Your search keyword '"Secure Shell"' showing total 215 results

1. Distributed Training of Large-Scale Deep Learning Models in Commodity Hardware

Author

Ahmad, Jubaer, Navin, Tahsin Elahi, Al Awsaf, Fahim, Arafat, Md. Yasir, Hossain, Md. Shahadat, Islam, Md. Motaharul, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Suma, V., editor, Lorenz, Pascal, editor, and Baig, Zubair, editor

Published

2023

2. Realtime Risk Monitoring of SSH Brute Force Attacks

Author

Fahrnberger, Günter, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Phillipson, Frank, editor, Eichler, Gerald, editor, Erfurth, Christian, editor, and Fahrnberger, Günter, editor

Published

2022

3. Secure Shell Remote Access for Virtualized Computing Environment

Author

Li, He, Cao, Rongqiang, Xiu, Hanwen, Wan, Meng, Li, Kai, Wang, Xiaoguang, Wang, Yangang, Wang, Jue, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Qiu, Meikang, editor, Gai, Keke, editor, and Qiu, Han, editor

Published

2022

4. Investigations into decrypting live secure traffic in virtual environments

Author

McLaren, Peter William Lindsay, Russell, Gordon, Tan, Zhiyuan, and Buchanan, Bill

Subjects

004, decryption, potentially malicious communications, tunnelled traffic, Secure Shell, Transport Layer Security, Advanced Encryption Standard symmetric block, ChaCha20, 004 Data processing & computer science, QA75 Electronic computers. Computer science

Abstract

Malicious agents increasingly use encrypted tunnels to communicate with external servers. Communications may contain ransomware keys, stolen banking details, or other confidential information. Rapid discovery of communicated contents through decrypting tunnelled traffic can support effective means of dealing with these malicious activities. Decrypting communications requires knowledge of cryptographic algorithms and artefacts, such as encryption keys and initialisation vectors. Such artefacts may exist in volatile memory when software applications encrypt. Virtualisation technologies can enable the acquisition of virtual machine memory to support the discovery of these cryptographic artefacts. A framework is constructed to investigate the decryption of potentially malicious communications using novel approaches to identify candidate initialisation vectors, and use these to discover candidate keys. The framework focuses on communications that use the Secure Shell and Transport Layer Security protocols in virtualised environments for different operating systems, protocols, encryption algorithms, and software implementations. The framework minimises virtual machine impact, and functions at an elevated level to make detection by virtual machine software difficult. The framework analyses Windows and Linux memory and validates decrypts for both protocols when the Advanced Encryption Standard symmetric block or ChaCha20 symmetric stream algorithms are used for encryption. It also investigates communications originating from malware clients, such as bot and ransomware, that use Windows cryptographic libraries. The framework correctly decrypted tunnelled traffic with near certainty in almost all experiments. The analysis durations ranged from sub-second to less than a minute, demonstrating that decryption of malicious activity before network session completion is possible. This can enable in-line detection of unknown malicious agents, timely discovery of ransomware keys, and knowledge of exfiltrated confidential information.

Published

2019

5. Deployment of Cloud Using Open-Source Virtualization: Study of VM Migration Methods and Benefits

Author

Rastogi, Garima, Narayan, Satya, Krishan, Gopal, Sushil, Rama, Kacprzyk, Janusz, Series editor, Pal, Nikhil R., Advisory editor, Bello Perez, Rafael, Advisory editor, Corchado, Emilio S., Advisory editor, Hagras, Hani, Advisory editor, Kóczy, László T., Advisory editor, Kreinovich, Vladik, Advisory editor, Lin, Chin-Teng, Advisory editor, Lu, Jie, Advisory editor, Melin, Patricia, Advisory editor, Nedjah, Nadia, Advisory editor, Nguyen, Ngoc Thanh, Advisory editor, Wang, Jun, Advisory editor, Aggarwal, V. B., editor, Bhatnagar, Vasudha, editor, and Mishra, Durgesh Kumar, editor

Published

2018

6. Sarracenia: Enhancing the Performance and Stealthiness of SSH Honeypots Using Virtual Machine Introspection

Author

Sentanoe, Stewart, Taubmann, Benjamin, Reiser, Hans P., Hutchison, David, Series Editor, Kanade, Takeo, Series Editor, Kittler, Josef, Series Editor, Kleinberg, Jon M., Series Editor, Mattern, Friedemann, Series Editor, Mitchell, John C., Series Editor, Naor, Moni, Series Editor, Pandu Rangan, C., Series Editor, Steffen, Bernhard, Series Editor, Terzopoulos, Demetri, Series Editor, Tygar, Doug, Series Editor, Weikum, Gerhard, Series Editor, and Gruschka, Nils, editor

Published

2018

7. Cancelable bimodal shell using fingerprint and iris.

Author

Vallabhadas, Dilip Kumar and Sandhya, Mulagala

Subjects

*HUMAN fingerprints, *FEATURE extraction, *ERROR rates, *DATABASES

Abstract

Authentication systems are now an important part of our daily life. Human biological, behavioral, and physical characteristics are usually applied in authenticating a person in various applications. Unimodal biometric systems have a number of limitations, such as noise sensitivity, population coverage, intra-class variations, non-universality, and vulnerability to spoofing. Multimodal biometric systems overcome these limitations and are being widely used in many real-world applications. In this work, to construct a three-dimensional (3-D) shell, we use fingerprint and iris. First, features are extracted from the fingerprint. Then, using a user key set, a two-dimensional spiral curve is generated from fingerprint features. Next, iris features are extracted using a pre-trained VGG-16 model, then feature vector-based random projection is applied to generate an iris feature vector. This generated feature vector is combined with the fingerprint shell to construct a secured 3-D shell. Finally, these fused 3-D templates are saved in the database and are used for matching. Our proposed technique has been evaluated on the three publicly available datasets, showing that it can preserve user privacy while maintaining the accuracy of the system with an equal error rate of 0.09%, 0.032%, and 0.015%. [ABSTRACT FROM AUTHOR]

Published

2023

8. Getting Comfortable

Author

Membrey, Peter, Hows, David, Membrey, Peter, and Hows, David

Published

2015

9. Decrypting live SSH traffic in virtual environments.

Author

McLaren, Peter, Russell, Gordon, Buchanan, William J., and Tan, Zhiyuan

Subjects

VIRTUAL reality, CRIMINAL investigation, VIRTUAL communications, CRIME prevention

Abstract

Decrypting and inspecting encrypted malicious communications may assist crime detection and prevention. Access to client or server memory enables the discovery of artefacts required for decrypting secure communications. This paper develops the MemDecrypt framework to investigate the discovery of encrypted artefacts in memory and applies the methodology to decrypting the secure communications of virtual machines. For Secure Shell, used for secure remote server management, file transfer, and tunnelling inter alia, MemDecrypt experiments rapidly yield AES-encrypted details for a live secure file transfer including remote user credentials, transmitted file name and file contents. Thus, MemDecrypt discovers cryptographic artefacts and quickly decrypts live SSH malicious communications including the detection and interception of data exfiltration of confidential data. [ABSTRACT FROM AUTHOR]

Published

2019

10. Security

Author

Alani, Mohammed M. and Alani, Mohammed M.

Published

2012

11. GAMPAL: an anomaly detection mechanism for Internet backbone traffic by flow size prediction with LSTM-RNN

Author

Fumio Teraoka, Taku Wakui, and Takao Kondo

Subjects

Backbone network, computer.internet_protocol, business.industry, Computer science, Secure Shell, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Autonomous system (Internet), Internet backbone, Denial-of-service attack, Border Gateway Protocol, Anomaly detection, The Internet, Electrical and Electronic Engineering, business, computer, Computer network

Abstract

This paper proposes a general-purpose anomaly detection mechanism for Internet backbone traffic named GAMPAL (General-purpose Anomaly detection Mechanism using Prefix Aggregate without Labeled data). GAMPAL does not require labeled data to achieve general-purpose anomaly detection. For scalability to the number of entries in the BGP RIB (Border Gateway Protocol Routing Information Base), GAMPAL introduces prefix aggregate. The BGP RIB entries are classified into prefix aggregates, each of which is identified with the first three AS (Autonomous System) numbers in the AS_PATH attribute. GAMPAL establishes a prediction model for traffic sizes based on past traffic sizes. It adopts a LSTM-RNN (Long Short-Term Memory Recurrent Neural Network) model that focuses on the periodicity of the Internet traffic patterns at a weekly scale. The validity of GAMPAL is evaluated using real traffic information, BGP RIBs exported from the WIDE backbone network (AS2500), a nationwide backbone network for research and educational organizations in Japan, and the dataset of an ISP (Internet Service Provider) in Spain. As a result, GAMPAL successfully detects anomalies such as increased traffic due to an event, DDoS (Distributed Denial of Service) attacks targeted at a stub organization, a connection failure, an SSH (Secure Shell) scan attack, and anomaly spam.

Published

2021

12. Analysis of Kubernetes for Distributed Healthcare System Development using COVID-19 Healthcare App

Author

S. Mohanty, J. Prassanna, P. S. Jinturkar, and P. Pandey

Subjects

Aging, Authentication, business.industry, Computer science, Data management, Distributed computing, Secure Shell, Shell (computing), Health Professions (miscellaneous), Biochemistry, Genetics and Molecular Biology (miscellaneous), Automation, General Biochemistry, Genetics and Molecular Biology, Field (computer science), General Health Professions, Dentistry (miscellaneous), Orchestration (computing), business, General Dentistry, Protocol (object-oriented programming)

Abstract

Introduction: Distributed computing is a field of computer science which deals with the study of distributed systems A system which has communication and coordination with each of its nodes and which interacts with each other to achieve a common target which is to effectively compute the computation These capabilities are conducive to implementing a systematic and efficient COVID-19 tracking application which can be accessed and worked on by numerous entities Objective: To provide information about a client-server architecture which is a platform for managing and maintaining container-ized workloads and services that forms a base for automation Methods: A Kubernetes cluster IS created with a calico pod network along with the main drivers of Kubelet, Kubeadm and Kubectl Secure Shell (SSH) protocol is used for secured shell and data management and authentication between the client and server Results: We have performed and distributed our tasks in such a way to show the developers that multiple tasks can be performed at the same time using Kubernetes orchestration platform and used to parallelize multiple tasks This increases the efficiency of the machine and the performance of the system becomes much faster Conclusion: A system which has communication and coordination with each of its nodes and which interacts with each other to achieve a common target which is to effectively compute the computation One such application which helps in the distribution of tasks and helps do the computation is Kubernetes It is based on a client-server architecture which is a platform for managing and maintaining containerized workloads and services that forms a base for automation © IJCRR

Published

2021

13. Implementasi Compatibility Layer Pada Jaringan Server Diskless Berbasis Lubuntu 18.04 LTS

Author

Ade Silvia Handayani, Ibnu ziad, and Farid Jatri Abiyyu

Subjects

Source code, Computer science, Secure Shell, media_common.quotation_subject, computer.software_genre, Terminal server, Thin client, Packet loss, Computer cluster, Cross-platform, Operating system, computer, Jitter, media_common

Abstract

Diskless server is a cluster computer network which uses SSH (Secure Shell) protocol to grant the client an access to the host's directory and modify it's content so that the client don't need a hardisk (Thin Client). One way to design a diskless server is by utilizing "Linux Terminal Server Project", an open source-based script for Linux. However, using Linux has it own drawback, such as it can't cross platform for running an aplication based on Windows system which are commonly used. This drawback can be overcomed by using a compatibility layer that converts a windows-based application's source code. The data which will be monitored is the compatibility layer implementation's result, and the throughput, packet loss, delay, and jitter. The result of measurement from those four parameters resulting in "Excellent" for throughput, "Perfect" for packet loss and delay, and "Good" for jitter.

Published

2020

14. Secure Shell (SSH)

Author

Jörg Schwenk

Subjects

Physics, Secure Shell, Operating system, computer.software_genre, computer

Abstract

Das Secure-SHell-Protokoll (SSH) wird heute zum Administrieren von Unix-basierten Servern verwendet, auch fur virtuelle Cloud-Server. Dieser Einfuhrung beschreibt zunachst die Geschichte und die Nutzung von SSH, bevor auf die beiden Hauptbestandteile, den Handshake und das Binary Packet Protocol (BPP), eingegangen wird.

Published

2022

15. A Profile of Prolonged, Persistent SSH Attack on a Kippo Based Honeynet.

Author

Valli, Craig, Rabadia, Priya, and Woodard, Andrew

Abstract

This paper is an investigation focusing on activities detected by SSH honeypots that utilised kippo honeypot software. The honeypots were located across a variety of geographical locations and operational platforms. The honeynet has suffered prolonged, persistent and attack from a/24 network which appears to be of Chinese geographical origin. In addition to these attacks, other attackers have been successful in compromising real hosts in a wide range of other countries that were subsequently involved in attacking the honeypot machines in the honeynet. [ABSTRACT FROM AUTHOR]

Published

2015

16. Experimental Evaluation of Security Monitoring and Notification on Network Intrusion Detection System for Server Security

Author

Yavan Cahyan, Asep Saeppani, Muhammad Agreindra Helmiawan, and Eggi Julian

Subjects

Information privacy, File Transfer Protocol, Computer science, Server, Secure Shell, Ping of death, Intrusion detection system, Computer security, computer.software_genre, computer, Protocol (object-oriented programming), Port (computer networking)

Abstract

Security of data and information in servers connected to networks that provide services to user computers, is the most important thing to maintain data privacy and security in network security management mechanisms. Weaknesses in the server security system can be exploited by intruders to disrupt the security of the server. One way to maintain server security is to implement an intrusion detection system using the Intrusion Detection System. This research is experimenting to create a security system prototype, monitoring, and evaluating server security systems using Snort and alert notifications that can improve security monitoring for server security. The system can detect intrusion attacks and provide warning messages and attack information through the Intrusion Detection System monitoring system. The results show that snort and alert notifications on the security server can work well, efficiently, and can be handled quickly. Testing attacks with Secure Shell Protocol and File Transfer Protocol Brute Force, Ping of Death and scanning port attacks requires a detection time of no more than one second, and all detection test results are detected and send real-time notification alerts to the Administrator.

Published

2021

17. SSH and Telnet Protocols Attack Analysis Using Honeypot Technique: Analysis of SSH AND TELNET Honeypot

Author

Muhammed Ali Aydin, Ebu Yusuf Guven, and Melike Baser

Subjects

Telnet, Honeypot, Computer science, business.industry, computer.internet_protocol, Secure Shell, Information security, Computer security, computer.software_genre, Upload, Attack model, Software, business, computer, Risk management

Abstract

Generally, the defense measures taken against new cyber-attack methods are insufficient for cybersecurity risk management. Contrary to classical attack methods, the existence of undiscovered attack types called’ zero-day attacks’ can invalidate the actions taken. It is possible with honeypot systems to implement new security measures by recording the attacker’s behavior. The purpose of the honeypot is to learn about the methods and tools used by the attacker or malicious activity. In particular, it allows us to discover zero-day attack types and develop new defense methods for them. Attackers have made protocols such as SSH (Secure Shell) and Telnet, which are widely used for remote access to devices, primary targets. In this study, SSHTelnet honeypot was established using Cowrie software. Attackers attempted to connect, and attackers record their activity after providing access. These collected attacker log records and files uploaded to the system are published on Github to other researchers1. We shared the observations and analysis results of attacks on SSH and Telnet protocols with honeypot.

Published

2021

18. Design and implementation of parallel processing for embedded system online experiment teaching platform

Author

Yiting Wang, Yifan Zhang, Yuanbo Dou, Jianwei Niu, Shun Zuo, and Huiyong Li

Subjects

Information engineering, Parallel processing (DSP implementation), Computer science, business.industry, Secure Shell, Reliability (computer networking), Embedded system, ComputingMilieux_COMPUTERSANDEDUCATION, Key (cryptography), business, Protocol (object-oriented programming), Fault detection and isolation, Task (project management)

Abstract

As the core course of information engineering specialty, embedded system course has the characteristics of great theoretical difficulty and strong practical operation. It is an important part of this course to cultivate students’ practical ability through experimental teaching. In order to overcome the impact of the lack of time and room on traditional experimental teaching, an online simulation experimental teaching platform for embedded system course rose in response to the proper time and conditions. Concurrent sharing and remote fault detection are the key to realize the system. This paper designs and implements an embedded system online simulation experiment teaching platform oriented to the combination of virtual and real. The platform supports concurrent access by multiple users based on the Secure Shell (SSH) protocol, and realizes the sharing of experimental resources by constructing a task pool. The method of fault detection and recovery using the heartbeat mechanism improves the reliability of the system. Practical applications have shown that the system can run stably for a long time, support a large number of students in online experiments at the same time, and improve the utilization of experimental equipment and the efficiency of students’ experiments.

Published

2021

19. Runtime verification for trustworthy secure shell deployment

Author

Axel Curmi, Mark Vella, and Christian Colombo

Subjects

Computer science, business.industry, Secure Shell, Runtime verification, Process (computing), Cryptographic protocol, computer.software_genre, Software deployment, Embedded system, Malware, SSH File Transfer Protocol, business, Protocol (object-oriented programming), computer

Abstract

Incorrect cryptographic protocol implementation and malware attacks targeting its runtime may lead to insecure execution even if the protocol design has been proven safe. This research focuses on adapting a runtime-verification-centric trusted execution environment (RV-TEE) solution to a cryptographic protocol deployment --- particularly that of the Secure Shell Protocol (SSH). We aim to show that our approach, which does not require any specific security hardware or operating system modifications, is feasible through the design of a framework and work-in-progress empirical evaluation. We provide: (i) The design of the setup involving SSH, (ii) The provision of the RV-TEE setup with SSH implementation, including (iii) An overview of the property extraction process through a methodical analysis of the SSH protocol specifications.

Published

2021

20. Towards Quantum Resistant Key Agreement Schemes Using Unpredictability

Author

Mohamed Helmy Megahed, Emad A Elsamahy, and Alaa Elhao

Subjects

Public-key cryptography, Secure communication, Computer science, business.industry, Elliptic curve Diffie–Hellman, Secure Shell, Distributed computing, Key (cryptography), Cryptography, Elliptic curve cryptography, business, Quantum computer

Abstract

Elliptic curve Diffie Hellman (ECDH) is one of today’s most commonly used key agreement schemes, gaining universal usage amongst secure communication protocols such as transport layer security (TLS) and secure shell (SSH). This popularity is attributed to elliptic curve cryptography’s (ECC) known benefits including offering high-security levels for lesser key sizes in comparison to other known public key counterparts. With public key schemes being under the threat of becoming obsolete due to quantum computing and associated algorithms, we propose an enhancement to ECDH aiming at exponentially increasing the hardness of exhaustive search methods utilizing quantum computing powers. In order to reach a key agreement scheme that would withstand future and post-quantum processing powers, we introduce an enhancement that will be based on a distinct cryptographic property labeled ’Unpredictability’, which offers algorithms the ability to use multiple key pairs (up to 256), in different combinations, all whilst maintaining substantially similar arithmetic operations. The resultant scheme is labelled as unpredictable elliptic curve Diffie Hellman (UP-ECDH)

Published

2021

21. SSH brute force attack mitigation in Internet of Things (IoT) network : An edge device security measure

Author

S M Meena and Meenaxi M. Raikar

Subjects

Edge device, business.industry, Computer science, Secure Shell, Volume (computing), Intrusion detection system, Computer security, computer.software_genre, Brute-force attack, Attack patterns, The Internet, business, computer, Protocol (object-oriented programming)

Abstract

With the explosive growth of IoT applications, billions of things are now connected via edge devices and a colossal volume of data is sent over the internet. Providing security to the user data becomes crucial. The rise in zero-day attacks are a challenge in IoT scenarios. With the large scale of IoT application detection and mitigation of such attacks by the network administrators is cumbersome. The edge device Raspberry pi is remotely logged using Secure Shell (SSH) protocol in 90% of the IoT applications. The case study of SSH brute force attack on the edge device Raspberry pi is demonstrated with experimentation in the IoT networking scenario using Intrusion Detection System (IDS). The IP crawlers available on the internet are used by the attacker to obtain the IP address of the edge device. The proposed system continuously monitors traffic, analysis the log of attack patterns, detects and mitigates SSH brute attack. An attack hijacks and wastes the system resources depriving the authorized users of the resources. With the proposed IDS, we observe 25% CPU conservation, 40% power conservation and 10% memory conservation in resource utilization, as the IDS, mitigates the attack and releases the resources blocked by the attacker.

Published

2021

22. Causal analysis of attacks against honeypots based on properties of countries

Author

Matej Zuzcak and Petr Bujok

Subjects

Honeypot, Computer Networks and Communications, Population size, Secure Shell, Developing country, 020206 networking & telecommunications, Statistical model, 0102 computer and information sciences, 02 engineering and technology, 01 natural sciences, Geography, 010201 computation theory & mathematics, Information and Communications Technology, 0202 electrical engineering, electronic engineering, information engineering, Econometrics, Cluster analysis, Set (psychology), Software, Information Systems

Abstract

This study studies the influence of country attributes on the number of secure shell attacks originating from it detected by the author's honeynet. Four statistical models are described, based on three sources of data from various countries. The studied attributes of the countries can be broadly divided into demographic, technological, and economic, with each source providing a slightly different set of attributes. Statistical methods such as partial least-squares path modelling are used, clustering countries by their assessed similarity. The population size has the greatest effect on the number of attacks, as expected, though it has to be noted that developing countries did not provide relevant data to the sources used and thus were not included. The following influential attributes were technical such as the access to information and communication technologies (ICT), and the use of ICT, with the economic influence being notable only in rather small countries. The Netherlands was an interesting anomaly, being clustered alongside large countries, even though its country attributes were very much like those of its neighbours.

Published

2019

23. Development of a web interface for submitting jobs to SLURM

Author

Fabian Leon and Gilberto Díaz

Subjects

Remote communication, Computer science, Shell (computing), 0211 other engineering and technologies, Pharmaceutical Science, 02 engineering and technology, 010501 environmental sciences, computer.software_genre, SLURM, lcsh:Technology, 01 natural sciences, Job queue, Upload, 021105 building & construction, CGI, Pharmacology (medical), 0105 earth and related environmental sciences, COLA (software architecture), lcsh:T, Secure Shell, computer.file_format, Complementary and alternative medicine, lcsh:TA1-2040, Operating system, User interface, Cluster Linux, lcsh:Engineering (General). Civil engineering (General), computer, Batch file

Abstract

espanolProtocolos como Shell seguro han sido utilizados comunmente por los clusters de Linux para permitir a los usuarios enviar trabajos a SLURM. Sin embargo, implica el uso de un emulador de consola para establecer la comunicacion remota que, en algunos casos, no esta disponible. Por lo tanto, este documento presenta el desarrollo de la API Web Submit SLURM, que ofrece una interfaz web rapida y segura para enviar trabajos a SLURM, consultar la cola de trabajos, crear y cargar archivos batch. EnglishProtocols such Secure Shell have been commonly used by Linux clusters to allow users sending jobs to SLURM. However, it implies the use of a console emulator to establish the remote communication which, in some cases, is not available. Therefore, this paper presents the development of the Web Submit SLURM API which offers a quick and safe web interface for submitting jobs to SLURM, querying the job queue, and creating and uploading batch files.

Published

2019

24. A Heuristic Statistical Testing Based Approach for Encrypted Network Traffic Identification

Author

Xiaosong Zhang, Zhongliu Zhuo, Niu Weina, Guowu Yang, Xiaojiang Du, and Mohsen Guizani

Subjects

Handshake, Computer Networks and Communications, Computer science, Heuristic (computer science), protocol-independent, Aerospace Engineering, 02 engineering and technology, computer.software_genre, Encryption, 0203 mechanical engineering, statistical testing, Randomness tests, Electrical and Electronic Engineering, Transport Layer Security, business.industry, Secure Shell, 020302 automobile design & engineering, Cryptographic protocol, Statistical classification, Identification (information), machine learning, handshake skipping, Automotive Engineering, Encrypted traffic identification, Malware, Data mining, business, computer

Abstract

In recent years, malware with strong concealment uses encrypted protocol to evade detection. Thus, encrypted traffic identification can help security analysts to be more effective in narrowing down those encrypted network traffic. Existing methods are protocol independent, such as statistical-based and machine-learning-based approaches. Statistical-based approaches, however, are confined to payload length and machine-learning-based approaches have a low recognition rate for encrypted traffic using undisclosed protocols. In this paper, we proposed a heuristic statistical testing (HST) approach that combines both statistics and machine learning and has been proved to alleviate their respective deficiencies. We manually selected four randomness tests to extract small payload features for machine learning to improve real-time performances. We also proposed a simple handshake skipping method called HST-R to increase the classification accuracy. We compared our approach with other identification approaches on a testing dataset consisting of traffic that uses two known, two undisclosed, and one custom cryptographic protocols. Experimental results showed that HST-R performs better than other traditional coding-based, entropy-based, and ML-based approaches. We also showed that our handshake skipping method could generalize better for unknown cryptographic protocols. Finally, we also conducted experimental comparisons among different classification algorithms. The results showed that C4.5, with our method, has the highest identification accuracy for secure sockets layer and secure shell traffic. Basic Research Programs of Sichuan Province, Science and Technology Foundation of State Grid Corporation of China, National Natural Science Foundation of China Scopus

Published

2019

25. Design of cross-cultural teaching management system for international students based on cloud service platform.

Author

Sun, Taiwei

Subjects

*FOREIGN students, *STREAMING video & television, *TECHNOLOGICAL innovations, *WEB portals, *ONLINE education, *STUDENT mobility

Abstract

Recently online teaching resources management has become an interesting domain in China due to emerging technologies like Video Internet of Things (VIoT). We propose a novel integrated framework for efficient teaching resources management using VIoT and cloud computing services. The proposed model designs a VIoT system to analyze the need for front-end portals. We employ a cloud platform for international students based on business goals and functional requirements to optimize sensor design. The proposed model first builds the VIoT front-end web portal to elaborate the design schemes, architecture, and various design ideas. Then, we integrate the VIoT system with other cloud-based modules such as the teaching management module, application management module, and system-object module. We represent the proposed model from three perspectives like Secure Shell (SSH) framework implementation, interfaces, and certain function modules. The experimental outcomes demonstrate that the system developed in this study has a specific influence. [ABSTRACT FROM AUTHOR]

Published

2022

26. Design and Implementation of Raspberry House: An IoT Security Framework

Author

Hiroyuki Ohno, Wen Fei, and Srinivas Sampalli

Subjects

Firmware, Computer science, computer.internet_protocol, Secure Shell, 020206 networking & telecommunications, 02 engineering and technology, computer.software_genre, Computer security, Internet protocol suite, Default gateway, Server, SAFER, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, computer, Private network

Abstract

The rising popularity of the Internet of Things (IoT) on a global scale has led to an increase in cyber threats, and researchers are paying more attention to its security issues. So far, research on IoT security has focused on large-scale devices, but there is relatively less research on the security of small IoT devices. Therefore, our objective is to mainly study how to make the operation of small IoT devices safer. Raspberry House is a TCP/IP Layer 3 gateway built with Raspberry Pi, which can connect IoT devices to the private network generated by it, thereby preventing IoT devices from being exposed to outside networks. In addition, through a private network, IoT devices can also update their firmware wirelessly. This paper also studies the communication between IoT devices through different secure connections such as Secure Shell (SSH), and evaluates their results in different environments. Experimental evaluation of TCP/IP Layer 3 Gateway indicates that the proposed framework can provide security for small IoT devices.

Published

2021

27. Python Network Automation Labs: SSH paramiko and netmiko

Author

Brendan Choi

Subjects

business.industry, Computer science, Secure Shell, Network engineering, Python (programming language), computer.software_genre, Networking hardware, Upgrade, Scripting language, Network automation, Software engineering, business, computer, computer.programming_language

Abstract

In this chapter, you will use Python’s SSH libraries, paramiko and netmiko, to control your networking devices. paramiko is what Ansible relies on for SSH connection management to network devices, and netmiko is an engineer-friendly version of paramiko as netmiko also relies on paramiko. By studying how these network modules work, you can learn the inner workings of other applications relying on these network modules. In the first half of this chapter, you will learn to replace basic network engineer manual tasks using Python scripts and the paramiko library. In the second half of this chapter, you will learn to write Python scripts using the netmiko library. Once you master how to use these SSH modules, you can apply them to your work immediately. These SSH labs will serve as the cornerstones in developing the IOS XE upgrade application at the end of this book.

Published

2021

28. Secure Shell (SSH)

Author

Robert La Lau

Subjects

Firewall (construction), Terminal (electronics), business.industry, Computer science, Secure Shell, File transfer, Encryption, business, Communications protocol, Protocol (object-oriented programming), Port (computer networking), Computer network

Abstract

Secure shell is a network protocol for the creation of encrypted connections. In its original and purest form, it is used to open a remote terminal and execute commands. However, the protocol can also be used for file transfer (SCP, SFTP); as an encrypted transport protocol for other, possible less strongly secured protocols; and for port forwarding—the redirection of requests for certain ports to ports on other servers—a technique often used to allow machines on different sides of a firewall to communicate.

Published

2021

29. Assessing the overhead of post-quantum cryptography in TLS 1.3 and SSH

Author

Dimitrios Sikeridis, Panos Kampanakis, and Michael Devetsikiotis

Subjects

Authentication, Post-quantum cryptography, Computer science, business.industry, Secure Shell, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Internet security, Public-key cryptography, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Key encapsulation, business, Key exchange, Computer network

Abstract

The advances in quantum computing present a threat to public key primitives due to their ability to solve hard cryptographic problems in polynomial time. To address this threat to critical Internet security protocols like the Transfer Layer Security (TLS), and Secure Shell (SSH), the National Institute of Standards and Technology (NIST) is currently working on the new generation of quantum-resistant key encapsulation and authentication schemes. In this paper, we evaluate protocol handshake performance when both post-quantum key exchange and authentication are integrated into TLS and SSH. Our experiments consider realistic network conditions and reveal that the introduced handshake latency ranges between 1-300% for TLS and 0.5-50% for SSH depending on the post-quantum algorithms used. In addition, we examine how the initial TCP window size affects post-quantum TLS and SSH performance, and show that even a small size increase can reduce the observed post-quantum slowdown by 50%. Finally, we discuss alternatives that can encourage the early adoption of post-quantum cryptography with minimum protocol performance degradation.

Published

2020

30. Webpage controlled surveillance bot using Raspberry Pi

Author

V.G. Rajendran, S. Arunbhaarat, S. Jayalalitha, and S. Radhakrishnan

Subjects

Computer science, business.industry, Secure Shell, ComputerApplications_COMPUTERSINOTHERSYSTEMS, USB, computer.software_genre, law.invention, Raspberry pi, law, Feature (computer vision), Web page, Operating system, Robot, Wireless, business, computer, Ip address

Abstract

This paper deals with designing and building a webpage based on control of a mini size robot by using raspberry pi. In case of a situation where humans cannot able to move in the particular places so that the robot can roam around in a given environment while transmitting back realtime video data to the manually hosted webpage, also the program can be invoked through SSH (Secure Shell) connection (wireless real-time programming). Using a USB based camera the real-time video data can be captured and the robot movement can be controlled in a given environment. The designed robot is compact and it has the main feature of wireless transmission and reception of data using the inbuilt Wi-Fi module that can be controlled and viewed through a webpage. The webpage can be hosted by using Raspberry pi's IP address. Microweb framework type flask has been utilized to give instructions from the web page to the raspberry pi model to control the movement of the robot.

Published

2020

31. POSTER: Distributed SSH Bruteforce Attack Detection with Flow Content Similarity and Login Failure Reputation

Author

Pratibha Khandait, Neminath Hubballi, and Namrata Tiwari

Subjects

Computer science, Secure Shell, Window (computing), Login, Poisson distribution, computer.software_genre, symbols.namesake, Brute-force attack, Similarity (network science), Flow (mathematics), Content (measure theory), symbols, Data mining, computer

Abstract

In this paper we propose a method to detect distributed bruteforcing by modeling failed login attempts as a Poisson probability distribution. We use content similarity between known SSH connection and flow characteristics of failed login attempts to attribute a flow to SSH application and subsequently either as failure or success. Using the failed login count in a window time, we label window as either normal or containing bruteforce attempts.

Published

2020

32. Performance Evaluation of Widely Used Portknoking Algorithms.

Author

Khan, Z.A., Javaid, N., Arshad, M.H., Bibi, A., and Qasim, B.

Abstract

Port knocking is a technique by which only a single packet or special sequence will permit the firewall to open a port on a machine where all ports are blocked by default. It is a passive authorization technique which offers firewall-level authentication to ensure authorized access to potentially vulnerable network services. In this paper, we present performance evaluation and analytical comparison of three widely used port knocking (PK) algorithms, Aldaba, FWKNOP and SIG-2. Comparative analysis is based upon ten selected parameters; Platforms (Supported OS), Implementation (PK, SPA or both), Protocols (UDP, TCP, ICMP), Out of Order packet delivery, NAT (Network Address Translation), Encryption Algorithms, Root privileges (For installation and operation), Weak Passwords, Replay Attacks and IPv6 compatibility. Based upon these parameters, relative performance score has been given to each algorithm. Finally, we deduce that FWKNOP due to compatibility with windows client is the most efficient among chosen PK implementations. [ABSTRACT FROM PUBLISHER]

Published

2012

33. Implementation of NETCONF Standard by Major Customers in Croatia

Author

D. Valencic

Subjects

NETCONF, Router, Command-line interface, business.industry, computer.internet_protocol, Computer science, Secure Shell, Simple Network Management Protocol, Networking hardware, NETCONF, standard, computer networks, router, switch, implementation, customer, The Internet, business, Protocol (object-oriented programming), computer, Computer network

Abstract

The traditional way of managing and configuring network devices is by using Command Line Interface (CLI) method with Secure Shell (SSH) protocol and Simple Network Management Protocol (SNMP). CLI has proven to be a very complex and ineffective solution, especially with fast development and more complexity in the computer networking area. To solve these issues, IETF (Internet Engineering Task Force) standard organization created in 2006 the NETCONF (Network Configuration Protocol) standard. Using the NETCONF standard should enable standardized, simpler, programmatic and more efficient configuration of R/S (router/switch) devices. Today, more than ten years after the creation of the NETCONF standard there is the question about the actual acceptance of the NETCONF protocol in current customers’ networks and about the actual maturity of the NETCONF standard. The scope of this paper is to show the results of the scientific research (qualitative or quantitative) made with major customers (partners and end customers) in Croatia with R/S network devices: in which networks and on which type of devices NETCONF is implemented, what are the reasons for NETCONF (non)implementation, their knowledge about the NETCONF standard, their view of availability of NETCONF training and documentation, etc.

Published

2020

34. A Method for Microservices Handover in A Local Area Network

Author

Rimba Frida Pusparini, Muhammad Helmi Utomo, Ridha Muldina Negara, Reza Afshari, and Favian Dewanta

Subjects

File Transfer Protocol, Handover, business.industry, Computer science, Secure Shell, Server, Cloud computing, Microservices, business, SSH File Transfer Protocol, Edge computing, Computer network

Abstract

The trend of internet of things (IoT) makes the cloud less effective because networked control systems need low latency while cloud have high latency for processing data from sensors and devices. In that kind of situation, fog computing is introduced as the complement of cloud computing. However, unlike cloud services, fog services are limited to certain geographical area. As a consequence, fog services handover is needed in order to accommodate user’s mobility. This paper is focusing on microservices handover that follows user’s movement. The microservices installed in the current fog node are sent to another service coverage of a new fog node for continuing the same service to the users. Fog node contains a docker that runs MySQL, python script, and busybox services. When it comes to handover, docker will freeze current session and convert it to a checkpoint file. The file is created by taking a snapshot of the container, which consists of processes in memory, volume or image. The file will be sent by using secure shell (SSH) or file transfer protocol (FTP). At the destination fog node, the file will be processed in order to resume the service. The results show that delay of SSH is always higher than FTP in all experiments, in which the largest delays are 484.026 seconds for SSH protocol and 146.41 seconds for FTP protocols. As for checkpoint and restore process, those delays tend to be similar with respect to both SSH and FTP protocols but they are still affected by the size of snapshot and checkpoint file.

Published

2020

35. OAuth SSH with Globus Auth

Author

Kyle Chard, Lee Liming, Rachana Ananthakrishnan, Steven Tuecke, Ian Foster, Jason Alt, and Ryan Chard

Subjects

Authentication, Software, business.industry, Computer science, Secure Shell, Identity (object-oriented programming), Operating system, computer.software_genre, business, computer, Protocol (object-oriented programming), Identity management

Abstract

The Secure Shell (SSH) protocol and its OpenSSH implementation are a cornerstone of modern scientific computing, enabling users to access remote computers, transfer data, and execute programs. We describe here extensions to the OpenSSH software that enable an additional authentication method, namely OAuth tokens from Globus Auth. Integration with Globus Auth allows users to authenticate using one of hundreds of supported identity providers, and makes it possible for external applications and services to use short-term tokens to access remote computers securely on behalf of users.

Published

2020

36. SciTokens SSH: Token-based Authentication for Remote Login to Scientific Computing Environments

Author

You Alex Gao, Jim Basney, and Alex Withers

Subjects

Service (systems architecture), Authentication, Computer science, Secure Shell, Security token, Login, Security policy, JSON, computer, Variety (cybernetics), Computational science, computer.programming_language

Abstract

SciTokens SSH is a pluggable authentication module (PAM) that uses JSON Web Tokens (JWTs) for authentication to the Secure Shell (SSH) remote login service. SciTokens SSH supports multiple token issuers with local token verification, so scientific computing providers are not forced to rely on a single OAuth server for token issuance and verification. The decentralized design for SciTokens SSH was motivated by the distributed nature of scientific computing environments, where scientists use computational resources from multiple providers, with a variety of security policies, distributed across the globe.

Published

2020

37. Human Behavior Traits Detection and Avoidance Using Secure Shell Based Environment

Author

S. Sabrinathan, K. Sureshkumar, D.Sathish Kumar, S. Kalpana, and R.Rumesh Balaji

Subjects

Password, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authentication, Mobile phone, Computer science, Secure Shell, Security token, Login, Computer security, computer.software_genre, computer, Personally identifiable information, Vulnerability (computing)

Abstract

Now a day it is not possible to have mobile phone with network connection all time. That time anyone use user's username and password to login user account without user permission sever sent the security notification to the user mail ID but due to poor network coverage or zero data connect the security notification cannot reach the user. In case user use two step authentication to secure the account but two step authentication having token vulnerability so we purpose to secure the login page vulnerability by adding new authentication. In this authentication is extra layer for security it automatically find unauthorized user and block the device and keep users personal information's safe

Published

2020

38. Deep Learning Enabled Intrusion Detection and Prevention System over SDN Networks

Author

Chao-Wei Syu, Lin-Huang Chang, and Tsung-Han Lee

Subjects

business.industry, Network packet, Computer science, Deep learning, Secure Shell, 05 social sciences, 050801 communication & media studies, Intrusion detection and prevention, Denial-of-service attack, Convolutional neural network, 0508 media and communications, Multilayer perceptron, 0502 economics and business, 050211 marketing, Artificial intelligence, business, Software-defined networking, Computer network

Abstract

The Software Defined Network (SDN) provides higher programmable functionality for network configuration and management dynamically. Moreover, SDN introduces a centralized management approach by dividing the network into control and data planes. In this paper, we introduce a deep learning enabled intrusion detection and prevention system (DL-IDPS) to prevent secure shell (SSH) brute-force attacks and distributed denial-of-service (DDoS) attacks in SDN. The packet length in SDN switch has been collected as a sequence for deep learning models to identify anomalous and malicious packets. Four deep learning models, including Multilayer Perceptron (MLP), Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM) and Stacked Auto-encoder (SAE), are implemented and compared for the proposed DL-IDPS. The experimental results show that the proposed MLP based DL-IDPS has the highest accuracy which can achieve nearly 99% and 100% accuracy to prevent SSH Brute-force and DDoS attacks, respectively.

Published

2020

39. Measuring the Prevalence of the Password Authentication Vulnerability in SSH

Author

Dalton A. Hahn, Alexandru G. Bardas, and Ron Andrews

Subjects

Password, Authentication, business.industry, Computer science, computer.internet_protocol, Secure Shell, Computer security, computer.software_genre, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Server, The Internet, Password authentication protocol, business, Communications protocol, computer

Abstract

Securing and hardening network protocols and services is a resource-consuming and continuous effort. Thus, it is important to question how prolific known, mitigable features of those protocols are. The Secure Shell (SSH) protocol is a good example due to its known vulnerability in using password based authentication. We take a closer look at these configurations to identify how prevalent the use of password authentication is at an internet scale. We show that current scanning tools and services provide a starting point in evaluating prevalence, but need to be validated for specific implementations. We also demonstrate that it is possible to augment some of these tools and services to determine the prevalence of password authentication in SSH specifically. As part of our evaluation, we propose a novel method for probing an SSH service to establish if password authentication is allowed, without being intrusive or causing harm to the host. Finally, we show that our analysis has resulted in determining that more than 65% of the over 20 million SSH servers on the public internet allow password authentication.

Published

2020

40. Deprecating RC4 in Secure Shell (SSH)

Author

Loganaden Velvindron

Subjects

Computer science, business.industry, Secure Shell, The Internet, RC4, Computer security, computer.software_genre, business, computer

Abstract

This document deprecates RC4 in Secure Shell (SSH). Therefore, this document formally obsoletes and moves to Historic RFC4345.

Published

2020

41. Secure Shell (SSH) Key Exchange Method Using Curve25519 and Curve448

Author

Mark D. Baushke, Simon Josefsson, and Aris Adamantiadis

Subjects

Computer science, business.industry, Secure Shell, Curve25519, The Internet, business, Protocol (object-oriented programming), Key exchange, Computer network

Abstract

This document describes the specification for using Curve25519 and Curve448 key exchange methods in the Secure Shell (SSH) protocol.

Published

2020

42. Ed25519 and Ed448 Public Key Algorithms for the Secure Shell (SSH) Protocol

Author

Ben Harris and Loganaden Velvindron

Subjects

Public-key cryptography, Digital Signature Algorithm, business.industry, Computer science, Secure Shell, The Internet, SSH File Transfer Protocol, business, Protocol (object-oriented programming), Computer network

Abstract

This document describes the use of the Ed25519 and Ed448 digital signature algorithm in the Secure Shell (SSH) protocol.

Published

2020

43. Review and Analysis of Cowrie Artefacts and Their Potential to be Used Deceptively

Author

Samuel G. Wakeling, Warren Z. Cabral, Craig Valli, and Leslie F. Sikos

Subjects

Honeypot, Computer science, Network security, business.industry, Secure Shell, 02 engineering and technology, Computer security, computer.software_genre, Brute-force attack, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer

Abstract

Honeypots are progressively becoming a fundamental cybersecurity tool to detect, prevent and record new threats and attack methodologies used by attackers to penetrate systems. The current technology is advancing rapidly; with the use of virtualisation, and most recently, virtual containers, the deployment of honeypots has become increasingly easier. A varied collection of open source honeypots such as Cowrie are available today, which can be easily downloaded and deployed within minutes—with default settings. Cowrie is a medium-interaction secure shell (SSH) and Telnet honeypot intended to log brute force and shell interaction attacks. However, the current issue with the default Cowrie configuration is that it is easily detected by adversaries using automated scripts and tools. To increase Cowrie's deceptive capabilities, it is essential to understand, modify, and leverage all capabilities of the honeypot. However, this process is complex, because there are no standard frameworks to interpret the artefacts used by the Cowrie honeypot and how these artefacts link to the type of deceptiveness presented to the cyber-attacker. Therefore, there is a need for some type of infrastructure that can interpret these basic deception techniques and tools, and later developing them into feasible cybersecurity defence mechanisms. This study pursues to develop an understanding about its capabilities, and how these capabilities can be used to bait attackers. The resulting annotations can help cybersecurity defenders better understand the effectiveness of the Cowrie artefacts and how they can be used deceptively.

Published

2019

44. An Empirical Analysis of Plugin-Based Tor Traffic over SSH Tunnel

Author

Zhong Guan, Gaopeng Gou, Yangyang Guan, and Bingxu Wang

Subjects

Traffic analysis, Computer science, business.industry, Server, Secure Shell, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, ComputingMilieux_COMPUTERSANDSOCIETY, Client-side, Encryption, business, Tunneling protocol, Server-side, Computer network

Abstract

Tor is the most widely used system for anonymous low-latency communication. However, the anonymity of TOr is not invulnerable according to a large amount of researches, even with the traffic obfuscation provided by pluggable transports. Concerned about security issues such as identity leakage, users deploy fronting servers as proxies that forward traffic to the entry node of Tor, and encrypted tunneling services such as secure shell (SSH) protocol are commonly used to connect users with proxies. To quantitatively analyze the plugin-based Tor traffic over encrypted tunnels, experiments involving the traffic identification and correlation are performed. Identification aims at recognizing tunneled Tor flows among background traffic at the client side, while correlation associates outward flows of Tor at the server side with corresponding inward flows at the client side. We access to the self-built server through the SSH proxy and Tor successively, capturing data flows generated by different pluggable transports and upper applications. Then identification and correlation techniques based on various machine learning algorithms are used to break anonymity. The accuracy and F1 scores reach above 95% while false positive rates approach 0% under certain conditions. The result demonstrates that Tor traffic encrypted by tunneling protocols is also at risk of anonymity revealing when confronted with traffic analysis.

Published

2019

45. Robot Operating System Integrated robot control through Secure Shell(SSH)

Author

Santosh Tantravahi, Naveen Samudrala, Rajesh Kannan Megalingam, Hemanth Sai Surya Kumar Tammana, Nagasai Thokala, and Hari Sudarshan Rahul Puram

Subjects

Rescue robot, Router, business.industry, Computer science, Secure Shell, Bandwidth (computing), Robot, Wired communication, business, Computer hardware, Data transmission, Robot control

Abstract

The paper presents the operation of a robot through SSH. The robot is a disaster rescue robot and is ROS integrated. Through SSH the robot's CPU is accessed from a robot operating console. Commands are passed from the console to the robot's computing unit through SSH. These commands are used to execute the already existing programs in the robot's processing unit and transmit the results to the operating console through wired or wireless communication. Different programs were executed and their results were presented in this paper. The communication between operating console and robot's CPU is established using a high bandwidth router to avoid the delay in data transmission.

Published

2019

46. Using Honeypot Programs for Providing Defense of Banking Network Infrastructure

Author

Yuriy Lakh and Rostyslav Shymkiv

Subjects

Password, Task (computing), Honeypot, Work (electrical), Brute-force attack, Computer science, Secure Shell, Server, Information security, Computer security, computer.software_genre, computer

Abstract

the main task of the work was to analyze the possible options for using honeypot lures to protect effectively the network perimeter of a banking system. The analyses have been performed using a low-interactive program honeypot, which purpose is to protect open Secure Shell ports on servers of the banking network infrastructure. As an experimental result of the honeypot’s successful using there were received data on the attacker’s actions. Their detailed carried out analysis as well as application results have been presented in the graphs and visualizations with additional programs. In particular, the most frequently used types of logins as well as passwords values during active phase of attacks had been analyzed and due to the obtained results were proposed methods and tools allowing avoid such types of attacks. Recommendations for developing network secure perimeter of a banking system according to the modern information security requirements had been proposed.

Published

2019

47. Outsourced Ciphertext-Policy based Privacy Preservation for Mobile Cloud Computing

Author

Shengling Wang, Sheharyar, Zahid Mahmood, and Waqas Ahmad

Subjects

020203 distributed computing, Authentication, Computer science, business.industry, Secure Shell, Hash function, 020207 software engineering, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Crowdsourcing, Mobile cloud computing, Mobile phone, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, General Earth and Planetary Sciences, Verifiable secret sharing, business, computer, Mobile device, General Environmental Science, Anonymity

Abstract

With the rapid advancement of mobile phone technology, crowdsourced mobile applications are gaining importance for cheaper and abundant information gathering source. A couple of benefits of crowdsourcing are better (versatile) and less expensive responses to the requester, source of earning for crowd contributors at the same time. With the emergence of wireless access technologies and the popularity of smart and intelligent mobile terminals like smartphones, the privacy of requesters and contributors in a crowdsourced environment is becoming more crucial. Computation complexity of available privacy preserving tools and verification of outsourced schemes are not feasible for WSNs low power and resource constrained contributing devices. The low-end resource constrained mobile devices to have less capability to compute multiple access policies and the computation cost increases with the complexity of access strategy. To resolve this issue, we proposed a resourceful verifiable outsourced encryption policy based on ciphertext attributed policy (OS-ABE), which is a platform for computing exhaustive computing tasks during private data encryption and decryption. The proposed scheme works without revealing the personal data at outsource and leaves only the minimal calculation to the crowdsource contributor and the requester. To authenticate and overcome known attacks like DoS, false computing results at crowdsourced platforms, anonymity server is embedded to handle contributors privacy issues by providing a secure shell in the framework. This scheme is based on bilinear group of prime order in which two hash functions can verify outsourced computation and ensure integrity of data. The formal security and performance analysis is presented and found to be efficient and secure.

Published

2018

48. Detecting Malicious Activity With DNS Backscatter Over Time

Author

Kensuke Fukuda, John Heidemann, and Abdul Qadeer

Subjects

Computer Networks and Communications, Computer science, business.industry, BitTorrent tracker, Domain Name System, Secure Shell, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Electronic mail, Computer Science Applications, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, Electrical and Electronic Engineering, DNS hijacking, Backscatter (email), Heartbleed, business, computer, Software, Computer network

Abstract

Network-wide activity is when one computer (the originator ) touches many others (the targets ). Motives for activity may be benign (mailing lists, content-delivery networks, and research scanning), malicious (spammers and scanners for security vulnerabilities), or perhaps indeterminate (ad trackers). Knowledge of malicious activity may help anticipate attacks, and understanding benign activity may set a baseline or characterize growth. This paper identifies domain name system (DNS) backscatter as a new source of information about network-wide activity. Backscatter is the reverse DNS queries caused when targets or middleboxes automatically look up the domain name of the originator. Queries are visible to the authoritative DNS servers that handle reverse DNS. While the fraction of backscatter they see depends on the server’s location in the DNS hierarchy, we show that activity that touches many targets appear even in sampled observations. We use information about the queriers to classify originator activity using machine-learning. Our algorithm has reasonable accuracy and precision (70–80%) as shown by data from three different organizations operating DNS servers at the root or country level. Using this technique, we examine nine months of activity from one authority to identify trends in scanning, identifying bursts corresponding to Heartbleed, and broad and continuous scanning of secure shell.

Published

2017

49. Secure Shell

Author

van Tilborg, Henk C. A., editor and Jajodia, Sushil, editor

Published

2011

50. Breaking and Provably Repairing the SSH Authenticated Encryption Scheme: A Case Study of the Encode-then-Encrypt-and-MAC Paradigm.

Author

Bellare, Mihir, Kohno, Tadayoshi, and Namprempre, Chanathip

Subjects

DATA encryption, COMPUTER operating systems, CRYPTOGRAPHY, SECURITY systems, SYSTEMS software, INTERNET, WIDE area networks, SECURITY systems industry

Abstract

The secure shell (SSH) protocol is one of the most popular cryptographic protocols on the Internet. Unfortunately, the current SSH authenticated encryption mechanism is insecure. In this paper, we propose several fixes to the SSH protocol and, using techniques from modern cryptography, we prove that our modified versions of SSH meet strong new chosen-ciphertext privacy and integrity requirements. Furthermore, our proposed fixes will require relatively little modification to the SSH protocol and to SSH implementations. We believe that our new notions of privacy and integrity for encryption schemes with stateful decryption algorithms will be of independent interest. [ABSTRACT FROM AUTHOR]

Published

2004