Software keyloggers are a fast growing class of invasive software often used to harvest confidential
information. One of the main reasons for this rapid growth is the possibility for unprivileged programs
running in user space to eavesdrop and record all thekeystrokes typed by the users of a system. The ability
to run in unprivileged mode facilitates their implementation and distribution, but,at the same time, allows
one to understand and model their behavior in detail. Leveraging this characteristic, we propose a new
detection technique that simulates carefully crafted keystroke sequences in input and observes the behavior
of the keylogger in output to unambiguously identify it among all the running processes. We have
prototyped our technique as an unprivileged application, hence matching the same ease of deployment of a
keylogger executing in unprivileged mode. We have successfully evaluated the underlying technique
against the most common free keyloggers. This confirms the viability of our approach in practical
scenarios. We have also devised potential evasion techniques that may be adopted to circumvent our
approach and proposed a heuristic to strengthen the effectiveness of our solution against more elaborated
attacks. Extensive experimental results confirm that our technique is robust to both false positives and
false negatives in realistic settings.
This document contains an abstract and index for a thesis on hacking. The abstract discusses how hacking has become a concern for businesses and governments with the rise of the internet and electronic commerce. It also mentions some rules hackers should know, such as HTML, JavaScript, computer tricks, cracking, and breaking. The index previews the chapters that will be included, such as introductions to hacking, types of hackers and hacking, hacking tools, purposes of hacking, and advantages/disadvantages.
This document discusses techniques for creating stealthy web application backdoors. It begins by explaining how simple modifications can help evade signature-based antivirus detection. Next, it analyzes some tools that can detect backdoors by searching for suspicious functions. The main part proposes three evasion techniques: 1) Using variable functions instead of direct calls 2) Embedding backdoor code directly in webpage 3) Hiding code in JPEG EXIF headers to avoid input-based detection. The goal is to design backdoors that are small, avoid common triggers and stay undetectable to automated scans and manual code reviews.
The document provides an introduction to hacking and cracking, describing what hacking and cracking are, different types of hackers (high-level and low-level), and the difference between hackers and crackers. It also discusses common hacking techniques like password attacks, spoofing, and sniffing. The document is intended to educate about hacking and related cybersecurity topics.
The project entitled with “Network Security System” is related to hacking attacks in computer systems over internet. In today’s world many of the computer systems and servers are not secure because of increasing the hacking attacks or hackers with growing information, so information security specialist’s requirement has gone high.
This document summarizes information presented at a seminar on computer security and protection against hacking techniques like rootkits and keyloggers. It defines rootkits as software that hides within an operating system to enable privileged access without detection. Various types of rootkits are described, including ways they can bypass security measures. Detection and removal tools are listed. Keyloggers are explained as programs that covertly record keyboard input to steal login credentials and other sensitive data. Software-based, hardware-based, and other keylogger types and the damage they can enable are covered. Finally, countermeasures like antivirus software, key scramblers, and antilogger programs are recommended.
Learn ethical hacking at your own Platform with live classes , Ppt and various types of pdf. we also provided Udemy premium courses and hacking tools tooo. Kindly visit
https://www.gflixacademy.com
An Approach to for Improving the Efficiency of IDS System Using HoneypotEditor Jacotech
This paper proposes using a honeypot to improve the efficiency of intrusion detection systems (IDS) in detecting zero-day attacks. It presents a network architecture that incorporates a honeypot server to log attacker activities. These logs are analyzed using tcpdump to generate custom IDS rules matching the payload. This allows the IDS to detect new attacks before they harm the internal network. The honeypot attracts attackers by emulating servers and records their interactions without affecting production systems.
This document contains an abstract and index for a thesis on hacking. The abstract discusses how hacking has become a concern for businesses and governments with the rise of the internet and electronic commerce. It also mentions some rules hackers should know, such as HTML, JavaScript, computer tricks, cracking, and breaking. The index previews the chapters that will be included, such as introductions to hacking, types of hackers and hacking, hacking tools, purposes of hacking, and advantages/disadvantages.
This document discusses techniques for creating stealthy web application backdoors. It begins by explaining how simple modifications can help evade signature-based antivirus detection. Next, it analyzes some tools that can detect backdoors by searching for suspicious functions. The main part proposes three evasion techniques: 1) Using variable functions instead of direct calls 2) Embedding backdoor code directly in webpage 3) Hiding code in JPEG EXIF headers to avoid input-based detection. The goal is to design backdoors that are small, avoid common triggers and stay undetectable to automated scans and manual code reviews.
The document provides an introduction to hacking and cracking, describing what hacking and cracking are, different types of hackers (high-level and low-level), and the difference between hackers and crackers. It also discusses common hacking techniques like password attacks, spoofing, and sniffing. The document is intended to educate about hacking and related cybersecurity topics.
The project entitled with “Network Security System” is related to hacking attacks in computer systems over internet. In today’s world many of the computer systems and servers are not secure because of increasing the hacking attacks or hackers with growing information, so information security specialist’s requirement has gone high.
This document summarizes information presented at a seminar on computer security and protection against hacking techniques like rootkits and keyloggers. It defines rootkits as software that hides within an operating system to enable privileged access without detection. Various types of rootkits are described, including ways they can bypass security measures. Detection and removal tools are listed. Keyloggers are explained as programs that covertly record keyboard input to steal login credentials and other sensitive data. Software-based, hardware-based, and other keylogger types and the damage they can enable are covered. Finally, countermeasures like antivirus software, key scramblers, and antilogger programs are recommended.
Learn ethical hacking at your own Platform with live classes , Ppt and various types of pdf. we also provided Udemy premium courses and hacking tools tooo. Kindly visit
https://www.gflixacademy.com
An Approach to for Improving the Efficiency of IDS System Using HoneypotEditor Jacotech
This paper proposes using a honeypot to improve the efficiency of intrusion detection systems (IDS) in detecting zero-day attacks. It presents a network architecture that incorporates a honeypot server to log attacker activities. These logs are analyzed using tcpdump to generate custom IDS rules matching the payload. This allows the IDS to detect new attacks before they harm the internal network. The honeypot attracts attackers by emulating servers and records their interactions without affecting production systems.
This document discusses rogue devices in wireless networks and proposes an algorithm to detect and eliminate them. It defines a rogue device as an unauthorized wireless device installed on a secure network. Rogue devices pose security risks by allowing attackers to bypass network defenses. The proposed algorithm uses wireless traffic analysis and compares detected devices to authorized devices stored in a database. It classifies devices as trusted, misconfigured, neighborhood devices or employee/attacker rogue devices based on criteria like SSID, MAC address, and timestamps. The algorithm aims to effectively detect various types of rogue devices without requiring specialized hardware in a low-cost manner.
This document discusses keyloggers, which are programs or devices that record every keystroke typed on a computer. It describes how keyloggers can be used by companies to monitor employees, parents to track children's online activity, and partners to spy on each other's computer use. However, keyloggers also pose privacy and security risks if used by hackers to steal personal information like passwords, credit card numbers, and more. The document then focuses on the KeyGhost hardware keylogger and how to protect against keyloggers by using up-to-date antivirus software, one-time passwords, keylogging detection systems, and virtual keyboards.
The document discusses several types of cyber attacks and threats including ARP spoofing, botnets, cache poisoning, computer worms, keyloggers, malware, man-in-the-middle attacks, rootkits, and spoofing attacks. It provides definitions and examples of each threat as well as methods of detection and prevention. ARP spoofing, botnets, and cache poisoning are network-based attacks while keyloggers and rootkits are installed locally. Man-in-the-middle attacks exploit real-time communications. Detection requires antivirus software, monitoring of running processes and startup programs, and analyzing file system logs and network traffic. Comprehensive prevention relies on encryption, firewalls, and avoiding insecure network configurations.
Password Stealing & Enhancing User Authentication Using Opass ProtocolPrasad Pawar
The document discusses various topics related to computer hacking including definitions of hacking, types of hackers (white hat, black hat, grey hat), reasons for hacking, ethical hacking, steps in hacking (reconnaissance, scanning, gaining access, maintaining access, clearing tracks), and methods for hacking login passwords in Windows 95/98/ME and Windows NT/XP/Vista/7 operating systems. Specific techniques mentioned include using tools like Ophcrack to crack passwords stored in the SAM file without booting into Windows.
Keylogger can either be software or hardware device, which is designed to surveillance on user’s activity by tracing keystrokes.
https://how-to-remove.org/malware/keylogger/
https://www.facebook.com/Hilary-Park-1636750126622779/
https://twitter.com/hilarypark97
https://plus.google.com/u/0/102986887893246664116
https://www.pinterest.com/hilarypark97/
The Contents of "Basics of hacking" :
*What is hacking?
*Who is hacker?
*Classification of Hackers
*Typical approach in an attack
*What is security exploits?
*Vulnerability scanner
*Password cracking
*Packet sniffer
*Spoofing attack
*Rootkit
*Social engineering
*Trojan horses
*Viruses
*Worms
*Key loggers
1) The document proposes enhancing IDS systems with honeypot placement to detect zero-day attacks. A new network architecture is designed where honeypots attract attackers and log their activities to generate IDS signatures.
2) Experimental setup involves deploying a honeypot server using Honeyd and Arpd to monitor unused IP space and direct attacks. Tcpdump is used to analyze traffic and payloads directed at the honeypot.
3) Analysis of honeypot logs is used to write custom IDS rules matching observed payloads. This allows detection of new attacks before they can harm the internal network.
You say SCADA, I say … mainframes. There are some remarkable - and scary - parallels between the worlds of SCADA ICS and mainframes. Each system is critical to our lives. Their worlds are insular, proprietary, and seemingly shut-off to everyone else. Except for when they aren’t. Extrapolate the future of security for mainframes based on the challenges and failures of SCADA ICS as it has evolved from sequestered to connected. SCADA serves as a cautionary tale for securing mainframes against acts of God, nature and man in this scenario of a Stuxnet for Mainframes.
Key loggers are programs or hardware devices that record every keystroke on a computer. They can be used legitimately to monitor employee productivity but are also used illegally to steal sensitive information like passwords, usernames, credit card numbers, and personal details. Key loggers come in both hardware and software forms. Hardware key loggers are small devices that physically attach to keyboards while software key loggers can be installed remotely or hidden in viruses and malware. Common prevention methods include using up-to-date antivirus software, firewalls, automatic form fillers, alternative keyboard layouts, and on-screen keyboards. It is important to be aware of what is installed on your computer and keep security software updated.
The document summarizes a presentation given by Tomer Teller about the Stuxnet malware. It describes how Stuxnet infected industrial control systems by exploiting Windows vulnerabilities, spreading on removable drives, and ultimately reprogramming PLCs to sabotage Iran's nuclear program. Key infection techniques discussed include exploiting LNK and Print Spooler vulnerabilities, using autorun.inf files and rootkit techniques to propagate, and replacing DLL files to monitor and inject commands to PLCs.
This document provides an overview of a lab on session hijacking using the Zed Attack Proxy (ZAP) tool. The objective is to help students learn about session hijacking and how to defend against it. In the lab, students will intercept and modify web traffic by simulating a Trojan that modifies a workstation's proxy settings using ZAP. ZAP is designed for penetration testing and allows intercepting proxy functionality and automated scanning to test for weak session IDs and insecure handling.
Order vs. Mad Science: Analyzing Black Hat Swarm IntelligencePriyanka Aash
This document discusses the concepts of swarm intelligence and hive networks in the context of cybersecurity. It provides examples of how botnets have begun to utilize swarm behaviors by removing centralized command and control servers. This allows for botnets to operate in a more decentralized and autonomous manner. The document also discusses how security strategies need to evolve from static boundary defenses to more agile micro and macro segmentation approaches that emulate hive defense strategies found in nature. Specifically, the integration of security solutions and intelligence sharing is presented as a way to coordinate defenses against advanced persistent threats that utilize swarm and hive-like tactics.
Keyloggers and spyware are programs that can monitor users' computer activity without their consent. Keyloggers record keyboard input like passwords, while spyware tracks web browsing and transmits the collected information. There are hardware and software versions of keyloggers, with hardware versions like devices plugged into keyboards and replacement keyboards containing the monitoring programs. Spyware comes in various forms like tracking cookies, browser hijacking, and keyloggers that observe online habits for advertising or other purposes. Both keyloggers and spyware can invade users' privacy and security without their knowledge.
The document provides instructions for performing network enumeration using various tools. It describes enumeration as extracting usernames, machine names, shares, and services from a system. The objectives are to help students enumerate a target network to obtain lists of computers, users, groups, ports, resources, and services. It provides steps to use Nmap and nbtstat to scan IP addresses, identify open ports, determine operating systems, and extract NetBIOS information like computer names and usernames from target machines on the network.
Ceh v8 labs module 10 denial of serviceAsep Sopyan
The document describes how to perform a denial-of-service (DoS) attack using hping3. It provides instructions on launching BackTrack 5 r3 in a virtual machine, running hping3 to send a flood of SYN packets to a Windows 7 victim machine, and using Wireshark on the victim to observe the incoming SYN packets. The goal is to overload the victim's resources and render it unavailable by saturating it with external communication requests.
This document provides instructions for conducting a network scan of systems and resources using Advanced IP Scanner. The objectives are to perform a local network scan to discover all resources, enumerate user accounts, execute remote penetration tests, and gather information about local network computers. Students are instructed to launch Advanced IP Scanner on the attacker machine and use it to scan the network of the victim machine in order to identify devices, live hosts, open ports, and vulnerabilities. The results of the network scan should then be analyzed and documented.
This research paper presents a new technique called nomogram-based synthesis for synthesizing complex planar mechanisms without needing to solve nonlinear equations or use optimization techniques. The author applies this technique to synthesize a 6 bar-2 slider planar mechanism. A nomogram is constructed using four performance measures: time ratio, normalized stroke, minimum transmission angle, and maximum transmission angle. A five-step procedure utilizes the nomogram to synthesize the mechanism for desired time ratio and stroke values while maintaining transmission angle within recommended ranges. As an example, the technique is used to synthesize a mechanism with a time ratio of 2 and normalized stroke of 1.5, obtaining transmission angles between 108.5-112 degrees.
As Diabetes Mellitus combined with other ailments will become a deadly combination, hence there
is an urgent need to break the link between diabetes and its related complications. For this purpose image
processing based analysis can potentially be helpful for earlier detection, education and treatment. Medical
image analysis of Diabetic patients with its related complications such as DR, CVD & Diabetic
Myonecrosis (i.e. on Retinal Images, Coronary angiographs, Electron micrographs, MRI etc) is to be the
aprioristic because of its more prevalence. Thus the main work of this paper is on literature review about
Diabetes and Imaging such as the Prevalence, Classification, Causes and Medical Imaging & Survey of
Image processing methods applied on Diabetic Related Causes.
Keywords — Image, segmentation, retinopathy, Myonecrosis,
This document summarizes a research paper on designing a fuel monitoring and control system for fuel stations. The system uses a PIC16F877A microcontroller to control the fuel pumping time based on the requested amount, environmental temperature, and other factors. It compensates the fuel volume based on temperature changes to provide accurate amounts to customers and dealers. The hardware components include a temperature sensor, keypad, LCD display, and relays to control the fuel pump. The software calculates the total pumping time based on temperature, request amount, and other variables. It was found that the electronic control system provided flexibility and accuracy over traditional flow sensor-based systems. The system could dispense various fluids by controlling the pumping time through software.
This document discusses e-commerce in India, including its prospects, challenges, and factors for growth. It begins by defining e-commerce and outlining its benefits for producers, distributors, retailers, and customers. It then examines India's prospects in e-commerce and the services it provides different groups. Major challenges for e-commerce in India include security issues, customer acquisition costs, product delivery times, and lack of awareness. Essential factors for e-commerce growth are improving customer convenience, adopting multi-channel investments, establishing trust through transparency, utilizing location-based services, and offering multiple payment options. The document concludes that e-commerce offers benefits like cost-effectiveness but still faces challenges that must be addressed for further
This document summarizes a research paper that analyzes the static structural behavior of gear teeth using finite element analysis. It begins with introductions to spur gears and failure modes in gear systems. It then describes creating a 3D model of a gear in CATIA and performing static structural analysis in ANSYS to calculate stresses. The analysis is validated by comparing FEM results with theoretical stress calculations. In summary, it investigates gear stresses using 3D FEM and validates the accuracy of the FEM model.
This document discusses rogue devices in wireless networks and proposes an algorithm to detect and eliminate them. It defines a rogue device as an unauthorized wireless device installed on a secure network. Rogue devices pose security risks by allowing attackers to bypass network defenses. The proposed algorithm uses wireless traffic analysis and compares detected devices to authorized devices stored in a database. It classifies devices as trusted, misconfigured, neighborhood devices or employee/attacker rogue devices based on criteria like SSID, MAC address, and timestamps. The algorithm aims to effectively detect various types of rogue devices without requiring specialized hardware in a low-cost manner.
This document discusses keyloggers, which are programs or devices that record every keystroke typed on a computer. It describes how keyloggers can be used by companies to monitor employees, parents to track children's online activity, and partners to spy on each other's computer use. However, keyloggers also pose privacy and security risks if used by hackers to steal personal information like passwords, credit card numbers, and more. The document then focuses on the KeyGhost hardware keylogger and how to protect against keyloggers by using up-to-date antivirus software, one-time passwords, keylogging detection systems, and virtual keyboards.
The document discusses several types of cyber attacks and threats including ARP spoofing, botnets, cache poisoning, computer worms, keyloggers, malware, man-in-the-middle attacks, rootkits, and spoofing attacks. It provides definitions and examples of each threat as well as methods of detection and prevention. ARP spoofing, botnets, and cache poisoning are network-based attacks while keyloggers and rootkits are installed locally. Man-in-the-middle attacks exploit real-time communications. Detection requires antivirus software, monitoring of running processes and startup programs, and analyzing file system logs and network traffic. Comprehensive prevention relies on encryption, firewalls, and avoiding insecure network configurations.
Password Stealing & Enhancing User Authentication Using Opass ProtocolPrasad Pawar
The document discusses various topics related to computer hacking including definitions of hacking, types of hackers (white hat, black hat, grey hat), reasons for hacking, ethical hacking, steps in hacking (reconnaissance, scanning, gaining access, maintaining access, clearing tracks), and methods for hacking login passwords in Windows 95/98/ME and Windows NT/XP/Vista/7 operating systems. Specific techniques mentioned include using tools like Ophcrack to crack passwords stored in the SAM file without booting into Windows.
Keylogger can either be software or hardware device, which is designed to surveillance on user’s activity by tracing keystrokes.
https://how-to-remove.org/malware/keylogger/
https://www.facebook.com/Hilary-Park-1636750126622779/
https://twitter.com/hilarypark97
https://plus.google.com/u/0/102986887893246664116
https://www.pinterest.com/hilarypark97/
The Contents of "Basics of hacking" :
*What is hacking?
*Who is hacker?
*Classification of Hackers
*Typical approach in an attack
*What is security exploits?
*Vulnerability scanner
*Password cracking
*Packet sniffer
*Spoofing attack
*Rootkit
*Social engineering
*Trojan horses
*Viruses
*Worms
*Key loggers
1) The document proposes enhancing IDS systems with honeypot placement to detect zero-day attacks. A new network architecture is designed where honeypots attract attackers and log their activities to generate IDS signatures.
2) Experimental setup involves deploying a honeypot server using Honeyd and Arpd to monitor unused IP space and direct attacks. Tcpdump is used to analyze traffic and payloads directed at the honeypot.
3) Analysis of honeypot logs is used to write custom IDS rules matching observed payloads. This allows detection of new attacks before they can harm the internal network.
You say SCADA, I say … mainframes. There are some remarkable - and scary - parallels between the worlds of SCADA ICS and mainframes. Each system is critical to our lives. Their worlds are insular, proprietary, and seemingly shut-off to everyone else. Except for when they aren’t. Extrapolate the future of security for mainframes based on the challenges and failures of SCADA ICS as it has evolved from sequestered to connected. SCADA serves as a cautionary tale for securing mainframes against acts of God, nature and man in this scenario of a Stuxnet for Mainframes.
Key loggers are programs or hardware devices that record every keystroke on a computer. They can be used legitimately to monitor employee productivity but are also used illegally to steal sensitive information like passwords, usernames, credit card numbers, and personal details. Key loggers come in both hardware and software forms. Hardware key loggers are small devices that physically attach to keyboards while software key loggers can be installed remotely or hidden in viruses and malware. Common prevention methods include using up-to-date antivirus software, firewalls, automatic form fillers, alternative keyboard layouts, and on-screen keyboards. It is important to be aware of what is installed on your computer and keep security software updated.
The document summarizes a presentation given by Tomer Teller about the Stuxnet malware. It describes how Stuxnet infected industrial control systems by exploiting Windows vulnerabilities, spreading on removable drives, and ultimately reprogramming PLCs to sabotage Iran's nuclear program. Key infection techniques discussed include exploiting LNK and Print Spooler vulnerabilities, using autorun.inf files and rootkit techniques to propagate, and replacing DLL files to monitor and inject commands to PLCs.
This document provides an overview of a lab on session hijacking using the Zed Attack Proxy (ZAP) tool. The objective is to help students learn about session hijacking and how to defend against it. In the lab, students will intercept and modify web traffic by simulating a Trojan that modifies a workstation's proxy settings using ZAP. ZAP is designed for penetration testing and allows intercepting proxy functionality and automated scanning to test for weak session IDs and insecure handling.
Order vs. Mad Science: Analyzing Black Hat Swarm IntelligencePriyanka Aash
This document discusses the concepts of swarm intelligence and hive networks in the context of cybersecurity. It provides examples of how botnets have begun to utilize swarm behaviors by removing centralized command and control servers. This allows for botnets to operate in a more decentralized and autonomous manner. The document also discusses how security strategies need to evolve from static boundary defenses to more agile micro and macro segmentation approaches that emulate hive defense strategies found in nature. Specifically, the integration of security solutions and intelligence sharing is presented as a way to coordinate defenses against advanced persistent threats that utilize swarm and hive-like tactics.
Keyloggers and spyware are programs that can monitor users' computer activity without their consent. Keyloggers record keyboard input like passwords, while spyware tracks web browsing and transmits the collected information. There are hardware and software versions of keyloggers, with hardware versions like devices plugged into keyboards and replacement keyboards containing the monitoring programs. Spyware comes in various forms like tracking cookies, browser hijacking, and keyloggers that observe online habits for advertising or other purposes. Both keyloggers and spyware can invade users' privacy and security without their knowledge.
The document provides instructions for performing network enumeration using various tools. It describes enumeration as extracting usernames, machine names, shares, and services from a system. The objectives are to help students enumerate a target network to obtain lists of computers, users, groups, ports, resources, and services. It provides steps to use Nmap and nbtstat to scan IP addresses, identify open ports, determine operating systems, and extract NetBIOS information like computer names and usernames from target machines on the network.
Ceh v8 labs module 10 denial of serviceAsep Sopyan
The document describes how to perform a denial-of-service (DoS) attack using hping3. It provides instructions on launching BackTrack 5 r3 in a virtual machine, running hping3 to send a flood of SYN packets to a Windows 7 victim machine, and using Wireshark on the victim to observe the incoming SYN packets. The goal is to overload the victim's resources and render it unavailable by saturating it with external communication requests.
This document provides instructions for conducting a network scan of systems and resources using Advanced IP Scanner. The objectives are to perform a local network scan to discover all resources, enumerate user accounts, execute remote penetration tests, and gather information about local network computers. Students are instructed to launch Advanced IP Scanner on the attacker machine and use it to scan the network of the victim machine in order to identify devices, live hosts, open ports, and vulnerabilities. The results of the network scan should then be analyzed and documented.
This research paper presents a new technique called nomogram-based synthesis for synthesizing complex planar mechanisms without needing to solve nonlinear equations or use optimization techniques. The author applies this technique to synthesize a 6 bar-2 slider planar mechanism. A nomogram is constructed using four performance measures: time ratio, normalized stroke, minimum transmission angle, and maximum transmission angle. A five-step procedure utilizes the nomogram to synthesize the mechanism for desired time ratio and stroke values while maintaining transmission angle within recommended ranges. As an example, the technique is used to synthesize a mechanism with a time ratio of 2 and normalized stroke of 1.5, obtaining transmission angles between 108.5-112 degrees.
As Diabetes Mellitus combined with other ailments will become a deadly combination, hence there
is an urgent need to break the link between diabetes and its related complications. For this purpose image
processing based analysis can potentially be helpful for earlier detection, education and treatment. Medical
image analysis of Diabetic patients with its related complications such as DR, CVD & Diabetic
Myonecrosis (i.e. on Retinal Images, Coronary angiographs, Electron micrographs, MRI etc) is to be the
aprioristic because of its more prevalence. Thus the main work of this paper is on literature review about
Diabetes and Imaging such as the Prevalence, Classification, Causes and Medical Imaging & Survey of
Image processing methods applied on Diabetic Related Causes.
Keywords — Image, segmentation, retinopathy, Myonecrosis,
This document summarizes a research paper on designing a fuel monitoring and control system for fuel stations. The system uses a PIC16F877A microcontroller to control the fuel pumping time based on the requested amount, environmental temperature, and other factors. It compensates the fuel volume based on temperature changes to provide accurate amounts to customers and dealers. The hardware components include a temperature sensor, keypad, LCD display, and relays to control the fuel pump. The software calculates the total pumping time based on temperature, request amount, and other variables. It was found that the electronic control system provided flexibility and accuracy over traditional flow sensor-based systems. The system could dispense various fluids by controlling the pumping time through software.
This document discusses e-commerce in India, including its prospects, challenges, and factors for growth. It begins by defining e-commerce and outlining its benefits for producers, distributors, retailers, and customers. It then examines India's prospects in e-commerce and the services it provides different groups. Major challenges for e-commerce in India include security issues, customer acquisition costs, product delivery times, and lack of awareness. Essential factors for e-commerce growth are improving customer convenience, adopting multi-channel investments, establishing trust through transparency, utilizing location-based services, and offering multiple payment options. The document concludes that e-commerce offers benefits like cost-effectiveness but still faces challenges that must be addressed for further
This document summarizes a research paper that analyzes the static structural behavior of gear teeth using finite element analysis. It begins with introductions to spur gears and failure modes in gear systems. It then describes creating a 3D model of a gear in CATIA and performing static structural analysis in ANSYS to calculate stresses. The analysis is validated by comparing FEM results with theoretical stress calculations. In summary, it investigates gear stresses using 3D FEM and validates the accuracy of the FEM model.
Recently technological and population development, the usage of vehicles is rapidly increasing and at the
same time the occurrence accident is also increased. Hence, the value of human life is ignored. No one can prevent
the accident, but can save their life by expediting the ambulance to the hospital in time. The objective of this
scheme is to minimize the delay caused by traffic congestion and to provide the smooth flow of emergency
vehicles. The concept of this scheme is to green the traffic signal in the path of ambulance automatically so that
the ambulance can reach the spot in time and human life can be saved. The main server finds the ambulance
through mail. At the same time, it controls the traffic light according to the ambulance location and thus arriving at
the hospital safely. This scheme is fully automated, thus it locates emergency vehicle and controls the traffic
lights, provide the shortest path to reach the hospital in time.
As the rising of transportation system design, so many data logger design was developed for safety. In our country, there are
many accidents on highways. Both driver’s faults and road construction cause accidents. To reduce these condition some safety
system such as obstacle detection system, vehicle declination alarm system, temperature and smoke level display unit,
signboard warning on road sides should be used for both driver and passengers. In addition data logger system for whole
vehicle must be equipped for safety. With the implementation of PIC microcontroller as an Embedded device, this logger
design was constructed with many sensors and C# service-based database. Using Arduino boards, vehicle detection sensing
circuit, Check point radio signal sensing circuit for dangerous road sector, hall-effect magnetic wheel revolution sensing circuit
were designed to be connected with main PIC microcontroller and Personal Computer. Real time result was displayed on C#
Graphical User Interface and Vehicle data log could be easily exported to Microsoft Excel report.
Keywords -Arduino, alarm and alert system,C# service-based database, PC based control system, Vehicle data
logger.
This document discusses the use of fuzzy queries to retrieve information from databases. Fuzzy queries allow for imprecise or vague terms to be used in queries, similar to natural language. The document first provides background on limitations of traditional database queries. It then discusses how fuzzy set theory and membership functions can be applied to queries and data to handle uncertain terms. The proposed approach applies fuzzy queries to a relational database, defining linguistic variables and membership functions. This allows information to be retrieved based on fuzzy criteria and improves the ability to query databases using human-like terms. Benefits of fuzzy queries include more natural interaction and accounting for real-world data imperfections.
This study aims to enlighten the researchers about the details of process mining. As process mining is a new research area, it includes process modelling and process analysis, as well as business intelligence and data mining. Also it is used as a tool that gives information about procedures. In this paper classification of process mining techniques, different process mining algorithms, challenges and area of application have been explained.Therefore, it was concluded that process mining can be a useful technique with faster results and ability to check conformance and compliance.
In real world applications, most of the optimization problems involve more than one objective to
be optimized. The objectives in most of engineering problems are often conflicting, i.e., maximize
performance, minimize cost, maximize reliability, etc. In the case, one extreme solution would not satisfy
both objective functions and the optimal solution of one objective will not necessary be the best solution
for other objective(s). Therefore different solutions will produce trade-offs between different objectives
and a set of solutions is required to represent the optimal solutions of all objectives. Multi-objective
formulations are realistic models for many complex engineering optimization problems. Customized
genetic algorithms have been demonstrated to be particularly effective to determine excellent solutions to
these problems. A reasonable solution to a multi-objective problem is to investigate a set of solutions, each
of which satisfies the objectives at an acceptable level without being dominated by any other solution. In
this paper, an overview is presented describing various multi objective genetic algorithms developed to
handle different problems with multiple objectives.
The content based Image Retrieval is the restoration of images with respect to the visual appearances
like texture, shape and color.The methods, components and the algorithms adopted in this content based
retrieval of images were commonly derived from the areas like pattern identification, signal progressing
and the computer vision. Moreover the shape and the color features were abstracted in the course of
wavelet transformation and color histogram. Thus the new content based retrieval is proposed in this
research paper.In this paper the algorithms were required to propose with regards to the shape, shade and
texture feature abstraction .The concept of discrete wavelet transform to be implemented in order to
compute the Euclidian distance.The calculation of clusters was made with the help of the modified KMeans
clustering technique. Thus the analysis is made in among the query image and the database
image.The MATLAB software is implemented to execute the queries. The K-Means of abstraction is
proposed by performing fragmentation and grid-means module, feature extraction and K- nearest neighbor
clustering algorithms to construct the content based image retrieval system.Thus the obtained result are
made to compute and compared to all other algorithm for the retrieval of quality image features
rring of useable data, for example a sensor in a room to monitor and control the temperature. It is estimated
that by 2020 there will be about 50 billion internet-enabled devices. The Internet of things presently is being used
in the fields of automobiles, agriculture, security surveillance, building management, smart-homes, and health
care. The IOT expects to use low-cost computing devices where there is less energy consumption impact to the environment[1]. and limited
This paper aims to describe a way for giving security to IT companies, scouting units, business organizations and
volunteer groups. Among the person identification methods, face recognition is known to be the most natural
ones, since the face modality is the modality that uses to identify people in everyday lives. This face detection
differentiates faces from non-faces and is therefore essential for accurate security. The other strategy involves face
recognition for marking the employees. The Raspberry pi module is used for face detection & recognition. The
camera will be connected to the Raspberry pi module. The employees database is collected. The database includes
name of the employees, there images & ID number[2].
This RFID reader module will be installed at the front side of organizations in such a way that all employees
provided by the RFID cards. Raspberry pi system have the database of the employees so comparing the database if
employees details are matched employ can entered into company. Thus with the help of this system, time will be
saved and it is so convenient to record employees. And the details of the employees will be sent to the
corresponding head of organization using IOT technology
To develop an Application to visualize the key board of computer with the concept of image processing. The virtual
keyboard should be accessible and functioning. The keyboard must give input to computer. With the help of camera, image
of keyboard will be fetched. The typing will be captured by camera, as we type on cardboard simply drawn on paper. Camera
will capture finger movement while typing. So basically this is giving the virtual keyboard.
As the technology advances, more and more systems are introduced which will look after the users comfort. Few
years before hard switches were used as keys. Traditional QWERTY keyboards are bulky and offer very little in terms of
enhancements. Now-a-days soft touch keypads are much popular in the market. These keypads give an elegant look and a
better feel. Currently keyboards are static and their interactivity and usability would increase if they were made dynamic and
adaptable. Various on-screen virtual keyboards are available but it is difficult to accommodate full sized keyboard on the
screen as it creates hindrance to see the documents being typed. Virtual Keyboard has no physical appearance. Although
other forms of Virtual Keyboards exist; they provide solutions using specialized devices such as 3D cameras. Due to this, a
practical implementation of such keyboards is not feasible. The Virtual Keyboard that we propose uses only a standard web
camera, with no additional hardware. Thus we see that the new technology always has more Benefits and is more userfriendly.
Osteoarthritis (OA) is the most common form of arthritis seen in aged or older populations. It is caused
because of a degeneration of articular cartilage, which functions as shock absorption cushion in knee joint. OA
also leads sliding of bones together, cause swelling, pain, eventually and loss of motion. Nowadays, magnetic
resonance imaging (MRI) technique is widely used in the progression of osteoarthritis diagnosis due to the ability
to display the contrast between bone and cartilage. Usually, analysis of MRI image is done manually by a
physician which is very unpredictable, subjective and time consuming. Hence, there is need to develop automated
system to reduce the processing time. In this paper, a new automatic knee OA detection system based on feature
extraction and artificial neural network is developed. The different features viz GLCM texture, statistical, shape
etc. is extracted by using different image processing algorithms. This detection system consists of 4 stages, which
are pre-processing with ROI cropping, segmentation, feature extraction, and classification by neural network. This
technique results 98.5% of classification accuracy at training stage and 92% at testing stage.
Keywords — Artificial Neural Network (ANN), Gray Level Co-occurrence Matrix (GLCM),Knee
Joint, Magnetic Resonance Imaging (MRI), Osteoarthritis(OA).
Free Space Optics is a medium with high bandwidth which has maximum data rate. Demand for
large data speed capacity has been increasing exponentially due to the massive spread of internet
So with the growing transmission rate and demand in the field of optical communication, the electronic
regeneration has become more expensive. With the introduction of power optical amplifiers the cost of
converting optical signals to electronic
combinations of hybrid amplifiers have been studied and emerged in FSO system. Their performances
have been compared on the basis of transmission distance
For Image Authentication Problem using Encryption Technique and LDPC Source Coding is necessary in Content
Delivery via unsecure medium, Like Peer-To-Peer (P2P) File Sharing. These transferring Digital Files from one Computer to
another. Images are the Most Important Utility of our life. They are used in many applications. There are Two Main Goals of
Image Security: Image Encryption and Authentication. More different encoded versions of the original image available.In
addition, unsecure medium might tamper with the contents.. We propose an efficient, accurate, reliable process using
encryption and LDPC source coding for the image authentication problem. The key idea is to provide a Slepian-Wolf encoded
as authentication data which is encrypted using cryptography key before ready to send. The key used for encryption is usually
independent of the Plain-Image. This can be decoded with side information of an authentic image.
Generally the prediction of behaviour of material at high temperature is very difficult. During design of
components which are subjected to or working at high temperature must consider the testing at elevated
temperature. Hot tensile testing (HTT) is the method of tensile testing of material at elevated temperature. The
materials used for automotive or aerospace applications are mostly subject to cyclic loading, high temperature
and sometimes involve high frequency vibrations. High strength aluminium alloys are one class of materials that
are widely used in the automotive and aerospace industries .In this work I test A413 material for HTT at different
temperature and strain rate, which can be used for piston.
Keywords — HTT, high temperature, strain rate, piston, automotive or aerospace.
This document summarizes research on sign language recognition systems. It discusses previous work on image-based sign language recognition using approaches like colored gloves, geometric feature extraction, and orientation histograms. It then describes the proposed system, an Android application that uses hand gesture recognition with real-time text and speech conversion. Key steps include gesture extraction using background subtraction and blob detection, gesture matching, and text-to-speech conversion. The system allows users to define their own sign language database to facilitate communication across different sign languages.
Keyloggers are a invasive software often used to harvest secret information. One of the main reasons for
this fast growth is the possibility for unprivileged programs running in the user space to secretly steal and record all the
keystrokes typed by the users on a system. The ability to run in unprivileged mode makes possible their implementation
and distribution. but, at the same time, allows one to understand and imitate their behavior in detail.
Sample PPT Format.pptx E-commerce website for loginnaveendurga557
This document summarizes a proposed system for efficiently detecting keyloggers in e-commerce websites. The system aims to address limitations in existing approaches, such as lack of security when the cloud server and data providers are compromised. The proposed system provides more secure data processing and prevents data loss through less time-consuming and secure automated processes that overcome manual efforts. It requires Java/J2EE technologies, MySQL database, and hardware including an Intel dual-core processor and 4GB RAM. The conclusion states that the system accurately detects common user-space keyloggers by correlating input keystrokes with output patterns in a black-box manner without false positives or negatives.
IRJET- Development of Uncrackable SoftwareIRJET Journal
This document discusses challenges with developing uncrackable software and proposes potential solutions. It describes how software cracking works by modifying programs to gain unauthorized access. Existing approaches like virtual machines and encryption are analyzed, but have limitations. Virtual machines reduce performance and encryption approaches can still be broken by analyzing the decryption process and keys used. The document concludes that truly uncrackable software would need to avoid decrypting encrypted codes on the user's device, to prevent the user from accessing decryption keys and algorithms.
Keylogging, one of the unsafe malware, is the movement of recording the keys struck on a console with the end goal that the individual utilizing the console is obscure about the way that their activities are being watched. It has legitimate use in examination of human PC collaboration and is considered as the primary danger for business and individual exercises. It tends to be utilized to catch passwords and other secret data entered by means of the console. Subsequently, counteraction of keylogging is significant and severe validation is needed for it. Planning of secure confirmation conventions is very testing, taking into account that different sorts of root units dwell in Personal Computers to watch clients conduct. There are different keylogging procedures, stretching out from equipment and programming based techniques to acoustic assessment. Human contribution in confirmation conventions, however ensuring, isnt straightforward. This paper surveys different examination regions which spread convention confirmations utilized safely forestalling the representation of keylogging assaults. Dr. C. Umarani | Rajrishi Sengupta "Keyloggers: A Malicious Attack" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd35776.pdf Paper URL : https://www.ijtsrd.com/engineering/computer-engineering/35776/keyloggers-a-malicious-attack/dr-c-umarani
Exploits Attack on Windows VulnerabilitiesAmit Kumbhar
The document discusses exploiting vulnerabilities using Metasploits, including an introduction to exploits and payloads, an overview of the Metasploit framework, examples of using exploits like windows/dcerpc/ms03_026_dcom with payloads like windows/meterpreter/bind_tcp, and a discussion of pivoting and using compromised systems to attack other targets on the same network.
The document discusses how to conduct a software exploitation attack using Metasploit Framework against a Windows XP system with Snort installed. It describes exploiting the Microsoft Graphics Rendering Engine vulnerability from 2006 using Metasploit to gain remote system access on the target. Snort's logs show it detected the attack as it occurred. The goal was to see how Snort would react to the attack.
Securezy - A Penetration Testing ToolboxIRJET Journal
This document presents a toolbox called Securezy that aims to make penetration testing and ethical hacking more approachable for beginners. It contains three tools integrated into a graphical user interface: a port scanner for reconnaissance, a text encryption/decryption tool, and a password cracker. The tools correspond to different phases of the cyber kill chain model and aim to streamline the workflow for penetration testers by providing commonly used tools in one program. The document discusses the need for tools that lower the barrier of entry for those interested in cybersecurity and the motivation to design Securezy for beginners to more easily learn penetration testing techniques.
This white paper includes all the basic things about Rootkit, how they work, their types, detection methods, their uses, the concept of payload, and rootkit removal.
IRJET- Secure Data Protection in Cloud ComputingIRJET Journal
This document proposes a system to securely store data in the cloud by using honeypot technology and cryptographic algorithms. The proposed system aims to provide better data security for users by only allowing authenticated users to access encrypted data stored in the cloud. If an unauthenticated user attempts to access the data, the system will send them garbage files using honeypot technology to detect unauthorized access attempts. The system uses RSA encryption to encrypt user files before storing them in the cloud, requiring the private key to decrypt files, ensuring only authenticated users can access the encrypted user data stored remotely.
When developer's api simplify user mode rootkits developing.Yury Chemerkin
This is a series of articles about shell extensions that enhance high-level features of any operation system. However, such possibilities not only enrich platform but simplify developing trojans, exploits that leads to the new security holes. Mostly this kind of extensions are known as usermode rootkits.
http://hakin9.org/theultimat/
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online.
Securing Database Passwords Using a Combination of hashing and Salting Techni...Fego Ogwara
This document discusses securing database passwords. It begins by outlining some challenges with storing passwords in plain text or encrypted form, namely that anyone with access could gain passwords. It then discusses encrypting passwords as more secure but still having issues if the secret is compromised or two users share the same encrypted password. It introduces using a salt to help address known plaintext attacks, and concludes discussing using a hash function and salt to better secure passwords.
A Survey of Keylogger in Cybersecurity Educationijtsrd
Keylogger applications try to retrieve exclusive statistics through covertly shooting consumer enter through keystroke tracking after which relaying these statistics to others, frequently for malicious purposes. Keyloggers hence pose a chief danger to commercial enterprise and private sports consisting of Internet transactions, online banking, email, or chat. To cope with such threats, now no longer most effective ought to customers be made aware of this form of malware, however software program practitioners and college students ought to additionally be knowledgeable withinside the layout, implementation, and tracking of powerful defenses towards distinctive keylogger attacks. This paper affords a case for incorporating keylogging in cybersecurity schooling. First, the paper affords a top level view of keylogger applications, discusses keylogger layout, implementation, and utilization, and affords powerful tactics to hit upon and save you keylogging attacks. Second, the paper outlines numerous keylogging tasks that may be integrated into an undergraduate computing software to train the subsequent technology of cybersecurity practitioners on this crucial topic. Raja Saha | Dr. Umarani Chellapandy "A Survey of Keylogger in Cybersecurity Education" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-6 | Issue-3 , April 2022, URL: https://www.ijtsrd.com/papers/ijtsrd49471.pdf Paper URL: https://www.ijtsrd.com/computer-science/computer-security/49471/a-survey-of-keylogger-in-cybersecurity-education/raja-saha
Effective Data Erasure and Anti Forensics Techniquesijtsrd
Deleting sensitive data after usage is just as important as storing of data in a safe location. In the verge of cyber attacks such as data theft happening, it is best to delete or purge or destroy unwanted sensitive data after its use as soon as possible. Data stored offline, for example in hard disks are just as prone to get stolen as the data stored online. For destroying the data to ensure cybercriminals should not get hold of this, techniques such as Data Wiping and Anti Forensics are used. A study is done on how these techniques can be used to the advantage of our system and against the cyber criminals. Anand V | Dr. MN Nachappa "Effective Data Erasure and Anti-Forensics Techniques" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-5 | Issue-1 , December 2020, URL: https://www.ijtsrd.com/papers/ijtsrd38043.pdf Paper URL : https://www.ijtsrd.com/computer-science/computer-security/38043/effective-data-erasure-and-antiforensics-techniques/anand-v
This document discusses the development of a cross-platform penetration testing suite that compiles standard penetration testing tools into a single mobile application. The suite aims to provide easy access to penetration testing tools on any Android device, improving portability for ethical hackers. It does not require root access of the user's phone. The suite is designed to perform tasks like port scanning, vulnerability scanning, payload generation, and more. It consolidates typical tools used for information gathering, vulnerability assessment, exploitation, and covering tracks into a single interface. This allows ethical hackers to conduct basic penetration tests using only their mobile device.
This document summarizes a research paper about implementing self-healing mechanisms to protect against control flow attacks in wireless sensor networks. The paper proposes an access control scheme that can detect attempts to alter the control flow of sensor applications and then recover the sensor data. It processes application code at the machine instruction level rather than analyzing source code. The implementation shows that the self-healing scheme is lightweight and can effectively protect sensor applications from control flow attacks by enforcing access control, providing self-healing recovery, and diversifying code images across sensors.
[Codientu.org] design of a microcontroller based circuit for software protectionHieu Le Dinh
This document describes a microcontroller-based circuit designed for software protection. The circuit exchanges an encrypted key between a protected software program and a hardware "hard key". The key exchange process and encryption algorithm are described. The circuit hardware components including a microcontroller, crystal oscillator, and MAX232 chip are listed. Software was written in C to control the microcontroller. Testing showed the protected software runs fully with a valid hard key, but with limitations without a valid key, demonstrating the circuit can reliably protect software from unauthorized use and piracy.
OWASP Top 10 Web Attacks (2017) with Prevention MethodsIRJET Journal
This document discusses the OWASP Top 10 web attacks from 2017 and methods to prevent them. It summarizes each of the top 10 attacks, demonstrates how they can be carried out, and provides prevention methods. The attacks discussed include injection, broken authentication, sensitive data exposure, XML external entities, broken access control, security misconfiguration, and cross-site scripting. For each attack, the document shows screenshots from demonstrations of exploiting vulnerabilities and gaining unauthorized access. It emphasizes the importance of security for web applications and basic prevention methods like input validation, access control, encryption, updating software.
This document discusses the creation of a backdoor to gain unauthorized access to a Windows computer. It begins with an abstract that outlines creating an advanced backdoor file that works like normal files but allows an attacker to retain access and make changes. The document then covers how backdoors work by bypassing authentication, different types of backdoors like Trojans and web shells, an overview of the proposed backdoor system using Python sockets and commands, and requirements for the system.
This document discusses sandbox technology, which aims to create a secure virtualized environment for running applications in isolation. A sandbox allows untested code to be run safely without impacting the host system. Key components sandboxed include files, the registry, network interfaces, and processes. The document also describes a proposed system using isolated sandbox nodes connected through a mimetic internet to model network behavior and detect malware trying to determine if the environment is virtualized. The goal is to design a secure sandbox model for testing applications in Windows.
Similar to [IJCT-V3I2P25] Authors: Mr.S.Jagadeesan,M.Sc, MCA., M.Phil., ME[CSE]., S.Rubiya (20)
These days we have an increased number of heart diseases including increased risk of heart attacks. Our proposed system users sensors that allow to detect heart rate of a person using heartbeat sensing even if the person is at home. The sensor is then interfaced to a microcontroller that allows checking heart rate readings and transmitting them over internet. The user may set the high as well as low levels of heart beat limit. After setting these limits, the system starts monitoring and as soon as patient heart beat goes above a certain limit, the system sends an alert to the controller which then transmits this over the internet and alerts the doctors as well as concerned users. Also the system alerts for lower heartbeats. Whenever the user logs on for monitoring, the system also displays the live heart rate of the patient. Thus concerned ones may monitor heart rate as well get an alert of heart attack to the patient immediately from anywhere and the person can be saved on time.This value will continue to grow if no proper solution is found. Internet of Things (IoT) technology developments allows humans to control a variety of high-tech equipment in our daily lives. One of these is the ease of checking health using gadgets, either a phone, tablet or laptop. we mainly focused on the safety measures for both driver and vehicle by using three types of sensors: Heartbeat sensor, Traffic light sensor and Level sensor. Heartbeat sensor is used to monitor heartbeat rate of the driver constantly and prevents from the accidents by controlling through IOT.
ABSTRACT The success of the cloud computing paradigm is due to its on-demand, self-service, and pay-by-use nature. Public key encryption with keyword search applies only to the certain circumstances that keyword cipher text can only be retrieved by a specific user and only supports single-keyword matching. In the existing searchable encryption schemes, either the communication mode is one-to-one, or only single-keyword search is supported. This paper proposes a searchable encryption that is based on attributes and supports multi-keyword search. Searchable encryption is a primitive, which not only protects data privacy of data owners but also enables data users to search over the encrypted data. Most existing searchable encryption schemes are in the single-user setting. There are only few schemes in the multiple data users setting, i.e., encrypted data sharing. Among these schemes, most of the early techniques depend on a trusted third party with interactive search protocols or need cumbersome key management. To remedy the defects, the most recent approaches borrow ideas from attribute-based encryption to enable attribute-based keyword search (ABKS
This document reviews the behavior of reinforced concrete deep beams. Deep beams are defined as having a shear span to depth ratio of less than 5. The response of deep beams differs from regular beams due to the influence of shear deformations and stresses. Failure modes include flexure, flexural-shear, and diagonal cracking. Previous studies investigated factors affecting shear strength such as concrete strength, reinforcement, and loading conditions. Equations have been proposed to predict shear strength based on test results.
Subcutaneous administration of toluene to rabbits for 6 weeks resulted in significant increases in liver enzyme levels and histopathological changes in the liver tissue. Liver sections from toluene-treated rabbits showed congested central veins, flattening and vacuolation of hepatocytes, and disarrangement of hepatic architecture. In contrast, liver sections from control rabbits appeared normal. Toluene exposure is known to cause oxidative stress and damage cell membranes in the liver through its metabolism.
This document summarizes a research paper that proposes a system to analyze crop phenology (growth stages) using IoT to support parallel agriculture management. The system would use sensors to collect data on soil moisture, temperature, humidity and other parameters. This data would be input to a database. Then, a multiple linear regression model trained on past data would predict the optimal crop and expected yield based on the tested sensor data and parameters. This system aims to help farmers select crops and fertilization practices tailored to their specific fields' conditions.
This document summarizes a study that determined the liberation size of gold ore from the Iperindo-Ilesha deposit in Nigeria and assessed its amenability to froth flotation. Samples of the ore were collected and subjected to sieve analysis to determine particle size fractions. Chemical analysis found that the actual and economic liberation sizes were 45μm and 250μm, respectively. Froth flotation experiments at 45μm particle size and varying collector dosages achieved a maximum gold recovery of 78.93% at 0.3 mol/dm3 collector dosage, with concentrate grade of 115 ppm Au. These parameters will be used for further processing to extract gold from this deposit.
This document presents a proposal for an IOT-based intelligent baby care system with a web application for remote baby monitoring. The system uses sensors to automatically swing a cradle when a baby cries, sound alarms if the baby cries for too long or the mattress is wet, and sends alerts to a web page for parents to monitor the baby's status from anywhere via internet connection. The proposed system aims to help working parents manage childcare remotely using sensors, a Raspberry Pi, web camera, and cloud server to detect the baby's activities and notify parents through a web application on their phone.
This document discusses various sources of water pollution and new techniques being developed for water purification. It begins by outlining how water pollution occurs from industrial wastes like mining and manufacturing, agricultural runoff containing pesticides, and domestic waste. It then examines some specific pollutants in more depth from these sources. New techniques under research for water purification are also mentioned, with the goal of developing more affordable methods. The document aims to analyze the impact of pollutants on water and introduce promising new purification techniques.
This document summarizes a research paper on using big data methodologies with IoT and its applications. It discusses how big data analytics is being used across various fields like engineering, data management, and more. It also discusses how IoT enables the collection of massive amounts of data from sensors and devices. Machine learning techniques are used to analyze this big data from IoT and enable communication between devices. The document provides examples of domains where big data and IoT are being applied, such as healthcare, energy, transportation, and others. It analyzes the similarities and differences in how big data techniques are used across these IoT domains.
The document describes a proposed smart library automation and monitoring system using RFID technology. The system uses RFID tags attached to books and student ID cards. An RFID scanner reads the tags to automate processes like tracking student entry and exit, book check-in/check-out, and inventory management. This allows transactions to occur without manual intervention. The system also includes an Android app for students to search books and check availability. The goals are to streamline library operations, prevent unauthorized access, and help locate misplaced books. Raspberry Pi hardware and a MySQL database are part of the proposed implementation.
This document discusses congestion control techniques for vehicular ad hoc networks (VANETs). It first provides background on VANETs, noting their use of vehicle-to-vehicle communication to share information. Congestion can occur when there is a sudden increase in data from nodes in the network. The document then reviews different existing congestion control schemes, which vary in how they adjust source sending rates and handle transient congestion. It proposes a priority-based congestion control technique using dual queues, one for transit packets and one for locally generated packets. This approach aims to route packets along less congested paths when congestion is detected based on buffer occupancy.
This document summarizes a research paper that proposes applying principles of Vedic mathematics to optimize the design of multipliers, squarers, and cubers. It begins by providing background on multipliers and their importance in electronic systems. It then reviews related work applying Vedic mathematics to multiplier design. The document outlines the methodology for performing multiplication, squaring, and cubing according to Vedic mathematics principles. It presents simulation and synthesis results comparing the proposed Vedic designs to traditional array-based designs, finding improvements in speed, power, and area. The document concludes that Vedic mathematics provides an effective approach for optimizing the design of these fundamental arithmetic components.
Cloud computing is the one of the emerging techniques to process the big data. Large collection of set or large
volume of data is known as big data. Processing of big data (MRI images and DICOM images) normally takes
more time compare with other data. The main tasks such as handling big data can be solved by using the concepts
of hadoop. Enhancing the hadoop concept it will help the user to process the large set of images or data. The
Advanced Hadoop Distributed File System (AHDF) and MapReduce are the two default main functions which
are used to enhance hadoop. HDF method is a hadoop file storing system, which is used for storing and retrieving
the data. MapReduce is the combinations of two functions namely maps and reduce. Map is the process of
splitting the inputs and reduce is the process of integrating the output of map’s input. Recently, in medical fields
the experienced problems like machine failure and fault tolerance while processing the result for the scanned
data. A unique optimized time scheduling algorithm, called Advanced Dynamic Handover Reduce Function
(ADHRF) algorithm is introduced in the reduce function. Enhancement of hadoop and cloud introduction of
ADHRF helps to overcome the processing risks, to get optimized result with less waiting time and reduction in
error percentage of the output image
Text mining has turned out to be one of the in vogue handle that has been joined in a few research
fields, for example, computational etymology, Information Retrieval (IR) and data mining. Natural
Language Processing (NLP) methods were utilized to extricate learning from the textual text that is
composed by people. Text mining peruses an unstructured form of data to give important
information designs in a most brief day and age. Long range interpersonal communication locales
are an awesome wellspring of correspondence as the vast majority of the general population in this
day and age utilize these destinations in their everyday lives to keep associated with each other. It
turns into a typical practice to not compose a sentence with remedy punctuation and spelling. This
training may prompt various types of ambiguities like lexical, syntactic, and semantic and because of
this kind of indistinct data; it is elusive out the genuine data arrange. As needs be, we are directing
an examination with the point of searching for various text mining techniques to get different
textual requests via web-based networking media sites. This review expects to depict how
contemplates in online networking have utilized text investigation and text mining methods to
identify the key topics in the data. This study concentrated on examining the text mining
contemplates identified with Facebook and Twitter; the two prevailing web-based social networking
on the planet. Aftereffects of this overview can fill in as the baselines for future text mining research.
Colorectal cancer (CRC) has potential to spread within the peritoneal cavity, and this transcoelomic
dissemination is termed “peritoneal metastases” (PM).The aim of this article was to summarise the current
evidence regarding CRC patients at high risk of PM. Colorectal cancer is the second most common cause of cancer
death in the UK. Prompt investigation of suspicious symptoms is important, but there is increasing evidence that
screening for the disease can produce significant reductions in mortality.High quality surgery is of paramount
importance in achieving good outcomes, particularly in rectal cancer, but adjuvant radiotherapy and chemotherapy
have important parts to play. The treatment of advanced disease is still essentially palliative, although surgery for
limited hepatic metastases may be curative in a small proportion of patients.
This document summarizes a research paper on the thermal performance of air conditioners using nanofluids compared to base fluids. Key points:
- Nanofluids, which are liquids containing nanoparticles, can improve heat transfer in heat pipes and cooling systems due to their higher thermal conductivity compared to base fluids.
- The document reviews how factors like nanofluid type, nanoparticle size and concentration affect thermal efficiency and heat transfer limits. It also examines using nanofluids to enhance heat exchange in transmission fluids.
- An experimental setup is described to study heat transfer and friction factors of water-based Al2O3 nanofluids in a horizontal tube under constant heat flux. Temperature, pressure and flow rate are measured
Now-a-day’s pedal powered grinding machine is used only for grinding purpose. Also, it requires lots of efforts
and limited for single application use. Another problem in existing model is that it consumed more time and also has
lower efficiency. Our aim is to design a human powered grinding machine which can also be used for many purposes
like pumping, grinding, washing, cutting, etc. it can carry water to a height 8 meter and produces 4 ampere of electricity
in most effective way. The system is also useful for the health conscious work out purpose. The purpose of this technical
study is to increase the performance and output capacity of pedal powered grinding machine.
This document summarizes a research paper that proposes using distributed control of multiple energy storage units (ESUs) to manage voltage and loading in electric distribution networks with renewable energy sources like solar and wind. The distributed control approach coordinates the ESUs to store excess power generated during peak periods and discharge it during peak load periods. Each ESU can provide both active and reactive power to support voltage and manage power flows. The distributed control strategy uses a consensus algorithm to divide the required active power reduction equally among ESUs based on their available capacity. Simulation results are presented to analyze the coordinated control of ESU active and reactive power outputs over time.
The steady increase in non-linear loads on the power supply network such as, AC variable speed drives,
DC variable Speed drives, UPS, Inverter and SMPS raises issues about power quality and reliability. In this
subject, attention has been focused on harmonics . Harmonics overload the power system network and cause
reliability problems on equipment and system and also waste energy. Passive and active harmonic filters are
used to mitigate harmonic problems. The use of both active and passive filter is justified to mitigate the
harmonics. The difficulty for practicing engineers is to select and deploy correct harmonic filters , This paper
explains which solutions are suitable when it comes to choosing active and passive harmonic filters and also
explains the mistakes need to be avoided.
This Paper is aimed at analyzing the few important Power System equipment failures generally
occurring in the Industrial Power Distribution system. Many such general problems if not resolved it may
lead to huge production stoppage and unforeseen equipment damages. We can improve the reliability of
Power system by simply applying the problem solving tool for every case study and finding out the root cause
of the problem, validation of root cause and elimination by corrective measures. This problem solving
approach to be practiced by every day to improve the power system reliability. This paper will throw the light
and will be a guide for the Practicing Electrical Engineers to find out the solution for every problem which
they come across in their day to day maintenance activity.
More from IJET - International Journal of Engineering and Techniques (20)
Applications of artificial Intelligence in Mechanical Engineering.pdfAtif Razi
Historically, mechanical engineering has relied heavily on human expertise and empirical methods to solve complex problems. With the introduction of computer-aided design (CAD) and finite element analysis (FEA), the field took its first steps towards digitization. These tools allowed engineers to simulate and analyze mechanical systems with greater accuracy and efficiency. However, the sheer volume of data generated by modern engineering systems and the increasing complexity of these systems have necessitated more advanced analytical tools, paving the way for AI.
AI offers the capability to process vast amounts of data, identify patterns, and make predictions with a level of speed and accuracy unattainable by traditional methods. This has profound implications for mechanical engineering, enabling more efficient design processes, predictive maintenance strategies, and optimized manufacturing operations. AI-driven tools can learn from historical data, adapt to new information, and continuously improve their performance, making them invaluable in tackling the multifaceted challenges of modern mechanical engineering.
Mechatronics is a multidisciplinary field that refers to the skill sets needed in the contemporary, advanced automated manufacturing industry. At the intersection of mechanics, electronics, and computing, mechatronics specialists create simpler, smarter systems. Mechatronics is an essential foundation for the expected growth in automation and manufacturing.
Mechatronics deals with robotics, control systems, and electro-mechanical systems.
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...PriyankaKilaniya
Energy efficiency has been important since the latter part of the last century. The main object of this survey is to determine the energy efficiency knowledge among consumers. Two separate districts in Bangladesh are selected to conduct the survey on households and showrooms about the energy and seller also. The survey uses the data to find some regression equations from which it is easy to predict energy efficiency knowledge. The data is analyzed and calculated based on five important criteria. The initial target was to find some factors that help predict a person's energy efficiency knowledge. From the survey, it is found that the energy efficiency awareness among the people of our country is very low. Relationships between household energy use behaviors are estimated using a unique dataset of about 40 households and 20 showrooms in Bangladesh's Chapainawabganj and Bagerhat districts. Knowledge of energy consumption and energy efficiency technology options is found to be associated with household use of energy conservation practices. Household characteristics also influence household energy use behavior. Younger household cohorts are more likely to adopt energy-efficient technologies and energy conservation practices and place primary importance on energy saving for environmental reasons. Education also influences attitudes toward energy conservation in Bangladesh. Low-education households indicate they primarily save electricity for the environment while high-education households indicate they are motivated by environmental concerns.
Accident detection system project report.pdfKamal Acharya
The Rapid growth of technology and infrastructure has made our lives easier. The
advent of technology has also increased the traffic hazards and the road accidents take place
frequently which causes huge loss of life and property because of the poor emergency facilities.
Many lives could have been saved if emergency service could get accident information and
reach in time. Our project will provide an optimum solution to this draw back. A piezo electric
sensor can be used as a crash or rollover detector of the vehicle during and after a crash. With
signals from a piezo electric sensor, a severe accident can be recognized. According to this
project when a vehicle meets with an accident immediately piezo electric sensor will detect the
signal or if a car rolls over. Then with the help of GSM module and GPS module, the location
will be sent to the emergency contact. Then after conforming the location necessary action will
be taken. If the person meets with a small accident or if there is no serious threat to anyone’s
life, then the alert message can be terminated by the driver by a switch provided in order to
avoid wasting the valuable time of the medical rescue team.
Open Channel Flow: fluid flow with a free surfaceIndrajeet sahu
Open Channel Flow: This topic focuses on fluid flow with a free surface, such as in rivers, canals, and drainage ditches. Key concepts include the classification of flow types (steady vs. unsteady, uniform vs. non-uniform), hydraulic radius, flow resistance, Manning's equation, critical flow conditions, and energy and momentum principles. It also covers flow measurement techniques, gradually varied flow analysis, and the design of open channels. Understanding these principles is vital for effective water resource management and engineering applications.
Home security is of paramount importance in today's world, where we rely more on technology, home
security is crucial. Using technology to make homes safer and easier to control from anywhere is
important. Home security is important for the occupant’s safety. In this paper, we came up with a low cost,
AI based model home security system. The system has a user-friendly interface, allowing users to start
model training and face detection with simple keyboard commands. Our goal is to introduce an innovative
home security system using facial recognition technology. Unlike traditional systems, this system trains
and saves images of friends and family members. The system scans this folder to recognize familiar faces
and provides real-time monitoring. If an unfamiliar face is detected, it promptly sends an email alert,
ensuring a proactive response to potential security threats.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
Discover the latest insights on Data Driven Maintenance with our comprehensive webinar presentation. Learn about traditional maintenance challenges, the right approach to utilizing data, and the benefits of adopting a Data Driven Maintenance strategy. Explore real-world examples, industry best practices, and innovative solutions like FMECA and the D3M model. This presentation, led by expert Jules Oudmans, is essential for asset owners looking to optimize their maintenance processes and leverage digital technologies for improved efficiency and performance. Download now to stay ahead in the evolving maintenance landscape.
Digital Twins Computer Networking Paper Presentation.pptxaryanpankaj78
A Digital Twin in computer networking is a virtual representation of a physical network, used to simulate, analyze, and optimize network performance and reliability. It leverages real-time data to enhance network management, predict issues, and improve decision-making processes.
Supermarket Management System Project Report.pdfKamal Acharya
Supermarket management is a stand-alone J2EE using Eclipse Juno program.
This project contains all the necessary required information about maintaining
the supermarket billing system.
The core idea of this project to minimize the paper work and centralize the
data. Here all the communication is taken in secure manner. That is, in this
application the information will be stored in client itself. For further security the
data base is stored in the back-end oracle and so no intruders can access it.
1. International Journal of Computer Techniques -– Volume 3 Issue 2, Mar-Apr 2016
ISSN :2394-2231 http://www.ijctjournal.org Page 176
Unprivileged Black-Box Detection of User-Space Key loggers
1
Mr.S.Jagadeesan,M.Sc, MCA., M.Phil., ME[CSE].,
2
S.Rubiya,
1
Assistant professor,
2
Final year,
Department of Computer Applications,
Nandha Engineering College/Anna University,
Erode.
----------------------------------------************************----------------------------------
Abstract:
Software keyloggers are a fast growing class of invasive software often used to harvest confidential
information. One of the main reasons for this rapid growth is the possibility for unprivileged programs
running in user space to eavesdrop and record all thekeystrokes typed by the users of a system. The ability
to run in unprivileged mode facilitates their implementation and distribution, but,at the same time, allows
one to understand and model their behavior in detail. Leveraging this characteristic, we propose a new
detection technique that simulates carefully crafted keystroke sequences in input and observes the behavior
of the keylogger in output to unambiguously identify it among all the running processes. We have
prototyped our technique as an unprivileged application, hence matching the same ease of deployment of a
keylogger executing in unprivileged mode. We have successfully evaluated the underlying technique
against the most common free keyloggers. This confirms the viability of our approach in practical
scenarios. We have also devised potential evasion techniques that may be adopted to circumvent our
approach and proposed a heuristic to strengthen the effectiveness of our solution against more elaborated
attacks. Extensive experimental results confirm that our technique is robust to both false positives and
false negatives in realistic settings.
Keywords — Invasive software, keylogger, security, black-box, PCC
----------------------------------------************************----------------------------------
I. INTRODUCTION
KEYLOGGERS are entrenched on a machine to
deliberately monitor the user action by logging
keystrokes and finally delivering them to a third
party [1]. While they are rarely used for genuine
drives (e.g., surveillance/parental monitoring
infrastructures), key loggers are often unkindly
exploited by assailants to steal intimate information.
Many credit card numbers then passwords have
been occupied using key loggers [2], [3], which
makes them one of the most unsafe types of
spyware recognised to date.
Key loggers can be applied as tiny hardware plans
or more suitably in software. Software-based key
logger image be additional classified based on the
privileges they require to perform. Key loggers
applied by a kernel unit run with full freedoms in
kernel space. Equally, a fully poor key logger can
be applied by a simple user-space procedure. It is
significant to notice that auser-space key logger can
easily rely on recognised sets of poor APIs
commonly available on modern working systems
(OSs). This is not the case for a key logger applied
as a seed module. In seed space, the computer
operator must rely on kernel-level amenities to
interrupt all the messages posted by the console
driver, certainly needful a substantial effort then
information for an real and bug-free
implementation. Also, a key logger applied as a
user-space procedure is much calmer to deploy
since no special consent is required. A
user can mistakenly regard the key logger as a
inoffensive part of software and being cuckolded in
performing it. On the conflicting, kernel-space key
loggers need a user with wonderful user freedoms
to deliberately install and execute unsigned code
within the kernel, a repetition often prohibited by
RESEARCH ARTICLE OPEN ACCESS
2. International Journal of Computer Techniques -– Volume 3 Issue 2, Mar-Apr 2016
ISSN :2394-2231 http://www.ijctjournal.org Page 177
modern working systems such Gaps Vista or
Windows 7. In light of these comments, it is no
surprise that 95 out of a hundred of the current key
loggers run in user space [4]. Notwithstanding the
rapid development of key logger-based deceptions
(i.e., identity theft, password leakage, etc.), not
many effective and efficient solutions have been
proposed to address this problem. Old-style defense
mechanisms use Finger production plans similar to
those used to detect worms and worms.
Inappropriately, this plan is hardly real against the
vast amount of new key logger alternatives
developing every day in the wild. In this paper, we
propose a new method to detect key loggers
running as poor user-space procedures. To match
the same placement model, our method is
completely applied in an poor process. As a
consequence, our answer is portable, uninstructive,
easy to install, then yet very real. In the final part of
this paper, we further authenticate our approach
with a home full-grown key logger that efforts to
thwart our discovery method.
2 INTERNALS OF MODERN
KEYLOGGERS
Breaking the privacy of an separate by
classification his keystrokes can be committed at
many dissimilar levels. For example, an assailant
with bodily access to the mechanism might bug the
hardware of the keyboard. A lying audio releases
produced by the user typing [6], or convenient to
purchase a software solution, install it on all
implemented in many different ways. Aimed at
instance, outside keyloggers rely on approximately
physical property, either the mechanism.
Contingent on the location, a keylogger can be
owner of an Internet cafe´, in turn, may find it more
the electromagnetic releases of a wireless keyboard
[7]. the stations, and have the logs released on his
own Hardware keyloggers are still outside plans,
but are applied as dongles placed in amid keyboard
and motherboard. All these plans, though, need
bodily access to the board machine.
To overwhelmed this kerb, software
approaches are additional commonly used.
Hypervisor-based keyloggers (e.g., BluePill [8]) are
the frank software development of hardware based
keyloggers, factually execution a man-in-the-
middle bout amid the hardware then the working
system. Kernel keyloggers originate instant in the
chain then are often applied as part of more
multifaceted rootkits. In difference to hypervisor-
based methods, hooks are straight used to interrupt
buffer-processing proceedings or additional seed
messages. Albeit effective, all these methods need
advantaged access to the machine. Furthermore,
script a kernel driver hypervisor-based methods
pose even more challenges requires a considerable
effort and knowledge for an effective and bug-free
implementation (smooth a single bug may lead to a
kernel fright). User-space keyloggers, on the
additional hand, do not need any special honour to
be deployed. They can be connected and performed
irrespective of the freedoms granted.
Fig. 1. The distribution stages of a keystroke, then
the mechanisms possibly undermined (we omit
hypervisor-based methods for the sake of clarity)
This is a feat unbearable for kernel keyloggers,
since they need either super user freedoms or a
susceptibility that allows random kernel code
implementation. Also, user space keylogger authors
can securely rely on well-documented sets of APIs
usually obtainable on modern working systems,
with no singular programming skills obligatory.
3.APPROACH
Our method is openly focused on scheming a
detection method for poor user-space keyloggers.
Unlike other classes of keyloggers, a user-space
keylogger is a contextual process which lists
operating-system-supported hooks to furtively
3. International Journal of Computer Techniques -– Volume 3 Issue 2, Mar-Apr 2016
ISSN :2394-2231 http://www.ijctjournal.org Page 178
snoop (and log) every keystroke delivered by the
user into the current forefront application. Our goal
is to stop user-space keyloggers after theft intimate
data originally envisioned for a (trusted) genuine
foreground request. Hateful foreground requests
furtively classification user-issued keystrokes (e.g.,
a keylogger deceiving a right-hand word computer
application) and request-specific keyloggers (e.g.,
browser plugins furtively execution keylogging
activities) are outdoor our danger model then
cannot be recognised using our discovery
technique. Too note that a contextual keylogger
cannot brood a forefront request and steal the
current request focus on request deprived of the
user directly noticing. Our perfect is founded on
these comments and travels the option of isolating
the keylogger in a skilful setting, where its
behaviour is straight exposed to the discovery
system. Our method includes controlling the
keystroke proceedings that the keylogger obtains in
input, and continually nursing the I/O action made
by the keylogger in output. To declare discovery,
we leverage the instinct that the association amid
the input and output of the skilful setting can be
modelled for most keyloggers with very decent
estimate. Regardless of the alterations the keylogger
performs, a typical pattern observed in the
keystroke proceedings in input shall somehow be
reproduced in the I/O action in output. Once the
input then the output are skilful, we can classify
common I/O designs and flag discovery.
Our method completely disregards the gratified of
the then the output data, and emphases wholly on
their distribution. Warning the method to a
measureable analysis allows the aptitude to tool the
detection method with only poor devices, as we will
better exemplify later. The fundamental model
adopted, however, gifts extra tests. First, we must
prudently deal with possible data alterations that
may introduce measureable differences amid the
input and the production patterns.
4. ARCHITECTURE
Our project is based on five dissimilar
mechanisms as portrayed in injector, screen, pattern
translator, sensor, design generator. The working
system at the lowest contracts with the details of
I/O then occasion treatment. The OS Area does not
expose all the details to the higher levels deprived
of using advantaged API calls. As a consequence,
the injector and the screen operate at additional
level of concept, the Stream Domain. At this level,
keystroke events and the bytes production by a
process seem as a stream produced at a specific
rate. The task of the injector is to inject a keystroke
stream to fake the behaviour of a user keying at the
keyboard. Likewise, the monitor annals a stream of
bytes to continually imprisonment the output
behaviour of a specific process. A stream
representation is only worried with the delivery of
keystrokes or bytes produced over a given gap of
observation, deprived of entailing any extra
qualitative info. The injector obtains the input
watercourse from the design translator, which acts
as bond between the Watercourse Area and the
Pattern Domain. Likewise, the screen delivers the
output stream logged to the pattern interpreter for
further analysis. In the Pattern Area, the input
stream and the production stream are both
represented in a additional abstract form, called
Abstract Keystroke Pattern (AKP).
4.1 Injector
The role of the injector is to inject the input
stream into the system, faking the behaviour of a
operator at the console. By project, the injector
must content several supplies. First, it must only
rely on poor API calls. Second, it must be
accomplished of injecting keystrokes at mutable
4. International Journal of Computer Techniques -– Volume 3 Issue 2, Mar-Apr 2016
ISSN :2394-2231 http://www.ijctjournal.org Page 179
rates to competition the delivery of the input
watercourse. Lastly, the subsequent sequence of
keystroke events shaped should be no dissimilar
than those made by a real user. In additional words,
no user-space keylogger should be someway able to
differentiate the two types of proceedings. To
speech all these subjects, we influence the same
method working in automatic testing. On Windows-
based working systems this functionality is if by the
API call keybd_ occasion. In all Unix-like OSes
secondary X11 the same functionality is obtainable
via the API call XTestFake- KeyEvent.
4.2 Monitor
The monitor is accountable to best the
output stream of all the consecutively processes. As
done for the injector, we allow only poor API calls.
In addition, we favour strategies to perform
realtime monitoring with negligible above and the
best level of resolve possible. Lastly, we are
interested in application-level figures of I/O doings,
to avoid dealing with filesystem-level hiding or
other possible nuisances. In specific, the
presentation pawns of each procedure are made
obtainable via the class Win32_Process, which
supports an effectual query-based border. The pawn
Write Transmission Count covers the total number
of bytes printed by the procedure meanwhile its
creation.
4.3 Pattern Translator
The role of the design interpreter is to alter
an AKP into a stream and vice versa, assumed a set
of shape parameters. A design in the AKP
procedure can be modelled as a order of samples
created from a stream tested with a unchanging
time intermission. A example Pi of a design P is
an nonconcrete picture of the amount of keystrokes
produced throughout the period interval i. Apiece
example is stored in a regularised procedure in the
intermission ½0; 1_, anywhere 0 and 1 reproduce
the predefined least and all-out number of
keystrokes in a assumed time intermission. To alter
an input project into a keystroke stream, the design
interpreter reflects the next shape limits: N, the
number of examples in the pattern; T, the
continuous time intermission between any two
consecutive samples; Kmin, the least amount of
keystrokes per example allowed; then Kmax, the
all-out number of keystrokes per example allowed.
4.4 Detector
The attainment of our discovery algorithm
lies in the aptitude to infer a cause-effect
relationship amid the keystroke watercourse
vaccinated in the system and the I/O behavior of a
keylogger procedure, or, more exactly, amid the
own patterns in AKP form. Though one must
inspect every applicant process in the scheme, the
discovery algorithm functions on a single procedure
at a time, classifying whether there is a robust
resemblance between the input design and the
output pattern got from the analysis of the I/O
behavior of the board process. Exactly, given a
predefined input design and an output design of a
specific process, the goal of the discovery algorithm
is to control whether there is a match in the designs
and the target procedure can be recognised as a key
logger with good likelihood. In difference to other
association metrics, the PCC events the forte of a
linear association between two sequence of
samples, disregarding any nonlinear connotation. In
our location, a linear need well approaches the
association amid the input pattern then an output
pattern shaped by a keylogger. The instinct is that a
keylogger can only brand local choices on a
perkeystroke basis with no information around the
global delivery. Thus, in code, the subsequent
behavior will linearly estimated the unique input
stream injected into the system. In detail, the PCC
is resilient to any change in location and scale,
namely no difference can be observed in the
correlation coefficient if every sample Pi of any of
the two patterns is transformed into a _ Pi þ b,
where a and b are arbitrary constants. This is
important for a number of reasons.
5. KEYLOGGER DETECTION
To evaluate the ability to detect real-world
keyloggers, we experimented with all the
keyloggers from the top monitoring free software
list [5], an online repository continuously updated
with reviews and latest developments in the area. In
addition, some of the keyloggers examined included
support for encryption and most of them used
variable-length encoding to store manually installed
each keylogger, launched our detection system for
N _ T ms, and recorded the results; we asserted
successful.
5. International Journal of Computer Techniques -– Volume 3 Issue 2, Mar-Apr 2016
ISSN :2394-2231 http://www.ijctjournal.org Page 180
Another potential issue rises from
keyloggers removal a fixed-format shot on the disk
every time a change of focus is noticed. The header
typically covers the date and the name of the target
application. However, as we intended our discovery
system to change focus at every sample, the header
is red-faced out to disk at each time intermission
along by all the keystrokes injected. As a
consequence, the output pattern checked is just a
location alteration of the sole, with the shift
assumed by size of the header itself. Thanks to the
location invariance stuff, our detection algorithm is
naturally resilient to this alteration.
5.1 False Negatives
In our approach our method, false positives
output design of a keylogger wounds an
unpredictably low PCC value. To test the
robustness of our method against untrue rejections,
we made
numerous trials with our own artificial keylogger.
Our evaluation starts by analyzing the impact of the
amount of examples N and the time interval T on
the final PCC value. For each design generation
algorithm, we plot the PCC slow with our prototype
keylogger which we arranged so that no cushioning
or data alteration was taking place. Figs. 3a and 3b
portray our answers with Kmin ¼ 1 and Kmax ¼
1;000. We detect that once the keylogger logs each
keystroke without presenting delay or extra noise,
the number of examples N does not affect the PCC
value. This behaviour should not propose that N has
no effect on the production of false rejections. Once
noise in the output watercourse is to be predictable,
advanced values of N are indeed wanted to produce
more stable PCC values and evade false rejections.
In difference, Fig. 3b shows that the PCC is
sensitive to low values of the time interval T. The
effect observed is due to the incapability of the
system to absorb all the injected keystrokes for time
intermissions smaller than 450 ms. Fig. 3c, in turn,
shows the influence of Kmin on the PCC (with
Kmax still constant). The consequences settle our
observations in Section 4.4, i.e., that patterns
branded by a low variance hinder the PCC, and thus
a high variability in the inoculation design is
desirable. We now analyze the impact of the all-out
number of keystrokes per time intermission Kmax.
High Kmax values are predictable to increase the
level of erraticism, reduce the quantity of noise, and
induce a more distinct delivery in the output
watercourse of the keylogger. The keystroke
degree, though, is clearly bound by the length of the
time interval T. Fig. 4 portrays the PCC slow with
our example keylogger for N ¼ 30, Kmin ¼ 1, and
RND pattern cohort algorithm. The number reports
very high PCC values for Kmax < 20,480 and T ¼
1;000 ms. This behaviour reflects the incapability
of the system to engross more than Kmax _ 20,480
in the given time intermission. Increasing T is,
however, adequate to allow advanced Kmax values
without significantly impacting the PCC. For
example, with T ¼ 3,500 ms we can dual Kmax
without level-headedly degrading the final PCC
value.
Transformations. First, we tested with a keylogger
using a nontrivial fixed-length indoctrination for
keystrokes. Fig. 5a portrays the consequences for
dissimilar values of padding p with N ¼ 30, Kmin
¼ 1, and Kmax ¼ 1,024. A value of p ¼ 1,024
simulates a keylogger writing 1,024 bytes on the
disk for each eavesdropped keystroke. As discussed
in Section 4.4, the PCC should be unaffected in this
case and presumably exhibit a constant behavior.
The figure confirms this intuition, but displays the
6. International Journal of Computer Techniques -– Volume 3 Issue 2, Mar-Apr 2016
ISSN :2394-2231 http://www.ijctjournal.org Page 181
PCC lessening linearly after p _ 10;000 bytes. This
behavior is due to the limited I/O throughput that
can be achieved within a single time interval.
The behavior observed is very evaluation,
our technique can still handle this class of
keyloggers correctly for reasonable buffer sizes.
Fig. 6 depicts our discovery consequences in
contradiction of a keylogger buffering its output
through a fixed-size buffer. The amount shows the
impact of numerous likely choices of the bumper
size on the final PCC value. We can notice the
pivotal role of Kmax in definitely stating discovery.
For instance, cumulative Kmax to 10,240 is
necessary to achieve sufficiently high PCC values
for the largest plentiful size future. This trial
demonstrates once again that the key to discovery is
persuading the pattern to definitely emerge in the
output distribution, a feat that can be easily
obtained by choosing a highly mutable
immunisation design with low standards for Kmin
and high values for Kmax. We believe these
consequences are hopeful to admit the robustness of
our detection technique in contradiction of false
negatives, even in presence of multifaceted data
transformations.
5.3 False Positives
In our method, false positives may occur
when the output pattern of some kind procedure
unintentionally scores a important PCC value. If the
value happens to be better than the designated
threshold, a false discovery is highlighted.
6 .EVASION AND COUNTERMEASURES
In this section, we speculate on the possible
evasion techniques a keylogger may employment
once our detection plan is prearranged on real
systems.
6.1 Aggressive Buffering
A keylogger may rely on around forms of
violent buffering, for example flushing a very large
buffer every time intermission t, with t being
possibly hours. While our model can possibly
address this scenario, the very large gap of
observation required to collect a drivable amount of
examples would make the following detection
technique irrational. It is important to point out that
such a kerb stems from the appeal of the method
and not from a project flaw in our detection model.
For instance, our model could be practical to
memory access designs instead of I/O designs to
make the resulting discovery technique resistant to
aggressive cushioning. This plan, however, would
require a hardwearing substructure (e.g., virtualized
environment) to monitor thememory accesses, thus
hindering the welfares of a fully poor solution.
6.2 Trigger-Based Behavior
A keylogger may activate the keylogging
activity only in face of specific events, for example
when the user launches a specific request.
Inappropriately, this trigger-based behavior may
successfully evade our detection method. This is
not, however, a shortcoming exact to our method,
but rather a more fundamental kerb common to all
the existing detection techniques based on lively
analysis [17]. While we trust that the problematic of
activating a specific behaviour is orthogonal to our
work and already focus of much ongoing
investigation, we point out that the user can still
mitigate this threat by occasionally re-releasing
detection runs when essential (e.g., every time a
new particularly subtle context is accessed). Since
our technique can vet all the procedures in a single
detection run, we believe this plan can be
realistically used in real-world situations.
6.3 Discrimination Attacks
Imitating the user’s behaviour may
depiction our method to keyloggers talented to tell
artificial then real keystrokes apart. A keylogger
may, for example, ignore any contribution failing to
show known arithmetical properties— e.g., not akin
to the English language. Though, since we switch
the input design, we can prudently make keystroke
scancode sequences displaying the same statistical
properties (e.g., English text) predictable by the
keylogger, and therewith do a separate detection
run thwarting this evasion method. Around the case
of a keylogger disregarding keystrokes when
detecting a high (nonhuman) inoculation rate. This
plan, though, would make the keylogger disposed to
to denial of service: a system obstinately generating
and exfiltrating bogus keystrokes would persuade
this type of keylogger to enduringly disable the
keylogging activity. Recent work proves that
building such a system is feasible in repetition (with
7. International Journal of Computer Techniques -– Volume 3 Issue 2, Mar-Apr 2016
ISSN :2394-2231 http://www.ijctjournal.org Page 182
reasonable overhead) using normal two facilities
[18].
6.4 Decorrelation Attacks
Decor relation attacks effort at breaking the
correlation metric our method relies on. Meanwhile
of all the attacks this is exactly custom-made to
thwarting our method, we hereby suggest a
experiential envisioned to vet the system in case of
negative discovery results. This is the case, for
example, of a keylogger trying to generate I/O noise
in the contextual and lowering the association that
is bound to exist between the pattern of keystrokes
injected I and its own output pattern O. In the
attacker’s ideal case, this interprets to PCCðI;OÞ _
0. To approximate this result in the general case,
however, the attacker must adapt its disbursement
strategy to the pattern cohort algorithm in use, i.e.,
once switching to a new inoculation I0 6¼ I, the
output design should reflect a new delivery O0 6¼
O. The assailant could, for instance, enforce this
property by adapting the noise generation to some
input distributionspecific variable (e.g., the present
keystroke rate). Failure to do so will result in
random noise uncorrelated with the injection, a
scenario which is already touched by our PCCbased
detection technique.
This method, often used to liken time series,
warps sequences in the time measurement to
determine a measure of similarity independent of
nonlinear variations in the time dimensions. To
evaluate our heuristic, we applied two different
keyloggers trying to evade our detection technique.
The first one, K-EXP, uses a similar thread to write
a random amount of bytes which increases
exponentially with the number of keystrokes
already logged to the disk. Since the alteration is
nonlinear, we expect heavily disconcerted PCC
values.
7. RELATED WORK
While ours is the first method to solely rely
on unprivileged mechanisms, several methods have
been recently future to detect privacy-breaching
malware, counting keyloggers. Behaviour-based
spyware detection has been first presented by Kirda
et al. Their approach is custom-made to malicious
Internet Explorer loadable modules. In particular,
modules nursing the user’s activity and disclosing
private data to third parties are highlighted as
malware. Their examination models hateful
behavior in footings of API calls invoked in
response to browser events. Those used by
keyloggers, though, are also usually used by
legitimate programs. Their approach is therefore
prone to false positives, which can only be
mitigated with continuously efficient whitelists.
Other keylogger-specific methods have optional
detecting the use of well-known keystroke
interception APIs. Aslam suggest binary static
analysis to locate the envisioned API calls.
Unfortunately, all these calls are also used by
legitimate requests (e.g., shortcutmanagers) and this
approach is again prone to false positives. push this
method further, specifically targeting Windows-
based working systems.
Earlier to our method is the answer
proposed by Al-Hammadi. Their plan is to model
the keylogging behavior in footings of the number
of API calls issued in the gap of observation. To be
more exact, they observe the frequency of API calls
invoked to 1) intercept keystrokes, 2) script to a
file, and 3) delivery bytes over the network. A
keylogger is detected once two of these incidences
are found to be highly correlated. Since no bogus
proceedings are issued to the system (no injection
of crafted input), the correlation may not be as
strong as predictable. The resulting value would be
even more reduced in case of any delay presented
by the keylogger. Furthermore, since their
inspection is eavesdropped. This evaluates the
impact of numerous conditions. First, the
experiment fakes a keylogger randomly dropping
keystrokes with a certain likelihood.
8. CONCLUSIONS
In this paper, we obtainable an poor black-
box approach for precise discovery of the most
common keyloggers, i.e., user-space keyloggers.
We modeled the behavior of a keylogger by
surgically correlating the input (i.e., the keystrokes)
with the output (i.e., the I/O patterns produced by
the keylogger). Impact of N on the DTW. keystroke
patterns. We then deliberated the problem of
choosing the best input pattern to recover our
detection rate. Then, we presented an
implementation of our detection technique on
8. International Journal of Computer Techniques -– Volume 3 Issue 2, Mar-Apr 2016
ISSN :2394-2231 http://www.ijctjournal.org Page 183
Windows, arguably the most susceptible OS to the
danger of keyloggers. To found an OS-independent
architecture, we also gave application details for
other operating systems. We positively evaluated
our prototype scheme against the most communal
free keyloggers [5], with no false positives and no
untrue negatives reported. Other new results with a
homegrown keylogger demonstrated the
effectiveness of our technique in the general case.
While attacks to our detection method are possible
and have been discussed at length in Section 6, we
believe our approach considerably raises the bar for
protecting the user in contradiction of the danger of
keyloggers.
REFERENCES
[1] T. Holz, M. Engelberth, and F. Freiling, “Learning More About the
Underground Economy: A Case-Study of Keyloggers and Dropzones,”
Proc. 14th European Symp. Research in Computer Security, pp. 1-18,
2009.
[2] San Jose Mercury News, “Kinkois Spyware Case Highlights Risk of
Public Internet Terminals,” http://www.siliconvalley.com/
mld/siliconvalley/news/6359407.htm, 2012.
[3] N. Strahija, “Student Charged After College Computers Hacked,”
http://www.xatrix.org/article2641.html, 2012.
[4] N. Grebennikov, “Keyloggers: How They Work and How to Detect
Them,” http://www.viruslist.com/en/analysis? pubid=204791931, 2012.
[5] Security Technology Ltd., “Testing and Reviews of Keyloggers,
Monitoring Products and Spyware,” http://www.keylogger. org, 2012.
[6] L. Zhuang, F. Zhou, and J.D. Tygar, “Keyboard Acoustic Emanations
Revisited,” ACM Trans. Information and System Security, vol. 13, no.
1, pp. 1-26, 2009.
[7] M. Vuagnoux and S. Pasini, “Compromising Electromagnetic
Emanations of Wired and Wireless Keyboards,” Proc. 18th USENIX
Security Symp., pp. 1-16, 2009.
[8] J. Rutkowska, “Subverting Vista Kernel for Fun and Profit,” Black Hat
Briefings, vol. 5, 2007.
[9] J.L. Rodgers and W.A. Nicewander, “Thirteen Ways to Look at the
Correlation Coefficient,” The Am. Statistician, vol. 42, no. 1, pp. 59-66,
Feb. 1988.
[10] J. Benesty, J. Chen, and Y. Huang, “On the Importance of the Pearson
Correlation Coefficient in Noise Reduction,” IEEE Trans. Audio,
Speech, and Language Processing, vol. 16, no. 4, pp. 757-765, May
2008.
[11] L. Goodwin and N. Leech, “Understanding Correlation: Factors that
Affect the Size of r,” Experimental Education, vol. 74, no. 3,
pp. 249-266, 2006.
[12] J. Aldrich, “Correlations Genuine and Spurious in Pearson and Yule,”
Statistical Science, vol. 10, no. 4, pp. 364-376, 1995.
[13] W. Hsu and A. Smith, “Characteristics of I/O Traffic in Personal
Computer and Server Workloads,” IBM System J., vol. 42, no. 2,
pp. 347-372, 2003.
[14] H.W. Kuhn, “The Hungarian Method for the Assignment Problem,”
Naval Research Logistics Quarterly, vol. 2, pp. 83-9, 1955.
[15] G. Kochenberger, F. Glover, and B. Alidaee, “An Effective Approach
for Solving the Binary Assignment Problem with Side Constraints,”
Information Technology and Decision Making, vol. 1,
pp. 121-129, May 2002.
[16] BAPCO, “SYSmark 2004 SE,” http://www.bapco.com, 2012.
[17] A. Moser, C. Kruegel, and E. Kirda, “Exploring Multiple Execution
Paths for Malware Analysis,” Proc. IEEE 28th Symp. Security and
Privacy, pp. 231-245, May 2007.
[18] S. Ortolani and B. Crispo, “Noisykey: Tolerating Keyloggers via
Keystrokes Hiding,” Proc. Seventh USENIX Workshop Hot Topics in
Security, 2012.