KeySplitWatermark: Zero Watermarking Algorithm for Software Protection Against Cyber-Attacks

Iwendi, Celestine; Jalil, Zunera; Javed, Abdul Rehman; Reddy, G. Thippa; Kaluri, Rajesh; Srivastava, Gautam; Jo, Ohyun

doi:10.1109/access.2020.2988160

Cited by 120 publications

(63 citation statements)

References 35 publications

(36 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Watermarking is a technique used for software protection from the cyber-attacks [153]. As the algorithms use keywords within the code to produce a key.…”

Section: F Software Watermarkingmentioning

confidence: 99%

SDN based Intrusion Detection and Prevention Systems using Manufacturer Usage Description: A Survey

Mazhar¹,

Salleh²,

Hossain³

et al. 2020

IJACSA

View full text Add to dashboard Cite

“…Watermarking is a technique used for software protection from the cyber-attacks [153]. As the algorithms use keywords within the code to produce a key.…”

Section: F Software Watermarkingmentioning

confidence: 99%

SDN based Intrusion Detection and Prevention Systems using Manufacturer Usage Description: A Survey

Mazhar¹,

Salleh²,

Hossain³

et al. 2020

IJACSA

View full text Add to dashboard Cite

“…(3) NewChildren � {}; (4) i: � 1; (5) repeat (6) child: � i-th node in Children; (7) if child is an intermediate attack node and (8) has defensive child nodes (9) then (10) T1: � new attack node; (11) Child node relationship of T1: � Child (12) node relationship of child; (13) T1's children: � child's children; (14) T2: � new attack node; (15) T2 children's operator: � AND; (16) Add child to T2's children set; (17) Add T1 to T2's children set; (18) call conversToA2DTree (T1); (19) Add T2 to Newchildren; (20) else (21) call ConverseToA2DTree (child); (22) Add child to Newchildren; (23) end if (24) i: � i+1; (25) customer's online banking credentials, including the username (certificate number) and password. Although usernames can be easily retrieved, obtaining the password requires a phishing e-mail or keylogger.…”

Section: Case Studymentioning

confidence: 99%

“…Hence, the CPS is currently a research area of increased interest in industry and academia [3]. However, since information technologies are deeply used and the communications between various components are mainly achieved through a network, CPSs are vulnerable to cyberattacks [4][5][6]. Furthermore, due to the high coupling between physical and network components in CPSs, cyberattacks can trigger physical component failures that have severe consequences, such as environmental pollution, property losses, and even casualties [7,8].…”

Section: Introductionmentioning

confidence: 99%

A Minimum Defense Cost Calculation Method for Attack Defense Trees

Zhong

2020

Security and Communication Networks

View full text Add to dashboard Cite

The cyberphysical system (CPS) is becoming the infrastructure of society. Unfortunately, the CPS is vulnerable to cyberattacks, which may cause environmental pollution, property losses, and even casualties. Furthermore, in contrast to the conventional Internet, the devices in CPSs are more specific, and the device systems may not be upgraded or installed with new programs during their life spans. The selection of the best defense nodes for defeating cyberattacks is quite challenging in CPSs. To overcome this issue, several attack-defense modeled methods have been proposed. However, few existing studies have considered the defense cost, which is usually a determinant in practice. In this paper, we propose a method for choosing optimal defense nodes that (1) can defeat specific attacks and (2) are inexpensive. First, the atom attack defense tree (A2DTree) is proposed by adding constraints to the conventional attack defense tree (ADTree). Second, the algebraic method is used to efficiently calculate the minimum defense cost. On this basis, a minimum defense cost calculation tool is designed and implemented. Finally, the effectiveness of the proposed method is verified with two typical case studies, and a comparative experiment of related work is carried out. The results show that the method can correctly and efficiently identify the optimal defense nodes and calculate the minimum defense cost of a CPS.

show abstract

“…Many of these proposals have common mechanisms, for example, randomizing the IP addresses, client authentication and registration, and techniques to shuffle clients. Techniques such as code watermarking [17] (inspired by [18]) can also be used for building deceptive systems that distract attackers from the target.…”

Section: Related Workmentioning

confidence: 99%

A Client Bootstrapping Protocol for DoS Attack Mitigation on Entry Point Services in the Cloud

Almohri

Al-Mutawa

Alawadh

et al. 2020

Security and Communication Networks

View full text Add to dashboard Cite

This paper presents a client bootstrapping protocol for proxy-based moving target defense system for the cloud. The protocol establishes the identity of prospective clients who intend to connect to web services behind obscure proxy servers in a cloud-based network. In client bootstrapping, a set of initial line of defense services receive new client requests, execute an algorithm to assign them to a proxy server, and reply back with the address of the chosen proxy server. The bootstrapping protocol only reveals one proxy address to each client, maintaining the obscurity of the addresses for other proxy servers. Hiding the addresses of proxy servers aims to lower the likelihood that a proxy server becomes the victim of a denial-of-service (DoS) attack. Existing works address this problem by requiring the solution of computationally intensive puzzles from prospective clients. This solution slows the progression of attacks as well as new clients. This paper presents an alternative idea by observing that limited capacity of handling initial network requests is the primary cause of denial-of-service attacks. Thus, the suggested alternative is to utilize cost-effective high-capacity networks to handle client bootstrapping, thus thwarting attacks on the initial line of defense. The prototype implementation of the protocol using Google’s firebase demonstrates the proof of concept for web services that receive network requests from clients on mobile devices.

show abstract

KeySplitWatermark: Zero Watermarking Algorithm for Software Protection Against Cyber-Attacks

Cited by 120 publications

References 35 publications

SDN based Intrusion Detection and Prevention Systems using Manufacturer Usage Description: A Survey

SDN based Intrusion Detection and Prevention Systems using Manufacturer Usage Description: A Survey

A Minimum Defense Cost Calculation Method for Attack Defense Trees

A Client Bootstrapping Protocol for DoS Attack Mitigation on Entry Point Services in the Cloud

Contact Info

Product

Resources

About