|
|
|
 |
Search published articles |
 |
|
Showing 11 results for Attacks
, , ,
Volume 3, Issue 1 (9-2014)
Abstract
With the increase in attacks, the different mechanisms in different layers of defense are applied in order to detect and prevent attacks. In this case we are encountered with massive amounts of alerts with low level and scattered information. Alert correlation is one of the solutions that are used to combine alerts and create a high level view of under controlled network security situations, and a lot of researches have been done in this field. In this paper, we describe the OSSIM and introduce its features. In addition with a combined approach to the alert correlation problem, a new categorization is done on the scientific researches and with respect to these researches, we described the process of alert correlation in the OSSIM and established a correspondence between components of the OSSIM and one of the researches. In most researches the focus is on the alerts correlation of intrusion detection systems, we have shown in this paper that the other resources are effective in multi-stage attacks correlation.
, ,
Volume 3, Issue 2 (3-2015)
Abstract
Trust and reputation are known social concepts which have an important role in human society. Nowadays, these concepts are also employed in computer science as computational trust and reputation systems (TRSs) that are able to compute the trustworthiness rank of entities based on a collection of experiments and recommendations. Since it is expected that a dishonest entity has a lower trust, the trust values can help the entities to detect and isolate the malicious or selfish entities. TRSs have been applied in many modern computer systems, and also are the most important tool in soft security as the next generation of security mechanisms. Despite the importance and applications of these systems, they are vulnerable to some kind of attack in which the attacker deceives the system using a sequence of misleading behavior. These attacks enable the attacker to manipulate the computation of trust values in his favor. A vulnerable system not only can’t help detecting the malicious entities, but also may be used by them to empower their attack. Hence, robustness evaluation is a critical step before using TRSs. Simulation and formal verification are two main approaches for robustness evaluation of TRSs. Despite the wide usage of simulation in evaluation of TRSs, it is an approximation method that can be used to validate the behavior of the system just for some particular computation paths. In contrast, formal verification based methods provide guarantees for the validation of the whole computation paths of the given system, thus not only their results are exact and provable but also may be used to find whole possible attacks against a given system. Considering the advantages of verification based methods, there is a narrow but progressing trend for proposing such methods in recent years. In this paper, both formal and simulation based methods for robustness evaluation of TRSs are reviewed and compared with each other.
Mr. Afshin Rashidi, Dr. Reza Ebrahimi Atani, Mr. Hamid Nasiri,
Volume 4, Issue 1 (9-2015)
Abstract
In the past decade with distribution software such as browsers, online stores, Internet banking, electronic mail systems and the Internet, to carry out reverse engineering attacks, illegal use of illegal software or reproduce it is.A new attack techniques have failed and this creates competition between the attackers and software developers. So far, many techniques based architecture, hardware and software for this semester has been introduced to protect each aspect of the application process. In this paper, we introduce a variety of threats to software and then try to categorize and review of techniques to protect our software.
, , ,
Volume 4, Issue 2 (3-2016)
Abstract
With emerging of the Internet, the way we communicate with each other has fundamentally revolutionized. The second development wave of the Internet is not about people, but will be about smart connected devices. Although more than a decade passes from the proposing of "Internet of Things" concept, the deployment of this concept has been done slowly for various reasons such as lack of required technologies development and security challenges. We must spend more time to understand the security challenges and available solutions, when we speak about smarter environments and technologies such as IoT. In this paper, we attempt to analysis existent threats and vulnerabilities in the area of security and privacy of Internet of Things using a systematic approach, while presenting a survey of the solutions proposed in the literature. Finally, research opportunities of this area will be discussed.
Dr Mahmood Deypir, Mozhgan Ghasabi,
Volume 5, Issue 1 (9-2016)
Abstract
Recently, software defined networks have been introduced for innovation and flexibility in computer networks. They are widely used in infrastructure networks and data centers. Using these networks has advantages such as scalability, efficient bandwidth usage, reducing control traffic, better traffic engineering and etc., which are mainly due to their programmability. There are also some security challenges that often arise from the same property. Software defined networks reliability compared to traditional network reduces due to these challenges. Therefore, if software defined networks are not design based on a security architecture, they will be vulnerable against known cyber-attacks such as DDoS, spoofing, information disclosure and etc. In this paper, software defined network security challenges and corresponding solutions are reviewed. Moreover, some applications of software defined networks for security including network traffic separation, network flow access control, and secure routing are mentioned. In order to do security testing and evaluation of relevant security solutions we have explained how these networks are simulated.
, ,
Volume 7, Issue 1 (9-2018)
Abstract
The widespread use of information and communication technology in industrial control systems has exposed many cyber attacks to these systems. The first step in providing security solutions is to recognize the threats and vulnerabilities of a system at first. Therefore, in this work, after providing a general overview of the SCADA security, we provide a survey on actual cyber attacks from 2000 up to now. To be able to assess the risk of these attacks, we perform profiling them based on the target systems of the attack, the geographical area of it, the method used in the attack and its impact. This profiling provides a clear view of the most important security incidents in SCADA systems and could be useful in the defining suitable strategies for preventing and defending against the major SCADA security attacks.
Javad Moradi, Majid Ghayoori Sales,
Volume 7, Issue 2 (3-2019)
Abstract
Data is one of the most valuable assets in today's world and is used in the everyday life of every person and organization. This data stores in a database in order to restore and maintain its efficiently. Since there is a database that can be exploited by SQL injection attacks, internal threats, and unknown threats, there are always concerns about the loss or alteration of data by unauthorized people. To overcome these concerns, there are several security layers between the user and the data in the network layer, host, and database. For instance, security mechanisms, including firewall, data encryption, intrusion detection systems, etc., are used to prevent infiltration. Database Intrusion Detection System uses a variety of data mining techniques to detect abnormalities and detect malicious and intrusive activities. In this paper, a category of intrusion detection techniques is presented first in the database, and a review of the general algorithms for intrusion detection in databases is demonstrated. Since signature-based methods are elder and less complex and less diverse, the main focus of this paper is on behavioral methods.
Elnaz Katanchi, Babak Porghahramani,
Volume 9, Issue 2 (2-2021)
Abstract
The COVID-19 pandemic was a remarkable and unprecedented event that changed the lives of billions of citizens around the world and resulted in what is known as a new term in terms of social norms and lifestyles. In addition to the tremendous impact on society and business in general, the epidemic created a unique set of cybercrime circumstances that also affected society and business. Increased anxiety due to this epidemic increases the probability of success of cyber attacks by increasing the number and scope of cyber attacks. This article analyzes the COVID-19 epidemic from the perspective of cybercrime and highlights the wide range of cyberattacks experienced worldwide during the epidemic. Cyberattacks are analyzed in the context of major global events to reveal how cyberattacks work. This analysis shows how, following what appears to be a large gap between the outbreak in China and the first COVID-19-related cyberattack, attacks are steadily becoming more prevalent than in some on days, 3 or 4 unique cyber attacks were reported. This analysis uses surveys in the UK as a case study to show how cybercriminals use key events and government announcements to build and design cybercrime campaigns.
Majid Iranpour Mobarakeh, Behrouz Tork Ladani,
Volume 11, Issue 1 (9-2022)
Abstract
Detection of browser attacks is considered a serious challenge in today’s web applications. Man in the Browser (MitB) attack is an important type of these attacks that can lead to changes in web page contents, interference in network traffic, session hijacking, and user information theft by using Trojans. In this paper, an efficient tool for real-time detection of MitB attacks through dynamic analysis of web pages based on the description of attack patterns is presented. The advantage of the proposed tool is that it is not limited to identifying one or more specific attacks and the identification method code is not embedded in the tool, but the patterns of different attacks are specified separately. In order to evaluate the presented tool, two vulnerable web services provided by OWASP, which have a wide range of known vulnerabilities, were used along with the BeEF penetration test framework, and a set of MitB attacks were practically implemented and evaluated by the tool. The same tests were performed using three other similar tools and compared with the developed tool. In addition to the superiority of the presented tool in terms of the independence of attack descriptions from the tool itself, the results show that the accuracy and readability of its diagnosis are better than similar tools.
Seyed Omid Azarkasb, Seyed Hossein Khasteh, Saeed Sedighian Kashi,
Volume 11, Issue 1 (9-2022)
Abstract
Fog is a cloud that closes to the ground. The components of fog and cloud complement each other. These components provide mutually beneficial interdependent services for communication, processing, control, and storage across the network. Attacking the fog nodes are as important as attacking the cloud. Since the fog node has more limited resources, it is more targeted by intruders. In addition, fog nodes are more attractive to attackers because they have less computing power and are located closer to the attacker than the cloud. But the key point is that access to limited resources makes it easier to save the fog node because the fog does not have the complexities of the cloud, and it is easy to run an intrusion detection system on it. In this article, focusing on the resource limitation in the fog node, we will invent a method to save the fog node. In the proposed method, the support vector machines (SVMs) technique is used. Among the advantages of using the support vector machine, we can mention not being trapped in local optima, solving the over fitting problem, and ease of working with high-dimensional data. Based on the research, support vector machine is the most widely used machine learning method for Internet of Things security articles in the literature. In this article, in order to conduct tests, according to published global statistics, the most important category of web attacks, i.e. SQL injection attacks, is considered. The average detection accuracy is obtained and the results of the evaluations indicate the acceptable efficiency of the proposed method.
Parsa Rajabi, Dr. Seyed Mohammad Razavizadeh, Dr. Mohammad Hesam Tadayon,
Volume 13, Issue 1 (8-2024)
Abstract
Authentication plays a pivotal role in ensuring communication security. Cryptographic methods are frequently employed to fulfill this purpose. These methods, implemented at upper network layers, encounter challenges including complexity, power consumption, and overhead. Particularly for users with limited computational power, these methods encounter challenges. A novel solution to overcome these challenges is physical layer authentication (PLA), which involves utilizing physical layer features to embed a tag in the transmitted signal for authentication, leveraging various channel characteristics such as position, velocity, noise, etc. In this paper, a review of previous research is provided, highlighting the differences between physical layer and upper-layer authentication. Furthermore, existing categorizations for PLA and a novel classification based on covertness levels are provided. Moreover, possible attacks and corresponding countermeasures are investigated, followed by suggestions for future research in this area.
|
|
