Research on Mobile Application Local Denial of Service Vulnerability Detection Technology Based on Rule Matching

2019 ◽  
Author(s):  
Lu Chen ◽  
Yuanyuan Ma ◽  
Zhipeng SHAO ◽  
Mu CHEN
Keyword(s):  
Mobile Application ◽  
Denial Of Service ◽  
Vulnerability Detection ◽  
Detection Technology

scholarly journals Research on Vulnerability Detection Technology for WEB Mail System

2018 ◽  
Vol 131 ◽  
pp. 124-130
Author(s):  
Xin Wang ◽  
Runpu Wu ◽  
Jinxin Ma ◽  
Gang Long ◽  
Jedeng Han
Keyword(s):  
Vulnerability Detection ◽  
Detection Technology ◽  
Mail System

scholarly journals Towards Cross-site Scripting Vulnerability Detection in Mobile Web Applications

2018 ◽  
Vol 7 (4.1) ◽  
pp. 18
Author(s):  
Isatou Hydara ◽  
Abu Bakar Md Sultan ◽  
Hazura Zulzalil ◽  
Novia Admodisastro
Keyword(s):  
Mobile Phones ◽  
Web Applications ◽  
Personal Information ◽  
Denial Of Service ◽  
Vulnerability Detection ◽  
Security Vulnerabilities ◽  
Mobile Web ◽  
The Past ◽  
Web Developers ◽  
Cross Site

Cross-site scripting vulnerabilities are among the top ten security vulnerabilities affecting web applications for the past decade and mobile version web applications more recently. They can cause serious problems for web users such as loss of personal information to web attackers, including financial and health information, denial of service attacks, and exposure to malware and viruses. Most of the proposed solutions focused only on the Desktop versions of web applications and overlooked the mobile versions. Increasing use of mobile phones to access web applications increases the threat of cross-site scripting attacks on mobile phones. This paper presents work in progress on detecting cross-site scripting vulnerabilities in mobile versions of web applications. It proposes an enhanced genetic algorithm-based approach that detects cross-site scripting vulnerabilities in mobile versions of web applications. This approach has been used in our previous work and successfully detected the said vulnerabilities in Desktop web applications. It has been enhanced and is currently being tested in mobile versions of web applications. Preliminary results have indicated success in the mobile versions of web applications also. This approach will enable web developers find cross-site scripting vulnerabilities in the mobile versions of their web applications before their release.  

scholarly journals A Heuristic Local-sensitive Program-Wide Diffing Method for IoT Binary Files

2021 ◽  
Author(s):  
Lu Yu ◽  
Yuliang Lu ◽  
Yi Shen ◽  
Zulie Pan ◽  
Hui Huang
Keyword(s):  
Denial Of Service ◽  
Third Party ◽  
Semantic Features ◽  
Proof Of Concept ◽  
Vulnerability Detection ◽  
Source Codes ◽  
Flow Dependence ◽  
Iot Devices ◽  
The Impact ◽  
Earth Mover

AbstractCode reuse brings vulnerabilities in third-party library to many Internet of Things (IoT) devices, opening them to attacks such as distributed denial of service. Program-wide binary diffing technology can help detect these vulnerabilities in IoT devices whose source codes are not public. Considering the architectures of IoT devices may vary, we propose a data-aware program-wide diffing method across architectures and optimization levels. We rely on the defined anchor functions and call relationship to expand the comparison scope within the target file, reducing the impact of different architectures on the diffing result. To make the diffing result more accurate, we extract the semantic features that can represent the code by data flow dependence analysis. Earth mover distance is used to calculate the similarity of functions in two files based on semantic features. We implemented a proof-of-concept DAPDiff and compared it with baseline BinDiff, TurboDiff and Asm2vec. Experiments showed the availability and effectiveness of our method across optimization levels and architectures. DAPDiff outperformed BinDiff in recall and precision by 41.4% and 9.2% on average when making diffing between standard third-party library and the real-world firmware files. This proves that DAPDiff can be applicable for the vulnerability detection in IoT devices.

Research on A Vulnerability Detection Technology for Network Topology Security

2021 ◽  
Author(s):  
Jianxin Ji ◽  
Chunli Xia ◽  
Tong Zhang ◽  
Yichuan Wang ◽  
Sheng Liu
Keyword(s):  
Network Topology ◽  
Vulnerability Detection ◽  
Detection Technology

scholarly journals PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization

2021 ◽  
Vol 11 (3) ◽  
pp. 1095
Author(s):  
Chen Chen ◽  
Han Xu ◽  
Baojiang Cui
Keyword(s):  
Particle Swarm Optimization ◽  
Particle Swarm ◽  
Target Point ◽  
Vulnerability Detection ◽  
High Quality ◽  
Swarm Optimization ◽  
Detection Technology ◽  
Test Process ◽  
Quality Features ◽  
Historical Samples

Coverage-oriented and target-oriented fuzzing are widely used in vulnerability detection. Compared with coverage-oriented fuzzing, target-oriented fuzzing concentrates more computing resources on suspected vulnerable points to improve the testing efficiency. However, the sample generation algorithm used in target-oriented vulnerability detection technology has some problems, such as weak guidance, weak sample penetration, and difficult sample generation. This paper proposes a new target-oriented fuzzer, PSOFuzzer, that uses particle swarm optimization to generate samples. PSOFuzzer can quickly learn high-quality features in historical samples and implant them into new samples that can be led to execute the suspected vulnerable point. The experimental results show that PSOFuzzer can generate more samples in the test process to reach the target point and can trigger vulnerabilities with 79% and 423% higher probability than AFLGo and Sidewinder, respectively, on tested software programs.

scholarly journals NETWORK DEFENSE SYSTEM MONITORING THROUGH A MOBILE APPLICATION

2020 ◽  
Vol 4 (2) ◽  
Author(s):  
Lalu Muhammad Aryandi Azrin ◽  
Abdul Ghofir
Keyword(s):  
Mobile Device ◽  
Mobile Application ◽  
Denial Of Service ◽  
Defense System ◽  
System Monitoring ◽  
Network Defense ◽  
Computer Attacks ◽  
Log Management ◽  
Log File

paper proposed a way to secure and protect pc or laptop remotely via mobile device. These two device communicate by exchanging information or data using database connection. There will be two applications that are developed, windows-based application and mobile application. The proposed scheme used some firewall configuration and log management to complete the process. The firewall configuration will block computer attacks such as Denial of Service. Log management is to generate a specific log file if there is a possible threat. It will then invoke. the windows application to update the database which is regularly accessed by mobile application. It then alerts user on possible attack or threat.

Sign in / Sign up

Export Citation Format

Share Document