Ivan Homoliak

  • Citations Per Year
Learn More
The purpose of this article is to describe characteristics of obfuscated network buffer overflow attacks in contrast with characteristics of directly simulated attacks. The obfuscation was performed by tunneling of malicious traffic in HTTP and HTTPS protocols. These protocols wrap a malicious communication between an attacker situated outside of an(More)
This paper presents an automated detection method based on classification of network traffic using predefined set of network metrics. We proposed the set of metrics with focus on behavior of buffer overflow attacks and their sufficient description without the need of deep packet inspection. In this paper we describe two laboratory experiments of automated(More)
The aim of the paper is to show different point of view on the problem of cryptanalysis of symmetric encryption algorithms. Our dissimilar approach, compared to the existing methods, lies in the use of the power of evolutionary principles which are in our cryptanalytic system applied with leveraging of the genetic programming (GP) in order to perform known(More)
This paper examines the detection properties of obfuscated network buffer overflow attacks by selected IDS and NBA. The obfuscation was performed by tunneling the malicious traffic in HTTP and HTTPS protocols with the intention of simulating the usual legitimate characteristics of the HTTP traffic's flow. The buffer overflow vulnerabilities of four services(More)
Nowadays wireless networks are becoming important in personal and public communication. Most of them are secured by 802.11i standard with strong AES cipher - WPA2. In many cases an attacker has the ability to listen to all encrypted network traffic, which may become a potential intrusion. Each client in wireless network is vulnerable to a variety of threats(More)
In this paper we present the design and outcome of a gamified competition that was devised in order to obtain a dataset containing realistic instances of insider threats. The competition simulated user interactions in/among competing companies, where two types of behaviors (normal and malicious) were incentivized. For the case of malicious behavior, we(More)
There are distinguished two categories of intrusion detection approaches utilizing machine learning according to type of input data. The first one represents network intrusion detection techniques which consider only data captured in network traffic. The second one represents general intrusion detection techniques which intake all possible data sources(More)
  • 1