SUM CODE BASED ON THE PRINCIPLE OF WEIGHTING TRANSITIONS BETWEEN DIGIT GROUPS OF THE INFORMATION VECTOR

The problem of code modification with summation of weighted transitions is considered. A method for designing summation codes is proposed, which is based on summing the weight coefficients attributed to groups of several digits in the information vector. It is proposed to choose weight coefficients from a sequence of natural numbers. The modified code with the summation of weighted transitions can be used in the construction of devices with the detection of malfunctions and errors in calculations at the outputs of blocks and nodes.

Global Symbols, Local Bans

This chapter analyzes symbols borrowed from non-German movements and global or pan-Aryan extremists. Here, the chapter also includes the appropriation of nonextremist products that have been assigned new meaning as well as symbols and codes that are in languages other than German. The chapter highlights the multivocality of far right symbols that are simultaneously nationalist and global. It suggests that this multivocality is further amplified by the ironies of far right youth deployment of non-German symbols, while simultaneously adhering to anti-immigrant sentiments or enacting violence against ethnic and racial minorities in the name of the German nation. The chapter draws both on an analysis of images and of young people's interpretation of “global” symbols deployed in the commercialized products to argue that far right ideologies have broadened, in the global era, beyond (mere) national borders. It suggests that there are parallels for how other geographically dispersed extremist ideologies—from Islamist extremism to ecoterrorism—might mobilize followers across national and linguistic boundaries. The chapter also analyzes legal disputes about the bans and examine youth reactions to school bans of particular symbols and codes as well as teachers' discussions of the enforcement of those bans. Ultimately, it argues that banning policies tend to backfire, further contributing to the game-playing aspect of code modification that make the symbols appealing in the first place.

WebMTD: Defeating Cross-Site Scripting Attacks Using Moving Target Defense

Existing mitigation techniques for cross-site scripting attacks have not been widely adopted, primarily due to imposing impractical overheads on developers, Web servers, or Web browsers. They either enforce restrictive coding practices on developers, fail to support legacy Web applications, demand browser code modification, or fail to provide browser backward compatibility. Moving target defense (MTD) is a novel proactive class of techniques that aim to defeat attacks by imposing uncertainty in attack reconnaissance and planning. This uncertainty is achieved by frequent and random mutation (randomization) of system configuration in a manner that is not traceable (predictable) by attackers. In this paper, we present WebMTD, a proactive moving target defense mechanism that thwarts various kinds of cross-site scripting (XSS) attacks on Web applications. Relying on built-in features of modern Web browsers, WebMTD randomizes values of certain attributes of Web elements to differentiate the application code from the injected code and disallow its execution; this is done without requiring Web developer involvement or browser code modification. Through rigorous evaluation, we show that WebMTD has very a low performance overhead. Also, we argue that our technique outperforms all competing approaches due to its broad effectiveness, transparency, backward compatibility, and low overhead.

Neutralizing SQL Injection Attack on Web Application Using Server Side Code Modification

SQL Injection attacks pose a very serious security threat to Web applications and web servers. They allow attackers to obtain unrestricted access to the databases underlying the applications and to the potentially sensitive and important information these databases contain. This research, “Neutralizing SQL Injection attack on web application using server side code modification” proposes a method for boosting web security by detecting SQL Injection attacks on web applications by modification on the server code so as to minimize vulnerability and mitigate fraudulent and malicious activities. This method has been implemented on a simple website with a database to register users with an admin that has control privileges. The server used is a local server and the server code was written with PHP as the back end. The front end was designed using MySQL. PHP server side scripting language was used to modify codes. ‘PDO prepare’ a tool to prepare parameters to be executed. The proposed method proved to be efficient in the context of its ability to prevent all types of SQL injection attacks. Acunetix was used to test the vulnerability of the code, and the code was implemented on a simple website with a simple database. Some popular SQL injection attack tools and web application security datasets have been used to validate the model. Unlike most approaches, the proposed method is quite simple to implement yet highly effective. The results obtained are promising with a high accuracy rate for detection of SQL injection attack.