SecurityWorldHotel

21/03/2017

University develops technique for preventing cyber attacks

Beer Sheva, Israel

A Ben-Gurion University of the Negev (BGU) researcher has developed a new technique that could provide virtually 100 percent protection against cyber attacks launched through internet videos or images, which are a growing threat.

“Any downloaded or streamed video or picture is a potential vehicle for a cyber attack,” says Professor Ofer Hadar, chair of BGU’s Department of Communication Systems Engineering. “Hackers like videos and pictures because they bypass the regular data transfer systems of highly secure systems, and there is significant space in which to implant malicious code.”

Cyber security has become a high-profile issue, made even more so by recent Wikileaks allegations against the Central Intelligence Agency, accusing them of bypassing security encryption on a variety of smart devices.

Yet, attacks on internet video and pictures are a broader, lesser-known threat. Internet video will comprise 82 percent of all global consumer internet traffic by 2020, according to the 2016 Cisco Visual Networking Index research report. As a result, downloaded and shared videos and images are a growing target for cyber attackers.

To counter this emerging threat, Prof. Hadar developed a series of algorithms that can completely prevent attackers from being able to infiltrate and extract information through videos or pictures.

His techniques combat steganography, a process that involves hiding a message in an appropriate carrier, such as an image file. Utilising steganography, the carrier can be sent to a receiver without anyone else knowing that it contains a hidden message.

“We are dealing nowadays with the use of steganography to insert malicious codes within videos and photos to attack the viewer,” explains Prof. Hadar. “We have developed algorithms to find a solution to that problem in the ‘compressed domain.’ The idea is to manipulate the file’s ‘payload’ to remove the malicious code without damaging the data quality.”

Prof. Hadar’s approach, which he has dubbed The Coucou Project, addresses two potential attack scenarios. Both scenarios assume that basic malware has been planted on the victim's servers/hosts by means of social engineering, such as phishing scams or other means of exploiting data vulnerability. From there, the malware gathers classified information from the victim's data centre.

In the first scenario, once the user uploads an image or a video to a social network, the malware embeds the classified information into the uploaded content (making it accessible to the attacker). In the second scenario, the attacker uploads infected content to a social network or any other shared server where the malware can extract the malicious code and execute it.

“Preliminary experimental results show that a method based on a combination of Coucou Project techniques results in virtually 100 percent protection against cyber attacks,” says Prof. Hadar. “We envision that firewall and antivirus companies will be able to utilise Coucou protection applications and techniques in their products."

The Coucou Project receives funding from the BGU Cyber Security Research Center and the Basecamp Innovation Center at the Advanced Technologies Park adjacent to BGU, which is interested in developing the protective platform into a commercial enterprise.


Tags

Business News

Jim Dearing, Access control analyst at IHS Markit

Slow up take of biometrics in access market

Ever since the first fingerprint readers came to market more than a decade ago, access control industry stakeholders have eagerly anticipated the prospect of finally eliminating cards from their systems.  However, as of 2015, biometric reader sales accounted for just 30 percent of access control reader sales in the Americas. Meaning they ranked third, still behind both 125 kHz proximity and smart card readers in popularity. "Hardly the credential revolution that manufacturers were hoping for." says Jim Dearing, analyst at research company, IHS Markit.

Business News

Smart parking solution meets the challenge

In the last two decades, global economic growth has led to a tremendous increase in vehicles in almost every corner of the world. Reports have shown that in cities, most high rise apartment buildings have had difficulties managing their parking spaces. ID card issuing, billing, entrance control and payment made the entrance procedure very inefficient. Traditional smart card management systems limit the access to those who hold an allocated smart card. However, cards could be stolen and the processing of a lost card is inconvenient.

Business News

Sensit parking services improve efficiency at the Woodlands interchange in Singapore

Sensit solves parking dilemma in Singapore

The Woodlands Temporary Bus Interchange in Singapore played the role of regional bus interchange whilst the existing one was being rebuilt. The temporary station, featured with the latest technological solutions, required a smart bus parking solution for an efficient traffic flow due to these large amount of passengers. Nedap’s Sensit was installed to offer real-time occupancy information of all individual bus parking spaces at the station. This real-time information enables easy guidance of buses to the nearest available parking space. The implementation was realised by Eaglevision.

Product Suppliers
Back to top