Journal Articles

Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/123456789/19884

Browse

Author: search.filters.author.Santhi Thilagam, P.S.

Search Results

Now showing 1 - 10 of 28
  • No Thumbnail Available
    Item
    Mining social networks for anomalies: Methods and challenges
    (Academic Press, 2016) Bindu, P.V.; Santhi Thilagam, P.S.
    Online social networks have received a dramatic increase of interest in the last decade due to the growth of Internet and Web 2.0. They are among the most popular sites on the Internet that are being used in almost all areas of life including education, medical, entertainment, business, and telemarketing. Unfortunately, they have become primary targets for malicious users who attempt to perform illegal activities and cause harm to other users. The unusual behavior of such users can be identified by using anomaly detection techniques. Anomaly detection in social networks refers to the problem of identifying the strange and unexpected behavior of users by exploring the patterns hidden in the networks, as the patterns of interaction of such users deviate significantly from the normal users of the networks. Even though a multitude of anomaly detection methods have been developed for different problem settings, this field is still relatively young and rapidly growing. Hence, there is a growing need for an organized study of the work done in the area of anomaly detection in social networks. In this paper, we provide a comprehensive review of a large set of methods for mining social networks for anomalies by providing a multi-level taxonomy to categorize the existing techniques based on the nature of input network, the type of anomalies they detect, and the underlying anomaly detection approach. In addition, this paper highlights the various application scenarios where these methods have been used, and explores the research challenges and open issues in this field. © 2016 Elsevier Ltd. All rights reserved.
  • No Thumbnail Available
    Item
    DDoS attacks at the application layer: Challenges and research perspectives for safeguarding web applications
    (Institute of Electrical and Electronics Engineers Inc., 2019) Praseed, A.; Santhi Thilagam, P.S.
    Distributed denial of service (DDoS) attacks are some of the most devastating attacks against Web applications. A large number of these attacks aim to exhaust the network bandwidth of the server, and are called network layer DDoS attacks. They are volumetric attacks and rely on a large volume of network layer packets to throttle the bandwidth. However, as time passed, network infrastructure became more robust and defenses against network layer attacks also became more advanced. Recently, DDoS attacks have started targeting the application layer. Unlike network layer attacks, these attacks can be carried out with a relatively low attack volume. They also utilize legitimate application layer requests, which makes it difficult for existing defense mechanisms to detect them. These attacks target a wide variety of resources at the application layer and can bring a server down much faster, and with much more stealth, than network layer DDoS attacks. Over the past decade, research on application layer DDoS attacks has focused on a few classes of these attacks. This paper attempts to explore the entire spectrum of application layer DDoS attacks using critical features that aid in understanding how these attacks can be executed. defense mechanisms against the different classes of attacks are also discussed with special emphasis on the features that aid in the detection of different classes of attacks. Such a discussion is expected to help researchers understand why a particular group of features are useful in detecting a particular class of attacks. © 2018 IEEE.
  • No Thumbnail Available
    Item
    Extraction and optimization of fuzzy association rules using multi-objective genetic algorithm
    (2008) Santhi Thilagam, P.S.; Ananthanarayana, V.S.
    Association Rule Mining is one of the important data mining activities and has received substantial attention in the literature. Association rule mining is a computationally and I/O intensive task. In this paper, we propose a solution approach for mining optimized fuzzy association rules of different orders. We also propose an approach to define membership functions for all the continuous attributes in a database by using clustering techniques. Although single objective genetic algorithms are used extensively, they degenerate the solution. In our approach, extraction and optimization of fuzzy association rules are done together using multi-objective genetic algorithm by considering the objectives such as fuzzy support, fuzzy confidence and rule length. The effectiveness of the proposed approach is tested using computer activity dataset to analyze the performance of a multi processor system and network audit data to detect anomaly based intrusions. Experiments show that the proposed method is efficient in many scenarios. © 2007 Springer-Verlag London Limited.
  • No Thumbnail Available
    Item
    An efficient search to improve neighbour selection mechanism in P2P network
    (2009) Totekar, C.R.; Santhi Thilagam, P.S.
    One of the key challenging aspects of peer-to-peer systems has been efficient search for objects. For this, we need to minimize the number of nodes that have to be searched, by using minimum number of messages during the search process. This can be done by selectively sending requests to nodes having higher probability of a hit for queried object. In this paper, we present an enhanced selective walk searching algorithm along with low cost replication schemes. Our algorithm is based on the fact that most users in peer-to-peer network share various types of data in different proportions. This knowledge of amount of different kinds of data shared by each node is used to selectively forward the query to a node having higher hit-ratio for the data of requested type, based on history of recently succeeded queries. Replication scheme replicates frequently accessed data objects on the nodes which get high number of similar queries or closer to the peers from where most of the queries are being issued. Two simple replication schemes have been discussed and their performances are compared. Experimental results prove that our searching algorithm performs better than the selective walk searching algorithm. © 2009 Springer Berlin Heidelberg.
  • No Thumbnail Available
    Item
    Securing web applications from injection and logic vulnerabilities: Approaches and challenges
    (Elsevier B.V., 2016) Deepa, G.; Santhi Thilagam, P.S.
    Context: Web applications are trusted by billions of users for performing day-to-day activities. Accessibility, availability and omnipresence of web applications have made them a prime target for attackers. A simple implementation flaw in the application could allow an attacker to steal sensitive information and perform adversary actions, and hence it is important to secure web applications from attacks. Defensive mechanisms for securing web applications from the flaws have received attention from both academia and industry. Objective: The objective of this literature review is to summarize the current state of the art for securing web applications from major flaws such as injection and logic flaws. Though different kinds of injection flaws exist, the scope is restricted to SQL Injection (SQLI) and Cross-site scripting (XSS), since they are rated as the top most threats by different security consortiums. Method: The relevant articles recently published are identified from well-known digital libraries, and a total of 86 primary studies are considered. A total of 17 articles related to SQLI, 35 related to XSS and 34 related to logic flaws are discussed. Results: The articles are categorized based on the phase of software development life cycle where the defense mechanism is put into place. Most of the articles focus on detecting the flaws and preventing the attacks against web applications. Conclusion: Even though various approaches are available for securing web applications from SQLI and XSS, they are still prevalent due to their impact and severity. Logic flaws are gaining attention of the researchers since they violate the business specifications of applications. There is no single solution to mitigate all the flaws. More research is needed in the area of fixing flaws in the source code of applications. © 2016 Elsevier B.V. All rights reserved.
  • No Thumbnail Available
    Item
    Securing native XML database-driven web applications from XQuery injection vulnerabilities
    (Elsevier Inc. usjcs@elsevier.com, 2016) Palsetia, N.; Deepa, G.; Ahmed Khan, F.; Santhi Thilagam, P.S.; Pais, A.R.
    Database-driven web applications today are XML-based as they handle highly diverse information and favor integration of data with other applications. Web applications have become the most popular way to deliver essential services to customers, and the increasing dependency of individuals on web applications makes them an attractive target for adversaries. The adversaries exploit vulnerabilities in the database-driven applications to craft injection attacks which include SQL, XQuery and XPath injections. A large amount of work has been done on identification of SQL injection vulnerabilities resulting in several tools available for the purpose. However, a limited work has been done so far for the identification of XML injection vulnerabilities and the existing tools only identify XML injection vulnerabilities which could lead to a specific type of attack. Hence, this work proposes a black-box fuzzing approach to detect different types of XQuery injection vulnerabilities in web applications driven by native XML databases. A prototype XQueryFuzzer is developed and tested on various vulnerable applications developed with BaseX as the native XML database. An experimental evaluation demonstrates that the prototype is effective against detection of XQuery injection vulnerabilities. Three new categories of attacks specific to XQuery, but not listed in OWASP are identified during testing. © 2016 Elsevier Inc.
  • No Thumbnail Available
    Item
    Live migration of virtual machines with their local persistent storage in a data intensive cloud
    (Inderscience Enterprises Ltd. editor@inderscience.com, 2017) Modi, A.; Achar, R.; Santhi Thilagam, P.S.
    Processing large volumes of data to drive their core business has been the primary objective of many firms and scientific applications in these days. Cloud computing being a large-scale distributed computing paradigm can be used to cater for the needs of data intensive applications. There are various approaches for managing the workload on a data intensive cloud. Live migration of a virtual machine is the most prominent paradigm. Existing approaches to live migration use network attached storage where just the run time state needs to be transferred. Live migration of virtual machines with local persistent storage has been shown to have performance advantages like security, availability and privacy. This paper presents an optimised approach for migration of a virtual machine along with its local storage by considering the locality of storage access. Count map combined with a restricted block transfer mechanism is used to minimise the downtime and overhead. The solution proposed is tested by various parameters like bandwidth, write access patterns and threshold. Results show the improvement in downtime and reduction in overhead. © © 2017 Inderscience Enterprises Ltd.
  • No Thumbnail Available
    Item
    Discovering suspicious behavior in multilayer social networks
    (Elsevier Ltd, 2017) Bindu, P.V.; Santhi Thilagam, P.S.; Ahuja, D.
    Discovering suspicious and illicit behavior in social networks is a significant problem in social network analysis. The patterns of interactions of suspicious users are quite different from their peers and can be identified by using anomaly detection techniques. The existing anomaly detection techniques on social networks focus on networks with only one type of interaction among the users. However, human interactions are inherently multiplex in nature with multiple types of relationships existing among the users, leading to the formation of multilayer social networks. In this paper, we investigate the problem of anomaly detection on multilayer social networks by combining the rich information available in multiple network layers. We propose a pioneer approach namely ADOMS (Anomaly Detection On Multilayer Social networks), an unsupervised, parameter-free, and network feature-based methodology, that automatically detects anomalous users in a multilayer social network and rank them according to their anomalousness. We consider the two well-known anomalous patterns of clique/near-clique and star/near-star anomalies in social networks, and users are ranked according to the degree of similarity of their neighborhoods in different layers to stars or cliques. Experimental results on several real-world multilayer network datasets demonstrate that our approach can effectively detect anomalous nodes in multilayer social networks. © 2017 Elsevier Ltd
  • No Thumbnail Available
    Item
    Applications nature aware virtual machine provisioning in cloud
    (Inderscience Publishers, 2018) Achar, R.; Santhi Thilagam, P.S.
    Rapid growth of internet technologies and virtualisation has made cloud as a new IT delivery mechanism, which is gaining popularity from both industry and academia. Huge demand for a cloud resources, running similar nature applications in the same server results in application degradation whenever there is a sudden rise in workload. In order to minimise the application degradations, there is an urgent need to know the nature of applications running in cloud for efficient virtual machine (VM) provisioning. Existing cloud architecture does not provide any mechanism to handle this issue. This paper presents a modified cloud architecture which contains additional component called application analyser to identify the nature of applications running in each VM. Based on applications nature, this paper presents a novel VM provisioning mechanism using genetic algorithm. In order to utilise the resources efficiently, this paper also presents a mechanism for VM provisioning with migration. Experimental study is conducted using CloudSim simulator shows that proposed mechanism is efficiently allocating resources to the virtual machines. © 2018 Inderscience Enterprises Ltd.
  • No Thumbnail Available
    Item
    Black-box detection of XQuery injection and parameter tampering vulnerabilities in web applications
    (Springer Verlag service@springer.de, 2018) Deepa, G.; Santhi Thilagam, P.S.; Ahmed Khan, F.A.; Praseed, A.; Pais, A.R.; Palsetia, N.
    As web applications become the most popular way to deliver essential services to customers, they also become attractive targets for attackers. The attackers craft injection attacks in database-driven applications through the user-input fields intended for interacting with the applications. Even though precautionary measures such as user-input sanitization is employed at the client side of the application, the attackers can disable the JavaScript at client side and still inject attacks through HTTP parameters. The injected parameters result in attacks due to improper server-side validation of user input. The injected parameters may either contain malicious SQL/XML commands leading to SQL/XPath/XQuery injection or be invalid input that intend to violate the expected behavior of the web application. The former is known as an injection attack, while the latter is called a parameter tampering attack. While SQL injection has been intensively examined by the research community, limited work has been done so far for identifying XML injection and parameter tampering vulnerabilities. Database-driven web applications today rely on XML databases, as XML has gained rapid acceptance due to the fact that it favors integration of data with other applications and handles diverse information. Hence, this work proposes a black-box fuzzing approach to detect XQuery injection and parameter tampering vulnerabilities in web applications driven by native XML databases. A prototype XiParam is developed and tested on vulnerable applications developed with a native XML database, BaseX, as the backend. The experimental evaluation clearly demonstrates that the prototype is effective against detection of both XQuery injection and parameter tampering vulnerabilities. © 2017, Springer-Verlag Berlin Heidelberg.