901 Hits in 6.1 sec

An open virtual testbed for industrial control system security research

Bradley Reaves, Thomas Morris
2012 International Journal of Information Security  
Terry Brugger provided source code which inspired my implementation of similarity metrics. Wei Gao's help with maintaining the MSU ICS security laboratory and attack code is greatly appreciated.  ...  Two testbeds based on laboratory testbeds have been developed and have been shown to be interoperable with real industrial control system equipment and vulnerable to attacks in the same manner as a real  ...  As an example, this is relevant to intrusion detection and attacks that rely on timing to inject packets. • Master-Master Interarrival Time -A list of the amount of time that passes between two consecutive  ... 
doi:10.1007/s10207-012-0164-7 fatcat:hy5anvwwtfbplcmyaj4rcjiycq

A Survey of Intrusion Detection System

Wanda P
2020 International Journal of Informatics and Computation  
In this paper, we presented a survey on intrusion detection systems (IDS) in several areas.  ...  [20] , Cross-Site Scripting attack (XSS) is a code injection attack performed to exploit the vulnerabilities existing in the web application by injecting html tag / java script functions.  ...  They proposed an IDS-SQLiDDS(SQL Injection Detection using Query Transformation and Document Similarity) to detect various types of SQL Injection attacks.  ... 
doi:10.35842/ijicom.v1i1.7 fatcat:igdlmx2ctbfdlb7se5fagl2m34

Vulnerabilities' Assessment and Mitigation Strategies for the Small Linux Server, Onion Omega2

Darshana Upadhyay, Srinivas Sampalli, Bernard Plourde
2020 Electronics  
However, this transformation opens up a new set of attack vectors and unpredicted vulnerabilities in SCADA/IoT field devices.  ...  Enable XSS filter to sanitize the page if attack detected. 4.  ...  , and firmware attacks as the main threats for IoT/SCADA-based systems [2] .  ... 
doi:10.3390/electronics9060967 fatcat:ev5aob37w5gtng53r2ialr7vwq

Bluetooth Low Energy Mesh Networks: Survey of Communication and Security Protocols

Muhammad Rizwan Ghori, Tat-Chee Wan, Gian Chand Sodhy
2020 Sensors  
Strong Intrusion Detection Systems (IDS) are essential for detecting security breaches in order to protect against zero-day exploits.  ...  This survey examines the most recent BLE-based mesh network protocols and related security issues. In the first part, the latest BLE-based mesh communication protocols are discussed.  ...  The authors proposed a very lightweight Machine Learning (ML)-based approach for the detection of unwanted data injection by attackers.  ... 
doi:10.3390/s20123590 pmid:32630381 fatcat:etgiftcnlzhvznpyrjrkpcmuze

TorWard: Discovery of malicious traffic over Tor

Zhen Ling, Junzhou Luo, Kui Wu, Wei Yu, Xinwen Fu
2014 IEEE INFOCOM 2014 - IEEE Conference on Computer Communications  
An IDS (Intrusion Detection System) is used to discover and classify malicious traffic.  ...  Malicious traffic includes P2P traffic, malware traffic (e.g., botnet traffic), DoS (Denial-of-Service) attack traffic, spam, and others. Around 200 known malware have been identified.  ...  We observed that the alerts were from the client side, including SQL injection attacks by using the Havij SQL injection tool.  ... 
doi:10.1109/infocom.2014.6848074 dblp:conf/infocom/LingLWYF14 fatcat:olg75p4ikbcvhmku4frywztdjm

API Chaser: Taint-Assisted Sandbox for Evasive Malware Analysis

Yuhei Kawakoya, Eitaro Shioji, Makoto Iwamura, Jun Miyoshi
2019 Journal of Information Processing  
., stolen code and code injection.  ...  We evaluate API Chaser based on several real-world and synthetic malware to demonstrate the accuracy of our API hooking technique.  ...  Bee Master [2] prepares decoy processes in an analysis environment and detects injections into processes.  ... 
doi:10.2197/ipsjjip.27.297 fatcat:d56up6yd2ve6rbto45rrvsimii

Aggregation-Based Certificate Transparency Gossip [article]

Rasmus Dahlberg, Tobias Pulls, Jonathan Vestin, Toke Høiland-Jørgensen, Andreas Kassler
2019 arXiv   pre-print
We also show that aggregation-based gossip can be implemented for a variety of packet processors using P4 and XDP, running at 10 Gbps line-speed.  ...  We suggest an aggregation-based gossip mechanism that passively observes cryptographic material that CT logs emit in plaintext, aggregating at packet processors (such as routers and switches) to periodically  ...  A weak attacker may use IP fragmentation such that each individual STH fragment is injected from a different location to make aggregation harder, approaching the capabilities of a stronger attacker that  ... 
arXiv:1806.08817v4 fatcat:l4dhn5ufbvb73jwkvgxseza54a

Israeli Acute Paralysis Virus Infection Leads to an Enhanced RNA Interference Response and Not Its Suppression in the Bumblebee Bombus terrestris

Kaat Cappelle, Guy Smagghe, Maarten Dhaenens, Ivan Meeus
2016 Viruses  
The proof of its functionality was based on reduced virus titers after silencing the 1A region, compared to targeting the non-coding 5' internal ribosome entry site (IRES) region [19] , indicating the  ...  Within the concept of virus multi-host dynamics [30] , the presence of VSRs can severely impact the virus virulence in different hosts, as the immunosuppressive capacity is dependent on the host immune  ...  As a single bee host is often infected with multiple viruses, VSRs could have competitive or synergistic effects.  ... 
doi:10.3390/v8120334 pmid:27999371 pmcid:PMC5192395 fatcat:s3yc7ffcvnho3omoen2ptsppdu

Database Traffic Interception for Graybox Detection of Stored and Context-Sensitive XSS [article]

Antonín Steinhauser, Petr Tůma
2020 arXiv   pre-print
XSS is a security vulnerability that permits injecting malicious code into the client side of a web application.  ...  Such simple XSS vulnerabilities can be detected fairly reliably with blackbox scanners, which inject malicious payload into sensitive parts of HTTP requests and look for the reflected values in the web  ...  Version dates denote commits on master branch and are all from 2018. Table 7 : 7 Performance statistics on different levels of response injection granularity.  ... 
arXiv:2005.03322v1 fatcat:bt63u3dqkrco3ockupcnlakrgu

Internet of Things Applications, Security Challenges, Attacks, Intrusion Detection, and Future Visions: A Systematic Review

Nivedita Mishra, Sharnil Pandya
2021 IEEE Access  
Furthermore, the classification of Intrusion Detection Systems, different anomaly detection techniques, different Intrusion Detection System models based on datasets, various machine learning and deep  ...  The presented review work compares Intrusion Detection and Prevention models for mitigating DDoS attacks and focuses on Intrusion Detection models.  ...  The over the air update of these nodes' firmware or software gives the attacker a chance to inject malicious or false code in the node causing Malicious code injection or False data injection attacks  ... 
doi:10.1109/access.2021.3073408 fatcat:ebzvtidh2relplv3kn3t6plygu

Artificial intelligence enabled software-defined networking: a comprehensive overview

Majd Latah, Levent Toker
2019 IET Networks  
Accordingly, in this work we investigate their different application areas and potential use, as well as the improvements achieved by including AI-based techniques in the SDN paradigm.  ...  [99] used XGBoost classifier for DDoS attack detection in SDN-based cloud.  ...  [108] studied adversarial attacks on SDN-based deep learning port scan detection system.  ... 
doi:10.1049/iet-net.2018.5082 fatcat:celiaiit7jhrfnufpoltuecf5y

Browser-based Harnessing of Voluntary Computational Power

Tomasz Fabisiak, Arkadiusz Danilecki
2017 Foundations of Computing and Decision Sciences  
We survey the techniques employing the idea of browser-based voluntary computing (BBVC), discuss their commonalities, recognize recurring problems and their solutions and finally we describe a prototype  ...  MLitB architecture have separate master and data servers. Master server may host many machine learning projects.  ...  Any web site could become recruiting site by injecting small code into the pages they serve. Researchers would upload their codes into our platform.  ... 
doi:10.1515/fcds-2017-0001 fatcat:mvtpvz4txvgphcfaqcdsfw6mgy

Remotely Exploiting AT Command Attacks on ZigBee Networks

Ivan Vaccari, Enrico Cambiaso, Maurizio Aiello
2017 Security and Communication Networks  
The attack is based on Remote AT Commands exploitation, providing a malicious user with the possibility of reconfiguring or disconnecting IoT sensors from the network.  ...  We present the proposed attack and evaluate its efficiency by executing tests on a real IoT network.  ...  A fuzzy test is implemented by injecting different testing cases into the system in order to detect vulnerabilities [42] .  ... 
doi:10.1155/2017/1723658 fatcat:5pd4s3liqjfxziiwrwn4fzlbnq

Miscellaneous standard methods for Apis mellifera research

Hannelie Human, Robert Brodschneider, Vincent Dietemann, Galen Dively, James D Ellis, Eva Forsgren, Ingemar Fries, Fani Hatjina, Fu-Liang Hu, Rodolfo Jaffé, Annette Bruun Jensen, Angela Köhler (+13 others)
2013 Journal of Apicultural Research  
A variety of methods are used in honey bee research and differ depending on the level at which the research is conducted.  ...  On an individual level, the handling of individual honey bees, including the queen, larvae and pupae are required.  ...  If the queens are attacked, which may occasionally happen if some of the workers are too old to accept multiple queens, host colonies should be reorganised, making sure that the majority of the workers  ... 
doi:10.3896/ibra. fatcat:24qwplmmrnfrzdgdmpgf4vzbta

Single-Vehicle Transportation Security System of Radioactive Materials Based on Group Relationship to Prevent Loss and Theft

Tiejun Zeng, Xiaohua Yang, Yaping Wan, Zhenghai Liu, Panpan Jiang, Han Zhang
2021 Science and Technology of Nuclear Installations  
The failure detection for linkage response adopts the push model.  ...  According to the different security requirements of the basic and enhanced transportation, the principle of setting the timeout threshold in the failure detection algorithm is proposed.  ...  , deliberately adding some data that is beneficial to him, such as changing the information to deceive the group network. e adversary has mastered the communication rules, and may inject illegal information  ... 
doi:10.1155/2021/6649649 fatcat:6gxdsewuznfnfpvnwcauax7vqy
« Previous Showing results 1 — 15 out of 901 results