Structured Query Language (SQL) injection and cross-site scripting remain a major threat to data-driven web applications. Instances where hackers obtain unrestricted access to back-end database of web applications so as to steal, edit, and destroy confidential data are increasing. Therefore, measures must be put in place to curtail the growing threats of SQL injection and XSS attacks. This study presents a technique for detecting and preventing these threats using Knuth-Morris-Pratt (KMP) string matching algorithm. The algorithm was used to match user's input string with the stored pattern of the injection string in order to detect any malicious code. The implementation was carried out using PHP scripting language and Apache XAMPP Server. The security level of the technique was measured using different test cases of SQL injection, cross-site scripting (XSS), and encoded injection attacks. Results obtained revealed that the proposed technique was able to successfully detect and prevent the attacks, log the attack entry in the database, block the system using its mac address, and also generate a warning message. Therefore, the proposed technique proved to be more effective in detecting and preventing SQL injection and XSS attacks
The wide acceptability of Advanced Encryption Standard (AES) as the most efficient of all of the symmetric cryptographic techniques has further opened it up to more attacks. Efforts that were aimed at securing information while using AES is still being undermined by the activities of attackers This has further necessitated the need for researchers to come up with ways of enhancing the strength of AES. This article presents an enhanced AES algorithm that was achieved by modifying its SubBytes and ShiftRows transformations. The SubBytes transformation is modified to be round key dependent, while the ShiftRows transformation is randomized. The rationale behind the modification is to make the two transformations round key dependent, so that a single bit change in the key will produce a significant change in the cipher text. The conventional and modified AES algorithms are both implemented and evaluated in terms avalanche effect and execution time. The modified AES algorithm achieved an avalanche effect of 57.81% as compared to 50.78 recorded with the conventional AES. However, with 16, 32, 64, and 128 plain text bytes, the modified AES recorded an execution time of 0.18, 0.31, 0.46, and 0.59 ms, respectively. This is slightly higher than the results obtained with the conventional AES. Though a slightly higher execution time in milliseconds was recorded with the modified AES, the improved encryption and decryption strength via the avalanche effects measured is a desirable feat.
The need to ensure the longevity of Wireless Sensor Networks (WSNs) and secure their communication has spurred various researchers to come up with various WSN models. Prime among the methods for extending the life span of WSNs is the clustering of Wireless Sensors (WS), which reduces the workload of WS and thereby reduces its power consumption. However, a drastic reduction in the power consumption of the sensors when multicore sensors are used in combination with sensors clustering has not been well explored. Therefore, this work proposes a WSN model that employs clustering of multicore WS. The existing Elliptic Curve Cryptographic (ECC) algorithm is optimized for parallel execution of the encryption/decryption processes and security against primitive attacks. The Elliptic Curve Diffie-Helman (ECDH) was used for the key exchange algorithm, and the Elliptic Curve Digital Signature Algorithm (ECDSA) was used to authenticate the communicating nodes. Security analysis of the model and comparative performance analysis with the existing ones were demonstrated. The security analysis results reveal that the proposed model meets the security requirements and resists various security attacks. Additionally, the projected model is scalable, energy-conservative, and supports data freshness. The results of comparative performance analysis show that the proposed WSN model can efficiently leverage multiprocessors and/or many cores for quicker execution and conserves power usage.
The development of the medical field had led to the transformation of communication from paper information into the digital form. Medical information security had become a great concern as the medical field is moving towards the digital world and hence patient information, disease diagnosis and so on are all being stored in the digital image. Therefore, to improve the medical information security, securing of patient information and the increasing requirements for communication to be transferred between patients, client, medical practitioners, and sponsors is essential to be secured. The core aim of this research is to make available a complete knowledge about the research trends on LSB Steganography Technique, which are applied to securing medical information such as text, image, audio, video and graphics and also discuss the efficiency of the LSB technique. The survey findings show that LSB steganography technique is efficient in securing medical information from intruder.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.