Komminist Weldemariam

Learn More
Intrusion detection systems are deployed on hosts in a computing infrastructure to tackle undesired events in the course of usage of the systems. One of the promising domains of applying intrusion detection is the healthcare domain. A typical healthcare scenario is characterized by high degree of mobility, frequent interruptions and above all demands access(More)
The use of new technologies to support voting has been and is the subject of great debate. Several people advocate the benefits it can bring-such as improved speed and accuracy in counting, accessibility, voting from home-and as many are concerned with the risks it poses, such as unequal access (digital divide), violation to secrecy and anonymity,(More)
Malicious web pages are among the major security threats on the Web. Most of the existing techniques for detecting malicious web pages focus on specific attacks. Unfortunately, attacks are getting more complex whereby attackers use blended techniques to evade existing countermeasures. In this paper, we present a holistic and at the same time lightweight(More)
Unsafely coded browser extensions can compromise the security of a browser, making them attractive targets for attackers as a primary vehicle for conducting cyber-attacks. Among others, the three factors making vulnerable extensions a high-risk security threat for browsers include: i) the wide popularity of browser extensions, ii) the similarity of browser(More)
Most existing work to thwart malicious web pages capture maliciousness via discriminative artifacts, learn a model, and detect by leveraging static and/or dynamic analysis. Unfortunately, there is a two-sided evolution of the artifacts of web pages. On one hand, cybercriminals constantly revamp attack payloads in malicious web pages. On the other hand,(More)
Unsafely or maliciously coded extensions allow an attacker to run their own code in the victim's browser with elevated privileges. This gives the attacker a large amount of control over not only the browser but the underlying machine as well. The topic of securing desktop browsers from such threats has been well studied but mitigating the same danger(More)
Any practitioner working on electronic voting (e-voting) seems to have different opinions on the main issues that seem to affect the area. On the one hand– given the criticality and the risk e-voting systems potentially pose to the democratic process–e-voting systems are permanently under a magnifying glass that amplifies any glitch, be it significant or(More)
Attacks such as XSS and SQL injections are still common in browser extensions due to the presence of potential vulnerabilities in extensions and some extensions are also malicious by design. As a consequence, much effort in the past has been spent on detecting vulnerable and malicious browser extensions. These techniques are limited to only detect either(More)
This paper presents a web-based tool to supplement defense against security misconfiguration vulnerabilities in web applications. The tool automatically audits security configuration settings of server environments in web application development and deployment. It also offers features to automatically adjust security configuration settings and(More)