Artificial Intelligence and Data Mining Approaches in Security Frameworks. Группа авторов
Чтение книги онлайн.
Читать онлайн книгу Artificial Intelligence and Data Mining Approaches in Security Frameworks - Группа авторов страница 16
1 i) Training phase: It is used to induce hidden knowledge (rules) with the help of Association rule.
2 ii) Classification phase: It is used to build a classifier after cropping ineffective and superfluous rules.
It has been proved from many research studies that association classifier (AC) generally shows better classifiers in terms of error rate than decision tree and rule induction (standard classification approaches).
2.7 Attacks by Mitigating Code Injection
Code injection attack is a technique to write new machine code into the susceptible program’s memory. If there is a bug in the program, the control can be sent to the new code after manipulating it. W+X, the protection technique (Diwate, Sahu, 2014) alleviates the code injection attack by permitting one operation, i.e., either to write or execute operations but not both simultaneously (Mitchell, Chen, 2013).
2.7.1 Code Injection and Its Categories
Following are the types of code injection attacks:
1 i) SQL Injection
2 ii) HTML Script Injection
3 iii) Object Injection
4 iv) Remote File Injection
5 v) Code Reuse Attacks (CRAs).
1 SQL Injection: It can be defined as a technique by which SQL syntax can be used to input commands for reading, alteration or modification of a database.For example, there is a field on a web page regarding authentication for user password. Generally, we use script code for this. This script code will generate a SQL query so that matching password entered against the list of user names could be verified: SELECT User List. Username FROM User List WHERE User List. Password = ‘Password’
2 HTML Script Injection: Malicious code can be injected by an attacker with the help of tags. Thus, location property of the document would be changed by setting it to an injected script.
3 Object Injection: Hypertext pre-processor (PHP) is used for serialization and deserialization of objects. With the help of object injection, existing classes in the program can be modified and malicious attacks can be executed if an untrustworthy input is allowed into the deserialization function.
4 Remote File Injection: To cause the intended destruction, remote infected file name could be provided by attackers by alter the path command of the script file as the path.
5 Code Reuse Attacks: Code reuse attacks (CRAs) are recent development in security. They occur when an attacker expresses the flow of control through a previously existing code. By using this, attackers are allowed to execute random code on a compromised machine. These are return-oriented and jump-oriented programming approaches. They can reclaim library code fragments. The Return Into Lib C (RILC) is a type of code-reuse attack where the stack is compromised and the control is transferred to the beginning of an existing library function such as mprotect() to create a memory region that allows both write and execution operations on it to bypass W+X (Bhatkar et al., 2005). To overcome such attacks, we use data mining techniques. When the source code is checked to reveal any such fault and for this the instructions are classified as malicious. Some of the classification algorithms that can be used in this Regard are Logistic Regression, Bayesian, Support Vector Machine and Decision Tree.
2.8 Conclusion
The main aim of this study is to find the role of Data Mining techniques in attaining security. A few applications such as Privacy Preserving Data Mining (PPDM), Intrusion Detection System (IDS), Phishing Website Classification and Mitigation of Code Injection are discussed. Some Classification and Clustering algorithms are also discussed for their significant role in an intrusion detection system. Other basic Data mining techniques used for intrusion detection system such as Feature Extraction, Association Rule Mining and Decision Trees are also discussed. Other security applications of Data Mining such as Malware Detection, Spam Detection, Web Mining and Crime Profiling can also be explored in terms of security as a future scope.
References
Cárdenas, A. A., Berthier, R., Bobba, R.B., Huh, J.H., Jetcheva, J.G., Grochocki, D., & Sanders, W.H. (2014) “A Framework for Evaluating Intrusion Detection Architectures in Advanced Metering Infrastructures,” IEEE Transactions on Smart Grid, vol. 5(2), pp. 906–915.
Friedman, R. W., & Schuster. A. (2008) “Providing kAnonymity in Data Mining,” VLDB Journal, vol. 17(4), pp. 789–804.
Singh, R., Kumar, P. & Diaz, V. (2020) “A Holistic Methodology for Improved RFID Network Lifetime by Advanced Cluster Head Selection using Dragonfly Algorithm” International Journal of Interactive Multimedia and Artificial Intelligence, vol. 6(2), pp. 8.
Singh, B., Singh, R. & Rathore. P.S. (2013) “Randomized Virtual Scanning Technique for Road Network” International Journal of Computer Applications, vol. 77(16). pp. 1-4.
Kumar, N., Triwedi, P. & Rathore, P.S. (2018) “An Adaptive Approach for image adaptive watermarking using Elliptical curve cryptography (ECC)” First International Conference on Information Technology and Knowledge Management pp. 89–92, ISSN 2300-5963.
Bhargava, N., Singh, P., Kumar, A., Sharma, T. & Meena, P. (2017) “An Adaptive Approach for Eigenfaces-based Facial Recognition” International Journal on Future Revolution in Computer Science & Communication Engineering (IJFRSCE), vol. 3(12), pp. 213 – 216.
Herzberg, A. & Gbara, A. (2004) “Trustbar: Protecting (even naive) Web Users from Spoofing and Phishing Attacks” Cryptology ePrint Archive Report pp. 155.
Rathore, P. S., Chaudhary A. & Singh, B. (2013) “Route planning via facilities in time dependent network,” IEEE Conference on Information & Communication Technologies, pp. 652-655.
Fu, A. Y,, Wenyin, L. & Deng X (2006) “Detecting Phishing Web Pages with Visual Similarity Assessment Based on Earth Mover’s Distance (emd),” IEEE Transactions on Dependable and Secure Computing, vol. 3(4), pp. 301–311.
Manek, A., S., Shenoy, P., D., Mohan, M., C. & Venugopal K. R., (2016) “Detection of Fraudulent and Malicious Websites by Analysing User Reviews for Online Shopping Websites,” International Journal of Knowledge and Web Intelligence, vol. 5(3), pp. 171–189.
Wu, B., Lu, T., Zheng, K., Zhang, D. & Lin, X. (2015) “Smartphone Malware Detection Model Based on Artificial Immune System,” China Communications, vol. 11(13), pp. 86–92.
Dwork, C., McSherry, F., Nissim, K. & Smith, A. (2006) “Calibrating Noise to Sensitivity in Private Data Analysis,” Theory of Cryptography Conference, pp. 265–284.
Jackson, C., Simon, D.R., Tan, D. S. & Barth, A. (2007) “An Evaluation of Extended Validation and Picturein-Picture Phishing attacks,” International Conference on Financial Cryptography and Data Security, pp. 281–293.
Rathore, P.S. (2017) “An adaptive method for Edge Preserving Denoising, International Conference on Communication and Electronics Systems, Institute of Electrical and Electronics Engineers, Proceedings of the 2nd International Conference on Communication and Electronics Systems (ICCES 2017).
Tseng,