Biblio

Found 324 results

Filters: Keyword is Computer crime  [Clear All Filters]
2020-02-17
Hadar, Ethan, Hassanzadeh, Amin.  2019.  Big Data Analytics on Cyber Attack Graphs for Prioritizing Agile Security Requirements. 2019 IEEE 27th International Requirements Engineering Conference (RE). :330–339.
In enterprise environments, the amount of managed assets and vulnerabilities that can be exploited is staggering. Hackers' lateral movements between such assets generate a complex big data graph, that contains potential hacking paths. In this vision paper, we enumerate risk-reduction security requirements in large scale environments, then present the Agile Security methodology and technologies for detection, modeling, and constant prioritization of security requirements, agile style. Agile Security models different types of security requirements into the context of an attack graph, containing business process targets and critical assets identification, configuration items, and possible impacts of cyber-attacks. By simulating and analyzing virtual adversary attack paths toward cardinal assets, Agile Security examines the business impact on business processes and prioritizes surgical requirements. Thus, handling these requirements backlog that are constantly evaluated as an outcome of employing Agile Security, gradually increases system hardening, reduces business risks and informs the IT service desk or Security Operation Center what remediation action to perform next. Once remediated, Agile Security constantly recomputes residual risk, assessing risk increase by threat intelligence or infrastructure changes versus defender's remediation actions in order to drive overall attack surface reduction.
2020-02-10
Zhang, Jiemin, Mao, Jian, Liu, Jinming, Tang, Zhi, Gu, Zhiling, Liu, Yongmei.  2019.  Cloud-based Multi-core Architecture against DNS Attacks. 2019 14th International Conference on Computer Science Education (ICCSE). :391–393.
The domain name resolution system provides support service for website visits as the basic service of the Internet. With the increase of DNS attacks, it has brought copious challenges to network security. The paper studies on the key defense technologies against DNS attacks based on the DNS principle. The multi-core customized to the DNS is adopted to analyze hardware kernel, while AI algorithms being realized for malicious flow cleaning and intelligent routing running on the cloud system established specifically for DNS. The designed DNS intelligent cloud system can provide high-efficiency domain name resolution in practice, while ensuring the network security.
2019-12-18
Essaid, Meryam, Kim, DaeYong, Maeng, Soo Hoon, Park, Sejin, Ju, Hong Taek.  2019.  A Collaborative DDoS Mitigation Solution Based on Ethereum Smart Contract and RNN-LSTM. 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS). :1–6.
Recently Distributed Denial-of-Service (DDoS) are becoming more and more sophisticated, which makes the existing defence systems not capable of tolerating by themselves against wide-ranging attacks. Thus, collaborative protection mitigation has become a needed alternative to extend defence mechanisms. However, the existing coordinated DDoS mitigation approaches either they require a complex configuration or are highly-priced. Blockchain technology offers a solution that reduces the complexity of signalling DDoS system, as well as a platform where many autonomous systems (Ass) can share hardware resources and defence capabilities for an effective DDoS defence. In this work, we also used a Deep learning DDoS detection system; we identify individual DDoS attack class and also define whether the incoming traffic is legitimate or attack. By classifying the attack traffic flow separately, our proposed mitigation technique could deny only the specific traffic causing the attack, instead of blocking all the traffic coming towards the victim(s).
2020-02-17
Skopik, Florian, Filip, Stefan.  2019.  Design principles for national cyber security sensor networks: Lessons learned from small-scale demonstrators. 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1–8.
The timely exchange of information on new threats and vulnerabilities has become a cornerstone of effective cyber defence in recent years. Especially national authorities increasingly assume their role as information brokers through national cyber security centres and distribute warnings on new attack vectors and vital recommendations on how to mitigate them. Although many of these initiatives are effective to some degree, they also suffer from severe limitations. Many steps in the exchange process require extensive human involvement to manually review, vet, enrich, analyse and distribute security information. Some countries have therefore started to adopt distributed cyber security sensor networks to enable the automatic collection, analysis and preparation of security data and thus effectively overcome limiting scalability factors. The basic idea of IoC-centric cyber security sensor networks is that the national authorities distribute Indicators of Compromise (IoCs) to organizations and receive sightings in return. This effectively helps them to estimate the spreading of malware, anticipate further trends of spreading and derive vital findings for decision makers. While this application case seems quite simple, there are some tough questions to be answered in advance, which steer the further design decisions: How much can the monitored organization be trusted to be a partner in the search for malware? How much control of the scanning process should be delegated to the organization? What is the right level of search depth? How to deal with confidential indicators? What can be derived from encrypted traffic? How are new indicators distributed, prioritized, and scan targets selected in a scalable manner? What is a good strategy to re-schedule scans to derive meaningful data on trends, such as rate of spreading? This paper suggests a blueprint for a sensor network and raises related questions, outlines design principles, and discusses lessons learned from small-scale pilots.
2020-01-20
Wang, Ti, Ma, Hui, Zhou, Yongbin, Zhang, Rui, Song, Zishuai.  2019.  Fully Accountable Data Sharing for Pay-As-You-Go Cloud Scenes. IEEE Transactions on Dependable and Secure Computing. :1–1.
Many enterprises and individuals prefer to outsource data to public cloud via various pricing approaches. One of the most widely-used approaches is the pay-as-you-go model, where the data owner hires public cloud to share data with data consumers, and only pays for the actually consumed services. To realize controllable and secure data sharing, ciphertext-policy attribute-based encryption (CP-ABE) is a suitable solution, which can provide fine-grained access control and encryption functionalities simultaneously. But there are some serious challenges when applying CP-ABE in pay-as-you-go. Firstly, the decryption cost in ABE is too heavy for data consumers. Secondly, ABE ciphertexts probably suffer distributed denial of services (DDoS) attacks, but there is no solution that can eliminate the security risk. At last, the data owner should audit resource consumption to guarantee the transparency of charge, while the existing method is inefficient. In this work, we propose a general construction named fully accountable ABE (FA-ABE), which simultaneously solves all the challenges by supporting all-sided accountability in the pay-as-you-go model. We formally define the security model and prove the security in the standard model. Also, we implement an instantiate construction with the self-developed library libabe. The experiment results indicate the efficiency and practicality of our construction.
2020-01-27
Zhang, Naiji, Jaafar, Fehmi, Malik, Yasir.  2019.  Low-Rate DoS Attack Detection Using PSD Based Entropy and Machine Learning. 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :59–62.
The Distributed Denial of Service attack is one of the most common attacks and it is hard to mitigate, however, it has become more difficult while dealing with the Low-rate DoS (LDoS) attacks. The LDoS exploits the vulnerability of TCP congestion-control mechanism by sending malicious traffic at the low constant rate and influence the victim machine. Recently, machine learning approaches are applied to detect the complex DDoS attacks and improve the efficiency and robustness of the intrusion detection system. In this research, the algorithm is designed to balance the detection rate and its efficiency. The detection algorithm combines the Power Spectral Density (PSD) entropy function and Support Vector Machine to detect LDoS traffic from normal traffic. In our solution, the detection rate and efficiency are adjustable based on the parameter in the decision algorithm. To have high efficiency, the detection method will always detect the attacks by calculating PSD-entropy first and compare it with the two adaptive thresholds. The thresholds can efficiently filter nearly 19% of the samples with a high detection rate. To minimize the computational cost and look only for the patterns that are most relevant for detection, Support Vector Machine based machine learning model is applied to learn the traffic pattern and select appropriate features for detection algorithm. The experimental results show that the proposed approach can detect 99.19% of the LDoS attacks and has an O (n log n) time complexity in the best case.
2020-02-17
Asadi, Nima, Rege, Aunshul, Obradovic, Zoran.  2019.  Pattern Discovery in Intrusion Chains and Adversarial Movement. 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA). :1–4.
Capturing the patterns in adversarial movement can present crucial insight into team dynamics and organization of cybercrimes. This information can be used for additional assessment and comparison of decision making approaches during cyberattacks. In this study, we propose a data-driven analysis based on time series analysis and social networks to identify patterns and alterations in time allocated to intrusion stages and adversarial movements. The results of this analysis on two case studies of collegiate cybersecurity exercises is provided as well as an analytical comparison of their behavioral trends and characteristics. This paper presents preliminary insight into complexities of individual and group level adversarial movement and decision-making as cyberattacks unfold.
2020-03-16
Ullah, Faheem, Ali Babar, M..  2019.  QuickAdapt: Scalable Adaptation for Big Data Cyber Security Analytics. 2019 24th International Conference on Engineering of Complex Computer Systems (ICECCS). :81–86.
Big Data Cyber Security Analytics (BDCA) leverages big data technologies for collecting, storing, and analyzing a large volume of security events data to detect cyber-attacks. Accuracy and response time, being the most important quality concerns for BDCA, are impacted by changes in security events data. Whilst it is promising to adapt a BDCA system's architecture to the changes in security events data for optimizing accuracy and response time, it is important to consider large search space of architectural configurations. Searching a large space of configurations for potential adaptation incurs an overwhelming adaptation time, which may cancel the benefits of adaptation. We present an adaptation approach, QuickAdapt, to enable quick adaptation of a BDCA system. QuickAdapt uses descriptive statistics (e.g., mean and variance) of security events data and fuzzy rules to (re) compose a system with a set of components to ensure optimal accuracy and response time. We have evaluated QuickAdapt for a distributed BDCA system using four datasets. Our evaluation shows that on average QuickAdapt reduces adaptation time by 105× with a competitive adaptation accuracy of 70% as compared to an existing solution.
2020-01-13
Shen, Yitong, Wang, Lingfeng, Lau, Jim Pikkin, Liu, Zhaoxi.  2019.  A Robust Control Architecture for Mitigating Sensor and Actuator Attacks on PV Converter. 2019 IEEE PES GTD Grand International Conference and Exposition Asia (GTD Asia). :970–975.
The cybersecurity of the modern control system is becoming a critical issue to the cyber-physical systems (CPS). Mitigating potential cyberattacks in the control system is an important concern in the controller design to enhance the resilience of the overall system. This paper presents a novel robust control architecture for the PV converter system to mitigate the sensor and actuator attack and reduce the influence of the system uncertainty. The sensor and actuator attack is a vicious attack scenario when the attack signals are injected into the sensor and actuator in a CPS simultaneously. A p-synthesis robust control architecture is proposed to mitigate the sensor and actuator attack and limit the system uncertainty perturbations in a DC-DC photovoltaic (PV) converter. A new system state matrix and control architecture is presented by integrating the original system state, injected attack signals and system uncertainty perturbations. In the case study, the proposed μ-synthesis robust controller exhibits a robust performance in the face of the sensor and actuator attack.
2020-02-26
Bhatnagar, Dev, Som, Subhranil, Khatri, Sunil Kumar.  2019.  Advance Persistant Threat and Cyber Spying - The Big Picture, Its Tools, Attack Vectors and Countermeasures. 2019 Amity International Conference on Artificial Intelligence (AICAI). :828–839.

Advance persistent threat is a primary security concerns to the big organizations and its technical infrastructure, from cyber criminals seeking personal and financial information to state sponsored attacks designed to disrupt, compromising infrastructure, sidestepping security efforts thus causing serious damage to organizations. A skilled cybercriminal using multiple attack vectors and entry points navigates around the defenses, evading IDS/Firewall detection and breaching the network in no time. To understand the big picture, this paper analyses an approach to advanced persistent threat by doing the same things the bad guys do on a network setup. We will walk through various steps from foot-printing and reconnaissance, scanning networks, gaining access, maintaining access to finally clearing tracks, as in a real world attack. We will walk through different attack tools and exploits used in each phase and comparative study on their effectiveness, along with explaining their attack vectors and its countermeasures. We will conclude the paper by explaining the factors which actually qualify to be an Advance Persistent Threat.

2019-11-12
Ferenc, Rudolf, Heged\H us, Péter, Gyimesi, Péter, Antal, Gábor, Bán, Dénes, Gyimóthy, Tibor.  2019.  Challenging Machine Learning Algorithms in Predicting Vulnerable JavaScript Functions. 2019 IEEE/ACM 7th International Workshop on Realizing Artificial Intelligence Synergies in Software Engineering (RAISE). :8-14.

The rapid rise of cyber-crime activities and the growing number of devices threatened by them place software security issues in the spotlight. As around 90% of all attacks exploit known types of security issues, finding vulnerable components and applying existing mitigation techniques is a viable practical approach for fighting against cyber-crime. In this paper, we investigate how the state-of-the-art machine learning techniques, including a popular deep learning algorithm, perform in predicting functions with possible security vulnerabilities in JavaScript programs. We applied 8 machine learning algorithms to build prediction models using a new dataset constructed for this research from the vulnerability information in public databases of the Node Security Project and the Snyk platform, and code fixing patches from GitHub. We used static source code metrics as predictors and an extensive grid-search algorithm to find the best performing models. We also examined the effect of various re-sampling strategies to handle the imbalanced nature of the dataset. The best performing algorithm was KNN, which created a model for the prediction of vulnerable functions with an F-measure of 0.76 (0.91 precision and 0.66 recall). Moreover, deep learning, tree and forest based classifiers, and SVM were competitive with F-measures over 0.70. Although the F-measures did not vary significantly with the re-sampling strategies, the distribution of precision and recall did change. No re-sampling seemed to produce models preferring high precision, while re-sampling strategies balanced the IR measures.

2020-02-26
Gountia, Debasis, Roy, Sudip.  2019.  Checkpoints Assignment on Cyber-Physical Digital Microfluidic Biochips for Early Detection of Hardware Trojans. 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI). :16–21.

Present security study involving analysis of manipulation of individual droplets of samples and reagents by digital microfluidic biochip has remarked that the biochip design flow is vulnerable to piracy attacks, hardware Trojans attacks, overproduction, Denial-of-Service attacks, and counterfeiting. Attackers can introduce bioprotocol manipulation attacks against biochips used for medical diagnosis, biochemical analysis, and frequent diseases detection in healthcare industry. Among these attacks, hardware Trojans have created a major threatening issue in its security concern with multiple ways to crack the sensitive data or alter original functionality by doing malicious operations in biochips. In this paper, we present a systematic algorithm for the assignment of checkpoints required for error-recovery of available bioprotocols in case of hardware Trojans attacks in performing operations by biochip. Moreover, it can guide the placement and timing of checkpoints so that the result of an attack is reduced, and hence enhance the security concerns of digital microfluidic biochips. Comparative study with traditional checkpoint schemes demonstrate the superiority of the proposed algorithm without overhead of the bioprotocol completion time with higher error detection accuracy.

2020-02-10
Naseem, Faraz, Babun, Leonardo, Kaygusuz, Cengiz, Moquin, S.J., Farnell, Chris, Mantooth, Alan, Uluagac, A. Selcuk.  2019.  CSPoweR-Watch: A Cyber-Resilient Residential Power Management System. 2019 International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). :768–775.

Modern Energy Management Systems (EMS) are becoming increasingly complex in order to address the urgent issue of global energy consumption. These systems retrieve vital information from various Internet-connected resources in a smart grid to function effectively. However, relying on such resources results in them being susceptible to cyber attacks. Malicious actors can exploit the interconnections between the resources to perform nefarious tasks such as modifying critical firmware, sending bogus sensor data, or stealing sensitive information. To address this issue, we propose a novel framework that integrates PowerWatch, a solution that detects compromised devices in the smart grid with Cyber-secure Power Router (CSPR), a smart energy management system. The goal is to ascertain whether or not such a device has operated maliciously. To achieve this, PowerWatch utilizes a machine learning model that analyzes information from system and library call lists extracted from CSPR in order to detect malicious activity in the EMS. To test the efficacy of our framework, a number of unique attack scenarios were performed on a realistic testbed that comprises functional versions of CSPR and PowerWatch to monitor the electrical environment for suspicious activity. Our performance evaluation investigates the effectiveness of this first-of-its-kind merger and provides insight into the feasibility of developing future cybersecure EMS. The results of our experimental procedures yielded 100% accuracy for each of the attack scenarios. Finally, our implementation demonstrates that the integration of PowerWatch and CSPR is effective and yields minimal overhead to the EMS.

Majumdar, R., Gayen, P. K., Mondal, S., Sadhukhan, A., Das, P. K., Kushary, I..  2019.  A Cyber Communication Package in the Application of Grid Tied Solar System. 2019 Devices for Integrated Circuit (DevIC). :146–150.

In this paper, development of cyber communication package in the application of grid connected solar system has been presented. Here, implemented communication methodology supports communication process with reduced latency, high security arrangement with various degrees of freedom. Faithful transferring of various electrical data for the purpose of measurement, monitoring and controlling actions depend on the bidirectional communication strategy. Thus, real-time communication of data through cyber network has been emphasized in this paper. The C\# language based coding is done to develop the communication program. The notable features of proposed communication process are reduction of latency during data exchange by usage of advanced encryption standard (AES) algorithm, tightening of cyber security arrangement by implementing secured socket layer (SSL) and Rivest, Shamir and Adleman (RSA) algorithms. Various real-time experiments using internet connected computers have been done to verify the usability of the proposed communication concept along with its notable features in the application.

2019-12-18
Guleria, Akshit, Kalra, Evneet, Gupta, Kunal.  2019.  Detection and Prevention of DoS Attacks on Network Systems. 2019 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COMITCon). :544-548.

Distributed Denial of Service (DDoS) strike is a malevolent undertaking to irritate regular action of a concentrated on server, organization or framework by overwhelming the goal or its incorporating establishment with a flood of Internet development. DDoS ambushes achieve feasibility by utilizing different exchanged off PC structures as wellsprings of strike action. Mishandled machines can join PCs and other masterminded resources, for instance, IoT contraptions. From an anomalous express, a DDoS attack looks like a vehicle convergence ceasing up with the road, shielding standard action from meeting up at its pined for objective.

2020-03-18
Zkik, Karim, Sebbar, Anass, Baadi, Youssef, Belhadi, Amine, Boulmalf, Mohammed.  2019.  An efficient modular security plane AM-SecP for hybrid distributed SDN. 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). :354–359.

Software defined networks (SDNs) represent new centralized network architecture that facilitates the deployment of services, applications and policies from the upper layers, relatively the management and control planes to the lower layers the data plane and the end user layer. SDNs give several advantages in terms of agility and flexibility, especially for mobile operators and for internet service providers. However, the implementation of these types of networks faces several technical challenges and security issues. In this paper we will focus on SDN's security issues and we will propose the implementation of a centralized security layer named AM-SecP. The proposed layer is linked vertically to all SDN layers which ease packets inspections and detecting intrusions. The purpose of this architecture is to stop and to detect malware infections, we do this by denying services and tunneling attacks without encumbering the networks by expensive operations and high calculation cost. The implementation of the proposed framework will be also made to demonstrate his feasibility and robustness.

2019-11-26
Zabihimayvan, Mahdieh, Doran, Derek.  2019.  Fuzzy Rough Set Feature Selection to Enhance Phishing Attack Detection. 2019 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE). :1-6.

Phishing as one of the most well-known cybercrime activities is a deception of online users to steal their personal or confidential information by impersonating a legitimate website. Several machine learning-based strategies have been proposed to detect phishing websites. These techniques are dependent on the features extracted from the website samples. However, few studies have actually considered efficient feature selection for detecting phishing attacks. In this work, we investigate an agreement on the definitive features which should be used in phishing detection. We apply Fuzzy Rough Set (FRS) theory as a tool to select most effective features from three benchmarked data sets. The selected features are fed into three often used classifiers for phishing detection. To evaluate the FRS feature selection in developing a generalizable phishing detection, the classifiers are trained by a separate out-of-sample data set of 14,000 website samples. The maximum F-measure gained by FRS feature selection is 95% using Random Forest classification. Also, there are 9 universal features selected by FRS over all the three data sets. The F-measure value using this universal feature set is approximately 93% which is a comparable result in contrast to the FRS performance. Since the universal feature set contains no features from third-part services, this finding implies that with no inquiry from external sources, we can gain a faster phishing detection which is also robust toward zero-day attacks.

2020-02-26
Kaur, Gaganjot, Gupta, Prinima.  2019.  Hybrid Approach for Detecting DDOS Attacks in Software Defined Networks. 2019 Twelfth International Conference on Contemporary Computing (IC3). :1–6.

In today's time Software Defined Network (SDN) gives the complete control to get the data flow in the network. SDN works as a central point to which data is administered centrally and traffic is also managed. SDN being open source product is more prone to security threats. The security policies are also to be enforced as it would otherwise let the controller be attacked the most. The attacks like DDOS and DOS attacks are more commonly found in SDN controller. DDOS is destructive attack that normally diverts the normal flow of traffic and starts the over flow of flooded packets halting the system. Machine Learning techniques helps to identify the hidden and unexpected pattern of the network and hence helps in analyzing the network flow. All the classified and unclassified techniques can help detect the malicious flow based on certain parameters like packet flow, time duration, accuracy and precision rate. Researchers have used Bayesian Network, Wavelets, Support Vector Machine and KNN to detect DDOS attacks. As per the review it's been analyzed that KNN produces better result as per the higher precision and giving a lower falser rate for detection. This paper produces better approach of hybrid Machine Learning techniques rather than existing KNN on the same data set giving more accuracy of detecting DDOS attacks on higher precision rate. The result of the traffic with both normal and abnormal behavior is shown and as per the result the proposed algorithm is designed which is suited for giving better approach than KNN and will be implemented later on for future.

2019-11-26
Patil, Srushti, Dhage, Sudhir.  2019.  A Methodical Overview on Phishing Detection along with an Organized Way to Construct an Anti-Phishing Framework. 2019 5th International Conference on Advanced Computing Communication Systems (ICACCS). :588-593.

Phishing is a security attack to acquire personal information like passwords, credit card details or other account details of a user by means of websites or emails. Phishing websites look similar to the legitimate ones which make it difficult for a layman to differentiate between them. As per the reports of Anti Phishing Working Group (APWG) published in December 2018, phishing against banking services and payment processor was high. Almost all the phishy URLs use HTTPS and use redirects to avoid getting detected. This paper presents a focused literature survey of methods available to detect phishing websites. A comparative study of the in-use anti-phishing tools was accomplished and their limitations were acknowledged. We analyzed the URL-based features used in the past to improve their definitions as per the current scenario which is our major contribution. Also, a step wise procedure of designing an anti-phishing model is discussed to construct an efficient framework which adds to our contribution. Observations made out of this study are stated along with recommendations on existing systems.

2020-02-26
Bikov, T. D., Iliev, T. B., Mihaylov, Gr. Y., Stoyanov, I. S..  2019.  Phishing in Depth – Modern Methods of Detection and Risk Mitigation. 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). :447–450.

Nowadays, everyone is living in a digital world with various of virtual experiences and realities, but all of them may eventually cause real threats in our real world. Some of these threats have been born together with the first electronic mail service. Some of them might be considered as really basic and simple, compared to others that were developed and advanced in time to adapt themselves for the security defense mechanisms of the modern digital world. On a daily basis, more than 238.4 billion emails are sent worldwide, which makes more than 2.7 million emails per second, and these statistics are only from the publicly visible networks. Having that information and considering around 60% and above of all emails as threatening or not legitimate, is more than concerning. Unfortunately, even the modern security measures and systems are not capable to identify and prevent all the fraudulent content that is created and distributed every day. In this paper we will cover the most common attack vectors, involving the already mass email infrastructures, the required contra measures to minimize the impact over the corporate environments and what else should be developed to mitigate the modern sophisticated email attacks.

2020-02-10
Eshmawi, Ala', Nair, Suku.  2019.  The Roving Proxy Framewrok for SMS Spam and Phishing Detection. 2019 2nd International Conference on Computer Applications Information Security (ICCAIS). :1–6.

This paper presents the details of the roving proxy framework for SMS spam and SMS phishing (SMishing) detection. The framework aims to protect organizations and enterprises from the danger of SMishing attacks. Feasibility and functionality studies of the framework are presented along with an update process study to define the minimum requirements for the system to adapt with the latest spam and SMishing trends.

2020-01-20
Huang, Yongjie, Yang, Qiping, Qin, Jinghui, Wen, Wushao.  2019.  Phishing URL Detection via CNN and Attention-Based Hierarchical RNN. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :112–119.
Phishing websites have long been a serious threat to cyber security. For decades, many researchers have been devoted to developing novel techniques to detect phishing websites automatically. While state-of-the-art solutions can achieve superior performances, they require substantial manual feature engineering and are not adept at detecting newly emerging phishing attacks. Therefore, developing techniques that can detect phishing websites automatically and handle zero-day phishing attacks swiftly is still an open challenge in this area. In this work, we propose PhishingNet, a deep learning-based approach for timely detection of phishing Uniform Resource Locators (URLs). Specifically, we use a Convolutional Neural Network (CNN) module to extract character-level spatial feature representations of URLs; meanwhile, we employ an attention-based hierarchical Recurrent Neural Network(RNN) module to extract word-level temporal feature representations of URLs. We then fuse these feature representations via a three-layer CNN to build accurate feature representations of URLs, on which we train a phishing URL classifier. Extensive experiments on a verified dataset collected from the Internet demonstrate that the feature representations extracted automatically are conducive to the improvement of the generalization ability of our approach on newly emerging URLs, which makes our approach achieve competitive performance against other state-of-the-art approaches.
2019-12-18
Shafi, Qaisar, Basit, Abdul.  2019.  DDoS Botnet Prevention Using Blockchain in Software Defined Internet of Things. 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST). :624-628.

Distributed Denial of Service (DDoS) attacks have two defense perspectives firstly, to defend your network, resources and other information assets from this disastrous attack. Secondly, to prevent your network to be the part of botnet (botforce) bondage to launch attacks on other networks and resources mainly be controlled from a control center. This work focuses on the development of a botnet prevention system for Internet of Things (IoT) that uses the benefits of both Software Defined Networking (SDN) and Distributed Blockchain (DBC). We simulate and analyze that using blockchain and SDN, how can detect and mitigate botnets and prevent our devices to play into the hands of attackers.

2020-02-10
Taher, Kazi Abu, Nahar, Tahmin, Hossain, Syed Akhter.  2019.  Enhanced Cryptocurrency Security by Time-Based Token Multi-Factor Authentication Algorithm. 2019 International Conference on Robotics,Electrical and Signal Processing Techniques (ICREST). :308–312.
A noble multi-factor authentication (MFA) algorithm is developed for the security enhancement of the Cryptocurrency (CR). The main goal of MFA is to set up extra layer of safeguard while seeking access to a targets such as physical location, computing device, network or database. MFA security scheme requires more than one method for the validation from commutative family of credentials to verify the user for a transaction. MFA can reduce the risk of using single level password authentication by introducing additional factors of authentication. MFA can prevent hackers from gaining access to a particular account even if the password is compromised. The superfluous layer of security introduced by MFA offers additional security to a user. MFA is implemented by using time-based onetime password (TOTP) technique. For logging to any entity with MFA enabled, the user first needs username and password, as a second factor, the user then needs the MFA token to virtually generate a TOTP. It is found that MFA can provide a better means of secured transaction of CR.
2019-12-18
Saharan, Shail, Gupta, Vishal.  2019.  Prevention and Mitigation of DNS Based DDoS Attacks in SDN Environment. 2019 11th International Conference on Communication Systems Networks (COMSNETS). :571-573.

Denial-of-Service attack (DoS attack) is an attack on network in which an attacker tries to disrupt the availability of network resources by overwhelming the target network with attack packets. In DoS attack it is typically done using a single source, and in a Distributed Denial-of-Service attack (DDoS attack), like the name suggests, multiple sources are used to flood the incoming traffic of victim. Typically, such attacks use vulnerabilities of Domain Name System (DNS) protocol and IP spoofing to disrupt the normal functioning of service provider or Internet user. The attacks involving DNS, or attacks exploiting vulnerabilities of DNS are known as DNS based DDOS attacks. Many of the proposed DNS based DDoS solutions try to prevent/mitigate such attacks using some intelligent non-``network layer'' (typically application layer) protocols. Utilizing the flexibility and programmability aspects of Software Defined Networks (SDN), via this proposed doctoral research it is intended to make underlying network intelligent enough so as to prevent DNS based DDoS attacks.