Penetrating the Virus Monitoring and Analysis System Using Delayed Trigger Technique

Virus Monitoring and Analysis System (VMAS) is generally used for monitoring and capturing virus behavior, and it can produce a report analysis which can be used by expert user to learn virus activity. There are several tools which have this capability, such as: Joebox, ThreatExpert, CWSandbox, and Sysinternals. Turns out, these tools are not fully perfect in analyzing the virus behavior. Therefore in this paper, we propose a technique to defeat such tools, by exploiting the limitation of VMAS in term of time monitoring, by introducing a new virus exploiting technique called Delayed Trigger Technique (DTT)

Heterogeneous transesterification of rubber seed oil biodiesel production

An experimental investigation was conducted to explore the effects of using waste cockle shells as a heterogeneous catalyst on the transesterification process of very high free fatty acid (FFA) rubber seeds oil with methanol. The waste cockle was calcined at 900°C for 4 hours and was employed as a source of calcium oxide (CaO). SEM, XRD and XRF were adopted to analyze the catalyst characterization. The process variables namely oil molar ratio, catalyst concentration and reaction time were optimized using response surface methodology (RSM) based on central composite design (CCD) method. The optimum yield of 88.06% was obtained for the final product of biodiesel with optimal conditions was obtained as: molar ratio of methanol to oil of around 15.57:1, 9% catalyst weight percentage with 2.81 hours reaction time. All the fuel properties were analyzed according to the ASTM D6751 and EN-14214 standards in terms of viscosity, acid value, density and flash point

A Novel Approach on Teaching Network Security for ICT Courses

This paper discusses a curriculum approach that will give emphasis on practical sessions of teaching network security subjects in information and communication technology courses. As we are well aware, the need to use a practice and application oriented approach in education is paramount [1]. Research on active learning and cooperative groups showed that students grasps and have more tendency towards obtaining and realizing soft skills like leadership, communication and team work as opposed to learning using the traditional theory and exam based method. While this teaching and learning paradigm is relatively new in Malaysia, it has been practiced widely in the West. This paper examines a particular approach whereby students learning wireless security are divided into small manageable groups consisting of black hat and white hat team. The former will try to find and expose vulnerabilities in a wireless network while the latter will try to prevent such attacks on their wireless networks using hardware, software, design and enforcement of security policy and etc. This paper will try to demonstrate whether this approach will result in a more fruitful outcome in terms of students concept and theory understandings and motivation to learn

Behavioral Analysis on IPv4 Malware in both IPv4 and IPv6 Network Environment

Malware is become an epidemic in computer net-work nowadays. Malware attacks are a significant threat to networks. A conducted survey shows malware attacks may result a huge financial impact. This scenario has become worse when users are migrating to a new environment which is Internet Protocol Version 6. In this paper, a real Nimda worm was released on to further understand the worm beha-vior in real network traffic. A controlled environment of both IPv4 and IPv6 network were deployed as a testbed for this study. The result between these two scenarios will be analyzed and discussed further in term of the worm behavior. The ex-periment result shows that even IPv4 malware still can infect the IPv6 network environment without any modification. New detection techniques need to be proposed to remedy this prob-lem swiftly

Generic Taxonomy of Social Engineering Attack

Social engineering is a type of attack that allows unauthorized access to a system to achieve specific objective. Commonly, the purpose is to obtain information for social engineers. Some successful social engineering attacks get victims’ information via human based retrieval approach, example technique terms as dumpster diving or shoulder surfing attack to get access to password. Alternatively, victims’ information also can be stolen using technical-based method such as from pop-up windows, email or web sites to get the password or other sensitive information. This research performed a preliminary analysis on social engineering attack taxonomy that emphasized on types of technical-based social engineering attack. Results from the analysis become a guideline in proposing a new generic taxonomy of Social Engineering Attack (SEA)

A novel approach for water quality management in water distribution systems by multi-objective booster chlorination

Copyright © 2012 International Journal of Civil EngineeringCompared to conventional chlorination methods which apply chlorine at water treatment plant, booster chlorination has almost solved the problems of high dosages of chlorine residuals near water sources and lack of chlorine residuals in the remote points of a water distribution system (WDS). However, control of trihalomethane (THM) formation as a potentially carcinogenic disinfection by-product (DBP) within a WDS has still remained as a water quality problem. This paper presents a two-phase approach of multi-objective booster disinfection in which both chlorine residuals and THM formation are concurrently optimized in a WDS. In the first phase, a booster disinfection system is formulated as a multi-objective optimization problem in which the location of booster stations is determined. The objectives are defined as to maximize the volumetric discharge with appropriate levels of disinfectant residuals throughout all demand nodes and to minimize the total mass of disinfectant applied with a specified number of booster stations. The most frequently selected locations for installing booster disinfection stations are selected for the second phase, in which another two-objective optimization problem is defined. The objectives in the second problem are to minimize the volumetric discharge avoiding THM maximum levels and to maximize the volumetric discharge with standard levels of disinfectant residuals. For each point on the resulted trade-off curve between the water quality objectives optimal scheduling of chlorination injected at each booster station is obtained. Both optimization problems used NSGA-II algorithm as a multi-objective genetic algorithm, coupled with EPANET as a hydraulic simulation model. The optimization problems are tested for different numbers of booster chlorination stations in a real case WDS. As a result, this type of multi-objective optimization model can explicitly give the decision makers the optimal location and scheduling of booster disinfection systems with respect to the trade-off between maximum safe drinking water with allowable chlorine residual levels and minimum adverse DBP levels

Behavioral analysis on IPV4 Malware in both IPV4 and IPv6 Network Environment

Malware is become an epidemic in computer net-work nowadays. Malware attacks are a significant threat to networks. A conducted survey shows malware attacks may result a huge financial impact. This scenario has become worse when users are migrating to a new environment which is Internet Protocol Version 6. In this paper, a real Nimda worm was released on to further understand the worm beha-vior in real network traffic. A controlled environment of both IPv4 and IPv6 network were deployed as a testbed for this study. The result between these two scenarios will be analyzed and discussed further in term of the worm behavior. The ex-periment result shows that even IPv4 malware still can infect the IPv6 network environment without any modification. New detection techniques need to be proposed to remedy this prob-lem swiftl

Alert Correlation Technique Analysis For Diverse Log

Alert correlation is a process that analyses the alerts produced by one or more diverse devices and provides a more succinct and high-level view of occurring or attempted intrusions. The objective of this study is to analyse the current alert correlation technique and identify the significant criteria in each technique that can improve the Intrusion Detection System IDS) problem such as prone to alert flooding, contextual problem, false alert and scalability. The existing alert correlation techniques had been reviewed and analysed. From the analysis, six capability criteria have been identified to improve the current alert correlation techniques which are capability to do alert reduction, alert clustering, identify multi-step attack,reduce false alert, detect known attack and detect unknown attack and technique’s combination is proposed

Recognizing P2P Botnets Characteristic Through TCP Distinctive Behaviour

Botnet has been identified as one of the most emerging threats to the Internet users. It has been attracted much attention and gives a big threat in network security. Through the year a number of Botnet variants have been introduced and the most lethal variants are known as peerto- peer (P2P) botnets which able to camouflaging itself as the benign P2P application. This evolution of Botnet variants has made it harder to detect and shut down. Alike any network connection, p2p similarly using TCP to initialize the communication between two parties. Based on this reason, this paper investigates the network traffic characteristics of normal P2P connection and P2P botnets through the TCP connection initialize or received between the bot to the bot master. The proposed mechanism detects and classifies the P2P botnet TCP connection behaviour from the normal P2P network traffic. This can be used for early warning of P2P botnet activities in the network and prevention mechanism

Threshold Verification Technique for Network Intrusion Detection System

Internet has played a vital role in this modern world, the possibilities and opportunities offered are limitless. Despite all the hype, Internet services are liable to intrusion attack that could tamper the confidentiality and integrity of important information. An attack started with gathering the information of the attack target, this gathering of information activity can be done as either fast or slow attack. The defensive measure network administrator can take to overcome this liability is by introducing Intrusion Detection Systems (IDSs) in their network. IDS have the capabilities to analyze the network traffic and recognize incoming and on-going intrusion. Unfortunately the combination of both modules in real time network traffic slowed down the detection process. In real time network, early detection of fast attack can prevent any further attack and reduce the unauthorized access on the targeted machine. The suitable set of feature selection and the correct threshold value, add an extra advantage for IDS to detect anomalies in the network. Therefore this paper discusses a new technique for selecting static threshold value from a minimum standard features in detecting fast attack from the victim perspective. In order to increase the confidence of the threshold value the result is verified using Statistical Process Control (SPC). The implementation of this approach shows that the threshold selected is suitable for identifying the fast attack in real tim