Fog computing (FC) is a networking paradigm where wireless devices known as fog nodes are placed at the edge of network (close to Internet Things (IoT) devices). provide services in lieu cloud. Thus, improving performance and making it attractive social media-based systems. Security issues one most challenges encountered FC. In this paper, we propose an anomaly-based Intrusion Detection Prevent...

Phishing emails are now so convincing that even experts cannot tell what is or is not genuine; though one of my own quiz errors resulted from failing to believe that genuine marketeers could possibly be so clueless! Thus I believe that education of end users will be almost entirely ineffective and education of marketing departments – to remove “click on this” (and HTML generally) from the genui...

Security of financial transactions in E-Commerce is difficult to implement and there is a risk that user’s confidential data over the internet may be accessed by hackers. Unfortunately, interacting with an online service such as a banking web application often requires certain degree of technical sophistication that not all Internet users possess. For the last couple of year such naive users ha...

This educational project uses a second generation Raspberry Pi that runs multiple Open Source software packages, to perform network penetration testing and to analyze the results. Implementing this project provides undergraduate students with practical hands-on experience and explains advanced concepts in computer hardware, operating systems, and network security. This project is fairly afforda...

In this paper, we present a systematic study of browser cache poisoning (BCP) attacks, wherein a network attacker performs a one-time Man-In-The-Middle (MITM) attack on a user’s HTTPS session, and substitutes cached resources with malicious ones. We investigate the feasibility of such attacks on five mainstream desktop browsers and 16 popular mobile browsers. We find that browsers are highly in...

The security of the Public Key Infrastructure has been reevaluated in response to Certification Authority (CA) compromise which resulted in the circulation of fraudulent certificates. These rogue certificates can and have been used to execute Man-in-the-Middle attacks and gain access to users’ sensitive information. In wake of these events, there has been a call for change to the extent of eith...

Key schedules in lightweight block ciphers are often highly simplified, which causes weakness that can be exploited in many attacks. Today it remains an open problem on how to use limited operations to guarantee enough diffusion of key bits in lightweight key schedules. Also, there are few tools special for detecting weakness in the key schedule. In 2013 Huang et al. pointed out that insufficie...