DOCSLIB.ORG

Sızma Testleri Için Python

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Sızma Testleri Için Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Sızma Testleri ˙Ic¸in Python BGM 531 - Sızma Testleri ve G ¨uvenlikDenetlemeleri Bilgi Guvenli¨ gi˘ Muhendisli¨ gi˘ Yuksek¨ Lisans Programı Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] ˙Istanbul S¸ehir Universitesi¨ 2018 - Guz¨ Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları ˙Ic¸indekiler Persirai 1 Python 6 DDoS Saldırı Kategorileri 2 Python for Pentsters Giris¸ Paket Olus¸turma Arac¸ları TCP/IP Standardı Problem Dos/DDoS Saldırıları 3 Scapy Digital Attack Map Giris¸ 7 BotNets Ana Konsept Botnet 4 Ag˘ Tarama ve Saldırı RoBotNetwork TCP Port Taraması Botnet Propagation Detect fake TCP replies Botnet Arac¸ları IP protocol scan Dos/DDoS Arac¸ları Lab 8 DDoS Saldırıları 5 DDoS Giris¸ DDoS Saldırı Trendleri Yontemler¨ Mirai Saldırılar Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları ˙Ic¸indekiler Persirai 1 Python 6 DDoS Saldırı Kategorileri 2 Python for Pentsters Giris¸ Paket Olus¸turma Arac¸ları TCP/IP Standardı Problem Dos/DDoS Saldırıları 3 Scapy Digital Attack Map Giris¸ 7 BotNets Ana Konsept Botnet 4 Ag˘ Tarama ve Saldırı RoBotNetwork TCP Port Taraması Botnet Propagation Detect fake TCP replies Botnet Arac¸ları IP protocol scan Dos/DDoS Arac¸ları Lab 8 DDoS Saldırıları 5 DDoS Giris¸ DDoS Saldırı Trendleri Yontemler¨ Mirai Saldırılar Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları PythonI Giris¸ I Topluluk destegi˘ oldukc¸a fazla olan betik dili: Python I Interactive interpreter I Text editors: Notepad++, gedit, vim Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları PythonII Degis¸kenler˘ I This is an int (signed, 32bits) : 42 I This is a long (signed, infinite): 42L I This is a str : "bellnx07nn" or ’bellnx07 nn’ I This is a tuple : (1,4,”42”) I You can’t add elements to a tuple. Tuples have no append or extend method. I You can’t remove elements from a tuple. Tuples have no remove or pop method. I Tuples are faster than lists. I This is a list : [4,2,”1”] I This is a dict : ”one”:1 , ”two”:2 Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Python III Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları StringsI Python String Slicing I You can reference any part of a string with brackets I Start from the beginning or the end I Always start counting from zero >>> filename ="C:\\Windows\\System32\\meterpreter.exe" >>> filename[0] ’C’ >>> filename[1] ’:’ >>> filename[-1] ’e’ >>> filename[-2] ’x’ >>> filename[3:10] ’Windows’ >>> filename[3:] ’Windows\\System32\\meterpreter.exe’ >>> filename.split("\\") [’C:’, ’Windows’, ’System32’, ’meterpreter.exe’] >>> filename.split(".") Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları StringsII [’C:\\Windows\\System32\\meterpreter’, ’exe’] String Concatenation I You can concat strings with + email = "ozgur.catak" + "@" + "tubitak.gov.tr" I You can append strings url = "http://10.10.10.10/get.php" url = url + "?param=1;DROP TABLE USERS" Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Strings III Syntax I No block delimiters. Indentation does matter. Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Python ListsI Python Lists I Used for storing a list of variables Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Python ListsII Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları ˙Ic¸indekiler Persirai 1 Python 6 DDoS Saldırı Kategorileri 2 Python for Pentsters Giris¸ Paket Olus¸turma Arac¸ları TCP/IP Standardı Problem Dos/DDoS Saldırıları 3 Scapy Digital Attack Map Giris¸ 7 BotNets Ana Konsept Botnet 4 Ag˘ Tarama ve Saldırı RoBotNetwork TCP Port Taraması Botnet Propagation Detect fake TCP replies Botnet Arac¸ları IP protocol scan Dos/DDoS Arac¸ları Lab 8 DDoS Saldırıları 5 DDoS Giris¸ DDoS Saldırı Trendleri Yontemler¨ Mirai Saldırılar Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Paket Olus¸turma Arac¸larıI I Packet forging tool: forges packets and sends them I Sniffing tool: captures packets and possibly dissects them I Testing tool: does unitary tests. Usually tries to answer a yes/no question (ex: ping) I Scanning tool: does a bunch of unitary tests with some parameters varying in a given range I Fingerprinting tool: does some predefined eclectic unitary tests to discriminate a peer I Attacking tool: uses some unexpected values in a protocol Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Paket Olus¸turma Arac¸larıII Sniffing tools ethereal, tcpdump, net2pcap, cdpsniffer, aimsniffer, vomit, tcptrace, tcptrack, nstreams, argus, karpski, ipgrab, nast, cdpr, aldebaran, dsniff, irpas, iptraf, ... Packet forging tools packeth, packit, packet excalibur, nemesis, tcpinject, libnet, IP sorcery, pacgen, arp-sk, arpspoof, dnet, dpkt, pixiliate, irpas, sendIP, IP-packetgenerator, sing, aicmpsend, libpal, ... Testing tools ping, hping2, hping3, traceroute, tctrace, tcptraceroute, traceproto, fping, arping... Scanning tools nmap, amap, vmap, hping3, unicornscan, ttlscan, ikescan, paketto, firewalk,... Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Paket Olus¸turma Arac¸ları III Fingerpringing tools nmap, xprobe, p0f, cron-OS, queso, ikescan, amap, synscan, ... Attacking tools dnsspoof, poison ivy, ikeprobe, ettercap, dsniff suite, cain, hunt, airpwn, irpas, nast, yersinia, ... Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları ProblemI Ornek¨ Senaryo: I ”padding data” ic¸eren ICMP echo istegi˘ I ”More fragments” bayragı˘ ic¸eren IP protokol taraması I ARP cache zehirlenmesi I DNS tunneling ile ”applicative payload” yukleme¨ Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları ProblemII I Kullanılan arac¸ların yaptıkları yorumlar bazı durumlarda ag˘ kes¸fi ac¸ısından yeterli olmayabilir. Ornek¨ Interesting ports on 192.168.9.4: PORT STATE SERVICE 22/tcp filtered ssh Gerc¸ek durumda ne oldu? I No answer? I ICMP host unreachable ? from who ? I ICMP port administratively prohibited ? from who ? ) Bu arac¸ların yetenekleri olc¸¨ us¨ unde¨ ag˘ taranabilir. ) Onların goremedi¨ gini˘ farketmezsiniz. ) Bugs, kusurlar ... Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları ˙Ic¸indekiler Persirai 1 Python 6 DDoS Saldırı Kategorileri 2 Python for Pentsters Giris¸ Paket Olus¸turma Arac¸ları TCP/IP Standardı Problem Dos/DDoS Saldırıları 3 Scapy Digital Attack Map Giris¸ 7 BotNets Ana Konsept Botnet 4 Ag˘ Tarama ve Saldırı RoBotNetwork TCP Port Taraması Botnet Propagation Detect fake TCP replies Botnet Arac¸ları IP protocol scan Dos/DDoS Arac¸ları Lab 8 DDoS Saldırıları 5 DDoS Giris¸ DDoS Saldırı Trendleri Yontemler¨ Mirai Saldırılar Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Giris¸ Problem I 80 portunu ic¸eren C - sınıfını TCP syn ve belirli bir TTL tarayın I Hangi IP adreslerinin ”ICMP time exceeded” cevabı vermedigini˘ bulun. S¸u an ic¸in c¸oz¨ ¨um I hping ile her bir ip adresine packetleri gondermek¨ I tcpdump/Wireshark ile sonuc¸ları izlemek. Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları TCP/IP Modeli S¸ekil: TCP/IP Modeli 1 1http://fiberbit.com.tw/tcpip-model-vs-osi-model/ Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Ana Konsept I Fast packet designing I Default values that work I Unlimited combinations I Probe once, interpret many I Interactive packet and result manipulation Dr. Ferhat Ozg¨ ¨urC¸atak [email protected] Sızma Testleri ˙Ic¸in Python Python Python for Pentsters Scapy Ag˘ Tarama ve Saldırı DDoS DDoS Saldırı Kategorileri BotNets DDoS Saldırıları Fast packet designingI I Her bir paket katmanlara ozel¨ olus¸turulmaktadır.
Load more

Recommended publications
  • The Botnet Chronicles a Journey to Infamy
    The Botnet Chronicles A Journey to Infamy Trend Micro, Incorporated Rik Ferguson Senior Security Advisor A Trend Micro White Paper I November 2010 The Botnet Chronicles A Journey to Infamy CONTENTS A Prelude to Evolution ....................................................................................................................4 The Botnet Saga Begins .................................................................................................................5 The Birth of Organized Crime .........................................................................................................7 The Security War Rages On ........................................................................................................... 8 Lost in the White Noise................................................................................................................. 10 Where Do We Go from Here? .......................................................................................................... 11 References ...................................................................................................................................... 12 2 WHITE PAPER I THE BOTNET CHRONICLES: A JOURNEY TO INFAMY The Botnet Chronicles A Journey to Infamy The botnet time line below shows a rundown of the botnets discussed in this white paper. Clicking each botnet’s name in blue will bring you to the page where it is described in more detail. To go back to the time line below from each page, click the ~ at the end of the section. 3 WHITE
    [Show full text]
  • Compu Talk Vol
    Sri Sathya Sai College for Women, Bhopal 2017 A newsletter from the Dept. of Computer Sci. & Appl. Compu Talk Vol. III Cyber Security job oppurtunities Botnet Department of Computer Computer Network Science and Application Firewall Departmental News Now Trending: including smartphones, televisions and tiny devices and integration of these as part of the Job Opportunities under the Cyber Internet of Things. Boom in cyber threats has Security Umbrella been an integral part of boom in information technology . Cyber security also known in simpler terms as computer security or IT security involves the Typical cyber security job titles and protection of computer systems from theft, descriptions may include the following: damage or destruction of 1. Security Analyst their hardware, software, data and information, as well from disruption, misuse or A Security Analyst analyzes and assesses misdirection of the services provided through vulnerabilities in the infrastructure which them to cause damage to the fellow humans or includes software, hardware and the society. associated networks. He/she performs The role of cyber security involves investigation using available tools, suggests controlling or limiting physical access to the counter-measures to remedy the detected hardware, as well as protecting them against any vulnerabilities, and recommends solutions harm or attack that may come via network and best practices. He/she analyzes and access intrusion, data insertion and code assesses the damage done to the injection and remote control. IT security is data/infrastructure as a result of security susceptible to being tricked into deviating from incidents, examines available recovery tools secure procedures through various methods. and processes, and recommends solutions.
    [Show full text]
  • Downloading and Running
    City Research Online City, University of London Institutional Repository Citation: Meng, X. (2018). An integrated networkbased mobile botnet detection system. (Unpublished Doctoral thesis, City, Universtiy of London) This is the accepted version of the paper. This version of the publication may differ from the final published version. Permanent repository link: https://openaccess.city.ac.uk/id/eprint/19840/ Link to published version: Copyright: City Research Online aims to make research outputs of City, University of London available to a wider audience. Copyright and Moral Rights remain with the author(s) and/or copyright holders. URLs from City Research Online may be freely distributed and linked to. Reuse: Copies of full items can be used for personal research or study, educational, or not-for-profit purposes without prior permission or charge. Provided that the authors, title and full bibliographic details are credited, a hyperlink and/or URL is given for the original metadata page and the content is not changed in any way. City Research Online: http://openaccess.city.ac.uk/ [email protected] AN INTEGRATED NETWORK- BASED MOBILE BOTNET DETECTION SYSTEM Xin Meng Department of Computer Science City, University of London This dissertation is submitted for the degree of Doctor of Philosophy City University London June 2017 Declaration I hereby declare that except where specific reference is made to the work of others, the contents of this dissertation are original and have not been submitted in whole or in part for consideration for any other degree or qualification in this, or any other University. This dissertation is the result of my own work and includes nothing which is the outcome of work done in collaboration, except where specifically indicated in the text.
    [Show full text]
  • Coordinating Across Chaos: the Practice of Transnational Internet Security Collaboration
    COORDINATING ACROSS CHAOS: THE PRACTICE OF TRANSNATIONAL INTERNET SECURITY COLLABORATION A Dissertation Presented to The Academic Faculty by Tarun Chaudhary In Partial Fulfillment of the Requirements for the Degree International Affairs, Science, and Technology in the Sam Nunn School of International Affairs Georgia Institute of Technology May 2019 COPYRIGHT © 2019 BY TARUN CHAUDHARY COORDINATING ACROSS CHAOS: THE PRACTICE OF TRANSNATIONAL INTERNET SECURITY COLLABORATION Approved by: Dr. Adam N. Stulberg Dr. Peter K. Brecke School of International Affairs School of International Affairs Georgia Institute of Technology Georgia Institute of Technology Dr. Michael D. Salomone Dr. Milton L. Mueller School of International Affairs School of Public Policy Georgia Institute of Technology Georgia Institute of Technology Dr. Jennifer Jordan School of International Affairs Georgia Institute of Technology Date Approved: March 11, 2019 ACKNOWLEDGEMENTS I was once told that writing a dissertation is lonely experience. This is only partially true. The experience of researching and writing this work has been supported and encouraged by a small army of individuals I am forever grateful toward. My wife Jamie, who has been a truly patient soul and encouraging beyond measure while also being my intellectual sounding board always helping guide me to deeper insight. I have benefited from an abundance of truly wonderful teachers over the course of my academic life. Dr. Michael Salomone who steered me toward the world of international security studies since I was an undergraduate, I am thankful for his wisdom and the tremendous amount of support he has given me over the past two decades. The rest of my committee has been equally as encouraging and provided me with countless insights as this work has been gestating and evolving.
    [Show full text]
  • Cyberpro December 4, 2008
    Volume 1, Edition 15 CyberPro December 4, 2008 Keeping Cyberspace Professionals Informed Officers The articles and information appearing herein are intended for President educational purposes to promote discussion in the public interest and to Larry K. McKee, Jr. keep subscribers who are involved in the development of Cyber-related concepts and initiatives informed on items of common interest. The Senior Analyst newsletter and the information contained therein are not intended to Jim Ed Crouch provide a competitive advantage for any commercial firm. Any ------------------------------ misuse or unauthorized use of the newsletter and its contents will result CyberPro Research in removal from the distribution list and/or possible administrative, civil, Analyst and/or criminal action. Kathryn Stephens The views, opinions, and/or findings and recommendations contained in this summary are those of the authors and should not be construed as an official position, policy, or decision of the United States Government, CyberPro Archive U.S. Department of Defense, or National Security Cyberspace Institute. To subscribe or unsubscribe to this newsletter click here CyberPro News Subscription. Please contact Larry McKee , ph. (757) 871-3578, regarding CyberPro subscription, sponsorship, and/or advertisement. All rights reserved. CyberPro may not be published, broadcast, rewritten or redistributed without prior NSCI consent. 110 Royal Aberdeen Smithfield, VA 23430 ph. (757) 871 - 3578 CyberPro National Security Cyberspace Institute P a g e | 1 Volume
    [Show full text]
  • Detection of Distributed Denial-Of-Service Attacks in Encrypted Network Traffic
    Mikko Hyvärinen Detection of Distributed Denial-of-Service Attacks in Encrypted Network Traffic Master’s Thesis in Information Technology December 9, 2016 University of Jyväskylä Department of Mathematical Information Technology Author: Mikko Hyvärinen Contact information: [email protected] Supervisor: Timo Hämäläinen & Mikhail Zolotukhin Title: Detection of Distributed Denial-of-Service Attacks in Encrypted Network Traffic Työn nimi: Hajautettujen palvelunestohyökkäysten havainnointi salatussa verkkoliiken- teessä Project: Master’s Thesis Study line: Software Development Page count: 122+9 Abstract: Context: Distributed denial-of-service attacks have existed for two decades. Var- ious strategies have been developed to combat the increasing volume of attacks over the years. Application layer attacks are becoming more common, and they are harder to detect. Current detection methods analyze traffic features. The packet payload is encrypted in an SSL/TLS traffic, and it cannot be analyzed. Objective: The thesis studies the current situa- tion of detection of DDoS attacks in an SSL/TLS encrypted traffic. Also, the thesis presents a K-means++ clustering-based detection method and comparable simulation results with the previous literature. Methods: The author conducted a light systematic mapping study by searching common computer science literature libraries. The author ran experiments with the clustering-based method in a virtual network. Results: The mapping study found that the detection methods concentrate on clustering and statistical anomaly detection methods. In the experiments, denial-of-service attack simulations revealed that the K-means++ clus- tering detects trivial DDoS attacks with near 100% accuracy. Datasets were found to be an important part when comparing results. Conclusion: The mapping study revealed encrypted denial-of-service research study areas where more research is needed when compared to the non-encrypted counterpart.
    [Show full text]
  • S Ym a Nte C Enterpris E S E CU Rit Y Symantec Global Internet Security
    ublished April 2009 P V, V, I rends for 2008 Volume X Volume Symantec Symantec Global Internet Security Threat Report T SYMANTEC ENTERPRISE SECURITY Marc Fossi Executive Editor Manager, Development Security Technology and Response Eric Johnson Editor Security Technology and Response Trevor Mack Associate Editor Security Technology and Response Dean Turner Director, Global Intelligence Network Security Technology and Response Joseph Blackbird Threat Analyst Symantec Security Response Mo King Low Threat Analyst Security Technology and Response Teo Adams Threat Analyst Security Technology and Response David McKinney Threat Analyst Security Technology and Response Stephen Entwisle Threat Analyst Security Technology and Response Marika Pauls Laucht Threat Analyst Security Technology and Response Candid Wueest Threat Analyst Security Technology and Response Paul Wood Senior Analyst MessageLabs Intelligence, Symantec Dan Bleaken Threat Analyst MessageLabs Intelligence, Symantec Greg Ahmad Threat Analyst Security Technology and Response Darren Kemp Threat Analyst Security Technology and Response Ashif Samnani Threat Analyst Security Technology and Response Volume XIV, Published April 2009 Symantec Global Internet Security Threat Report Contents Introduction ...............................................................................4 Executive Summary . 5 Highlights ............................................................................... 13 Threat Activity Trends . 17 Vulnerability Trends .....................................................................
    [Show full text]
  • Stratos II Distributed Hash Tables Discovery Studytour
    Issue 18.1 Maxwell November 2014 Stratos II Reaching beyond Distributed Hash Tables An introduction from scratch Discovery Studytour Verslag van de studiereis Ringkerngeheugen als RAM Het geheugen van vroeger Electrotechnische Vereeniging How do you create a logic gate using just 24 silicon atoms? Join ASML as an Electronics Engineer and help push the boundaries of technology. As one of the world’s leading providers of lithography systems for the semiconductor industry, we bring together the most creative minds in science and technology to help produce increasingly cheaper, faster and more energy-efficient microchips. For the past 30 years, we’ve been helping to realize Moore’s law. Now we want to go even further: to enable the tripling, or even the quadrupling of chip-feature density every two years. That’s why we need talented Electronics Engineers. People who can, for example, increase the speed and the precision of our systems integration, and thereby enable future logic gates no bigger than a few silicon atoms. It’s just one of the many electronics challenges at ASML. And there are countless more – all targeted at achieving more than Moore’s prediction. If you’re up for these challenges, we’ll put you in a multidisciplinary team and give you plenty of freedom to experiment and learn new skills. What Moore could you want? www.asml.com/careers /ASML @ASMLcompany From the Board President Commissaris Onderwijs Dear readers, because they have always been that way Er is dit jaar een nieuw curriculum van and have now become obsolete or bloat- start gegaan.
    [Show full text]
  • CONTENTS in THIS ISSUE Fighting Malware and Spam
    APRIL 2009 Fighting malware and spam CONTENTS IN THIS ISSUE 2 COMMENT ROGUE TRADERS Flooding the cloud Rogue anti-malware applications have been around for several years, 3 NEWS conning and causing Ghostly goings on confusion among users as well as posing problems for anti-malware Internet fraud complaints rise vendors. Gabor Szappanos takes a look at a piece of anti-virus scamware. page 9 3 VIRUS PREVALENCE TABLE APPLE CATCHER Mario Ballano Barcena and Alfredo Pesoli take 4 TECHNICAL FEATURE a detailed look at what appears to be the fi rst real attempt to create a Mac botnet. Anti-unpacker tricks – part fi ve page 12 VB100 ON WINDOWS XP MALWARE ANALYSES VB’s anti-malware testing team put 9 Your PC is infected a bumper crop of products through their paces on Windows XP. Find out 12 The new iBotnet which products excelled and which have some more work to do. page 15 15 COMPARATIVE REVIEW Windows XP SP3 36 END NOTES & NEWS This month: anti-spam news and events; and John Levine looks at message authentication using Domain Keys Identifi ed Mail (DKIM). ISSN 1749-7027 COMMENT ‘An even better mutated variations of malware in large volume. While this strategy won’t work against all technologies solution is to be (for example it is ineffective against HIPS, advanced proactive in the heuristics, generic detection etc.), it is well worth the cloud.’ effort for its ability to evade signature detection. I was interested to fi nd out whether these explanations Luis Corrons could be verifi ed by our detection data – for example Panda Security to see for how long each threat was active.
    [Show full text]
  • Effective DGA-Domain Detection and Classification with Textcnn
    electronics Article Effective DGA-Domain Detection and Classification with TextCNN and Additional Features Chanwoong Hwang 1 , Hyosik Kim 1, Hooki Lee 2 and Taejin Lee 1,* 1 Department of Information Security, Hoseo University, Asan 31499, Korea; [email protected] (C.H.); [email protected] (H.K.) 2 Department of Cyber Security Engineering, Konyang University, Nonsan 32992, Korea; [email protected] * Correspondence: [email protected] Received: 8 June 2020; Accepted: 29 June 2020; Published: 30 June 2020 Abstract: Malicious codes, such as advanced persistent threat (APT) attacks, do not operate immediately after infecting the system, but after receiving commands from the attacker’s command and control (C&C) server. The system infected by the malicious code tries to communicate with the C&C server through the IP address or domain address of the C&C server. If the IP address or domain address is hard-coded inside the malicious code, it can analyze the malicious code to obtain the address and block access to the C&C server through security policy. In order to circumvent this address blocking technique, domain generation algorithms are included in the malware to dynamically generate domain addresses. The domain generation algorithm (DGA) generates domains randomly, so it is very difficult to identify and block malicious domains. Therefore, this paper effectively detects and classifies unknown DGA domains. We extract features that are effective for TextCNN-based label prediction, and add additional domain knowledge-based features to improve our model for detecting and classifying DGA-generated malicious domains. The proposed model achieved 99.19% accuracy for DGA classification and 88.77% accuracy for DGA class classification.
    [Show full text]
  • Security Protocols for Iot
    Studies in Big Data 47 N. Jeyanthi Ajith Abraham Hamid Mcheick Editors Ubiquitous Computing and Computing Security of IoT Studies in Big Data Volume 47 Series editor Janusz Kacprzyk, Polish Academy of Sciences, Warsaw, Poland e-mail: [email protected] The series “Studies in Big Data” (SBD) publishes new developments and advances in the various areas of Big Data- quickly and with a high quality. The intent is to cover the theory, research, development, and applications of Big Data, as embedded in the fields of engineering, computer science, physics, economics and life sciences. The books of the series refer to the analysis and understanding of large, complex, and/or distributed data sets generated from recent digital sources coming from sensors or other physical instruments as well as simulations, crowd sourcing, social networks or other internet transactions, such as emails or video click streams and others. The series contains monographs, lecture notes and edited volumes in Big Data spanning the areas of computational intelligence including neural networks, evolutionary computation, soft computing, fuzzy systems, as well as artificial intelligence, data mining, modern statistics and operations research, as well as self-organizing systems. Of particular value to both the contributors and the readership are the short publication timeframe and the world-wide distribution, which enable both wide and rapid dissemination of research output. More information about this series at http://www.springer.com/series/11970 N. Jeyanthi • Ajith Abraham
    [Show full text]
  • Symantec Government Internet Security Threat Report Trends for 2008
    ublished April 2009 P V, V, I rends for 2008 Volume X Volume Symantec Symantec Government Internet Security Threat Report T SYMANTEC ENTERPRISE SECURITY Marc Fossi Executive Editor Manager, Development Security Technology and Response Eric Johnson Editor Security Technology and Response Trevor Mack Associate Editor Security Technology and Response Dean Turner Director, Global Intelligence Network Security Technology and Response Gary Kevelson Global Manager Symantec Cyber Threat Analysis Program Andrew J. Rogers Cyber Threat Analyst Symantec Cyber Threat Analysis Program Joseph Blackbird Threat Analyst Symantec Security Response Mo King Low Threat Analyst Security Technology and Response Teo Adams Threat Analyst Security Technology and Response David McKinney Threat Analyst Security Technology and Response Stephen Entwisle Threat Analyst Security Technology and Response Marika Pauls Laucht Threat Analyst Security Technology and Response Greg Ahmad Threat Analyst Security Technology and Response Darren Kemp Threat Analyst Security Technology and Response Ashif Samnani Threat Analyst Security Technology and Response Volume XIV, Published April 2009 Symantec Government Internet Security Threat Report Contents Introduction ...............................................................................4 Executive Summary . 5 Highlights ............................................................................... 11 Threat Activity Trends . 14 Malicious Code Trends .................................................................... 43 Phishing,
    [Show full text]