Visible to the public Biblio

Filters: Keyword is Web servers  [Clear All Filters]
2020-12-14
Yu, L., Chen, L., Dong, J., Li, M., Liu, L., Zhao, B., Zhang, C..  2020.  Detecting Malicious Web Requests Using an Enhanced TextCNN. 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). :768–777.
This paper proposes an approach that combines a deep learning-based method and a traditional machine learning-based method to efficiently detect malicious requests Web servers received. The first few layers of Convolutional Neural Network for Text Classification (TextCNN) are used to automatically extract powerful semantic features and in the meantime transferable statistical features are defined to boost the detection ability, specifically Web request parameter tampering. The semantic features from TextCNN and transferable statistical features from artificially-designing are grouped together to be fed into Support Vector Machine (SVM), replacing the last layer of TextCNN for classification. To facilitate the understanding of abstract features in form of numerical data in vectors extracted by TextCNN, this paper designs trace-back functions that map max-pooling outputs back to words in Web requests. After investigating the current available datasets for Web attack detection, HTTP Dataset CSIC 2010 is selected to test and verify the proposed approach. Compared with other deep learning models, the experimental results demonstrate that the approach proposed in this paper is competitive with the state-of-the-art.
2020-11-09
Kemp, C., Calvert, C., Khoshgoftaar, T..  2018.  Utilizing Netflow Data to Detect Slow Read Attacks. 2018 IEEE International Conference on Information Reuse and Integration (IRI). :108–116.
Attackers can leverage several techniques to compromise computer networks, ranging from sophisticated malware to DDoS (Distributed Denial of Service) attacks that target the application layer. Application layer DDoS attacks, such as Slow Read, are implemented with just enough traffic to tie up CPU or memory resources causing web and application servers to go offline. Such attacks can mimic legitimate network requests making them difficult to detect. They also utilize less volume than traditional DDoS attacks. These low volume attack methods can often go undetected by network security solutions until it is too late. In this paper, we explore the use of machine learners for detecting Slow Read DDoS attacks on web servers at the application layer. Our approach uses a generated dataset based upon Netflow data collected at the application layer on a live network environment. Our Netflow data uses the IP Flow Information Export (IPFIX) standard providing significant flexibility and features. These Netflow features can process and handle a growing amount of traffic and have worked well in our previous DDoS work detecting evasion techniques. Our generated dataset consists of real-world network data collected from a production network. We use eight different classifiers to build Slow Read attack detection models. Our wide selection of learners provides us with a more comprehensive analysis of Slow Read detection models. Experimental results show that the machine learners were quite successful in identifying the Slow Read attacks with a high detection and low false alarm rate. The experiment demonstrates that our chosen Netflow features are discriminative enough to detect such attacks accurately.
2020-09-18
Tanrıverdi, Mustafa, Tekerek, Adem.  2019.  Implementation of Blockchain Based Distributed Web Attack Detection Application. 2019 1st International Informatics and Software Engineering Conference (UBMYK). :1—6.
In last decades' web application security has become one of the most important case study of information security studies. Business processes are transferred to web platforms. So web application usage is increased very fast. Web-based attacks have also increased due to the increased use of web applications. In order to ensure the security of web applications, intrusion detection and prevention systems and web application firewalls are used against web based attacks. Blockchain technology, which has become popular in recent years, enables reliable and transparent sharing of data with all stakeholders. In this study, in order to detect web-based attacks, a blockchain based web attack detection model that uses the signature based detection method is proposed. The signature based detection refers to the detection of attacks by looking for specific patterns against known web based attack types, such as Structured Query Language (SQL) Injection, Cross Site Scripting (XSS), Command Injection. Three web servers were used for the experimental study. A blockchain node has been installed with the MultiChain application for each server. Attacks on web applications are detected using the signature list found in the web application as well as detected using the signature list updated on the blockchain. According to the experimental results, the attacks signature detected and defined by a web application are updated in the blockchain lists and used by all web applications.
2020-08-28
Eom, Taehoon, Hong, Jin Bum, An, SeongMo, Park, Jong Sou, Kim, Dong Seong.  2019.  Security and Performance Modeling and Optimization for Software Defined Networking. 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :610—617.

Software Defined Networking (SDN) provides new functionalities to efficiently manage the network traffic, which can be used to enhance the networking capabilities to support the growing communication demands today. But at the same time, it introduces new attack vectors that can be exploited by attackers. Hence, evaluating and selecting countermeasures to optimize the security of the SDN is of paramount importance. However, one should also take into account the trade-off between security and performance of the SDN. In this paper, we present a security optimization approach for the SDN taking into account the trade-off between security and performance. We evaluate the security of the SDN using graphical security models and metrics, and use queuing models to measure the performance of the SDN. Further, we use Genetic Algorithms, namely NSGA-II, to optimally select the countermeasure with performance and security constraints. Our experimental analysis results show that the proposed approach can efficiently compute the countermeasures that will optimize the security of the SDN while satisfying the performance constraints.

2020-06-29
Tran, Thang M., Nguyen, Khanh-Van.  2019.  Fast Detection and Mitigation to DDoS Web Attack Based on Access Frequency. 2019 IEEE-RIVF International Conference on Computing and Communication Technologies (RIVF). :1–6.

We have been investigating methods for establishing an effective, immediate defense mechanism against the DDoS attacks on Web applications via hacker botnets, in which this defense mechanism can be immediately active without preparation time, e.g. for training data, usually asked for in existing proposals. In this study, we propose a new mechanism, including new data structures and algorithms, that allow the detection and filtering of large amounts of attack packets (Web request) based on monitoring and capturing the suspect groups of source IPs that can be sending packets at similar patterns, i.e. with very high and similar frequencies. The proposed algorithm places great emphasis on reducing storage space and processing time so it is promising to be effective in real-time attack response.

2020-05-15
Fraunholz, Daniel, Schotten, Hans D..  2018.  Defending Web Servers with Feints, Distraction and Obfuscation. 2018 International Conference on Computing, Networking and Communications (ICNC). :21—25.

In this paper we investigate deceptive defense strategies for web servers. Web servers are widely exploited resources in the modern cyber threat landscape. Often these servers are exposed in the Internet and accessible for a broad range of valid as well as malicious users. Common security strategies like firewalls are not sufficient to protect web servers. Deception based Information Security enables a large set of counter measures to decrease the efficiency of intrusions. In this work we depict several techniques out of the reconnaissance process of an attacker. We match these with deceptive counter measures. All proposed measures are implemented in an experimental web server with deceptive counter measure abilities. We also conducted an experiment with honeytokens and evaluated delay strategies against automated scanner tools.

2020-05-11
Nikolov, Dimitar, Kordev, Iliyan, Stefanova, Stela.  2018.  Concept for network intrusion detection system based on recurrent neural network classifier. 2018 IEEE XXVII International Scientific Conference Electronics - ET. :1–4.
This paper presents the effects of problem based learning project on a high-school student in Technology school “Electronic systems” associated with Technical University Sofia. The problem is creating an intrusion detection system for Apache HTTP Server with duration 6 months. The intrusion detection system is based on a recurrent neural network classifier namely long-short term memory units.
2020-02-18
Saverimoutou, Antoine, Mathieu, Bertrand, Vaton, Sandrine.  2019.  Influence of Internet Protocols and CDN on Web Browsing. 2019 10th IFIP International Conference on New Technologies, Mobility and Security (NTMS). :1–5.

The Web ecosystem has been evolving over the past years and new Internet protocols, namely HTTP/2 over TLS/TCP and QUIC/UDP, are now used to deliver Web contents. Similarly, CDNs (Content Delivery Network) are deployed worldwide, caching contents close to end-users to optimize web browsing quality. We present in this paper an analysis of the influence of the Internet protocols and CDN on the Top 10,000 Alexa websites, based on a 12-month measurement campaign (from April 2018 to April 2019) performed via our tool Web View [1]. Part of our measurements are made public, represented on a monitoring website1, showing the results for the Top 50 Alexa Websites plus few specific websites and 8 french websites, suggested by the French Agency in charge of regulating telecommunications. Our analysis of this long-term measurement campaign allows to better analyze the delivery of public websites. For instance, it shows that even if some argue that QUIC optimizes the quality, it is not observed in the real-life since QUIC is not largely deployed. Our method for analyzing CDN delivery in the Web browsing allows us to evaluate its influence, which is important since their usage can decrease the web pages' loading time, on average 43.1% with HTTP/2 and 38.5% with QUIC, when requesting a second time the same home page.

2020-02-10
Bansal, Bhawana, Sharma, Monika.  2019.  Client-Side Verification Framework for Offline Architecture of IoT. 2019 3rd International conference on Electronics, Communication and Aerospace Technology (ICECA). :1044–1050.
Internet of things is a network formed between two or more devices through internet which helps in sharing data and resources. IoT is present everywhere and lot of applications in our day-to-day life such as smart homes, smart grid system which helps in reducing energy consumption, smart garbage collection to make cities clean, smart cities etc. It has some limitations too such as concerns of security of the network and the cost of installations of the devices. There have been many researches proposed various method in improving the IoT systems. In this paper, we have discussed about the scope and limitations of IoT in various fields and we have also proposed a technique to secure offline architecture of IoT.
2019-03-25
Pawlenka, T., Škuta, J..  2018.  Security system based on microcontrollers. 2018 19th International Carpathian Control Conference (ICCC). :344–347.
The article describes design and realization of security system based on single-chip microcontrollers. System includes sensor modules for unauthorized entrance detection based on magnetic contact, measuring carbon monoxide level, movement detection and measuring temperature and humidity. System also includes control unit, control panel and development board Arduino with ethernet interface connected for web server implementation.
2018-06-07
Chariton, A. A., Degkleri, E., Papadopoulos, P., Ilia, P., Markatos, E. P..  2017.  CCSP: A compressed certificate status protocol. IEEE INFOCOM 2017 - IEEE Conference on Computer Communications. :1–9.

Trust in SSL-based communications is provided by Certificate Authorities (CAs) in the form of signed certificates. Checking the validity of a certificate involves three steps: (i) checking its expiration date, (ii) verifying its signature, and (iii) ensuring that it is not revoked. Currently, such certificate revocation checks are done either via Certificate Revocation Lists (CRLs) or Online Certificate Status Protocol (OCSP) servers. Unfortunately, despite the existence of these revocation checks, sophisticated cyber-attackers, may trick web browsers to trust a revoked certificate, believing that it is still valid. Consequently, the web browser will communicate (over TLS) with web servers controlled by cyber-attackers. Although frequently updated, nonced, and timestamped certificates may reduce the frequency and impact of such cyber-attacks, they impose a very large overhead to the CAs and OCSP servers, which now need to timestamp and sign on a regular basis all the responses, for every certificate they have issued, resulting in a very high overhead. To mitigate this overhead and provide a solution to the described cyber-attacks, we present CCSP: a new approach to provide timely information regarding the status of certificates, which capitalizes on a newly introduced notion called signed collections. In this paper, we present the design, preliminary implementation, and evaluation of CCSP in general, and signed collections in particular. Our preliminary results suggest that CCSP (i) reduces space requirements by more than an order of magnitude, (ii) lowers the number of signatures required by 6 orders of magnitude compared to OCSP-based methods, and (iii) adds only a few milliseconds of overhead in the overall user latency.

Berkowsky, J., Rana, N., Hayajneh, T..  2017.  CAre: Certificate Authority Rescue Engine for Proactive Security. 2017 14th International Symposium on Pervasive Systems, Algorithms and Networks 2017 11th International Conference on Frontier of Computer Science and Technology 2017 Third International Symposium of Creative Computing (ISPAN-FCST-ISCC). :79–86.

Cryptography and encryption is a topic that is blurred by its complexity making it difficult for the majority of the public to easily grasp. The focus of our research is based on SSL technology involving CAs, a centralized system that manages and issues certificates to web servers and computers for validation of identity. We first explain how the certificate provides a secure connection creating a trust between two parties looking to communicate with one another over the internet. Then the paper goes into what happens when trust is compromised and how information that is being transmitted could possibly go into the hands of the wrong person. We are proposing a browser plugin, Certificate Authority Rescue Engine (CAre), to serve as an added source of security with simplicity and visibility. In order to see why CAre will be an added benefit to average and technical users of the internet, one must understand what website security entails. Therefore, this paper will dive deep into website security through the use of public key infrastructure and its core components; certificates, certificate authorities, and their relationship with web browsers.

2018-04-04
Yost, W., Jaiswal, C..  2017.  MalFire: Malware firewall for malicious content detection and protection. 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON). :428–433.

The online portion of modern life is growing at an astonishing rate, with the consequence that more of the user's critical information is stored online. This poses an immediate threat to privacy and security of the user's data. This work will cover the increasing dangers and security risks of adware, adware injection, and malware injection. These programs increase in direct proportion to the number of users on the Internet. Each of these programs presents an imminent threat to a user's privacy and sensitive information, anytime they utilize the Internet. We will discuss how current ad blockers are not the actual solution to these threats, but rather a premise to our work. Current ad blocking tools can be discovered by the web servers which often requires suppression of the ad blocking tool. Suppressing the tool creates vulnerabilities in a user's system, but even when the tool is active their system is still susceptible to peril. It is possible, even when an ad blocking tool is functioning, for it to allow adware content through. Our solution to the contemporary threats is our tool, MalFire.

2018-04-02
Kolamunna, H., Chauhan, J., Hu, Y., Thilakarathna, K., Perino, D., Makaroff, D., Seneviratne, A..  2017.  Are Wearables Ready for HTTPS? On the Potential of Direct Secure Communication on Wearables 2017 IEEE 42nd Conference on Local Computer Networks (LCN). :321–329.

The majority of available wearable computing devices require communication with Internet servers for data analysis and storage, and rely on a paired smartphone to enable secure communication. However, many wearables are equipped with WiFi network interfaces, enabling direct communication with the Internet. Secure communication protocols could then run on these wearables themselves, yet it is not clear if they can be efficiently supported.,,,,In this paper, we show that wearables are ready for direct and secure Internet communication by means of experiments with both controlled local web servers and Internet servers. We observe that the overall energy consumption and communication delay can be reduced with direct Internet connection via WiFi from wearables compared to using smartphones as relays via Bluetooth. We also show that the additional HTTPS cost caused by TLS handshake and encryption is closely related to the number of parallel connections, and has the same relative impact on wearables and smartphones.

2018-02-15
Han, Z., Yang, L., Liu, Q..  2017.  A Novel Multifactor Two-Server Authentication Scheme under the Mobile Cloud Computing. 2017 International Conference on Networking and Network Applications (NaNA). :341–346.

Because the authentication method based username-password has the disadvantage of easy disclosure and low reliability, and also the excess password management degrades the user experience tremendously, the user is eager to get rid of the bond of the password in order to seek a new way of authentication. Therefore, the multifactor biometrics-based user authentication wins the favor of people with advantages of simplicity, convenience and high reliability, especially in the mobile payment environment. Unfortunately, in the existing scheme, biometric information is stored on the server side. As thus, once the server is hacked by attackers to cause the leakage of the fingerprint information, it will take a deadly threat to the user privacy. Aim at the security problem due to the fingerprint information in the mobile payment environment, we propose a novel multifactor two-server authentication scheme under mobile computing (MTSAS). In the MTSAS, it divides the authentication method and authentication means, in the meanwhile, the user's biometric characteristics cannot leave the user device. And also, MTSAS chooses the different authentication factors depending on the privacy level of the authentication, and then provides the authentication based on the different security levels. BAN logic's result proves that MTSAS has achieved the purpose of authentication, and meets the security requirements. In comparison with other schemes, the analysis shows that the proposed scheme MTSAS not only has the reasonable computational efficiency, but also keeps the superior communication cost.

2018-01-16
Najafabadi, M. M., Khoshgoftaar, T. M., Calvert, C., Kemp, C..  2017.  User Behavior Anomaly Detection for Application Layer DDoS Attacks. 2017 IEEE International Conference on Information Reuse and Integration (IRI). :154–161.

Distributed Denial of Service (DDoS) attacks are a popular and inexpensive form of cyber attacks. Application layer DDoS attacks utilize legitimate application layer requests to overwhelm a web server. These attacks are a major threat to Internet applications and web services. The main goal of these attacks is to make the services unavailable to legitimate users by overwhelming the resources on a web server. They look valid in connection and protocol characteristics, which makes them difficult to detect. In this paper, we propose a detection method for the application layer DDoS attacks, which is based on user behavior anomaly detection. We extract instances of user behaviors requesting resources from HTTP web server logs. We apply the Principle Component Analysis (PCA) subspace anomaly detection method for the detection of anomalous behavior instances. Web server logs from a web server hosting a student resource portal were collected as experimental data. We also generated nine different HTTP DDoS attacks through penetration testing. Our performance results on the collected data show that using PCAsubspace anomaly detection on user behavior data can detect application layer DDoS attacks, even if they are trying to mimic a normal user's behavior at some level.

2017-12-20
Luangmaneerote, S., Zaluska, E., Carr, L..  2017.  Inhibiting Browser Fingerprinting and Tracking. 2017 ieee 3rd international conference on big data security on cloud (bigdatasecurity), ieee international conference on high performance and smart computing (hpsc), and ieee international conference on intelligent data and security (ids). :63–68.
This paper discusses possible approaches to address the loss of user privacy when browsing the web and being tracked by websites which compute a browser fingerprint identifying the user computer. The key problem is that the current fingerprinting countermeasures are insufficient to prevent fingerprinting tracking and also frequently produce side-effects on the web browser. The advantages and disadvantages of possible countermeasures are discussed in the context of improving resistance against browser fingerprinting. Finally, using a new browser extension is proposed as the best way to inhibit fingerprinting as it could probably inhibit some of the fingerprinting techniques used and also diminish the side-effects on the user browser experience, compared with existing techniques.
Wazan, A. S., Laborde, R., Chadwick, D. W., Barrere, F., Benzekri, A..  2017.  TLS Connection Validation by Web Browsers: Why do Web Browsers Still Not Agree? 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC). 1:665–674.
The TLS protocol is the primary technology used for securing web transactions. It is based on X.509 certificates that are used for binding the identity of web servers' owners to their public keys. Web browsers perform the validation of X.509 certificates on behalf of Web users. Our previous research in 2009 showed that the validation process of Web browsers is inconsistent and flawed. We showed how this situation might have a negative impact on Web users. From 2009 until now, many new X.509 related standards have been created or updated. In this paper, we performed an increased set of experiments over our 2009 study in order to highlight the improvements and/or regressions in Web browsers' behaviours.
Dolnák, I., Litvik, J..  2017.  Introduction to HTTP security headers and implementation of HTTP strict transport security (HSTS) header for HTTPS enforcing. 2017 15th International Conference on Emerging eLearning Technologies and Applications (ICETA). :1–4.

This article presents introduction to HTTP Security Headers - new security topic in communication over Internet. It is emphasized that HTTPS protocol and SSL/TLS certificates alone do not offer sufficient level of security for communication among people and devices. In the world of web applications and Internet of Things (IoT), it is vital to bring communication security at higher level, what could be realised via few simple steps. HTTP Response Headers used for different purposes in the past are now the effective way how to propagate security policies from servers to clients (from web servers to web browsers). First improvement is enforcing HTTPS protocol for communication everywhere it is possible and promote this protocol as first and only option for secure connection over the Internet. It is emphasized that HTTP protocol for communication is not suitable anymore.

2017-11-27
Kuze, N., Ishikura, S., Yagi, T., Chiba, D., Murata, M..  2016.  Detection of vulnerability scanning using features of collective accesses based on information collected from multiple honeypots. NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium. :1067–1072.

Attacks against websites are increasing rapidly with the expansion of web services. An increasing number of diversified web services make it difficult to prevent such attacks due to many known vulnerabilities in websites. To overcome this problem, it is necessary to collect the most recent attacks using decoy web honeypots and to implement countermeasures against malicious threats. Web honeypots collect not only malicious accesses by attackers but also benign accesses such as those by web search crawlers. Thus, it is essential to develop a means of automatically identifying malicious accesses from mixed collected data including both malicious and benign accesses. Specifically, detecting vulnerability scanning, which is a preliminary process, is important for preventing attacks. In this study, we focused on classification of accesses for web crawling and vulnerability scanning since these accesses are too similar to be identified. We propose a feature vector including features of collective accesses, e.g., intervals of request arrivals and the dispersion of source port numbers, obtained with multiple honeypots deployed in different networks for classification. Through evaluation using data collected from 37 honeypots in a real network, we show that features of collective accesses are advantageous for vulnerability scanning and crawler classification.

2017-04-20
Sonewar, P. A., Thosar, S. D..  2016.  Detection of SQL injection and XSS attacks in three tier web applications. 2016 International Conference on Computing Communication Control and automation (ICCUBEA). :1–4.

Web applications are used on a large scale worldwide, which handles sensitive personal data of users. With web application that maintains data ranging from as simple as telephone number to as important as bank account information, security is a prime point of concern. With hackers aimed to breakthrough this security using various attacks, we are focusing on SQL injection attacks and XSS attacks. SQL injection attack is very common attack that manipulates the data passing through web application to the database servers through web servers in such a way that it alters or reveals database contents. While Cross Site Scripting (XSS) attacks focuses more on view of the web application and tries to trick users that leads to security breach. We are considering three tier web applications with static and dynamic behavior, for security. Static and dynamic mapping model is created to detect anomalies in the class of SQL Injection and XSS attacks.

2017-03-07
Kolahi, S. S., Treseangrat, K., Sarrafpour, B..  2015.  Analysis of UDP DDoS flood cyber attack and defense mechanisms on Web Server with Linux Ubuntu 13. 2015 International Conference on Communications, Signal Processing, and their Applications (ICCSPA). :1–5.

Denial of Service (DoS) attacks is one of the major threats and among the hardest security problems in the Internet world. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With little or no advance warning, an attacker can easily exhaust the computing resources of its victim within a short period of time. In this paper, we study the impact of a UDP flood attack on TCP throughput, round-trip time, and CPU utilization for a Web Server with the new generation of Linux platform, Linux Ubuntu 13. This paper also evaluates the impact of various defense mechanisms, including Access Control Lists (ACLs), Threshold Limit, Reverse Path Forwarding (IP Verify), and Network Load Balancing. Threshold Limit is found to be the most effective defense.

2015-05-06
Ceccarelli, A., Montecchi, L., Brancati, F., Lollini, P., Marguglio, A., Bondavalli, A..  2014.  Continuous and Transparent User Identity Verification for Secure Internet Services. Dependable and Secure Computing, IEEE Transactions on. PP:1-1.

Session management in distributed Internet services is traditionally based on username and password, explicit logouts and mechanisms of user session expiration using classic timeouts. Emerging biometric solutions allow substituting username and password with biometric data during session establishment, but in such an approach still a single verification is deemed sufficient, and the identity of a user is considered immutable during the entire session. Additionally, the length of the session timeout may impact on the usability of the service and consequent client satisfaction. This paper explores promising alternatives offered by applying biometrics in the management of sessions. A secure protocol is defined for perpetual authentication through continuous user verification. The protocol determines adaptive timeouts based on the quality, frequency and type of biometric data transparently acquired from the user. The functional behavior of the protocol is illustrated through Matlab simulations, while model-based quantitative analysis is carried out to assess the ability of the protocol to contrast security attacks exercised by different kinds of attackers. Finally, the current prototype for PCs and Android smartphones is discussed.
 

Alomari, E., Manickam, S., Gupta, B.B., Singh, P., Anbar, M..  2014.  Design, deployment and use of HTTP-based botnet (HBB) testbed. Advanced Communication Technology (ICACT), 2014 16th International Conference on. :1265-1269.

Botnet is one of the most widespread and serious malware which occur frequently in today's cyber attacks. A botnet is a group of Internet-connected computer programs communicating with other similar programs in order to perform various attacks. HTTP-based botnet is most dangerous botnet among all the different botnets available today. In botnets detection, in particularly, behavioural-based approaches suffer from the unavailability of the benchmark datasets and this lead to lack of precise results evaluation of botnet detection systems, comparison, and deployment which originates from the deficiency of adequate datasets. Most of the datasets in the botnet field are from local environment and cannot be used in the large scale due to privacy problems and do not reflect common trends, and also lack some statistical features. To the best of our knowledge, there is not any benchmark dataset available which is infected by HTTP-based botnet (HBB) for performing Distributed Denial of Service (DDoS) attacks against Web servers by using HTTP-GET flooding method. In addition, there is no Web access log infected by botnet is available for researchers. Therefore, in this paper, a complete test-bed will be illustrated in order to implement a real time HTTP-based botnet for performing variety of DDoS attacks against Web servers by using HTTP-GET flooding method. In addition to this, Web access log with http bot traces are also generated. These real time datasets and Web access logs can be useful to study the behaviour of HTTP-based botnet as well as to evaluate different solutions proposed to detect HTTP-based botnet by various researchers.
 

2015-05-05
Mahmood, A., Akbar, A.H..  2014.  Threats in end to end commercial deployments of Wireless Sensor Networks and their cross layer solution. Information Assurance and Cyber Security (CIACS), 2014 Conference on. :15-22.

Commercial Wireless Sensor Networks (WSNs) can be accessed through sensor web portals. However, associated security implications and threats to the 1) users/subscribers 2) investors and 3) third party operators regarding sensor web portals are not seen in completeness, rather the contemporary work handles them in parts. In this paper, we discuss different kind of security attacks and vulnerabilities at different layers to the users, investors including Wireless Sensor Network Service Providers (WSNSPs) and WSN itself in relation with the two well-known documents i.e., “Department of Homeland Security” (DHS) and “Department of Defense (DOD)”, as these are standard security documents till date. Further we propose a comprehensive cross layer security solution in the light of guidelines given in the aforementioned documents that is minimalist in implementation and achieves the purported security goals.