JPJ1451 Optimal Distributed Malware Defense in Mobile Networks with Heteroge...chennaijp
We are good IEEE java projects development center in Chennai and Pondicherry. We guided advanced java technologies projects of cloud computing, data mining, Secure Computing, Networking, Parallel & Distributed Systems, Mobile Computing and Service Computing (Web Service).
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/java-projects/
An optimal distributed malware defense system for mobile networks with hetero...Shakas Technologie
This document discusses an optimal distributed malware defense system for mobile networks with heterogeneous devices. It proposes a system that can defend against both MMS-based and proximity malware propagation by optimally distributing malware signatures. A centralized greedy algorithm provides the optimal solution, which a distributed encounter-based algorithm using Metropolis sampler aims to achieve. The distributed algorithm relies only on local information and opportunistic contacts, and simulations show it achieves the optimal solution efficiently in realistic environments.
Malware is pervasive in networks, and poses a critical threat to network security. However, we have very limited understanding of malware behavior in networks to date.
The document presents a two-layer epidemic model for analyzing malware propagation in large-scale networks. The model calculates how many networks have been compromised over time based on the susceptible-infected model, and then calculates how many hosts within each compromised network have been infected. Theoretical analysis of the model finds that malware distribution follows an exponential distribution early on, a power law distribution with a short exponential tail later, and a pure power law distribution finally. Experiments on real-world Android and Conficker malware datasets confirm these theoretical findings. The two-layer model provides a better representation of malware propagation in large-scale networks compared to traditional single-layer epidemic models.
For further details contact:
N.RAJASEKARAN B.E M.S 9841091117,9840103301.
IMPULSE TECHNOLOGIES,
Old No 251, New No 304,
2nd Floor,
Arcot road ,
Vadapalani ,
Chennai-26.
www.impulse.net.in
Email: ieeeprojects@yahoo.com/ imbpulse@gmail.com
Secure and Reliable Data Transmission in Generalized E-MailIJERA Editor
Email is a basic service for computer users, while email malware poses critical security threats. The technique of email-borne malware will be highly effective. Email malware focuses on modeling the propagation dynamics which is a fundamental technique for developing countermeasures to reduce email malware’s spreading speed and prevalence. Modern email malware exhibits two new features, reinjection and self-start. Reinjection is an infected user sends out malware copies whenever this user visits the malicious hyperlinks or attachments. Self-start refers to the behavior that malware starts to spread whenever compromised computers restart or certain files are visited. For address this problem, to derive a novel difference equation based analytical model by introducing a new concept of virtual dirty user. Propose a new analytical model to enhanced OLSR protocol which is a trust based technique to secure the OLSR nodes against the attack. The proposed solution called EOLSR is an enhancement of the basic OLSR routing protocol, which will be able to detect the presence of malicious nodes in the network.
This paper presents a compartmental model to analyze the spread of malware in decentralized peer-to-peer networks like Gnutella. The model derives the network conditions needed to reach an equilibrium where malware is eliminated and evaluates control strategies such as quarantining nodes to curb the spread of malware. The model is also extended to study how malware can spread from peer-to-peer networks to networks of smart cell phones.
JPJ1451 Optimal Distributed Malware Defense in Mobile Networks with Heteroge...chennaijp
We are good IEEE java projects development center in Chennai and Pondicherry. We guided advanced java technologies projects of cloud computing, data mining, Secure Computing, Networking, Parallel & Distributed Systems, Mobile Computing and Service Computing (Web Service).
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/java-projects/
An optimal distributed malware defense system for mobile networks with hetero...Shakas Technologie
This document discusses an optimal distributed malware defense system for mobile networks with heterogeneous devices. It proposes a system that can defend against both MMS-based and proximity malware propagation by optimally distributing malware signatures. A centralized greedy algorithm provides the optimal solution, which a distributed encounter-based algorithm using Metropolis sampler aims to achieve. The distributed algorithm relies only on local information and opportunistic contacts, and simulations show it achieves the optimal solution efficiently in realistic environments.
Malware is pervasive in networks, and poses a critical threat to network security. However, we have very limited understanding of malware behavior in networks to date.
The document presents a two-layer epidemic model for analyzing malware propagation in large-scale networks. The model calculates how many networks have been compromised over time based on the susceptible-infected model, and then calculates how many hosts within each compromised network have been infected. Theoretical analysis of the model finds that malware distribution follows an exponential distribution early on, a power law distribution with a short exponential tail later, and a pure power law distribution finally. Experiments on real-world Android and Conficker malware datasets confirm these theoretical findings. The two-layer model provides a better representation of malware propagation in large-scale networks compared to traditional single-layer epidemic models.
For further details contact:
N.RAJASEKARAN B.E M.S 9841091117,9840103301.
IMPULSE TECHNOLOGIES,
Old No 251, New No 304,
2nd Floor,
Arcot road ,
Vadapalani ,
Chennai-26.
www.impulse.net.in
Email: ieeeprojects@yahoo.com/ imbpulse@gmail.com
Secure and Reliable Data Transmission in Generalized E-MailIJERA Editor
Email is a basic service for computer users, while email malware poses critical security threats. The technique of email-borne malware will be highly effective. Email malware focuses on modeling the propagation dynamics which is a fundamental technique for developing countermeasures to reduce email malware’s spreading speed and prevalence. Modern email malware exhibits two new features, reinjection and self-start. Reinjection is an infected user sends out malware copies whenever this user visits the malicious hyperlinks or attachments. Self-start refers to the behavior that malware starts to spread whenever compromised computers restart or certain files are visited. For address this problem, to derive a novel difference equation based analytical model by introducing a new concept of virtual dirty user. Propose a new analytical model to enhanced OLSR protocol which is a trust based technique to secure the OLSR nodes against the attack. The proposed solution called EOLSR is an enhancement of the basic OLSR routing protocol, which will be able to detect the presence of malicious nodes in the network.
This paper presents a compartmental model to analyze the spread of malware in decentralized peer-to-peer networks like Gnutella. The model derives the network conditions needed to reach an equilibrium where malware is eliminated and evaluates control strategies such as quarantining nodes to curb the spread of malware. The model is also extended to study how malware can spread from peer-to-peer networks to networks of smart cell phones.
Modeling and restraining of mobile virus propagationPranav Pinarayi
This document discusses modeling and restraining mobile virus propagation. It presents a two-layer network model to simulate mobile virus propagation, with a geographical network of cell towers and a logical social network. Simulation results show that SMS-based virus propagation is affected by message delivery latency and failure rates, while Bluetooth-based spread depends on user mobility patterns. The document also describes countermeasures like pre-immunizing highly connected phones and disseminating patches to restrain propagation.
A framework to detect novel computer viruses via system callsUltraUploader
This document describes a framework for detecting email viruses based on system calls. It involves injecting DLLs to monitor and log system calls from an email client. The framework includes a training period where it is exposed to known viruses to derive malicious system calls, which are stored in a database. Normal email usage is also tested to identify unique virus-related system calls. This allows detection of new viruses based on abnormal system calls, without needing pre-existing virus signatures.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
This paper proposes and analyzes a general stochastic model of multivirus spreading dynamics in networks. Existing studies mainly focus on single viruses, but this model considers multiple viruses that may compete or cooperate as they spread. The model provides analytical results to understand conditions for virus extinction, impacts when viruses can "rob" each other, and epidemic characteristics when viruses are equally powerful. Insights from this model can guide network security defense strategies.
Detection and Prevention of Attacks in Wireless Sensor Networks: A Surveydbpublications
Wireless sensor networks will use a communication channel which is insecure and have a poor infrastructure. Wireless sensor networks consists of spatially distributed autonomous devices and using sensors they monitor the physical as well as the environmental conditions, such as pressure, temperature, sound at different locations. As the nodes in the sensor network are deployed in the hostile locations they are vulnerable to the attacks such as Hello flood attack, Jamming, Wormhole, Sybil, Sinkhole attack. These types of potential threats to network are continuously evolving and requires measures to detect and prevent. In this paper, we discuss about Sybil and Wormhole attacks with schemes to detect and prevent these attacks.
WSN security faces many challenges due to limited sensor resources and operating in hostile environments. It requires high security levels to protect sensitive data while maintaining energy efficiency. However, current research has not fully addressed the conflict between security and limited resources. WSNs are vulnerable to various attacks like jamming, eavesdropping, and false routing. Providing security introduces additional processing and power demands on sensors. Many open research problems remain in developing scalable and dynamic security solutions for wireless sensor networks.
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONIJNSA Journal
This document discusses a proposal to develop a new distributed Internet simulator to study large-scale network events like distributed denial-of-service (DDoS) attacks and worm propagation. Existing network simulators have limited scalability and lack realistic Internet models. The proposed simulator would have a built-in Internet topology model and customizeable modules to simulate specific events while cutting down on unnecessary details. It aims to make large-scale network simulation more accessible to researchers and improve the realism of simulations compared to simplified models currently used. The simulator could help study defenses against problems like IP spoofing, DDoS attacks, and worms.
REPLICATION ATTACK MITIGATIONS FOR STATIC AND MOBILE WSNIJNSA Journal
Security is important for many sensor network applications. Wireless Sensor Networks (WSN) are often deployed in hostile environments as static or mobile, where an adversary can physically capture some of the nodes. once a node is captured, adversary collects all the credentials like keys and identity etc. the attacker can re-program it and replicate the node in order to eavesdrop the transmitted messages or compromise the functionality of the network. Identity theft leads to two types attack: clone and sybil. In particularly a harmful attack against sensor networks where one or more node(s) illegitimately claims an identity as replicas is known as the node replication attack. The replication attack can be exceedingly injurious to many important functions of the sensor network such as routing, resource llocation, misbehavior detection, etc. This paper analyzes the threat posed by the replication attack and several novel techniques to detect and defend against the replication attack, and analyzes their effectiveness in both static and mobile WSN.
Application of hardware accelerated extensible network nodes for internet wor...UltraUploader
This document proposes a hardware-accelerated system that uses field-programmable gate arrays (FPGAs) to actively detect and block internet worms and viruses at multi-gigabit speeds. It scans packet payloads in real-time to search for signatures of malicious software and can dynamically reconfigure to detect new threats. The system is designed to be incrementally deployed throughout the internet to quarantine infections locally and limit global spread. It aims to provide faster and more effective protection than software-based solutions by processing packet content directly in network hardware.
@@@Rf8 polymorphic worm detection using structural infor (control flow gra...zeinabmovasaghinia
This paper presents a technique for detecting polymorphic worms by analyzing the structural properties of executable code in network flows. The technique generates fingerprints based on identifying common subgraphs in the control flow graphs (CFGs) of executable regions, rather than comparing byte strings. This makes the fingerprints more robust against code modifications aimed at evading signature-based detection. The technique satisfies properties of uniqueness, robustness to code insertions/deletions, and partial robustness to code modifications, allowing it to correlate variations of the same polymorphic worm in different network flows. A prototype system is implemented to evaluate the technique.
Self-propagating malware (e.g., an Internet worm) exploits security loopholes in software to infect servers and then use them to scan the Internet for more vulnerable servers. While the mechanisms of worm infection and their propagation models are well understood, defense against worms remains an open problem. One branch of defense research investigates the behavioral difference between worm-infected hosts and normal hosts to set them apart. One particular observation is that a worm-infected host, which scans the Internet with randomly selected addresses, has a much higher connection-failure rate than a normal host. Rate-limit algorithms have been proposed to control the spread of worms by traffic shaping based on connection failure rate. However, these rate-limit algorithms can work properly only if it is possible to measure failure rates of individual hosts efficiently and accurately. This paper points out a serious problem in the prior method. To address this problem, we first propose a solution based on a highly efficient double-bitmap data structure, which places only a small memory footprint on the routers, while providing good measurement of connection failure rates whose accuracy can be tuned by system parameters. Furthermore, we propose another solution based on shared register array data structure, achieving better memory efficiency and much larger estimation range than our double-bitmap solution.
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Vampire attacks draining life from w...IEEEGLOBALSOFTTECHNOLOGIES
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
Modeling & automated containment of worms(synopsis)Mumbai Academisc
This document proposes a model for characterizing the propagation of Internet worms using a branching process model. It develops this model for uniform scanning worms and extends it to preference scanning worms. This model leads to the development of an automatic worm containment strategy that limits the total number of IP addresses contacted per host. The strategy is shown to effectively contain uniform and preference scanning worms through simulations and analysis, while having minimal impact on normal network operations.
This document describes a system for detecting denial-of-service (DoS) attacks based on multivariate correlation analysis (MCA). The system generates normal traffic profiles using MCA to analyze legitimate training records. It then measures the dissimilarity between live traffic and normal profiles using Mahalanobis distance, flagging records above a threshold as potential attacks. If a record's distance exceeds the threshold, it is identified as a DoS attack. The system is intended to accurately detect both known and unknown DoS attacks compared to existing detection methods.
Modeling and Containment of Uniform Scanning WormsIOSR Journals
This document presents a branching process model for characterizing the propagation of uniform scanning worms on the Internet. The model models both the inter-host and intra-host spreading of worms. It then describes an automatic worm containment strategy that aims to contain uniform scanning worms by detecting infected machines through scanning and deleting worm files. The model and containment strategy are validated through simulations. The document concludes by discussing modeling topology-aware worms and designing containment mechanisms for them.
This document discusses worms in local area networks and proposes a new approach to detect and stop worm attacks. It begins by describing how worms can quickly spread and take control of all systems in a LAN. The proposed approach detects worms by analyzing where they typically copy themselves and using Snort rules to identify infectious packets flowing between systems. It then provides background on common worms and how they spread. The document outlines the proposed model and discusses how it would detect worms either by their copying locations or infectious packet contents.
This paper proposes an automated approach called "content sifting" to quickly detect new worms/viruses based on common exploit sequences and spreading behavior. The approach analyzes network traffic to identify strings that recur frequently across many sources and destinations. The authors developed a prototype system called Earlybird that implemented this approach and was able to automatically detect and generate signatures for existing worms as well as new worms before public disclosure. Earlybird demonstrated the potential for fully automated defenses against even unknown "zero-day" outbreaks.
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516Yasser Mohammed
This document discusses how three cyber threats - targeted attacks, system exploits, and data theft - are transforming incident response. It provides three case studies:
1) Operation Aurora targeted Google and other companies through a multi-stage attack using custom malware. Cyberforensics tools could have helped identify compromised systems and collect evidence.
2) The Zeus botnet exploits systems by infecting them and forwarding login credentials. Regular scans using cyberforensics tools can establish a baseline and detect any anomalies to address risks.
3) Data loss or theft of regulated/sensitive data from laptops or compromised websites can result in lost revenue and reputation damage. Cyberforensics tools can help find and wipe such data from unauthorized
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
The word "malware" is a shorthand version of the phrase "malicious software," and it encompasses all types of software created with the intent of causing harm. ... can infect a computer in multiple ways and can have a variety of effects. Viruses have a wide range of effects, from complete destruction of all information ... at the moment there are no viruses that may cause damage to the hardware, ...
This document summarizes key aspects of hard disk drive technology. It discusses how disk drives have evolved from early magnetic drums and tapes to become standard components in modern computers. It describes how Winchester disk drives use sealed enclosures and aerodynamic sliders to allow heads to fly just micro-inches above disks. The document outlines trends in disk drive capacity, form factor, and recording density. These trends involve innovations like magnetoresistive heads and PRML channels that allow for higher areal densities and capacities by improving read/write functions. The goal is to achieve 1 gigabit per square inch areal density by 2000 through advances in media, heads, and other technologies.
Modeling and restraining of mobile virus propagationPranav Pinarayi
This document discusses modeling and restraining mobile virus propagation. It presents a two-layer network model to simulate mobile virus propagation, with a geographical network of cell towers and a logical social network. Simulation results show that SMS-based virus propagation is affected by message delivery latency and failure rates, while Bluetooth-based spread depends on user mobility patterns. The document also describes countermeasures like pre-immunizing highly connected phones and disseminating patches to restrain propagation.
A framework to detect novel computer viruses via system callsUltraUploader
This document describes a framework for detecting email viruses based on system calls. It involves injecting DLLs to monitor and log system calls from an email client. The framework includes a training period where it is exposed to known viruses to derive malicious system calls, which are stored in a database. Normal email usage is also tested to identify unique virus-related system calls. This allows detection of new viruses based on abnormal system calls, without needing pre-existing virus signatures.
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
This paper proposes and analyzes a general stochastic model of multivirus spreading dynamics in networks. Existing studies mainly focus on single viruses, but this model considers multiple viruses that may compete or cooperate as they spread. The model provides analytical results to understand conditions for virus extinction, impacts when viruses can "rob" each other, and epidemic characteristics when viruses are equally powerful. Insights from this model can guide network security defense strategies.
Detection and Prevention of Attacks in Wireless Sensor Networks: A Surveydbpublications
Wireless sensor networks will use a communication channel which is insecure and have a poor infrastructure. Wireless sensor networks consists of spatially distributed autonomous devices and using sensors they monitor the physical as well as the environmental conditions, such as pressure, temperature, sound at different locations. As the nodes in the sensor network are deployed in the hostile locations they are vulnerable to the attacks such as Hello flood attack, Jamming, Wormhole, Sybil, Sinkhole attack. These types of potential threats to network are continuously evolving and requires measures to detect and prevent. In this paper, we discuss about Sybil and Wormhole attacks with schemes to detect and prevent these attacks.
WSN security faces many challenges due to limited sensor resources and operating in hostile environments. It requires high security levels to protect sensitive data while maintaining energy efficiency. However, current research has not fully addressed the conflict between security and limited resources. WSNs are vulnerable to various attacks like jamming, eavesdropping, and false routing. Providing security introduces additional processing and power demands on sensors. Many open research problems remain in developing scalable and dynamic security solutions for wireless sensor networks.
CONTROLLING IP FALSIFYING USING REALISTIC SIMULATIONIJNSA Journal
This document discusses a proposal to develop a new distributed Internet simulator to study large-scale network events like distributed denial-of-service (DDoS) attacks and worm propagation. Existing network simulators have limited scalability and lack realistic Internet models. The proposed simulator would have a built-in Internet topology model and customizeable modules to simulate specific events while cutting down on unnecessary details. It aims to make large-scale network simulation more accessible to researchers and improve the realism of simulations compared to simplified models currently used. The simulator could help study defenses against problems like IP spoofing, DDoS attacks, and worms.
REPLICATION ATTACK MITIGATIONS FOR STATIC AND MOBILE WSNIJNSA Journal
Security is important for many sensor network applications. Wireless Sensor Networks (WSN) are often deployed in hostile environments as static or mobile, where an adversary can physically capture some of the nodes. once a node is captured, adversary collects all the credentials like keys and identity etc. the attacker can re-program it and replicate the node in order to eavesdrop the transmitted messages or compromise the functionality of the network. Identity theft leads to two types attack: clone and sybil. In particularly a harmful attack against sensor networks where one or more node(s) illegitimately claims an identity as replicas is known as the node replication attack. The replication attack can be exceedingly injurious to many important functions of the sensor network such as routing, resource llocation, misbehavior detection, etc. This paper analyzes the threat posed by the replication attack and several novel techniques to detect and defend against the replication attack, and analyzes their effectiveness in both static and mobile WSN.
Application of hardware accelerated extensible network nodes for internet wor...UltraUploader
This document proposes a hardware-accelerated system that uses field-programmable gate arrays (FPGAs) to actively detect and block internet worms and viruses at multi-gigabit speeds. It scans packet payloads in real-time to search for signatures of malicious software and can dynamically reconfigure to detect new threats. The system is designed to be incrementally deployed throughout the internet to quarantine infections locally and limit global spread. It aims to provide faster and more effective protection than software-based solutions by processing packet content directly in network hardware.
@@@Rf8 polymorphic worm detection using structural infor (control flow gra...zeinabmovasaghinia
This paper presents a technique for detecting polymorphic worms by analyzing the structural properties of executable code in network flows. The technique generates fingerprints based on identifying common subgraphs in the control flow graphs (CFGs) of executable regions, rather than comparing byte strings. This makes the fingerprints more robust against code modifications aimed at evading signature-based detection. The technique satisfies properties of uniqueness, robustness to code insertions/deletions, and partial robustness to code modifications, allowing it to correlate variations of the same polymorphic worm in different network flows. A prototype system is implemented to evaluate the technique.
Self-propagating malware (e.g., an Internet worm) exploits security loopholes in software to infect servers and then use them to scan the Internet for more vulnerable servers. While the mechanisms of worm infection and their propagation models are well understood, defense against worms remains an open problem. One branch of defense research investigates the behavioral difference between worm-infected hosts and normal hosts to set them apart. One particular observation is that a worm-infected host, which scans the Internet with randomly selected addresses, has a much higher connection-failure rate than a normal host. Rate-limit algorithms have been proposed to control the spread of worms by traffic shaping based on connection failure rate. However, these rate-limit algorithms can work properly only if it is possible to measure failure rates of individual hosts efficiently and accurately. This paper points out a serious problem in the prior method. To address this problem, we first propose a solution based on a highly efficient double-bitmap data structure, which places only a small memory footprint on the routers, while providing good measurement of connection failure rates whose accuracy can be tuned by system parameters. Furthermore, we propose another solution based on shared register array data structure, achieving better memory efficiency and much larger estimation range than our double-bitmap solution.
DOTNET 2013 IEEE MOBILECOMPUTING PROJECT Vampire attacks draining life from w...IEEEGLOBALSOFTTECHNOLOGIES
To Get any Project for CSE, IT ECE, EEE Contact Me @ 09849539085, 09966235788 or mail us - ieeefinalsemprojects@gmail.com-Visit Our Website: www.finalyearprojects.org
Modeling & automated containment of worms(synopsis)Mumbai Academisc
This document proposes a model for characterizing the propagation of Internet worms using a branching process model. It develops this model for uniform scanning worms and extends it to preference scanning worms. This model leads to the development of an automatic worm containment strategy that limits the total number of IP addresses contacted per host. The strategy is shown to effectively contain uniform and preference scanning worms through simulations and analysis, while having minimal impact on normal network operations.
This document describes a system for detecting denial-of-service (DoS) attacks based on multivariate correlation analysis (MCA). The system generates normal traffic profiles using MCA to analyze legitimate training records. It then measures the dissimilarity between live traffic and normal profiles using Mahalanobis distance, flagging records above a threshold as potential attacks. If a record's distance exceeds the threshold, it is identified as a DoS attack. The system is intended to accurately detect both known and unknown DoS attacks compared to existing detection methods.
Modeling and Containment of Uniform Scanning WormsIOSR Journals
This document presents a branching process model for characterizing the propagation of uniform scanning worms on the Internet. The model models both the inter-host and intra-host spreading of worms. It then describes an automatic worm containment strategy that aims to contain uniform scanning worms by detecting infected machines through scanning and deleting worm files. The model and containment strategy are validated through simulations. The document concludes by discussing modeling topology-aware worms and designing containment mechanisms for them.
This document discusses worms in local area networks and proposes a new approach to detect and stop worm attacks. It begins by describing how worms can quickly spread and take control of all systems in a LAN. The proposed approach detects worms by analyzing where they typically copy themselves and using Snort rules to identify infectious packets flowing between systems. It then provides background on common worms and how they spread. The document outlines the proposed model and discusses how it would detect worms either by their copying locations or infectious packet contents.
This paper proposes an automated approach called "content sifting" to quickly detect new worms/viruses based on common exploit sequences and spreading behavior. The approach analyzes network traffic to identify strings that recur frequently across many sources and destinations. The authors developed a prototype system called Earlybird that implemented this approach and was able to automatically detect and generate signatures for existing worms as well as new worms before public disclosure. Earlybird demonstrated the potential for fully automated defenses against even unknown "zero-day" outbreaks.
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516Yasser Mohammed
This document discusses how three cyber threats - targeted attacks, system exploits, and data theft - are transforming incident response. It provides three case studies:
1) Operation Aurora targeted Google and other companies through a multi-stage attack using custom malware. Cyberforensics tools could have helped identify compromised systems and collect evidence.
2) The Zeus botnet exploits systems by infecting them and forwarding login credentials. Regular scans using cyberforensics tools can establish a baseline and detect any anomalies to address risks.
3) Data loss or theft of regulated/sensitive data from laptops or compromised websites can result in lost revenue and reputation damage. Cyberforensics tools can help find and wipe such data from unauthorized
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
The word "malware" is a shorthand version of the phrase "malicious software," and it encompasses all types of software created with the intent of causing harm. ... can infect a computer in multiple ways and can have a variety of effects. Viruses have a wide range of effects, from complete destruction of all information ... at the moment there are no viruses that may cause damage to the hardware, ...
This document summarizes key aspects of hard disk drive technology. It discusses how disk drives have evolved from early magnetic drums and tapes to become standard components in modern computers. It describes how Winchester disk drives use sealed enclosures and aerodynamic sliders to allow heads to fly just micro-inches above disks. The document outlines trends in disk drive capacity, form factor, and recording density. These trends involve innovations like magnetoresistive heads and PRML channels that allow for higher areal densities and capacities by improving read/write functions. The goal is to achieve 1 gigabit per square inch areal density by 2000 through advances in media, heads, and other technologies.
This document discusses computer viruses and worms. It defines viruses and worms, noting that viruses replicate by attaching to programs while worms use network security holes to spread. Examples of major viruses and worms are provided, like Melissa, I Love You, and Code Red. Symptoms of infection and protection measures are outlined, emphasizing the importance of antivirus software, patches, firewalls, and backups.
This document contains a list of IEEE titles from 2014 related to cloud computing, data mining, secure computing, networking, and mobile computing. There are a total of 54 titles listed under cloud computing, 38 under data mining, 15 under secure computing, 29 under networking, and 14 under mobile computing. The titles provide information on research related to privacy, security, efficiency, and other aspects of these computing domains.
An Antivirus API for Android Malware Recognition Fraunhofer AISEC
In this talk, given at the 8th International Conference on Malicious and Unwanted Software (MALWARE 2013), researchers from Fraunhofer AISEC present their paper "An Antivirus API for Android Malware Recognition".
The proposed API, if added to the main Android distribution or to third-party distributions such as Cyanogenmod, would significantly increase the effectiveness that antivirus software can achieve on Android. Currently, antivirus software on Android is very limited in its capabilities and very easy to circumvent for malware, as demonstrated by our previous work -> http://ais.ec/techreport - ON THE EFFECTIVENESS OF MALWARE PROTECTION ON ANDROID,
AN EVALUATION OF ANDROID ANTIVIRUS APPS by Rafael Fedler. These platform-based antivirus shortcomings are addressed by the paper presented in this talk.
As soluções da NetWitness capturam todos os dados que circulam na rede e os contextualizam, filtrando o que pode ser crítico ou não. O usuario pode ver quem está indo aonde e vendo o quê.
Artificial Intelligence in Virus Detection & Recognitionahmadali999
Heuristic scanning is a method for virus detection and recognition that uses metaheuristics like pattern matching, automatic learning, and environment emulation. It examines program behaviors and characteristics to recognize potential threats without specific knowledge of their code or structure. While heuristic scanning can detect new threats, it risks false positives by flagging innocent programs. Continued development focuses on improving accuracy through techniques like automatic learning from non-infected machines.
Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis SystemTamas K Lengyel
The document describes DRAKVUF, a dynamic malware analysis system that aims to improve scalability, fidelity, and stealthiness. It uses Xen virtualization and memory monitoring techniques like EPT to analyze malware behavior in a monitored virtual environment without the malware's knowledge. An evaluation analyzed 1000 malware samples, found key data only existed in memory, and showed throughput could be improved with memory deduplication. The system helps address issues with analyzing large malware sets but challenges remain like handling stalled code.
Malware Collection and Analysis via Hardware VirtualizationTamas K Lengyel
This document outlines a system for collecting and analyzing malware using hardware virtualization. It discusses using virtualization to meet requirements of scalability, stealth, isolation and fidelity. The system captures over 115,000 malware samples and monitors their system calls and kernel heap allocations. It identifies limitations in using virtualization for analysis and contributions of the work in developing prototypes and identifying requirements that must be addressed. Future work areas are discussed, such as dealing with evolving malware techniques and hardware.
The document discusses the purpose and components of a feasibility study for a proposed IT system. A feasibility study evaluates the costs and benefits to determine if a project should proceed. It assesses technical feasibility by evaluating hardware, software, and technology requirements. It also considers operational feasibility by examining human, organizational, and political factors. Additionally, it analyzes economic feasibility by identifying one-time and recurring costs and determining if the benefits outweigh the costs. The feasibility study helps a steering committee decide whether a proposed system is viable.
X-ware: a proof of concept malware utilizing artificial intelligenceIJECEIAES
Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threat’s characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virus’s behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virus’s behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures.
This document proposes algorithms for distributing malware signatures across mobile devices to optimize detection and recovery from infections. It describes a greedy algorithm that selects signatures to maximize a "system welfare" metric accounting for individual device utilities. It also describes an encounter-based distributed algorithm where devices exchange signatures opportunistically. Simulation results show the distributed algorithm approaches the performance of the greedy algorithm over time under different mobility models. The goal is to minimize the number of infected devices by optimally distributing signatures across a network of helpers considering device and malware heterogeneity.
AN ISP BASED NOTIFICATION AND DETECTION SYSTEM TO MAXIMIZE EFFICIENCY OF CLIE...IJNSA Journal
End users are increasingly vulnerable to attacks directed at web browsers which make the most of popularity of today’s web services. While organizations deploy several layers of security to protect their systems and data against unauthorised access, surveys reveal that a large fraction of end users do not utilize and/or are not familiar with any security tools. End users’ hesitation and unfamiliarity with security products contribute vastly to the number of online DDoS attacks, malware and Spam distribution. This work on progress paper proposes a design focused on the notion of increased participation of internet service providers in protecting end users. The proposed design takes advantage of three different detection tools to identify the maliciousness of a website content and alerts users through utilising Internet Content Adaptation Protocol (ICAP) by an In-Browser cross-platform messaging system. The system also incorporates the users’ online behaviour analysis to minimize the scanning intervals of malicious websites database by client honeypots. Findings from our proof of concept design and other research indicate that such a design can provide a reliable hybrid detection mechanism while introducing low delay time into user browsing experience.
The Next Generation Cognitive Security Operations Center: Adaptive Analytic L...Konstantinos Demertzis
The document discusses a proposed Next Generation Cognitive Computing Security Operations Center (NGC2SOC) that uses a novel intelligence driven cognitive computing framework called the λ-Architecture Network Flow Forensics Framework (λ-NF3). The λ-NF3 implements a Lambda machine learning architecture to analyze both batch and streaming network data using two computational intelligence algorithms - an Extreme Learning Machine neural network and a Self-Adjusting Memory k-Nearest Neighbors classifier. It aims to provide fully automated network traffic analysis, malware detection, and encrypted traffic identification for efficient defense against adversarial attacks without relying on human expertise.
This document proposes an email worm vaccine architecture that uses behavior-based anomaly detection to intercept incoming emails and scan attachments in virtual machines to detect malicious software. The system includes a virtual machine cluster to open attachments safely, a host-based intrusion detection system to monitor for dangerous behaviors, and an email-aware mail transfer agent to classify messages and communicate with the detection system. The implementation demonstrates detecting malware using parallel virtual machines while maintaining a low false positive rate.
Network security involves implementing multiple layers of defenses to protect a network from threats. It includes technologies like firewalls, antivirus software, and intrusion detection systems to manage access and detect malware and exploits. As networks increasingly face hacking threats, strong network security tools are essential for organizations to protect their systems, data, and reputation. Network security strategies aim to authorize only legitimate users while blocking malicious actors from harming the network.
The document describes a network worm vaccine architecture that aims to automatically patch vulnerable software in response to worm infections. The key components are sensors to detect infection attempts, an analysis engine to identify vulnerabilities and generate patches, and a sandboxed environment to test patches. Patches are generated using techniques like buffer relocation, code randomization, or removing unused functionality. The goal is to quickly react to attacks without human intervention through automated vulnerability identification and "good enough" patch generation until comprehensive security updates can be deployed. The approach seeks to counter known attack classes like buffer overflows and could be deployed across multiple cooperating organizations.
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
In this security insight brief, 21CT researchers look at the malicious network behaviors that concern organizations the most, and how to use security analytics to find them before damage is done. Understanding these 12 indicators of compromise are critical to identifying a network breach.
The above PPT contains the following content:
1. SPREADING OF VIRUS
2. ANAMNESIS (CASE STUDIES)
3. CURRENT STATUS OF MOBILE MALWARE
4. PROTECTIVE MEASURES
5. THREATS OF MOBILE PHONE
6. CONCLUSION
The detailed PROTECTIVE MEASURES are given in the above PPT.
Intrusion Detection against DDoS Attack in WiMAX Network by Artificial Immune...Editor IJCATR
IEEE 802.16, known as WiMax, is at the top of communication technology because it is gaining a great position in the wireless networks. In this paper, an intrusion detection system for DDOS attacks diagnosis is proposed, inspired by artificial immune system. Since the detection unit on all subscriber stations in the network is WIMAX, proposed system is a fully distributed system. A risk theory is used for antigens detection in attack time. The proposed system decreases the attack effects and increases network performance. Results of simulation show that the proposed system improves negative selection time, detection Precision, and ability to identify new attacks compared to the similar algorithm.
Data Mining For Intrusion Detection in Mobile SystemsIOSR Journals
This document discusses using data mining techniques for intrusion detection in mobile systems. It proposes a network-based approach that removes processing overhead from mobile phones. An application on the phone collects user data and sends it to a remote server, where a previously trained neural network classifier analyzes the logs and detects abnormalities. The method was shown to detect intrusions at a 95% rate while outperforming existing mobile intrusion detection methods. It reduces processing on phones while effectively detecting intrusions in mobile networks and systems.
Abstract: The exponential growth of the internet and new technology lead today's world in a hectic situation both positive as well as the negative module. Cybercriminals gamble in the dark net using numerous techniques. This leads to cybercrime. Cyber threats like Malware attempt to infiltrate the computer or mobile device offline or internet, chat(online), and anyone can be a potential target. Malware is also known as malicious software is often used by cybercriminals to achieve their goal by tracking internet activity, capturing sensitive information, or blocking computer access. Reverse engineering is one of the best ways to prevent and is a powerful tool to keep the fight against cyber attacks. Most people in the cyber world see it as a black hat—It is said as being used to steal data and intellectual property. But when it is in the hands of cybersecurity experts, reverse engineering dons the white hat of the hero. Looking at the program from the outside in –often by a third party that had no hand in writing the code. It allows those who practice it to understand how a given program or system works when no source code is available. Reverse engineering accomplishing several tasks related to cybersecurity: finding system vulnerabilities, researching malware &analyzing the complexity of restoring core software algorithms that can further protect against theft. It is hard to hack certain software.
Keywords: Malware, threat, vulnerablity, detection, reverse engineering, analysis.
Title: Malware analysis and detection using reverse Engineering
Author: B.Rashmitha, J. Alwina Beauty Angelin, E.R. Ramesh
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Vol. 10, Issue 2, Month: April 2022 - June 2022
Page: (1-4)
Published Date: 01-April-2022
Research Publish Journals
Available at: www.researchpublish.com
You can Direct download full research paper at given below link:
https://www.researchpublish.com/papers/malware-analysis-and-detection-using-reverse-engineering
Academia Link: https://www.academia.edu/76069664/Malware_analysis_and_detection_using_reverse_Engineering_Available_at_www_researchpublish_com_journal_name_International_Journal_of_Computer_Science_and_Information_Technology_Research
This document summarizes a research paper that proposes and analyzes a stochastic model of multivirus spreading dynamics on networks. The model considers the spreading of multiple viruses that may compete on infected computers. It aims to understand the sufficient conditions for viruses to die out, how "robbery" between viruses impacts dynamics, and characteristics with equally powerful viruses. The analytical results reveal insights into the relationship between defense capabilities and network connectivity that can guide security practices.
Malware Risk Analysis on the Campus Network with Bayesian Belief NetworkIJNSA Journal
This document discusses using a Bayesian Belief Network (BBN) to analyze malware risk on a university campus network. It begins by introducing the campus network monitoring tools and SIR epidemiological model used to model malware propagation. It then provides background on BBN principles, including defining nodes, conditional probabilities, and using the network to compute joint probabilities. The document proposes applying a BBN to assess malware prevalence risk by relating threat, vulnerability, and cost impact on network assets. It aims to provide understandable risk assessments to inform decision making.
Malware Risk Analysis on the Campus Network with Bayesian Belief NetworkIJNSA Journal
A security network management system is for providing clear guidelines on risk evaluation and assessment for enterprise networks. The threat and risk assessment is conducted to safeguard enterprise network services to maintain system confidentiality, integrity, and availability through effective control strategies. In this paper, based on our previous work in analyzing integrated information security management and malware propagation on the campus network through mathematical modelling, we proposed Bayesian Belief Network with inference level indicator to enable the decision maker to understand and provide appropriate mitigation decisions on the risks posed. We experimentally placed monitoring sensors on the campus network that gives the threat alert priority levels and magnitude on the vulnerable information assets. These methods will give a direction on the belief inferred due to malware prevalence on the information security assets for better understanding.
Virus detection based on virus throttle technologyAhmed Muzammil
In the Internet age, virus epidemics are getting worse than before, making the networks slow, computers slow, suspending mission critical operations and so on.
In this paper, a new technique for virus detection based on virus throttle technology is presented. This technique allows detecting attacks on networks within seconds of possible virus affection.
The special feature of this technology is that its virus detection algorithm is based on the network behavior of the virus and not on identification of virus code. So it is possible to detect even unknown viruses without any signature updates.
Intrusion Detection System Using Self Organizing Map AlgorithmsEditor IJCATR
This document presents a study on using self-organizing map (SOM) algorithms for intrusion detection systems. The study explores using SOM, an artificial neural network technique, to map high-dimensional network traffic data onto a 2D space to detect anomalies and network attacks. The authors describe the SOM algorithm and evaluate its performance on detecting different types of attacks in a test data set with an accuracy of 50.07% and a false positive rate of 0.06%. The study demonstrates the potential of SOM for building intrusion detection systems capable of handling complex network traffic data.
Image morphing has been the subject of much attention in recent years. It has proven to be a powerful visual effects tool
in film and television, depicting the fluid transformation of one digital image into another. This paper reviews the growth of this field
and describes recent advances in image morphing in terms of three areas: feature specification, warp generation methods, and
transition control. These areas relate to the ease of use and quality of results. We will describe the role of radial basis functions, thin
plate splines, energy minimization, and multilevel free-form deformations in advancing the state-of-the-art in image morphing. A
comparison of various techniques for morphing one digital image in to another is made. We will compare various morphing techniques
such as Feature based image morphing, Mesh and Thin Plate Splines based image morphing based on different attributes such as
Computational Time, Visual Quality of Morphs obtained and Complexity involved in Selection of features. We will demonstrate the
pros and cons of various techniques so as to allow the user to make an informed decision to suit his particular needs. Recent work on a
generalized framework for morphing among multiple images will be described.
Intrusion Detection System Using Self Organizing Map AlgorithmsEditor IJCATR
With the rapid expansion of computer usage and computer network the security of the computer system has became very
important. Every day new kind of attacks are being faced by industries. Many methods have been proposed for the development of
intrusion detection system using artificial intelligence technique. In this paper we will have a look at an algorithm based on neural
networks that are suitable for Intrusion Detection Systems (IDS). The name of this algorithm is "Self Organizing Maps" (SOM). So
far, many different methods have been used to build a detector that Wide variety of different ways in the covers. Among the methods
used to detect attacks in intrusion detection is done, In this paper we investigate the Self-Organizing Map method.
Similar to optimal distributed malware defense in mobile networks with heterogeneous devices (20)
web service recommendation via exploiting location and qo s informationswathi78
This document proposes a novel collaborative filtering-based web service recommender system to help users select services with optimal quality of service (QoS) performance. The recommender system employs location information and QoS values to cluster users and services, and makes personalized recommendations. It achieves considerable improvement in recommendation accuracy compared to existing methods. Comprehensive experiments using over 1.5 million QoS records from real-world web services demonstrate the effectiveness of the approach.
secure data retrieval for decentralized disruption-tolerant military networksswathi78
The document proposes a secure data retrieval scheme using ciphertext-policy attribute-based encryption (CP-ABE) for decentralized disruption-tolerant military networks. Existing CP-ABE schemes have challenges including attribute revocation, key escrow, and coordination of attributes from different authorities. The proposed scheme addresses these by enabling immediate attribute revocation, defining access policies over attributes from multiple authorities, and resolving the key escrow problem through an escrow-free key issuing protocol. This allows encryptors to define access policies and securely share encrypted data in disruption-tolerant military networks.
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Sinan KOZAK
Sinan from the Delivery Hero mobile infrastructure engineering team shares a deep dive into performance acceleration with Gradle build cache optimizations. Sinan shares their journey into solving complex build-cache problems that affect Gradle builds. By understanding the challenges and solutions found in our journey, we aim to demonstrate the possibilities for faster builds. The case study reveals how overlapping outputs and cache misconfigurations led to significant increases in build times, especially as the project scaled up with numerous modules using Paparazzi tests. The journey from diagnosing to defeating cache issues offers invaluable lessons on maintaining cache integrity without sacrificing functionality.
ACEP Magazine edition 4th launched on 05.06.2024Rahul
This document provides information about the third edition of the magazine "Sthapatya" published by the Association of Civil Engineers (Practicing) Aurangabad. It includes messages from current and past presidents of ACEP, memories and photos from past ACEP events, information on life time achievement awards given by ACEP, and a technical article on concrete maintenance, repairs and strengthening. The document highlights activities of ACEP and provides a technical educational article for members.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsVictor Morales
K8sGPT is a tool that analyzes and diagnoses Kubernetes clusters. This presentation was used to share the requirements and dependencies to deploy K8sGPT in a local environment.
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesChristina Lin
Traditionally, dealing with real-time data pipelines has involved significant overhead, even for straightforward tasks like data transformation or masking. However, in this talk, we’ll venture into the dynamic realm of WebAssembly (WASM) and discover how it can revolutionize the creation of stateless streaming pipelines within a Kafka (Redpanda) broker. These pipelines are adept at managing low-latency, high-data-volume scenarios.
Advanced control scheme of doubly fed induction generator for wind turbine us...IJECEIAES
This paper describes a speed control device for generating electrical energy on an electricity network based on the doubly fed induction generator (DFIG) used for wind power conversion systems. At first, a double-fed induction generator model was constructed. A control law is formulated to govern the flow of energy between the stator of a DFIG and the energy network using three types of controllers: proportional integral (PI), sliding mode controller (SMC) and second order sliding mode controller (SOSMC). Their different results in terms of power reference tracking, reaction to unexpected speed fluctuations, sensitivity to perturbations, and resilience against machine parameter alterations are compared. MATLAB/Simulink was used to conduct the simulations for the preceding study. Multiple simulations have shown very satisfying results, and the investigations demonstrate the efficacy and power-enhancing capabilities of the suggested control system.
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTjpsjournal1
The rivalry between prominent international actors for dominance over Central Asia's hydrocarbon
reserves and the ancient silk trade route, along with China's diplomatic endeavours in the area, has been
referred to as the "New Great Game." This research centres on the power struggle, considering
geopolitical, geostrategic, and geoeconomic variables. Topics including trade, political hegemony, oil
politics, and conventional and nontraditional security are all explored and explained by the researcher.
Using Mackinder's Heartland, Spykman Rimland, and Hegemonic Stability theories, examines China's role
in Central Asia. This study adheres to the empirical epistemological method and has taken care of
objectivity. This study analyze primary and secondary research documents critically to elaborate role of
china’s geo economic outreach in central Asian countries and its future prospect. China is thriving in trade,
pipeline politics, and winning states, according to this study, thanks to important instruments like the
Shanghai Cooperation Organisation and the Belt and Road Economic Initiative. According to this study,
China is seeing significant success in commerce, pipeline politics, and gaining influence on other
governments. This success may be attributed to the effective utilisation of key tools such as the Shanghai
Cooperation Organisation and the Belt and Road Economic Initiative.
optimal distributed malware defense in mobile networks with heterogeneous devices
1. Optimal Distributed Malware Defense in Mobile Networks with Heterogeneous Devices
Optimal Distributed Malware Defense in Mobile Networks with
Heterogeneous Devices
As malware attacks become more frequently in mobile networks, deploying an efficient defense
system to protect against infection and to help the infected nodes to recover is important to
prevent serious spreading and outbreaks. The technical challenges are that mobile devices are
heterogeneous in terms of operating systems, the malware infects the targeted system in any
opportunistic fashion via local and global connectivity, while the to-be-deployed defense system
on the other hand would be usually resource limited. In this paper, we investigate the problem of
how to optimally distribute the content-based signatures of malware, which helps to detect the
corresponding malware and disable further propagation, to minimize the number of infected
nodes. We model the defense system with realistic assumptions addressing all the above
challenges that have not been addressed in previous analytical work. Based on the framework of
optimizing the system welfare utility, which is the weighted summation of individual utility
depending on the final number of infected nodes through the signature allocation, we propose an
encounter-based distributed algorithm based on Metropolis sampler. Through theoretical analysis
and simulations with both synthetic and realistic mobility traces, we show that the distributed
algorithm achieves the optimal solution, and performs efficiently in realistic environments.
Mobile malware can propagate through two different dominant approaches. Via MMS, a
malware may send a copy of itself to all devices whose numbers are found in the address book of
the infected handset. This kind of malware propagates in the social graph formed by the address
books, and can spread very quickly without geographical limitations.
The other approach is to use the short-range wireless media such as Bluetooth to infect the
devices in proximity as “proximity malware.”
Recent work of Wang et al. has investigated the proximity malware propagation features, and
finds that it spreads slowly because of the human mobility, which offers ample opportunities to
Contact: 9703109334, 9533694296
ABSTRACT:
EXISTING SYSTEM:
Email id: academicliveprojects@gmail.com, www.logicsystems.org.in
2. Optimal Distributed Malware Defense in Mobile Networks with Heterogeneous Devices
deploy the defense system. However, the approach for efficiently deploying such a system is still
an ongoing research problem.
DISADVANTAGES OF EXISTING SYSTEM:
There is a problem for optimal signature distribution to defend mobile networks
against the propagation of both proximity and MMS-based malware.
The existing system offers only protection against only one attack at a time.
To Design a defense system for both MMS and proximity malware. Our research
problem is to deploy an efficient defense system to help infected nodes to recover and
prevent healthy nodes from further infection.
We formulate the optimal signature distribution problem with the consideration of the
heterogeneity of mobile devices and malware, and the limited resources of the defense
system. Moreover, our formulated model is suitable for both the MMS and proximity
malware propagation.
We give a centralized greedy algorithm for the signature distribution problem. We prove
that the proposed greedy algorithm obtains the optimal solution for the system, which
provides the benchmark solution for our distributed algorithm design.
We propose an encounter-based distributed algorithm to disseminate the malware
signatures using Metropolis sampler. It only relies on local information and opportunistic
contacts.
ADVANTAGES OF PROPOSED SYSTEM:
The system provides optimal signature distribution to defend mobile networks against the
propagation of both proximity and MMS-based malware.
Contact: 9703109334, 9533694296
PROPOSED SYSTEM:
Email id: academicliveprojects@gmail.com, www.logicsystems.org.in
3. Optimal Distributed Malware Defense in Mobile Networks with Heterogeneous Devices
The proposed system offers protection against both MMS based attack and Bluetooth
based attack at the same time.
SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:
System : Pentium IV 2.4 GHz.
Hard Disk : 40 GB.
Floppy Drive : 1.44 Mb.
Monitor : 15 VGA Colour.
Mouse : Logitech.
Ram : 512 Mb.
SOFTWARE REQUIREMENTS:
Operating system : Windows XP/7.
Coding Language : JAVA/J2EE
IDE : Netbeans 7.4
Database : MYSQL
Ong Li, Member, IEEE, Pan Hui, Member, IEEE, Depeng Jin, Member, IEEE, Li Su, and
Lieguang Zeng, Member, IEEE. ”Optimal Distributed Malware Defense in Mobile Networks
with Heterogeneous Devices”. IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL.
13, NO. 2, FEBRUARY 2014
Contact: 9703109334, 9533694296
REFERENCE:
Email id: academicliveprojects@gmail.com, www.logicsystems.org.in
4. Optimal Distributed Malware Defense in Mobile Networks with Heterogeneous Devices
Contact: 9703109334, 9533694296
Email id: academicliveprojects@gmail.com, www.logicsystems.org.in