SEARCH KEYWORD -- Memory management


  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  SIEM Big Data Visualization [03]:Graph-Based SIEM Log Analysis Dashboard

Program Design Purpose: The purpose of this program is to develop a Graph-Based SIEM (System Information and Event Management) dashboard that visualizes network communication patterns by processing and analyzing logs from IDS, firewalls, host computers, and other security devices. This dashboard will help security analysts quickly identify and investigate potential threats by using a Cytoscape-style Node-Edge graph for intuitive data representation. The program is an angular plug in which can i...

       2024-10-26 04:31:11

  IT System Cyber Attack Case Study 01: Malicious Macro and Backdoor Trojan Attack on IT-Network

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop showcasing a practical demonstration of a red team attacker implementing an IT system/network attack via a Malicious Macro MS-Office-Word file (CVE-2015-1641) and phishing email generation program to penetrate multiple layers of firewall defenses and implant a backdoor trojan into the railway system's OT network. Related Links: GitHub Project Link , LinkedIn Post Link Attacker Vector: Malicious Macro ...

       2024-08-03 08:21:49

  Simplify Cloud Data Security: A Deep Dive Into Protecting Sensitive Data in Java

Featuring encryption, anonymization, hashing, and access control Network security incidents occur now and then, mostly caused by data leakage. Data security has aroused widespread concern, and the community keeps working hard on approaches to simplify data security, especially in sensitive data protection. Sensitive data includes but is not limited to personally identifiable information (PII) like names, ID numbers, passport numbers, driver’s license numbers, contact information like addre...

   JAVA,SECURITY,ENCRYPTION,DECRYPTION,TOKENIZATION     2023-04-28 21:22:10

  All I Know About Certificates -- Clients

 Finally, in last article we’ve covered the responsibilities of CAs, showing that being a CA isn’t simple and has high management costs, explaining why issuing certificates costs money! This article we will cover the client in this chain. Verifying Certificates as a Client For clients, verifying certificates isn’t simple either. Articles introducing TLS handshakes often mention "the server sends back a certificate, and the client verifies it," but in reality, as ...

   CLIENTS,WEBSITES,SSL CERTIFICATE,CERTIFICATE AUTHORITY,CA     2024-07-26 22:24:30

  How Query Optimizer Works in RDBMS

In a previous post, we discussed how the various relational operators are implemented in relational database systems. If you have read that post, you probably still remember that there are a few alternative implementations for every operator. Thus, how should RDBMS determine which algorithm (or implementation) to use? Obviously, to optimize the performance for any query, RDBMS has to select the correct the algorithm based on the query. It would not be desirable to always use the same algori...

   DATABASE,DATABASE DESIGN,DATABASE OPTIMIZATION     2019-04-20 07:26:32

  Mock Solutions for GoLang Unit Test

In Go development, Unit Test is inevitable. And it is essential to use Mock when writing Unit Tests. Mock can help test isolate the business logic it depends on, enabling it to compile, link, and run independently. Mock needs Stub. Stub function replaces the real business logic function, returns the required result, and assists the test. I involved the related test code for Controllers while writing Kubernetes Operator recently, and there would be mocks for GRPC and HT...

   UNIT TEST,TESTIFY,GOSTUB,GOMOCK     2020-10-31 21:59:15

  OT Railway System Development: How to Use PLC to Implement Land Based Railway Track Fixed Block Sign

Figure-00: Railway fixed block signaling system over view diagram, version v1.3 (2024) Project Design Purpose: This project aims to use Programmable Logic Controllers (PLC) with train detection sensors and train control signals to develop an automated OT system for railway track fixed block signaling control. The system will include a digital equivalent simulation to explain the logic of the track fixed block Automatic Train Control (ATC) mechanism for demonstration and training purposes. In th...

       2024-07-27 04:08:41

  Build a Kubectl Plugin from Scratch

by author The command-line tool kubectl is indispensable when using Kubernetes. You need it to query related Pod and Service information both in developing or performing some maintenance operations, such as events, scale, rolling update, etc. However, when using kubectl, there are many inconveniences. Though Kubernetes is officially maintaining kubectl¹, and you can submit the problems, improvement, and even PR in its Github Issues, you still have to wait long before its release. The m...

   KUBENETES,KUBECTL,PLUGIN,GOLANG     2020-12-02 03:43:16

  Writing Java codes conforming to coding standard

Recently, I was doing some cleanup to one of my current Java project. I find there are many codes which are not conforming to the Java coding standard. So I list them here and hope that people can improve your codes and write maintainable codes. Format source code and manage imports in Eclipse Eclipse provides functions of auto-formatting and imports management, you can use following shortcuts to use these functions. Ctrl+Shift+F --> Format source code Ctrl+Shift+O -- Manage imports an...

   Java, Code standard,Style     2012-09-18 12:50:28

RECENT