Science topic

Hacking - Science topic

This community was a community of people who had a large interest in computer programming
Questions related to Hacking
  • asked a question related to Hacking
Question
1 answer
The paper The Limitations of Deep Learning in Adversarial Settings explores how neural networks might be corrupted by an attacker who can manipulate the data set that the neural network trains with. The authors experiment with a neural network meant to read handwritten digits, undermining its reading ability by distorting the samples of handwritten digits that the neural network is trained with.
I'm concerned that malicious actors might try hacking AI. For example
  • Fooling autonomous vehicles to misinterpret stop signs vs. speed limit.
  • Bypassing facial recognition, such as the ones for ATM.
  • Bypassing spam filters.
  • Fooling sentiment analysis of movie reviews, hotels, etc.
  • Bypassing anomaly detection engines.
  • Faking voice commands.
  • Misclassifying machine learning based-medical predictions.
What adversarial effect could disrupt the world? How we can prevent it?
Relevant answer
Answer
It is partly for this reason that AI development should be in a sandbox environment. Read more about using the sandbox approach: https://www.cambridge.org/core/journals/european-journal-of-risk-regulation/article/sandbox-approach-to-regulating-highrisk-artificial-intelligence-applications/C350EADFB379465E7F4A95B973A4977D
  • asked a question related to Hacking
Question
4 answers
So, with some difficulties I have been able to do wavelet analysis for a time series datasets that I have. The thing is, all these data sets can be combined to form a year long dataset, with some gaps as big as a month.
A solution to this is to interpolate the data. But considering that my data has a sampling rate of 10 mins with one month gap would not allow to pursue this solution.
For discontinuous(unevenly ) spaced data, instead of FFT, Lomb-scargle periodogram is used. If someone can suggest a hack like that for wavelet analysis, it'd be highly appreciated.
Relevant answer
Answer
Dear Ranjan Kumar Sahu,
If you have sufficient datapoints. I would suggest you to analyze the period before and after gap separately.
  • asked a question related to Hacking
Question
19 answers
I am currently working on Intrusion Detection System for in-vehicular network and I have studied the HCRL Car Hacking dataset. Is there any python code available for LSTM-based Intrusion Detection System for In-Vehicle CAN Bus Communication?
Relevant answer
Answer
Dear Ritu Rai,
You may want to look over the following data:
LSTM-Based Intrusion Detection System for In-Vehicle Can Bus Communications
_____
LSTM-Based Intrusion Detection System for In-Vehicle Can Bus Communications
_____
  • asked a question related to Hacking
Question
4 answers
I am currently working on Intrusion Detection System in in-vehicle system. I have recently gone through the study of HCRL Car Hacking Dataset. I have understood the mechanism of DoS attack and their values mentioned in the excel and also how the message is being classified as normal or infected. The problem I am facing is in the understanding of Fuzzy and Spoofing Attack. How do we classify the message as normal or infected on the basis of random injection of the messages? Is there any specific pattern to identify them on the manual basis?
Relevant answer
Answer
have a look at this one you may need to adapt and apply your knowledge of the sources and interpret your own
  • asked a question related to Hacking
Question
3 answers
1-Analysis of the security vulnerabilities of the protocol (MAVLink),
2- Based on the vulnerability of the MAVLink protocol, we propose an attack methodology that can disable an ongoing mission of a UAV (ethical hacking).
mission in progress (ethical hacking). This attack can be empirically validated in a dedicated platform.
3- Development of a cyber attack detection algorithm.
4- Implementation of different encryption algorithms (i.e. AES-CBC, AES-CTR, RC4 and ChaCha20) in order to secure the MAVLINK communication against attacks.
Secure the MAVLINK communication against malicious cyber-attacks.
Relevant answer
Answer
Dear Imad Khaled,
Look at the following data:
THESES AND DISSERTATIONS
Securing the MAVLink Communication Protocol
for Unmanned Aircraft Systems
  • asked a question related to Hacking
Question
39 answers
Through virtual spaces and services, the metaverse can transcend the limitations of time and space, increase the convenience of life, and even create new modes of financial activity and work. But if the nature of the metaverse is an extension of our current online world, then we undoubtedly need to think about the myriad unsolved problems in the current network: problems of hacking, phishing, harassment, information privacy, hate speech, user addiction, etc. See, The Metaverse will also be at risk. What are the social implications of the metaverse?
Relevant answer
Answer
Excellent and interested question
  • asked a question related to Hacking
Question
5 answers
By referring to some scientific resources we've found that the brain produces Some signals that relate to its activities and monitored by EEG. The question is "Can we force the brain to do some actions by injecting signals (in a direct or indirect way)?".
Relevant answer
Answer
Brain–computer interface can also restore communication to people who have lost the ability to move or speak:
  • asked a question related to Hacking
Question
6 answers
All you need to know is available at www.P-Curve.com. An almost-new concept that is is being popular in many Meta-Analysis papers. [by Simonsohn, Uri and Nelson, Leif D. and Simmons, Joseph P.]
A recent #review_article and #meta_analysis with #P_Curve and #MRI and #fMRI studies including finally 18 articles about the #fusiform_face_area. (With topics on  #publication_bias or #p_hacking , #replication_crisis and #R codes ) Title = P-curving the fusiform face area: Meta-analyses support the expertise hypothesis. Link = https://www.sciencedirect.com/science/article/abs/pii/S014976341830798X#:~:text=Meta%2Danalyses%20support%20the%20existence,be%20correlated%20with%20behavioural%20performance.
Relevant answer
Answer
Thank you
  • asked a question related to Hacking
Question
3 answers
I was searching in the journal "Journal of Computer Virology and Hacking Techniques" webpage
for a Word template but I was only able to find a Latex template.
Does anyone know how to get the Word template?
Has anyone tried before submitting to this journal so they can share the template?
Please help me out with this.
Thanks.
Relevant answer
Answer
You are welcome. You have several options or applications but I suggest to start with overleaf.com. Create a free account and Google "Learn LaTeX in 30 minutes". You can use an existing template to practice with it. You can also search for any command when needed. For the journal you are interested in, you can download its LaTex package (zip), and in overleaf.com, create a New Project by uploading that package option. You'll see the source code, pdf document from compiling and project files on the left. The free version works well and you can generate a manuscript. Yet, if you need some advanced features or have an issue with processing time you may need to upgrade your account or switch to Tex Maker or other applications.
  • asked a question related to Hacking
Question
20 answers
In my opinion, the information posted on social media portals are not 100 percent. safe.
There have been cases of hacking and stealing information from thousands of records, user profiles of these portals.
In addition, there are developed techniques for building programs that read information from commentators entered into thousands of profiles of social media portals.
Then this information is a research material for the sentiment analyzes carried out, i.e. analyzes of opinions prevailing among users of these portals on specific companies, brands, products and services.
Do you agree with my opinion?
Please reply
Best wishes
Relevant answer
Answer
The level of cybersecurity of data collected on social media is constantly being raised. However, there is still no full 100 percent. cybersecurity on this issue.
I invite you to the discussion,
Regards,
Dariusz Prokopowicz
  • asked a question related to Hacking
Question
4 answers
I am currently using a 20uL tip to create scratch but apparently, with every new biological replicate exp, I do not get uniform or similar scratch as the previous exp. Any hacks/tips on how to achieve a uniform scratch every time? Also, Pls recommend the best tool/software to accurately measure the widths? Thank you.
Relevant answer
Answer
Hello Ankit Naik
I used to do the scratch with a 20μl tip and it is always going well. Here are some tips that may help:
if you do the assay using 6 or 24 well plates, you may use the plate cover as a ruler during scratching.
don't twist the tip and try to fix the angle between the tip and the plate during scratching. it is better to run the tip over the cells once. regarding the second part of your question, ZEN Blue Software is doing well and you can set it up with your inverted microscope camera https://www.zeiss.com/microscopy/int/products/microscope-software/zen-lite.html
you can also use any photoshop program, in this case, the width will be in pixels.
these may help you to optimise your assay
In vitro scratch assay: a convenient and inexpensive method for analysis of cell migration in vitro
Good Luck
  • asked a question related to Hacking
Question
5 answers
Are there any law regulating cybersecurity in medical devices?
Relevant answer
Answer
In Poland it could be a pure hacking and additionaly it might be qualified as causing direct danger to health or life. Besides, data protection regulations may be applied.
  • asked a question related to Hacking
Question
19 answers
The field of research and business applications in the field of obtaining, archiving, analyzing and processing data in Big Data database systems has been developing strongly for several years.
There were hacking theft of personal, sensitive and secret data regarding users of social networks.
Are the results of research known, or are you familiar with publications describing risk management processes in the area of obtaining, archiving, analyzing and processing data in Big Data systems run by technological internet companies such as Google, Facebook, etc.
Technological internet companies such as Google, Facebook, etc. have the ability to obtain classified, sensitive and personal data from the Internet about the users of websites, including search engines and social media portals, who use these information services.
For the needs of these considerations, the issue of the security of classified data stored in Big Data database systems run by internet technology companies managing social media portals should be added.
There have been frequent thefts made by cybercriminals who, from these Big Data systems, stole classified and sensitive information about hundreds of thousands or millions of users of particular social media portals.
The development of social media portals therefore generates an increased risk of theft of data on users of social media portals.
Therefore, technological internet companies that run social media portals but also other companies that collect large amounts of data about users of specific, information services should continually develop and improve risk management systems for potential data loss from Big Data information resources.
Due to the above, in many companies, especially in large corporations, integrated risk management systems are built and improved.
Integrated risk management systems combine risk management processes in various areas of a company, institution or other organization.
One of the areas of risk management, the importance of which in many companies is growing, is risk management in the area of obtaining, archiving, analyzing and processing data in Big Data database systems.
In view of the above, I am asking you: Is the risk of cybercriminal attacks on Big Data database systems that contain personal data of social media portal users growing?
Please, answer, comments. I invite you to the discussion.
Relevant answer
Answer
Yes it is actually on the upward trend as pointed out by Dariusz Prokopowicz
  • asked a question related to Hacking
Question
23 answers
Online mobile banking is dynamically developing because pro-development factors continue to outweigh the factors limiting this development.
The main development factors are the reduction of operating costs for banks and facilitating remote access to banking services, including mobile payments to clients.
Currently, the only barrier to development can be increased activity of cybercriminals stealing data from online banking clients, hacking into online bank accounts of customers and robbing clients of financial means. However, banks have so far quickly identified this type of cybercrime incidents and have been gradually improving their mobile banking security systems.
Another factor limiting the development of online mobile banking may be the number of bank customers interested in this type of banking.
What are the other key determinants of the development of mobile banking?
Please answer
Thank you very much
Dear Friends and Colleagues of RG
I described the problem of cybercrime in publications:
I invite you to discussion and cooperation.
Thank you very much
Best wishes
Relevant answer
Answer
During the SARS-CoV-2 (Covid-19) coronavirus pandemic, the e-commerce industry accelerated its growth. The scale of purchases and payments made via the Internet has increased. In addition, due to anti-pandemic security, more and more citizens use mobile banking implemented from the smartphone level and make contactless payments with a smartphone, avoiding cash. Therefore, the development of internet banking could partially offset the decline in lending caused by the decreased interest in bank loans.
Best regards,
Dariusz Prokopowicz
  • asked a question related to Hacking
Question
12 answers
In recent weeks/months, I have received literally dozens of notices from Elsevier to indicate that a journal that was added to its centralized online submission and peer review tracking system, called EVISE, has now been transferred to Editorial Manager (EM), which is owned by Aries Systems Corporation. Much time was used adding journals to EVISE, only now to see that time wasted as journals get shifted. In some / many (?) cases of the transfers to EM, we have to waste time adding new details. I contacted Elsevier about this and got no response. So, my questions to any academic who might know about this, are:
1. Is EVISE being phased out?
2. Is there a security risk or technical or other problems with EVISE?
3. Have there been instances of hacking that might have compromised the integrity of journal submission? This is because one EVISE account (username + password) allows for access to multiple journals.
If others have experienced this, please share.
Relevant answer
Answer
"All journals formerly using EVISE have been migrated to Editorial Manager as of 1 Dec 2020." That's actually an inaccurate statement by Elsevier. I received 4 emails after December 1, on December 3, 8, 10 and 16 (2020), to inform me of journal migrations.
  • asked a question related to Hacking
Question
6 answers
What if I make my machine stuck with a physical hardware switch when someone attacks my computer ? Can it be a good feature as all access is based on NIC card and what if I disable it when a hacker tries to hack my computer ?
Relevant answer
Answer
Thank you Sir Jeff Sedayao I accept the fact that the computer can still remain infected and can lead to a permanent damage. Thanks for an descriptive answer. I understood the point of not having a physical hardware switch. I accept that there can be non-vulnerable attacks which we can't sense. But yes we can possibly bypass the attacks which we already know. The zero-day attack is also something dangerous to the society. Actually I was not aware of it but as you shared I researched on it and got the answer. Thanks once again for sharing the new words. I am very thankful that I learned something new today from you.
  • asked a question related to Hacking
Question
5 answers
AI Safety Issues can be categorized into five main classes including "Safe Exploration", "Scalable oversight", Avoiding “reward hacking” and “wire heading”, "Avoiding negative side effects" and "Robustness to distributional shift" (Amodei et al. (2016). Concrete Problems in AI Safety).
Can we categorize safety assurance of Evolutionary Optimisation Algorithms (e.g. Genetic Algorithm) as Safe Exploration?
Is there any approach for quantitative safety evaluation of such algorithms?
Thanks for your time and consideration.
Relevant answer
Answer
I'd say these are classes to categorize the safety issues, not algorithms or families of algorithms.
For safety assurance, you'd need to address all issues relevant to your application.
Although safe exploration might be most important for Evolutionary Optimisation Algorithms, you'd still want to also avoid negative side effects.
  • asked a question related to Hacking
Question
2 answers
Does Hacking in softwares, has any creative angle ? is it proper creativity or we need to change the Direction of ideation ?
does hacking also promotes the creation of other software solutions.? if yes should we accept it correct.
Relevant answer
You have to hack the hacking itself in different paths to be 'creative' within an ethical framework!
Regards
  • asked a question related to Hacking
Question
5 answers
As an ADMINISTRATIVE NOTICE, RG seems to have human oversight, software problems, and lack of control of entry. RG may have been hacked, which is common under COVID. Things will likely get worse, next. But, we don't have to bear it.
This and other discussions on RG are hereby suspended.
Relevant answer
Answer
I never posted here. Thanks for the recommendations, though.
  • asked a question related to Hacking
Question
3 answers
Indian government launch the arogya setu app for tracking the covid-19 I fection and alert the user .
But I have a question what if some one is providing false information to app, does it will create a loophole? For example- A man hacked Google Maps to cause cause virtual traffic jam with 99 phones. Berlin: Call it bizarre but a German artist Simon Weckert has posted a video on YouTube, showing how he "hacked" Google Maps with 99 smartphones and a wagon to create "virtual traffic jams" on the streets of Berlin.
will it affect the community if app shows fake infection?
Relevant answer
Answer
Currently there are many issues regarding liability and safety concerns which have been raised by various sectors..
  • asked a question related to Hacking
Question
15 answers
Hey guys,
I am a MSc student who is looking for a cyber security project for my dissertation.
I am really trying to find a practical concept related to penetration testing or ethical hacking but I do not know a lot about the filed and I'm struggling to find an idea. My goal would be to learn more about pen testing while doing this project.
Our university has suggested penetration testing on IoT devices but other people have chosen this project already.
Has anybody got any other ideas?
Thank you all.
Relevant answer
Answer
Dhiraj Nage I think you are refering to Abertay University (Dundee) who do a Ethical Hacking degree which has a very good reputation
  • asked a question related to Hacking
Question
6 answers
The python library TensorFlow (TF) is proving to have many powerful applications (https://www.tensorflow.org/about/case-studies). What TF programming 'hacks', generalized or specific applications are you interested in?
Relevant answer
Answer
Indeed TensorFlow via Matlab for classification and clustering via multivariate statistical models may be highly welcome.
  • asked a question related to Hacking
Question
3 answers
I have devised a system of simply embedding data directly into cryptocurrency transactions. It is quite flexible and powerful because it can be triggered from light clients/smart phones. I call it DiMECASH and have a site devoted to displaying the messages that I write:. https://dime.cash/doge
Generally, it is a hack, but then so are op_return codes.
9sJAZZxHANDSxJAZZxHANDSzzzzzZmzWcE
This is an example that works on Doge. Mixed with a system of checksums embedded as Satoshi codes, this becomes very powerful and flexible.
I am looking for collaborators. I think this is disruptive in it's simplicity.
Relevant answer
Answer
This is simply a set of conventions which can be applied to any crypto-currency that is forked from bitcoin in order to put messages into the ledger by using unspendable (fake) addresses in transactions. The site, https://dime.cash demonstrates. The addresses spell out text and they can be compounded together to form sentences, actual valid transactions can be included so that a very readable memo is possible. Similar efforts using OP_RETURN codes are popular, such as memo.cash which transforms bitcoin cash into a social network. The Estonian website https://crytograffiti.info is actually the closest to my vision (using an similar address scheme). Ultimately all of these efforts can be co-mingled to create a large multi-currency data pipeline. I believe that my addition has merit because it is very readable and understandable to someone peering into the system from the outside and is accessible by a person who has first acquired a wallet and a small amount of dogecoin. I have devised a simply voting system that I believe in novel.
  • asked a question related to Hacking
Question
3 answers
I am looking for case studies of actual privacy risks. At the core of privacy and data protection impact assessments, we find the concept of 'risk' meaning - in this case - the probability of a threat to personal data and the possible harm or damage caused by this threat. E.g. I fall victim to a phishing attack and the attacker gains access to my bank account, the actual harm being that my account is emptied. Another example would be that my account at a social media platform is hacked and my identity is used to "go shopping".
Now, one finds a lot of literature on privacy (PIA) and data protection impact assessments (e.g. the edited volume by Wright and De Hert (2012) on PIA), on the potential risks of low levels of data security (e.g. Rosner, Kenneally (2018): Clearly Opaque: Privacy Risks of the Internet of Things), on technological and organization standards (e.g. ISO 27001 on Information security management), or on the regulatory frameworks of privacy and data protection (e.g. everything on the details of the GDPR in the EU). But I have a hard time to find research results evaluating actual risks similar to your risk to fall victim to a traffic accident, have your home being broken into, or get cancer.
I would welcome any hint to empirical publications on actual privacy risk analysis be it from medical, social, internet-based or any other research that you consider as most important. I am *not* looking for literature on how to conduct privacy and data protection impact assessments or standards for this purpose. Thank you.
Relevant answer
Answer
This is a great question, and inspired to me to look for some quantification of the risk and probability of data breaches and harm. Found the following reports which may be of interest. They are largely from security companies and insurance companies, which would have access to this kind of data and might need data like that to set insurance policies.
  • asked a question related to Hacking
Question
6 answers
Is EO suitable only to provide global food production monitoring or it can help also to farmers in developing countries? Is the resolution of current EO limitation? Where EO could help to farmers? What could be killing applications? Are this climatic analysis or some other analysis? This and more other questions we are trying to answer in EO4Agri projects http://www.eo4agri.eu/ . See our gap analysis report https://www.researchgate.net/publication/336022413_EO4AGRI_D22-Initial-Workshop-User-Requirements-and-Gap-Analysis-in-Different-Sectors-Report-v10 and try to help us identify additional possibilities or comment our conclusion. During the project we already discussed our ideas with African community during Nairobi INSPIRE Hack https://www.plan4all.eu/2019/04/team-1-progress-report-i/
Relevant answer
Answer
Dear Maged,
thanks for this answer. We will try discuss questions of EO for food security on next GEO meeting in Canberra.
  • asked a question related to Hacking
Question
25 answers
Multi-factor authentication (MFA) adds a layer of security that allows companies to protect against the leading cause of data breach — compromised credentials. Users provide extra information or factors when they access corporate applications, networks and servers. Is Multi-factor authentication can be hacked? Yes/No and How?
Your thoughts?
Relevant answer
Answer
dear Ali A. Al-Homaidan - thank you for your reply!!
  • asked a question related to Hacking
Question
3 answers
After the use of paper hack tools such as sci-hub the majority of journals prefer the open-access format where the authors pay the publication to be shared. Do you think we ll still have pay to download publications where the authors don't pay the journal?
Relevant answer
Answer
Some body has to pay the costs of maintaining publication systems online and processing fees as in open access journals or purchase publications or membership as per traditional system. Currently both models are working. The challenge is the progressivie increasing numbers of new journals and the deterioration of the quality of published research in these new journals and the lack of originality. I think universities, research institutes, and governments have to fund local journals and support researchers in this regards. We also need to encourage quality of research output not just numbers. So funding has to support this type of research, and therefore, regulations needed to help in managing funding.
  • asked a question related to Hacking
Question
7 answers
I'm trying to find a detailed procedure (reaction or experimental section) or manual for doing a certain process or operating an instrument
Can you please share some tricks or keywords or database address to use to fulfill my aim
Relevant answer
Answer
P. K. Karmakar
Dariusz Prokopowicz
I'm always using keywords such as manual, procedure ...... but none of them is bringing out the results I want
I'm not sure if its a keywords problem or google is banning such information
For instance its so easy to find manuals for instruments but not the experiments done in scholar papers with the specific masses and volumes
Some papers have attached extra details about the experiment the majority don't and its always ambiguous to find technical procedures
  • asked a question related to Hacking
Question
2 answers
Hello to everyone:
I'm studying an active fault and I'm trying to use the SL or Hack Index (Hack, 1972). I've read a lot of papers that use this index, and I understand the theory, but I don't know how to compute it or applied it with the computer.
I have the DEM, the watershed, the main stream, etc. all on GIS, so now I need to compare the SL index profile and the elevation profile and find knickpoints.
Thank you!!!
Sebastián
Relevant answer
Answer
Thanks for your answer. I'll try with those ones.
Best regards,
Sebastián
  • asked a question related to Hacking
Question
16 answers
Let's discuss a scenario where a thief sends an email with a fake link, hoping a user will click it. And the link could install malicious software, malware, in the user's computer. And the malware could transmit sensitive information back to the thief, you know, such as passwords. And this is fairly typical. Phishing schemes are becoming very common, because if you send them out to 10,000 people, you're probably gonna have 500 to 700 people who are dumb enough to click on them. How frequent and effective is Phishing schemes?
Relevant answer
Answer
How to prevent PHISHING/SPOOFING
  • Be suspicious of any unsolicited email requesting personal information.
  • Avoid filling out forms in email messages that ask for personal information.
  • Always compare the link in the email to the link that you are actually directed to.
  • Log on to the official website, instead of "linking" to it from an unsolicited email.
  • Contact the actual business that supposedly sent the email to verify if the email is genuine.
  • asked a question related to Hacking
Question
15 answers
In connection with the development of cybercrime on the Internet, the security systems for transfer and processing of data, financial transactions, electronic banking, etc. carried out on the Internet are improved. In addition to electronic banking, the key information security in the internal IT systems of central state institutions is protected. Cybercriminal attacks on cyber-banking systems and hacker attacks aimed at companies to extort ransom for decrypting data encrypted by computer viruses on disks (cybercriminal ransomware attacks) and hack attacks from abroad on key central institutions, ministries and other institutions of the public administration sector and enterprises of strategic branches of the national economy.
In connection with the above, I am asking you:
Do you think, for security reasons, everything that happens on the Internet should be analyzed by the public security services?
Please answer
Best wishes
Relevant answer
Answer
Following
  • asked a question related to Hacking
Question
3 answers
Quite an interesting article in the latest edition of Wired magazine which argues that we need to re-secure the blockchain. The article argues that hackers will use quantum computing technologies to hack supposedly unhackable blockchains and that the two technological forces must come together. Can we push for collaboration between these two seemingly competing technologies ?
Relevant answer
Answer
Can you please add the link of article? This is going to be a reality one day when the quantum computing technology reaches to more active usage and relevant algorithms are developed. Most of the current encryption algorithms used in crypto technonology (for example RSA) is based on the unique multipliers principle of big numbers. I think everyone can guess the unique multipliers of number 6 is 3 and 2. However, how about a big number with 500 digits? Calculating the unique multipliers for this kind of big number is a challenging task for a regular (or a super) computer which can take hundreds of years. So it is mathematically possible, but practically impossible. That is one of the promises of quantum computing to handle today's impossible computational tasks of today within very short time (minutes, hours??). And solving the unique multipliers of RSA hashes of blockchain (or can be called "hacking") is one of the implementation area of many. I am not an quantum tech. expert, but my primitive guesses point me to the development of quantum resistant hashing algorithms and bringing a new "blockchain" into the world. Having said that, IOTA Tangle is referred with a quantum-resistant hashing algorithm already (though not sure whether really is).
  • asked a question related to Hacking
Question
3 answers
CASIA v 2.0 database is actually available at http://forensics.idealtest.org/casiav2/
But, google says it is hacked and some malware is there in the site.
Please suggest me how I can download the dataset?
Anybody Please share the dataset offline.
Thanks in advance.
Relevant answer
Answer
  • asked a question related to Hacking
Question
6 answers
If software and hardware could prevent every security threat, there would be no intrusions, hacking, malware, or ransomware – yet there is news about new attacks almost daily. Why? Security is a process, not a product. The most effective cybersecurity operations require 24/7 monitoring with a Security Operations Center (SOC), separation of true security threats and information from the benign, and immediate response.
Determine Inherent Risk Profile Management can determine the institution’s overall Inherent Risk Profile based on the number of applicable statements in each risk level for all activities (Figure 2). For example, when a majority of activities, products, or services fall within the Moderate Risk Level, management may determine that the institution has a Moderate Inherent Risk Profile. Each category may, however, pose a different level of inherent risk. Therefore, in addition to evaluating the number of instances that an institution selects for a specific risk level, management may also consider evaluating whether the specific category poses additional risk.
Relevant answer
Answer
The above question inspired me to the following considerations:
The analysis of banking Trojans consists in researching methods of cybercrime in the field of infecting the bank's information systems, both those which are intra-bank and those that serve bank customers as part of online mobile banking. Analysis of attacks by cybercriminals, for example, viruses popular in recent years, trojans of the ransomware type, which after encrypting computers encrypt data disks. In addition, other types of Trojan horses are used to steal sensitive data, personal customers or embezzlement of money from clients' bank accounts, extorting loans, etc. After analyzing methods used by cybercriminals, banks strengthen security systems, protect banking systems against these attacks, improve security and authorization tools online banking clients. In addition, the next step is to improve the risk management process of IT systems. I described these issues, among others, in the following publications:
In addition, cybercriminal attacks on electronic banking systems are probably much more than official statistics provide, because banks do not boast of these events if they do not have to.
This is because many of these cybercrime attacks are ineffective or have relatively low costs, and the identified gaps in the e-banking system are quickly repaired.
however, if the bank customers knew all these events of cyber-criminals, this could reduce the level of confidence in banks.
Then, bank customers could start to withdraw bank deposits from banks and dopiers on a massive scale, then a serious problem for banks would appear associated with a sharp increase in the level of liquidity risk.
I invite you to the discussion.
  • asked a question related to Hacking
Question
1 answer
Is there a dataset already available to use?
I tried this with http://www.zone-h.com and apparently this collection should be handled manually, which unfortunately is very time-consuming. Is there a better way to collect this information?
Relevant answer
Answer
Finally, I designed a software to generate data that invokes a new page every time and can convert HTML content to text.
  • asked a question related to Hacking
Question
1 answer
I was working with a client-server project based on UDP and 802.11 as a link and physical layer. There, Client was trying to probe some packets in the wireless channel to gauge channel condition. This function is required to set up the transmission speed & estimate packet drop rate in my client application. To carry out that function, It is required to measure the number of re-transmission that is occurring in IEEE 802.11. In the transport layer, there won't be any re-transmission as UDP is used but if the wireless channel is bad (no acknowledgement from the receiver MAC) the IEEE802.11 wifi NIC will re-transmit. How should I measure the number of re-transmission in IEEE 802.11 layer? Say for 200 packets from application how many re-transmission in IEEE 802.11 layer?
Or Is there any kernel hack that will stop the IEEE802.11 re-transmission feature?
  • asked a question related to Hacking
Question
5 answers
Today due to the hacking exploits, data security is a major concern for both consumers and companies.
The sheer potential scale of AI’s reach in consumer and IoT applications makes security even more crucial.
From recent study people now are deeply concerned about security (85%) and where their data is stored in the network, be it in edge devices or the cloud.
#artificialIntellicence #machine #companis #IOT #Security #Network #edge #device #cluod #Intelligenza #Artificiale #sicurezza #dispositivo #Randieri #Intellisystem #IntellisystemTechnologies
Relevant answer
Answer
Any machine is unreliable, AI machine is unreliable as well due to deduction.
  • asked a question related to Hacking
Question
3 answers
Cochlear implants help those with hearing loss. These devices demonstrate that in principle implantable electronic devices can improve human functioning. It seems we are headed for an era when cognition can be improved by implanted computers. Maybe the implants will come with wifi, enabling the user to access information available on the internet. Artificial enhancement of intelligence has been explored, for example, in the story Flowers for Algernon and in the movie depiction of it, Charly. We are getting closer to electronic implants. (See for example, http://www.innovationmanagement.se/2018/03/23/the-vast-benefits-of-tech-implants-in-the-human-brain/). Suppose it becomes possible. What would happen if someone could hack into people’s brains via their implanted wifi connections? Will science begin to advance exponentially? Will it cure dementia? Are there committees of the wise looking at these issues?
Relevant answer
Answer
Good question,
First of all, we need to take consumers acceptance to the entire idea in consideration.
Then, with more and more of these devices implanted in humans of course more challenges will be discovered and solved on the way.
If at one point we realize that the benefits of such additions to our bodies are more useful than their expected problems, then I think they will be accepted in a wide range.
Regards
  • asked a question related to Hacking
Question
1 answer
I am having a difficulty in implementing the Permutation Renormalization and Bootstrap method described by Faust et al in Microbial Co-occurrence Relationships in the Human Microbiome. My key difficulty appears to be in resolving visibly distinguishable communities with igraph. Community detection finds distinct communities (Louvain method), but I am still having trouble generating network plots with clearly distinct clusterings/communities of nodes. The networks "look" random and have densely packed edges.
While I thought this was to be expected given the number of nodes in my network is 2700, using the method created by Faust et al just doesn't seem to mark enough correlations as insignificant. I've even tried taboos like p-value hacking and setting percentile thresholds on the resulting nodes that are marked as "significant" in an effort to cut down on nodes.
To give an idea of the network's scale, I used a subset of my abundance data consisting only of 1,500 OTUs out of the original 2700 (by setting the rowsum abundance threshold to 12) when following only the protocol in the literature I get a network with 500,000 edges (In networks constructed with all 2700 OTUs or close to, that number approaches 3,000,000). The testing only appears to be removing roughly half of all edges. I am also removing all negative edges as I am interested in co-occurence only at this point in time.
I further pruned this network by setting a 99th percentile threshold on the correlation strengths of the significant correlations. I was then able to get a network of ~5,000-10,000 edges depending on the specific threshold. I'd like to say that the network is sufficient but this is obviously not the case. Is there any insight anyone can give me with this problem? Should I use the method in Faust to only remove correlations due to compositional effects and then perform a percentile threshold on the remaining correlations?
Relevant answer
Answer
Hello David,
Based on my experience, it should not happen.
Are you using CoNet to apply ReBoot, or have you coded yourself?
Secondly, it seems, you're using raw abundance. Try running the algorithm after normalizing it for each sample, and remove OTUs based on presence (select OTUs present in more than 10% of samples and mean abundance of 0.1%; this is because, sparsity can also affect the number of edges, and network inference is mostly driven by the core microbiome).
Try changing the p value merging method, and apply p value correction.
Also, the number of edges depends on the correlation method used. Spearman or Kendall work very well, while pearson sometimes increases the coefficients due to few outliers.
I hope it helps.
  • asked a question related to Hacking
Question
4 answers
Today due to the hacking exploits, data security is a major concern for both consumers and companies.
The sheer potential scale of AI’s reach in consumer and IoT applications makes security even more crucial.
From recent study people now are deeply concerned about security (85%) and where their data is stored in the network, be it in edge devices or the cloud.
#AI #Machines #Personal #Information #security #both #consumer #applications #network #cloud #devices
Relevant answer
Answer
Its possible to happen
  • asked a question related to Hacking
Question
9 answers
Almost every properly configured commercial system will have only one TCP/IP port open to the Internet: Port 80.
Since this is the only way into the system, hackers will try many different ways to compromise it via this port. Surprisingly, there are only about 80 to 90 different hack queries in common use over the last 6 years, or so.
Commonly available IDS/IPS systems seem to only fall into one category, which keeps a blacklist of several hundred thousand malicious addresses, to which it refers every time a query appears on port 80. To stay current, the blacklist is updated every few days.
Since there are only about 80 distinct hack query formats, doesn't it make more sense to evaluate the threat by examining the query?
That's how we designed our IPS
Relevant answer
Answer
IPS = Intrusion Prevention System, stop any sort of intrusion before it happens
IDS = Intrusion Detection System, detect intrusions after they happen
The blacklist rules you are talking about would most often be implemented in a firewall (as it is usually the first appliance to see a request from the outside). Firewalls could technically be considered an Intrusion Prevention Device since it is preventing the outside requests from entering the network.
Common Intrusion Detection Services include honey-pots or internal network analysis tools. These tools are employed within a network to try to detect any bad behavior that has made its way past the firewall and other IPSs. Honey-pots are systems made to look like regular computers and offer up 'vulnerable' services that seem very enticing for hackers but everyday operations within the network will not interact with the honeypot. Once a hacker begins attacking the honey-pot the alarms will go off and the administrators will know that an intruder is in the network.
To answer your followup question: that specific botnet may have only used those 80 common queries but other botnets can(and probably will) use many other different queries. Telling your IPS system(firewall) to block those specific queries is a good start, but in order to battle more and more botnets you need to start thinking about the behavior and timing of the attacks as well as the source location of the attacks.
I would recommend looking up Bro and Snort for Intrusion Detection Systems, they are very powerful and opensource products that can be deployed on a raspberry pi or other compute device.
  • asked a question related to Hacking
Question
2 answers
I am trying to fit graphene in very with very poor laser lanes and am trying to put the peaks in the right place. However, many times, the data has a lot of noise, and it is very hard to eliminate these errors. Basically, I am manually trying to unselect a few data points that are obviously noise and hope the peaks to go to the right place. It does not always work though. If you know something else that I can do, let me know please.
Relevant answer
Answer
I _think_ that I understand what you are asking. You are peak fitting a spectrum using PeakFit software. You have problems to get the peaks to fit automatically because of spurious noise (spikes) in the data.
This seems to require that you should do one of four things. You can improve the signal to noise in your captured data to reduce/remove the unwanted features (spikes). You can manipulate the data to remove (zero out) the spikes before you process it. You can use the software (PeakFit) in manual mode rather than automatic mode to find peaks. Finally, you can use software other than PeakFit that is better designed to do the specific analysis that you need.
To help improve the answers, you might post an example image of a spectrum where peak fitting works well and one where the fitting does not work well. I am for example especially curious what you define as "obviously noise" versus what you consider to be peaks. What is the height of the noise versus the height of the peaks? What is the half-width of each? Are you working with peak heights that are at least three times the RMS noise level?
  • asked a question related to Hacking
Question
4 answers
Protandim and NRF2 stimulator do that. Any researcher want to add some thing, I cordially invite them. I am very thankful to your suggestion.
Relevant answer
  • asked a question related to Hacking
Question
4 answers
I am a cyber security expert and have worked in corporate penetration testing/ethical hacking teams. I am interested in the scheduling and capacity problem in determining the elements required to scale individual and team operations for optimum coverage and efficiency. There is a mystique to cyber security, but in reality, cyber security in general and security testing itself are skillsets that can be detected, taught, developed and put to use to get work done. I'm interested in applying literature on the scheduling problem to implement scaling and efficiency in this new application.
Relevant answer
Answer
Hi Christopher
In my view, there is no mystique to cyber security. Either you take the proper steps to secure your system, or you do not. Further, you also need to monitor your system continuously, to ensure you do not fall victim to new, as yet undiscovered, vulnerabilities. If you get it right, you stay secure. If you get it wrong, you will invariably be breached, with all the attendant fall out.
Similarly, from the penetration testing perspective, the same principal applies. Your team needs to be at the forefront of the field. The team needs to have very current knowledge about all the latest vulnerabilities, as well as a thorough grounding in the technicalities of systems architecture, newtork architecture, security configuration and so on.
In any team situation, over time, you will discover that some team members are better at one particular task than others. You should learn to take advantage of this capability in your daily work. However, you do need to ensure that all team members get the opportunity to try every aspect of the job so that you never have a skills shortage anywhere in the team. There must be time, opportunities and funding in place for continuous training as well as cutting edge research. Remember, being an expert means that you have to have a high level of knowledge in the area. And given the spectacular rate of change in the area of cyber security, if your experts do not keep themselves right up to date, they soon won't be experts any longer.
The organisatioin of the team for a penetration testing job will very much depend on the requirements of the client. This will determine the extent of the work you must carry out. Once the scope of the job is identified, and a price agreed, then you, as a team leader, will know the amount of work you are required to carry out, as well as the resources that will be made available to you. Clearly, you will seek to optimise the way in which you carry out the work, using the most skilled expertise for the appropriate tasks, but wherever possible, you will seek to automate the process as much as you can. After all, this is what the bad guys are doing, and you need to be able to keep up. Most of the tests you will carry out can be automated relatively easily, so you will do this in as intelligent a way as you can.
At the end of the day, the client needs to know just how secure their systems are and how resilient to attack they are. Your team needs to be every bit as good as the bad guys, and preferably better.
I hope that helps.
Regards
Bob
  • asked a question related to Hacking
Question
1 answer
I would like to know the process of creating a Hack's stream gradient index map using only ArcGIS software.
Relevant answer
Answer
Shuvasish,
Follow this site.
You can use Matlab based "TecDEM" toolbox for your analysis.
  • asked a question related to Hacking
Question
6 answers
I would like to hack a digital burette (Brand Titrette) and a pH meter connected to a platinum electrode with which I am measuring electrical potential during a titration. I would like to integrate data from the digital burette and the meter so that I can automate data entry into an excel spreadsheet and streamline data collection used to generate a titration curve (x-axis: volume, y-axis: potential) that would be used to identify the equivalence point of the titration.
Can anyone recommend a hack that I could use for this purpose? Let me know what other information would be helpful.
Thank you, JS
Relevant answer
Answer
The very easiest way to do that is use the text strings capability of DAQ2GO and its 24 bit (submicrovolt) sensitivity. This tool takes the data straight into excel and can do real time control of the motor delivering titrant. There is a complete, finished interface available at modest cost. Check DAQ2GO.COM and youtube videos ("DAQ2GO" search term). We even use it to control one of our 3 dimensional gantries for lab automation.
  • asked a question related to Hacking
Question
4 answers
These days many attackers are using mechanisms of making fraudulent phone calls (vishing) to collect vital information of people and then use them to trace their credentials and finally hack their credit and debit cards for money thefts. Another very prevalent ways of web application hacking is through phishing. There prevalent ways to tackle these are mostly precautionary, however, these precautions are mostly non-waranted from a lay man or a non-commoner or a less versed cyber user. We need more automated ways of handling them.
Relevant answer
Answer
Besides user training on an annual basis, I'd recommend having your sysadmins suppressing the hyperlinks in all incoming emails at the server. That way, your folks can still see the URL address in the email, but they would have to copy and paste the URL into a browser to get to the site. Not a silver bullet (some folks still copy and paste the URLs, believe it or not) but it helps. Downside is that your users get upset a bit by not seeing hyperlinks in their emails but if you explain why you suppressed the links, they should understand. But they still won't like it...
  • asked a question related to Hacking
Question
1 answer
how to wordpress site paypall plugin hacking link ?
Relevant answer
Answer
By spamming Wordpall plugin hack link.
Twice
  • asked a question related to Hacking
Question
5 answers
There are lots of hacking way to hack the internet server, i want to prevent my server by those types of hacking. How ?
Relevant answer
Answer
Hi Chandan
You say you are hosting your web apps on either AWS or Google cloud. I wonder why your setup is done this way, and why you need to transfer files back and forth between these systems. Such activity adds to your potential vulnerabilities, and the more vulnerabilities, the more work you need to do to ensure your system is secure.
The best approach is to keep your system as simple as possible. Running on a single cloud server would be a good start for this approach. Custom build your operating system by removing all services which are not needed. Do the same for your web software. Minimise all permissions to the absolute minimum you can use. Sanitise all user input, but wherever possible, try not to allow users to input to your system. Check out the OWASP website (see link below). They can give you a huge range of suggestions to mitigate the kind of problems you are likely to face. They cover conventional systems, cloud systems, wireless systems and IoT systems. Most of these solutions are simple common sense, meaning there will be very little cost involved in protecting your web apps.
Also, make sure you take full steps to ensure you maintain a proper audit trail of all events concerning your web apps, such that you can know at all times who has accessed, added, modified, or deleted what files are on your system. This should be the only time you contemplate making your system split to more than one service provider, especially if you can restrict the information access on the second system. Also use a good Intrusion Detection System. Make sure that you monitor all system logs regularly. Indeed, you can write some code to do this for you which can send regular updates of any unusual activity. If you don't do this, you are likely to miss unwanted activity in your system.
The good news is that both AWS and Google Cloud are good at keeping their cloud systems secure, but all their efforts come to naught if you leave your own software vulnerable. So get reading and try to learn as much as possible about protecting your systems - and implement whatever you need to do to keep everything secure.
I hope that helps.
Regards
Bob
  • asked a question related to Hacking
Question
1 answer
As we known till now Virtualization has reduce the cost of buying operating system and IT equipment's for many companies, I am looking at how easy it is to hack live migration in a Linux cloud with different tools such as Xin and KVM to exploit vulnerabilities in the cloud. 
Relevant answer
Answer
Live Migrations of Virtual Machines in Cloud Environment are done in a secured manner with Virtual IPs set to divulge the external threat. These virtual machines are hosted on vendor hosted hypervisor like Microsoft Hyper V or VMware vSphere. It is important to note that there have been attacks like "Venom" bug which affected Xen, KVM and Virtual Box machines using Floppy Diskette drives. However, modern VMs do not present virtual floppy drives and are more robust in their security. External Virtual IPs and internal ones are different and routing tables are published behind the demilitarized zone.
  • asked a question related to Hacking
Question
3 answers
How can we receive data shown on the screen in queue management prior to reaching the screen so that it can be transmitted over a long distance.?
Relevant answer
Answer
Thank you for the responses. I need to transmit the queue info(customer number-counter number) shown on the screens at banks and hospitals either before it reaches the screen or from the screen.
  • asked a question related to Hacking
Question
6 answers
Hello,
I am working on congestion control in IoT. I have found that CoAP is able to handle it. It works on UDP.
I have some question about MQTT.
1) Can MQTT able to handle congestion? If yes, then How?
2) MQTT uses TCP as a underlying transport protocol. It uses fully TCP or do some hacks in it and use it.
These questions are important for my work.
Thanks
Vishal
Relevant answer
Answer
Hi Vishal Rathod,
1. Mqtt using TCP for communication because it requires a live connection to notify clients when a change made in the topic. Mqtt specially not use any congestion control mechanism but TCP can handle congestion control and flow control.
2. Yes, MQTT uses TCP/IP port 1883 for normal communication and 8883 for using MQTT over SSL. But there is the other one MQTT-SN (for Sensors) using UDP and here is the chance to drop packets and at that time it notify clients about congestion  using return code. So MQTT-SN needs more attention than MQTT in congestion control mechanism.
  • asked a question related to Hacking
Question
5 answers
I would like to know where I can find a good open source urls dataset that represent different kind of web attacks that could be generate a defacement in a web page
  • asked a question related to Hacking
Question
15 answers
What are the current security threats and vulnerabilities cloud users such as organizations and companies are facing? could you suggest me research papers, reports or documents related with the question?
Relevant answer
Answer
Hi Jafar
There are many security threats and vulnerabilities faced by cloud users, many of which are obvious, and some less so. Here is a suggested list of areas you should take into consideration:
Access controls
Accountability and responsibility
Audit issues
Business continuity
Complexity of systems
Data ownership
Data protection
Encryption
Failure to patch software
Forensic support
Incident analysis
Infrastructure security
Laziness
Management approach to security
Mis-configuration of software
Multi-tenancy
Non-production environment
Physical security
Privacy
Processes
Proper definition of security goals
Regulatory compliance
Resilience
Security culture in the company
Security policies
Security procedures
Social engineering attacks
Staff security training
Standards compliance
Technical complexity of cloud
The threat environment
User identity
Each of these areas will impact on your cloud security to a greater or lesser extent. By checking each of these out, you will gain a better understanding of how these issues can impact on cloud security and privacy.
Remember, the business architecture of an organisation comprises a combination of people, process and technology, thus it is vital to take this into account when seeking to develop or use a cloud system that can offer good security and privacy.
Regards
Bob
  • asked a question related to Hacking
Question
3 answers
Can someone reccomend me some ethnographic works in coding (software engineering) and hacking? 
Thanks.
Relevant answer
Answer
Many things by Gabriella Coleman (links in bibliography): http://gabriellacoleman.org/
  • asked a question related to Hacking
Question
2 answers
The source code of a program often contains a number of constants. Sometime, these constants are well used to create a ROP attack. In general, how do these constants play a significant role in being leveraged to create a successful exploit?
Relevant answer
Answer
Absolutely, that is pretty obvious. I was more interested in things like ROP attacks. A recent paper "The Devil is in the constants" make use of crafting constants to creata gadgets on-the-fly. Hence, I was wondering, how exactly (in general) do the constants matter?
  • asked a question related to Hacking
Question
3 answers
Reflection allows creating an instance of a class having private constructor, this is a loop hole of Java, is there any purpose behind this feature/bug?
Relevant answer
Answer
Without reflection Java frameworks like JUnit or Spring wouldn't work. Using reflection the frameworks can inspect classes and call methods dynamically or create objects from calsses (in the case of Spring). I'm not sure why refelection was intoduced to Java in the first place but it is a useful features for meta programming. It compromizes encapsulation so it shouldn't be used in "normal" code.
  • asked a question related to Hacking
Question
8 answers
According to cisco enterprise mobility, it is stated that "Even if port security is not an option to stop MAC flooding in wireless networks, the MAC flooding attack is unsuccessful when launched by a wireless user. The reason for this is the 802.11 protocol itself. The association to an AP is MAC-based; this means that the AP bridges (translational bridge) traffic coming only from or going to known users or known MACs. If a MAC flooding attack is launched from a wireless user, all the 802.11 frames with random source MAC addresses that are not associated to the AP are dropped. The only frame allowed is the one with the MAC of the malicious user, which the switch has probably already learned. Thus, the operation of the access point prevents the switch from being susceptible to MAC flooding attacks."
Relevant answer
Answer
If a registered MAC becomes a malicious BOT, and if it has to launch MAC flooding it has to change its MAC which will make BOT  disconnected. Therefore every time it changes MAC it becomes disconnected and hence this attack is not possible.
  • asked a question related to Hacking
Question
4 answers
I am going through the literature survey for DHCP attacks. I would be thankful if someone provide me some reference for the same.
Relevant answer
Answer
As already mentioned: Properly configured "Port security"  is a countermeasure against DHCP starvation.
Cisco switches  allow for so called "DHCP snooping": It is possible to specify trusted and untrusted ports. The trusted port should be the port where the DHCP server is connected to. The switch does not allow any DHCP responses (offer, ack)  on untrusted ports. For an introduction seee here: http://packetpushers.net/ccnp-studies-configuring-dhcp-snooping/
I only know Cisco networking devices; but I assume other manufacturers have similar technologies…
  • asked a question related to Hacking
Question
10 answers
Studying malwares behaviour might be complicated but after we do behaviour analysis of malware, what advantages can we get?
Relevant answer
Answer
These all are widely used tools. if you still want to test then setup your own system (Cuckoo Sandbox- http://www.cuckoosandbox.org/ )and compare both results :)
  • asked a question related to Hacking
Question
2 answers
http://www.eresi-project.org/ Really cool project.
Relevant answer
Answer
The ERESI Reverse Engineering Software Interface is a multi-architecture binary analysis framework providing a domain-specific language for reverse engineering. ERESI features OS-wide support for analysis, instrumentation, and debugging of INTEL, SPARC, MIPS, ALPHA and ARM binary programs. ERESI is enhanced for operating systems based on the Executable & Linking Format (ELF) such as Linux, *BSD, Solaris, HP-UX, IRIX and BeOS, but it can also debug any OS in a virtual machine or emulator via the GDB protocol.
For more info you can google it, and may you need rundown Reversing secret of reverse engineering.