Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

Enhanced Intrusion Tolerant System for Mobile Payment


Affiliations
1 Department of Computer System Engineering, Sangmyung University, Korea
 

Objectives: To prevent malicious software and hacking in near field communication-based mobile payments, this paper suggests a new intrusion tolerant system. Methods/Statistical analysis: As Cuckoo Sandbox restricts the access to the system resources of the applet transmitted through the network, this new intrusion tolerant system adopted Cuckoo Sandbox for the intrusion detection and the safe normal service of the operation system from various malicious attacks. To enhance the intrusion tolerant level, the scalable intrusion-tolerant architecture for distributed service is adopted to analyze the status of the system and the risk in the current environment through the intrusion detection, which optimizes the security level of a system. Findings: The intrusion tolerant system suggested in this paper may cover various malicious applications such as network attacks to the weak service, data driven attack to applications, privilege escalation or intruder login, main file access from intruders, and host-based attacks. This system prevents the access to the server cluster and blocks direct attacks by forming a barrier layer with a firewall and the proxy. It can detect various attacks through checking the file integrity by the operation of challenge/response protocol. This system also finds the infected server by checking the responses from each server. In addition, this system has much more active corresponding level than the existing scalable intrusion-tolerant architecture. In this intrusion detection system, both the data analysis and detection proceed simultaneously through the migration of the system, which maintains the operation of the system as it was. This virtualization technique is good for the implementation of the intrusion tolerance system and the migration of the mobile payment system in active state to another system. Especially, the live migration method is very effective to minimize the loss of time and data. Application/Improvements: Especially, this intrusion tolerant system makes the operating system safe from mobile payments intrusion and malicious software.

Keywords

Cuckoo Sandbox, Infection Analysis, Intrusion, Mobile Payment, Tolerant System.
User

Abstract Views: 178

PDF Views: 0




  • Enhanced Intrusion Tolerant System for Mobile Payment

Abstract Views: 178  |  PDF Views: 0

Authors

Daeyoo Kim
Department of Computer System Engineering, Sangmyung University, Korea
Eugene Rhee
Department of Computer System Engineering, Sangmyung University, Korea

Abstract


Objectives: To prevent malicious software and hacking in near field communication-based mobile payments, this paper suggests a new intrusion tolerant system. Methods/Statistical analysis: As Cuckoo Sandbox restricts the access to the system resources of the applet transmitted through the network, this new intrusion tolerant system adopted Cuckoo Sandbox for the intrusion detection and the safe normal service of the operation system from various malicious attacks. To enhance the intrusion tolerant level, the scalable intrusion-tolerant architecture for distributed service is adopted to analyze the status of the system and the risk in the current environment through the intrusion detection, which optimizes the security level of a system. Findings: The intrusion tolerant system suggested in this paper may cover various malicious applications such as network attacks to the weak service, data driven attack to applications, privilege escalation or intruder login, main file access from intruders, and host-based attacks. This system prevents the access to the server cluster and blocks direct attacks by forming a barrier layer with a firewall and the proxy. It can detect various attacks through checking the file integrity by the operation of challenge/response protocol. This system also finds the infected server by checking the responses from each server. In addition, this system has much more active corresponding level than the existing scalable intrusion-tolerant architecture. In this intrusion detection system, both the data analysis and detection proceed simultaneously through the migration of the system, which maintains the operation of the system as it was. This virtualization technique is good for the implementation of the intrusion tolerance system and the migration of the mobile payment system in active state to another system. Especially, the live migration method is very effective to minimize the loss of time and data. Application/Improvements: Especially, this intrusion tolerant system makes the operating system safe from mobile payments intrusion and malicious software.

Keywords


Cuckoo Sandbox, Infection Analysis, Intrusion, Mobile Payment, Tolerant System.



DOI: https://doi.org/10.17485/ijst%2F2016%2Fv9i46%2F129243