Security and Privacy in Social Networks and Big Data: 5th International Symposium, SocialSec 2019, Copenhagen, Denmark, July 14-17, 2019, Revised Selected Papers

Web scanners will not only take up the bandwidth of the server, but also collect sensitive information of websites and probe vulnerabilities of the system, which seriously threaten the security of websites. Accurate detection of Web scanners can effectively mitigate this kind of thread. Existing scanner detection methods extract features from log and differentiate between scanners and legal users with machine learning. However, these methods are unable to block scanning due to lack of behavior information of clients. To solve this problem, a Web scanner detection method based on behavioral differences is proposed. It collects request information and behavior information of clients by three modules named Passive Detection, Active Injection and Active Detection. Then, six kinds of features including fingerprint of scanners and execution ability of JavaScript code are extracted to detect whether a client is a scanner. This method makes full use of the behavior characteristics of clients and the behavioral differences between scanners and legal users. The experimental results showed the method is efficient and fast in scanner detection.

[1]  Chen Liang,et al.  Covert Timing Channels for IoT over Mobile Networks , 2018, IEEE Wireless Communications.

[2]  Chenyu Wang,et al.  An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks , 2017, Sensors.

[3]  Chen Liang,et al.  Building covert timing channels by packet rearrangement over mobile networks , 2018, Inf. Sci..

[4]  Craig A. Shue,et al.  Reporting Insider Threats via Covert Channels , 2013, 2013 IEEE Security and Privacy Workshops.

[5]  Vijay Varadharajan,et al.  The Silence of the LANs: Efficient Leakage Resilience for IPsec VPNs , 2012, IEEE Transactions on Information Forensics and Security.

[6]  Liehuang Zhu,et al.  A packet-reordering covert channel over VoLTE voice and video traffics , 2019, J. Netw. Comput. Appl..

[7]  Mauro Conti,et al.  Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks , 2018, IEEE Internet of Things Journal.

[8]  Ping Wang,et al.  Two Birds with One Stone: Two-Factor Authentication with Security Beyond Conventional Bound , 2018, IEEE Transactions on Dependable and Secure Computing.

[9]  Ping Wang,et al.  Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks , 2018, IEEE Transactions on Industrial Informatics.

[10]  Feng Xiao,et al.  SybilLimit: A Near-Optimal Social Network Defense Against Sybil Attacks , 2010, IEEE/ACM Trans. Netw..

[11]  C. Brodley,et al.  Network covert channels: design, analysis, detection, and elimination , 2006 .

[12]  Xiapu Luo,et al.  TCP covert timing channels: Design and detection , 2008, 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN).

[13]  Yuanzhang Li,et al.  A Covert Channel Over VoLTE via Adjusting Silence Periods , 2018, IEEE Access.

[14]  Chen Liang,et al.  An end-to-end covert channel via packet dropout for mobile networks , 2018, Int. J. Distributed Sens. Networks.

[15]  Ben Y. Zhao,et al.  Uncovering social network sybils in the wild , 2011, IMC '11.

[16]  Nikita Borisov,et al.  CoCo: Coding-Based Covert Timing Channels for Network Flows , 2011, Information Hiding.

[17]  E. B. Wilson Probable Inference, the Law of Succession, and Statistical Inference , 1927 .

[18]  Fengyuan Xu,et al.  SybilDefender: Defend against sybil attacks in large social networks , 2012, 2012 Proceedings IEEE INFOCOM.

[19]  Butler W. Lampson,et al.  A note on the confinement problem , 1973, CACM.

[20]  Kim-Kwang Raymond Choo,et al.  Exfiltrating data from Android devices , 2015, Comput. Secur..

[21]  Javier López,et al.  Covert communications through network configuration messages , 2013, Comput. Secur..

[22]  Da-Zhi Sun,et al.  On the security and improvement of a two-factor user authentication scheme in wireless sensor networks , 2012, Personal and Ubiquitous Computing.

[23]  Ashok Kumar Das,et al.  Anonymous Lightweight Chaotic Map-Based Authenticated Key Agreement Protocol for Industrial Internet of Things , 2020, IEEE Transactions on Dependable and Secure Computing.

[24]  Willy Susilo,et al.  Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment , 2020, IEEE Transactions on Dependable and Secure Computing.

[25]  Wojciech Mazurczyk,et al.  Evaluation of steganographic methods for oversized IP packets , 2012, Telecommun. Syst..

[26]  Ping Wang,et al.  On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions , 2014, Comput. Networks.

[27]  Zhijun Wu,et al.  An approach of steganography in G.729 bitstream based on matrix coding and interleaving , 2015 .

[28]  Michael Kaminsky,et al.  SybilGuard: defending against sybil attacks via social networks , 2006, SIGCOMM.

[29]  Yongji Wang,et al.  Improving performance of network covert timing channel through Huffman coding , 2012, Math. Comput. Model..