Author Details

The cyber attacks have become most prevalent in the past few years. During this time, attackers have discovered new vulnerabilities to carry out malicious activities on the internet. Both the clients and the servers have been victimized by the attackers. Clickjacking is one of the attacks that have been adopted by the attackers to deceive the innocuous internet users to initiate some action. Clickjacking attack exploits one of the vulnerabilities existing in the web applications. This attack uses a technique that allows cross domain attacks with the help of user-initiated clicks and performs unintended actions. This paper traces out the vulnerabilities that make a website vulnerable to clickjacking attack and proposes a solution for the same.

Keywords

Clickjacking, Cursorjacking, Frame Busting, Iframe, X-Frame-Options.

Full Text

References

Symantec Corporation, Internet Security Threat Report, 2012. [Online]. Available: http://www.symantec.com/threatreport/

WhiteHat Security, Inc., Website Security Statistics Report 2015, Santa Clara, CA 95054, 2015.

HP Security Research, “Cyber Risk Report”, 2015.

BCC Risk Advisory Ltd., 2016 Vulnerability Statistics Report Edgescan, 2016. [Online]. Available: http://www.edgescan.com

Robert Hansen and Jeremiah Grossman, Explanation of Clickjacking. [Online]. Available: http://www.sectheory.com/clickjacking.htm

Context Information Security Ltd, Next Generation Clickjacking, London, 2010. [Online]. Available: http://www.contextis.co.uk

Dingjie Yang, Clickjacking: An Overlooked Web Security Hole, 2012. [Online]. Available: https://blog.qualys.com/securitylabs/2012/11/29/clickja cking-an-overlooked-web-security-hole

Lin-Shung Huang, Alex Moshchuk, Helen J. Wang, Stuart Schechter and Collin Jackson, Clickjacking: Attacks and Defenses, Proc. USENIX Security Symposium, Bellevue, WA, 2012, 413-428.

Hanqing Wu and Liz Zhao, Clickjacking in Web Security: A WhiteHat Perspective (New York, NY, USA: CRC Press, 2015) 141-156.

R. P. Seenivasan and K. Suresh Joseph, A Survey of Clickjacking Attack and Countermeasures in Web Environment, International Journal of Advanced Research in Computer Science and Software Engineering, 6(12), 2016, 206-213.

Dipti Pawade, Era Johri, Divya Reja and Abhilasha Lahigude, Implementation of Extension for Browser to Detect Vulnerable Elements on Web Pages and Avoid Clickjacking, Proc. 6th IEEE International Conf. on Cloud System and Big Data Engineering, Noida, India, 2016, 226-230.

G. Rydstedt, E. Bursztein, D. Boneh and C. Jackson, Busting frame busting: a study of clickjacking vulnerabilities at popular sites, Proc. IEEE Web 2.0 Security and Privacy, Oakland, CA, 2010, 1-13.

Brigette Lundeen and Jim Alves-Foss, Practical Clickjacking with BeEF, Proc. IEEE Conf. on Technologies for Homeland Security (HST), Massachusetts, USA, 2012, 614-619.

Daehyun Kim and Hyoungshick Kim, Performing clickjacking attacks in the wild: 99% are still vulnerable!, Proc. IEEE 1st International Conf. on Software Security and Assurance, Suwon, South Korea, 2015, 25-29.

A. Sankara Narayanan, Clickjacking Vulnerability and Countermeasures, International Journal of Applied Information Systems, 4(7), 2012, 7-10.

Yusuke Takamatsu and Kenji Kono, Detection of Visual Clickjacking Vulnerabilities in Incomplete Defenses, IEEE Journal of Information Processing, 23(4), 2015, 513-524.

M. Balduzzi, M. Egele, E. Kirda, D. Balzarotti and C. Kruegel, A Solution for the Automated Detection of Clickjacking Attacks, Proc. 5th ACM Symposium on Information, Computer and Communications Security, Beijing, China, 2010, 135–144.

Performance Evaluation of Different Pattern Matching Algorithms of Snort

Abstract Views :186 | PDF Views:2

Authors

Abhigya Mahajan ¹, Alka Gupta ¹, Lalit Sen Sharma ¹

Affiliations
1 Department of Computer Science & IT, University of Jammu, J & K, IN

Source

International Journal of Advanced Networking and Applications, Vol 10, No 2 (2018), Pagination: 3776-3781

Abstract

Snort is the most widely deployed Network Intrusion Detection System (NIDS) whose performance is dominated by the pattern matching of packets in the network. In this paper, we present an experimental evaluation and comparison of the performance of different pattern matching algorithms of Snort NIDS namely ac-q, ac-bnfa, acsplit, ac-banded and ac-sparsebands on Linux Operating System (Ubuntu Server 16.04). Snort's performance is measured by subjecting the server running Snort v2.9.9.1 to live malicious traffic and a standard dataset. The performance is calculated and compared in terms of throughput, memory utilization and CPU utilization.

Keywords

Bnfa, D-ITG, NIDS, Pattern-Matching, Scapy, Snort, Sparsebands.

Full Text

References

.https://Snort-org-site.s3.amazonaws.com

.Soumya Sen, "Performance Characterization & Improvement of Snort as an IDS," Bell Labs Report, 2006.

.Martin Roesch, “Snort - lightweight intrusion detection for networks,” in Proceedings of the 13th Systems Administration Conference. 1999, USENIX.

.https://s3.amazonaws.com/Snort-orgsite/ production/document_files/files/000/000/122/origi nal/Snort_2.9.9.x

.Sarang Dharmapurikar and John Lockwood, “Fast and Scalable Pattern Matching for Network Intrusion Detection Systems”, in IEEE Journal on Selectedd Areas in Communications, vol. 24, no. 10, pp. 1781 1792, 2006.

.Sarika Rameshwar Rathi, “Detecting Attack Packets by Using Darpa Dataset on Intrusion Detection System” in International Journal Of Engineering And Computer Science, International Journal Of Engineering And Computer Science, vol. 4, no. 2, pp. 10567-10569, 2015.

.Yaron Weinsberg, Shimrit Tzur-David, Danny Dolev and Tal Anker High, “Performance String Matching Algorithm for a Network Intrusion Prevention System (NIPS)”, in IEEE workshop on High Performance of Switching and Routing, 2006.

.R. Hamsaveni and Dr. G. Gunasekaran, “A Secured Pattern Matching Technique for Intrusion Detection System in Wireless Sensor Network”, in International Journal of Computer Networks and Wireless Communications, vol. 6, no. 3, pp. 34-41, 2016.

.Qing-Xiu Wu, “The Network Protocol Analysis Technique in Snort”, in ELSEVIER on InternationalConference on Solid State Devices and Materials Science, 2012.

. Huang Kun and Zhang DaFang, “An index-split Bloom filter for deep packet inspection”, in ACM Journal on Science China Information Sciences, vol. 54, no. 1, pp. 23-27, 2011.

. Vasudha Bhardwaj and Vikram Garg, “Efficient Wu Manber String Matching Algorithm for Large Number of Patterns”, in International Journal of Computer Applications, vol. 132, no. 17, pp. 29-33, 2015.

. Christopher V. Kopek, Errin W. Fulp and Patrick S. Wheeler, “Distributed Data Parallel Techniques for Content-Matching Intrusion Detection Systems”, in proc. of IEEE on Military Communications Conference, 2007.

. N. Khamphakdee, N. Benjamas and S. Saiyod“ Improving Intrusion Detection System Based on Snort Rules for Network Probe Attack Detection”, in IEEE on 2nd International Conference on Information and Communication Technology (ICoICT), 2014.

. https://www.usma.edu/crc/SitePages/DataSets.aspx

. https://Scapy.net

. http://www.grid.unina.it/software/ITG

Username
Password
Remember me