The document discusses tokenization concepts for sharing cyber threat intelligence (CTI) data between organizations. It describes a scenario where thousands of employees from multiple companies are targeted in a spear phishing attack using their VPN credentials. By applying tokenization to redact sensitive details from email logs, the affected company is able to quickly share evidence with peer organizations to identify patterns in the attackers' targeting and tactics. Cross-correlating tokenized logs reveals earlier reconnaissance activity and helps attribute the attacks to a known nation-state threat actor. The document argues automated tokenization allows more timely and comprehensive sharing of CTI to enhance defense and attribution across sectors.
Confident Technologies provide out-of-band, multifactor authentication using a highly secure and easy-to-use, image-based approach. Learn more at www.confidenttechnologies.com
This document summarizes security definitions for searchable symmetric encryption (SSE) schemes. It reviews the indistinguishability and semantic security game definitions, noting that attacks have succeeded against published schemes. It then proposes a new security game definition against distribution-based query recovery attacks, to better capture practical adversary capabilities. The goal is to define security in a way that implies the current indistinguishability and semantic security definitions.
A survey on detection of website phishing using mcac techniquebhas_ani
This document discusses a technique called Multi-label Classifier based Associative Classification (MCAC) for detecting phishing websites. MCAC is a data mining approach that uses machine learning algorithms to generate rules for classifying websites as phishing or legitimate. It works by extracting features from websites and training a classifier on these features to accurately identify phishing websites. The proposed system uses MCAC to extract 16 features from websites and generate rules to classify websites, with the goal of detecting phishing attacks and warning users. MCAC is shown to identify phishing websites with high accuracy.
This document discusses phishing and a novel phishing page detection mechanism. It defines phishing as using social engineering to steal personal information. Phishing is commonly done through emails targeting companies like eBay and banks. The document provides statistics on potential rewards from phishing and notes that phishing techniques are becoming more sophisticated. It outlines the domestic and international impacts of phishing, including erosion of public trust and direct financial losses. Finally, it provides tips to avoid phishing and lists additional resources on the topic.
Securing Liaison-Less Publisher/Subscriber Systems using Identity Based Encr...IRJET Journal
This document proposes a novel approach to provide authentication and confidentiality in a broker-less content-based publish/subscribe system. It adapts pairing-based cryptography techniques to ensure authentication of publishers and subscribers as well as confidentiality of events. It also describes an algorithm for clustering subscribers according to their subscriptions to provide a level of protection for subscription confidentiality. The proposed approach provides fine-grained key management and encryption/decryption and routing costs that scale with the number of subscribed attributes. It evaluates the performance of the cryptographic primitives and the overhead of maintaining the publish/subscribe overlay and distributing encrypted events.
IRJET- Detecting Phishing Websites using Machine LearningIRJET Journal
This document describes a research project that aims to implement machine learning techniques to detect phishing websites. The researchers plan to test algorithms like logistic regression, SVM, decision trees and neural networks on a dataset of phishing links. They will evaluate the performance of these algorithms and develop a browser plugin using the best model. This plugin will detect malicious URLs and protect users from phishing attacks. The document provides background on phishing and outlines the proposed approach, dataset, algorithms to be tested, planned Chrome extension implementation, and expected results sections of the project.
In spite of the development of aversion strategies, phishing remains an essential risk even after the
primary countermeasures and in view of receptive URL blacklisting. This strategy is insufficient because of the
short lifetime of phishing websites. In order to overcome this problem, developing a real-time phishing website
detection method is an effective solution. This research introduces the PrePhish algorithm which is an automated
machine learning approach to analyze phishing and non-phishing URL to produce reliable result. It represents that
phishing URLs typically have couple of connections between the part of the registered domain level and the path
or query level URL. Using these connections URL is characterized by inter-relatedness and it estimates using
features mined from attributes. These features are then used in machine learning technique to detect phishing
URLs from a real dataset. The classification of phishing and non-phishing website has been implemented by
finding the range value and threshold value for each attribute using decision making classification. This method is
also evaluated in Matlab using three major classifiers SVM, Random Forest and Naive Bayes to find how it works
on the dataset assessed
IRJET - Chrome Extension for Detecting Phishing WebsitesIRJET Journal
This document describes a Chrome browser extension that was developed to detect phishing websites using machine learning. The extension extracts features from URLs and classifies them as legitimate or phishing using a Random Forest classifier trained on a dataset of URLs. A user interface was designed for the extension using HTML, CSS and JavaScript. When a user visits a website, the extension automatically extracts 16 features from the URL and page content and inputs them into the Random Forest model to determine if the site is phishing or legitimate. The model was trained on a dataset of over 11,000 URLs labeled as phishing or legitimate. Evaluation of the model showed it achieved high accuracy in detecting phishing URLs. The goal of the extension is to help protect users from revealing
Confident Technologies provide out-of-band, multifactor authentication using a highly secure and easy-to-use, image-based approach. Learn more at www.confidenttechnologies.com
This document summarizes security definitions for searchable symmetric encryption (SSE) schemes. It reviews the indistinguishability and semantic security game definitions, noting that attacks have succeeded against published schemes. It then proposes a new security game definition against distribution-based query recovery attacks, to better capture practical adversary capabilities. The goal is to define security in a way that implies the current indistinguishability and semantic security definitions.
A survey on detection of website phishing using mcac techniquebhas_ani
This document discusses a technique called Multi-label Classifier based Associative Classification (MCAC) for detecting phishing websites. MCAC is a data mining approach that uses machine learning algorithms to generate rules for classifying websites as phishing or legitimate. It works by extracting features from websites and training a classifier on these features to accurately identify phishing websites. The proposed system uses MCAC to extract 16 features from websites and generate rules to classify websites, with the goal of detecting phishing attacks and warning users. MCAC is shown to identify phishing websites with high accuracy.
This document discusses phishing and a novel phishing page detection mechanism. It defines phishing as using social engineering to steal personal information. Phishing is commonly done through emails targeting companies like eBay and banks. The document provides statistics on potential rewards from phishing and notes that phishing techniques are becoming more sophisticated. It outlines the domestic and international impacts of phishing, including erosion of public trust and direct financial losses. Finally, it provides tips to avoid phishing and lists additional resources on the topic.
Securing Liaison-Less Publisher/Subscriber Systems using Identity Based Encr...IRJET Journal
This document proposes a novel approach to provide authentication and confidentiality in a broker-less content-based publish/subscribe system. It adapts pairing-based cryptography techniques to ensure authentication of publishers and subscribers as well as confidentiality of events. It also describes an algorithm for clustering subscribers according to their subscriptions to provide a level of protection for subscription confidentiality. The proposed approach provides fine-grained key management and encryption/decryption and routing costs that scale with the number of subscribed attributes. It evaluates the performance of the cryptographic primitives and the overhead of maintaining the publish/subscribe overlay and distributing encrypted events.
IRJET- Detecting Phishing Websites using Machine LearningIRJET Journal
This document describes a research project that aims to implement machine learning techniques to detect phishing websites. The researchers plan to test algorithms like logistic regression, SVM, decision trees and neural networks on a dataset of phishing links. They will evaluate the performance of these algorithms and develop a browser plugin using the best model. This plugin will detect malicious URLs and protect users from phishing attacks. The document provides background on phishing and outlines the proposed approach, dataset, algorithms to be tested, planned Chrome extension implementation, and expected results sections of the project.
In spite of the development of aversion strategies, phishing remains an essential risk even after the
primary countermeasures and in view of receptive URL blacklisting. This strategy is insufficient because of the
short lifetime of phishing websites. In order to overcome this problem, developing a real-time phishing website
detection method is an effective solution. This research introduces the PrePhish algorithm which is an automated
machine learning approach to analyze phishing and non-phishing URL to produce reliable result. It represents that
phishing URLs typically have couple of connections between the part of the registered domain level and the path
or query level URL. Using these connections URL is characterized by inter-relatedness and it estimates using
features mined from attributes. These features are then used in machine learning technique to detect phishing
URLs from a real dataset. The classification of phishing and non-phishing website has been implemented by
finding the range value and threshold value for each attribute using decision making classification. This method is
also evaluated in Matlab using three major classifiers SVM, Random Forest and Naive Bayes to find how it works
on the dataset assessed
IRJET - Chrome Extension for Detecting Phishing WebsitesIRJET Journal
This document describes a Chrome browser extension that was developed to detect phishing websites using machine learning. The extension extracts features from URLs and classifies them as legitimate or phishing using a Random Forest classifier trained on a dataset of URLs. A user interface was designed for the extension using HTML, CSS and JavaScript. When a user visits a website, the extension automatically extracts 16 features from the URL and page content and inputs them into the Random Forest model to determine if the site is phishing or legitimate. The model was trained on a dataset of over 11,000 URLs labeled as phishing or legitimate. Evaluation of the model showed it achieved high accuracy in detecting phishing URLs. The goal of the extension is to help protect users from revealing
Gartner Magic Quadrant for Secure Email Gateways 2014Michael Bunn
The document provides an overview of the secure email gateway market. It notes that the market is mature but will continue shifting from spam filtering to data protection. Growth in the overall market is expected to be low at 2-4% annually through 2017, though some individual vendors are taking larger shares of the market. Key drivers of future growth include services around targeted attacks, data loss prevention, and encryption. The document evaluates several major vendors in the market.
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...Invincea, Inc.
The single largest threat your organization faces today is network breach. Spear-phishing, poisoned search results, drive-by downloads, and legitimate sites being compromised to push malware are all part of our current reality. The most successful and common attacks vectors stem from targeted attacks on your employees. Organizations need to utilize solutions that protect their network from user error and support requirements for continuous monitoring, real-time situational awareness and providing actionable threat intelligence for their security teams.
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET Journal
The document proposes a new system called PhishDect and Mitigator to detect and mitigate phishing attacks using software-defined networking (SDN). It uses deep packet inspection techniques and a convolutional neural network (CNN) to classify phishing signatures. Traffic is directed through either a "store and forward" or "forward and inspect" mode. In store and forward mode, packets are stored and inspected before forwarding. In forward and inspect mode, packets are forwarded first and then a copy is inspected. The system aims to overcome limitations of existing phishing detection methods.
The Proposed Development of Prototype with Secret Messages Model in Whatsapp ...IJECEIAES
Development of prototype at data security through secret messages is needed for disguising the messages sent in smartphone chatting application, WhatsApp (WA) Chat. We propose a model to disguise a plaintext message which is first encrypted by cryptosystem to change the plaintext message to ciphertext. Plaintext or plainimage entering the smartphone system is changed into encrypted text; receiver then can read the message by using similar key with the sender. The weakness of this proposal is the message random system is not planted directly in the chatting application; therefore message removing process from cryptosystem to WA application is still needed. The strength of using this model is the messages sent will not be easily re-encrypted by hacker and can be used at client computing section.
IRJET - An Automated System for Detection of Social Engineering Phishing Atta...IRJET Journal
1) The document presents a machine learning approach to detect phishing URLs using logistic regression. It trains a logistic regression model on a dataset of 420,467 URLs that have been classified as either phishing or legitimate.
2) It preprocesses the URLs using tokenization before training the logistic regression model. The trained model is able to classify new URLs with 96% accuracy as either phishing or legitimate based on the URL features.
3) The proposed approach provides an automated way to detect phishing URLs in real-time and help prevent phishing attacks. Future work could involve developing a browser extension using this approach and increasing the dataset size for higher accuracy.
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...IJCNCJournal
Although there have been many solutions applied, the safety challenges related to the password security mechanism are not reduced. The reason for this is that while the means and tools to support password attacks are becoming more and more abundant, the number of transaction systems through the Internet is increasing, and new services systems appear. For example, IoT also uses password-based authentication.
In this context, consolidating password-based authentication mechanisms is critical, but monitoring measures for timely detection of attacks also play an important role in this battle. The password attack detection solutions being used need to be supplemented and improved to meet the new situation. In this
paper we propose a solution that automatically detects online password attacks in a way that is based solely on the network, using unsupervised learning techniques and protected application orientation. Our solution therefore minimizes dependence on the factors encountered by host-based or supervised learning solutions. The certainty of the solution comes from using the results of in-depth analysis of attack
characteristics to build the detection capacity of the mechanism. The solution was implemented experimentally on the real system and gave positive results.
Securing broker less publish subscribe systems using identity-based encryptionLeMeniz Infotech
This document discusses an Android app for IEEE projects from 2014-2015 developed by LeMeniz Infotech. It provides students with project implementation assistance, exposure to various aspects of the project process, and preparation for placements. It also lists domains and a sample project title involving securing a publish/subscribe system using identity-based encryption. Contact information is given to obtain the full project document.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
Review on Implementation Visual Cryptography & Steganography for Secure Authe...IRJET Journal
This document summarizes and reviews various techniques for implementing visual cryptography and steganography for secure authentication. It begins with an abstract that outlines using image processing and visual cryptography to divide a customer's transaction key into shares, with one share stored by the bank and one by the customer. The customer must present their share for transactions. The document then reviews the history of cyber attacks on major companies. It proposes a system using color image visual cryptography to encrypt passwords and divide them into shares between the bank and customer to authenticate transactions securely. It concludes that this approach could help solve issues with password hacking for core banking applications.
The document describes the Blueliv cyber threat intelligence platform. It detects cyber threats from outside an organization's network by monitoring the open, dark and deep web for stolen credentials, compromised credit cards, infected devices, rogue apps, leaked documents and phishing sites targeting the organization. The platform provides threat intelligence and monitoring from a single dashboard, reduces response times for incidents, and is easy to deploy and use. It collects data from multiple sources, processes and enriches it, and delivers targeted and actionable intelligence to help organizations protect their networks, data and brands from external cyber threats.
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
Malware is an application that is harmful to your forensic information. Basically, malware analyses is the process of analysing the behaviours of malicious code and then create signatures to detect and defend against it.Malware, such as Trojan horse, Worms and Spyware severely threatens the forensic security. This research observed that although malware and its variants may vary a lot from content signatures, they share some behaviour features at a higher level which are more precise in revealing the real intent of malware. This paper investigates the various techniques of malware behaviour extraction and analysis. In addition, we discuss the implications of malware analysis tools for malware detection based on various techniques.
IRJET - Phishing Attack Detection and Prevention using Linkguard AlgorithmIRJET Journal
This document discusses a machine learning approach to detecting phishing attacks based on URL analysis. It begins with an abstract that outlines using machine learning classifiers to analyze URL features to determine if a webpage is legitimate or a phishing attack. It then provides background on phishing attacks and discusses previous research on detection techniques, including whitelist, blacklist, content-based, and visual similarity approaches. The document focuses on using a URL-based detection technique with machine learning. It evaluates popular classifiers like SVM, Naive Bayes, and Decision Trees on their accuracy in detecting phishing URLs based on analyzed features like length, special characters, and IP addresses.
IRJET- Detecting the Phishing Websites using Enhance Secure AlgorithmIRJET Journal
This document discusses detecting phishing websites using an enhanced secure algorithm. It begins by defining phishing attacks and how they are used to steal personal information from users. It then discusses how current techniques are not fully effective at stopping sophisticated phishing attacks. The proposed methodology checks for features of phishing websites, especially in URLs and domain names, to identify fake websites. Some features checked include IP addresses, long URLs, prefixes/suffixes, and symbols. Future work could involve updating datasets, detecting other attacks, and improving accuracy and efficiency. In conclusion, education is important to help users identify phishing attacks, as technical solutions are still limited.
An Identity-Based Mutual Authentication with Key Agreementijtsrd
Now days mobile networks are rapid development by performing the e-commerce transaction such as online shopping, internet banking and e- payment. So that to provide secure communication, authentication and key agreement is important issue in the mobile networks. Hence, schemes for authentication and key agreement have been studied widely. So that to provide efficient and more secure techniques is necessary. In this paper we are proposed random prime order key agreement protocol proposed for authentication and key agreement. Another technique is used to provide security of transferred data using key xor data transpose technique. By using this technique, we provide more security and more efficiency for transferring data. B. V. S. Manikya Rao | Y. Triveni "An Identity-Based Mutual Authentication with Key Agreement" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-2 , February 2019, URL: https://www.ijtsrd.com/papers/ijtsrd21562.pdf
Paper URL: https://www.ijtsrd.com/computer-science/computer-security/21562/an-identity-based-mutual-authentication-with-key-agreement/b-v-s-manikya-rao
This document discusses Proofpoint, a company that provides cloud-enabled email security solutions. It provides an overview of Proofpoint, highlighting that it has over 4,000 customers and is a leader in email security. It then discusses Proofpoint's solution, which offers benefits like simplified management, lower costs than managing multiple point solutions, compatibility across platforms, and support for compliance. The document also includes case studies of how Proofpoint has helped organizations like Banco do Brasil and Camed reduce costs and improve email security.
A Review on Various Methods of Cryptography for Cyber Securityrahulmonikasharma
In the today’s world of digital communication networks, the privacy and security of the transmitted data has become a basic necessity for communication. Data Security is the science and study of techniques of securing data in computer and communication systems from unknown users, disclosures and modifications. Cyber security issues plays a vital role in moving towards digital information age. Therefore, the encryption and decryption systems have been implemented for protecting information. The internet users are rapidly increasing day by day which causes a lot of cyber-criminals. The security of not only the single system but the entire systems will be ensured by the task of network security and controlled by network administrator. In this paper, an attempt has been made to review the various methods of Cryptography and how these methods will help to secure data from unauthenticated users. This paper has primarily focused on Cyber Security and Cryptographic concepts. This paper has also discusses the various attacks and cryptographic algorithms that are used in various applications of cyber security.
The emerging pci dss and nist standardsUlf Mattsson
PCI DSS and NIST standards are evolving to address modern payment environments and security risks. A draft of PCI DSS v4.0 proposes new requirements around scope validation, encryption of cardholder data transmissions, security awareness training, and risk assessments. It also offers a customized validation approach with more flexibility in how organizations meet requirements. Major changes in v4.0 focus on strengthening security, adding flexibility, and supporting new payment technologies and cloud environments.
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONIJNSA Journal
This document discusses a proposal to develop a new distributed Internet simulator to study large-scale network events like distributed denial-of-service (DDoS) attacks and worm propagation. Existing network simulators have limited scalability and lack realistic Internet models. The proposed simulator would have a built-in Internet topology model and customizeable modules to simulate specific events while cutting down on unnecessary details. It aims to make large-scale network simulation more accessible to researchers and improve the realism of simulations compared to simplified models currently used. The simulator could help study defenses against problems like IP spoofing, DDoS attacks, and worms.
Inside TorrentLocker (Cryptolocker) Malware C&C Server Davide Cioccia
CryptoLocker was a ransomware trojan which targeted computers running Microsoft Windows and was first observed by Dell SecureWorks in September 2013. CryptoLocker propagated via infected email attachments, and via an existing botnet; when activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. The malware then displays a message, which offers to decrypt the data if a payment (through either Bitcoin or a pre-paid cash voucher) is made by a stated deadline, and threatened to delete the private key if the deadline passes. If the deadline is not met, the malware offered to decrypt data via an online service provided by the malware's operators, for a significantly higher price in Bitcoin
Explore the new 2014 TorrentLocker and get inside his C&C server
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...IRJET Journal
This document presents a proposed system for detecting victim systems in client networks using a coarse-grained botnet algorithm. The system uses a two-stage approach: 1) the primary stage detects and collects network anomalies related to botnets; 2) the second stage identifies bots and blocks them from entering the receiver end, identifying bot sender IP addresses. The system implements a scanner to identify bot files, scanning incoming files in both the sender and receiver ends if protection mode is enabled. This avoids intrusions and blocks unauthorized users from accessing the application. The proposed system can help avoid botnet infections spreading in client networks.
Gartner Magic Quadrant for Secure Email Gateways 2014Michael Bunn
The document provides an overview of the secure email gateway market. It notes that the market is mature but will continue shifting from spam filtering to data protection. Growth in the overall market is expected to be low at 2-4% annually through 2017, though some individual vendors are taking larger shares of the market. Key drivers of future growth include services around targeted attacks, data loss prevention, and encryption. The document evaluates several major vendors in the market.
White Paper :- Spear-phishing, watering hole and drive-by attacks :- The New ...Invincea, Inc.
The single largest threat your organization faces today is network breach. Spear-phishing, poisoned search results, drive-by downloads, and legitimate sites being compromised to push malware are all part of our current reality. The most successful and common attacks vectors stem from targeted attacks on your employees. Organizations need to utilize solutions that protect their network from user error and support requirements for continuous monitoring, real-time situational awareness and providing actionable threat intelligence for their security teams.
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET Journal
The document proposes a new system called PhishDect and Mitigator to detect and mitigate phishing attacks using software-defined networking (SDN). It uses deep packet inspection techniques and a convolutional neural network (CNN) to classify phishing signatures. Traffic is directed through either a "store and forward" or "forward and inspect" mode. In store and forward mode, packets are stored and inspected before forwarding. In forward and inspect mode, packets are forwarded first and then a copy is inspected. The system aims to overcome limitations of existing phishing detection methods.
The Proposed Development of Prototype with Secret Messages Model in Whatsapp ...IJECEIAES
Development of prototype at data security through secret messages is needed for disguising the messages sent in smartphone chatting application, WhatsApp (WA) Chat. We propose a model to disguise a plaintext message which is first encrypted by cryptosystem to change the plaintext message to ciphertext. Plaintext or plainimage entering the smartphone system is changed into encrypted text; receiver then can read the message by using similar key with the sender. The weakness of this proposal is the message random system is not planted directly in the chatting application; therefore message removing process from cryptosystem to WA application is still needed. The strength of using this model is the messages sent will not be easily re-encrypted by hacker and can be used at client computing section.
IRJET - An Automated System for Detection of Social Engineering Phishing Atta...IRJET Journal
1) The document presents a machine learning approach to detect phishing URLs using logistic regression. It trains a logistic regression model on a dataset of 420,467 URLs that have been classified as either phishing or legitimate.
2) It preprocesses the URLs using tokenization before training the logistic regression model. The trained model is able to classify new URLs with 96% accuracy as either phishing or legitimate based on the URL features.
3) The proposed approach provides an automated way to detect phishing URLs in real-time and help prevent phishing attacks. Future work could involve developing a browser extension using this approach and increasing the dataset size for higher accuracy.
THE METHOD OF DETECTING ONLINE PASSWORD ATTACKS BASED ON HIGH-LEVEL PROTOCOL ...IJCNCJournal
Although there have been many solutions applied, the safety challenges related to the password security mechanism are not reduced. The reason for this is that while the means and tools to support password attacks are becoming more and more abundant, the number of transaction systems through the Internet is increasing, and new services systems appear. For example, IoT also uses password-based authentication.
In this context, consolidating password-based authentication mechanisms is critical, but monitoring measures for timely detection of attacks also play an important role in this battle. The password attack detection solutions being used need to be supplemented and improved to meet the new situation. In this
paper we propose a solution that automatically detects online password attacks in a way that is based solely on the network, using unsupervised learning techniques and protected application orientation. Our solution therefore minimizes dependence on the factors encountered by host-based or supervised learning solutions. The certainty of the solution comes from using the results of in-depth analysis of attack
characteristics to build the detection capacity of the mechanism. The solution was implemented experimentally on the real system and gave positive results.
Securing broker less publish subscribe systems using identity-based encryptionLeMeniz Infotech
This document discusses an Android app for IEEE projects from 2014-2015 developed by LeMeniz Infotech. It provides students with project implementation assistance, exposure to various aspects of the project process, and preparation for placements. It also lists domains and a sample project title involving securing a publish/subscribe system using identity-based encryption. Contact information is given to obtain the full project document.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
Review on Implementation Visual Cryptography & Steganography for Secure Authe...IRJET Journal
This document summarizes and reviews various techniques for implementing visual cryptography and steganography for secure authentication. It begins with an abstract that outlines using image processing and visual cryptography to divide a customer's transaction key into shares, with one share stored by the bank and one by the customer. The customer must present their share for transactions. The document then reviews the history of cyber attacks on major companies. It proposes a system using color image visual cryptography to encrypt passwords and divide them into shares between the bank and customer to authenticate transactions securely. It concludes that this approach could help solve issues with password hacking for core banking applications.
The document describes the Blueliv cyber threat intelligence platform. It detects cyber threats from outside an organization's network by monitoring the open, dark and deep web for stolen credentials, compromised credit cards, infected devices, rogue apps, leaked documents and phishing sites targeting the organization. The platform provides threat intelligence and monitoring from a single dashboard, reduces response times for incidents, and is easy to deploy and use. It collects data from multiple sources, processes and enriches it, and delivers targeted and actionable intelligence to help organizations protect their networks, data and brands from external cyber threats.
Invesitigation of Malware and Forensic Tools on Internet IJECEIAES
Malware is an application that is harmful to your forensic information. Basically, malware analyses is the process of analysing the behaviours of malicious code and then create signatures to detect and defend against it.Malware, such as Trojan horse, Worms and Spyware severely threatens the forensic security. This research observed that although malware and its variants may vary a lot from content signatures, they share some behaviour features at a higher level which are more precise in revealing the real intent of malware. This paper investigates the various techniques of malware behaviour extraction and analysis. In addition, we discuss the implications of malware analysis tools for malware detection based on various techniques.
IRJET - Phishing Attack Detection and Prevention using Linkguard AlgorithmIRJET Journal
This document discusses a machine learning approach to detecting phishing attacks based on URL analysis. It begins with an abstract that outlines using machine learning classifiers to analyze URL features to determine if a webpage is legitimate or a phishing attack. It then provides background on phishing attacks and discusses previous research on detection techniques, including whitelist, blacklist, content-based, and visual similarity approaches. The document focuses on using a URL-based detection technique with machine learning. It evaluates popular classifiers like SVM, Naive Bayes, and Decision Trees on their accuracy in detecting phishing URLs based on analyzed features like length, special characters, and IP addresses.
IRJET- Detecting the Phishing Websites using Enhance Secure AlgorithmIRJET Journal
This document discusses detecting phishing websites using an enhanced secure algorithm. It begins by defining phishing attacks and how they are used to steal personal information from users. It then discusses how current techniques are not fully effective at stopping sophisticated phishing attacks. The proposed methodology checks for features of phishing websites, especially in URLs and domain names, to identify fake websites. Some features checked include IP addresses, long URLs, prefixes/suffixes, and symbols. Future work could involve updating datasets, detecting other attacks, and improving accuracy and efficiency. In conclusion, education is important to help users identify phishing attacks, as technical solutions are still limited.
An Identity-Based Mutual Authentication with Key Agreementijtsrd
Now days mobile networks are rapid development by performing the e-commerce transaction such as online shopping, internet banking and e- payment. So that to provide secure communication, authentication and key agreement is important issue in the mobile networks. Hence, schemes for authentication and key agreement have been studied widely. So that to provide efficient and more secure techniques is necessary. In this paper we are proposed random prime order key agreement protocol proposed for authentication and key agreement. Another technique is used to provide security of transferred data using key xor data transpose technique. By using this technique, we provide more security and more efficiency for transferring data. B. V. S. Manikya Rao | Y. Triveni "An Identity-Based Mutual Authentication with Key Agreement" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-2 , February 2019, URL: https://www.ijtsrd.com/papers/ijtsrd21562.pdf
Paper URL: https://www.ijtsrd.com/computer-science/computer-security/21562/an-identity-based-mutual-authentication-with-key-agreement/b-v-s-manikya-rao
This document discusses Proofpoint, a company that provides cloud-enabled email security solutions. It provides an overview of Proofpoint, highlighting that it has over 4,000 customers and is a leader in email security. It then discusses Proofpoint's solution, which offers benefits like simplified management, lower costs than managing multiple point solutions, compatibility across platforms, and support for compliance. The document also includes case studies of how Proofpoint has helped organizations like Banco do Brasil and Camed reduce costs and improve email security.
A Review on Various Methods of Cryptography for Cyber Securityrahulmonikasharma
In the today’s world of digital communication networks, the privacy and security of the transmitted data has become a basic necessity for communication. Data Security is the science and study of techniques of securing data in computer and communication systems from unknown users, disclosures and modifications. Cyber security issues plays a vital role in moving towards digital information age. Therefore, the encryption and decryption systems have been implemented for protecting information. The internet users are rapidly increasing day by day which causes a lot of cyber-criminals. The security of not only the single system but the entire systems will be ensured by the task of network security and controlled by network administrator. In this paper, an attempt has been made to review the various methods of Cryptography and how these methods will help to secure data from unauthenticated users. This paper has primarily focused on Cyber Security and Cryptographic concepts. This paper has also discusses the various attacks and cryptographic algorithms that are used in various applications of cyber security.
The emerging pci dss and nist standardsUlf Mattsson
PCI DSS and NIST standards are evolving to address modern payment environments and security risks. A draft of PCI DSS v4.0 proposes new requirements around scope validation, encryption of cardholder data transmissions, security awareness training, and risk assessments. It also offers a customized validation approach with more flexibility in how organizations meet requirements. Major changes in v4.0 focus on strengthening security, adding flexibility, and supporting new payment technologies and cloud environments.
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONIJNSA Journal
This document discusses a proposal to develop a new distributed Internet simulator to study large-scale network events like distributed denial-of-service (DDoS) attacks and worm propagation. Existing network simulators have limited scalability and lack realistic Internet models. The proposed simulator would have a built-in Internet topology model and customizeable modules to simulate specific events while cutting down on unnecessary details. It aims to make large-scale network simulation more accessible to researchers and improve the realism of simulations compared to simplified models currently used. The simulator could help study defenses against problems like IP spoofing, DDoS attacks, and worms.
Inside TorrentLocker (Cryptolocker) Malware C&C Server Davide Cioccia
CryptoLocker was a ransomware trojan which targeted computers running Microsoft Windows and was first observed by Dell SecureWorks in September 2013. CryptoLocker propagated via infected email attachments, and via an existing botnet; when activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. The malware then displays a message, which offers to decrypt the data if a payment (through either Bitcoin or a pre-paid cash voucher) is made by a stated deadline, and threatened to delete the private key if the deadline passes. If the deadline is not met, the malware offered to decrypt data via an online service provided by the malware's operators, for a significantly higher price in Bitcoin
Explore the new 2014 TorrentLocker and get inside his C&C server
Detecting Victim Systems In Client Networks Using Coarse Grained Botnet Algor...IRJET Journal
This document presents a proposed system for detecting victim systems in client networks using a coarse-grained botnet algorithm. The system uses a two-stage approach: 1) the primary stage detects and collects network anomalies related to botnets; 2) the second stage identifies bots and blocks them from entering the receiver end, identifying bot sender IP addresses. The system implements a scanner to identify bot files, scanning incoming files in both the sender and receiver ends if protection mode is enabled. This avoids intrusions and blocks unauthorized users from accessing the application. The proposed system can help avoid botnet infections spreading in client networks.
This document proposes a system for multi-factor authentication using one-time passwords (OTPs) generated on a user's mobile device without needing an internet or SMS connection. The system would work by registering user devices based on identifiers like IMEI and IMSI numbers. During login, the server would send random index variables to the mobile app to generate an OTP using those values, a secret seed derived from the device identifiers, and cryptographic hashing functions. If the server-generated and mobile app-generated OTPs match, access would be granted. This approach aims to securely generate OTPs offline to strengthen authentication without relying on SMS or internet connections.
The document discusses ethical hacking. It begins by defining hacking and different types of hackers, including white hat, black hat, and grey hat hackers. It then defines ethical hacking as hacking done with consent and for beneficial purposes, such as identifying security vulnerabilities. The document outlines the techniques used in ethical hacking, including information gathering, vulnerability scanning, exploitation, and analysis. It discusses the importance of ethical hacking for organizations and the code of conduct ethical hackers follow. Overall, the document provides an overview of ethical hacking, its purpose, and the methods used.
This document proposes a cyber threat prediction system using machine learning to detect phishing attacks like SMS phishing and email phishing. It discusses how phishing has increased significantly over time despite existing anti-phishing solutions. The proposed system would use classification algorithms like logistic regression and random forest to analyze features of emails and SMS to predict if they are legitimate or phishing attempts. If detected as phishing, the system would alert users so they can avoid potential data loss or device compromise. The system is intended to help address limitations of current techniques by timely predicting phishing patterns from historical data using machine learning.
Decentralized exchange-Banco: presented by PentagonLuyaoZhangPhD
Here are the key points discussed:
- Discussed the project topic and divided tasks
- Brian will research on the background and key information of Bancor
- 吴希婷 will focus on the cons of Bancor
- 董欣怡 will collect information on the key partners
- 焦月诣 will work on the presentation slides
- Set up a schedule to exchange information before the deadline
All members showed good cooperation and understanding of each other's strengths. The meeting ended smoothly with clear tasks and timeline.
IRJET- Hashxplorer-A Distributed System for Hash MatchingIRJET Journal
This document proposes a distributed system called HashXplorer that uses botnets to crack passwords hashes through brute force methods in order to assess password strength. It discusses how botnets could be utilized by "ethical hackers" to penetrate systems and crack password hashes of devices, alerting managers to use stronger passwords if needed. The document outlines the botnet structure of bots, botmasters, and command and control infrastructure. It also reviews related work on using botnets for activities like denial of service attacks, spamming, and cracking hashes through brute force or dictionary attacks at high speeds.
Break Loose Acting To Forestall Emulation BlastIRJET Journal
This document proposes a new approach to detect phishing sites using visual cryptography, linear programming algorithms, and random pattern algorithms. The approach involves generating an image captcha during user registration by encoding a secret key into an image. This image is then split into two shares - one stored on the server and one given to the user. During login, the shares are combined to reconstruct the original image captcha, which the user must enter correctly to log in. This helps validate that the site is legitimate and not a phishing site impersonating it. The approach aims to improve online security and prevent fraud by making it difficult for phishing sites to steal users' credentials.
The document describes a system to detect fake news in text and videos. It has three main parts:
1. A user interface to input text, headlines or videos for analysis.
2. A text classifier that analyzes input text and classifies it based on the probability of being true or false.
3. A deepfake detector that uses a deep learning model to analyze videos and detect if faces have been manipulated.
The system integrates tools for analyzing different media types to help fight the spread of misinformation.
Data Protection & Privacy During the Coronavirus PandemicUlf Mattsson
Remote work is quickly becoming the new normal and criminals are taking advantage of this chaotic situation.
The EU Agency for Cybersecurity's providing guidance for the huge increases in the number of people working remotely, using tele-health it is vital that we also take care of our cyber hygiene.
Viewers will learn more about:
- How to use encryption, controlling new storage of regulated data and data sharing in this new situation.
- Anonymization leaves personal data open to re-identification, which exposes firms to GDPR non-compliance risks.
- How are the HIPAA rules changing in this situation?
- GDPR prescribing pseudonymization and how is that work.
- How is CCPA changing the rules?
- How to secure wi-fi connections preventing snooping of your traffic and fully updated anti-virus and security software, also on mobile phones.
- How important files can be backed up remote or locally. In a worst case scenario, staff could fall foul of ransomware for instance.
- What apps are secure to use in this new era?
- Should we use MFA, PW managers or local PW management?
We will also discuss how to use the CERT-EU News Monitor to stay updated on the latest threats and check the following basics.
Mapping ATT&CK Techniques to ENGAGE ActivitiesMITRE ATT&CK
From ATT&CKcon 3.0
By David Barroso, CounterCraft
When an adversary engages in a specific behavior, they are vulnerable to expose an unintended weakness. By looking at each ATT&CK technique, we can examine the weaknesses revealed and identify an engagement activity or activities to exploit this weakness.
During the presentation we will see some real examples of how we can use different ATT&CK techniques in order to plan different adversary engagement activities.
TrustaBit is developing a software solution using blockchain to automatically issue flight delay or cancellation vouchers to passengers. Their pre-ICO begins on February 2nd, 2018 with a hard cap of $49 million. The project aims to solve problems passengers and airlines currently face with delayed vouchers by issuing them immediately on the blockchain. If successful, it plans to expand to other industries like retail and hospitality.
Attackers May Depend On Social Engineering To Gain...Tiffany Sandoval
The document discusses integrating threat intelligence and incident response. It defines threat intelligence as technical and contextual information about emerging threats evaluated for accuracy. Threat intelligence feeds into strategic, operational and tactical security levels. Challenges include connecting diverse data points and filtering noise. A threat intelligence platform helps address this by analyzing data and delivering standardized information. The threat kill chain model outlines attack stages from reconnaissance to information theft. Integrating threat intelligence and incident response improves network defenses across each stage.
Phishing Detection using Decision Tree ModelIRJET Journal
This document summarizes a research paper that proposes detecting phishing websites using a decision tree machine learning model. It begins by defining phishing attacks and their goal of stealing user data. It then describes extracting features from URLs to train a decision tree classifier, which achieved 95% accuracy in distinguishing real from phishing websites. The model was tested on a dataset of over 25,000 URLs. When users input a URL, the model classifies it as real or phishing to help protect users from fraudulent sites.
The document discusses email phishing attacks and strategies to prevent them. It defines the attack surface as all possible entry points for unauthorized access, such as vulnerabilities, devices, and network nodes. Phishing works by tricking users into clicking links or entering login credentials on fake websites that look like legitimate ones. The document recommends educating users about phishing, punishing attackers legally, detecting and blocking phishing websites, and using technical methods like spam filters to stop phishing emails. It prioritizes improving remote access policies, separating personal and work data, frequently updating security systems, strong passwords, multi-factor authentication, and security training for employees.
Clearswift and F5 have partnered to provide a highly scalable secure application delivery platform that uses Clearswift's Adaptive Redaction technology and F5's application delivery architecture. This integration detects and transparently resolves security issues in a proactive manner before sensitive information is lost. The platform provides deep content inspection, complete web server protection including SSL inspection, and the ability to modify requests and responses to prevent data loss and targeted attacks. The deployment is simplified using the ICAP protocol to identify content needing inspection based on policy rules.
This report analysis web security password authentication based on single- block hash function, written by Shi-Qi Wang, Jing-Ya Wang and Yong-Zhen Li and presented at the 2013 International Conference on Electronic Engineering and Computer Science. To analyze an algorithm means to study the specification of the Algorithm and come to a conclusion about how the implementation of that algorithm will perform in general. Here, the amount of resources necessary to execute the algorithm is determined and its equivalent running time (time complexity) or efficiency of the algorithm.
A review of some of the available literature provides insights into various web security and user identity authentication mechanisms, single- block hash function algorithm, its types, design and functions.
The key findings include:
The Single- Block Hash Function Algorithm has variable input length and fixed out length
The flow chart in figure 1 of the studies shows that the algorithm is Message Digest Method 5 (MD 5)
MD5 algorithm appends padding bits, appends length bits, initialize MD buffer and process each 512- bit block.
In processing each 512- bit block, a total of 64 operations are performed in 4 stages and each stage undergoes 16 iterations.
Collision Resistance Scenario: MD 5 has a very weak collision resistance and its therefore not recommended for encryption. However, MD 5 can withstand tamper with and replay. Running Time (Time Complexity): The time complexity of MD 5 is O(n), where n represents the size of the input data. it is considered relatively fast and efficient than the traditional password but slower than modern hash functions.
Many researchers research to use Single-Block hash algorithm to realize the Web user ID authentication
MD 5 solves deficiency of the traditional username-password authentication or digital signature to realize Web user’s identity authentication
The information presented in this report has been gathered from secondary sources and has been prepared for submission as Information Security Course at AAMUSTED.
Spear phishing attacks target individuals within an organization using personalized emails to trick them into revealing sensitive information or clicking malicious links. One such attack began when a worker clicked a spear phishing link, allowing attackers to access the network. The attackers then used information from the Active Directory to identify databases and steal large amounts of personal information, including social security numbers and birth dates. Organizations need integrated security solutions across email and other vectors to detect and block these advanced targeted attacks involving spear phishing and credentials theft. FireEye Email Security aims to provide more effective protection against these types of email-based cyberattacks.
1. The document discusses phishing attacks, which involve tricking users into providing private information through fraudulent emails or websites.
2. Phishing attacks are classified into two categories: social engineering attacks, which use psychological tricks, and malware-based attacks, which install harmful software.
3. More recent phishing scams activate positive feelings like hope and gratitude through appealing to emotions and incorporating elements of social networks, which makes the scams more effective at gaining user trust and spreading widely.