Member Login

E-mail:    Password:  




 TitleDate AddedCompany
whitepaper Enabling business growth with expert security solutions. Protecting your systems and your data2009-01-21 IBM
  Hackers, viruses, worms, spams, spy ware and inside attacks can stop organisations growing. This white paper deals with these vunerabilities and how to achieve cost effective soultions.

Tags: Intrusion - Tampering, Intrusion - Tampering, Intrusion - Tampering, Intrusion - Tampering		   
whitepaper Understanding Web application security challenges2008-01-01 IBM
  Business has grown increasingly independent upon web applications and they are becoming more difficult to secure. This paper explains what you can do to protect your organization and improve Web security.

Tags: Intrusion - Tampering, Security Administration, Security Administration, Intrusion - Tampering		   
whitepaper Detecting Pulsing Denial-of-Service Attacks With Nondeterministic Attack Intervals2009-01-21 Hong Kong Polytechnic University
  This paper addresses the important problem of detecting Pulsing Denial of Service (PDoS) attacks which send a sequence of attack pulses to reduce TCP throughput. Unlike previous works which focused on a restricted form of attacks, one considers a very broad class of attacks. In particular, the attack model admits any attack interval between two adjacent pulses, whether deterministic or not. It also includes the traditional flooding-based attacks as a limiting case (i.e., zero attack interval). The main contribution is Vanguard, a new anomaly-based detection scheme for this class of PDoS attacks. The Vanguard detection is based on three traffic anomalies induced by the attacks, and it detects them using a CUSUM algorithm. The paper has prototyped Vanguard and evaluated it on a testbed.

Tags: Intrusion - Tampering		   
whitepaper DDoS: A Threat You Can't Afford to Ignore2009-01-21 Forrester Research
  Distributed denial of service, otherwise known as DDoS, refers to a form of attack whereby a number of source IPs simultaneously send an abnormally large number of packets to a particular destination, thereby overwhelming the bandwidth or the processing power of the destination. Over the years, the industry has seen many large-scale DDoS attacks, including some that took down the services of well-known, major global enterprises. Despite the efforts of the security community, DDoS continues to wreak havoc on the Internet.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper Protect Network-Based Power Grid Applications From Denial of Service Attacks2009-01-19 Katholieke Universiteit Leuven
  Today distributed industrial networks use Internet to transmit feedback and control signals between a plant and a controller. However there are several attacks on the Internet. From these attacks perhaps Denial-of-Service (DoS) attack is the most detrimental one that affects the packet delivery. DoS attack causes significant disruption to the Internet, which will threaten the operation of network-based control systems. This paper shows how one can protect application sites against DoS attacks via overlay network. This paper designs the Protection Overlay Layer (OPL) such that it makes a secure layer for communication among application sites of power grid in spite of large amount of DoS attacks.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper A Case Study: Using Architectural Features to Improve Sophisticated Denial-of-Service Attack Detections2009-01-09 Louisiana State University
  Application features such as port numbers are used by Network-based Intrusion Detection Systems (NIDSs) to detect attacks coming from networks. System calls and the operating system related information are used by Host-based Intrusion Detection Systems (HIDSs) to detect intrusions towards a host. However, the relationship between hardware architecture events and Denial-of-Service (DoS) attacks has not been well revealed. When increasingly sophisticated intrusions emerge, some attacks are able to bypass both the application and the operating system level feature monitors.

Tags: Intrusion - Tampering		   
whitepaper Analyzing Interaction Between Denial of Service (DoS) Attacks and Threats2009-01-01 MedwellJournals
  Denial of Service (DoS) attacks constitutes one of the major threats and among the hardest security problems in today's internet. Of particular concern are Distributed Denial of Service (DDoS) attacks, whose impact can be proportionally severe. With little or no advance warning, a DDoS attack can easily exhaust the computing and communication resources of its victim within a short period of time. Because of the seriousness of the problem, many defense mechanisms have been proposed to combat these attacks. This paper aims to provide an understanding of the existing attack methods, tools and defense mechanisms, so that a better understanding of DDoS attacks can be achieved.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper Proving Distributed Denial of Service Attacks in the Internet2009-01-01 University of Utah
  This paper presents the problem of proving a distributed denial of service attack in the Internet. They propose a solution using probabilistic packet marking by routers, combined with a new technique to track individual DDoS attack flows. Their solution incurs very less overhead in the router's critical path and operates in the presence of legacy routers. They provide evaluation results on their solution's accuracy in the presence of more than 2000 attackers and upto 90% legacy routers in the network.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper High Fidelity Denial of Service (DoS) Experimentation2009-01-01 Purdue University
  Experimentation with security attacks introduces additional requirements compared to traditional networking and distributed system experiments. High capacity attack flows can push systems beyond their expected operational regions, and expose unexpected behaviors. Many popular simulation and emulation environments fail to account for such behaviors, and incorrect results have been reported based on experiments conducted in these environments. In addition, simulation and emulation environments sometimes introduce artifacts, altering the experimental outcome and its interpretation. Finally, identification of systems settings that significantly impact experimental results is crucial for creating repeatable experiments. This paper presents the results of a careful sensitivity analysis they have conducted, which exposes difficulties in obtaining meaningful measurements from three emulation testbeds.

Tags: Security Administration, Intrusion - Tampering		   
whitepaper Analysis of a Denial of Service Attack on TCP2009-01-01 Purdue University
  This paper analyzes a network-based denial of service attack for IP (Internet Protocol) based networks. It is popularly called SYN flooding. It works by an attacker sending many TCP (Transmission Control Protocol) connection requests with spoofed source addresses to a victim's machine. Each request causes the targeted host to instantiate data structures out of a limited pool of resources. Once the target host's resources are exhausted, no more incoming TCP connections can be established, thus denying further legitimate access. The paper contributes a detailed analysis of the SYN flooding attack and a discussion of existing and proposed countermeasures. Furthermore, they introduce a new solution approach, explain its design, and evaluate its performance.

Tags: Security Administration, Intrusion - Tampering