Science meets Practice
Abstract: As it has been recently proven that the public key-based RSA algorithms that are currently used in encryption can
Read more
Abstract: This paper explores the concept of entropy of a flow to augment flow statistical features for encrypted DNS tunnelling
Read more
Abstract: Cloud repository gives a proficient way to fathom issues of management and capacity, driven by high-speed information emergence. Consequently,
Read more
Abstract: Cybercrimes are increasing at an alarming rate and cause detrimental effects to the victims. Routine Activity Theory (RAT) is
Read more
Abstract: Email phishing is a cyber-attack, bringing substantial financial damage to corporate and commercial organizations. A phishing email is a
Read more
Abstract: In recent years, the cyber security scenario has transformed predominantly from conventional response-based security mechanisms to proactive security strategies. And this transformation is still continuing which is shifting it from proactive security strategies to cyber immunity which eliminates the cyber threats by introducing stringent and adaptive security measures. In the process of developing new security algorithms/procedures, accurate modelling and effective simulation play a vital role for the robustness and effectiveness of proposed system. It is also necessary to analyze the behaviour of proposed system against multiple types of known cyber attacks. This paper focuses on the existing network testbeds for an effective analysis and monitoring while proposing a new network testbed for examining new security concepts like cyber immunity. The proposed network testbed is designed to incorporate the methods and procedures of Nature-inspired Cyber Security to accommodate the adaptive responses against the sophisticated and ever-advancing cyber attacks. The proposed testbed provides customizable analytical tool to design, test and examine the new security algorithms through a rich set of attack scenarios. It also allows developers to design, implement, and evaluate their defensive techniques with library support.
Read more
Abstract: Digital identity documents provide several key benefits over physical ones. They can be created more easily, incur less costs,
Read more
Abstract: The invention of artificial general intelligence is predicted to cause a shift in the trajectory of human civilization. In
Read more
Abstract: Cloud computing is considered as technical advancement in information technology. Many organizations have been motivated by this advancement to outsource their data and computational needs. Such platforms are required to fulfil basic security principles such as confidentiality, availability, and integrity. Cloud computing offers scalable and virtualized services with a high flexibility level and decreased maintenance costs to end-users. The infrastructure and protocols that are behind cloud computing may contain bugs and vulnerabilities. These vulnerabilities are being exploited by attackers, leading to attacks. Among the most reported attacks in cloud computing are distributed denial-of-service (DDOS) attacks. DDOS attacks are conducted by sending many data packets to the targeted infrastructure. This leads to most network bandwidth and server time being consumed, thus causing a denial of the service problem. Several methods have been proposed and experimented with for early DDOS attack detection. Employing a single machine learning classification model may give an adequate level of attack detection accuracy but needs an enhancement. In this study, we propose an approach based on an ensemble of machine learning classifiers. The proposed approach uses a majority vote-based ensemble of classifiers to detect attacks more accurately. A subset of the CICDDOS2019 dataset consisting of 32,000 instances, including 8450 benign and 23,550 DDOS attack instances was used in this study for results and evaluation. The experimental results showed that 98.02% accuracy was achieved with 97.45% sensitivity and 98.65% specificity.
Read more
Abstract: In the recent years steganographic techniques for hiding data in file system metadata gained focus. While commonly used file systems received tooling and publications the exFAT file system did not get much attention – probably because its structure provides only few suitable locations to hide data. In this work we present an overview of exFAT’s internals and describe the different structures used by the file system to store files. We also introduce two approaches that allow us to embed messages into the exFAT file system using steganographic techniques. The first approach has a lower embedding rate, but has less specific requirements for the embedding location. The other one, called exHide, uses error correcting to allow for an more robust approach. Both approaches are specified, evaluated and discussed in terms of their strengths and weaknesses.
Read more