Faculty Publications
Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736
Publications by NITK Faculty
Browse
59 results
Search Results
Item Prevention of MITM attack caused by rogue router advertisements in IPv6(Institute of Electrical and Electronics Engineers Inc., 2017) Ouseph, C.; Chandavarkar, B.R.Router discovery in IPv6 is vulnerable to rogue Router Advertisements (RAs), wherein unintended and possibly incorrect RAs make their way into the network. An IPv6 host obtains several important information from an RA like the default router's address and the prefix for autoconfiguring its IPv6 address. Incorrect data in the RA fields result in operational problems in the network. This can occur as a result of misconfigurations or malicious intentions. A variation of this security threat occurs in the form of a node sending a rogue RA with the spoofed address of the legit router but with the router lifetime field set to zero. This causes the legit router to be removed as the default router for hosts on the subnet. Further, the malicious node could advertise itself as the default router and essentially perform a man-in-The-middle (MITM) attack. This paper demonstrates such a possibility on an IPv6 testbed and presents a possible solution to prevent the same. The implementation of the solution is done on the Linux kernel and results testifying the solution are presented. © 2016 IEEE.Item Feature selection using fast ensemble learning for network intrusion detection(Springer Verlag service@springer.de, 2020) Pasupulety, U.; Adwaith, C.D.; Hegde, S.; Patil, N.Network security plays a critical role in today’s digital system infrastructure. Everyday, there are hundreds of cases of data theft or loss due to the system’s integrity being compromised. The root cause of this issue is the lack of systems in place which are able to foresee the advent of such attacks. Network Intrusion detection techniques are important to prevent any system or network from malicious behavior. By analyzing a dataset with features summarizing the method in which connections are made to the network, any attempt to access it can be classified as malicious or benign. To improve the accuracy of network intrusion detection, various machine learning algorithms and optimization techniques are used. Feature selection helps in finding important attributes in the dataset which have a significant effect on the final classification. This results in the reduction of the size of the dataset, thereby simplifying the task of classification. In this work, we propose using multiple techniques as an ensemble for feature selection. To reduce training time and retain accuracy, the important features of a subset of the KDD Network Intrusion detection dataset were analyzed using this ensemble learning technique. Out of 41 possible features for network intrusion, it was found that host-based statistical features of network flow play an import role in predicting network intrusion. Our proposed methodology provides multiple levels of overall selected features, correlated to the number of individual feature selection techniques that selected them. At the highest level of selected features, our experiments yielded a 6% increase in intrusion detection accuracy, an 81% decrease in dataset size and a 5.4× decrease in runtime using a Multinomial Naive Bayes classifier on the original dataset. © Springer Nature Switzerland AG 2020.Item Key Pre-distribution Scheme for Wireless Sensor Networks Using Combinatorial Design(Springer Science and Business Media Deutschland GmbH, 2022) Kittur, L.J.; Pais, A.R.Considering Wireless Sensor Networks (WSNs) usage in sensitive applications, providing secure communication between the sensor nodes is of utmost importance. The key pre-distribution technique allows the sensor nodes to encrypt the messages employing the secret key to uphold the network security. Having limited computational powers and storage capacity are the constraints of sensor nodes. In this work, Combinatorial Design (CD) is employed to propose a deterministic scheme for key pre-distribution in WSNs wherein keyrings are generated from a given keypool. The network region is divided into many same-sized cells with regular sensor nodes and cell leaders deployed in each cell. The cell leaders possess higher resource and computational capabilities than the regular sensor nodes and thus are used for communication between cells. Whenever the regular sensor nodes need to establish communication links with other regular sensor nodes in the same cell, they can do so directly using the common secret key. The key pre-distribution scheme proposed for cell leaders is highly scalable. A detailed study of the scalability, the resiliency of the proposed scheme is also presented. The resiliency accomplished is comparable to other existing schemes. Still, at the same time, the given scheme provides full connectivity, high scalability without a significant increase in the storage overhead of the sensor nodes. © 2022, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.Item Analysis of Mirai Malware and Its Components(Springer Science and Business Media Deutschland GmbH, 2023) Kumar, S.; Chandavarkar, B.R.Mirai malware is the most famous malware in the field of IoT. It created much destruction around the end of the year 2016. With just a common password vulnerability of IoT devices, it created a large botnet of 600K–700K and was able to launch DDoS attacks that were double and triple the volume of DDoS attacks launched so far. It is implemented in such a beautiful and unsophisticated way that more attacks will be later implemented and appended. Releasing its source code provides a way for the attackers to create its variants and provides researchers with a path in the right direction to tackle upcoming variants of Mirai malware. Although the mechanism of attacks and implementation of Mirai seems easy, its implementation is challenging. The following paper provides a guided way to understand Mirai malware’s functionality and launch it in an isolated environment to do further research on it. © 2023, The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.Item Securing web applications from injection and logic vulnerabilities: Approaches and challenges(Elsevier B.V., 2016) Deepa, G.; Santhi Thilagam, P.S.Context: Web applications are trusted by billions of users for performing day-to-day activities. Accessibility, availability and omnipresence of web applications have made them a prime target for attackers. A simple implementation flaw in the application could allow an attacker to steal sensitive information and perform adversary actions, and hence it is important to secure web applications from attacks. Defensive mechanisms for securing web applications from the flaws have received attention from both academia and industry. Objective: The objective of this literature review is to summarize the current state of the art for securing web applications from major flaws such as injection and logic flaws. Though different kinds of injection flaws exist, the scope is restricted to SQL Injection (SQLI) and Cross-site scripting (XSS), since they are rated as the top most threats by different security consortiums. Method: The relevant articles recently published are identified from well-known digital libraries, and a total of 86 primary studies are considered. A total of 17 articles related to SQLI, 35 related to XSS and 34 related to logic flaws are discussed. Results: The articles are categorized based on the phase of software development life cycle where the defense mechanism is put into place. Most of the articles focus on detecting the flaws and preventing the attacks against web applications. Conclusion: Even though various approaches are available for securing web applications from SQLI and XSS, they are still prevalent due to their impact and severity. Logic flaws are gaining attention of the researchers since they violate the business specifications of applications. There is no single solution to mitigate all the flaws. More research is needed in the area of fixing flaws in the source code of applications. © 2016 Elsevier B.V. All rights reserved.Item Securing native XML database-driven web applications from XQuery injection vulnerabilities(Elsevier Inc. usjcs@elsevier.com, 2016) Palsetia, N.; Deepa, G.; Ahmed Khan, F.; Santhi Thilagam, P.S.; Pais, A.R.Database-driven web applications today are XML-based as they handle highly diverse information and favor integration of data with other applications. Web applications have become the most popular way to deliver essential services to customers, and the increasing dependency of individuals on web applications makes them an attractive target for adversaries. The adversaries exploit vulnerabilities in the database-driven applications to craft injection attacks which include SQL, XQuery and XPath injections. A large amount of work has been done on identification of SQL injection vulnerabilities resulting in several tools available for the purpose. However, a limited work has been done so far for the identification of XML injection vulnerabilities and the existing tools only identify XML injection vulnerabilities which could lead to a specific type of attack. Hence, this work proposes a black-box fuzzing approach to detect different types of XQuery injection vulnerabilities in web applications driven by native XML databases. A prototype XQueryFuzzer is developed and tested on various vulnerable applications developed with BaseX as the native XML database. An experimental evaluation demonstrates that the prototype is effective against detection of XQuery injection vulnerabilities. Three new categories of attacks specific to XQuery, but not listed in OWASP are identified during testing. © 2016 Elsevier Inc.Item Live migration of virtual machines with their local persistent storage in a data intensive cloud(Inderscience Enterprises Ltd. editor@inderscience.com, 2017) Modi, A.; Achar, R.; Santhi Thilagam, P.S.Processing large volumes of data to drive their core business has been the primary objective of many firms and scientific applications in these days. Cloud computing being a large-scale distributed computing paradigm can be used to cater for the needs of data intensive applications. There are various approaches for managing the workload on a data intensive cloud. Live migration of a virtual machine is the most prominent paradigm. Existing approaches to live migration use network attached storage where just the run time state needs to be transferred. Live migration of virtual machines with local persistent storage has been shown to have performance advantages like security, availability and privacy. This paper presents an optimised approach for migration of a virtual machine along with its local storage by considering the locality of storage access. Count map combined with a restricted block transfer mechanism is used to minimise the downtime and overhead. The solution proposed is tested by various parameters like bandwidth, write access patterns and threshold. Results show the improvement in downtime and reduction in overhead. © © 2017 Inderscience Enterprises Ltd.Item En-Route Filtering Techniques in Wireless Sensor Networks: A Survey(Springer New York LLC barbara.b.bertram@gsk.com, 2017) Kumar, A.; Pais, A.R.Majority of wireless sensor networks (WSNs) are deployed in unattended environments and thus sensor nodes can be compromised easily. A compromised sensor node can be used to send fake sensing reports to the sink. If undetected these reports can raise false alarms. To deal with the problem of fake report generation, a number of en-route filtering schemes have been proposed. Each of these schemes uses different cryptographic methods to check the authenticity of reports while they are being forwarded hop by hop toward base station. However, majority of these techniques can handle only limited compromised nodes or they either need node localization or statically configured routes for sending reports. Furthermore, majority of en-route filtering techniques are vulnerable to various denial of service attacks. Our main aims in this survey are: (a) to describe the major en-route filtering techniques, (b) to analyze these techniques on various parameters including security and (c) to outline main unresolved research challenges in en-route filtering in WSNs. © 2017, Springer Science+Business Media New York.Item Security bound enhancement of remote user authentication using smart card(Elsevier Ltd, 2017) Madhusudhan, R.; Hegde, M.Distribution of resources and services via open network has becoming latest trend in information technology. This is provided by many service provider servers. In open network, hackers can easily obtain the communication data. Therefore, open networks and servers demand the security to protect data and information. Hence, network security is most important requirement in distributed system. In this security system, authentication is considered as the fundamental and essential method. Recently many remote user authentication schemes are proposed. In 2012, WANG Ding et al. proposed a remote user authentication scheme, in which the author stated that the scheme provides protection against offline password guessing, impersonation and other known key attacks. By cryptanalysis we have identified that, WANG Ding et al.'s scheme does not provide user anonymity, once the smart card is stolen. This scheme is also susceptible to offline password guessing attack, server masquerading attack, stolen smart card attack and insider attack. Further, this scheme still has problem with proper perfect forward secrecy and user revocation. In order to fix these security weaknesses, an enhanced authentication scheme is proposed and analysed using the formal verification tool for measuring the robustness. From the observation of computational efficiency of the proposed scheme, we conclude that the scheme is more robust and easy to implement practically. © 2017Item Batch verification of Digital Signatures: Approaches and challenges(Elsevier Ltd, 2017) Kittur, A.S.; Pais, A.R.Digital Signatures can be considered analogous to an ordinary handwritten signature for signing messages in the Digital world. Digital signature must be unique and exclusive for each signer. Multiple Digital Signatures signed by either single or multiple signers can be verified at once through Batch Verification. There are two main issues with respect to Batch Verification of Digital Signatures; first is the security problem and the second is the computational speed. Due to e-commerce proliferation, quick verification of Digital Signatures through specific hardware or efficient software becomes critical. Internet companies, banks, and other such organizations use Batch verification to accelerate verification of large number of Digital Signatures. Many Batch Verification techniques have been proposed for various Digital Signature algorithms. But most of them lack the security requirements such as signature authenticity, integrity, and non-repudiation. Hence there is a need for the study of batch verification of Digital Signatures. The main contributions of our survey include: (a) Identifying and categorizing various Batch verification techniques for RSA, DSS, and ECDSA(includes schemes based on Bilinear Pairing) (b) Providing a comparative analysis of these Batch Verification techniques (c) Identifying various research challenges in the area of Batch verification of signatures. © 2017 Elsevier Ltd