• Title/Summary/Keyword: Malicious attacks

Search Result 453, Processing Time 0.026 seconds

Handling Malicious Flooding Attacks through Enhancement of Packet Processing Technique in Mobile Ad Hoc Networks

  • Kim, Hyo-Jin;Chitti, Ramachandra Bhargav;Song, Joo-Seok
    • Journal of Information Processing Systems
    • /
    • v.7 no.1
    • /
    • pp.137-150
    • /
    • 2011
  • Mobile ad hoc networks are expected to be widely used in the near future. However, they are susceptible to various security threats because of their inherent characteristics. Malicious flooding attacks are one of the fatal attacks on mobile ad hoc networks. These attacks can severely clog an entire network, as a result of clogging the victim node. If collaborative multiple attacks are conducted, it becomes more difficult to prevent. To defend against these attacks, we propose a novel defense mechanism in mobile ad hoc networks. The proposed scheme enhances the amount of legitimate packet processing at each node. The simulation results show that the proposed scheme also improves the end-to-end packet delivery ratio.

A Study on Email Security through Proactive Detection and Prevention of Malware Email Attacks (악성 이메일 공격의 사전 탐지 및 차단을 통한 이메일 보안에 관한 연구)

  • Yoo, Ji-Hyun
    • Journal of IKEEE
    • /
    • v.25 no.4
    • /
    • pp.672-678
    • /
    • 2021
  • New malware continues to increase and become advanced by every year. Although various studies are going on executable files to diagnose malicious codes, it is difficult to detect attacks that internalize malicious code threats in emails by exploiting non-executable document files, malicious URLs, and malicious macros and JS in documents. In this paper, we introduce a method of analyzing malicious code for email security through proactive detection and blocking of malicious email attacks, and propose a method for determining whether a non-executable document file is malicious based on AI. Among various algorithms, an efficient machine learning modeling is choosed, and an ML workflow system to diagnose malicious code using Kubeflow is proposed.

A Two level Detection of Routing layer attacks in Hierarchical Wireless Sensor Networks using learning based energy prediction

  • Katiravan, Jeevaa;N, Duraipandian;N, Dharini
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.11
    • /
    • pp.4644-4661
    • /
    • 2015
  • Wireless sensor networks are often organized in the form of clusters leading to the new framework of WSN called cluster or hierarchical WSN where each cluster head is responsible for its own cluster and its members. These hierarchical WSN are prone to various routing layer attacks such as Black hole, Gray hole, Sybil, Wormhole, Flooding etc. These routing layer attacks try to spoof, falsify or drop the packets during the packet routing process. They may even flood the network with unwanted data packets. If one cluster head is captured and made malicious, the entire cluster member nodes beneath the cluster get affected. On the other hand if the cluster member nodes are malicious, due to the broadcast wireless communication between all the source nodes it can disrupt the entire cluster functions. Thereby a scheme which can detect both the malicious cluster member and cluster head is the current need. Abnormal energy consumption of nodes is used to identify the malicious activity. To serve this purpose a learning based energy prediction algorithm is proposed. Thus a two level energy prediction based intrusion detection scheme to detect the malicious cluster head and cluster member is proposed and simulations were carried out using NS2-Mannasim framework. Simulation results achieved good detection ratio and less false positive.

A Study of Countermeasures for Advanced Persistent Threats attacks by malicious code (악성코드의 유입경로 및 지능형 지속 공격에 대한 대응 방안)

  • Gu, MiSug;Li, YongZhen
    • Journal of Convergence Society for SMB
    • /
    • v.5 no.4
    • /
    • pp.37-42
    • /
    • 2015
  • Due to the advance of ICT, a variety of attacks have been developing and active. Recently, APT attacks using malicious codes have frequently occurred. Advanced Persistent Threat means that a hacker makes different security threats to attack a certain network of a company or an organization. Exploiting malicious codes or weaknesses, the hacker occupies an insider's PC of the company or the organization and accesses a server or a database through the PC to collect secrets or to destroy them. The paper suggested a countermeasure to cope with APT attacks through an APT attack process. It sought a countermeasure to delay the time to attack taken by the hacker and suggested the countermeasure able to detect and remove APT attacks.

  • PDF

Research on countermeasures against malicious file upload attacks (악성 파일 업로드 공격 대응방안 연구)

  • Kim, Taekyung
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.16 no.2
    • /
    • pp.53-59
    • /
    • 2020
  • Malicious file upload attacks mean that the attacker to upload or transfer files of dangerous types that can be automatically processed within the web server's environment. Uploaded file content can include exploits, malware and malicious scripts. An attacker can user malicious content to manipulate the application behavior. As a method of detecting a malicious file upload attack, it is generally used to find a file type by detecting a file extension or a signature of the file. However, this type of file type detection has the disadvantage that it can not detect files that are not encoded with a specific program, such as PHP files. Therefore, in this paper, research was conducted on how to detect and block any program by using essential commands or variable names used in the corresponding program when writing a specific program. The performance evaluation results show that it detected specific files effectively using the suggested method.

FIR Filter for Defense Mechanism against Malicious Cyber Attacks (악의적 사이버 공격을 무력화하기 위한 FIR 필터에 관한 연구)

  • Lee, Sang-Su;Kim, Kwan-Soo;Kang, Hyun-Ho;You, Sung-Hyun;Lee, Dhong-Hun;Lee, Dong-Kyu;Kim, Young-Eun;Ahn, Choon-Ki
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2018.10a
    • /
    • pp.438-441
    • /
    • 2018
  • In this paper, we propose a finite impulse response (FIR) filter under malicious cyber attacks. The FIR filter shows the robust performance against the malicious cyber attacks. The Kalman filter (KF), one of the widely used filters, is introduced as a comparison of robust performance of the proposed method. The robust performance of the proposed method under malicious cyber attacks is demonstrated through experimental results.

Design and Implementation of Malicious Application Detection System Using Event Aggregation on Android based Mobile Devices (안드로이드 모바일 단말에서의 이벤트 수집을 통한 악성 앱 탐지 시스템 설계 및 구현)

  • Ham, You Joung;Lee, Hyung-Woo
    • Journal of Internet Computing and Services
    • /
    • v.14 no.3
    • /
    • pp.35-46
    • /
    • 2013
  • As mobile terminal environment gets matured, the use of Android platform based mobile terminals has been growing high. Recently, the number of attacks by malicious application is also increasing as Android platform is vulnerable to private information leakage in nature. Most of these malicious applications are easily distributed to general users through open market or internet and an attacker inserts malicious code into malicious app which could be harmful tool to steal private data and banking data such as SMS, contacts list, and public key certificate to a remote server. To cope with these security threats more actively, it is necessary to develop countermeasure system that enables to detect security vulnerability existing in mobile device and take an appropriate action to protect the system against malicious attacks. In this sense, this paper aggregates diverse system events from multiple mobile devices and also implements a system to detect attacks by malicious application.

Inducing Harmful Speech in Large Language Models through Korean Malicious Prompt Injection Attacks (한국어 악성 프롬프트 주입 공격을 통한 거대 언어 모델의 유해 표현 유도)

  • Ji-Min Suh;Jin-Woo Kim
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.34 no.3
    • /
    • pp.451-461
    • /
    • 2024
  • Recently, various AI chatbots based on large language models have been released. Chatbots have the advantage of providing users with quick and easy information through interactive prompts, making them useful in various fields such as question answering, writing, and programming. However, a vulnerability in chatbots called "prompt injection attacks" has been proposed. This attack involves injecting instructions into the chatbot to violate predefined guidelines. Such attacks can be critical as they may lead to the leakage of confidential information within large language models or trigger other malicious activities. However, the vulnerability of Korean prompts has not been adequately validated. Therefore, in this paper, we aim to generate malicious Korean prompts and perform attacks on the popular chatbot to analyze their feasibility. To achieve this, we propose a system that automatically generates malicious Korean prompts by analyzing existing prompt injection attacks. Specifically, we focus on generating malicious prompts that induce harmful expressions from large language models and validate their effectiveness in practice.

Improving Malicious Web Code Classification with Sequence by Machine Learning

  • Paik, Incheon
    • IEIE Transactions on Smart Processing and Computing
    • /
    • v.3 no.5
    • /
    • pp.319-324
    • /
    • 2014
  • Web applications make life more convenient. Many web applications have several kinds of user input (e.g. personal information, a user's comment of commercial goods, etc.) for the activities. On the other hand, there are a range of vulnerabilities in the input functions of Web applications. Malicious actions can be attempted using the free accessibility of many web applications. Attacks by the exploitation of these input vulnerabilities can be achieved by injecting malicious web code; it enables one to perform a variety of illegal actions, such as SQL Injection Attacks (SQLIAs) and Cross Site Scripting (XSS). These actions come down to theft, replacing personal information, or phishing. The existing solutions use a parser for the code, are limited to fixed and very small patterns, and are difficult to adapt to variations. A machine learning method can give leverage to cover a far broader range of malicious web code and is easy to adapt to variations and changes. Therefore, this paper suggests the adaptable classification of malicious web code by machine learning approaches for detecting the exploitation user inputs. The approach usually identifies the "looks-like malicious" code for real malicious code. More detailed classification using sequence information is also introduced. The precision for the "looks-like malicious code" is 99% and for the precise classification with sequence is 90%.

Design and Implementation of Verification System for Malicious URL and Modified APK File on Cloud Platform (클라우드 플랫폼을 이용한 악성 URL 및 수정된 APK 파일 검증 시스템 설계 및 구현)

  • Je, Seolah;Nguyen, Vu Long;Jung, Souhwan
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.26 no.4
    • /
    • pp.921-928
    • /
    • 2016
  • Over the past few years, Smishing attacks such as malicious url and malicious application have been emerged as a major problem in South Korea since it caused big problems such as leakage of personal information and financial loss. Users are susceptible to Smishing attacks due to the fact that text message may contain curios content. Because of that reason, user could follow the url, download and install malicious APK file without any doubt or verification process. However currently Anti-Smishing App that adopted post-processing method is difficult to respond quickly. Users need a system that can determine whether the modification of the APK file and malicious url in real time because the Smishing can cause financial damage. This paper present the cloud-based system for verifying malicious url and malicious APK file in user device to prevent secondary damage such as smishing attacks and privacy information leakage.