• Title/Summary/Keyword: malicious link

Search Result 25, Processing Time 0.027 seconds

ELPA: Emulation-Based Linked Page Map Analysis for the Detection of Drive-by Download Attacks

  • Choi, Sang-Yong;Kim, Daehyeok;Kim, Yong-Min
    • Journal of Information Processing Systems
    • /
    • v.12 no.3
    • /
    • pp.422-435
    • /
    • 2016
  • Despite the convenience brought by the advances in web and Internet technology, users are increasingly being exposed to the danger of various types of cyber attacks. In particular, recent studies have shown that today's cyber attacks usually occur on the web via malware distribution and the stealing of personal information. A drive-by download is a kind of web-based attack for malware distribution. Researchers have proposed various methods for detecting a drive-by download attack effectively. However, existing methods have limitations against recent evasion techniques, including JavaScript obfuscation, hiding, and dynamic code evaluation. In this paper, we propose an emulation-based malicious webpage detection method. Based on our study on the limitations of the existing methods and the state-of-the-art evasion techniques, we will introduce four features that can detect malware distribution networks and we applied them to the proposed method. Our performance evaluation using a URL scan engine provided by VirusTotal shows that the proposed method detects malicious webpages more precisely than existing solutions.

Trust based Secure Reliable Route Discovery in Wireless Mesh Networks

  • Navmani, TM;Yogesh, P
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.7
    • /
    • pp.3386-3411
    • /
    • 2019
  • Secured and reliable routing is a crucial factor for improving the performance of Wireless Mesh Networks (WMN) since these networks are susceptible to many types of attacks. The existing assumption about the internal nodes in wireless mesh networks is that they cooperate well during the forwarding of packets all the time. However, it is not always true due to the presence of malicious and mistrustful nodes. Hence, it is essential to establish a secure, reliable and stable route between a source node and a destination node in WMN. In this paper, a trust based secure routing algorithm is proposed for enhancing security and reliability of WMN, which contains cross layer and subject logic based reliable reputation scheme with security tag model for providing effective secured routing. This model uses only the trusted nodes with the forwarding reliability of data transmission and it isolates the malicious nodes from the providing path. Moreover, every node in this model is assigned with a security tag that is used for efficient authentication. Thus, by combining authentication, trust and subject logic, the proposed approach is capable of choosing the trusted nodes effectively to participate in forwarding the packets of trustful peer nodes successfully. The simulation results obtained from this work show that the proposed routing protocol provides optimal network performance in terms of security and packet delivery ratio.

Enhancing Security in Mobile IPv6

  • Modares, Hero;Moravejosharieh, Amirhossein;Salleh, Rosli Bin;Lloret, Jaime
    • ETRI Journal
    • /
    • v.36 no.1
    • /
    • pp.51-61
    • /
    • 2014
  • In the Mobile IPv6 (MIPv6) protocol, a mobile node (MN) is a mobile device with a permanent home address (HoA) on its home link. The MN will acquire a care-of address (CoA) when it roams into a foreign link. It then sends a binding update (BU) message to the home agent (HA) and the correspondent node (CN) to inform them of its current CoA so that future data packets destined for its HoA will be forwarded to the CoA. The BU message, however, is vulnerable to different types of security attacks, such as the man-in-the-middle attack, the session hijacking attack, and the denial-of-service attack. The current security protocols in MIPv6 are not able to effectively protect the BU message against these attacks. The private-key-based BU (PKBU) protocol is proposed in this research to overcome the shortcomings of some existing MIPv6 protocols. PKBU incorporates a method to assert the address ownership of the MN, thus allowing the CN to validate that the MN is not a malicious node. The results obtained show that it addresses the security requirements while being able to check the address ownership of the MN. PKBU also incorporates a method to verify the reachability of the MN.

Multi-Agent System for Fault Tolerance in Wireless Sensor Networks

  • Lee, HwaMin;Min, Se Dong;Choi, Min-Hyung;Lee, DaeWon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.3
    • /
    • pp.1321-1332
    • /
    • 2016
  • Wireless sensor networks (WSN) are self-organized networks that typically consist of thousands of low-cost, low-powered sensor nodes. The reliability and availability of WSNs can be affected by faults, including those from radio interference, battery exhaustion, hardware and software failures, communication link errors, malicious attacks, and so on. Thus, we propose a novel multi-agent fault tolerant system for wireless sensor networks. Since a major requirement of WSNs is to reduce energy consumption, we use multi-agent and mobile agent configurations to manage WSNs that provide energy-efficient services. Mobile agent architecture have inherent advantages in that they provide energy awareness, scalability, reliability, and extensibility. Our multi-agent system consists of a resource manager, a fault tolerance manager and a load balancing manager, and we also propose fault-tolerant protocols that use multi-agent and mobile agent setups.

An Authentication Mechanism Based on Clustering Architecture in Mobile Ad Hoc Networks (이동 Ad Hoc 네트워크 환경에서 클러스터링 구조에 기반한 인증 메커니즘)

  • Lee, Tao;Shin, Young-Tae
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2005.05a
    • /
    • pp.1461-1464
    • /
    • 2005
  • In contrast with conventional networks, mobile ad hoc networks usually do not provide online access to trusted authorities or to centralized servers, and they exhibit frequent partitioning due to link and node failures and node mobility. For these reasons, traditional security solutions that require online trusted authorities or certificate repositories, but those are not well-suited for securing ad hoc networks. Moreover, a fundamental issue of securing mobile ad hoc networks is to ensure mobile nodes can authenticate each other. Because of its strength and efficiency, public key and digital signature is an ideal mechanism to construct the authentication service. Although this is already mature in the internet application, providing public key based authentication is still very challenging in mobile ad hoc networks. In this paper I propose a secure public key authentication service based on clustering model and trust model to protect nodes from getting false public keys of the others efficiently when there are malicious nodes in the network.

  • PDF

In order to prevent malicious attacks, physical security control to the virtual security control to link integrated control system design (악의적인 공격을 차단하기 위하여 가상보안관제와 물리보안관제를 연동한 통합관제시스템 설계)

  • Song, Jun-Ho;You, Jae-Hwe;Park, Tae-Sung;Jun, Moon-Seog
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2012.04a
    • /
    • pp.756-758
    • /
    • 2012
  • 클라우드 서비스가 발전됨에 따라 자원공유를 위한 가상머신의 활용도 점차 증진되고 있다. 그러나 이러한 가상머신의 활용으로 인하여 가상 영역에 따른 보안위협이 이슈가 되고 있다. 따라서 본 논문은 가상 영역에 따른 보안위협으로부터 보다 안전하고 유동적인 대처를 하기 위한 시스템을 제안하였다. 해당 시스템은 물리관제센터와 가상관제센터의 연동을 통하여 상호간의 현황을 알 수 있음으로써 가상머신 모니터링, 플랫폼 간 공격연관성 분석 등이 용이하며 자원고갈공격이나 DDoS 공격과 같은 위협으로부터 안전하다. 제안하는 시스템은 향후 클라우드 서비스 운용시 물리영역과 가상영역을 총괄적으로 관리하는 통합관제센터 활용에 적합할 것으로 보인다.

A method for preventing online games hacking using memory monitoring

  • Lee, Chang Seon;Kim, Huy Kang;Won, Hey Rin;Kim, Kyounggon
    • ETRI Journal
    • /
    • v.43 no.1
    • /
    • pp.141-151
    • /
    • 2021
  • Several methods exist for detecting hacking programs operating within online games. However, a significant amount of computational power is required to detect the illegal access of a hacking program in game clients. In this study, we propose a novel detection method that analyzes the protected memory area and the hacking program's process in real time. Our proposed method is composed of a three-step process: the collection of information from each PC, separation of the collected information according to OS and version, and analysis of the separated memory information. As a result, we successfully detect malicious injected dynamic link libraries in the normal memory space.

DEESR: Dynamic Energy Efficient and Secure Routing Protocol for Wireless Sensor Networks in Urban Environments

  • Obaidat, Mohammad S.;Dhurandher, Sanjay K.;Gupta, Deepank;Gupta, Nidhi;Asthana, Anupriya
    • Journal of Information Processing Systems
    • /
    • v.6 no.3
    • /
    • pp.269-294
    • /
    • 2010
  • The interconnection of mobile devices in urban environments can open up a lot of vistas for collaboration and content-based services. This will require setting up of a network in an urban environment which not only provides the necessary services to the user but also ensures that the network is secure and energy efficient. In this paper, we propose a secure, energy efficient dynamic routing protocol for heterogeneous wireless sensor networks in urban environments. A decision is made by every node based on various parameters like longevity, distance, battery power which measure the node and link quality to decide the next hop in the route. This ensures that the total load is distributed evenly while conserving the energy of battery-constrained nodes. The protocol also maintains a trusted population for each node through Dynamic Trust Factor (DTF) which ensures secure communication in the environment by gradually isolating the malicious nodes. The results obtained show that the proposed protocol when compared with another energy efficient protocol (MMBCR) and a widely accepted protocol (DSR) gives far better results in terms of energy efficiency. Similarly, it also outdoes a secure protocol (QDV) when it comes to detecting malicious nodes in the network.

A Reputation based Cooperative Routing Scheme for End-to-End Reliable Communications in Multi-hop Wireless Networks (다중 홉 무선 네트워크에서 종단 간 신뢰성 통신을 위한 평판 기반의 협력적 라우팅 기법)

  • Kim, Tae-Hoon;Tak, Sung-Woo
    • Journal of Korea Multimedia Society
    • /
    • v.12 no.11
    • /
    • pp.1593-1608
    • /
    • 2009
  • If a certain relay node in multi-hop wireless networks might become a malicious node that does not cooperate with other nodes or a selfish node, network throughput will be dramatically decreased. Most of existing ad hoc routing protocols assuming that the nodes will fully cooperate with other nodes do not resolve the problem of network performance degradation due to malicious and selfish nodes. This paper presents the CARE (Cooperative Ad hoc routing protocol based REputation) scheme incorporating the reputation management that can achieve a multi-hop wireless network with high throughput performance. The proposed scheme provides the horizontal cross-layer approach which can identify misbehaving malicious, selfish nodes dropped out of the hop-by-hop based packet processing in the network and then set up an optimal packet routing path that will detour misbehaving nodes. And the vertical cross-layer approach contained in the CARE scheme attempts to improve the quality of routing paths by exploiting the quality of link information received from the MAC layer. Besides, it provides high TCP throughput by exploiting the reputation values of nodes acquired from the network layer into the transport layer. A case study on experiments and simulations shows that the CARE scheme incorporating vertical and horizontal cross-layer approaches yields better performance in terms of the low rate of packet loss, fast average packet delivery time, and high TCP throughput between end-to-end nodes.

  • PDF

Security Clustering Algorithm Based on Integrated Trust Value for Unmanned Aerial Vehicles Network

  • Zhou, Jingxian;Wang, Zengqi
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.4
    • /
    • pp.1773-1795
    • /
    • 2020
  • Unmanned aerial vehicles (UAVs) network are a very vibrant research area nowadays. They have many military and civil applications. Limited bandwidth, the high mobility and secure communication of micro UAVs represent their three main problems. In this paper, we try to address these problems by means of secure clustering, and a security clustering algorithm based on integrated trust value for UAVs network is proposed. First, an improved the k-means++ algorithm is presented to determine the optimal number of clusters by the network bandwidth parameter, which ensures the optimal use of network bandwidth. Second, we considered variables representing the link expiration time to improve node clustering, and used the integrated trust value to rapidly detect malicious nodes and establish a head list. Node clustering reduce impact of high mobility and head list enhance the security of clustering algorithm. Finally, combined the remaining energy ratio, relative mobility, and the relative degrees of the nodes to select the best cluster head. The results of a simulation showed that the proposed clustering algorithm incurred a smaller computational load and higher network security.