The Impact of Social Engineer Attack Phases on Improved Security Countermeasures

The objective of this paper is to examine a model to identify Social Engineer Attack Phases to improve the security countermeasures by Social-Engineer Involvement. A questionnaire was developed and distributed to a sample of 243 respondents who were actively engaged in 3 Jordanian telecommunication companies. All hypotheses were tested using (PLS-SEM). The results of the study indicate that Social Engineer Attack Phases (Identification the potential target, Target Recognition, Decision approach, and Execution) have a partially mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. On the other hand, the Social Engineer Attack Phases (Information Aggregations, Analysis and Interpretation, Armament, and Influencing) have a fully mediate and significant impact on improving the security countermeasures by Social-Engineer Involvement. The findings of this study help to provide deep insight to help security professionals prepare better and implement the right and appropriate countermeasures, whether technical or soft measures.

An Incremental Acquisition Method for Web Forensics

In order to solve the problems of repeated acquisition, data redundancy and low efficiency in the process of website forensics, this paper proposes an incremental acquisition method orientecd to dynamic websites. This method realized the incremental collection on dynamically updated websites through acquiring and parsing web pages, URL deduplication, web page denoising, web page content extraction and hashing. Experiments show that the algorithm has relative high acquisition precision and recall rate, and can be combined with other data to perform effective digital forensics on dynamically updated real-time websites.

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

In this modern era, due to demand for cloud environments in business, the size, complexity, and chance of attacks to virtual cloud network (VCN) are increased. The protection of VCN is required to maintain the faith of the cloud users. Intrusion detection is essential to secure any network. The existing approaches that use the conventional neural network cannot utilize all information for identifying the intrusions. In this paper, the anomaly-based NIDS for VCN is proposed. For feature selection, grey wolf optimization (GWO) is hybridized with a bald eagle search (BES) algorithm. For classification, a deep learning approach - deep sparse auto-encoder (DSAE) is employed. In this way, this paper proposes a NIDS model for VCN named - GWO-DES-DSAE. The proposed system is simulated in the python programming environment. The proposed NIDS model's performance is compared with other recent approaches for both binary and multi-class classification on the considered datasets - NSL-KDD, UNSW-NB15, and CICIDS 2017 and found better than other methods.

ROP Defense Using Trie Graph for System Security

Most Intrusion Detection Systems (IDS) / Intrusion Prevention Systems (IPS) cannot defend the attacks from a Return Oriented Program (ROP) which applies code reusing and exploiting techniques without the need for code injection. Malicious attackers chain a short sequence as a gadget and execute this gadget as an arbitrary (Turing-complete) behavior in the target program. Lots of ROP defense tools have been developed with satisfactory performance and low costs overhead, but malicious attackers can evade ROP tools. Therefore, it needs security researchers to continually improve existing ROP defense tools, because the defense ability of target devices, such as smartphones is weak, and such devices are being increasingly targeted. Our contribution in this paper is to propose an ROP defense method that has provided a better performance of defense against ROP attacks than existing ROP defense tools.

Reversible Data Hiding in a Chaotic Encryption Domain Based on Odevity Verification

On the premise of guaranteeing the visual effect, in order to improve the security of the image containing digital watermarking and restore the carrier image without distortion, reversible data hiding in chaotic encryption domain based on odevity verification was proposed. The original image was scrambled and encrypted by Henon mapping, and the redundancy between the pixels of the encrypted image was lost. Then, the embedding capacity of watermarking can be improved by using odevity verification, and the embedding location of watermarking can be randomly selected by using logistic mapping. When extracting the watermarking, the embedded data was judged according to the odevity of the pixel value of the embedding position of the watermarking, and the carrier image was restored nondestructively by odevity check image. The experimental results show that the peak signal-to-noise ratio (PSNR) of the original image is above 53 decibels after the image is decrypted and restored after embedding the watermarking in the encrypted domain, and the invisibility is good.

HEVC Information Hiding Algorithm Based on Intra Prediction and Matrix Coding

Aiming at the problem that the data hiding algorithm of high efficiency video coding (HEVC) has great influence on the video bit rate and visual quality, an information hiding algorithm based on intra prediction mode and matrix coding is proposed. Firstly, 8 prediction modes are selected from 4×4 luminance blocks in I frame to embed the hidden information. Then, the Least Significant Bit (LSB) algorithm is used to modulate the LSB of the last prediction mode. Finally, the modulated luminance block is re-encoded to embed 4 bits secret information. Experimental results show that the algorithm improves the embedding capacity, guarantees the subjective and objective quality of the video, and the bit rate increases by 1.14% on average.

Detection of Anonymising Proxies using Machine Learning

Network Proxies and Virtual Private Networks (VPN) are tools that are used every day to facilitate various business functions. However, they have gained popularity amongst unintended userbases as tools that can be used to hide mask identities while using websites and web-services. Anonymising Proxies and/or VPNs act as an intermediary between a user and a web server with a Proxy and/or VPN IP address taking the place of the user’s IP address that is forwarded to the web server. This paper presents computational models based on intelligent machine learning techniques to address the limitations currently experienced by unauthorised user detection systems. A model to detect usage of anonymising proxies was developed using a Multi-layered perceptron neural network that was trained using data found in the Transmission Control Protocol (TCP) header of captured network packets

Image Forensic Tool (IFT)

Images now-a-days are often used as an authenticated proof for any cyber-crime. Images that do not remain genuine can mislead the court of law. The fast and dynamically growing technology doubts the trust in the integrity of images. Tampering mostly refers to adding or removing important features from an image without leaving any obvious trace. In earlier days, digital signatures were used to preserve the integrity, but now a days various tools are available to tamper digital signatures as well. Even in various state-of-the-art works in tamper detection, there are various restrictions in the type of inputs and the type of tampering detection. In this paper, the researchers propose a prototype model in the form of a tool that will retrieve all the image files from given digital evidence and detect tampering in the images. For various types of tampering, different tampering detection algorithms have been used. The proposed prototype will detect if tampering has been done or not and will classify the image files into groups based on the type of tampering.

Survey of Human Gait Analysis and Recognition for Different Sensor Modalities

Gait is a behavioural biometric which sometimes changes due to diseases but it is still a strong identification metric that is widely used in forensic works, state biometric preserve sectors, and medical laboratories. Gait analysis sometimes helps to identify person’s present mental state which reflects on physiological therapy for improved biological system. There are various gait measurement forms which expand the research area from crime detection to medical enhancement. Many research works have been done so far for gait recognition. Many researchers focused on skeleton image of people to extract gait features and many worked on stride length. Various sensors have been used to detect gait in various light forms. This paper is a brief survey of works on gait recognition, collected from various sources of science and technology literature. We have discussed few efficient models that worked best as well as we have discussed about few data sets available.

Hidden Service Circuit Reconstruction Attacks Based on Middle Node Traffic Analysis

Traffic analysis is widely considered as an attack posing a threat to anonymity of the communication and may reveal the real identity of the users. In this paper, a novel anonymous circuit reconstruction attack method that correlates the circuit traffic is proposed. This method then reconstructs a complete communication tunnel using the location of middle nodes found between the hidden and client services. The attack process includes independent determination of the location of the malicious nodes. A traffic correlation framework of AutoEncoder + CNN + BiLSTM is established, based on the Generative Adversarial Networks (GAN) model. BiLSTM applies the packet size and packet interval features of bidirectional traffic and combines the reconstruction loss function with the discrimination loss function to achieve correlated traffic evaluation. After balancing the reconstruction loss and discrimination loss scores, the simulation results confirm that the identification performance of the proposed system is higher than the advanced models.