The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Defenses against Distributed Denial-of-Service (DDoS) attacks are commercially available and deployed by Internet Service Providers (ISPs) at the network and transport layers. However, attackers increasingly target vulnerabilities at the application layer. Launched from bots, these attacks seek to exhaust server resources, such as CPU and disk bandwidth. Because these attacks use normal-looking requests,...
HTTP does not secure its requests and responses. Using Man-in-the-Middle attack, it is possible to alter the HTTP communication, while it still would look authentic. This can be a problem, if you download data such as PGP key, TOR client, access banking services on-line, or when there is an interest to filter what you can read on the Internet. It should be noted that under particular circumstances,...
The primary goal of the secure socket layer protocol (SSL) is to provide confidentiality and data integrity between two communicating entities. Since the most computationally expensive step in the SSL handshake protocol is the server's RSA decryption, it is introduced that the proposed secret exchange algorithm can be used to speedup SSL session initialization. The optimization strategy, which is...
Today Web servers are ubiquitous having become critical infrastructures of many organizations. However, they are still one of the most vulnerable parts of organizations infrastructure. Exploits are many times used by worms to fast propagate across the full Internet being Web servers one of their main targets. New exploit techniques have arouse in the last few years that have rendered useless traditional...
IT infrastructure is a core asset to many organizations Internet is a global communication medium. The stability and security of network is very important. A well establish a secure infrastructure would help your network safe from intrusion from any source any place. Protection of resources is an important aspect of any computer system. Harnessing and configuring security policy is an important role...
Low-rate denial of quality (DoQ) attacks, by sending intermittent bursts of requests, can severely degrade the quality of Internet services and evade detection. In this paper, we generalize the previous results by considering arbitrary attack intervals. We obtain two sets of new results for a Web server with feedback-based admission control. First, we model the Web server under the attack as a switched...
In this work, we address the performance problems that arise when unicast security protocols IPSEC and SSL are applied for securing the end-to-end communication in hybrid satellite networks. Satellite networks use TCP and HTTP performance-enhancing proxy servers to overcome the adverse effect of the large delay-bandwidth product of the satellite channel. However, the proxy servers cannot function...
Existing investigation schemes are not suitable to cope with attacks in wireless networks, especially in MANet. We propose in this paper a formal approach for digital investigation of security attacks in wireless networks. We provide a model for describing attack scenarios in wireless environment, and system and network evidences generated consequently. We develop an inference system that integrates...
Tor has become one of the most popular overlay networks for anonymizing TCP traffic. A novel and effective flow multiplication attack against Tor is proposed in this paper, which exploits the fundamental vulnerability of anonymous Web browsing by using a man-in-the-middle attack on client's HTTP flow. In the flow multiplication attack, whenever a malicious exit onion router detects a Web request to...
TLS (Transport Layer Security) is one of the most popular protocols to provide a secure channel between the client and Web server; however, the high overhead of which degrades the server performance considerably. Existing load-balancing schemes for TLS Web system can improve the performance of the system, but the balance of loads is very difficult for the features of TLS, which results in degrading...
This paper analyzes the problems within current anti-spoofing mechanisms and proposes a new SSL protected trust model. Then, this paper describes the attacks on SSL protected trust model. This paper also proposes the new automatic detecting security indicator (ADSI) scheme to defend against spoofing attacks on SSL protected Web servers. This paper describes the ADSI-based trust model. In a secure...
In application-level DDoS attacks, attackers mimic legitimate client behavior by sending proper-looking requests via bots. The previous DDoS solutions focus on bandwidth flooding attacks, and have encountered significant difficulty in deployment. This paper presents a deployable architecture that counts the application-level DDoS attacks against Web servers by combining overlay and IP anycast. In...
The vulnerability of home routers has been widely discussed, but there has been significant skepticism in many quarters about the viability of using them to perform damaging attacks. Others have argued that traditional malware prevention technologies will function for routers. In this paper we show how easily and effectively a home router can be repurposed to perform a mid-stream script injection...
Malicious Web pages that launch drive-by-download attacks on Web browsers have increasingly become a problem in recent years. High-interaction client honeypots are security devices that can detect these malicious Web pages on a network. However, high-interaction client honeypots are both resource-intensive and unable to handle the increasing array of vulnerable clients. This paper presents a novel...
With the fast development of network technology, computer technology, digitized information technology and image processing technology, some online score systems based on the network are developed in recent years. However, they only can be used in the local area network. Thus, a new online score system is designed and implemented to able to be used in the Internet. The structures of this system are...
In order to speed up the propagating process, the worms need to scan many IP addresses to target vulnerable hosts. However, the distribution of IP addresses is highly nonuniform, which results in many scans wasted on invulnerable addresses. Inspired by the theory of good point set, this paper proposes a new scanning strategy, referred to as good point set scanning (GPSS), for worms. Experimental results...
With the growth of the Internet, various types of services, such as World Wide Web (WWW), file transfer protocol (FTP), remote login, etc., are widely expanded. Consequently, it is difficult for users to manage all the authentication information, e.g., user ID/Password pairs, keys, and certificates, since the authentication information has been increased to use those services. Therefore, single sign-on...
In general, e-commerce sites utilize SSL to ward off the authorized detection and decoding of confidential data over a network. In most cases, the communication between Web browser and e-commerce Web server uses HTTPS protocol. However, the communication often induces some drawbacks, simply denoted by hole. This, in addition, furnishes an opportunity for a hacker to manipulate the data, i.e. decoding...
In this paper we propose a new strategy for dealing with the impossible path execution (IPE) and the mimicry attack in the N-gram based HIDS model. Our strategy is based on a kernel-level module which interacts with an underlying HIDS and whose main scope is to "randomize" sequences of system calls produced by an application to make them unpredictable by any attacker. We implemented a prototype...
The embedded device can be connected to the Internet in three ways. The realization of TCP/IP protocols based on the embedded operation system is discussed in detail. The hardware and software of the embedded Web server and the security measure for the embedded device connected to the Internet are introduced. The applications are showed in this paper
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.