité, par sa vision optimiste du problème, permet de sécuriser un réseau sans pour autant modifier les applications en présence ni les pénaliser dans leur exécution. Il est en cela mieux accepté par les utilisateurs
Detecting masquerades with principal component analysis based on cross frequency weights
International audienceIn this paper, several cross frequency weights are used for extracting attributes of audit events. Principal Component Analysis (PCA) are then employed to discover the interrelationships and dependencies among features in a large number of variables and also to reduce the high dimensionality of these variables. Command data are used in the experiments for masquerade detection and the results demonstrate the effectiveness and efficiency of the method
Navigateurs & Sécurité
International audienceLes attaquants font de plus en plus usage de langages dyna- miques pour initier leurs attaques. Dans le cadre d'attaques de type "point d'eau" où un lien vers site web piégé est envoyé à une victime, ou lorsqu'une application web est compromise pour y héberger un "ex- ploit kit", les attaquants emploient souvent du code JavaScript fortement obfusqué. Ces codes sont rendus adhérents au navigateur par diverses techniques a n d'en bloquer l'exécution au sein de sandbox anti-virales. Notre présentation s'attachera à expliquer brièvement l'origine de ces techniques, et comment transformer un navigateur web "du commerce" en sandbox d'analyse JavaScript capable de déjouer certaines de ces ob- fuscations et de faciliter notre travail d'analyse
Intrusion detection using principal component analysis
International audienceIntrusion detection using principal component analysi
Intrusion detection using principal component analysis
International audienceIntrusion detection using principal component analysi
Efficient Detection of DDoS Attacks with Important Attributes
International audienceDDoS attacks are major threats in current computer networks. However, DDoS attacks are difficult to be quickly detected. In this paper, we introduce a system that only extracts several important attributes from network traffic for DDoS attack detection in real computer networks. We collect a large set of DDoS attack traffic by implementing various DDoS attacks as well as normal data during normal usage. Information Gain and Chi-square methods are used to rank the importance of 41 attributes extracted from the network traffic with our programs. Bayesian networks as well as C4.5 are then employed to detect attacks as well as to determine what size of attributes is appropriate for fast detection. Empirical results show that only using the most important 9 attributes, the detection accuracy remains the same or even has some improvements compared with that of using all the 41 attributes based on Bayesian Networks and C4.5 methods. Only using several attributes also improves the efficiency in terms of attributes constructing, models training as well as intrusion detection
Fonction de réaction
International audienceFonction de réactio