China
Africa
Explore chapters and articles related to this topic
Blockchain User, Network and System-Level Attacks and Mitigation
Published in Shaun Aghili, The Auditor's Guide to Blockchain Technology, 2023
Nishtha Baria, Dharmil Parmar, Vidhi Panchal
Buffer overflows are caused by programming bugs, thus, the ideal way to control them is to better educate developers on how to avoid them. Buffer overflows are addressed in secure coding textbooks and various related best practices. Employing memory-safe programming languages, frameworks and libraries that can provide secure versions of functions likely to cause buffer overflows are examples of techniques to mitigate buffer overflow vulnerabilities. Application designers should employ ASLR (Address Space Layout Randomization) and PIE (Position Independent Executables); both use executable and address placement to limit the threats of buffer overflow attacks. ASLR was created for use in return-oriented programming, and works by making structure offsets more difficult to determine by randomizing memory locations [35]. Compiler flags and extensions should also be used. However, none of these techniques provides total safety, hence a layered security approach that involves code reviews and application security audits by security teams should be done on a regular basis [10].
Network Security for EIS and ECS Systems
Published in Barney L. Capehart, Timothy Middelkoop, Paul J. Allen, David C. Green, Handbook of Web Based Energy Information and Control Systems, 2020
If a password cannot be decoded, an attacker may attempt to gain initial access to a system by exploiting a software weakness. Some operating systems allow for remote access, thus presenting an opportunity for unauthorized entry if these access points are not properly secured. One of the most common software vulnerabilities is called a buffer overflow. A buffer overflow occurs when input data exceed the size of their allocated program memory buffer because checks are lacking to ensure that the input data are not written beyond the buffer boundary.[5] Unfortunately, due to poor coding and quality assurance practices many operating systems and applications contain this vulnerability. An attacker exploiting a buffer overflow can remotely escalate his privileges on the target system. Through a complex process of analyzing memory addresses of applications with known vulnerabilities, the attacker can gain administrator privileges on the target system by either launching a command shell application or crashing an application or operating system such that the system restarts in ‘Administrator’ mode. The cost of a single compromise can be astronomical if the attacker is able to further infiltrate a system and access valuable information.[6] Exploitation of buffer overflows can generally be prevented by active maintenance of software patches as they become available and by improved software development processes within the organization.
War of Control Hijacking
Published in Uzzal Sharma, Parmanand Astya, Anupam Baliyan, Salah-ddine Krit, Vishal Jain, Mohammad Zubair Khan, Advancing Computational Intelligence Techniques for Security Systems Design, 2023
Ragini Karwayun, Monika Sainger
In 1988, the earliest internet era, a very peculiar type of malware known as the Morris Worm infected nearly 10% of the internet in only two days, costing approximately $100,000 and $10 million in damage, as per the records of the Government Accountability Office. The Morris Worm is commonly known as the buffer-overflow attack. Buffer overflow is a software coding anomaly or vulnerability that an attacker can exploit to gain unauthorized access to any system. Even though this is one of the most common software vulnerabilities, it is not fully controlled. This is due to the fact that there are multiple different ways in which buffer overflow can take place, and the available prevention techniques are not fool proof and error-free.
A Systematic Review Paper on Energy-Efficient Routing Protocols in Internet of Things
Published in IETE Journal of Research, 2023
Initially, RPL was designed for LLN networks and works only on lightweight traffic of data networks. As the connection of IoT devices is increasing every day and, in the future, it will connect more devices as shown in Figure 8. From this, we can analyse that data produced by these devices is also going to increase. This is a problem for RPL as it does not work efficiently on the heavily loaded network. This makes the loss of many packets and also increases the end-to-end delay of transmission of data. This can also decrease the growth of IoT networks. When a node sends data to another node, there are chances that buffer overflow occurrence can occur in a congestion environment of IoT. The node sends information to its parent node, in a heavily loaded network there are chances that the node continuously sends data to its over-loaded parent. This creates a parent selection problem and also raises many problems such as packet loss, increases delay, increases energy consumption, and not an inefficient use of a queue (Figure 9).
Reconstruction probability-based anomaly detection using variational auto-encoders
Published in International Journal of Computers and Applications, 2023
VAEs are first trained on KDD99 dataset available on Kaggle (http://kdd.ics.uci.edu/databases/kddcup99/kddcp99.html). There are different types of attacks simulated in the dataset. The attack type falls into four categories: Denial of service (DoS) like synchronization flood, unauthorized access from a machine like guessing a password, unauthorized access to local superuser, e.g. buffer overflow, and port scanning like probing. The dataset contains 494021 rows and 0 columns that characterize the network state over a time period during which a cyber attack might take place. The column labeled outcome was added to the network indicating the types of the data pattern. The dataset consists of 97278 normal instances and 396743 attack types. Figure 2 shows the sample of the dataset. The data grouped by outcomes include ‘Buffer overflow’, ‘ftp_write’, ‘guess password’ etc., which indicate different types of attacks simulated in this dataset. More importantly, the test data samples do not fall from the same distribution as the training data. This improves the realistic nature of the process because most intrusion experts think that majority of the novel attacks are variants of each other, and the signature of these is enough to catch these variants. There are a total of 24 attack types in the training data with the addition of 14 types in test data.
A Stochastic Model for Performance Evaluation of Hybrid Network Architectures of IoT with an Improved Design
Published in IETE Journal of Research, 2023
The data transmission in a real-world IoT system may fail due to several reasons including sensor node failure, link failure, packet collision in multiple access scenarios, buffer overflow at access points resulting from heavy traffic, etc. This paper presents a stochastic model for the assessment of the reliability of data transmission, depending on the failure of sensor nodes due to the link failure at the perception layer. However, the other factors are not considered for the simplicity and feasibility of the stochastic model. System reliability is inversely related to its failure. Since the failure of a system is a random or stochastic process occurring over time, it is justifiable to use the Poisson process to describe the system failure [23]. Markov models can be used for stochastic system modeling to represent a system in a particular state at a particular time. Therefore, Markov chains [24] have been used to describe the transition of front-end sensor nodes from a healthy state to a failed state and vice versa. The failure of front-end sensor node links (wired or wireless) follows a Poisson process with rate λ and they get repaired at a rate μ [25]. Table 1 gives the important notations commonly used in this paper along with their description.