Biblio

Password data in a system usually stored in hash. Various human-caused negligence and system vulnerability can make those data fall in the hand of those who isn't entitled to or even those who have malicious purpose. Attacks which could be done on the hashed password data using GPGPU-based machine are for example: brute-force, dictionary, mask-attack, and word-list. This research explains about effectivity of brute-force and dictionary attack which done on SHA-l hashed password using GPGPU-based machine. Result is showing that brute-force effectively crack more password which has lower set of character, with over 11% of 7 or less characters passwords vs mere 3 % in the dictionary attack counterpart. Whereas dictionary attack is more effective on cracking password which has unsecure character pattern with 5,053 passwords vs 491 on best brute-force attack scenario. Usage of combined attack method (brute-force + dictionary) gives more balanced approach in terms of cracking whether the password is long or secure patterned string.

Recently, a mechanism that randomly shuffles the data sent and allows securing the communication without the need to encrypt all the information has been proposed. This proposal is ideal for IoT systems with low computational capacity. In this work, we analyze the strength of this proposal from a brute-force attack approach to obtain the original message without knowledge of the applied disordering. It is demonstrated that for a set of 10x10 16-bit data, the processing time and the required memory are unfeasible with current technology. Therefore, it is safe.

In this work, we discuss data breaches based on the “2012 SocialArks data breach” case study. Data leakage refers to the security violations of unauthorized individuals copying, transmitting, viewing, stealing, or using sensitive, protected, or confidential data. Data leakage is becoming more and more serious, for those traditional information security protection methods like anti-virus software, intrusion detection, and firewalls have been becoming more and more challenging to deal with independently. Nevertheless, fortunately, new IT technologies are rapidly changing and challenging traditional security laws and provide new opportunities to develop the information security market. The SocialArks data breach was caused by a misconfiguration of ElasticSearch Database owned by SocialArks, owned by “Tencent.” The attack methodology is classic, and five common Elasticsearch mistakes discussed the possibilities of those leakages. The defense solution focuses on how to optimize the Elasticsearch server. Furthermore, the ElasticSearch database’s open-source identity also causes many ethical problems, which means that anyone can download and install it for free, and they can install it almost anywhere. Some companies download it and install it on their internal servers, while others download and install it in the cloud (on any provider they want). There are also cloud service companies that provide hosted versions of Elasticsearch, which means they host and manage Elasticsearch clusters for their customers, such as Company Tencent.

Wireless communications have encountered a considerable improvement and have integrated human life through various applications, mainly by the widespread of mobile ad hoc and sensor networks. A fundamental characteristic of wireless communications are in their broadcast nature, which allows accessibility of information without placing restrictions on a user's location. However, accessibility also makes wireless communications vulnerable to eavesdropping. To enhance the security of network communication, we propose a separate key generation server which is responsible for key generation using complex random algorithm. The key will remain in database in encrypted format. To prevent brute force attack, we propose various group key generation algorithms in which every group will have separate group key to verify group member's identity. The group key will be verified with the session information before decryption, so that our system will prevent attack if any attacker knows the group key. To increase the security of the system, we propose three level encryption securities: Client side encryption using AES, Server side encryption using AES, and Artificial noise generation and addition. By using this our system is free from brute force attack as we are using three level message security and complex Random key generation algorithms.

In recent decennium, hardware security has gained a lot of attention due to different types of attacks being launched, such as IP theft, reverse engineering, counterfeiting, etc. The critical testing infrastructure incorporated into ICs is very popular among attackers to mount side-channel attacks. The IEEE standard 1687 (IJTAG) is one such testing infrastructure that is the focus of attackers these days. To secure access to the IJTAG network, various techniques based on Locking SIB (LSIB) have been proposed. One such very effective technique makes use of Security Linear Feedback Shift Register (SLFSR) along with LSIB. The SLFSR obfuscates the scan chain information from the attacker and hence makes the brute-force attack against LSIB ineffective.In this work, it is shown that the SLFSR based Locking SIB is vulnerable to side-channel attacks. A power analysis attack along with known-plaintext attack is used to determine the IJTAG network structure. First, the known-plaintext attack is used to retrieve the SLFSR design information. This information is further used along with power analysis attack to determine the exact length of the scan chain which in turn breaks the whole security scheme. Further, a countermeasure is proposed to prevent the aforementioned hybrid attack.

In this work, we perform security analysis of using an e-mail as a self-service password reset point, and exploit some of the vulnerabilities of e-mail servers' forgotten password reset paths. We perform and illustrate three different attacks on a personal Email account, using a variety of tools such as: public knowledge attainable through social media or public records to answer security questions and execute a social engineering attack, hardware available to the public to perform a man in the middle attack, and free software to perform a brute-force attack on the login of the email account. Our results expose some of the inherent vulnerabilities in using emails as password reset points. The findings are extremely relevant to the security of mobile devices since users' trend has leaned towards usage of mobile devices over desktops for Internet access.

One of the most important strength features of crypto-system's is the key space. As a result, whenever the system has more key space, it will be more resistant to attack. The weakest type of attack on the key space is Brute Force attack, which tests all the keys on the ciphertext in order to get the plaintext. But there are several strategies that can be considered by the attacker and cryptographer related to the selection of the right key with the lowest cost (time). Game theory is a mathematical theory that draws the best strategies for most problems. This research propose a new evaluation method which is employing game theory to draw best strategies for both players (cryptographer & attacker).

An information system is only as secure as its weakest point. In many information systems that remains to be the human factor, despite continuous attempts to educate the users about the importance of password security and enforcing password creation policies on them. Furthermore, not only do the average users' password creation and management habits remain more or less the same, but the password cracking tools, and more importantly, the computer hardware, keep improving as well. In this study, we performed a broad targeted attack combining several well-established cracking techniques, such as brute-force, dictionary, and hybrid attacks, on the passwords used by the students of a Slovenian university to access the online grading system. Our goal was to demonstrate how easy it is to crack most of the user-created passwords using simple and predictable patterns. To identify differences between them, we performed an analysis of the cracked and uncracked passwords and measured their strength. The results have shown that even a single low to mid-range modern GPU can crack over 95% of passwords in just few days, while a more dedicated system can crack all but the strongest 0.5% of them.

The consensus-based frequency control relying on a communication system is used to restore the frequency deviations introduced by the primary droop control in an islanded AC microgrid, a typical cyber-physical power system(CPPS). This paper firstly studies the performance of the CPPS under two types of Distributed Denial of Service (DDoS ) attacks, finds that the intelligent attacks may cause more damage than the brute force attacks, and analyzes some potential defense strategies of the CPPS from two points of view. Some simulation results are also given to show the performance of both the physical and cyber system of the CPPS under different operation conditions.

The Software Defined Network (SDN) provides higher programmable functionality for network configuration and management dynamically. Moreover, SDN introduces a centralized management approach by dividing the network into control and data planes. In this paper, we introduce a deep learning enabled intrusion detection and prevention system (DL-IDPS) to prevent secure shell (SSH) brute-force attacks and distributed denial-of-service (DDoS) attacks in SDN. The packet length in SDN switch has been collected as a sequence for deep learning models to identify anomalous and malicious packets. Four deep learning models, including Multilayer Perceptron (MLP), Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM) and Stacked Auto-encoder (SAE), are implemented and compared for the proposed DL-IDPS. The experimental results show that the proposed MLP based DL-IDPS has the highest accuracy which can achieve nearly 99% and 100% accuracy to prevent SSH Brute-force and DDoS attacks, respectively.

Network Intrusion Detection System (NIDS) can help administrators of a server in detecting attacks by analyzing packet data traffic on the network in real-time. If an attack occurs, an alert to the administrator is provided by NIDS so that the attack can be known and responded immediately. On the other hand, the alerts cannot be monitored by administrators all the time. Therefore, a system that automatically sends notifications to administrators in real-time by utilizing social media platforms is needed. This paper provides an analysis of the notification system built using Snort as NIDS with WhatsApp and Telegram as a notification platform. There are three types of attacks that are simulated and must be detected by Snort, which are Ping of Death attacks, SYN flood attacks, and SSH brute force attacks. The results obtained indicate that the system successfully provided notification in the form of attack time, IP source of the attack, source of attack port and type of attack in real-time.

Man in the middle Attack (MIMA) problem of Diffie-Hellman key exchange (D-H) protocol, has led to introduce the Hash Diffie-Hellman key exchange (H-D-H) protocol. Which was cracked by applying the brute force attack (BFA) results of hash function. For this paper, a system will be suggested that focusses on an improved key exchange (D-H) protocol, and distributed transform encoder (DTE). That system utilized for enhanced (D-H) protocol algorithm when (D-H) is applied for generating the keys used for encrypting data of long messages. Hash256, with two secret keys and one public key are used for D-H protocol improvements. Finally, DTE where applied, this cryptosystem led to increase the efficiency of data transfer security with strengthening the shared secret key code. Also, it has removed the important problems such as MITM and BFA, as compared to the previous work.

This paper explains how the commonly occurring DOS and Brute Force attacks on computer networks can be efficiently detected and network performance improved, which reduces costs and time. Therefore, network administrators attempt to instantly diagnose any network issues. The experimental work used the SNMP-MIB parameter datasets, which are collected via a specialised MIB dataset consisting of seven types of attack as noted in section three. To resolves such issues, this researched carried out several important contributions which are related to fault management concerns in computer network systems. A central task in the detection of the attacks relies on MIB feature behaviours using the suggested SFCM method. It was concluded that the DOS and Brute Force fault detection results for three different clustering methods demonstrated that the proposed SFCM detected every data point in the related group. Consequently, the FPC approached 1.0, its highest record, and an improved performance solution better than the EM methods and K-means are based on SNMP-MIB variables.

A brute force is a Hacking methodology used to decrypt login passwords, keys and credentials. Hacks that exploit vulnerabilities in packages are rare, whereas Brute Force attacks aim to be the simplest, cheapest, and most straightforward approach to access a website. Using Splunk to analyse massive amounts of data could be very beneficial. The application enables to capture, search, and analyse log information in real-time. By analysing logs as well as many different sources of system information, security events can be uncovered. A log file, which details the events that have occurred in the environment of the application and the server on which they run, is a valuable piece of information. Identifying the attacks against these systems is possible by analysing and correlating this information. Massive amounts of ambiguous and amorphous information can be analysed with its superior resolution. The paper includes instructions on setting up a Splunk server and routing information there from multiple sources. Practical search examples and pre-built add-on applications are provided. Splunk is a powerful tool that allows users to explore big data with greater ease. Seizure can be tracked in near real-time and can be searched through logs. A short amount of time can be spent on analysing big data using map-reduce technology. Briefly, it helps to analyse unstructured log data to better understand how the applications operate. With Splunk, client can detect patterns in the data through a powerful query language. It is easy to set up alerts and warnings based on the queries, which will help alert client about an ongoing (suspected) activity and generate a notification in real-time.

In the era of digitization, data security is a vital role in message transmission and all systems that deal with users require stronger encryption techniques that against brute force attack. Honey encryption (HE) algorithm is a user data protection algorithm that can deceive the attackers from unauthorized access to user, database and websites. The main part of conventional HE is distribution transforming encoder (DTE). However, the current DTE process using cumulative distribution function (CDF) has the weakness in message space limitation because CDF cannot solve the probability theory in more than four messages. So, we propose a new method in DTE process using discrete distribution function in order to solve message space limitation problem. In our proposed honeywords generation method, the current weakness of existing honeywords generation method such as storage overhead problem can be solved. In this paper, we also describe the case studies calculation of DTE in order to prove that new DTE process has no message space limitation and mathematical model using discrete distribution function for DTE process facilitates the distribution probability theory.

Modern security protocols may involve humans in order to compare or copy short strings between different devices. Multi-factor authentication protocols, such as Google 2-factor or 3D-secure are typical examples of such protocols. However, such short strings may be subject to brute force attacks. In this paper we propose a symbolic model which includes attacker capabilities for both guessing short strings, and producing collisions when short strings result from an application of weak hash functions. We propose a new decision procedure for analysing (a bounded number of sessions of) protocols that rely on short strings. The procedure has been integrated in the AKISS tool and tested on protocols from the ISO/IEC 9798-6:2010 standard.

This study focuses on the spatial context of hacking to networks of Honey-pots. We investigate the relationship between topological positions and geographic positions of victimized computers and system trespassers. We've deployed research Honeypots on the computer networks of two academic institutions, collected information on successful brute force attacks (BFA) and system trespassing events (sessions), and used Social Network Analysis (SNA) techniques, to depict and understand the correlation between spatial attributes (IP addresses) and hacking networks' topology. We mapped and explored hacking patterns and found that geography might set the behavior of the attackers as well as the topology of hacking networks. The contribution of this study stems from the fact that there are no prior studies of geographical influences on the topology of hacking networks and from the unique usage of SNA to investigate hacking activities. Looking ahead, our study can assist policymakers in forming effective policies in the field of cybercrime.

We propose a high efficiency Early-Complete Brute Force Elimination method that speeds up the analysis flow of the Camouflage Integrated Circuit (IC). The proposed method is targeted for security qualification of the Camouflaged IC netlists in Intellectual Property (IP) protection. There are two main features in the proposed method. First, the proposed method features immediate elimination of the incorrect Camouflage gates combination for the rest of computation, concentrating the resources into other potential correct Camouflage gates combination. Second, the proposed method features early complete, i.e. revealing the correct Camouflage gates once all incorrect gates combination are eliminated, increasing the computation speed for the overall security analysis. Based on the Python programming platform, we implement the algorithm of the proposed method and test it for three circuits including ISCAS’89 benchmarks. From the simulation results, our proposed method, on average, features 71% lesser number of trials and 79% shorter run time as compared to the conventional method in revealing the correct Camouflage gates from the Camouflaged IC netlist.

A parallel brute force attack on RC4 algorithm based on FPGA (Field Programmable Gate Array) with an efficient style has been presented. The main idea of this design is to use number of forecast keying methods to reduce the overall clock pulses required depended to key searching operation by utilizes on-chip BRAMs (block RAMs) of FPGA for maximizing the total number of key searching unit with taking into account the highest clock rate. Depending on scheme, 32 key searching units and main controller will be used in one Xilinx XC3S1600E-4 FPGA device, all these units working in parallel and each unit will be searching in a specific range of keys, by comparing the current result with the well-known cipher text if its match the found flag signal will change from 0 to 1 and the main controller will receive this signal and stop the searching operation. This scheme operating at 128-MHz clock frequency and gives us key searching speed of 7.7 × 106 keys/sec. Testing all possible keys (40-bits length), requires only around 39.5h.

Along with the development of the Windows operating system, browser applications to surf the internet are also growing rapidly. The most widely used browsers today are Google Chrome and Mozilla Firefox. Both browsers have a username and password management feature that makes users login to a website easily, but saving usernames and passwords in the browser is quite dangerous because the stored data can be hacked using brute force attacks or read through a program. One way to get a username and password in the browser is to use a program that can read Google Chrome and Mozilla Firefox login data from the computer's internal storage and then show those data. In this study, an attack will be carried out by implementing Rubber Ducky using BadUSB to run the ChromePass and PasswordFox program and the PowerShell script using the Arduino Pro Micro Leonardo device as a USB Password Stealer. The results obtained from this study are the username and password on Google Chrome and Mozilla Firefox successfully obtained when the USB is connected to the target device, the average time of the attack is 14 seconds then sending it to the author's email.

Advances in technology have enabled tremendous progress in the development of a highly connected ecosystem of ubiquitous computing devices collectively called the Internet of Things (IoT). Ensuring the security of IoT devices is a high priority due to the sensitive nature of the collected data. Physically Unclonable Functions (PUFs) have emerged as critical hardware primitive for ensuring the security of IoT nodes. Malicious modeling of PUF architectures has proven to be difficult due to the inherently stochastic nature of PUF architectures. Extant approaches to malicious PUF modeling assume that a priori knowledge and physical access to the PUF architecture is available for malicious attack on the IoT node. However, many IoT networks make the underlying assumption that the PUF architecture is sufficiently tamper-proof, both physically and mathematically. In this work, we show that knowledge of the underlying PUF structure is not necessary to clone a PUF. We present a novel non-invasive, architecture independent, machine learning attack for strong PUF designs with a cloning accuracy of 93.5% and improvements of up to 48.31% over an alternative, two-stage brute force attack model. We also propose a machine-learning based countermeasure, discriminator, which can distinguish cloned PUF devices and authentic PUFs with an average accuracy of 96.01%. The proposed discriminator can be used for rapidly authenticating millions of IoT nodes remotely from the cloud server.

Traditional address scanning attacks mainly rely on the naive 'brute forcing' approach, where the entire IPv4 address space is exhaustively searched by enumerating different possibilities. However, such an approach is inefficient for IPv6 due to its vast subnet size (i.e., 264). As a result, it is widely assumed that address scanning attacks are less feasible in IPv6 networks. In this paper, we evaluate new IPv6 reconnaissance techniques in real IPv6 networks and expose how to leverage the Domain Name System (DNS) for IPv6 network reconnaissance. We collected IPv6 addresses from 5 regions and 100,000 domains by exploiting DNS reverse zone and DNSSEC records. We propose a DNS Guard (DNSG) to efficiently detect DNS reconnaissance attacks in IPv6 networks. DNSG is a plug and play component that could be added to the existing infrastructure. We implement DNSG using Bro and Suricata. Our results demonstrate that DNSG could effectively block DNS reconnaissance attacks.

Logical locking is the most popular countermeasure against the hardware attacks like intellectual property (IP) piracy, Trojan insertion and illegal integrated circuit (IC) overproduction. The functionality of the design is locked by the added logics into the design. Thus, the design is accessible only to the authorized users by applying the valid keys. However, extracting the secret key of the logically locked design have become an extensive effort and it is commonly known as key guessing attacks. Thus, the main objective of the proposed technique is to build a secured hardware against attacks like Brute force attack, Hill climbing attack and path sensitization attacks. Furthermore, the gates with low observability are chosen for encryption, this is to obtain an optimal output corruption of 50% Hamming distance with minimal design overhead and implementation complexity. The experimental results are validated on ISCAS'85 benchmark circuits, with a highly secured locking mechanism.

The exponential rise of online services has heightened awareness of safeguarding the various applications that cooperate with and provide Internet users. Users must present their credentials, such as user name and secret code, to the servers to be authorized. This sensitive data should be secured from being exploited due to numerous security breaches, resulting in criminal activity. It is vital to secure systems against numerous risks. This article offers a novel approach to protecting against brute force attacks. A solution is presented where the user obtains the keypad on each occurrence. Following the establishment of the keypad, the webserver produces an encrypted password for the user's Computer/device authentication. The encrypted password will be used for authentication; users must type the amended one-time password (OTP) every time they access the website. This research protects passwords using reformation-based encryption and decryption and optimal honey encryption (OH-E) and decryption.

Due to improving computational capacity of supercomputers, transmitting encrypted packets via one single network path is vulnerable to brute-force attacks. The versatile attackers secretly eavesdrop all the packets, classify packets into different streams, performs an exhaustive search for the decryption key, and extract sensitive personal information from the streams. However, new Internet Protocol (IP) brings great opportunities and challenges for preventing eavesdropping attacks. In this paper, we propose a Programming Protocol-independent Packet Processors (P4) based Network Immune Scheme (P4NIS) against the eavesdropping attacks. Specifically, P4NIS is equipped with three lines of defense to improve the network immunity. The first line is promiscuous forwarding by splitting all the traffic packets in different network paths disorderly. Complementally, the second line encrypts transmission port fields of the packets using diverse encryption algorithms. The encryption could distribute traffic packets from one stream into different streams, and disturb eavesdroppers to classify them correctly. Besides, P4NIS inherits the advantages from the existing encryption-based countermeasures which is the third line of defense. Using a paradigm of programmable data planes-P4, we implement P4NIS and evaluate its performances. Experimental results show that P4NIS can increase difficulties of eavesdropping significantly, and increase transmission throughput by 31.7% compared with state-of-the-art mechanisms.