Table 1 - uploaded by Asso.Prof.Dr.Ghossoon Alsadoon
Content may be subject to copyright.
Source publication
Trojan virus attacks pose one of the most serious threats to computer
security. A Trojan horse is typically separated into two parts - a server and a
client. It is the client that is cleverly disguised as significant software and
positioned in peer-to-peer file sharing networks, or unauthorized download
websites. The most common means of infection...
Context in source publication
Similar publications
![Fig 1. Mitigating Solution against Web Application Vulnerabilities [15]](profile/Atefeh-Torkaman/publication/261389106/figure/fig1/AS:425278422949888@1478405685136/Mitigating-Solution-against-Web-Application-Vulnerabilities-15_Q320.jpg)
Security vulnerabilities continue to infect web applications, allowing attackers to access sensitive data and exploiting legitimate web sites as a hosting ground for malware. Consequently, researchers have focused on various approaches to detect and prevent critical classes of security vulnerabilities in web applications, including anomaly-based an...
The use of containers in cloud computing has been steadily increasing. With the emergence of Kubernetes, the management of applications inside containers (or pods) is simplified. Kubernetes allows automated actions like self-healing, scaling, rolling back, and updates for the application management. At the same time, security threats have also evol...
Today’s computer is often infected by malwares and conventional communication channels such as inter-process communication (IPC) are attractive attack surface for attackers because important information such as user’s personal data and passwords are transmitted between processes over IPC. In addition, there is no other protection other than the acc...
The use of TLS by malware poses new challenges to network threat detection because traditional pattern-matching techniques can no longer be applied to its messages. However, TLS also introduces a complex set of observable data features that allow many inferences to be made about both the client and the server. We show that these features can be use...
In this paper, we present our reverse engineering results for the Zeus crimeware toolkit which is one of the recent and powerful crimeware tools that emerged in the Internet underground community to control botnets. Zeus has reportedly infected over 3.6 million computers in the United States. Our analysis aims at uncovering the various obfuscation...
Citations
... Once activated it can launch several attacks and also go into hiding on the victim"s machine. It can pop up in several windows and, in some instances, open attachments from phishing emails [36]. These pop-ups are usually presented as adverts and warning alerts. ...
This modern time has seen a rise in technology and its associated tools. The rapid development of technology has also grown along with what the researchers termed as diabolic computing. The advancement of technology has moved along with security risks and threats. Cybercriminals are aware of the prospects that the internet has in connecting billions of people across the world. Their operations have also focused on the exploitation of users since humans are perceived to be the weakest link to every firm or establishment. This human exploitation and attacks are termed social engineering. The internet community is the biggest casualty of social engineering attacks. Social Engineering attacks are dangerous and can lead to financial losses, data losses, and even denial of service. These can affect an organization’s reputation. The effects of social engineering attacks are very treacherous. Some have long standing effects and can also result in the closedown of businesses. The study gives a clearer view of social engineering attacks. This view creates awareness of social engineering. This awareness helps to mitigate the various social engineering attacks. The study is focused on computer and internet users. The study reviewed the concept of social engineering, its various attack methods, and how to mitigate them. The study was concluded with a summary of SE attacks and appropriate countermeasures.
... Berkaitan dengan anak, hal tersebut harus mengarah pada perubahan persepsi dimana anak tidak diperlakukan seperti kelompok calon konsumen lain, tetapi kelompok rentan pengguna internet. 29 Sorotan khusus tentang sifat persetujuan mereka untuk pemrosesan data tampaknya menjadi salah satu langkah besar ke depan. 30 3. Pengaruh GDPR secara tidak langsung kepada anak-anak Terdapat sejumlah ketentuan GDPR yang secara umum berdampak bagi anak-anak sehingga membuktikan bahwa rezim perlindungan data Eropa lebih baik jika dibandingkan dengan Arahan 1995, yang secara tidak langsung tetapi secara signifikan bermanfaat bagi anak-anak. ...
... (2016). 29 Frau-Meigs, Divina, and Lee Hibbard. "Education 3.0 and Internet Governance: A new global alliance for children and young people's sustainable digital development." ...
... Terkait kebocoran data oleh peretas telah disanggah oleh KOMINFO bersama BSSN (Badan Siber dan Sandi Negara) dalam artikel di website resmi KOMINFO. 29 Intinya mereka menyatakan bahwa tidak ada data breach atau data leak, sehingga data pasien Covid-19 aman, Namun mengingat sebaran data di Indonesia yang begitu luas, Kementerian Kominfo tentu melakukan koordinasi dan pengecekan apakah masih ada potensi dari sumber lain. 30 Data rekam medis pasien dikualifikasikan ke dalam data pribadi yang bersifat sensitif. ...
... File diambil disimpan dalam format yang libpcap dan gunakan dapat dibaca oleh aplikasi itu yang mengerti format itu. [4] Ada beberapa jenis malware yang paling popular di tahun 2015 yaitu Trojan Ransomware, Exploit kits, Banking Trojans, worms, PoS (Point-of-Sale) Malware, Social Engineering Attacks, Fake Tech Support Services, Rogue Antivirus Software, Potentially Unwanted Programs, dan Adware. [5]. ...
Penelitian ini bertujuan untuk mengatasi permasalahan penyebaran malware yang terdapat dalam jaringan kampus. Salah satu dampak adanya malware dalam jaringan kampus adalah overload traffic bandwidth, sehingga menyebabkan kendala bandwidth yang cepat habis atau lalu lintas transfer data baik yang masuk maupun yang keluar menjadi lambat dari biasanya. Umumnya sebuah kampus atau universitas memiliki struktur jaringan yang didalamnya dikelola oleh satu atau lebih router di dalam mengelola jaringan dan bandwidth. Beberapa router memiliki kemampuan pengaturan firewall yang sudah cukum mumpuni namun perlu dikelola lebih spsesifik berdasarkan kebutuhan skala jaringan dan bandwidth yang tersedia. Dengan menciptakan rule-rule yang baik di dalam firewall akan lebih mudah dalam melakukan filtering terhadap lalu lintas trafik jaringan dan bandwidth sehingga dapat menciptakan keamanan dan kenyamanan pengguna jaringan dan bandwidth.
... Later on, this will result in a computer crash. [7] As a result, Trojan horse attacks pose one of the most serious threats to computer security. ...
Trojan horse is said to be one of the most serious threats to computer security. A Trojan horse is typically separated into two parts – a server and a client. It is the client that is cleverly disguised as significant software and positioned in peer-to-peer file sharing networks, or unauthorized download websites. The most common means of infection is through email attachments. In order to distribute the virus to unsuspecting users, the developer of the virus usually uses various spamming techniques. Malware developers use chat software as another method to spread their Trojan horse viruses such as Yahoo Messenger and Skype. This study aims to analyze and detect the behavior of Trojan attacks, provide ways on how to prevent, detect, and recover from Trojan attacks.
... In the recent years, IS has attracted attention based on the fact that the Internet (and in turn, computer networking) has become an effective means of sending/receiving data and that a substantial number of entities depend on the capability to transmit sensitive data. Similarly, malware has informed the efforts of antivirus programs' advancement to address the potential threats [2] . However, Trojan horses have continued to circumvent the security toolsets of antivirus programs because of their operation modes. ...
... A Trojan code defeats the purpose of the conventional antivirus approach because it depends on the end user's perception of the code as genuine software for it to install. Furthermore, on installation, it reverses the client-server paradigm by turning the infected host into a server, while the antivirus toolsets continue to assume the end user's workstation as a client node [2] . In addition, while antivirus routines cast the operation modes of software as malicious when it exhibits the tendencies of self-replication -the Trojan code evades detection by desisting from creating its copies in favor of working as a standalone code that has the potential of creating backdoors for other malware [3] . ...
... The Trojan detectability function, however, assumes that the environment acts as a variable constant-such that, Trojan manifestations in one operating system like UNIX would not be similar to the manifestation in a different system; like Windows [2] . On the other hand, detectability does not mitigate the intrusion of systems, in the first place [7] . ...
Malicious payloads and computer codes have conventionally strived to gain access to target systems for aims which the affected end user experiences as unwanted functions or loss of data. This paper will examine the major types of Trojan horses, their mode of operation, and consequently, propose a framework for attack prevention and handling. It will highlight the need for effective control based on the premise that since Trojan attacks pose as harmless software, they have the potential to cause damage of exceptional magnitude. Ultimately, the proposed prototype will employ functional modeling to illustrate its potential as a powerful approach to information security.
... Currently trojan horse attacks is considered as one of the most serious threats in cyber attacks. There are many definitions related with trojan horse such as by [3,14]. For this research, trojan horse is defined as a program that appears as a useful and harmless, and once it has been installed in a victim computer, it begins to carry out malicious acts such as stealing important information from victim's computer. ...
For the past few years, malware or also known as malicious code is seen as one of the biggest threats of the cyber attacks. It has caused lot of damages, loss of money and productivity to many organizations and end users. Malicious code can be divided into many categories such as viruses, worms and trojan horses. Each of these categories has it owns implications and threats, and trojan horse has been chosen as the domain of this research paper. Prior to the formation of a new trojan horse detection model, an in-depth study and investigation of the existing trojan horse classification is presented in this paper. Surprisingly, not much research related with trojan horse has been done. On 16 th January 2013, Troj/Invo-Zip has caused chaos by masquerading as an invoice from Europcar and spreading via email. Therefore, in this research paper, a new trojan horse classification called Efficient Trojan Horse Classification (ETC) is developed. This ETC later is used as a basis to build a model to detect trojan horse efficiently. The methods used to develop the ETC are the static and dynamic analyses. As for the dynamic analysis, cuckoo sandbox has been integrated to speed up the analysis and reverse engineering processes.
The invention of smartphone have made life easier as it is capable of providing important functions used in user's daily life. While different operating system (OS) platform was built for smartphone, Android has become one of the most popular choice. Nonetheless, it is also the most targeted platform for mobile malware attack causing financial loss to the victims. Therefore, in this research, the exploitation on system calls in Android OS platform caused by mobile malware that could lead to financial loss were examined. The experiment was conducted in a controlled lab environment using open source tools by implementing dynamic analysis on 1260 datasets from the Android Malware Genome Project. Based on the experiment conducted, a new system call classification to exploit call logs for mobile attacks has been developed using Covering Algorithm. This new system call classification can be used as a reference for other researcher in the same field to secure against mobile malware attacks by exploiting call logs. In the future, this new system call classification could be used as a basis to develop a new model to detect mobile attacks exploitation via call logs. Keywords-system calls, similarity analysis, exploitation of call logs using system calls, covering algorithm, data transformation, and system call classification.
For any organization, having a secured network is the primary thing to reach their business requirements. A network is said to be secured when it can sustain from attacks, which may damage the whole network. Over the last few decades, internetworking has grown tremendously and lot of importance is given to secure the network. To develop a secure network, network administrators must have a good understanding of all attacks that are caused by an intruder and their mitigation techniques. This paper explores the most fatal attacks that might cause serious downtime to an enterprise network and examines practical approaches to understand the behavior of the attacks and devise effective mitigation techniques. It also describes the importance of security policies and how security policies are designed in real world.
