datgjigikbvyuoiskjblh;kgjhcgxjchvklb;n'jmkjl;ljvkcjgch m,./.l]kpi0u9-y08t7r65ds4rd5y7f8gt?.pptx

andirajukeshavakrish 4 views 34 slides Jun 10, 2024
Slide 1
Slide 1 of 34
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34

About This Presentation

technology

Size: 4.51 MB
Language: en
Added: Jun 10, 2024
Slides: 34 pages

Slide Content

CYBER THREAT DETECTION By ANDIRAJU KESHAVA KRISHNA 22091F0019   Under the esteemed guidance of Mr. M.RAVI KUMAR MCA , M. Tech. Assistant Professor DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING RAJEEV GANDHI MEMORIAL COLLEGE OF ENGINEERING & TECHNOLOGY (AUTONOMOUS) NANDYAL-518501, (Estd-1995)

CONTENTS Abstract Introduction Existing System Proposed System Advantages Modules System Requirements Implementation Test cases Conclusion Project Screenshots References

ABSTRACT kAYO makes this determination based on static features of a webpage ranging from the number of I frames to the presence of known fraudulent phone numbers. Design and implement kAYO, a mechanism that distinguishes between malicious and benign mobile webpages. Demonstrate the need for mobile specific techniques and then identify a range of new static features that highly correlate with mobile malicious webpages

INTRODUCTION With the emergence of artificial intelligence (AI) techniques, learning-based approaches for detecting cyber attacks, have become further improved, and they have achieved significant results in many studies. However, owing to constantly evolving cyber attacks, it is still highly challenging to protect IT systems against threats and malicious behaviors in networks.

The security information and event management (SIEM) has been focusing on collecting and managing the alerts of IPSs. The SIEM is the most common and dependable solution among various security operations solutions to analyze the collected security events and logs. Moreover, security analysts make an effort to investigate suspicious alerts by policies and threshold, and to discover malicious behavior by analyzing correlations among events, using knowledge related to attacks.

EXISTING SYSTEM A popular approach in detecting malicious activity on the web is by leveraging distinguishing features between malicious and begin DNS usage. Both passive DNS monitoring and active DNS probing methods have been used to identify malicious domains. Some of these efforts focused solely on detecting fast flux service networks, another can also detect domains implementing phishing and drive-by-downloads .

DISADVANTAGES Existing tools such as Google Safe Browsing are not enabled on the mobile versions of browsers, thereby precluding mobile users. DNS based mechanisms do not provide deeper understanding of the specific activity implemented by a webpage or domain. Downloading and executing each webpage impacts performance and hinders scalability of dynamic approaches. URL-based techniques usually suffer from high false positive rates.

PROPOSED SYSTEM In this project, we present KAYO, a fast and reliable static analysis technique to detect malicious mobile web-pages. KAYO uses static features of mobile webpages derived from their HTML and JavaScript content, URL and advanced mobile specific capabilities. Demonstrate that the distributions of identical static features when extracted from desktop and mobile webpages vary dramatically Experimentally demonstrate that the distributions of static features used in existing techniques (e.g., the number of redirections) are different when measured on mobile and desktop webpages. Illustrate that certain features are inversely correlated or unrelated to or non-indicative to a webpage being malicious when extracted from each space.

ADVANTAGES For cyber-threat detection, the SIEM analysts spend an immense amount of effort and time to differentiate between true security alerts and false security alerts in collected events. The Data security is more since data co-owners can renew the cipher texts by appending their access policies as the dissemination conditions. The system is more secured due to Continuous policy enforcement in which the data owner’s access policy is enforced in the initial cipher text as well as the renewed cipher text.

MODULES System Model Malicious Pages Identifying relevant static features Detect malicious mobile WebPages

SYSTEM MODULES In the first module, we develop the System environment model. Website providers use JavaScript rouser agent strings to identify and then redirect mobile users to a mobile specific version. We note that not all static features used in existing techniques differ when measured on mobile and desktop webpages. Mobile websites enable access to a user’s personal information and advanced capabilities of mobile devices through weapons. Existing static analysis techniques do not consider these mobile specific functionalities in their feature set.

MALICIOUS WEBPAGES We argue that benign webpage writers take effort to provide good user experience, whereas the goal for malicious webpage authors is to trick users into performing unintentional actions with minimal effort. We therefore examine whether a webpage has no script content admeasure the number of no script. Intuitively, a Page 4 benign webpage writer will have more no script in the code tonsure good experience even for a security savvy user.

IDENTIFYING RELEVANT STATIC FEATURES We extract static features from a webpage and make predictions about its potential maliciousness. We first discuss the feature set used in kayo followed by the collection process of the dataset. Structural and lexical properties of a URL have been used to differentiate between malicious and benign Webpages. However, using only URL features for such differentiation leads to a high false positive rate. Our data gathering process included accumulating labeled benign and malicious mobile specific webpages. First, we describe an experiment that identifies and defines ‘mobile specific webpage’s.

DETECT MALICIOUS MOBILE WEB PAGES We describe the machine learning techniques we considered to tackle the problem of classifying mobile specific webpages as malicious or benign. We then discuss the strengths and weaknesses of each classification technique, and the process for selecting the best model for kayo. We build and evaluate our chosen model for accuracy, false positive rate and true positive rate. Finally, we compare kayo to existing techniques and empirically demonstrate the significance of kayo’s features.

SOFTWARE REQUIREMENTS   Operating System : Windows XP/7/8 & more Front End : JSP Database : MYSQL Programming : Java SYSTEM REQUIREMENTS

HARDWARE REQUIREMENTS Processor : Pentium Dual Core/ Core to Duo/ I Core with Minimum 1.2 GHZ Speed RAM : 2 GB Hard Disk : 120 GB

IMPLEMENTATION In the implementation phase software development is concerned with translating design specifications into source code. The primary goal of implementation is to write the source code internal documentation so that conformance of the code to its specification can be easily verified, and so that debugging, testing and modifications are erased. This goal is achieved by making the source code as clear and straightforward as possible. Simplicity, clarity and elegance are the hallmarks of good programs. security, cleverness and complexity are indications of inadequate design and misdirected thinking.

Every good coding style performs the following Do’s • Introduce user-defined data types to model entities in the problem domain. • Use a few standard, agreed-upon control statements. • Hide data structures behind access functions. • Isolate machine dependencies in a few routines. • Use indentation, parenthesis, blank lines and borders around comment blocks to enhance readability. • Carefully examine the routines having fewer than 5 or more than 25 executable statements

The following are the Don’ts of good coding style • Avoid null then statements. • Don’t put nested loops very deeply. • Carefully examine routines having more than five parameters. • Don’t use an identifier for multiple purposes.

Implementation was performed with the following objectives • Minimize the memory required. • Maximize output readability or clarity. • Maximize source text readability. • Minimize the number of source statements. • Minimize the development time. • To ease the understanding of the source code. • To put the tested system into operation while holding costs, risks and user irritation to minimum.

S. No. TEST CASES INPUT EXPECTED RESULT ACTUAL RESULT STATUS 1 User Registration Enter all fields User gets registered Registration is successful pass 2 User Registration if user miss any field User not registered Registration is un successful fail 3 Admin Login Give the user name and password Admin home page should be opened Admin home Page has been opened pass 4 User Login Give Username and password User page should be opened User page has been opened l pass 5 User Login Give Username without Password User page should not be opened User name and password is invalid fail 6 Upload Add file Select the to upload file Upload to the Database Post Upload Success Fully pass TEST CASES Table: Test case results

White Box Testing This testing is also called as glass box testing. In this testing, by knowing the specified function that a product has been designed to perform test can be conducted that demonstrates each function is fully operation at the same time searching for errors in each function. It is a test case design method that uses the control structure of the procedural design to derive test cases. Basis path testing is a white box testing. Basis Path Testing Flow graph notation Cyclamate Complexity Deriving test cases Control Structure Testing Condition testing Data flow testing Loop testing

Black Box Testing In this testing by knowing the internal operation of a product, tests can be conducted to ensure that is the internal operation performs according to specification and all internal components have been adequately exercised. It fundamentally focuses on the functional requirements of the software. The steps involved in black box test case design are: Graph based testing methods Equivalence partitioning Boundary value analysis Comparison testing Graph matrices

CONCLUSION In this paper, we have proposed the AI-SIEM system using event proles and articular neural networks. The novelty of our work lies in condensing very large-scale data into event proles and using the deep learning-based detection methods for enhanced cyber-threat detection ability. The AI-SIEM system enables the security analysts to deal with Signiant security alerts promptly and cogently by comparing long-term security data. By reducing false positive alerts, it can also help the security analysts to rapidly respond to cyber threats dispersed across a large number of security events.

PROJECT SCREEN SHOTS Screen 1: Home Page of Project

Screen 2: Login Page

Screen 3: Admin Page

Screen 4: Add Indexer

Screen 5: View URL

Screen 6: Attacker Information

Screen 7: view malware URL

Screen 8: Search Page

Screen 9: Search Result

REFERENCES [1] Gnu octave: high-level interpreted language. http://www.gnu.org/software/octave/ . [2] hp hosts, a community managed hosts file. http://hphosts.gt500.org/hosts.txt . [3] Joewein.de LLC blacklist. http://www.joewein.net/dl/bl/dom-bl-base.txt . [4] Lookout. https://play.google.com/store/apps/details?hl=en&id=com.lookout . [5] Malware Domains List. http://mirror1.malwaredomains.com/files/domains.txt . [6] Phish tank. http://www.phishtank.com/ . [7] Pindrop phone reputation service. http://pindropsecurity.com/phone-fraud-solutions/phone reputation service prs/. [8] Scrapy — an open-source web scraping framework for python. http://scrapy.org/ . [9] Virus Total. https://www.virustotal.com/en/ . [10] Google developers: Safe Browsing API. https://developers.google.com/safe-browsing/, 2012.
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 4
  • Slides 34
  • Age 560 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
45 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
48 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
44 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
41 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
43 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
42 views
View More in This Category