Related papers: An Innovative Security Strategy using Reactive Web…
Traditional reactive approach of blacklisting botnets fails to adapt to the rapidly evolving landscape of cyberattacks. An automated and proactive approach to detect and block botnet hosts will immensely benefit the industry. Behavioral…
In recent years, the emerging Internet-of-Things (IoT) has led to rising concerns about the security of networked embedded devices. In this work, we focus on the adaptation of Honeypots for improving the security of IoTs. Low-interaction…
Due to the increasing sophistication of web attacks, Web Application Firewalls (WAFs) have to be tested and updated regularly to resist the relentless flow of web attacks. In practice, using a brute-force attack to discover vulnerabilities…
This paper proposes a novel visual model for web applications security monitoring. Although an automated intrusion detection system can shield a web application from common attacks, it usually cannot detect more complicated break-ins. So, a…
This paper outlines a comprehensive model to increase system efficiency, preserve network bandwidth, monitor incoming and outgoing packets, ensure the security of confidential files and reduce power wastage in an organization. This model…
We propose an architecture, Flare, that is a structured and easy way to develop applications rapidly, in a multitude of languages, which make use of online storage of data and management of users. The architecture eliminates the need for…
Opportunistic networking is one way to realize pervasive applications while placing little demand on network infrastructure, especially for operating in less well connected environments. In contrast to the ubiquitous network access model…
We show how an off-path (spoofing-only) attacker can perform cross-site scripting (XSS), cross-site request forgery (CSRF) and site spoofing/defacement attacks, without requiring vulnerabilities in either web-browser or server and…
With the ever growing networking capabilities and services offered to users, attack surfaces have been increasing exponentially, additionally, the intricacy of network architectures has increased the complexity of cyber-defenses, to this…
Web applications require access to the file-system for many different tasks. When analyzing the security of a web application, secu- rity analysts should thus consider the impact that file-system operations have on the security of the whole…
Peer-to-Peer (P2P) botnets are becoming widely used as a low-overhead, efficient, self-maintaining, distributed alternative to the traditional client/server model across a broad range of cyberattacks. These cyberattacks can take the form of…
We introduce Reagent, a technology that readily converts ordinary webpages containing structured data into software agents with which one can interact naturally, via a combination of speech and pointing. Previous efforts to make webpage…
Real-Time systems are essential for promptly responding to external stimuli and completing tasks within predefined time constraints. Ensuring high reliability and robust security in these systems is therefore critical. This requires…
One of the major goals of incident response is to help an organization or a system owner to quickly identify and halt the attacks to minimize the damages (and financial loss) to the system being attacked. Typical incident responses rely…
Rigorously characterizing the statistical properties of cyber attacks is an important problem. In this paper, we propose the {\em first} statistical framework for rigorously analyzing honeypot-captured cyber attack data. The framework is…
The emerging wide area monitoring systems (WAMS) have brought significant improvements in electric grids' situational awareness. However, the newly introduced system can potentially increase the risk of cyber-attacks, which may be disguised…
Web services are becoming business-critical components, often deployed with critical software bugs that can be maliciously explored. Web vulnerability scanners allow the detection of security vulnerabilities in web services by stressing the…
Graph Neural Networks (GNNs) have achieved remarkable performance on tasks involving relational data. However, small perturbations to the graph structure can significantly alter GNN outputs, raising concerns about their robustness in…
Webshell attacks are becoming more common, requiring robust detection mechanisms to protect web applications. The dissertation clearly states two research directions: scanning web application source code and analyzing HTTP traffic to detect…
Cyber-secure networked control is modeled, analyzed, and experimentally illustrated in this paper. An attack space defined by the adversary's system knowledge, disclosure, and disruption resources is introduced. Adversaries constrained by…