• Smart Media Journal
• /
• v.13 no.6
• /
• pp.9-15
• /
• 2024

In recent trends, there has been an increase in 'Qshing' attacks, a hybrid form of phishing that exploits fake QR (Quick Response) codes impersonating government agencies to steal personal and financial information. Particularly, this attack method is characterized by its stealthiness, as victims can be redirected to phishing pages or led to download malicious software simply by scanning a QR code, making it difficult for them to realize they have been targeted. In this paper, we have developed a classification technique utilizing machine learning algorithms to identify the maliciousness of URLs embedded in QR codes, and we have explored ways to integrate this with existing QR code readers. To this end, we constructed a dataset from 128,587 malicious URLs and 428,102 benign URLs, extracting 35 different features such as protocol and parameters, and used AutoML to identify the optimal algorithm and hyperparameters, achieving an accuracy of approximately 87.37%. Following this, we designed the integration of the trained classification model with existing QR code readers to implement a service capable of countering Qshing attacks. In conclusion, our findings confirm that deriving an optimized algorithm for classifying malicious URLs in QR codes and integrating it with existing QR code readers presents a viable solution to combat Qshing attacks.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.18 no.5
• /
• pp.55-62
• /
• 2018

The MTD-based approach changes various operating parameters dynamically so that the vulnerability of the system can be protected from the malicious attack. In this paper, random/serial scanning/jamming attack success probabilities have been mathematically analyzed and verified through simulation to improve the security of the wireless communication systems in which the MTD-SDR technologies are applied. As a result, for random scanning attacks, attack success probability increases as the change period of transmission channel increases, while for random jamming attacks there is no change. The attack success probability patterns for serial attacks are similar to those of random attacks, but when the change period of transmission channel approaches to the total number of transmission channels, the success probability of serial attack is getting greater than that of random attack, up to twice in jamming attacks and up to 36% in scanning attacks.

• Journal of Digital Contents Society
• /
• v.19 no.2
• /
• pp.327-334
• /
• 2018

When a PC is infected with a malicious code, it communicates with the control and command (C&C) server and, by the attacker's instructions, spreads to the internal network and acquires information. The company focuses on preventing attacks from the outside in advance, but malicious codes aiming at APT attacks are infiltrated into the inside somehow. In order to prevent the spread of the damage, it is necessary to perform internal monitoring to detect a PC that is infected with malicious code and attempts to communicate with the C&C server. In this paper, a destination IP monitoring method is proposed in this paper using Bloom filter to quickly and effectively check whether the destination IP of many packets is in the blacklist.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.9 no.10
• /
• pp.4191-4203
• /
• 2015

WebView is a vital component in smartphone platforms like Android, Windows and iOS that enables smartphone applications (apps) to embed a simple yet powerful web browser inside them. WebView not only provides the same functionalities as web browser, it, more importantly, enables a rich interaction between apps and webpages loaded inside the WebView. However, the design and the features of WebView lays path to tamper the sandbox protection mechanism implemented by browsers. As a consequence, malicious attacks can be launched either against the apps or by the apps through the exploitation of WebView APIs. This paper presents a critical attack called Supplementary Event-Listener Injection (SEI) attack which adds auxiliary event listeners, for executing malicious activities, on the HTML elements in the webpage loaded by the WebView via JavaScript Injection. This paper also proposes an automated static analysis system for analyzing WebView embedded apps to classify the kind of vulnerability possessed by them and a solution for the mitigation of the attack.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.213-218
• /
• 2021

This paper proposes a technique for detecting a significant threat that attempts to get sensitive and confidential information such as usernames, passwords, credit card information, and more to target an individual or organization. By definition, a phishing attack happens when malicious people pose as trusted entities to fraudulently obtain user data. Phishing is classified as a type of social engineering attack. For a phishing attack to happen, a victim must be convinced to open an email or a direct message [1]. The email or direct message will contain a link that the victim will be required to click on. The aim of the attack is usually to install malicious software or to freeze a system. In other instances, the attackers will threaten to reveal sensitive information obtained from the victim. Phishing attacks can have devastating effects on the victim. Sensitive and confidential information can find its way into the hands of malicious people. Another devastating effect of phishing attacks is identity theft [1]. Attackers may impersonate the victim to make unauthorized purchases. Victims also complain of loss of funds when attackers access their credit card information. The proposed method has two major subsystems: (1) Data collection: different websites have been collected as a big data corresponding to normal and phishing dataset, and (2) distributed detection system: different artificial algorithms are used: a neural network algorithm and machine learning. The Amazon cloud was used for running the cluster with different cores of machines. The experiment results of the proposed system achieved very good accuracy and detection rate as well.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.10
• /
• pp.3793-3814
• /
• 2021

Most secure solutions like cryptography are software based and they are designed to mainly deal with the outside attacks for traditional networks, but such soft security is hard to be implemented in wireless sensor networks to counter the inside attacks from internal malicious nodes. To address this issue, reputation has been introduced to tackle the inside malicious nodes. Reputation is essentially a stimulating mechanism for nodes' cooperation and is employed to detect node misbehaviors and improve the trust-worthiness between individual nodes. Among the reputation models, binomial distribution based reputation has many advantages such as light weight and ease of implementation in resource-constraint sensor nodes, and accordingly researchers have proposed many insightful related methods. However, some of them either directly use the modelling results, apply the models through simple modifications, or only use the required components while ignoring the others as an integral part of the whole model, this topic still lacks a comprehensive and systematical review. Thus the motivation of this study is to provide a thorough survey concerning each detailed functional components of binomial distribution based reputation for wireless sensor networks. In addition, based on the survey results, we also argue some open research problems and suggest the directions that are worth future efforts. We believe that this study is helpful to better understanding the reputation modeling mechanism and its components for wireless sensor networks, and can further attract more related future studies.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.6
• /
• pp.1657-1673
• /
• 2023

With the advancement of information technology, criminals employ multiple cyberspaces to promote cybercrime. To combat cybercrime and cyber dangers, banks and financial institutions use artificial intelligence (AI). AI technologies assist the banking sector to develop and grow in many ways. Transparency and explanation of AI's ability are required to preserve trust. Deep learning protects client behavior and interest data. Deep learning techniques may anticipate cyber-attack behavior, allowing for secure banking transactions. This proposed approach is based on a user-centric design that safeguards people's private data over banking. Here, initially, the attack data can be generated over banking transactions. Routing is done for the configuration of the nodes. Then, the obtained data can be preprocessed for removing the errors. Followed by hierarchical network feature extraction can be used to identify the abnormal features related to the attack. Finally, the user data can be protected and the malicious attack in the transmission route can be identified by using the Wrapper stepwise ResNet classifier. The proposed work outperforms other techniques in terms of attack detection and accuracy, and the findings are depicted in the graphical format by employing the Python tool.

• Proceedings of the IEEK Conference
• /
• 2002.06d
• /
• pp.319-322
• /
• 2002

In this paper, we present a digital authentication technique using content-based watermarking in digital images. To digest the image contents, Hopfield network is employed on the block-based edge image. The Hopfield function extracts the same tit fur similarly looking blocks so that the values are unlikely to change to the innocuous manipulations while being changed far malicious manipulations. By inputting the extracted bit sequence with secret key to the cryptographic hash function, we generate a watermark for each block by seeding a pseudo random number generator with a hash output Therefore, the proposed authentication technique can distinguish between malicious attacks and innocuous attacks. Watermark embedding is based on the block-based spread spectrum method in DCT domain and the strength of watermark is adjusted according to the local statistics of DCT coefficients in a zig-zag scan line in AC subband. The numerical experiments show that the proposed technique is very efficient in the performance of robust authentication.

• International journal of advanced smart convergence
• /
• v.7 no.3
• /
• pp.101-109
• /
• 2018

In this paper, we propose an adaptive filtering scheme of connection requests for the defense of malicious energy consumption attacks against wireless computing devices with limited energy budget. The energy consumption attack tries to consume the battery energy of a wireless device with repeated connection requests and shut down the wireless device by exhausting its energy budget. The proposed scheme blocks a connection request of the energy consumption attack in the middle, if the same connection request is repeated and its request result is failed continuously. In order to avoid the blocking of innocuous mistakes of normal users, the scheme gives another chance to allow connection request after a fixed blocking time. The scheme changes the blocking time adaptively by comparing the message arriving ate during non-blocking period and that during blocking period. Evaluation shows that the proposed defense scheme saves up to 94% energy consumption compared to the non-defense case.

• International journal of advanced smart convergence
• /
• v.12 no.1
• /
• pp.149-156
• /
• 2023

OOXML-based MS-Office digital files are extensively utilized by businesses and organizations worldwide. However, OOXML-based MS-Office digital files are vulnerable to forgery and corruption attack by including hidden suspicious information, which can lead to activating malware or shell code being hidden in the file. Such malicious code can cause a computer system to malfunction or become infected with ransomware. To prevent such attacks, it is necessary to analyze and detect the corruption of OOXML-based MS-Office files. In this paper, we examine the weaknesses of the existing OOXML-based MS-Office file structure and analyzes how concealment and forgery are performed on MS-Office digital files. As a result, we propose a system to detect hidden data effectively and proactively respond to ransomware attacks exploiting MS-Office security vulnerabilities. Proposed system is designed to provide reliable and efficient detection of hidden data in OOXML-based MS-Office files, which can help organizations protect against potential security threats.