Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Author: search.filters.author.Pais, A.R.Subject: search.filters.subject.Network security

Search Results

Now showing 1 - 10 of 12
  • No Thumbnail Available
    Item
    Key Pre-distribution Scheme for Wireless Sensor Networks Using Combinatorial Design
    (Springer Science and Business Media Deutschland GmbH, 2022) Kittur, L.J.; Pais, A.R.
    Considering Wireless Sensor Networks (WSNs) usage in sensitive applications, providing secure communication between the sensor nodes is of utmost importance. The key pre-distribution technique allows the sensor nodes to encrypt the messages employing the secret key to uphold the network security. Having limited computational powers and storage capacity are the constraints of sensor nodes. In this work, Combinatorial Design (CD) is employed to propose a deterministic scheme for key pre-distribution in WSNs wherein keyrings are generated from a given keypool. The network region is divided into many same-sized cells with regular sensor nodes and cell leaders deployed in each cell. The cell leaders possess higher resource and computational capabilities than the regular sensor nodes and thus are used for communication between cells. Whenever the regular sensor nodes need to establish communication links with other regular sensor nodes in the same cell, they can do so directly using the common secret key. The key pre-distribution scheme proposed for cell leaders is highly scalable. A detailed study of the scalability, the resiliency of the proposed scheme is also presented. The resiliency accomplished is comparable to other existing schemes. Still, at the same time, the given scheme provides full connectivity, high scalability without a significant increase in the storage overhead of the sensor nodes. © 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
  • No Thumbnail Available
    Item
    Securing native XML database-driven web applications from XQuery injection vulnerabilities
    (Elsevier Inc. usjcs@elsevier.com, 2016) Palsetia, N.; Deepa, G.; Ahmed Khan, F.; Santhi Thilagam, P.S.; Pais, A.R.
    Database-driven web applications today are XML-based as they handle highly diverse information and favor integration of data with other applications. Web applications have become the most popular way to deliver essential services to customers, and the increasing dependency of individuals on web applications makes them an attractive target for adversaries. The adversaries exploit vulnerabilities in the database-driven applications to craft injection attacks which include SQL, XQuery and XPath injections. A large amount of work has been done on identification of SQL injection vulnerabilities resulting in several tools available for the purpose. However, a limited work has been done so far for the identification of XML injection vulnerabilities and the existing tools only identify XML injection vulnerabilities which could lead to a specific type of attack. Hence, this work proposes a black-box fuzzing approach to detect different types of XQuery injection vulnerabilities in web applications driven by native XML databases. A prototype XQueryFuzzer is developed and tested on various vulnerable applications developed with BaseX as the native XML database. An experimental evaluation demonstrates that the prototype is effective against detection of XQuery injection vulnerabilities. Three new categories of attacks specific to XQuery, but not listed in OWASP are identified during testing. © 2016 Elsevier Inc.
  • No Thumbnail Available
    Item
    En-Route Filtering Techniques in Wireless Sensor Networks: A Survey
    (Springer New York LLC barbara.b.bertram@gsk.com, 2017) Kumar, A.; Pais, A.R.
    Majority of wireless sensor networks (WSNs) are deployed in unattended environments and thus sensor nodes can be compromised easily. A compromised sensor node can be used to send fake sensing reports to the sink. If undetected these reports can raise false alarms. To deal with the problem of fake report generation, a number of en-route filtering schemes have been proposed. Each of these schemes uses different cryptographic methods to check the authenticity of reports while they are being forwarded hop by hop toward base station. However, majority of these techniques can handle only limited compromised nodes or they either need node localization or statically configured routes for sending reports. Furthermore, majority of en-route filtering techniques are vulnerable to various denial of service attacks. Our main aims in this survey are: (a) to describe the major en-route filtering techniques, (b) to analyze these techniques on various parameters including security and (c) to outline main unresolved research challenges in en-route filtering in WSNs. © 2017, Springer Science+Business Media New York.
  • No Thumbnail Available
    Item
    Batch verification of Digital Signatures: Approaches and challenges
    (Elsevier Ltd, 2017) Kittur, A.S.; Pais, A.R.
    Digital Signatures can be considered analogous to an ordinary handwritten signature for signing messages in the Digital world. Digital signature must be unique and exclusive for each signer. Multiple Digital Signatures signed by either single or multiple signers can be verified at once through Batch Verification. There are two main issues with respect to Batch Verification of Digital Signatures; first is the security problem and the second is the computational speed. Due to e-commerce proliferation, quick verification of Digital Signatures through specific hardware or efficient software becomes critical. Internet companies, banks, and other such organizations use Batch verification to accelerate verification of large number of Digital Signatures. Many Batch Verification techniques have been proposed for various Digital Signature algorithms. But most of them lack the security requirements such as signature authenticity, integrity, and non-repudiation. Hence there is a need for the study of batch verification of Digital Signatures. The main contributions of our survey include: (a) Identifying and categorizing various Batch verification techniques for RSA, DSS, and ECDSA(includes schemes based on Bilinear Pairing) (b) Providing a comparative analysis of these Batch Verification techniques (c) Identifying various research challenges in the area of Batch verification of signatures. © 2017 Elsevier Ltd
  • No Thumbnail Available
    Item
    Black-box detection of XQuery injection and parameter tampering vulnerabilities in web applications
    (Springer Verlag service@springer.de, 2018) Deepa, G.; Santhi Thilagam, P.S.; Ahmed Khan, F.A.; Praseed, A.; Pais, A.R.; Palsetia, N.
    As web applications become the most popular way to deliver essential services to customers, they also become attractive targets for attackers. The attackers craft injection attacks in database-driven applications through the user-input fields intended for interacting with the applications. Even though precautionary measures such as user-input sanitization is employed at the client side of the application, the attackers can disable the JavaScript at client side and still inject attacks through HTTP parameters. The injected parameters result in attacks due to improper server-side validation of user input. The injected parameters may either contain malicious SQL/XML commands leading to SQL/XPath/XQuery injection or be invalid input that intend to violate the expected behavior of the web application. The former is known as an injection attack, while the latter is called a parameter tampering attack. While SQL injection has been intensively examined by the research community, limited work has been done so far for identifying XML injection and parameter tampering vulnerabilities. Database-driven web applications today rely on XML databases, as XML has gained rapid acceptance due to the fact that it favors integration of data with other applications and handles diverse information. Hence, this work proposes a black-box fuzzing approach to detect XQuery injection and parameter tampering vulnerabilities in web applications driven by native XML databases. A prototype XiParam is developed and tested on vulnerable applications developed with a native XML database, BaseX, as the backend. The experimental evaluation clearly demonstrates that the prototype is effective against detection of both XQuery injection and parameter tampering vulnerabilities. © 2017, Springer-Verlag Berlin Heidelberg.
  • No Thumbnail Available
    Item
    DetLogic: A black-box approach for detecting logic vulnerabilities in web applications
    (Academic Press, 2018) Deepa, G.; Santhi Thilagam, P.S.; Praseed, A.; Pais, A.R.
    Web applications are subject to attacks by malicious users owing to the fact that the applications are implemented by software developers with insufficient knowledge about secure programming. The implementation flaws arising due to insecure coding practices allow attackers to exploit the application in order to perform adverse actions leading to undesirable consequences. These flaws can be categorized into injection and logic flaws. As large number of tools and solutions are available for addressing injection flaws, the focus of the attackers is shifting towards exploitation of logic flaws. The logic flaws allow attackers to compromise the application-specific functionality against the expectations of the stakeholders, and hence it is important to identify these flaws in order to avoid exploitation. Therefore, a prototype called DetLogic is developed for detecting different types of logic vulnerabilities such as parameter manipulation, access-control, and workflow bypass vulnerabilities in web applications. DetLogic employs black-box approach, and models the intended behavior of the application as an annotated finite state machine, which is subsequently used for deriving constraints related to input parameters, access-control, and workflows. The derived constraints are violated for simulating attack vectors to identify the vulnerabilities. DetLogic is evaluated against benchmark applications and is found to work effectively. © 2018 Elsevier Ltd
  • No Thumbnail Available
    Item
    Detection of phishing websites using an efficient feature-based machine learning framework
    (Springer London, 2019) Rao, R.S.; Pais, A.R.
    Phishing is a cyber-attack which targets naive online users tricking into revealing sensitive information such as username, password, social security number or credit card number etc. Attackers fool the Internet users by masking webpage as a trustworthy or legitimate page to retrieve personal information. There are many anti-phishing solutions such as blacklist or whitelist, heuristic and visual similarity-based methods proposed to date, but online users are still getting trapped into revealing sensitive information in phishing websites. In this paper, we propose a novel classification model, based on heuristic features that are extracted from URL, source code, and third-party services to overcome the disadvantages of existing anti-phishing techniques. Our model has been evaluated using eight different machine learning algorithms and out of which, the Random Forest (RF) algorithm performed the best with an accuracy of 99.31%. The experiments were repeated with different (orthogonal and oblique) random forest classifiers to find the best classifier for the phishing website detection. Principal component analysis Random Forest (PCA-RF) performed the best out of all oblique Random Forests (oRFs) with an accuracy of 99.55%. We have also tested our model with the third-party-based features and without third-party-based features to determine the effectiveness of third-party services in the classification of suspicious websites. We also compared our results with the baseline models (CANTINA and CANTINA+). Our proposed technique outperformed these methods and also detected zero-day phishing attacks. © 2018, The Natural Computing Applications Forum.
  • No Thumbnail Available
    Item
    A trust model based batch verification of digital signatures in IoT
    (Springer, 2020) Kittur, A.S.; Pais, A.R.
    In the modern day world, the Internet of things (IoT) is not a new concept. IoT is getting deployed in various applications and fields. Hence with this fast-growing trend, it is essential to maintain the security in the IoT network. Digital Signature is one of the important ways to authenticate an electronic document or a message during communication. Multiple digital signatures are verified at once through the concept of batch verification. Batch verification of multiple digital signatures reduces the computation load and time. Hence this concept is beneficial in IoT environment where nodes have low computation power and operate in a real-time environment. In this paper, we have developed a Trust Model for IoT which helps the Gateway node to identify the trusted sensor nodes which perform batch verification. The sensor nodes receive a batch of signatures from the Gateway node and verify signatures through batch verification and accordingly send back the results. The trust model that we have developed in this paper significantly reduces the probability of selecting unreliable nodes for verification and also reduces the computation load at Gateway node. We have implemented our trust model and presented the results for batch verification of digital signatures. © 2019, Springer-Verlag GmbH Germany, part of Springer Nature.
  • No Thumbnail Available
    Item
    Combinatorial Design Based Key Pre-distribution Scheme with High Scalability and Minimal Storage for Wireless Sensor Networks
    (Springer, 2023) Kittur, L.J.; Pais, A.R.
    Given the sensitivity of applications and the sensor node’s resource constraints, key management is an important security concern in Wireless Sensor Networks (WSNs). Combinatorial Design based schemes are used to propose key pre-distribution in WSNs as they have patterns that can be mapped to the WSNs. We employ Combinatorial Designs to pre-distribute the keys to the sensor nodes. The deployment area is divided into equal-sized regions called cells. The network comprises two types of sensor nodes: ordinary sensor nodes and cell masters. The ordinary sensor nodes within a cell can communicate with each other directly. The inter-cell communication is through the cell masters, which have higher resource capabilities than the ordinary sensor nodes. To take into account the Radio Frequency range of cell masters, we use Lee sphere region around each cell (Ruj in ACM Transactions on Sensor Networks (TOSN) 6:4, 2009, Rui Key predistribution using partially balanced designs in wireless sensor networks, 2007). The proposed key pre-distribution scheme for cell masters provides high network scalability with low key storage overhead compared to other schemes. The model’s performance is measured in terms of key storage overhead and the number of sensor nodes supported. A detailed analysis of resiliency in terms of fractions of links disrupted is also presented. Also, the proposed scheme achieved better resiliency and requires much less number of keys to be stored in sensor nodes than the existing schemes. © 2022, The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature.
  • No Thumbnail Available
    Item
    An ensemble learning approach for detecting phishing URLs in encrypted TLS traffic
    (Springer, 2024) Kondaiah, C.; Pais, A.R.; Rao, R.S.
    Phishing is a fraudulent method used by hackers to acquire confidential data from victims, including security passwords, bank account details, debit card data, and other sensitive data. Owing to the increase in internet users, the corresponding network attacks have also grown over the last decade. Existing phishing detection methods are implemented for the application layer and are not effectively adapted to the transport layer. In this paper, we propose a novel phishing detection method that extends beyond traditional approaches by utilizing a multi-model ensemble of deep neural networks, long short term memory, and Random Forest classifiers. Our approach is distinguished by its unique feature extraction from transport layer security (TLS) 1.2 and 1.3 network traffic and the application of advanced deep learning algorithms to enhance phishing detection capabilities. To assess the effectiveness of our model, we curated datasets that include both phishing and legitimate websites, using features derived from TLS 1.2 and 1.3 traffic. The experimental results show that our proposed model achieved a classification accuracy of 99.61%, a precision of 99.80%, and a Matthews Correlation Coefficient of 99.22% on an in-house dataset. Our model excels at detecting phishing Uniform Resource Locator at the transport layer without data decryption. It is designed to block phishing attacks at the network gateway or firewall level. © The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2024.