Securing the web against frequent cyber attacks is a big concern as attackers usually intend to snitch private information, financial information, deface and damages websites to prove their hacking capabilities. This type of vandalism may drive many corporations that conduct their business through the web to suffer financial and reputation damages. One of the most dangerous cyber attacks is the Structured Query Language (SQL)-injection attack, whereby this type of attack can be launched through the web browsers. The vulnerability of SQL-injection attack can be attributed to inappropriate programming practice by the website developers, which leaves a lot of doors widely open for the attackers to exploit these and gaining access to confidential information that resides in the website server databases. In order to address this vulnerability, it must be feasible to detect the vulnerability and enhance the coding structure of the website to avoid being an easy victim to this type of cyber attacks. Detecting the SQL-injection vulnerability requires the development of a powerful tool that can automatically create SQLinjection attacks using efficient features (different attacking patters) to detect the vulnerability of the websites. This paper discuss the development of a new web scanning (MySQLlInjector) tool with enhanced features that will be able to conduct efficient penetration test on PHP (started as Personal Home Page but now widely used as Hypertext Preprocesses) based websites to detect SQL injection vulnerabilities. This tool will automate the penetration test process, to make it easy even for those who are not aware familiar about hacking techniques. BackgroundPenetration testing or web auditing is one of the most important topics that security researchers are concerned about. It aims to prove the effectiveness of the website security system because application level attacks rank at the top of nowadays cyber attacks as these are preferred by attackers/hackers. The philosophy behind web auditing is to ensure having a single entry point to web applications by performing penetration tests represented by conducting sophisticated attacks on websites. Having more than one entry point to the system will be considered as a security flaw that attracts potential hackers to exploit it. Moreover, penetration testing covers checking against a wide range of web vulnerabilities which are related to web application level vulnerabilities such as cross-site-scripting (XSS),
With recent advances in e-commerce platforms, the information overload has grown due to increasing number of users, rapid generation of data and items in the recommender system. This tends to create serious problems in such recommender systems. The increasing features in recommender systems pose some new challenges due to poor resilience to mitigate against vulnerable attacks. In particular, the recommender systems are more prone to be attacked by shilling attacks, which creates more vulnerability. A recommender system with poor detection of attacks leads to a reduced detection rate. The performance of the recommender system is thus affected with poor detection ability. Hence, in this paper, we improve the resilience against shilling attacks using a modified Support Vector Machine (SVM) and a machine learning algorithm. The Gaussian Mixture Model is used as a machine learning algorithm to increase the detection rate and it further reduces the dimensionality of data in recommender systems. The proposed method is evaluated against several result metrics, such as the recall rate, precision rate and false positive rate between different attacks. The results of the proposed system are evaluated against probabilistic recommender approaches to demonstrate the efficacy of machine learning language in recommender systems.
Network lifetime is identified as the most crucial parameters in under water wireless sensor networks (UWSN) in Internet of underwater things (IoUT) applications. Other challenges include: limited bandwidth, high attenuation, high path loss, limited battery life etc. The main focus of this paper is to consider a trade-off between the energy consumption and network lifetime. This paper proposes an optimal routing protocol called the energy dynamic adaptive routing (DAR) protocol. The DAR protocol maintains a trade-off between the reliability or packet delivery ratio (PDR) of sensor nodes and bit error ratio (BER) using an optimal dynamic adaptive routing approach. An optimal directed acyclic graph (DAG)-based route selection is exploited to select the neighbour and successor nodes. The cost function with a directed acyclic graph is utilised for better transmission of packets. The experimental results with BEAR show that the proposed method deals with the issues raised in the conventional protocol and improve the reliability of packets with higher BER.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.