Relevant bibliographies by topics / Insider attack / Journal articles
To see the other types of publications on this topic, follow the link: Insider attack.

Journal articles on the topic 'Insider attack'

Author: Grafiati
Published: 4 June 2021
Last updated: 15 June 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Insider attack.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Nasraddin, Jehan Turki, Eynas Hassan Balkhair, and Dr Manar Salamh. "Detection of Malicious Privileged Access Using a RuleBased Approach." International Journal of Engineering Research and Applications 14, no. 10 (2024): 63–72. http://dx.doi.org/10.9790/9622-14106372.

Full text
Abstract:
Privilege insiders are harder to detect by organizations. An organization's systems are subjected to threats that will affect missions, assets, and individuals of the organization. Many organizations affected by threats over a year. This paper modeled the path of actors that aims to publish and share sensitive data of the company such as files to unauthorized users by insider attack by using State Transition Diagram and developed detection of the modeled insider attack paths using the rule-based approach. There are seventy-seven attack steps that can be taken to achieve goals of publishing and sharing sensitive company files which are done by an insider attack. After deep studying of the attacks steps, the designed diagram has layered the attack steps based on analysis and aggregated them to five groups. This paper also uses offline analysis, which use the log file after the attack occurred, publish process is not affected in offline analysis. Rules and pseudocode are explained in detail.
APA, Harvard, Vancouver, ISO, and other styles
2

Al-Shehari, Taher, and Rakan A. Alsowail. "An Insider Data Leakage Detection Using One-Hot Encoding, Synthetic Minority Oversampling and Machine Learning Techniques." Entropy 23, no. 10 (2021): 1258. http://dx.doi.org/10.3390/e23101258.

Full text
Abstract:
Insider threats are malicious acts that can be carried out by an authorized employee within an organization. Insider threats represent a major cybersecurity challenge for private and public organizations, as an insider attack can cause extensive damage to organization assets much more than external attacks. Most existing approaches in the field of insider threat focused on detecting general insider attack scenarios. However, insider attacks can be carried out in different ways, and the most dangerous one is a data leakage attack that can be executed by a malicious insider before his/her leaving an organization. This paper proposes a machine learning-based model for detecting such serious insider threat incidents. The proposed model addresses the possible bias of detection results that can occur due to an inappropriate encoding process by employing the feature scaling and one-hot encoding techniques. Furthermore, the imbalance issue of the utilized dataset is also addressed utilizing the synthetic minority oversampling technique (SMOTE). Well known machine learning algorithms are employed to detect the most accurate classifier that can detect data leakage events executed by malicious insiders during the sensitive period before they leave an organization. We provide a proof of concept for our model by applying it on CMU-CERT Insider Threat Dataset and comparing its performance with the ground truth. The experimental results show that our model detects insider data leakage events with an AUC-ROC value of 0.99, outperforming the existing approaches that are validated on the same dataset. The proposed model provides effective methods to address possible bias and class imbalance issues for the aim of devising an effective insider data leakage detection system.
APA, Harvard, Vancouver, ISO, and other styles
3

Henge, Santosh Kumar, Aditya Upadhyay, Ashok Kumar Saini, Neha Mishra, Dimpal Sharma, and Gajanand Sharma. "Analysis and detection of insider attacks using behaviour rule based architecture in enterprise multitenancy." Journal of Discrete Mathematical Sciences & Cryptography 26, no. 3 (2023): 707–18. http://dx.doi.org/10.47974/jdmsc-1743.

Full text
Abstract:
The enterprise level data security and privacy are one of the focal key challenges to the pr enterprise and security companies to prevent private data from outside and inside attacks. The insider threats and attacks can pretense a real defense risk to the various internal multi-tenants of various enterprises and companies. The data thievery by insiders of the companies is as a great deal the consequence of enterprises failing to execute the scheme and expertise to member of staff supervise activities and administrate the authenticated data-access to data as it the authentic spiteful activities of member of staff looking for economic benefits in multi-tenancy environment. This research composed with three major objectives: Description of insider attack causes with their impact factors; Implications of behavior rule-based architecture in enterprise multitenancy; Integration of behavior rules with prevention thresholds to control user accessibility for prevention of insider attacks and threats; This paper has described the efficient security scenario to avoid insider attaching complexities. This research is more helping the cyber security experts and network administrators to reduce the insider attacks by building the efficient monitoring intelligent system. The experimental scenarios built with125 authenticated, 29 non-authenticated internal users, and 62 authenticated, 18 non-authenticated external users of single enterprise level and avoided insider attacks and threats.
APA, Harvard, Vancouver, ISO, and other styles
4

Glancy, Fletcher, David P. Biros, Nan Liang, and Andy Luse. "Classification of malicious insiders and the association of the forms of attacks." Journal of Criminal Psychology 10, no. 3 (2020): 233–47. http://dx.doi.org/10.1108/jcp-03-2020-0012.

Full text
Abstract:
Purpose The authors argue that the current studies about malicious insiders confuse the fact that malicious attacks belong to two different categories, namely, those that launch instrumental attacks and expressive attacks. The authors collect malicious insider data from publicly available sources and use text-mining techniques to analyze the association between malicious insiders’ characteristics and the different types of attack. Design/methodology/approach The authors investigated the relationship between personality characteristics and different types of malicious attacks. For the personality characteristics, the authors use the same method as Liang et al. (2016), which extracted these characteristics based on a keyword-characteristic dictionary. For different types of malicious attacks, two raters rated each case based on criteria modified from criminology research to determine the degree of expressiveness and instrumentality. Findings The results show that malicious insiders who are manipulative or seeking personal gain tend to carry out instrumental attacks. Malicious insiders who are arrogant tend to conduct expressive attacks. Research limitations/implications This study uses third party articles to identify the personality characteristics of known malicious insiders. As such, not all personality characteristics may have been reported. Data availability was an issue. Practical implications Understanding if different personality characteristics lead different types of attacks can help managers identify employees who exhibit them and mitigate an attack before it occurs. Social implications Malicious insider attacks can have devastating results on businesses and employees. Help to identify potential malicious insiders before they act, may prevent undue harm. Originality/value This study used 132 cases of none malicious insiders to examine their attack objectives. No other study that the authors know of used that many cases.
APA, Harvard, Vancouver, ISO, and other styles
5

Paul, Swagata, Sajal Saha, and Radha Tamal Goswami. "Detection of Unknown Insider Attack on Components of Big Data System: A Smart System Application for Big Data Cluster." International Journal of Computer Network and Information Security 14, no. 5 (2022): 47–59. http://dx.doi.org/10.5815/ijcnis.2022.05.04.

Full text
Abstract:
Big data applications running on a big data cluster, creates a set of process on different nodes and exchange data via regular network protocols. The nodes of the cluster may receive some new type of attack or unpredictable internal attack from those applications submitted by client. As the applications are allowed to run on the cluster, it may acquire multiple node resources so that the whole cluster becomes slow or unavailable to other clients. Detection of these new types of attacks is not possible using traditional methods. The cumulative network traffic of the nodes must be analyzed to detect such attacks. This work presents an efficient testbed for internal attack generation, data set creation, and attack detection in the cluster. This work also finds the nodes under attack. A new insider attack named BUSY YARN Attack has been identified and analyzed in this work. The framework can be used to recognize similar insider attacks of type DOS where target node(s) in the cluster is unpredictable.
APA, Harvard, Vancouver, ISO, and other styles
6

Stiawan, Deris, Mohd Yazid Idris, Reza Firsandaya Malik, Siti Nurmaini, Nizar Alsharif, and Rahmat Budiarto. "Investigating Brute Force Attack Patterns in IoT Network." Journal of Electrical and Computer Engineering 2019 (April 1, 2019): 1–13. http://dx.doi.org/10.1155/2019/4568368.

Full text
Abstract:
Internet of Things (IoT) devices may transfer data to the gateway/application server through File Transfer Protocol (FTP) transaction. Unfortunately, in terms of security, the FTP server at a gateway or data sink very often is improperly set up. At the same time, password matching/theft holding is among the popular attacks as the intruders attack the IoT network. Thus, this paper attempts to provide an insight of this type of attack with the main aim of coming up with attack patterns that may help the IoT system administrator to analyze any similar attacks. This paper investigates brute force attack (BFA) on the FTP server of the IoT network by using a time-sensitive statistical relationship approach and visualizing the attack patterns that identify its configurations. The investigation focuses on attacks launched from the internal network, due to the assumption that the IoT network has already installed a firewall. An insider/internal attack launched from an internal network endangers more the entire IoT security system. The experiments use the IoT network testbed that mimic the internal attack scenario with three major goals: (i) to provide a topological description on how an insider attack occurs; (ii) to achieve attack pattern extraction from raw sniffed data; and (iii) to establish attack pattern identification as a parameter to visualize real-time attacks. Experimental results validate the investigation.
APA, Harvard, Vancouver, ISO, and other styles
7

Hu, Teng, Bangzhou Xin, Xiaolei Liu, Ting Chen, Kangyi Ding, and Xiaosong Zhang. "Tracking the Insider Attacker: A Blockchain Traceability System for Insider Threats." Sensors 20, no. 18 (2020): 5297. http://dx.doi.org/10.3390/s20185297.

Full text
Abstract:
The insider threats have always been one of the most severe challenges to cybersecurity. It can lead to the destruction of the organisation’s internal network system and information leakage, which seriously threaten the confidentiality, integrity and availability of data. To make matters worse, since the attacker has authorized access to the internal network, they can launch the attack from the inside and erase their attack trace, which makes it challenging to track and forensics. A blockchain traceability system for insider threats is proposed in this paper to mitigate the issue. First, this paper constructs an insider threat model of the internal network from a different perspective: insider attack forensics and prevent insider attacker from escaping. Then, we analyze why it is difficult to track attackers and obtain evidence when an insider threat has occurred. After that, the blockchain traceability system is designed in terms of data structure, transaction structure, block structure, consensus algorithm, data storage algorithm, and query algorithm, while using differential privacy to protect user privacy. We deployed this blockchain traceability system and conducted experiments, and the results show that it can achieve the goal of mitigating insider threats.
APA, Harvard, Vancouver, ISO, and other styles
8

Dusane, Palash Sandip. "Logic Bomb: An Insider Attack." International Journal of Advanced Trends in Computer Science and Engineering 9, no. 3 (2020): 3662–65. http://dx.doi.org/10.30534/ijatcse/2020/176932020.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

., Sonika, Sandeep Kumar Arora, and Mahedi Masud. "Review on Security Based Vehicular Ad-Hoc Network." International Journal of Engineering & Technology 7, no. 3.8 (2018): 125. http://dx.doi.org/10.14419/ijet.v7i3.8.16846.

Full text
Abstract:
VANET a vehicular ad-hoc network provides the security to vehicles. To provide security in VANET, we are using Elliptical curve cryptography. In this paper we are going to discuss various techniques of cryptography, the techniques such are Advanced Encryption Standard, Data Encryption Standard, and Triple Data Encryption Standard. These techniques are part of symmetric and asymmetric cryptography. In addition to this there are some attacks which we are discussing in this paper like, masquerade attack, replay attack, insider attack, mutual authentication attack, and parallel session attack. These attacks are on different layer. At the end we are comparing these attacks with each other and compare their quality of services.
APA, Harvard, Vancouver, ISO, and other styles
10

Chowdhury, Morshed, Biplob Ray, Sujan Chowdhury, and Sutharshan Rajasegarar. "A Novel Insider Attack and Machine Learning Based Detection for the Internet of Things." ACM Transactions on Internet of Things 2, no. 4 (2021): 1–23. http://dx.doi.org/10.1145/3466721.

Full text
Abstract:
Due to the widespread functional benefits, such as supporting internet connectivity, having high visibility and enabling easy connectivity between sensors, the Internet of Things (IoT) has become popular and used in many applications, such as for smart city, smart health, smart home, and smart vehicle realizations. These IoT-based systems contribute to both daily life and business, including sensitive and emergency situations. In general, the devices or sensors used in the IoT have very limited computational power, storage capacity, and communication capabilities, but they help to collect a large amount of data as well as maintain communication with the other devices in the network. Since most of the IoT devices have no physical security, and often are open to everyone via radio communication and via the internet, they are highly vulnerable to existing and emerging novel security attacks. Further, the IoT devices are usually integrated with the corporate networks; in this case, the impact of attacks will be much more significant than operating in isolation. Due to the constraints of the IoT devices, and the nature of their operation, existing security mechanisms are less effective for countering the attacks that are specific to the IoT-based systems. This article presents a new insider attack, named loophole attack , that exploits the vulnerabilities present in a widely used IPv6 routing protocol in IoT-based systems, called RPL (Routing over Low Power and Lossy Networks). To protect the IoT system from this insider attack, a machine learning based security mechanism is presented. The proposed attack has been implemented using a Contiki IoT operating system that runs on the Cooja simulator, and the impacts of the attack are analyzed. Evaluation on the collected network traffic data demonstrates that the machine learning based approaches, along with the proposed features, help to accurately detect the insider attack from the network traffic data.
APA, Harvard, Vancouver, ISO, and other styles
11

A G, Rashmi. "Insider Attack Detection in IoT devices using Data Analytics." International Journal for Research in Applied Science and Engineering Technology 9, no. VII (2021): 870–74. http://dx.doi.org/10.22214/ijraset.2021.36520.

Full text
Abstract:
In the recent years, the rate of theft of money being carried to ATM machines is increasing day by day. Each vehicle carrying money should be monitored at all times through communication protocol and the vehicle should have a GPS installed. This location information should be very confidential and accessible only to the authorized officials. Due to the advancement in the technology, there are numerous ways in which the attacks are happening. One such attack is accessing the confidential information (i.e., the GPS location of the vehicle in this case) by unauthorized means from the people within the same network and using it for various purposes. It's become a challenge to overcome these attacks and deposit the amount to ATM machines safely. There are other scenarios viz. carrying the witnesses to the court, shipping important materials like medicines or official documents where the GPS information is being misused. Providing security against insider attacks is the need of the hour. This paper mainly focuses on the development of an end-to-end system which detects the unauthorized access to the confidential information and gives analysis of the time and frequency of attack using data analytics.
APA, Harvard, Vancouver, ISO, and other styles
12

Ansar, Kainat, Mansoor Ahmed, Saif Ur Rehman Malik, Markus Helfert, and Jungsuk Kim. "Blockchain based general data protection regulation compliant data breach detection system." PeerJ Computer Science 10 (March 15, 2024): e1882. http://dx.doi.org/10.7717/peerj-cs.1882.

Full text
Abstract:
Context Data breaches caused by insiders are on the rise, both in terms of frequency and financial impact on organizations. Insider threat originates from within the targeted organization and users with authorized access to an organization’s network, applications, or databases commit insider attacks. Motivation Insider attacks are difficult to detect because an attacker with administrator capabilities can change logs and login records to destroy the evidence of the attack. Moreover, when such a harmful insider attack goes undetected for months, it can do a lot of damage. Such data breaches may significantly impact the affected data owner’s life. Developing a system for rapidly detecting data breaches is still critical and challenging. General Data Protection Regulation (GDPR) has defined the procedures and policies to mitigate the problems of data protection. Therefore, under the GDPR implementation, the data controller must notify the data protection authority when a data breach has occurred. Problem Statement Existing data breach detection mechanisms rely on a reliable third party. Because of the presence of a third party, such systems are not trustworthy, transparent, secure, immutable, and GDPR-compliant. Contributions To overcome these issues, this study proposed a GDPR-compliant data breach detection system by leveraging the benefits of blockchain technology. Smart contracts are written in Solidity and deployed on a local Ethereum test network to implement the solution. The proposed system can generate alert notifications against every data breach. Results We tested and deployed our proposed system, and the findings indicate that it can accomplish the insider threat mitigation objective. Furthermore, the GDPR compliance analysis of our system was also evaluated to make sure that it complies with the GDPR principles (such as right to be forgotten, access control, conditions for consent, and breach notifications). The conducted analysis has confirmed that the proposed system offers capabilities to comply with the GDPR from an application standpoint.
APA, Harvard, Vancouver, ISO, and other styles
13

Lee, SungYup, YoHan Park, and YoungHo Park. "Secure Remote User Authentication Protocol against Privileged-Insider Attack." Journal of Korea Multimedia Society 20, no. 4 (2017): 614–28. http://dx.doi.org/10.9717/kmms.2017.20.4.614.

Full text
APA, Harvard, Vancouver, ISO, and other styles
14

Vitalii Savchenko, Vitalii Savchenko, V. Savchenko, T. Dzyuba, et al. "Time Aspect of Insider Threat Mitigation." Advances in Military Technology 19, no. 1 (2024): 149–64. http://dx.doi.org/10.3849/aimt.01830.

Full text
Abstract:
The article reveals the problem of mitigating an insider threat by creating a time-balanced security system in an organization. Based on Markov chain, the authors propose a basic model of interaction in an “organization – insider” system. The article analytically defines a ratio between the time of an insider attack and the time during which the organization’s security system can neutralize it. The authors propose a concept of a multi-level system of organization protection, which takes into account the involved resources and practical skills of employees, as well as security services. At the end of the article, it is concluded that the proposed concept of the organization’s protection system will be effective against potential insider attacks.
APA, Harvard, Vancouver, ISO, and other styles
15

Priya, P. Mohana, and Abhijit Ranganathan. "Cyber Awareness Learning Imitation Environment (CALIE): A Card Game to provide Cyber Security Awareness for Various Group of Practitioners." International Journal of Advanced Networking and Applications 14, no. 02 (2022): 5334–41. http://dx.doi.org/10.35444/ijana.2022.14203.

Full text
Abstract:
Cyber attacks produced a massive impact for all online users, interrupted intended user’s internet services, financial losses, business interruptions for a large-scale industry. A proper cyber security education is must for the employees of an organization. The management prefers active based learning environment to train all non-IT and non-professionals working in an organization. This research work concentrates on development of gaming platform in both local host and in an online mode as a videogame for cyber security education. With this regard, Cyber Awareness Learning Imitation Environment – a card deck gaming environment is proposed where attackers can choose the attack cards to learn various cyber-attacks, defense cards are used for providing the suitable defense mechanism, Instruction card- to be used for learning about how to generate cyber-attacks and recent incident card used to train the players with recent incidents of various cyber-attacks discussed such as malware attack, phishing attack, password attack, Man-in-the-Middle attack, Structured Query Language injection attack, denial of service attack, insider threats, crypto jacking, zero-day exploit and watering hole attack. Questionnaire based feedback report is collected from the players to analyze their understanding about various cyber-attacks.
APA, Harvard, Vancouver, ISO, and other styles
16

R M, Punith, and Priya D. "DeepMIA: An Integrated and Accelerated approach for Malicious Insider Attack Detection in IOT using Deep Learning." International Journal for Research in Applied Science and Engineering Technology 10, no. 7 (2022): 1585–93. http://dx.doi.org/10.22214/ijraset.2022.45407.

Full text
Abstract:
Abstract: The Internet of Things (IoT) are poised to transform our lives and are becoming increasingly popular in smart homes, smart industrial networks. IoT devices can be used for a variety of purposes, including healthcare. Always, IoT device security is an issue because they are in charge of creating and handling large amounts of sensitive data. A security breach has been found to have an influence on people and eventually, the entire planet. Artificial intelligence (AI) has a greater range of applications and is currently being investigated for use in IoT device security. A malicious insider attack is the most serious security concern associated with IoT devices. Although much IoT security research has focused on ways to prevent unauthorized and unlawful access to systems and information, the most severe malicious insider attacks, which are often the result of internal attack within an IoT network or environment, have gone unnoticed. Here we have proposed a model called ‘DeepMIA’, which uses Deep Learning to detect dangerous insider attacks in the IoT context. This in resource-constrained IoT contexts, the research proposes a lightweight technique for detecting insider assaults that can detect abnormalities arising from sensors data or device data that are connected in a IoT Environment. The DeepMIA model is evaluated with UNSW-NB15 Dataset and achieves a decent accuracy of 99% with deep learning models
APA, Harvard, Vancouver, ISO, and other styles
17

Li, Xiong, Jianwei Niu, Muhammad Khurram Khan, and Zhibo Wang. "Applying LU Decomposition of Matrices to Design Anonymity Bilateral Remote User Authentication Scheme." Mathematical Problems in Engineering 2013 (2013): 1–10. http://dx.doi.org/10.1155/2013/910409.

Full text
Abstract:
We apply LU decomposition of matrices to present an anonymous bilateral authentication scheme. This paper aims at improving security and providing more excellent performances for remote user authentication scheme. The proposed scheme can provide bilateral authentication and session key agreement, can quickly check the validity of the input password, and can really protect the user anonymity. The security of the proposed scheme is based on the discrete logarithm problem (DLP), Diffie-Hellman problem (DHP), and the one-way hash function. It can resist various attacks such as insider attack, impersonation attack, server spoofing attack, and stolen smart card attack. Moreover, the presented scheme is computationally efficient for real-life implementation.
APA, Harvard, Vancouver, ISO, and other styles
18

Agrafiotis, Ioannis, Jason RC Nurse, Oliver Buckley, Phil Legg, Sadie Creese, and Michael Goldsmith. "Identifying attack patterns for insider threat detection." Computer Fraud & Security 2015, no. 7 (2015): 9–17. http://dx.doi.org/10.1016/s1361-3723(15)30066-x.

Full text
APA, Harvard, Vancouver, ISO, and other styles
19

Dib, Marc, and Samuel Pierre. "Insider Attack Model Against HSM-Based Architecture." IEEE Access 11 (2023): 86848–58. http://dx.doi.org/10.1109/access.2023.3304994.

Full text
APA, Harvard, Vancouver, ISO, and other styles
20

Noor Afiza Mohd Ariffin and Vanitha Paliah. "An Improved Secure Authentication in Lightweight IoT." Journal of Advanced Research in Applied Sciences and Engineering Technology 31, no. 3 (2023): 191–207. http://dx.doi.org/10.37934/araset.31.3.191207.

Full text
Abstract:
Internet of Things (IoT) has been widely accepted by users and with rapid development of cloud computing, users are able to access the IoT services in various environment, including smart home, healthcare and smart factory. However, users are insecure as their data is being transmitted via open communication channel. The previous research protocol does not resist insider attack which leads to insecure scheme. In this proposal, we propose an enhanced security measurement to resist insider attack. The proposed scheme expected to achieve security requirements and resist insider attack. The proposed scheme will be validated using the automated validation of internet security protocols and applications (AVISPA) simulation tool and we will compare the performance and security features of the existing scheme and the proposed scheme.
APA, Harvard, Vancouver, ISO, and other styles
21

Qu, Juan, and Li-min Zou. "An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme." Journal of Electrical and Computer Engineering 2013 (2013): 1–5. http://dx.doi.org/10.1155/2013/786587.

Full text
Abstract:
In recent years, several dynamic ID-based remote user authentication schemes have been proposed. In 2012, Wen and Li proposed a dynamic ID-based remote user authentication with key agreement scheme. They claimed that their scheme can resist impersonation attack and insider attack and provide anonymity for the users. However, we will show that Wen and Li's scheme cannot withstand insider attack and forward secrecy, does not provide anonymity for the users, and inefficiency for error password login. In this paper, we propose a novel ECC-based remote user authentication scheme which is immune to various known types of attack and is more secure and practical for mobile clients.
APA, Harvard, Vancouver, ISO, and other styles
22

Egreira Ali Abuhamra, Eng Abdalgader. "Concept of Network security." International Journal of Advances in Engineering and Management 7, no. 3 (2025): 384–90. https://doi.org/10.35629/5252-0703384390.

Full text
Abstract:
Network security incorporates various technologies, processes, and devices into a broad strategy that protects the integrity, confidentiality, and accessibility of computer networks. Organizations of all sizes, industries, or infrastructure types require network security to protect against an ever-evolving cyber threat landscape.The security is a most important part of every network design. Planning, building, and operating a network, it should understand the importance of a strong security rule. Network Security is a security rule that defines what people can and can't do with network components and resources. The fundamental purpose of a network security is to protect against attacks from the Internet. There are many different ways of attacking a network such as: Hacker attacks whereby a remote Internet user attempts to gain access to a network, usually with the intention to destroy or copy data. The major attacks to network security are passive attack, active attack, distributed attack, insider attack; close in attack, Phishing Attack, Hijack attack, Password attack etc. However a system must be able to limit damage and recover rapidly when attacks occur. So there are various solutions when any of above attacks occurs. Some of the common solutions of these attacks are firewalls, user account access controls and cryptography. The first major challenge for network security is the rapid evolution of the cyber threat landscape. Technologies evolve quickly, and attackers find new ways to infiltrate and exploit corporate networks, requiring businesses to implement new defenses to protect their networks.
APA, Harvard, Vancouver, ISO, and other styles
23

Deep, Gaurav, Rajni Mohana, Anand Nayyar, P. Sanjeevikumar, and Eklas Hossain. "Authentication Protocol for Cloud Databases Using Blockchain Mechanism." Sensors 19, no. 20 (2019): 4444. http://dx.doi.org/10.3390/s19204444.

Full text
Abstract:
Cloud computing has made the software development process fast and flexible but on the other hand it has contributed to increasing security attacks. Employees who manage the data in cloud companies may face insider attack, affecting their reputation. They have the advantage of accessing the user data by interacting with the authentication mechanism. The primary aim of this research paper is to provide a novel secure authentication mechanism by using Blockchain technology for cloud databases. Blockchain makes it difficult to change user login credentials details in the user authentication process by an insider. The insider is not able to access the user authentication data due to the distributed ledger-based authentication scheme. Activity of insider can be traced and cannot be changed. Both insider and outsider user’s are authenticated using individual IDs and signatures. Furthermore, the user access control on the cloud database is also authenticated. The algorithm and theorem of the proposed mechanism have been given to demonstrate the applicability and correctness.The proposed mechanism is tested on the Scyther formal system tool against denial of service, impersonation, offline guessing, and no replay attacks. Scyther results show that the proposed methodology is secure cum robust.
APA, Harvard, Vancouver, ISO, and other styles
24

Lallie, Harjinder Singh, Andrew Thompson, Elzbieta Titis, and Paul Stephens. "Analysing Cyber Attacks and Cyber Security Vulnerabilities in the University Sector." Computers 14, no. 2 (2025): 49. https://doi.org/10.3390/computers14020049.

Full text
Abstract:
Universities hold and process vast amounts of financial, user, and research data, which makes them prime targets for cybercriminals. In addition to the usual external threat actors, universities face a unique insider threat from students, who—alongside staff—may lack adequate cyber security training despite having access to various sensitive systems. This paper provides a focused assessment of the current cyber security threats facing UK universities, based on a comprehensive review of available information. A chronological timeline of notable cyber attacks against universities is produced, with incidents classified according to the CIA triad (Confidentiality, Integrity, Availability) and incident type. Several issues have been identified. Limited disclosure of attack details is a major concern, as full information is often withheld for security reasons, hindering institutions’ abilities to assess vulnerabilities thoroughly and respond effectively. Additionally, universities increasingly rely on third-party service providers for critical services, meaning that an attack on these external providers can directly impact university operations and data security. While SQL injection attacks, previously a significant issue, appear to have declined in frequency—perhaps reflecting improvements in defences—other threats continue to persist. Universities report lower levels of concern regarding DDoS attacks, potentially due to enhanced resilience and mitigation strategies; however, ransomware and phishing attacks remain prevalent. Insider threats, especially from students with varied IT skills, exacerbate these risks, as insiders may unknowingly or maliciously facilitate cyber attacks, posing ongoing challenges for university IT teams. This study recommends that universities leverage these insights, along with other available data, to refine their cyber security strategies. Developing targeted policies, strengthening training, and implementing international standards will allow universities to enhance their security posture and mitigate the complex and evolving threats they face.
APA, Harvard, Vancouver, ISO, and other styles
25

Yang, Chun-Wei, Jason Lin, Chia-Wei Tsai, and Ching-Lin Cheng. "Cryptanalysis of a Semi-Quantum Bi-Signature Scheme Based on W States." Entropy 24, no. 10 (2022): 1408. http://dx.doi.org/10.3390/e24101408.

Full text
Abstract:
Recently, Zhao et al. proposed a semi-quantum bi-signature (SQBS) scheme based on W states with two quantum signers and just one classical verifier. In this study, we highlight three security issues with Zhao et al.’s SQBS scheme. In Zhao et al.’s SQBS protocol, an insider attacker can perform an impersonation attack in the verification phase and an impersonation attack in the signature phase to capture the private key. In addition, an eavesdropper can perform a man-in-the-middle attack to obtain all of the signer’s secret information. All of the above three attacks can pass the eavesdropping check. Without considering these security issues, the SQBS protocol could fail to ensure the signer’s secret information.
APA, Harvard, Vancouver, ISO, and other styles
26

Md., Hasan Furhad, K. Chakrabortty Ripon, J. Ryan Michael, Uddin Jia, and H. Sarker Iqbal. "A hybrid framework for detecting structured query language injection attacks in web-based applications." International Journal of Electrical and Computer Engineering (IJECE) 12, no. 5 (2022): 5405–14. https://doi.org/10.11591/ijece.v12i5.pp5405-5414.

Full text
Abstract:
Almost every web-based application is managed and operated through a number of websites, each of which is vulnerable to cyber-attacks that are mounted across the same networks used by the applications, with much less risk to the attacker than physical attacks. Such web-based attacks make use of a range of modern techniques-such as structured query language injection (SQLi), cross-site scripting, and data tampering-to achieve their aims. Among them, SQLi is the most popular and vulnerable attack, which can be performed in one of two ways; either by an outsider of an organization (known as the outside attacker) or by an insider with a good knowledge of the system with proper administrative rights (known as the inside attacker). An inside attacker, in contrast to an outsider, can take down the system easily and pose a significant challenge to any organization, and therefore needs to be identified in advance to mitigate the possible consequences. Blockchain-based technique is an efficient approach to detect and mitigate SQLi attacks and is widely used these days. Thus, in this study, a hybrid method is proposed that combines a SQL query matching technique (SQLMT) and a standard blockchain framework to detect SQLi attacks created by insiders. The results obtained by the proposed hybrid method through computational experiments are further validated using standard web validation tools.
APA, Harvard, Vancouver, ISO, and other styles
27

Das, Manik Lal, and Riddhi Solani. "iCOPS: insider attack detection in distributed file systems." International Journal of Social Computing and Cyber-Physical Systems 2, no. 3 (2021): 244. http://dx.doi.org/10.1504/ijsccps.2021.10041256.

Full text
APA, Harvard, Vancouver, ISO, and other styles
28

Solani, Riddhi, and Manik Lal Das. "iCOPS: insider attack detection in distributed file systems." International Journal of Social Computing and Cyber-Physical Systems 2, no. 3 (2021): 244. http://dx.doi.org/10.1504/ijsccps.2021.117972.

Full text
APA, Harvard, Vancouver, ISO, and other styles
29

Mokhor, Volodymyr, Hryhorii Kravtsov, and Ihor Kotsiuba. "Assessment of insider attack with learning statistics methods." Collection "Information technology and security" 3, no. 2 (2015): 88–95. http://dx.doi.org/10.20535/2411-1031.2015.3.2.60881.

Full text
APA, Harvard, Vancouver, ISO, and other styles
30

Wang, Feifei, Guoai Xu, Chenyu Wang, and Junhao Peng. "A Provably Secure Biometrics-Based Authentication Scheme for Multiserver Environment." Security and Communication Networks 2019 (June 25, 2019): 1–15. http://dx.doi.org/10.1155/2019/2838615.

Full text
Abstract:
With the rapid development of mobile services, multiserver authentication protocol with its high efficiency has emerged as an indispensable security mechanism for mobile services. Recently, Ali et al. introduced a biometric-based multiserver authentication scheme and claimed the scheme is resistant to various attacks. However, after a careful examination, we find that Ali et al.’s scheme is vulnerable to various security attacks, such as user impersonation attack, server impersonation attack, privileged insider attack, denial of service attack, fails to provide forward secrecy and three-factor secrecy. To overcome these weaknesses, we propose an improved biometric-based multiserver authentication scheme using elliptic curve cryptosystem. Formal security analysis under the random oracle model proves that our scheme is provably secure. Furthermore, BAN (Burrows-Abadi-Needham) logic analysis demonstrates our scheme achieves mutual authentication and session key agreement. In addition, the informal analysis proves that our scheme is secure against all current known attacks and achieves desirable features. Besides, the performance and security comparison shows that our scheme is superior to related schemes.
APA, Harvard, Vancouver, ISO, and other styles
31

Oberoi, Priya, Sumit Mittal, and Rajneesh Kumar Gujral. "ADRCN: A Framework to Detect and Mitigate Malicious Insider Attacks in Cloud-Based Environment on IaaS." International Journal of Mathematical, Engineering and Management Sciences 4, no. 3 (2019): 654–70. http://dx.doi.org/10.33889//ijmems.2019.4.3-052.

Full text
Abstract:
Security is a critical factor for any of the computing platforms. Cloud computing is a new computing environment but still, its basic technology is the Internet. Thus, Cloud computing environment not only has the threats of its own but it is also prone to security issues of its underlying technology i.e. Internet. In this paper, the authors are proposing a secure routing framework viz. Authenticated Dynamic Routing in Cloud Networks (ADRCN) to mitigate the malicious insider attacks while maintaining the path integrity in the Clouds. Symmetric cryptography with hashing is used to maintain the integrity of the path between the source and destination. The purpose of ADRCN is to maintain the integrity of the path between the client and data center. If malicious insider tries to perform an attack between the client and the data center then it will be detected. This work aims to give a solution for detection and prevention of malicious insider attacks in Cloud-based environments.
APA, Harvard, Vancouver, ISO, and other styles
32

An, Younghwa. "Security Analysis and Enhancements of an Effective Biometric-Based Remote User Authentication Scheme Using Smart Cards." Journal of Biomedicine and Biotechnology 2012 (2012): 1–6. http://dx.doi.org/10.1155/2012/519723.

Full text
Abstract:
Recently, many biometrics-based user authentication schemes using smart cards have been proposed to improve the security weaknesses in user authentication system. In 2011, Das proposed an efficient biometric-based remote user authentication scheme using smart cards that can provide strong authentication and mutual authentication. In this paper, we analyze the security of Das’s authentication scheme, and we have shown that Das’s authentication scheme is still insecure against the various attacks. Also, we proposed the enhanced scheme to remove these security problems of Das’s authentication scheme, even if the secret information stored in the smart card is revealed to an attacker. As a result of security analysis, we can see that the enhanced scheme is secure against the user impersonation attack, the server masquerading attack, the password guessing attack, and the insider attack and provides mutual authentication between the user and the server.
APA, Harvard, Vancouver, ISO, and other styles
33

Marepalli, Radha, and Rao C.V.Guru. "PERUSAL OF INTRUSION DETECTION AND PREVENTION SYSTEM ON A MANET WITH BLACK HOLE ATTACK:ISSUES AND CHALLENGES." International Journal of Security, Privacy and Trust Management ( IJSPTM ) 7, no. 2 (2020): 1–8. https://doi.org/10.5281/zenodo.3980700.

Full text
Abstract:
MANET is a self configuring network of nodes which is a wireless . The nodes in this network move randomly .Mobility of nodes is more. The nodes are dynamic and infrastructure less ,self maintainable. In MANET there are many types of security attacks like Blackhole, greyhole attack, wormhole, jellyfish etc. When the MANET is under blackhole attack there is a loss of energy which is high at the node resulting in loss of battery backup and also excess of bandwidth may be consumed by the attacker. The attacker is an insider. Among various mobility models to generate mobility patterns the Random waypoint mobility model is used .To solve these issues an IDPS framework for MANET using image processing techniques under blackhole attack is proposed to detect the blackhole attack RREP by providing security services like authentication and confidentiality.
APA, Harvard, Vancouver, ISO, and other styles
34

Deep, Gaurav, Jagpreet Sidhu, and Rajni Mohana. "Access Management of User and Cyber-Physical Device in DBaaS according to Indian IT Laws using Blockchain." Scalable Computing: Practice and Experience 21, no. 3 (2020): 407–24. http://dx.doi.org/10.12694/scpe.v21i3.1737.

Full text
Abstract:
Computing on the cloud has changed the working of mankind in every manner, from storing to fetching every information on the cloud. To protect data on the cloud various access procedures and policies are used such as authentication and authorization. Authentication means the intended user is access data on the cloud and authorization means the user is accessing only that data for which he is allowed. The intended user now also includes Cyber-Physical Devices. Cyber-Physical Devices share data between them, fetch data from cloud. Cloud data is managed by employees of cloud Companies. Persons sitting on the cloud managing companies data is always doubtful as so many insider attacks have happened in the past affecting the company Image in the market. Data Related to Cyber-Physical Space may come under Insider attack. Companies managing user data are also liable to protect user data from any type of attack under various sections of the Indian IT act. Work in this paper has proposed blockchain as a possible solution to track the activities of employees managing cloud. Employee authentication and authorization are managed through the blockchain server. User authentication related data is stored in blockchain. Authorization rules are written in any Role/Attribute-based access language. These authorization rules stores the data related to user requests allowed access to data in blockchain. Proposed work will help cloud companies to have better control over their employee’s activities, thus help in preventing insider attack on User and Cyber-Physical Devices.
APA, Harvard, Vancouver, ISO, and other styles
35

Lu, Yang, and Jiguo Li. "Efficient Certificate-Based Signcryption Secure against Public Key Replacement Attacks and Insider Attacks." Scientific World Journal 2014 (2014): 1–12. http://dx.doi.org/10.1155/2014/295419.

Full text
Abstract:
Signcryption is a useful cryptographic primitive that achieves confidentiality and authentication in an efficient manner. As an extension of signcryption in certificate-based cryptography, certificate-based signcryption preserves the merits of certificate-based cryptography and signcryption simultaneously. In this paper, we present an improved security model of certificate-based signcryption that covers both public key replacement attack and insider security. We show that an existing certificate-based signcryption scheme is insecure in our model. We also propose a new certificate-based signcryption scheme that achieves security against both public key replacement attacks and insider attacks. We prove in the random oracle model that the proposed scheme is chosen-ciphertext secure and existentially unforgeable. Performance analysis shows that the proposed scheme outperforms all the previous certificate-based signcryption schemes in the literature.
APA, Harvard, Vancouver, ISO, and other styles
36

Gunasekhar, T., K. Thirupathi Rao, V. Krishna Reddy, P. Sai Kiran, and B. Thirumala Rao. "Mitigation of Insider Attacks through Multi-Cloud." International Journal of Electrical and Computer Engineering (IJECE) 5, no. 1 (2015): 136. http://dx.doi.org/10.11591/ijece.v5i1.pp136-141.

Full text
Abstract:
The malicious insider can be an employees, user and/or third party business partner. In cloud environment, clients may store sensitive data about their organization in cloud data centers. The cloud service provider should ensure integrity, security, access control and confidentiality about the stored data at cloud data centers. The malicious insiders can perform stealing on sensitive data at cloud storage and at organizations. Most of the organizations ignoring the insider attack because it is harder to detect and mitigate. This is a major emerging problem at the cloud data centers as well as in organizations. In this paper, we proposed a method that ensures security, integrity, access control and confidentiality on sensitive data of cloud clients by employing multi cloud service providers. The organization should encrypt the sensitive data with their security policy and procedures and store the encrypted data in trusted cloud. The keys which are used during encryption process are again encrypted and stored in another cloud area. So that organization contains only keys for keys of encrypted data. The Administrator of organization also does not know what data kept in cloud area and if he accesses the data, easily caught during the auditing. Hence, the only authorized used can access the data and use it and we can mitigate insider attacks by providing restricted privileges.
APA, Harvard, Vancouver, ISO, and other styles
37

Saranjame, Rahul, and Manik Lal Das. "Securing Digital Image from Malicious Insider Attacks." International Journal of Computer Vision and Image Processing 8, no. 2 (2018): 49–58. http://dx.doi.org/10.4018/ijcvip.2018040103.

Full text
Abstract:
Protection of digital images from malicious (and dishonest) insider entities is an important concern in modern digital space. A malicious entity can alter some important features of an image to mislead the target recipient of the image, which can cause harm in applications such as healthcare, insurance, product description and so on. In order to protect digital images, cryptographic primitives such as pseudo-random function and digital signature have been used in practice for image protection. In this article, the authors present a method of image protection from malicious image manipulation. The authors use the concept of secret sharing and public key primitives in the proposed method. This article discusses on attacks involving generation of fake shares to cheat honest user(s) and a demonstration of the proposed system employing a centralized server to generate shares and authenticate them on the basis of requests is made as a counter to the described attack.
APA, Harvard, Vancouver, ISO, and other styles
38

Furhad, Md Hasan, Ripon K. Chakrabortty, Michael J. Ryan, Jia Uddin, and Iqbal H. Sarker. "A hybrid framework for detecting structured query language injection attacks in web-based applications." International Journal of Electrical and Computer Engineering (IJECE) 12, no. 5 (2022): 5405. http://dx.doi.org/10.11591/ijece.v12i5.pp5405-5414.

Full text
Abstract:
<p><span>Almost every web-based application is managed and operated through a number of websites, each of which is vulnerable to cyber-attacks that are mounted across the same networks used by the applications, with much less risk to the attacker than physical attacks. Such web-based attacks make use of a range of modern techniques-such as structured query language injection (SQLi), cross-site scripting, and data tampering-to achieve their aims. Among them, SQLi is the most popular and vulnerable attack, which can be performed in one of two ways; either by an outsider of an organization (known as the outside attacker) or by an insider with a good knowledge of the system with proper administrative rights (known as the inside attacker). An inside attacker, in contrast to an outsider, can take down the system easily and pose a significant challenge to any organization, and therefore needs to be identified in advance to mitigate the possible consequences. Blockchain-based technique is an efficient approach to detect and mitigate SQLi attacks and is widely used these days. Thus, in this study, a hybrid method is proposed that combines a SQL query matching technique (SQLMT) and a standard blockchain framework to detect SQLi attacks created by insiders. The results obtained by the proposed hybrid method through computational experiments are further validated using standard web validation tools.</span></p>
APA, Harvard, Vancouver, ISO, and other styles
39

Claycomb, William, and Dongwan Shin. "A User Controlled Approach for Securing Sensitive Information in Directory Services." JUCS - Journal of Universal Computer Science 15, no. (15) (2009): 2999–3018. https://doi.org/10.3217/jucs-015-15-2999.

Full text
Abstract:
Enterprise directory services are commonly used in enterprise systems to store object information relating to employees, computers, contacts, etc. These stores can act as information providers or sources for authentication and access control decisions, and could potentially contain sensitive information. An insider attack, particularly if carried out using administrative privileges, could compromise large amounts of directory information. We present two solutions for protecting directory services information from insider attacks. The first is a centralized approach utilizing a customized virtual directory server. The second is a distributed approach using existing key management infrastructure and a new component called a Personal Virtual Directory Service. We explain how these solutions interact with existing directory services and client applications. We also show how impact to existing users, client applications, and directory services are minimized, and how we prevent insider attacks from revealing protected data. We compare and contrast both solutions, including potential tradeoffs, administrative overhead, and enterprise systems impact. Additionally, our solution is supported by implementation results showing the impact to client performance and directory storage capacity.
APA, Harvard, Vancouver, ISO, and other styles
40

Nam, Junghyun, Kim-Kwang Raymond Choo, Junghwan Kim, et al. "Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model." Scientific World Journal 2014 (2014): 1–11. http://dx.doi.org/10.1155/2014/825072.

Full text
Abstract:
Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.
APA, Harvard, Vancouver, ISO, and other styles
41

Lee, Yung Cheng, and Pei Ju Lee. "Cryptanalysis of Ahirwal-Sonwanshi ID-Based Remote User Authentication Scheme." Applied Mechanics and Materials 764-765 (May 2015): 858–62. http://dx.doi.org/10.4028/www.scientific.net/amm.764-765.858.

Full text
Abstract:
Due to the rapid growth of computer and communication technologies, people obtain variety of online services quickly. However, all networks are vulnerable to lots of security threats and attacks. The remote authentication scheme provides an efficient method to validate the remote users and servers. Ahirwal and Sonwanshi proposed a remote user authentication scheme with smart card in 2012. They indicated that Song’s smart card based password authentication protocol cannot resist the offline password guessing attack, insider attack, forward secrecy and denial of service attack. They proposed an ID-based authentication scheme to fix security flaws. The scheme uses one-way hash function and bitwise XOR operation such that the computation complexity is very low. However, in this article, we will show that their scheme cannot withstand the offline password guessing attack as they declared. An adversary can use the intercepted messages of two login sessions to obtain the password.
APA, Harvard, Vancouver, ISO, and other styles
42

Boobalan, P. "Real-time Insider Attack Detection using Graph-Based Anomaly Detection and Concept Drift Handling." International Journal for Research in Applied Science and Engineering Technology 13, no. 4 (2025): 6221–27. https://doi.org/10.22214/ijraset.2025.69840.

Full text
Abstract:
This project presents a deep learning-based real-time framework for detecting insider threats using a hybrid model that integrates sequence modeling and relational learning. The system analyzes user activity data dynamically and predicts potential insider threats without human intervention. Leveraging Long Short-Term Memory (LSTM) networks for user behavior sequence analysis and Graph Neural Networks (GNNs) for peer-context enrichment, the framework accurately identifies anomalies at the activity level. Each user action is encoded, evaluated against similar activities in the organization, and classified based on anomaly scores. Using the CERT insider threat dataset, the system is evaluated with precision, recall, and F1-score metrics. A visualization dashboard supports real-time monitoring and alerting for security analysts. This project enhances the ability to proactively detect and respond to insider threats across various organizational environments
APA, Harvard, Vancouver, ISO, and other styles
43

JungSook Kim. "Design and Implementation of the Insider Attack Detection System." Journal of Convergence Information Technology 6, no. 12 (2011): 220–28. http://dx.doi.org/10.4156/jcit.vol6.issue12.28.

Full text
APA, Harvard, Vancouver, ISO, and other styles
44

S, Kalaivani, Haripriya S, Mallesan C, and Jayanthi A. "Adaptive KPSD Model for Insider Attack Detection in VANET." International Journal of Engineering Trends and Technology 9, no. 3 (2014): 146–50. http://dx.doi.org/10.14445/22315381/ijett-v9p229.

Full text
APA, Harvard, Vancouver, ISO, and other styles
45

Rajamanickam, Siranjeevi, Satyanarayana Vollala, and N. Ramasubramanian. "Insider Attack Prevention: LAPUP—Lightweight Authentication Protocol Using PUF." Journal of Communications and Information Networks 9, no. 2 (2024): 192–206. http://dx.doi.org/10.23919/jcin.2024.10582825.

Full text
APA, Harvard, Vancouver, ISO, and other styles
46

Khan, Ahmed Yar, Rabia Latif, Seemab Latif, Shahzaib Tahir, Gohar Batool, and Tanzila Saba. "Malicious Insider Attack Detection in IoTs Using Data Analytics." IEEE Access 8 (2020): 11743–53. http://dx.doi.org/10.1109/access.2019.2959047.

Full text
APA, Harvard, Vancouver, ISO, and other styles
47

Li, Hongtu, Liang Hu, Wei Yuan, Hongwei Li, and Jianfeng Chu. "Insider Attack on A Password-Based Group Key Agreement." Procedia Engineering 15 (2011): 1700–1704. http://dx.doi.org/10.1016/j.proeng.2011.08.317.

Full text
APA, Harvard, Vancouver, ISO, and other styles
48

Shunmuganathan, Saraswathi, Renuka Devi Saravanan, and Yogesh Palanichamy. "Securing VPN from insider and outsider bandwidth flooding attack." Microprocessors and Microsystems 79 (November 2020): 103279. http://dx.doi.org/10.1016/j.micpro.2020.103279.

Full text
APA, Harvard, Vancouver, ISO, and other styles
49

Cho, Youngho, and Gang Qu. "A Hybrid Trust Model against Insider Packet Drop Attacks in Wireless Sensor Networks." Sensors 23, no. 9 (2023): 4407. http://dx.doi.org/10.3390/s23094407.

Full text
Abstract:
Quick and accurate detection of inside packet drop attackers is of critical importance to reduce the damage they can have on the network. Trust mechanisms have been widely used in wireless sensor networks for this purpose. However, existing trust models are not effective because they cannot distinguish between packet drops caused by an attack and those caused by normal network failure. We observe that insider packet drop attacks will cause more consecutive packet drops than a network abnormality. Therefore, we propose the use of consecutive packet drops to speed up the detection of inside packet drop attackers. In this article, we describe a new trust model based on consecutive drops and develop a hybrid trust mechanism to seamlessly integrate the new trust model with existing trust models. We perform extensive OPNET (Optimized Network Engineering Tool) simulations using a geographic greedy routing protocol to validate the effectiveness of our new model. The simulation results show that our hybrid trust model outperforms existing trust models for all types of inside packet drop attacks, not only in terms of detection speed and accuracy as it is designed for, but also in terms of other important network performance metrics, such as packet delivery rate, routing reliability, and energy efficiency.
APA, Harvard, Vancouver, ISO, and other styles
50

Buinevich, Mikhail, and Grigory Moiseenko. "Combining of Heterogeneous Destructive Impact on the Information System and Countering Attacks (on Example by Insider Activity and DDoS-Attack)." Telecom IT 11, no. 3 (2023): 27–36. http://dx.doi.org/10.31854/2307-1303-2023-11-3-27-36.

Full text
Abstract:
Problem statement. By now, information security specialists have developed a sufficiently broad pool of mechanisms and means of countering cyberattacks for virtually all classes of destructive effects on information systems. Therefore, in order to break the relative parity "attack vs defense", attackers intensify their onslaught on information security systems by combining heterogeneous destructive influences, thus hampering the ability to counteract them. Despite a significant number of publications devoted to such information confrontation, there are no scientific studies devoted to analyzing this relatively new phenomenon in terms of identifying the limits of combinations, as well as the ability to counteract possible combinations in the public domain. The aim of the work is to study the phenomenon of combining heterogeneous destructive influences on the information system and counteracting such attacks. Methods used. The possibility of combining qualitatively heterogeneous attacks on the information system of the organization is studied. In order to classify and distinguish such attacks, categorical division apparatus is applied using the following pairs: Human vs Automaton, Inside vs Outside, Single vs Multiple. Result. The application of categorical division allowed to distinguish 8 classes of attacks from the position of their realization mechanism; the interpretation of each of the classes is given and an example is given. Novelty. The combination of two seemingly unrelated destructive influences – insider activity and DDoS-attack – is considered for the first time; their generalized scheme, stages of their implementation, as well as the complexity of counteraction to them are given.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Insider attack' for other source types:
Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography