Security Tools - IT Library : ZDNet Asia

Case Studies

Vendor Webcast

Show all content

Title Date Added Company

LITEWORP: Detection and Isolation of the Wormhole Attack in Static Multihop Wireless Networks 2007-06-12 Purdue University

In multihop wireless systems, such as ad-hoc and sensor networks, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is known as the wormhole attack, where a malicious node records control and data traffic at one location and tunnels it to a colluding node far away, which replays it locally. This can either disrupt route establishment or make routes pass through the malicious nodes. This paper presents a lightweight countermeasure for the wormhole attack, called LITEWORP, which relies on overhearing neighbor communication. LITEWORP is particularly suitable for resource-constrained multihop wireless networks, such as sensor networks. This solution allows detection of the wormhole, followed by isolation of the malicious nodes.

SmartSiren: Virus Detection and Alert for Smartphones 2007-05-29 University of California

Smartphones have recently become increasingly popular because they provide all-in-one" convenience by integrating traditional mobile phones with handheld computing devices. However, the flexibility of running third-party softwares also leaves the smartphones open to malicious viruses. In fact, hundreds of smartphone viruses have emerged, which can quickly spread through various means such as SMS/MMS, Bluetooth and traditional IP-based applications. The implementations of two proof-of-concept viruses on Windows Mobile have confirmed the vulnerability of this popular smartphone platform. This paper presents SmartSiren, a collaborative virus detection and alert system for smartphones. In order to detect viruses, SmartSiren collects the communication activity information from the smartphones, and performs joint analysis to detect both single-device and system-wide abnormal behaviors.

Tags: Mobile - Wireless Communications

High-Performance Network Intrusion Detection Through Parallelism 2007-05-01 Purdue University

Network intrusion detection has become increasingly popular in recent years due to the proliferation of Internet-based security attacks. Network Intrusion Detection Systems (NIDS) inspect the content of incoming packets on a network for known attacks and alert the operator when they are found. Intrusion detection is computationally expensive, and this expense limits the inspection throughput for current implementations to substantially less than the Gigabit line rate for modern CPUs. This paper presents methods for increasing NIDS performance though parallel execution using the open-source Snort NIDS, both on commodity multiprocessor systems and as part of a hardware-accelerated programmable Ethernet network interface.

Tags: Intrusion Detection Systems

FLIP: Forward Looking Intrusion Protection for Mobile Devices Via Snort-Inline Hardware Implementation 2007-02-26 United States Military Academy

This paper presents a unique design and proof-of-concept implementation of a hardware-based intrusion protection system module that provides deep packet inspection server-like security in detecting and preventing application layer attacks as well as many others from ever reaching the user's mobile device (or desktop) running a Windows OS without an appreciable degradation in performance.

Tags: Intrusion Detection Systems

Automated Penetration Testing: Can IT Afford Not To? 2007-06-29 12:59:04 Core Security

During IDC's research and in-depth interviews, they found compelling reasons why IT executives and team members must adopt Penetration Testing as an integral part of their Security and Vulnerability Management (SVM) processes and programs. In this white paper, IDC examines why organizations need to perform penetration testing now to:

Understand the actual risk to the network posed by specific vulnerabilities

Test the security of the network

Determine if current security investments are actually detecting and preventing attacks

Download the IDC white paper, compliments of Core Security, today.

Best Practices for Managing and Enforcing Security on Your Endpoints 2007-01-01 Senforce Technologies

As technology changes and evolves, the effectiveness and value of any given security solution also changes. Security decision makers can dramatically increase their Security Return On Investment (ROI) by recognizing this, and concentrating their expenditure on solutions that address today's biggest security gaps. One concrete example of a security technology that is rapidly growing in effectiveness and importance is centrally-managed endpoint security enforcement tools, and by adding these technologies to the legacy security infrastructure, executives can dramatically increase both their organization's security and security ROI.

Tags: Best Practices

Phishing and Pharming 2006-12-09 01:00:17 Websense

Organizations face a complex challenge in securing their computing environment. Organizations and their employees are increasingly targeted in phishing attacks designed to steal proprietary company data and distribute malicious code. New pharming incidents also present increasing challenges that IT needs to address. This paper describes phishing and pharming and explains how Websense� software can be used to combat them. Websense filters at multiple points on the gateway, network, and endpoints to provide a comprehensive solution that provides organizations with complete protection against complex internet threats such as phishing and pharming.

Nessus Vulnerability Scanner 2006-12-07 Colorado State University

Internet "Insecurity" is a major problem in today's web of interconnected computers and networks. Attackers such as script kiddies, hackers, and crackers are of course a major part of the problem. However, they are just that, a part of the problem. Why? It's quite simple. What good is an attack, without a subject to attack? Would be attackers get a lot of help from vulnerable systems such as networks, computers, servers, and software applications that are begging for attacks? Typically these attacks are easily carried out by exploiting the vulnerabilities. This paper will cover a free open source tool that can be used to discover the vulnerabilities of a given system.

Protecting Organizations from Spyware 2006-12-09 01:00:17 Websense

Once considered only an annoyance, spyware has evolved from a nuisance to a malicious threat. Preventing spyware from infiltrating an organization requires security measures at multiple points on the network, gateway, and endpoint. This paper describes the impact of spyware on organizations and explains how Websense� software can be used to help combat this growing problem.

Product Specs: ProCurve Access Control Server 745wl 2007-02-02 11:07:49 Hewlett-Packard

The ProCurve Access Control Server 745wl, working in conjunction with either the ProCurve Switch xl Access Controller Module or ProCurve Access Controller 720wl, provides a specialized, highly secure wireless access solution for demanding client environments. The easy-to-deploy, clientless guest-access solution is designed for installations that must deal with uncontrolled mobile clients in environments such as schools and universities, hospitals and hospitality, and businesses where network administrators have no control over the type and configuration of the wireless device. Designed to reduce the cost and complexity of securing a mobile LAN, the solution easily integrates into existing authentication services and wired and wireless infrastructures, enabling increased business productivity by providing mobile users with secure and appropriate access to network services.

Jump to 1 [2] 3 4 5 6 7 8 9 10

Title	Date Added	Company
LITEWORP: Detection and Isolation of the Wormhole Attack in Static Multihop Wireless Networks	2007-06-12	Purdue University
In multihop wireless systems, such as ad-hoc and sensor networks, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is known as the wormhole attack, where a malicious node records control and data traffic at one location and tunnels it to a colluding node far away, which replays it locally. This can either disrupt route establishment or make routes pass through the malicious nodes. This paper presents a lightweight countermeasure for the wormhole attack, called LITEWORP, which relies on overhearing neighbor communication. LITEWORP is particularly suitable for resource-constrained multihop wireless networks, such as sensor networks. This solution allows detection of the wormhole, followed by isolation of the malicious nodes.
SmartSiren: Virus Detection and Alert for Smartphones	2007-05-29	University of California
Smartphones have recently become increasingly popular because they provide all-in-one" convenience by integrating traditional mobile phones with handheld computing devices. However, the flexibility of running third-party softwares also leaves the smartphones open to malicious viruses. In fact, hundreds of smartphone viruses have emerged, which can quickly spread through various means such as SMS/MMS, Bluetooth and traditional IP-based applications. The implementations of two proof-of-concept viruses on Windows Mobile have confirmed the vulnerability of this popular smartphone platform. This paper presents SmartSiren, a collaborative virus detection and alert system for smartphones. In order to detect viruses, SmartSiren collects the communication activity information from the smartphones, and performs joint analysis to detect both single-device and system-wide abnormal behaviors. Tags: Mobile - Wireless Communications
High-Performance Network Intrusion Detection Through Parallelism	2007-05-01	Purdue University
Network intrusion detection has become increasingly popular in recent years due to the proliferation of Internet-based security attacks. Network Intrusion Detection Systems (NIDS) inspect the content of incoming packets on a network for known attacks and alert the operator when they are found. Intrusion detection is computationally expensive, and this expense limits the inspection throughput for current implementations to substantially less than the Gigabit line rate for modern CPUs. This paper presents methods for increasing NIDS performance though parallel execution using the open-source Snort NIDS, both on commodity multiprocessor systems and as part of a hardware-accelerated programmable Ethernet network interface. Tags: Intrusion Detection Systems
FLIP: Forward Looking Intrusion Protection for Mobile Devices Via Snort-Inline Hardware Implementation	2007-02-26	United States Military Academy
This paper presents a unique design and proof-of-concept implementation of a hardware-based intrusion protection system module that provides deep packet inspection server-like security in detecting and preventing application layer attacks as well as many others from ever reaching the user's mobile device (or desktop) running a Windows OS without an appreciable degradation in performance. Tags: Intrusion Detection Systems
Automated Penetration Testing: Can IT Afford Not To?	2007-06-29 12:59:04	Core Security
During IDC's research and in-depth interviews, they found compelling reasons why IT executives and team members must adopt Penetration Testing as an integral part of their Security and Vulnerability Management (SVM) processes and programs. In this white paper, IDC examines why organizations need to perform penetration testing now to: Understand the actual risk to the network posed by specific vulnerabilities Test the security of the network Determine if current security investments are actually detecting and preventing attacks Download the IDC white paper, compliments of Core Security, today.
Best Practices for Managing and Enforcing Security on Your Endpoints	2007-01-01	Senforce Technologies
As technology changes and evolves, the effectiveness and value of any given security solution also changes. Security decision makers can dramatically increase their Security Return On Investment (ROI) by recognizing this, and concentrating their expenditure on solutions that address today's biggest security gaps. One concrete example of a security technology that is rapidly growing in effectiveness and importance is centrally-managed endpoint security enforcement tools, and by adding these technologies to the legacy security infrastructure, executives can dramatically increase both their organization's security and security ROI. Tags: Best Practices
Phishing and Pharming	2006-12-09 01:00:17	Websense
Organizations face a complex challenge in securing their computing environment. Organizations and their employees are increasingly targeted in phishing attacks designed to steal proprietary company data and distribute malicious code. New pharming incidents also present increasing challenges that IT needs to address. This paper describes phishing and pharming and explains how Websense� software can be used to combat them. Websense filters at multiple points on the gateway, network, and endpoints to provide a comprehensive solution that provides organizations with complete protection against complex internet threats such as phishing and pharming.
Nessus Vulnerability Scanner	2006-12-07	Colorado State University
Internet "Insecurity" is a major problem in today's web of interconnected computers and networks. Attackers such as script kiddies, hackers, and crackers are of course a major part of the problem. However, they are just that, a part of the problem. Why? It's quite simple. What good is an attack, without a subject to attack? Would be attackers get a lot of help from vulnerable systems such as networks, computers, servers, and software applications that are begging for attacks? Typically these attacks are easily carried out by exploiting the vulnerabilities. This paper will cover a free open source tool that can be used to discover the vulnerabilities of a given system.
Protecting Organizations from Spyware	2006-12-09 01:00:17	Websense
Once considered only an annoyance, spyware has evolved from a nuisance to a malicious threat. Preventing spyware from infiltrating an organization requires security measures at multiple points on the network, gateway, and endpoint. This paper describes the impact of spyware on organizations and explains how Websense� software can be used to help combat this growing problem.
Product Specs: ProCurve Access Control Server 745wl	2007-02-02 11:07:49	Hewlett-Packard
The ProCurve Access Control Server 745wl, working in conjunction with either the ProCurve Switch xl Access Controller Module or ProCurve Access Controller 720wl, provides a specialized, highly secure wireless access solution for demanding client environments. The easy-to-deploy, clientless guest-access solution is designed for installations that must deal with uncontrolled mobile clients in environments such as schools and universities, hospitals and hospitality, and businesses where network administrators have no control over the type and configuration of the wireless device. Designed to reduce the cost and complexity of securing a mobile LAN, the solution easily integrates into existing authentication services and wired and wireless infrastructures, enabling increased business productivity by providing mobile users with secure and appropriate access to network services.

Security

Featured Whitepapers

Member Login

Oracle Technology Solutions for Midsize Businesses

Country Report: India