Preventing data leakage by securing chat session with randomized session ID

Messaging applications have become one of the largest and most popular smartphone applications. It includes the capacity for the users to communicate between themselves via text messages, photos and files. It is necessary to safeguard all messages. Privacy is one of the biggest issues which most individuals in the world of instant messaging ignore. Although several instant messaging applications offer varying security for users, the weaknesses and danger of data assault are increasing. Not just business discussions, our data must also be safeguarded during everyday discussions since data is very sensitive for everybody, and data protection is very crucial to prevent undesired loss of information. To address these types of weaknesses and hazards associated with data attacks, we require an encrypted messaging protocol and also hide IP address method for a safe interaction. This paper's goal is to protect conversations from targeted attacker by securing the communication between user and hide IP address from unauthorized access.

Network Security Using Honeypot and Attack Detection with Android Application

Network security is now increasingly needed in the era of the industrial revolution 4.0. As technology grows, cybercrimes are becoming more and more common, including attacks on a resource. At this time, honeypots are also widely used by large industries for network security, besides that honeypots are also useful for them in developing intrusion and preventing systems. Honeypots are usually used in a virtual environment, they will stimulate a fake system to capture data packets on the network and be analysed offline later for all threats and attacks. This propose of this paper is to detect and prevent building attacks from computer network attackers using an android application. This application can monitor an attack on the server by installing a honeypot tool into the server as an attack detector, then the honeypot log is used as a Rest API using Django framework with MongoDB database. this application can find out if there is an attack on the server, and can block the attacker's IP address.

Demonstration of Modbus Protocol for Robot Communication Using C#

Purpose: The Modbus is the trusted name in the industrial automation communication domain. It is a pretty simple protocol to implement and so very popular to the industrial communication personnel. Nowadays, Some industrial robots are also capable of communicating through Modbus. So our robot researchers frequently face the challenge of communicating with Modbus-enabled devices or robots. They need to know the protocol in detail before integrating it into their project. Its learning curves are a bit higher because of the lack of document which is practical oriented. The protocol selection, packet structure, CRC, or LRC calculation need to maintain precisely as standards; otherwise, the Modbus exception may happen. We experience those scenarios. Through our practical experience, we learned what is required for a new researcher who wants to implement Modbus in their project. In this paper, we demonstrate the Modbus packet structure and implement it with several practical examples. Finally, to test the written code, we provide simple tools which are easy to use and customizable. The researcher can easily integrate into their research project. The complete project source code is available in Github. Design/Methodology/Approach: The Modbus is the standard protocol to communicate between or among the devices. We need a better understanding of it and interface software to test around all aspects. Here we described some practical examples. The GUI is created using C# language inside the Microsoft Visual Studio. The application has several capabilities. In the TCP/IP mode, It can be a server or client. In RTU mode, it can play as a Master or slave device. We can also run two instances in a single system. To communicate between two running apps in RTU mode, we need virtual loopback software, two physical comm port, or two USB to Serial modules. For Modbus TCP mode, we can test within the system using the localhost address (127.0.0.1) or need an IP address for a different. Findings/results: The robot researcher can find helpful information about communicating the robot through the Modbus protocol. The practical example can help them to create packet purser. The functional CRC algorithm code can be used for better understanding and implementation into their project. Originality/Value: This work has some different features than other available utilities. We added features based on our research needs. Our created application is a little bit different from a professional approach. Various display formats are available in our GUI. That makes a difference in the originality of this work. Our GUI can be master, slave, server, or client, which is rarely available. Paper Type: Experimental-based Research.

Localisation of Attacks, Combating Browser-Based Geo-Information and IP Tracking Attacks

<p>Accessing and retrieving users’ browser and network information is a common practice used by advertisers and many online services to deliver targeted ads and explicit improved services to users belonging to a particular group. They provide a great deal of information about a user’s geographical location, ethnicity, language, culture and general interests. However, in the same way these techniques have proven effective in advertising services, they can be used by attackers to launch targeted attacks against specific user groups. Targeted attacks have been proven more effective against user groups than their blind untargeted counterparts (e.g.spam, phishing). Their detection is more challenging as the detection tools need to be located within the targeted user group. This is one of the challenges faced by security researchers and organisations involved in the detection of new malware and exploits, using client honeypots. Client honeypots are detection systems used in the identification of malicious web sites. The client honeypot needs to mimic users in a pre-defined location, system, network and personality for which the malware is intended. The case is amplified by the use of Browser Exploit Packs/kits (BEPs), supporting these features. BEPs provide simplicity in deployment of targeted malicious web sites. They allow attackers to utilise specific geographical locations, network information, visit patterns or browser header information obtained from a visiting user to determine if a user should be subjected to an attack. Malicious web sites that operate based on targeted techniques can disguise themselves as legitimate web sites and bypass detection. Benign content is delivered to attacker-specified users while avoiding delivery to suspicious systems such as well-known or possible subnets that may host client honeypots. A client honeypot deployed in a single location with a single IP address will fail to detect an attack targeted at users in different demographic and network subnets. Failure in detection of such attacks results in high rates of false negatives which affect all honeypots regardless of detection technique or interaction level. BEPs are hugely popular and most include tracking features. The number of malicious web sites that utilise these features is currently unknown. There are very few studies that have addressed identifying the rate and number of malicious web sites utilising these techniques and no available client honeypot system is currently able to detect them. Any failure to detect these web sites will result in unknown numbers of users being exploited and infected with malware. The false negatives resulting from failing to detect these web sites can incorrectly be interpreted as a decline in the number of attacks. In this work, a study of information that can potentially expose users to targeted attack through a browser is examined through experimental analysis. Concrete approaches by attackers to obtain user-specific information in the deployment of targeted attacks through browsers are discussed and analysed. We propose a framework for designing a client honeypot capable of detecting geolocation attacks. Our framework relies on HAZard and OPerability (HAZOP) studies to identify components of the client honeypot, its processes and attributes of the experimental setup which could potentially introduce bias into our study. Any potential bias neglected, would affect the results of our real-world experiments and undermine our analysis through deviation from the intent of the study. To facilitate in our experiments, we developed a low interaction client honeypoy (YALIH) and performed real-world experiments on large selection of web sites. We determined the popularity of targeted malicious attacks based on likely attributes of a visiting user’s system. Our approach relies on previous research performed in the area of online spam detection which has similar attributes to malicious web sites. Our experiments show that referer, via, X-Forwarded-For and browser language attributes of HTTP protocol header, retrieval behaviour (i.e. IP tracking) and geographical location of a visitor identified by an IP address can be used in a targeted attack. These attributes can have significant effect on the number of detected malicious web sites in a study and should therefore be reliably controlled in an experimental setup. This findings in this research can potentially reduce false negative rates in all types of client honeypots, measurement studies of malicious malicious web sites and help researchers and malware analysts capture and analyse new malware and exploit samples from malicious web sites.</p>

Localisation of Attacks, Combating Browser-Based Geo-Information and IP Tracking Attacks

<p>Accessing and retrieving users’ browser and network information is a common practice used by advertisers and many online services to deliver targeted ads and explicit improved services to users belonging to a particular group. They provide a great deal of information about a user’s geographical location, ethnicity, language, culture and general interests. However, in the same way these techniques have proven effective in advertising services, they can be used by attackers to launch targeted attacks against specific user groups. Targeted attacks have been proven more effective against user groups than their blind untargeted counterparts (e.g.spam, phishing). Their detection is more challenging as the detection tools need to be located within the targeted user group. This is one of the challenges faced by security researchers and organisations involved in the detection of new malware and exploits, using client honeypots. Client honeypots are detection systems used in the identification of malicious web sites. The client honeypot needs to mimic users in a pre-defined location, system, network and personality for which the malware is intended. The case is amplified by the use of Browser Exploit Packs/kits (BEPs), supporting these features. BEPs provide simplicity in deployment of targeted malicious web sites. They allow attackers to utilise specific geographical locations, network information, visit patterns or browser header information obtained from a visiting user to determine if a user should be subjected to an attack. Malicious web sites that operate based on targeted techniques can disguise themselves as legitimate web sites and bypass detection. Benign content is delivered to attacker-specified users while avoiding delivery to suspicious systems such as well-known or possible subnets that may host client honeypots. A client honeypot deployed in a single location with a single IP address will fail to detect an attack targeted at users in different demographic and network subnets. Failure in detection of such attacks results in high rates of false negatives which affect all honeypots regardless of detection technique or interaction level. BEPs are hugely popular and most include tracking features. The number of malicious web sites that utilise these features is currently unknown. There are very few studies that have addressed identifying the rate and number of malicious web sites utilising these techniques and no available client honeypot system is currently able to detect them. Any failure to detect these web sites will result in unknown numbers of users being exploited and infected with malware. The false negatives resulting from failing to detect these web sites can incorrectly be interpreted as a decline in the number of attacks. In this work, a study of information that can potentially expose users to targeted attack through a browser is examined through experimental analysis. Concrete approaches by attackers to obtain user-specific information in the deployment of targeted attacks through browsers are discussed and analysed. We propose a framework for designing a client honeypot capable of detecting geolocation attacks. Our framework relies on HAZard and OPerability (HAZOP) studies to identify components of the client honeypot, its processes and attributes of the experimental setup which could potentially introduce bias into our study. Any potential bias neglected, would affect the results of our real-world experiments and undermine our analysis through deviation from the intent of the study. To facilitate in our experiments, we developed a low interaction client honeypoy (YALIH) and performed real-world experiments on large selection of web sites. We determined the popularity of targeted malicious attacks based on likely attributes of a visiting user’s system. Our approach relies on previous research performed in the area of online spam detection which has similar attributes to malicious web sites. Our experiments show that referer, via, X-Forwarded-For and browser language attributes of HTTP protocol header, retrieval behaviour (i.e. IP tracking) and geographical location of a visitor identified by an IP address can be used in a targeted attack. These attributes can have significant effect on the number of detected malicious web sites in a study and should therefore be reliably controlled in an experimental setup. This findings in this research can potentially reduce false negative rates in all types of client honeypots, measurement studies of malicious malicious web sites and help researchers and malware analysts capture and analyse new malware and exploit samples from malicious web sites.</p>

Design of Prototype Aircraft Noise Monitoring System Using Microcontroller

This paper was presented a design of aircraft noise monitoring system using microcontroller. This system is for monitoring noise levels to make it easier to analyze and measure noise that can be accessed remotely. The measurement results are accessed through a browser with IP address access (Internet Protocol) from the local server esp32 and also OLED 0.96 inc. Taking the noise value for 10 seconds with data samples every 1 second with aircraft noise sources consisting of APU (Auxiliary Power Unit), dual pack on and engine motoring. With each noise value of 61.5 dB, 75.6 dB and 82.5 dB.

Detection of Anonymising Proxies using Machine Learning

Network Proxies and Virtual Private Networks (VPN) are tools that are used every day to facilitate various business functions. However, they have gained popularity amongst unintended userbases as tools that can be used to hide mask identities while using websites and web-services. Anonymising Proxies and/or VPNs act as an intermediary between a user and a web server with a Proxy and/or VPN IP address taking the place of the user’s IP address that is forwarded to the web server. This paper presents computational models based on intelligent machine learning techniques to address the limitations currently experienced by unauthorised user detection systems. A model to detect usage of anonymising proxies was developed using a Multi-layered perceptron neural network that was trained using data found in the Transmission Control Protocol (TCP) header of captured network packets