deceptive security using python
play

DECEPTIVE SECURITY USING PYTHON GAJENDRA DESHPANDE KLS Gogte - PowerPoint PPT Presentation

Dec 21, 2022 •574 likes •950 views

DECEPTIVE SECURITY USING PYTHON GAJENDRA DESHPANDE KLS Gogte Institute of Technology, India https://gcdeshpande.github.io 24 July 2020 Contents Introduction to Deception WebTrap DemonHunter Our Experiment Conclusion

  1. DECEPTIVE SECURITY USING PYTHON GAJENDRA DESHPANDE KLS Gogte Institute of Technology, India https://gcdeshpande.github.io 24 July 2020

  2. Contents  Introduction to Deception  WebTrap  DemonHunter  Our Experiment  Conclusion  References

  3. Introduction Imagine you are passing through an unknown street at midnight and you find that some anti-social elements are following you. To save yourself from them you start running and look for a safe place to hide yourself. On the way, you will find a good person and requests him to help you. He hides you in his place to protect you. When these anti-social elements visit a good person’s place and enquire about you, the good person misguides them and redirects them to some other place in order to protect you. This is exactly how deception works. In this analogy, YOU are the resources to be protected, anti-social elements are the hackers who want to gain access to the resources, and a good person is a deception technique that protects the resources from hackers by making them fall in the trap.

  4. Deception – Basic Idea  Deception is a technique where hackers methods will be used as security mechanism i.e., phishing the phishers.  Deception is military tactic used by both attackers and defenders. Source: https://www.helpnetsecurity.com/2018/12/06/introduction-deception-technology/

  5. Deception – Types There are two types of Deception Technology described below. Active Deception: Active Deception will provide inaccurate information intentionally to  the subjects (intruders or hackers) to fall for the trap. Passive Deception: Passive Deception will provide incomplete information, o the other  half of information. Intruders will try to gain all the information and the fall for the trap. Source: https://www.geeksforgeeks.org/deception-technology/ They can also be classified as Client side deception – used by hackers  Server side deception – used by security providers  Better Deception = Active Deception + Passive Deception

  6. Deception – Evolution - Advantages  HoneyPots (1998)  HoneyNets(2000)  HoneyToken (2003)  HoneyPot 2.0 (2012)  Deception Technology (2016)  Advantages  Increased accuracy  Minimal investment  Future ready (applicable to new technology)

  7. WebTrap  Designed to create deceptive webpages to deceive and redirect attackers away from real websites.  The deceptive webpages are generated by cloning real websites, specifically their login pages. The project is composed of two tools: Web Cloner - Responsible for cloning real websites and creating the deceptive web page  Deceptive Web server - Responsible for serving the cloned webpages, and reporting to a syslog  server upon requests Installation: pip install requests apt install gir1.2-webkit2-3.0 python-gi python-gi-cairo python3-gi python3-gi-cairo gir1.2-gtk-3.0 https://github.com/IllusiveNetworks-Labs/WebTrap

  8. WebTrap – Web Cloner

  9. WebTrap – Deceptive Web Server

  10. DemonHunter  To create low interaction Honeypot servers and their agents, plus a manager to check logs  DemonHunter allows you to create your honeynet all customized by yourself, from ports to protocol handlers. https://github.com/skrtu/DemonHunter

  11. Why we developed deception tool  Cyber Space is a national asset  XML is a heart of many mainstream technologies, Web Services, Service Oriented Architecture(SOA), Cloud Computing etc.  Web Services vulnerabilities can be present in Operating System, Network, Database, Web Server, Application Server, Application code, XML parsers and XML appliances  New technologies – New Challenges  (Old challenges + New Challenges)

  12. Problem Definition and Proposed Solution Problem Definition  To secure web resources from XPath injection attack using modular recurrent neural networks. Proposed Solution  The proposed solution uses modular recurrent neural network architecture to identify and classify atypical behavior in user input. Once the atypical user input is identified, the attacker is redirected to sham resources to protect the critical data.  Count based validation technique

  13. Introduction to XPath Injection  An attacker can craft special user-controllable input consisting of XPath expressions to inject the XML database and bypass authentication or glean information that he normally would not be able to. <?xml version="1.0" encoding="ISO-8859-1"?> <users> <user> <username>gandalf</username> <password>!c3</password> <account>admin</account> </user> </users> string(//user[username/text()='gandalf' and password/text()='!c3']/account/text()) string(//user[username/text()='' or '1' = '1' and password/text()='' or '1' = '1']/account/text())

  14. CAPEC on XPath Injection Factor Description Attack Prerequisites XPath Queries and unsanitized user controllable input Typical Likelihood of Exploit High Attacker Skills Low Indicators Too many exceptions generated by the application as a result of malformed XPath queries Resource Required None Attack Motivation Consequences Confidentiality- gain privileges and read application data Injection Vector User-controllable input used as part of dynamic XPath queries Payload XPath expressions intended to defeat checks run by XPath queries Activation Zone XML Database CIA Impact High, High, Medium Architectural Paradigms Client-Server, Service Oriented Architecture (SOA) Frameworks, Platforms, Languages All

  15. Research Gap Identified Neural network approach to identify and classify atypical behavior in input The study showed different approaches to handle XPath injection attacks. It also showed methods applied and their disadvantages. We can conclude from the study that neural networks are not applied to detect Xpath injection attacks and existing results are not promising. The study showed, how modularity in case of neural networks helps to achieve improved performance. Modular neural networks have not been applied to cyber security particularly to the detection of SQL/XPath injection attacks.

  16. System Design Some valid inputs: Email-id Mobile number Alphanumeric word Some malicious inputs: ‘1 or 1=1 user’ or ‘a’=‘a %00 Some invalid inputs: Very large input string String with special characters String formed from different character set Fig. 1: Three tier architecture of the proposed system

  17. Algorithm

  18. Algorithm

  19. System Environment Table 5: Tools and technologies used for experimentation Software Environment Technology Server Side Client Side Neural Networks PyBRAIN [14] - Web Services BottlePy Micro Web Framework [15] - Web Server WSGIRefServer of BottlePy and Apache - Web Browser Firefox, Konquerer Firefox, Konquerer Scripting Language, Graphs Python, numpy, matplotlib [16] - Operating Systems Fedora Linux 14 Fedora Linux 14 Hardware Environment System Intel i3 processor, 3GB RAM Intel i3 processor, 3GB RAM Note: Same environment is used for Development and Testing of the System. The system may also be deployed on machines with lower configurations and on different platforms.

  20. PyBRAIN Machine Learning Library  PyBrain is a modular Machine Learning Library for Python.  PyBrain is short for Py thon- B ased R einforcement Learning, A rtificial I ntelligence and N eural Network Library  To download and Install PyBrain $ git clone git://github.com/pybrain/pybrain.git $ python setup.py install For more detailed installation instructions visit http://wiki.github.com/pybrain/pybrain/installation For Information on PyBrain visit http://www.pybrain.org

  21. Bottle- Python Web Framework  Bottle is a fast, simple and lightweight WSGI micro web-framework for Python.  It is distributed as a single file module and has no dependencies other than the Python Standard Library.  It includes built in Routing, Templates, Utilities and Server  Bottle does not depend on any external libraries. You can just download bottle.py into your project directory and start coding: $ wget https://bottlepy.org/bottle.py  For more information on Bottle Framework visit http://www.bottle.org

  22. Results (True Positives) Table 6: Comparison of true positives Number of Modular Neural Single Neural epochs Network Network 50 0 19 100 90 82 150 96 80 200 99 55 250 94 39 300 96 27 350 93 30 400 90 40 Fig. 2: Comparison of true positives 450 90 43 500 94 50

  23. Results (False Positives) Table 7: Comparison of false positives Number of Modular Neural Single Neural epochs Network Network 50 99 72 100 07 20 150 05 34 200 06 38 250 05 57 300 04 63 350 08 76 400 08 58 Fig. 3: Comparison of false positives 450 10 58 500 10 45

  24. Results (True Negatives) Table 8: Comparison of true negatives Number of Modular Neural Single Neural epochs Network Network 50 1 28 100 93 80 150 95 66 200 94 62 250 95 43 300 96 37 350 92 24 400 92 42 Fig. 4: Comparison of true negatives 450 90 42 500 90 55

  25. Results (False Negatives) Table 9: Comparison of false negatives Number of Modular Neural Single Neural epochs Network Network 50 100 81 100 10 18 150 04 20 200 01 45 250 06 61 300 04 73 350 07 70 400 10 60 Fig. 5: Comparison of false negatives 450 10 57 500 06 50

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Python Cryptography &amp; Security Jos Manuel Ortega | @jmortegac

Python Cryptography &amp; Security Jos Manuel Ortega | @jmortegac

Python Cryptography &amp; Security Jos Manuel Ortega | @jmortegac https://speakerdeck.com/jmortega Security Conferences INDEX 1 Introduction to cryptography 2 PyCrypto and other libraries 3 Django Security 4 OWASP &amp; Best Practices 5

881 views • 61 slides
Detecting deceptive reviews using Argument Mining Oana Cocarascu Imperial College London

Detecting deceptive reviews using Argument Mining Oana Cocarascu Imperial College London

Detecting deceptive reviews using Argument Mining Oana Cocarascu Imperial College London Truthful or deceptive? Their service was amazing , and we absolutely loved the beautiful indoor pool . I would recommend staying here. The staff was super

601 views • 26 slides
Python Tidbits Python created by that guy ---&gt; Python is named after Monty Pythons

Python Tidbits Python created by that guy ---&gt; Python is named after Monty Pythons

Python Tidbits Python created by that guy ---&gt; Python is named after Monty Pythons Flying Circus 1991 Python 0.9.0 Released 2008 Python 2.6 / 3.0rc2 Current Python 2.7.1 / 3.2 *7 th most popular language

753 views • 37 slides
deceptive words (7:4, 8) Jeremiah 7:1-8:3 You shall die! (26:8) Jeremiah 7:1-8:3

deceptive words (7:4, 8) Jeremiah 7:1-8:3 You shall die! (26:8) Jeremiah 7:1-8:3

Jeremiah 7:1-8:3 deceptive words (7:4, 8) Jeremiah 7:1-8:3 You shall die! (26:8) Jeremiah 7:1-8:3 Worship without repentance. (7:1-15) Do not trust in these deceptive words: This is the temple of the L ORD , the temple

436 views • 15 slides
Computing the unexpected and Unpredicted and Deceptive and Interesting Reflections

Computing the unexpected and Unpredicted and Deceptive and Interesting Reflections

Computing the unexpected and Unpredicted and Deceptive and Interesting Reflections Fifty year prediction about home computers Computing the unexpected and Unpredicted and Deceptive and Interesting Reflections

501 views • 10 slides
1 Parallelism in Python The Problem with Shared State Python provides two mechanisms for

1 Parallelism in Python The Problem with Shared State Python provides two mechanisms for

Python Example of a MapReduce Application The mapper and reducer are both self contained Python programs Read from standard input and write to standard output ! Mapper Tell Unix: this is Python #!/usr/bin/env python3 The emit function

464 views • 3 slides
Getting Started with Python The Python Interpreter A piece of software that executes

Getting Started with Python The Python Interpreter A piece of software that executes

Object-Oriented Programming in Python Goldwasser and Letscher Chapter 2 Getting Started with Python The Python Interpreter A piece of software that executes commands for the Python language Start the interpreter by typing python at a

862 views • 27 slides
NAVIGATING THE NC UNFAIR AND DECEPTIVE TRADE PRACTICES ACT presented by: J. Patrick Haywood

NAVIGATING THE NC UNFAIR AND DECEPTIVE TRADE PRACTICES ACT presented by: J. Patrick Haywood

NAVIGATING THE NC UNFAIR AND DECEPTIVE TRADE PRACTICES ACT presented by: J. Patrick Haywood and Mark K. York Carruthers &amp; Roth, P.A. Phone: 336-478-1152 E-mail: mky@crlaw.com 2 Overview Information on the UDTPA Three Part Test

491 views • 24 slides
An introduction to Python Andreas Bjerre-Nielsen Agenda 1. Python: what it is; why and how we

An introduction to Python Andreas Bjerre-Nielsen Agenda 1. Python: what it is; why and how we

An introduction to Python Andreas Bjerre-Nielsen Agenda 1. Python: what it is; why and how we learn it 2. Python scripts and Jupyter 3. Fundamental data types 4. Basic Python procedures: operators, functions, methods etc. 5. Conditional

978 views • 66 slides
John 8:42-47 Recognizing the Deceptive Influences of our Adversary From the beginning, the evil

John 8:42-47 Recognizing the Deceptive Influences of our Adversary From the beginning, the evil

John 8:42-47 Recognizing the Deceptive Influences of our Adversary From the beginning, the evil one has been hard at work seeking to deceive mankind to our detriment. He seeks to deceive and spread deception because it leads to distrust and

328 views • 3 slides
Fundraising State governments regulate a nonprofits charitable solicitations. Deceptive

Fundraising State governments regulate a nonprofits charitable solicitations. Deceptive

Fundraising State governments regulate a nonprofits charitable solicitations. Deceptive or abusive techniques are prohibited. Use IRS Form 990 and 990-EZ to disclose the percentage of funds raised that are used for program expenses

671 views • 26 slides
We already know Java. Why learn Python? Using Python to Implement Algorithms Python has far less

We already know Java. Why learn Python? Using Python to Implement Algorithms Python has far less

We already know Java. Why learn Python? Using Python to Implement Algorithms Python has far less overhead than Java for the programmer. Tyler Moore Python is closer to psuedo-code on the English-pseudocode-code spectrum than Java or C/C++, but

615 views • 9 slides
Why is Chicago deceptive?: Towards Building Model-Driven Tutorials for Humans Vivian

Why is Chicago deceptive?: Towards Building Model-Driven Tutorials for Humans Vivian

Why is Chicago deceptive?: Towards Building Model-Driven Tutorials for Humans Vivian Lai, Han Liu, and Chenhao Tan @vivwylai | @HanLiuAI | @ChenhaoTan University of Colorado Boulder machineintheloop.com 1 AI used in societally

515 views • 38 slides
Looks Can Be Deceptive Case presentation 37 y/o man Original kidney disease:

Looks Can Be Deceptive Case presentation 37 y/o man Original kidney disease:

Looks Can Be Deceptive Case presentation 37 y/o man Original kidney disease: Polycystic kidney disease, HTN, highly sensitized Live unrelated renal transplant Jan.2018 5 months post transplant: rising serum Cr.

329 views • 17 slides
Investigating the Acoustic Correlates of Deceptive Speech Christin Kirchhbel IAFPA, Vienna, 27

Investigating the Acoustic Correlates of Deceptive Speech Christin Kirchhbel IAFPA, Vienna, 27

Investigating the Acoustic Correlates of Deceptive Speech Christin Kirchhbel IAFPA, Vienna, 27 th July, 2011 1 What is deception? lying is a successful or unsuccessful deliberate attempt, without forewarning , to create in another a belief

464 views • 22 slides
First Tool: Python! Introduction to python programming Gholamhossein Tavasoli @ ZNU First Tool:

First Tool: Python! Introduction to python programming Gholamhossein Tavasoli @ ZNU First Tool:

First Tool: Python! Introduction to python programming Gholamhossein Tavasoli @ ZNU First Tool: Python! Python Programming Language Python Programming Language Created in 1991 by Guido van Rossum Python Cro ross Platform Pro rogramming

662 views • 62 slides
Sparse Matrix Algorithms and Advanced Topics in FEM MATH 9830 Timo Heister

Sparse Matrix Algorithms and Advanced Topics in FEM MATH 9830 Timo Heister

Sparse Matrix Algorithms and Advanced Topics in FEM MATH 9830 Timo Heister (heister@clemson.edu) http://www.math.clemson.edu/~heister/math9830-spring2015/ Tasks Lab 1 Grab class repo Git clone https://github.com/tjhei/spring15_9830

697 views • 59 slides
ECOM027 Research Methods Methods and tools for Empirical Macroeconomics Luca Rondina

ECOM027 Research Methods Methods and tools for Empirical Macroeconomics Luca Rondina

ECOM027 Research Methods Methods and tools for Empirical Macroeconomics Luca Rondina February 25, 2020 University of Surrey Introduction The goal of applied macroeconomics is to design models useful for policy analysis and forecasting.

584 views • 44 slides
Performance Analysis for R : Towards a Faster R Interpreter Helena Kotthaus joint work with: I.

Performance Analysis for R : Towards a Faster R Interpreter Helena Kotthaus joint work with: I.

Performance Analysis for R : Towards a Faster R Interpreter Helena Kotthaus joint work with: I. Korb, M. Knne, P . Marwedel 06/26/2014 TU Dortmund Collaborative Research Center SFB876: Providing Information by Resource-Constrained

431 views • 13 slides
New features in deal.II Matthias Maier School of Mathematics University of Minnesota Twin Cities

New features in deal.II Matthias Maier School of Mathematics University of Minnesota Twin Cities

New features in deal.II Matthias Maier School of Mathematics University of Minnesota Twin Cities Minneapolis, MN, USA Fifth deal.II Users and Developers Workshop College Station, TX, USA August 3, 2015 1 Matthias Maier | New features in

605 views • 38 slides
Quantum Cryptography Slides based in part on A talk on quantum cryptography or how Alice

Quantum Cryptography Slides based in part on A talk on quantum cryptography or how Alice

Quantum Cryptography Slides based in part on A talk on quantum cryptography or how Alice outwits Eve, by Samuel Lomonaco Jr. and Quantum Computing by Andr Bertiaume. The Classical World - Bits either 0 or 1. - Bits can be copied.

639 views • 11 slides
Software Evolution: Conclusion, Discussion, Future Work Dr. Vadim Zaytsev aka @grammarware

Software Evolution: Conclusion, Discussion, Future Work Dr. Vadim Zaytsev aka @grammarware

Software Evolution: Conclusion, Discussion, Future Work Dr. Vadim Zaytsev aka @grammarware UvA, MSc SE, 7 December 2015 Roadmap W44 Introduction V.Zaytsev W45 Metaprogramming J.Vinju W46 Reverse Engineering V.Zaytsev W47 Software

735 views • 28 slides
Towards Machine Learning Induction for Isabelle/HOL This work was supported by the project

Towards Machine Learning Induction for Isabelle/HOL This work was supported by the project

git clone https://github.com/data61/PSL Towards Machine Learning Induction for Isabelle/HOL This work was supported by the project AI&amp;Reasoning (reg. no. CZ.02.1.01/0.0/0.0/15_003/0000466). Yutaka Nagashima University of Innsbruck Czech

1.75k views • 136 slides
Quantum physics as it is practised in the lab WHY CATEGORIES? Kinds/types of systems: A , B , C ,

Quantum physics as it is practised in the lab WHY CATEGORIES? Kinds/types of systems: A , B , C ,

Bob Coecke University of Oxford Quantum physics as it is practised in the lab WHY CATEGORIES? Kinds/types of systems: A , B , C , ... e.g. electron, atom, n qubits, classical data, ... Kinds/types of systems: A , B , C , ... e.g.

2.03k views • 156 slides

More recommend