Chiem Trieu Phong,Wei Qi Yan

DOI: https://doi.org/10.4018/ijdcf.2014100104

2014-01-01

International Journal of Digital Crime and Forensics

Abstract:Penetration testing is an effort to attack a system using similar techniques and tools adopted by real hackers. The ultimate goal of penetration testing is to call to light as many existing vulnerabilities as possible, then come up with practical solutions to remediate the problems; thus, enhance the system security as a whole. The paper introduces concepts and definitions related to penetration testing, together with different models and methodologies to conduct a penetration test. A wide range of penetration testing state-of-the-art, as well as related tools (both commercial and free open source available on the market) are also presented in relatively rich details.

Jeremy Straub

2023-06-07

Abstract:Penetration testing increases the security of systems through tasking testers to 'think like the adversary' and attempt to find the ways that an attacker would break into the system. For many systems, this can be conducted in a safe and controlled way; however, some systems are so critical to human life and safety that the risk of their failure or disablement due to active penetration testing cannot be assumed. These systems are also critical to evaluate the security of, to prevent attackers from disabling them or causing their maloperation; however, this must be done in a manner that doesn't risk the very malady that testing seeks to avoid through the testing process itself. This paper presents P2SCP, a paradigm for penetration testing of systems that cannot be subjected to the risk of penetration testing. It discusses how data collection, the creation of digital twins and cousins and evaluative analysis can be utilized to conduct virtual penetration tests on critical infrastructure systems. This proposed paradigm is analyzed through the use of several case studies.

Cryptography and Security

Daniel Omeiza,Jemima Owusu-Tweneboah

DOI: https://doi.org/10.48550/arXiv.1811.01388

2018-11-04

Cryptography and Security

Abstract:Web security has become an important subject; many companies and organizations are becoming more security conscious as they build web applications to render online services and increase web presence. Unfortunately, many of these web applications are still susceptible to threats as they lack strong immunity to malicious attacks. This poses potential danger to the users of the sites and could also affect operations of the organizations or companies concerned. Educational institutions are not left out, their portals and websites hold vital information whose integrity is of utmost importance. Taking Carnegie Mellon University Africa's internship portal as case study, we carried out penetration tests to investigate web vulnerabilities and proffered possible remedies to the discovered vulnerabilities. Our result will inform educational institutions on better website security practices, especially in the African domain.

Ke Li,Hong Li,Hongsong Zhu,Limin Sun,Hui Wen

DOI: https://doi.org/10.1109/IPCCC47392.2019.8958775

2019-01-01

Abstract:Instant Messaging has been widely applied for both corporate use and personal use in recent years. Major Instant Messaging service providers adopt the Push Technology to ensure the immediacy of message forwarding, which efficiently provides a great convenience for user. However, the immediacy feature causes side-channel information leakage even if some protection measures has been implemented, such as information encryption strategy. In particular, we observe that senders' traffic flows have a strong temporal correlation with those of corresponding recipients, since the messages are forwarded to recipients as soon as they are received by servers. Based on the observation, attackers can infer real-time communications between pairwise users and even the social connections of users. In this paper, we present a methodology framework to validate this side-channel information leakage, which identifies users of real-time communications by matching the pairwise time sequences of traffic flows. We evaluate the method on the collected real-world data. The experimental results show that users' communications can be identified with a high accuracy, and 6 groups of users are inferred to have strong connections based on the data collected from a local area networks.

Manish R. Joshi,Varsha M. Pathak

DOI: https://doi.org/10.48550/arXiv.1505.06537

2015-05-22

Abstract:Short Message Service (SMS) based Information Systems (SMSbIS) provide an excellent alternative to a traditional approach of obtaining specific information by direct (through phone) or indirect (IVRS, Web, Email) probing. Information and communication technology and far reaching mobile penetration has opened this new research trend Number of key players in Search industry including Microsoft and Google are attracted by the expected increase in volume of use of such applications. The wide range of applications and their public acceptance has motivated researchers to work in this research domain. Several applications such as SMS based information access using database management services, SMS based information retrieval through internet (search engine), SMS based information extraction, question answering, image retrieval etc. have been emerged. With the aim to understand the functionality involved in these systems, an extensive review of a few of these SMSbISs has been planned and executed by us. These systems are classified into four categories based on the objectives and domains of the applications. As a result of this study a well structured functional model is presented here. The model is evaluated in different dimensions, which is presented in this paper. In addition to this a chronological progress with respect to research and development in this upcoming field is compiled in this paper. Such an extensive review presented in this paper would definitely help the researchers and developers to understand the technical aspects of this field. The functional framework presented here would be useful to the system designers to design and develop an SMS based Information System of any specific domain.

Artificial Intelligence,Information Retrieval

Ikram Ul Haq,Tamim Ahmed Khan

DOI: https://doi.org/10.1109/access.2021.3088229

IF: 3.9

2021-01-01

IEEE Access

Abstract:The invention of smartphones has opened a new market for mobile application development. Amateur android app developers often do not possess knowledge of the latest android vulnerabilities and thus create applications with attack surface that hackers exploit. In this literature review, many available frameworks and techniques have been analyzed using ISO/IEC 25010 software quality model and identified challenges that android developers face in designing a secure application for android. This paper also presents a comprehensive survey of different penetration tools, evaluated by using criteria such as code analysis, code review, vulnerability analysis, vulnerability exploit, payload and whether these can be used in vulnerability modeling during the design phase. Our study effectively identifies the issues and gaps which can further help develop a framework/tool for designing a penetration secure mobile application by embedding all the vulnerabilities during the design phase using an android vulnerability repository.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ron Bitton,Kobi Boymgold,Rami Puzis,Asaf Shabtai

DOI: https://doi.org/10.48550/arXiv.1906.10229

2019-06-25

Abstract:Information security awareness (ISA) is a practice focused on the set of skills, which help a user successfully mitigate a social engineering attack. Previous studies have presented various methods for evaluating the ISA of both PC and mobile users. These methods rely primarily on subjective data sources such as interviews, surveys, and questionnaires that are influenced by human interpretation and sincerity. Furthermore, previous methods for evaluating ISA did not address the differences between classes of social engineering attacks. In this paper, we present a novel framework designed for evaluating the ISA of smartphone users to specific social engineering attack classes. In addition to questionnaires, the proposed framework utilizes objective data sources: a mobile agent and a network traffic monitor; both of which are used to analyze the actual behavior of users. We empirically evaluated the ISA scores assessed from the three data sources (namely, the questionnaires, mobile agent, and network traffic monitor) by conducting a long-term user study involving 162 smartphone users. All participants were exposed to four different security challenges that resemble real-life social engineering attacks. These challenges were used to assess the ability of the proposed framework to derive a relevant ISA score. The results of our experiment show that: (1) the self-reported behavior of the users differs significantly from their actual behavior; and (2) ISA scores derived from data collected by the mobile agent or the network traffic monitor are highly correlated with the users' success in mitigating social engineering attacks.

Cryptography and Security,Human-Computer Interaction

Dong Wang,Xiaosong Zhang,Jiang Ming,Ting Chen,Chao Wang,Weina Niu

DOI: https://doi.org/10.1155/2018/7849065

2018-07-04

Wireless Communications and Mobile Computing

Abstract:Firmware vulnerability is an important target for IoT attacks, but it is challenging, because firmware may be publicly unavailable or encrypted with an unknown key. We present in this paper an attack on Short Message Service (SMS for short) authentication code which aims at gaining the control of IoT devices without firmware analysis. The key idea is based on the observation that IoT device usually has an official application (app for short) used to control itself. Customer needs to register an account before using this app, phone numbers are usually suggested to be the account name, and most of these apps have a common feature, called Reset Your Password , that uses an SMS authentication code sent to customer phone to authenticate the customer when he forgot his password. We found that an attacker can perform brute-force attack on this SMS authentication code automatically by overcoming several challenges, then he can steal the account to gain the control of IoT devices. In our research, we have implemented a prototype tool, called SACIntruder , to enable performing such brute-force attack test on IoT devices automatically. We evaluated it and successfully found 12 zero-day vulnerabilities including smart lock, sharing car, smart watch, smart router, etc. We also discussed how to prevent this attack.

computer science, information systems,telecommunications,engineering, electrical & electronic

Weizhao Jin,Xiaoyu Ji,Ruiwen He,Zhou Zhuang,Wenyuan Xu,Yuan Tian

DOI: https://doi.org/10.1109/dsn-w52860.2021.00013

2021-01-01

Abstract:With the rapid growth of online services, the number of online accounts proliferates. The security of a single user account no longer depends merely on its own service provider but also the accounts on other service platforms (We refer to this online account environment as Online Account Ecosystem). In this paper, we first uncover the vulnerability of Online Account Ecosystem, which stems from the defective multi-factor authentication (MFA), specifically the ones with SMS-based verification, and dependencies among accounts on different platforms. We propose Chain Reaction Attack that exploits the weakest point in Online Account Ecosystem and can ultimately compromise the most secure platform. Furthermore, we design and implement ActFort, a systematic approach to detect the vulnerability of Online Account Ecosystem by analyzing the authentication credential factors and sensitive personal information as well as evaluating the dependency relationships among online accounts. We evaluate our system on hundreds of representative online services listed in Alexa in diversified fields. Based on the analysis from ActFort, we provide several pragmatic insights into the current Online Account Ecosystem and propose several feasible countermeasures including the online account exposed information protection mechanism and the built-in authentication to fortify the security of Online Account Ecosystem.

Safa Hamdare,Varsha Nagpurkar,Jayashri Mittal

DOI: https://doi.org/10.14445/22315381/IJETT-V11P230

2014-05-20

Abstract:Security of financial transaction in e-commerce is difficult to implement and there is a risk that users confidential data over the internet may be accessed by hackers. Unfortunately, interacting with an online service such as a banking web application often requires certain degree of technical sophistication that not all Internet users possess. For the last couple of years such naive users have been increasingly targeted by phishing attacks that are launched by miscreants who are aiming to make an easy profit by means of illegal financial transactions. In this paper, we have proposed an idea for securing e-commerce transaction from phishing attack. An approach already exists where phishing attack is prevented using one time password which is sent on users registered mobile via SMS for <a class="link-external link-http" href="http://authentication.But" rel="external noopener nofollow">this http URL</a> this method can be counter attacked by man in the <a class="link-external link-http" href="http://middle.In" rel="external noopener nofollow">this http URL</a> our paper, a new idea is proposed which is more secure compared to the existing online payment system using OTP. In this mechanism, OTP is combined with the secure key and is then passed through RSA algorithm to generate the Transaction password. A copy of this password is maintained at the server side and is being generated at the user side using a mobile <a class="link-external link-http" href="http://application.So" rel="external noopener nofollow">this http URL</a> that it is not transferred over the insecure network leading to a fraudulent transaction.

Cryptography and Security,Social and Information Networks

Zeyu Lei,Yuhong Nan,Yanick Fratantonio,Antonio Bianchi

DOI: https://doi.org/10.14722/ndss.2021.24212

2021-01-01

Abstract:SMS messages containing One-Time Passwords (OTPs) are a widely used mechanism for performing authentication in mobile applications. In fact, many popular apps use OTPs received via SMS as the only authentication factor, entirely replacing password-based authentication schemes. Although SMS OTP authentication mechanisms provide significant convenience to end-users, they also have significant security implications. In this paper, we study these mobile apps' authentication schemes based on SMS OTPs, and, in particular, we perform a systematic study on the threats posed by "local attacks," a scenario in which an attacker has control over an unprivileged third-party app on the victim's device. This study was carried out using a combination of reverse engineering, formal verification, user studies, and large-scale automated analysis. Our work not only revealed vulnerabilities in third-party apps, but it also uncovered several new design and implementation flaws in core APIs implemented by the mobile operating systems themselves. For instance, we found two official Android APIs to be vulnerable by design, i.e., APIs that inevitably lead to the implementation of insecure authentication schemes, even when used according to their documentation. Moreover, we found that other APIs are prone to be used unsafely by apps' developers. Our large-scale study found 36 apps, sharing hundreds of millions of installations, that misuse these APIs, allowing a malicious local attacker to completely hijack their accounts. Such vulnerable apps include Telegram and KakaoTalk, some of the most popular messaging apps worldwide. Finally, we proposed a new and safer mechanism to perform SMS-based authentication, and we prove its safety using formal verification.

Layth Abu Arram,Mohammed Moreb

DOI: https://doi.org/10.1109/ICIT52682.2021.9491657

2021-07-14

Abstract:Smartphones have developed tremendously in the recent period up to recent days, each period a new company appears to enter the global competition market to impose itself, and this is directly proportional to the emergence of new applications every day for various devices, as well as the field of Cybersecurity has several aspects, including in the field of phones and smartphones especially with the exploitation of the large increase in the number of its users, many immoral hackers have greedy to exploit these applications for their personal interests, either theft, destruction, plagiarism, or many others. This research shows how these applications are exploited, especially in Android devices, and how such cases can be dealt with and avoided using the quantitative methodology, data analysis and results from presentation.

Computer Science

Daniel Timko,Daniel Hernandez Castillo,Muhammad Lutfor Rahman

2024-05-30

Abstract:With the booming popularity of smartphones, threats related to these devices are increasingly on the rise. Smishing, a combination of SMS (Short Message Service) and phishing has emerged as a treacherous cyber threat used by malicious actors to deceive users, aiming to steal sensitive information, money or install malware on their mobile devices. Despite the increase in smishing attacks in recent years, there are very few studies aimed at understanding the factors that contribute to a user's ability to differentiate real from fake messages. To address this gap in knowledge, we have conducted an online survey on smishing detection with 187 participants. In this study, we presented them with 16 SMS screenshots and evaluated how different factors affect their decision making process in smishing detection. Next, we conducted a post-survey to garner information on the participants' security attitudes, behavior and knowledge. Our results highlighted that attention and security behavioral scores had a significant impact on participants' accuracy in identifying smishing messages. We found that participants had more difficulty identifying real messages from fake ones, with an accuracy of 67.1% with fake messages and 43.6% with real messages. Our study is crucial in developing proactive strategies to encounter and mitigate smishing attacks. By understanding what factors influence smishing detection, we aim to bolster users' resilience against such threats and create a safer digital environment for all.

Cryptography and Security,Human-Computer Interaction

Assumpta Ezugwu,Elochukwu Ukwandu,Celestine Ugwu,Modesta Ezema,Comfort Olebara,Juliana Ndunagu,Lizzy Ofusori,Uchenna Ome

2023-05-30

Abstract:Passwords are used majorly for end-user authentication in information and communication technology (ICT) systems due to its perceived ease of use. The use for end-user authentication extends through mobile, computers and network-based products and services. But with the attendant issues relating to password hacks, leakages, and theft largely due to weak, reuse and poor password habits of end-users, the call for passwordless authentication as alternative intensifies. All the same, there are missing knowledge of whether these password-based experiences are associated with societal economic status, educational qualification of citizens, their age and gender, technological advancements, and depth of penetration. In line with the above, understanding the experience of end-users in developing economy to ascertain their password-based experience has become of interest to the researchers. This paper aims at measuring the experience of staff and students in University communities within southeastern Nigeria on password-based authentication systems. These communities have population whose age brackets are majorly within the ages of 16 and 60 years; have people with requisite educational qualifications ranging from Diploma to Doctorate degrees and constitutes good number of ICT tools consumers. The survey had 291 respondents, and collected data about age, educational qualifications, and gender from these respondents. It also collected information about their password experience in social media network, online shopping, electronic health care services, and internet banking. Our analysis using SPSS and report by means of descriptive statistics, frequency distribution, and Chi-Square tests showed that account compromise in the geographical area is not common with the respondents reporting good experience with passwords usage.

Cryptography and Security

Victor Chang,Lewis Golightly,Qianwen Ariel Xu,Thanaporn Boonmee,Ben S. Liu

DOI: https://doi.org/10.1080/17517575.2023.2188122

2023-03-17

Enterprise Information Systems

Abstract:The paper discusses cybersecurity for children (particularly teenagers) and focuses on Social Media's impact using a theoretical approach. Many social media users are unaware of their Cybersecurity in Social Media and all-round digital privacy and do not understand the importance of developing privacythrough taking both digital and physical measures. We identify seven categories of hacking motivations through multimedia platforms: Emotions, Financial gains, Entertainment, Proficiency for jobs, Hacktivism, Espionage, and Cyber-warfare, particularly for children. As vulnerable people, they can be the principal victims. We explore various methods used for hacking, such as Sexting, Facebook depression, and Influence on buying advertisements. In our findings, we demonstrate that the most critical protection method is to fully understand the digital footprint left behind and its possible consequences. The users should know this as a self-protection mechanism to mitigate security issues before problems occur. It means adopting the same mindset and attitude of protecting oneself in the online world as in the real world.

computer science, information systems

Ashley Allen,Alexios Mylonas,Stilianos Vidalis,Dimitris Gritzalis

DOI: https://doi.org/10.3390/s24175465

IF: 3.9

2024-08-25

Sensors

Abstract:Smart security devices, such as smart locks, smart cameras, and smart intruder alarms are increasingly popular with users due to the enhanced convenience and new features that they offer. A significant part of this convenience is provided by the device's companion smartphone app. Information on whether secure and ethical development practices have been used in the creation of these applications is unavailable to the end user. As this work shows, this means that users are impacted both by potential third-party attackers that aim to compromise their device, and more subtle threats introduced by developers, who may track their use of their devices and illegally collect data that violate users' privacy. Our results suggest that users of every application tested are susceptible to at least one potential commonly found vulnerability regardless of whether their device is offered by a known brand name or a lesser-known manufacturer. We present an overview of the most common vulnerabilities found in the scanned code and discuss the shortcomings of state-of-the-art automated scanners when looking at less structured programming languages such as C and C++. Finally, we also discuss potential methods for mitigation, and provide recommendations for developers to follow with respect to secure coding practices.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Lachlan Simpson,Kyle Millar,Adriel Cheng,Hong Gunn Chew,Cheng-Chew Lim

DOI: https://doi.org/10.48550/arXiv.2309.08158

2023-09-15

Networking and Internet Architecture

Abstract:The need for improved network situational awareness has been highlighted by the growing complexity and severity of cyber-attacks. Mobile phones pose a significant risk to network situational awareness due to their dynamic behaviour and lack of visibility on a network. Machine learning techniques enhance situational awareness by providing administrators insight into the devices and activities which form their network. Developing machine learning techniques for situational awareness requires a testbed to generate and label network traffic. Current testbeds, however, are unable to automate the generation and labelling of realistic network traffic. To address this, we describe a testbed which automates applications on mobile devices to generate and label realistic traffic. From this testbed, two labelled datasets of network traffic have been created. We provide an analysis of the testbed automation reliability and benchmark the datasets for the task of application classification.

Steve Kim,Anubhav Nagpal.,R. Ian,Anthony Glover,Marilyn H. Silva

Abstract:The usage of Social Network Sites has increased rapidly in recent years. The area of Social Networking currently has many security issues. Since the success of a Social Network Site depends on the number of users it attracts, there is pressure on providers of Social Network sites to design systems that encourage behavior which increases both the number of users and their connections. However, like any fast-growing technology, security has not been a high priority in the development of Social Network Sites. As a result, along with the benefits of Social Network Sites, significant security risks have resulted. Providing Social Network Site users with tools which will help protect them is ideal. Making tools available to users which can provide the ability to retrieve other online user information via chat, website, along other tools which can be installed on the user’s computer will be ideal in helping to tackle such issues. These will be the tools addressed in the paper.

Computer Science,Engineering

Tolga Mataracioglu,Sevgi Ozkan,Ray Hackney

DOI: https://doi.org/10.48550/arXiv.1507.02458

2015-07-09

Abstract:This research considers the impact of social engineering security attacks which are noted as taking opportunities for critically exploiting user awareness and behavior. The research proposes in this respect a managerial method in an attempt to enhance or even ensure protection. The aim of this study is to construct a security lifecycle model against these eventualities and to analyze the test results that have been carried out within the context of the Turkish public sector. The main objective of the study is to determine why employees shared sensitive information by stating fallacies and related amendments through interviews and thus to understand user actions when they are face to face with a real social engineering attack. The research findings demonstrate that employees in Turkish public organizations are not sufficiently aware of information security and they generally ignore critically important security procedures. This represents an important illustration of the increasing need for further generalized user awareness and responsibilities where individuals and not simply software form a critical element of the security protection portfolio.

Cryptography and Security,Computers and Society

Omer Tripp,Omri Weisman,Lotem Guy

DOI: https://doi.org/10.1145/2483760.2483776

2013-07-15

Abstract:Black-box security testing of web applications is a hard problem. The main complication lies in the black-box assumption: The testing tool has limited insight into the workings of server-side defenses. This has traditionally led commercial as well as research vulnerability scanners toward heuristic approaches, such as testing each input point (e.g. HTTP parameter) with a short, predefined list of effective test payloads to balance between coverage and performance. We take a fresh approach to the problem of security testing, casting it into a learning setting. In our approach, the testing algorithm has available a comprehensive database of test payloads, such that if the web application&#x27;s defenses are broken, then with near certainty one of the candidate payloads is able to demonstrate the vulnerability. The question then becomes how to efficiently search through the payload space to find a good candidate. In our solution, the learning algorithm infers from a failed test---by analyzing the website&#x27;s response---which other payloads are also likely to fail, thereby pruning substantial portions of the search space. We have realized our approach in XSS Analyzer, an industry-level cross-site scripting (XSS) scanner featuring 500,000,000 test payloads. Our evaluation on 15,552 benchmarks shows solid results: XSS Analyzer achieves &gt;99% coverage relative to brute-force traversal over all payloads, while trying only 10 payloads on average per input point. XSS Analyzer also outperforms several competing algorithms, including a mature commercial algorithm---featured in IBM Security AppScan Standard V8.5---by a far margin. XSS Analyzer has recently been integrated into the latest version of AppScan (V8.6) instead of that algorithm.