Publications
Detecting Remote Access Trojan (RAT) Attacks based on Different LAN Analysis Methods
Oct 9, 2024Journal Engineering, Technology & Applied Science Research
Publisher D. Pylarinos
DOI https://doi.org/10.48084/etasr.8422
Issue 5
Volume 14
Cyberattacks aim to access confidential information or disrupt system functionality. These days, they can take the form of attacks that give the attacker complete control over the victim's computer. Remote Access Trojans (RAT) are malware designed for these purposes. RAT gives an attacker direct access to a victim's computer and allows him to interact with the victim to steal confidential information, spy on him in real time, or interact directly with him through a dialogue box. RATs are used for information theft, surveillance, and extortion of victims. This study installed multiple virtual machines as a prototype for both the attacker and the victim, interconnected on a Local Area Network (LAN). RAT installations were explored using Mega RAT version 1.5 Beta. Ultimately, various RAT attacks were executed on target machines, and a range of static and dynamic analysis tools were employed to identify RAT. The scenarios implemented on the LAN demonstrated that RATs can be built and used with ease. Furthermore, their attacks can be identified through static or dynamic analysis using various freely available tools. The findings show that the static detection approach to identify RAT malware is more user-friendly compared to dynamic methods. However, dynamic detection can be easily performed using cost-free software.
Fog Computing: A Comprehensive Review of Architectures, Applications, and Security Challenges
Oct 17, 2023Journal NTU Journal of Engineering and Technology
Publisher Northern Technical University, Iraq
DOI https://doi.org/10.56286/ntujet.v2i2.614
Issue 2
Volume 2
Fog computing has emerged as a promising paradigm for bringing capabilities of cloud computing closer to the edge computing. It tries to overcome the limits of traditional cloud designs by putting storage, computing, and resources of networking closer to the data source. This results in accelerated processing, decreased latency, and enhanced system performance. Fog computing designs use a hierarchical approach, where the fog nodes act as an intermediary layer for local data processing and the cloud infrastructure acts as the top layer to support the fog nodes while the devices and sensors generate the data at the bottom layer. The paper discusses the uses of fog computing, and security issues,and suggests countermeasures including encryption, intrusion detection, and access control to reduce risks. It is anticipated that as fog computing develops further, it will spur creativity and efficiency in the linked world because to its adaptability and versatility. In order to properly utilize the promise of fog computing and handle security concerns, the paper underlines the significance of ongoing research and development.
An Improved Underwater Image Enhancement Approach for Border Security
Jul 20, 2024Journal Journal of Image and Graphics
Publisher University of Portsmouth
DOI 10.18178/joig.12.2.199-204
Issue 2
Volume 12
Protecting maritime borders is crucial to ensuring overall border security. Law enforcement agencies make great use of analyzing images of underwater debris to gather intelligence and detect illicit materials. Underwater image improvement contributes to better data quality and analytical. Nevertheless, underwater image analysis poses greater challenges compared to analyzing images taken above the water, factors like refraction of light and darkness contribute to the degradation of underwater image quality. In this paper, a novel approach is proposed to enhance underwater images, the proposed approach involves splitting underwater colored image to its three basic components, Subsequently, a point spread function is created for each component to describes image blurring factor, The deblurring process is then applied by using wiener filter, the result sharped by sharping filter to clarify edges, contrast linear stretch is performed to improve contrast and visual details. and the resulting image is finally reassembled from the three basic components. The proposed method showed effective results in evaluating the main metrics and gave better results when compared to a number of different methods. These results prove the effectiveness of the proposed method and its ability to practical applications in improving image quality.
Enhancing Cybersecurity by relying on a Botnet Attack Tracking Model using Harris Hawks Optimization
Jun 22, 2024Journal International Journal of Computers and their Applications
Publisher International Society for Computers and Their Applications
Issue 2
Volume 31
A botnet attack is a major cybersecurity threat that involves coordinated control of a network of infected computers, enabling large-scale distributed denial of service (DDoS) attacks, malware spreading, and other cybercrime activities. Proactive security measures and advanced threat intelligence systems are essential to detect and mitigate these assaults. This paper proposes the Harris Hawks Optimization (HHO) algorithm, which employs exploration and exploitation techniques to find optimal solutions for analyzing botnet attack pathways. The proposed approach involves HHO as a feature selector for extracting features from anomalous network traffic. The algorithm’s impact on botnet IP positioning performance is analyzed, considering different optimization modes and control center accuracy. The paper is organized into sections covering attack path establishment and analysis, system testing and verification, and a central leadership entity controls it [1]. Botnets are created based on the use of malicious software packages to infect important and sensitive devices in the network, thus making servers, computers, and Internet of Things devices vulnerable [2]. To detect these attacks and limit their impact requires many proactive security measures such as strong network security settings, regular software upgrades, etc. [3]. HHO is a powerful method that has the potential to solve many functional optimization problems and provides a suitable environment for engineering applications, as it mimics the exploration and exploitation phases during the foraging process of Harris Hawks [4]. A model based on HHO algorithm is proposed in this paper that has the ability to track and analyze bot attack paths by extracting a set of features during abnormal network traffic. The results were analyzed and their impact on the performance of robot networks was discussed, based on the use of different experimental results. After configuring the network topology and determining the attack path based on HHO, the performance of the algorithm and its effectiveness in preventing IP addresses from being spoofed are verified. The results showed convergence in being able to correct attack paths and effective performance in repelling the interference of fake IP addresses. © 2024, International Society for Computers and Their Applications. All rights reserved.
Docker Container Security Analysis Based On Visualization Technologies
Mar 20, 2024Journal International Journal of Computers and their Applications
Publisher International Society for Computers and Their Applications
Issue 1
Volume 31
The utilization of virtualization technology, particularly Docker containers, has increased significantly in recent years. As Docker provides a lightweight and efficient virtualization environment for software packages, ensuring its security becomes crucial. This paper performs a security analysis of Docker with two perspectives: The security within Docker and its relationship to the security features of the Linux kernel. Resources that are isolated, controlled, and limited are all examined in the Docker internal security. Linux Cgroup is used by Docker to manage computer resources, while Linux Namespace is used to securely isolate running environments. In this paper discussed how to separate resources such as filesystems, networks, devices, and processes, as well as how to isolate inter-process communication. Docker's interactions with Linux kernel security characteristics such as SELinux, AppArmor, Seccomp, and Linux functions were also discussed. These capabilities boost host system security by deploying Docker containers. AppArmor maintains security policies, SELinux offers further permission checks, and the Linux function limits container rights. Network-based assaults are defended against with the aid of Seccomp and the network framework. Additionally, the study makes recommendations for possible enhancements to improve Docker's security. This involves configuring Docker to deactivate specific functions within containers to thwart possible breaches and enhancing interoperability with Linux kernel security mechanisms. © 2024, International Society for Computers and Their Applications. All rights reserved.
Improving face recognition by artificial neural network using principal component analysis
Dec 1, 2020Journal Telkomnika (Telecommunication Computing Electronics and Control)
Publisher Universitas Ahmad Dahlan
DOI 10.12928/TELKOMNIKA.v18i6.16335
Issue 6
Volume 18
The face-recognition system is among the most effective pattern recognition and image analysis techniques. This technique has met great attention from academic and industrial fields because of its extensive use in detecting the identity of individuals for monitoring systems, security and many other practical fields. In this paper, an effective method of face recognition was proposed. Ten person’s faces images were selected from ORL dataset, for each person (42) image with total of (420) images as dataset. Features are extracted using principle component analysis PCA to reduce the dimensionality of the face images. Four models where created, the first one was trained using feed forward back propagation learning (FFBBL) with 40 features, the second was trained using 50 features with FFBBL, the third and fourth models were trained using the same features but using Elman neural network. For each person (24) image used as training set for the neural networks, while the remaining images used as testing set. The results showed that the proposed method was effective and highly accurate. FFBBL give accuracy of (98.33, 98.80) with (40, 50) features respectively, while Elman gives (98.33, 95.14) for with (40, 50) features respectively. © 2020. All rights reserved.
Preserving Big Data Privacy in Cloud Environments Based on Homomorphic Encryption and Distributed Clustering
Mar 15, 2024Journal NTU Journal of Engineering and Technology
Publisher Northern Technical University, Iraq
DOI https://doi.org/10.56286/ntujet.v3i1.861
Issue 3
Volume 1
Cloud computing has grown in popularity in recent years because to its efficiency, flexibility, scalability, and the services it provides for data storage and processing. Still, big businesses and organizations have severe concerns about protecting privacy and data security while processing these massive volumes of data. This paper proposes approach that intends to enhance efficiency in delivering advanced data protection, hence filling security holes, by enhancing data protection from various big data sources. A partial homomorphic encryption system is used to encrypt data created by many sources or users and processed in the cloud without decrypting it, hence protecting data from attackers. Extremely Distributed Clustering (EDC) has also been applied to partition large datasets into many cloud computing node subsets. This method can ensure privacy and protect data while also enhancing the effectiveness and performance of big data analytics. According to the results, the proposed technique was faster and gave improved encryption performance by around 23-28%