The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Reputation and proof-of-work systems have been outlined as methods bot masters will soon use to defend their peer-to-peer botnets. These techniques are designed to prevent sybil attacks, such as those that led to the downfall of the Storm botnet. To evaluate the effectiveness of these techniques, a botnet that employed these techniques was simulated, and the amount of resources required to stage a...
In a masquerade attack, an adversary who has stolen a legitimate user's credentials attempts to impersonate him to carry out malicious actions. Automatic detection of such attacks is often undertaken constructing models of normal behaviour of each user and then measuring significant departures from them. One potential vulnerability of this approach is that anomaly detection algorithms are generally...
Honeypots are flexible security tools for gathering artefacts associated with a variety of Internet attack activities. While existing work on honeypot traffic analysis focuses mainly on identifying existing attacks, this paper describes a technique for detecting new attacks based on principal component analysis. The proposed technique requires no prior knowledge of attack types and has low computational...
The effects of network attacks may result in abrupt changes in network traffic parameters. The speedy identification of these changes is critical for smooth network operation. This paper illustrates a sequential analysis technique for detecting these unknown abrupt changes in asymmetric network traffic. A novel sliding window based adaptive cumulative sum (CUSUM) algorithm is used to detect the cause...
The ubiquity of Web applications has led to an increased focus on the development of attacks targeting these applications. One particular type of attack that has recently become prominent is the SQL injection attack. SQL injection attacks can potentially result in unauthorized access to confidential information stored in a backend database. In this paper we describe an anomaly based approach which...
Code injection vulnerabilities continue to prevail. Attacks of this kind such as stack buffer overflows and heap buffer overflows account for roughly half of the vulnerabilities discovered in software every year. The research presented in this paper extends earlier work in the area of code injection attack detection in UNIX environments. It presents a framework for detecting new or previously unseen...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.