Explore chapters and articles related to this topic
IoT Security Frameworks and Countermeasures
Published in Stavros Shiaeles, Nicholas Kolokotronis, Internet of Things, Threats, Landscape, and Countermeasures, 2021
G. Bendiab, B. Saridou, L. Barlow, N. Savage, S. Shiaeles
Injection attacks refer to a wide range of attack vectors in which attackers inject malicious input into a program or query or inject malware onto a system in order to execute remote commands. This fake input will be interpreted as a part of a command or query and executed, generating wrong results. Some of the more common types of injections are SQL Injection (SQLi), Cross-Site Scripting (XSS), shell injection, code injection, XPath Injection, and XML external entity (XXE) injection [21]. Injections are amongst the most popular and dangerous attacks that can lead to data theft, loss of data integrity, DDoS attacks, as well as full compromise of the target system. In fact, there are numerous free tools that help amateur hackers to easily launch this kind of attack with potentially serious consequences. For instance, over 420,000 websites around the world were attacked with an SQL injection in 2014, which allowed Russian hackers to steal more than 1.2 million identifiers and passwords [22].
Survey of Blockchain Techniques for IoT Device Security
Published in Sonali Vyas, Vinod Kumar Shukla, Shaurya Gupta, Ajay Prasad, Blockchain Technology, 2022
Common Attacks:Data Leakage: Vulnerable applications may lead to data loss and loss of confidentiality.DoS Attacks: Attackers may attempt to launch an attack causing the application to become unavailable.Malicious Code Injection: Vulnerable applications are prone to injection attacks; attackers may inject malicious code.
Data security
Published in Vahap Tecim, Sezer Bozkus Kahyaoglu, Artificial Intelligence Perspective for Smart Cities, 2023
An XSS (Cross-Site Scripting) attack is a client-side code injection attack. The attack happens by inserting malicious JavaScript code into a legitimate web application that users can access. An attack occurs when another user runs this script. Systems with input elements are the most common target of this attack. With this operation, the attacker can manipulate or illegally possess the data (Gupta and Gupta, 2017). The attack takes place entirely on the client-side, not on the server.
Development of testbed for cyber-manufacturing security issues
Published in International Journal of Computer Integrated Manufacturing, 2020
Mingtao Wu, Jinwoo Song, Snehav Sharma, Jupeng Di, Benliu He, Ziming Wang, Jingkai Zhang, Long Wang Lucas Lin, Emily Ann Greaney, Young Moon
According to the 2016 security report from IBM, 74% of their manufacturing clients are targeted by malicious input data and code injection to attempt to control or disrupt a system, which is notably higher than the cross-industry average of 42%. Among those code injection attacks in manufacturing, SQL injection made up 45% of these attacks and ranks the most frequent cyber-attack vector among all code injection attacks (IBM-Security 2017).