Phishing Attack Detection Using Enhanced Classification Method
Abstract:
Phishing attack is major issue. The attacker steals the information from the users machine or insert a malware in that system. When the users are attracted to visit the web page the script is executed to carried out the its task. To detect and prevent these attack various tools and methods are developed. Various phishing detection techniques are proposed. But the phishing attacks are not completely detected because the attacker dynamically changing their approaches. In this paper we propose a dynamic approach which solution to any type of phishing attack. Our idea is to analyze the static and dynamic features of the web page to differentiate phishing and genuine web page using machine learning algorithms. The proposed approach correctly detects all phishing and genuine website without any false positive and negatives. It overcomes many drawback of the existing signature based approaches.
Keywords: Phishing, Web, Malware, Detection
Keywords: Phishing, Web, Malware, Detection
URL : http://irejournals.com/formatedpaper/1700906.pdf
Using Two Level QR Code System For Providing Security To Important Data
Abstract:
The Quick Response (QR) codes are optics labels which are machine readable. User can create QR either dynamic or static QR by using Code Generator and download them for immediate use. QR code is use to store the data on to that. QR codes are the way to provide a linking between the Internet and real world products and. QR codes make it so easy to transfer a web link to a mobile. There is a new rich QR code use for data security, that has two storage levels. That QR code called two level QR code because it is having two parts. One part is for public data and it is generated by standard process. It can be reads by any application which is standard QR code reader. The second part of QR code is private data and it will generates using texture patterns. These patterns are replaces the black modules of the QR code. Because of using texture patterns, there will be increase capacity of the QR code to store the data as well as user can be check the actual document with the copied documents. Recognizing the patterns is method that can be use to scan the second part of the QR code. It is also use both in shares the private data and to provide the security for data. The capacity QR code is to store the data can be increase by increasing the size of texture pattern .
Keywords: Quick response code, Data security, Print and Scan, Golay algorithm
Mitigating Cross Site Scripting Attacks With A Content Security Policy
Abstract:
A content security policy (CSP) can help Web application developers and server administrators better control website content and avoid vulnerabilities to cross-site scripting (XSS). In experiments with a prototype website, the authors' CSP implementation successfully mitigated all XSS attack types in four popular browsers. An XSS attack involves injecting malicious script into a trusted website that executes on a visitor?s browser without the visitor?s knowledge and thereby enables the attacker to access sensitive user data, such as session tokens and cookies stored on the browser.1 With this data, attackers can execute several malicious acts, including identity theft, key logging, phishing, user impersonation, and webcam activation.
Keywords: Content Security Policy, Cross Site Scripting, Web Applications, Input Sanitizers, Mitigating, Vulnerabilities
Data Analytics And Security In Cloud
Abstract:
The advent of the digital age has led to a rise in different types of data with every passing day. This data is complex and needs to be stored, processed and analyzed for information that can be used by organizations. Cloud computing provides an apt platform for big data analytics in view of the storage and computing requirements of the latter. We discuss various possible solutions for the issues in cloud computing security and Hadoop. Big data analytics use complex data mining algorithm that require efficient high performance processors. Cloud computing infrastructure is able to provide both computational and data processing applications and also offers elasticity, pay-per- user, low affordable investment. Challenges in data migration on cloud are scalable data management, application security, Map reduce & Hadoop environment.
Keywords: Big Data, Cloud Computing, Kerberos, Altryx
Security For Short Message Peer-To-Peer Protocol
Abstract:
Short Message Service (SMS) has become an extension of our lives and plays an important role in daily chores. SMS is a popular medium for delivering Value Added Services and are suitable for mobile banking, payment reminders, SOS calls, stock and news alerts, railway and flight enquiries etc. These types of messages are normally computer generated messages sent over Short Message Peer-to- Peer (SMPP) protocol. SMPP is an application layer protocol to send messages over TCP/IP connection. The Short Message Peer-to- Peer (SMPP) protocol is a telecommunications industry protocol for exchanging SMS messages between SMS peer entities such as short message service centers and/or External Short Messaging Entities. SMPP protocol has no security measures specified which allows fast delivery of SMS messages in bulk. Compromised messages or loss of messages can cause lot of revenue loss and fatal consequences. A secure SMPP protocol is proposed and implemented by introducing Transport Layer Security (TLS) with SMPP protocol specifications. A client tool is developed to securely connect to the server. Secure Short Message Peer-to- Peer protocol will enhance the security of fast growing messaging and telecommunication world.