DOCSLIB.ORG

Building Defenses Against Next-Generation Attack Behavior

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Building Defenses Against Next-Generation Attack Behavior Denial of Service in Web Domains: Building Defenses against Next-Generation Attack Behavior DUSAN STEVANOVIC A DISSERTATION SUBMITTED TO THE FACULTY OF GRADUATE STUDIES IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR THE DEGREE OF DOCTOR OF PHILOSOPHY GRADUATE PROGRAM IN COMPUTER SCIENCE AND ENGINEERING YORK UNIVERSITY TORONTO, CANADA MAY 2016 ©DUSAN STEVANOVIC, 2016 Abstract The existing state-of-the-art in the field of application layer Distributed Denial of Service (DDoS) protection is generally designed, and thus effective, only for static web domains. To the best of our knowledge, our work is the first that studies the problem of application layer DDoS defense in web domains of dynamic content and organization, and for next-generation bot behaviour. In the first part of this thesis, we focus on the following research tasks: 1) we identify the main weaknesses of the existing application-layer anti-DDoS solutions as proposed in research literature and in the industry, 2) we obtain a comprehensive picture of the current-day as well as the next-generation application-layer attack behaviour and 3) we propose novel techniques, based on a multidisciplinary approach that combines offline machine learning algorithms and statistical analysis, for detection of suspicious web visitors in static web domains. Then, in the second part of the thesis, we propose and evaluate a novel anti-DDoS system that detects a broad range of application-layer DDoS attacks, both in static and dynamic web domains, through the use of advanced techniques of data mining. The key advantage of our system relative to other systems that resort to the use of challenge-response tests (such as CAPTCHAs) in combating malicious bots is that our system minimizes the number of these tests that are presented to valid human visitors while succeeding in preventing most malicious attackers from accessing the web site. The results of the experimental evaluation of the proposed system demonstrate effective detection of current and future variants of application layer DDoS attacks. ii Acknowledgements First and foremost, I would like to thank Professor Natalija Vlajic, my research supervisor, for her endless guidance, encouragement and patience over the past five and half years. Professor Vlajic was the main reason for the successful completion of my thesis. She has invested immeasurable hours in helping me co- author 12 research papers, a book chapter and 4 journal articles. It has been a great privilege and an honour to work with her. I am grateful to Professor Matthew Kyan, Professor Suprakash Datta, Ashraf Matrawy, Regina Lee, and Professor Uyen Trang Nguyen for agreeing to serve on my examination committee and for providing very useful feedback on my thesis. I especially would like to thank Professor Suprakash Datta, Professor Bil Tzerpos and Professor Uyen Trang Nguyen for serving on my supervisory committee and for their valuable input during my studies. I thank the exceptional members of the Signal Processing and Communications Laboratory, who have made my experience in graduate school at York University most enjoyable. Lastly, I would like to express my deepest gratitude to my dearest mother Rada, father Mirce, brother Nikola, grandma Mira and uncle Rade for their continuous love and encouragement. I thank my wife Natalie, for her everlasting love, understanding and support. This work is dedicated to my son Milan. iii Table of Contents Abstract ......................................................................................................................................................... ii Acknowledgements ...................................................................................................................................... iii Table of Contents......................................................................................................................................... iv List of Acronyms ......................................................................................................................................... vii List of Tables .............................................................................................................................................. viii List of Figures ............................................................................................................................................ xiv Chapter 1 Introduction ............................................................................................................................ 1 1.1 Overview of the Problem and Motivation ........................................................................................ 1 1.2 Thesis Contributions ......................................................................................................................... 3 1.3 Outline of the Thesis ........................................................................................................................ 5 Chapter 2 Denial of Service - Motivation, Methodology and Defenses ................................................. 7 2.1 Denial of Service: Motivations, Impacts, Execution Mechanisms ................................................... 7 2.2 Distributed Denial of Service ......................................................................................................... 11 2.3 DDoS Malware ............................................................................................................................... 16 2.4 DDoS Defensive Strategies ............................................................................................................ 16 Chapter 3 Application Layer DDoS Attacks and Related Defenses ..................................................... 20 3.1 Overview of Various Types of Application Layer Attacks ............................................................ 21 3.2 Overview of HTTP-based DDoS Attacks ...................................................................................... 21 iv 3.3 State-of-the-Art and Limitations of HTTP-based DDoS Toolkits ................................................. 33 3.4 Overview of the State-of-the-Art in HTTP-based DDoS Defense ................................................. 35 3.5 Summary......................................................................................................................................... 40 Chapter 4 Detection of Web Crawlers and Suspicious Web Visitors in Static Web Domains ............. 42 4.1 Review of Existing Work on the Topic of Web Crawler Detection ............................................... 43 4.2 Detecting Differences in Browsing Behavior of Web Visitors with Supervised Data Mining Classifiers ....................................................................................................................................... 49 4.3 Summary......................................................................................................................................... 91 Chapter 5 Detecting Differences in Browsing Behavior of Web Visitors with Unsupervised Clustering Algorithms 93 5.1 Study on Unsupervised Clustering of Web Visitors Sessions ........................................................ 94 5.2 Detecting Differences in Browsing Behavior of Web Visitors with Non-Parametric Correlation Analysis ........................................................................................................................................ 134 5.3 Summary....................................................................................................................................... 152 Chapter 6 Next-Generation System for HTTP-based DDoS Defence ................................................ 153 6.1 System Overview .......................................................................................................................... 153 6.2 Implementation of the 3 Stages of Our System ............................................................................ 164 6.3 Evaluation of the System .............................................................................................................. 172 6.4 Summary....................................................................................................................................... 192 Chapter 7 Conclusions and Future Work ............................................................................................ 194 Bibliography...............................................................................................................................................197 v Appendix A – DDoS Malware ................................................................................................................. 210 A.1 Scanning Strategies in DDoS-executing Malware ....................................................................... 210 A.2 Recruiting Strategies in DDoS-executing Malware ..................................................................... 212 A.3 Agent Control Mechanisms in DDoS-executing Malware .......................................................... 212 Appendix B – Recall, Precision and F1 ..................................................................................................... 215 Appendix C – Nonparametric Statistical Tests ......................................................................................... 217 C.1 Mann-Whitney Rank Sum Test (also known as Wilcoxon-Mann-Whitney Rank Sum Test) ......... 217 C.2 Kolmogorov-Smirnov Test for 2 Independent
Load more

Recommended publications
  • Automatic Classifying of Mac OS X Samples
    Automatic Classifying of Mac OS X Samples Spencer Hsieh, Pin Wu and Haoping Liu Trend Micro Inc., Taiwan TREND MICRO LEGAL DISCLAIMER The information provided herein is for general information Contents and educational purposes only. It is not intended and should not be construed to constitute legal advice. The information contained herein may not be applicable to all situations and may not reflect the most current situation. Nothing contained herein should be relied on or acted 4 upon without the benefit of legal advice based on the particular facts and circumstances presented and nothing Introduction herein should be construed otherwise. Trend Micro reserves the right to modify the contents of this document at any time without prior notice. Translations of any material into other languages are intended solely as a convenience. Translation accuracy 6 is not guaranteed nor implied. If any questions arise related to the accuracy of a translation, please refer to Mac OS X Samples Dataset the original language official version of the document. Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or enforcement purposes. 10 Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro makes no warranties or representations of any kind as Classification of Mach-O Files to its accuracy, currency, or completeness. You agree that access to and use of and reliance on this document and the content thereof is at your own risk. Trend Micro disclaims all warranties of any kind, express or implied. 11 Neither Trend Micro nor any party involved in creating, producing, or delivering this document shall be liable for any consequence, loss, or damage, including direct, Malware Families indirect, special, consequential, loss of business profits, or special damages, whatsoever arising out of access to, use of, or inability to use, or in connection with the use of this document, or any errors or omissions in the content 15 thereof.
    [Show full text]
  • Znetlive SSL Compatible Applications, Platforms & Operating
    ZNetLive SSL Compatible Applications, Platforms & Operating Systems Certificate Authority Root Apple MAC OS 9.0+ (circa 2002), includes 10.5.X and 10.6.X Future proof at 2048 bit, embedded in all Microsoft Windows XP, Vista, 7 and 8 (all devices and browsers and capable of upgrading versions inc 32/64 bit) weak encryption to a strong one is the most reliable Certificate Authority Root-GlobalSign. It is very important to ensure a flawless interaction of your online solutions with Default API Support within Hosting Control customers making connection with your web Panels server, reading emails, trusting your e- Ubersmith documents or running your code. Every WHMCS standard machine that uses trust of Public Key Infrastructure (PKI), e.g. S/MIME, SSL/TLS, Document Signing and Code Signing, has GlobalSign’s Root Certification present in it. Email Clients (S/MIME) ZNetLive’s SSL Certificates authenticated by GlobalSign have 2048 bit strength throughout Mulberry Mail complete Digital Certificate portfolio and Microsoft Outlook 99+ comply with recommendations of National Microsoft Entourage (OS/X) Institute of Standards and Technology (NIST) Qualcomm Eudora 6.2+ according to which all cryptographic keys Mozilla Thunderbird 1.0+ should be 2048 bit strength from 2011 onwards. Mail.app Anything weaker than 2048 bit encryption is Lotus Notes (6+) considered insecure. Because of this, the Netscape Communicator 4.51+ Certification Authorities and Browsers insists The Bat that all the EV SSL Certificates should be 2048 Apple Mail bit encryption.
    [Show full text]
  • IFIP AICT 306, Pp
    Chapter 9 FORENSIC ANALYSIS OF THE SONY PLAYSTATION PORTABLE Scott Conrad, Carlos Rodriguez, Chris Marberry and Philip Craiger Abstract The Sony PlayStation Portable (PSP) is a popular portable gaming device with features such as wireless Internet access and image, music and movie playback. As with most systems built around a processor and storage, the PSP can be used for purposes other than it was originally intended – legal as well as illegal. This paper discusses the features of the PSP browser and suggests best practices for extracting digital evidence. Keywords: Sony PlayStation Portable, forensic analysis 1. Introduction The Sony PlayStation Portable (PSP) is a popular portable video game system that has additional multimedia and Internet-related capa- bilities. Originally released in 2004, the PSP features a 4.3” widescreen LCD with 480×272 pixel resolution. It comes with a dual core 222 MHz R4000 CPU, 32 MB RAM and 4 MB of embedded DRAM, which holds the operating system [6]. The PSP uses a proprietary Universal Me- dia Disk (UMD) as its primary read-only storage media for games and movies. The device also features 802.11b Wi-Fi connectivity for multi- player games and utilizes a Pro Duo memory stick for secondary storage. In September 2007, Sony released a new version of the PSP that is 33% lighter and 19% thinner, appropriately dubbed the PSP Slim & Lite. The Slim & Lite version caches UMD data in memory to decrease game loading time and provides additional features such as a brighter screen, composite TV output, charging via USB and double the onboard RAM (64 MB) [8].
    [Show full text]
  • HTTP Cookie - Wikipedia, the Free Encyclopedia 14/05/2014
    HTTP cookie - Wikipedia, the free encyclopedia 14/05/2014 Create account Log in Article Talk Read Edit View history Search HTTP cookie From Wikipedia, the free encyclopedia Navigation A cookie, also known as an HTTP cookie, web cookie, or browser HTTP Main page cookie, is a small piece of data sent from a website and stored in a Persistence · Compression · HTTPS · Contents user's web browser while the user is browsing that website. Every time Request methods Featured content the user loads the website, the browser sends the cookie back to the OPTIONS · GET · HEAD · POST · PUT · Current events server to notify the website of the user's previous activity.[1] Cookies DELETE · TRACE · CONNECT · PATCH · Random article Donate to Wikipedia were designed to be a reliable mechanism for websites to remember Header fields Wikimedia Shop stateful information (such as items in a shopping cart) or to record the Cookie · ETag · Location · HTTP referer · DNT user's browsing activity (including clicking particular buttons, logging in, · X-Forwarded-For · Interaction or recording which pages were visited by the user as far back as months Status codes or years ago). 301 Moved Permanently · 302 Found · Help 303 See Other · 403 Forbidden · About Wikipedia Although cookies cannot carry viruses, and cannot install malware on 404 Not Found · [2] Community portal the host computer, tracking cookies and especially third-party v · t · e · Recent changes tracking cookies are commonly used as ways to compile long-term Contact page records of individuals' browsing histories—a potential privacy concern that prompted European[3] and U.S.
    [Show full text]
  • Reporte De Amenazas De ESET Q3
    INFORME DE AMENAZAS TERCER TRIMESTRE 2020 WeLiveSecurity.com @ESETresearch ESET GitHub Contenido Prólogo ¡Bienvenido a la edición del Informe de Amenazas de ESET del tercer 3 HISTORIA DESTACADA trimestre de 2020! Mientras el hemisferio norte se prepara para pasar un invierno azotado por la pandemia, el COVID-19 parece es- 5 NOTICIAS DEL LABORATORIO tar perdiendo fuerza, al menos en el ámbito del cibercrimen. Como la táctica de usar señuelos relacionados con el coronavirus ya no tiene el impacto deseado, los delincuentes parecen haber “vuelto a los modelos clásicos” durante el tercer trimestre de 2020. Sin embargo, hay un área donde persisten los efectos de la pandemia: en el 9 ACTIVIDAD DE GRUPOS DE APT trabajo remoto, con sus numerosos desafíos de seguridad. Esto es especialmente cierto para los ataques dirigidos al Protocolo de Escritorio Remoto (RDP), que crecieron 13 ESTADÍSTICAS Y TENDENCIAS durante todo el primer semestre. En el tercer trimestre, los intentos de ataques al RDP considerando el número de clientes únicos apuntados, aumentaron un 37%. Es probable que el aumento se deba al creciente número de 14 Las 10 principales detecciones de malware sistemas mal protegidos que se fueron conectando a Internet durante la pandemia, y quizá también a que otros delincuentes se inspiraron en las bandas de ransomware y comenzaron a atacar el protocolo RDP. 15 Downloaders La escena del ransomware, seguida de cerca por los especialistas de ESET, tuvo consecuencias inéditas este tri- mestre. Por ejemplo, el ataque de ransomware investigado como homicidio tras la muerte de un paciente porque 17 Malware bancario su hospital quedó inhabilitado.
    [Show full text]
  • Malware List.Numbers
    CLASS A - Tested once a month (and as significant updates and samples are available) (95% or higher detection rate) CLASS B - Tested every two months (and if many new samples or significant updates are available) (95 - 85% detection rate) CLASS C - Tested every three months (85-75% detection rate) CLASS D - Tested every six months (75% or lower detection rates) For Comparison, not an actual Antivirus CLASS F - Excluded from future testing (read notes) Notes, comments, remarks, FAQ and everything else. McAfee Endpoint Protection for Malware Family (by year) # Malware Sample Type MD5 Hash Avast 9.0 Intego VirusBarrier X8 10.8 Norman 3.0.7664 ESET 6.0 Sophos 9 F-Secure 1.0 Kaspersky Security 14 G Data AntiVirus for Mac Dr Web 9.0.0 Avira ClamXav 2.6.4 (web version) Norton 12.6 (26) Comodo Webroot 8 Thirtyseven4 Total Security eScan 5.5-7 iAntivirus 1.1.4 (282) ProtectMac 1.3.2 - 1.4 BitDefender 2.30 - 3.0.6681 McAfee Internet Security for Mac* AVG AntiVirus for Mac Dr Web Light 6.0.6 (201207050) Max Secure Antivirus MacBooster X-Protect Gatekeeper Intego VirusBarrier 2013 10.7 Intego VirusBarrier X6 VirusBarrier Express 1.1.6 (79) Panda Antivirus 1.6 Bitdefender (App Store) 2.21 MacKeeper 2.5.1 - 2.8 (476) Panda Antivirus 10.7.6 Trend Micro Titanium 3.0 McAfee Security 1.2.0 (1549) Norton 11.1.1 (2) Trend Micro Smart Sur. 1.6.1101 McAfee VirusScan for Mac 8.6.1 FortiClient 5.0.6.131 Quick Heal Total Sec 1.0 MacScan 2.9.4 McAfee Virex 7.7 (163) Magician 1.4.3 Vipre 1.0.51 Mac Malware Remover 1.1.6 MD5 Hash Mac 1 Price -> Free $39.99 (Internet
    [Show full text]
  • 2020 Trends & 2021 Outlook
    2020 trends w/ & 2021 outlook THREAT REPORT Q4 2020 WeLiveSecurity.com @ESETresearch ESET GitHub Contents 3 FOREWORD 4 FEATURED STORY 7 NEWS FROM THE LAB 9 APT GROUP ACTIVITY 15 STATISTICS & TRENDS 16 Top 10 malware detections 17 Downloaders 19 Banking malware 21 Ransomware 23 Cryptominers 25 Spyware & backdoors 27 Exploits 29 Mac threats 31 Android threats 33 Web threats 35 Email threats 38 IoT security 40 ESET RESEARCH CONTRIBUTIONS ESET THREAT REPORT Q4 2020 | 2 Foreword Welcome to the Q4 2020 issue of the ESET Threat Report! 2020 was many things (“typical” not being one of them), and it sure feels good to be writing The growth of ransomware might have been an important factor in the decline of banking about it in the past tense. malware; a decline that only intensified over the last quarter of the year. Ransomware and other malicious activities are simply more profitable than banking malware, the operators of As if really trying to prove a point, the pandemic picked up new steam in the last quarter, which already have to grapple with the heightening security in the banking sector. There was, bringing the largest waves of infections and further lockdowns around the world. Amid the — however, one exception to this trend: Android banking malware registered the highest detection chaos, the long-anticipated vaccine rollouts brought a collective sigh of relief or, at least, levels of 2020 in Q4, fueled by the source code leak of the trojan Cerberus. a glimmer of hope somewhere in the not-too-far-distant future. With the pandemic creating fertile ground for all kinds of malicious activities, it is all but In cyberspace, events also took a dramatic turn towards the end of the year, as news of the obvious that email scammers would not want to be left out.
    [Show full text]
  • 2016 Wrap-Up Cybercrime Tactics and Techniques
    Cybercrime tactics and techniques 2016 wrap-up TABLE OF CONTENTS 01 Executive summary 02 Windows malware 05 Early 2017 Windows malware predictions 06 Mac malware 06 Early 2017 OS X malware predictions 07 Exploit kits 08 Early 2017 exploit kit predictions 09 Phishing and malspam 10 Early 2017 phishing and malspam predictions 11 Potentially Unwanted Programs 11 Early 2017 PUP predictions 12 Tech support scams 13 Early 2017 tech support scam predictions 14 Conclusion Introduction Last year was interesting for malware distribution and development. While we still experienced a flood of ransomware and immense distribution of malware using malspam/phishing/exploit kits, some major players, such as TeslaCrypt and Angler EK, vanished, while some new names dominated. In our first wrap-up of the threat landscape, we are going to cover the trends observed during the last few months of 2016, take an analyst’s view of the threats, and offer some predictions for the beginning of 2017. Moving forward, every quarter we will bring you a view of the threat landscape through the eyes of Malwarebytes researchers and analysts. Executive summary Ransomware dominated in 2016 and continued to do so However, it’s market share and capabilities are not quite into 2017. We expect to see very little variation in this at par with Angler, though this is likely going to change in early 2017, and if anything, it is getting worse. The as we expect to observe an increase in exploit kit most notable ransomware families of the end of 2016 activity by the middle of 2017. While late 2016 showed were Locky and Cerber, two very similar ransomware a decrease in the amount of malicious spam/phishing families that took the number one slot multiple times attacks targeting users in the wild, we are seeing greater during the last part of the year.
    [Show full text]
  • Malware List.Numbers
    Actively Tested (Immediately as significant updates and samples are available) (80% or higher detection rate) Occasionally Tested (If many new samples or significant updates are available) (60 - 80% detection rate) Tested when the mood strikes (60% or lower detection rates) For Comparison, not Excluded from future testing (read notes) Notes, comments, remarks, FAQ and everything else. an actual Antivirus Malware Family (by year) Malware Sample Type MD5 Hash Intego VirusBarrier 2013 10.7 Intego VirusBarrier X6 Avira 1.0.0.64 - 2.0.1.105 MacKeeper 2.5.1 - 2.8 (476) F-Secure 1.0 Avast 8.0 ESET 5.0 VirusBarrier Express 1.1.6 (79) Kaspersky Security 14 Dr Web 9.0.0 Webroot 8 Sophos 9 Comodo G Data AntiVirus for Mac Norton 12.6 (26) iAntivirus 1.1.4 (282) ProtectMac 1.3.2 - 1.4 eScan 5.5-7 Bitdefender (App Store) 2.21 BitDefender 2.30 - 3.0.6681 ClamXav 2.6.1 McAfee Internet Security for Mac* AVG AntiVirus for Mac Dr Web Light 6.0.6 (201207050) MacScan 2.9.4 X-Protect Panda Antivirus 1.6 Panda Antivirus 10.7.6 McAfee Endpoint Protection for Trend Micro Titanium 3.0 McAfee Security 1.2.0 (1549) Norton 11.1.1 (2) Trend Micro Smart Sur. 1.6.1101 McAfee VirusScan for Mac 8.6.1 FortiClient 5.0.6.131 Quick Heal Total Sec 1.0 McAfee Virex 7.7 (163) Magician 1.4.3 Vipre 1.0.51 Mac Malware Remover 1.1.6 1 # Mac 2 Price -> $29.99 Current users only (Discontinued) Free $38.95 and up €29,99 Free $39.99 Free (App Store) $39.95 €26 $39.99 Free Free $49.99 Free $44.99 $29.95 Free $49.95 Free $79.99 (Consumer) Free Free (App Store or download) $39.99 OS X’s
    [Show full text]
  • ESET THREAT REPORT Q3 2020 | 2 ESET Researchers Reveal That Bugs Similar to Krøøk Affect More Chip Brands Than Previously Thought
    THREAT REPORT Q3 2020 WeLiveSecurity.com @ESETresearch ESET GitHub Contents Foreword Welcome to the Q3 2020 issue of the ESET Threat Report! 3 FEATURED STORY As the world braces for a pandemic-ridden winter, COVID-19 appears to be losing steam at least in the cybercrime arena. With coronavirus-related lures played out, crooks seem to 5 NEWS FROM THE LAB have gone “back to basics” in Q3 2020. An area where the effects of the pandemic persist, however, is remote work with its many security challenges. 9 APT GROUP ACTIVITY This is especially true for attacks targeting Remote Desktop Protocol (RDP), which grew throughout all H1. In Q3, RDP attack attempts climbed by a further 37% in terms of unique 13 STATISTICS & TRENDS clients targeted — likely a result of the growing number of poorly secured systems connected to the internet during the pandemic, and possibly other criminals taking inspiration from 14 Top 10 malware detections ransomware gangs in targeting RDP. 15 Downloaders The ransomware scene, closely tracked by ESET specialists, saw a first this quarter — an attack investigated as a homicide after the death of a patient at a ransomware-struck 17 Banking malware hospital. Another surprising twist was the revival of cryptominers, which had been declining for seven consecutive quarters. There was a lot more happening in Q3: Emotet returning 18 Ransomware to the scene, Android banking malware surging, new waves of emails impersonating major delivery and logistics companies…. 20 Cryptominers This quarter’s research findings were equally as rich, with ESET researchers: uncovering 21 Spyware & backdoors more Wi-Fi chips vulnerable to KrØØk-like bugs, exposing Mac malware bundled with a cryptocurrency trading application, discovering CDRThief targeting Linux VoIP softswitches, 22 Exploits and delving into KryptoCibule, a triple threat in regard to cryptocurrencies.
    [Show full text]
  • The Apple Threat Landscape
    The Apple threat landscape SECURITY RESPONSE The Apple threat landscape Dick O’Brien Version 1.02 – February 11, 2016 A rising number of threat actors have begun developing malware designed to infect devices running Mac OS X or iOS. CONTENTS OVERVIEW ..................................................................... 3 Apple ecosystem security ............................................. 5 Mac OS X malware ...................................................... 10 iOS malware ................................................................ 16 Attack vectors ............................................................. 18 Mac OS X vulnerabilities ............................................. 20 iOS vulnerabilities ....................................................... 24 Apple ID security ......................................................... 25 Conclusion ................................................................... 27 Protection .................................................................... 27 Appendix .................................................................... 29 OVERVIEW Apple devices have experienced a surge in popularity in recent years. According to IDC, the company now accounts for 13.5 percent of global smartphone shipments and 7.5 percent of global PC shipments. This increase in usage has not gone unnoticed by attackers. A rising number of threat actors have begun developing malware designed to infect devices running Mac OS X or iOS. Although the number of threats targeting Apple operating systems remains
    [Show full text]
  • Hbbtv Services, Solutions and Devices at IBC 2016
    HbbTV services, solutions and devices at IBC 2016 Hall 14 / Booth J13 Contact: Akim Benamara ABOX42 is a leading provider of IPTV, OTT and Hybrid-DVB SmartSTB platforms and services for network operators and service providers. At IBC 2016 ABOX42 will introduce its latest Smart STB platform M50 (available as IPTV/OTT and Hybrid version) with support of 4K/UHD and HEVC/H.265 to freely mix DVB-C, S2, T/T2 services with IPTV and OTT video delivery, as well as HBBTV and other web based applications. With ABOX42 new OTT DVB technology it is the first time possible to use HbbTV with OTT streaming in a network environment, where HbbTV is not essential part of the DVB signal. The ABOX42 Total STB Solution approach supports fast application development, short project cycles, full software lifecycle management. The additional ABOX42 OPX TV application provides a solution to deliver all essential TV services with a modern TV UI. The ABOX42 OPX SaaS & Cloud TV services allow the operator to easily deploy, manage, operate und upgrade its services in the field during the entire lifecycle. Find more information about the ABOX42 Total STB Solution at: www.abox42.com Hall 14 / Booth D14 Contact: Robert Guest ACCESS showcases its industry-leading NetFront Browser family, providing a true choice of HbbTV solutions based on Chromium or Webkit engines. Embedded browser Software Development Kits (SDKs) are available for HbbTV 1.5 and HbbTV 2.0, enabling the provision of companion applications, second screen experiences and multiscreen solutions. The NetFront solutions portfolio also supports DLNA, remote user interface (RUI), and VidiPath for the provision of premium services, plus browser based encrypted media extensions (EME) for HTML5 based services.
    [Show full text]