2. Conference Papers

Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/1/7

Browse

Filters

2008 - 200952010 - 201312

Settings

Author: search.filters.author.Pais, A.R.Has files: Yes

Search Results

Now showing 1 - 10 of 17
  • Thumbnail Image
    Item
    Model based hybrid approach to prevent SQL injection attacks in PHP
    (2011) Sadalkar, K.; Mohandas, R.; Pais, A.R.
    SQL Injection vulnerability is ranked 1st in the OWASP top 10 vulnerability list and has resulted in massive attacks on a number of websites in the past few years. Inspite of preventive measures like educating developers about safe coding practices, statistics shows that these vulnerabilities are still dominating the top. Various static and dynamic approaches have been proposed to mitigate this vulnerability. In this paper, we present a hybrid approach to prevent SQL injection attacks in PHP, a popular server side scripting language. This technique is more effective to prevent SQL injection attack in a dynamic web content environment without use of complex string analyzer logic. Initially, we construct a Query model for each hotspot by running the application in safe mode. In the production environment, dynamically generated queries are validated with it. The results and analysis shows the proposed approach is simple and effective to prevent common SQL injection vulnerabilities. � 2011 Springer-Verlag.
  • Thumbnail Image
    Item
    Protection against denial of service and input manipulation vulnerabilities in service oriented architecture
    (2011) Pais, A.R.; Deepak, D.J.; Chandavarkar, B.R.
    Organizations are increasingly adopting Service Oriented Architecture (SOA) to build their distributed applications. SOA is a computing paradigm, emphasizing dynamic service discovery composition and interoperability. Web services are a technology that can be used to implement SOA and are increasingly becoming the SOA implementation of choice. Because a Web service relies on some of the same underlying HTTP and Web-based architecture as common Web applications, it is susceptible to similar threats and vulnerabilities. There are many vulnerabilities in web services such as SQL injection, Denial of Service, etc. that cannot be detected by web service standards and conventional firewalls. In this paper, we present a detailed design of XML firewall that can be used to prevent different vulnerabilities by validating the input xml documents before being processed by the web services. Also the XML firewall does the function of authentication, authorization and session management. We designed a modular architecture for XML firewall where each module checks for a particular vulnerability. We have also developed methods to detect and prevent SQL injection and Denial of Service vulnerabilities. � 2011 Springer-Verlag.
  • Thumbnail Image
    Item
    Location estimation of mobile in GSM and CDMA networks
    (2012) Tataram, A.; Pais, A.R.
    In this Paper, we present the design and implementation of location estimation tool that provides the location of mobile for a known mobile number. During emergency, persons who are in deep trouble should be located concisely and accurately due to the critical importance. With any tracing mechanism of least delay, culprits could be caught by authorities. In such kind of scenarios, our location estimation tool detects the location of the person carrying the mobile. This tool works at either Base Station Controller (BSC) or Mobile Switching Centre (MSC) at mobile network side. Location estimation tool works based on neighbor BTS and serving cells signal strength information. At MSC, Signal strength values are to be collected from signal dump file of mobile number. Tool gives the location of a mobile as latitude, longitude values on Google maps in different cases. � 2012 Springer-Verlag.
  • Thumbnail Image
    Item
    IFrandbox - Client side protection from malicious injected iframes
    (2011) Nadkarni, T.S.; Mohandas, R.; Pais, A.R.
    Drive-by downloads are currently one of the most popular methods of malware distribution. Widely visited legitimate websites are infused with invisible or barely visible Iframes pointing to malicious URLs, causing silent download malware on users system. In this paper, we present a client side solution for protection from such malevolent hidden Iframes. We have implemented our solution as an extension to Mozilla Firefox browser. The extension will check every Iframe loaded in the browser for properties emblematic of malicious Iframes such as hidden visibility styles and 0-pixel dimensions. These Iframes are then blocked by using browser content policy mechanism, hence alleviating the possibility of the malicious download taking place. � 2011 Springer-Verlag.
  • Thumbnail Image
    Item
    Generation of super-resolution video from low resolution video sequences: A novel approach
    (2008) Madhusudhan, T.; Pais, A.R.
    The term "super-resolution" refers to the process of obtaining higher-resolution images from several lower-resolution ones, i.e. resolution enhancement. The quality improvement is caused by sub-pixel shifted from each other between images. Each low resolution image contains new information about the scene and super-resolution aims at combining these to give a higher resolution image. Super-resolution allows us in overcoming the limitations of the imaging system (resolving limit of the sensors) without the need for additional hardware. This paper deals with high resolution video reconstruction from low resolution video. An algorithm for enhancing the resolution of video through histogram based segmentation and frequency domain registration is proposed. Segmentation of the video is done using Histogram method and frequency domain approach is used for registration of images. Bi-cubic interpolation is applied to this video to generate the super-resolution (SR) video. Based on the requirements additional brightness and temporal resolution can be added to the SR video. It is tested on indoor/outdoor real video data, demonstrating the feasibility of the approach, and then results are presented. Qualitative analysis is presented to analyze the quality of reconstructed Super resolution video comparing to input Low Resolution video. The results of this work can be used for object tracking and identification. � 2007 IEEE.
  • Thumbnail Image
    Item
    Effectiveness of SIP messages on SIP server
    (2013) Bansal, A.; Kulkarni, P.; Pais, A.R.
    Voice over Internet Protocol (Voice over IP, VoIP) is one of a family of communication protocols, and transmission technologies. It is used for delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks. Session Initiation Protocol (SIP) is a signaling protocol, widely used for controlling multimedia communication sessions such as voice and video calls over Internet Protocol (IP). There are several DoS attacks by which we can disturb SIP server. In this paper, more importance has been given to DoS attack by flooding of different SIP-messages. A little work is done to analyze the performance of SIP server and quality of ongoing VoIP calls under DoS attacks. We show the utilization of CPU and memory during the multiple simultaneous calls. We have done our study using a customized analysis tool that has the ability to synthesize and launch flooding of different SIP messages. We define the performance metrics to measure the quality of VoIP calls under DoS attack. We have developed some programs and integrated them in a real SIP test bed environment to measure the performance of SIP server and quality of VoIP calls under DoS attack. Our measurements show that a standard SIP server can be easily overloaded by simple call requests. It also shows that simple call request can degrade quality of ongoing calls. � 2013 IEEE.
  • Thumbnail Image
    Item
    Detection and prevention of SQL injection attacks using semantic equivalence
    (2011) Narayanan, S.N.; Pais, A.R.; Mohandas, R.
    SQL injection vulnerability is a kind of injection vulnerability in which the database server is forced to execute some illicit operations by crafting specific inputs to the web server. Even though this vulnerability has had it's presence for several years now, most of its popular mitigation techniques are based on safe coding practices, which are neither applicable to the existing applications, nor are application independent. Here we propose a new application logic independent solution to prevent SQL injection attacks which can be applicable to any dynamic web technology. The new solution detects SQL injection by considering the semantic variance between the queries generated by the query function with safe inputs and injection inputs. We have implemented the complete solution in ASP.NET with C# web applications using a custom written tool, SIAP, which patches the SQL Injection vulnerabilities in an existing web application by instrumenting the binaries. � Springer-Verlag 2011.
  • Thumbnail Image
    Item
    Design and implementation of secure Internet based voting system with user anonymity using Identity Based Encryption System
    (2009) Purushothama, B.R.; Pais, A.R.
    With Internet becoming ubiquitous, electronic transactions over the Internet have become an integral part of day to day life. The Internet is used for more and more secure transactions like banking, shopping, submitting tax returns etc. In a way, the need for a secure Internet based electronic voting system is an obvious demand. The task of designing a secure Internet based voting system is a cryptographic challenge. This paper proposes and discusses the design and implementation of secure Internet based electronic voting system using Identity Based Encryption System (IBES). This proposed system satisfies various security requirements like, privacy, anonymity, eligibility, accuracy, fairness, uniqueness, verifiability and receipt freeness. Total user anonymity is achieved using IBES. � 2009 IEEE.
  • Thumbnail Image
    Item
    A framework for intrusion tolerance in cloud computing
    (2011) Karande, V.M.; Pais, A.R.
    Cloud Computing has been envisioned as the next generation architecture and one of the fastest growing segments of the IT enterprises. No matter how much investment is made in cloud intrusion detection and prevention, cloud infrastructure remains vulnerable to attacks. Intrusion Tolerance in Cloud Computing is a fault tolerant design approach to defend cloud infrastructure against malicious attacks. Thus to ensure dependability we present a framework by mapping available Malicious and Accidental Fault Tolerance for Internet Applications (MAFTIA) intrusion tolerance framework for dependencies such as availability, authenticity, reliability, integrity, maintainability and safety against new Cloud Computing environment. The proposed framework has been validated by integrating Intrusion Tolerance via Threshold Cryptography (ITTC) mechanism in the simulated cloud environment. Performance analysis of the proposed framework is also done. � 2011 Springer-Verlag.
  • Thumbnail Image
    Item
    Attacks on web services and mitigation schemes
    (2010) Patel, V.; Mohandas, R.; Pais, A.R.
    Web Services have become dependable platform for e-commerce and many B2B models. Extensive adaptation of Web Services has resulted in a bunch of standards such as WS-Security, WS-Trast etc. to support business and security requirements for the same. Majority of the web services are offered over Http with Simple Object Access Protocol (SOAP) as an underlying exchange infrastructure. This paper describes attacks targeted at Web Services such as XML injection, XSS injection, HTTP header manipulation, sending stale message and other protocol specific attacks. We have used XML Re-Writing mechanism to perform "timestamp modification attack" and WS-Trast, WS-SecureConversation protocols attack. Schemas stated in WSDL file may not be accurate enough to validate messages effectively; Schemas should reflect structure of all possible genuine requests. Hence, we have proposed a new self-adaptive schema hardening algorithm to obtain fine-tuned schema that can be used to validate SOAP messages more effectively. We have also proposed mitigation techniques to counter attacks using MIME/DIME attachments.