In Web environment a major challenge facing by the law enforcing agency is to collect accurate & effective evidences from the growing volumes of crime data. In cyber space multi-step attack involve group of action where some of these actions may be legitimate but when combine together constitute malicious activity. Code injection attack is a type of multi step attack which may be carried out by...

Accsim is a synchrotron/storage-ring tracking and simulation program that was originally written to simulate chargeexchange injection and accumulation of an intense proton beam in a KAON factory accumulator ring. It has subsequently been developed and used for other injection studies and for applications such as the optimization of collimation systems. The code performs basic six-dimensional tr...

Kernel rootkits are among the most insidious threats to computer security today. By employing various code injection techniques, they are able to maintain an omnipotent presence in the compromised OS kernels. Existing preventive countermeasures typically employ virtualization technology as part of their solutions. However, they are still limited in either (1) requiring modifying the OS kernel s...

Instruction-set randomization (ISR) obfuscates the “language” understood by a system to protect against code-injection attacks by presenting an ever-changing target. ISR was originally motivated by code injection through buffer overflow vulnerabilities. However, Stuxnet demonstrated that attackers can exploit other vectors to place malicious binaries into a victim’s filesystem and successfully ...

This paper introduces FITIn, a new fault-injection tool that supports instrumentation-based injections that are guided by annotations of the source code; FITIn allows for highly selective fault-injection tests. FITIn is implemented on top of the Valgrind framework. We present the major design decisions of FITIn and evaluate it using the Dhrystone benchmark.

BitTorrent is the most extensively used protocol in peer-to-peer systems. Its clients are widely spread worldwide and account for a large fraction of today’s Internet traffic. This paper will discuss potential attack that exploits a certain vulnerability of BitTorrent based systems. Code injection refers to force a code – which may be malicious to run inside another benign code, by inserting it...

Introduction: There are many ways to treat cancer and pain relief. One of the methods is radiopharmaceutical therapy. Indium 111-rituximab contains the radioisotope indium-111 and rituximab. The Indium-111, after decay, emits gamma rays with energies of 245 KeV and 171 KeV, and beta-radiation of 26 KeV. In this study, the absorbed dose of 111In-Rituximab in human body was calcu...

A large percentage of today’s security problems is caused by code injection vulnerabilities. Many of these vulnerabilities exist because of implicit code generation through string serialization. Based on an analysis of the underlying mechanisms, we propose a general model to outfit modern programming languages with means for explicit and secure code generation. Further, we identify the model’s ...

With the global trend of internet, many companies set up websites for international recognition and marketing. However, the hackers and potential attackers lurk on internet. More and more web attack methods have invented and threat these vulnerable websites. Recently, the “Code Injection” has become the major problem, such as SQL Injection, ASP Injection, PHP Injection and XSS (Cross Site Scrip...