Professional Documents
Culture Documents
Salami Attacks and Their Mitigation - An
Salami Attacks and Their Mitigation - An
2018 5 International Conference on “Computing for Sustainable Global Development”, 14 th - 16th March, 2018
th
Bharati Vidyapeeth's Institute of Computer Applications and Management (BVICAM), New Delhi (INDIA)
Abstract—One of the essential elements of every organization By means of the organization grows, the activity or some
is information. In the field of Computer Science information is mechanisms of the structure may be supplementary or
relevant in every aspect, be it in developing a software, superfluous, which origin the alteration in planning. Any errors
organization of data warehouse, sorting, searching etc. Given the through alteration lead to offer attack boundary, which
important of information, securing is particularly relevant and emphases to new security desires or go through the prevailing
should be given a high priority. Most of this company, school, one prudently [2]. The hazard calculation is achieved by the
banks to mention but few contain sensible information which subsequent phases.
when tempered can cause a serious damage to the organization.
This paper aims to describe a type of information attack or theft The proprietor of the association regulates the aims or
called Salami fraud or simply a Salami attack. In a nutshell, task to be attained by recognizing precarious items
Salami attack occurs when a small piece of information is (Assets) which requisite security requirements.
acquired from various sources in such a way that the victims
whose information ware acquired from didn’t notice. So many Invent the shabbiest apparent of the structure
researches were carried out till date to solve the issue of Salami (Vulnerabilities) over which threats can deed and clues
attack nevertheless all of them seem to be very unrealistic. Salami to risk.
attack is correspondingly called Penny Splinter, Not Observed
Stealing (NOS) or Very Precarious When Originate Stealing Categorize the Threats and classify them using STRIDE
(VPWOS). The remedy for this kind of attack is achieved by model (Spoofing, Tampering, Repudiation, Information
striking the thought of ethical hacking on to Salami stealing to disclosure, Denial of Service, and Elevation of
perceive and also precise the stealing of Profound Evidence at Privilege) which delivers risk.
prior phases.
Exuberant the threats using the DREAD classifications
Keywords—Salami theft, Sensitive information (SInfo), (Damage potential, Reproducibility, Exploitability,
information risk, Ethical hacking. Affected Users, and discoverability) which can be
diminished with security panels (Countermeasures and
I. INTRODUCTION safeguards). The panels can be Practical, Operative or
In the present competitive world of hackers where every Administrative.
computer expert is looking forward to make money or to be The risk is vibrant once threat and vulnerability are
famous, one of the major attack used is the Salami attack, for demarcated. An improved description of risk, from NIST SP
this reason Salami attack is one of the most discussed attack in 800-30, is “The disposable job influence seeing the likelihood
computer classes or between security experts. Salami attack is that a specific [threat] will work out (inadvertently triggers or
a process by which an individual steal small amount of deliberately deed) a certain [vulnerability] and the subsequent
information from numerous sources. There are two influence if this should happen. All the above mentioned four
etymologies, which the computer experts believe are the origin activities are shown in Fig. 1.
of the word ‘Salami’. The first is from institute of security
specialist, which privilege that ‘Salami denotes carving or
shaping the tinny numbers - like Salami”. Others refer to it as
“building up a significant or important object from tiny scraps
– like Salami” [1].
clothes etc. on the price tag we will see price like 1999/- The banking system should initiate both SMS
(one thousand nine hundred and nighty nine rupees) but when
we give the cashier 2000\- (two thousand rupees) he will not and email message to alert their customers
give back the one rupee ( 1) change. Imagine if this were on any transaction that occurs and also
done on 5000 customers, the cashier would accumulate a
sizable sum at the close of the day. These things are not advise the customers to immediately report
somewhat novel, but maximum of the individuals already any unaware money reduction no matter how
small it is, so the bank can update their
familiar about it.
B. Unintentional form security system [7].
Unintentional form of Salami attack occurs accidentally,
mostly as a result of complexity of information that an Individuals should avoid using their date of
individual is working on, singularity of information source etc.
birth, surname, mothers name or cell phone
V. SALAMI ATTACK AND SALAMI TACTICS number as their password of their phone,
Penny shaving, Salami slicing or Salami Attack or is ATMs or e-banking as it can be easily
mostly based on financial crimes. The idea behind this attack is
to make the alteration so irrelevant that it would go completely determined by the attackers.
unnoticed. The idea of Salami attack is widely used not just on
financial crimes alone but also as a strategy in politics called The most important one is bank should advise
“Salami tactics” [10]. their customer to avoid saving their bank
Salami-slice strategy or Salami tactics comprises of two details inside their cell phone or on any of
terms, threats and alliances, which is used to overcome
opposition party. This strategy occurs when several groups are their social media [9].
created with in the opposition party and gradually disorganize
the party piece by piece from the inside without causing any VII. CONCLUSION AND RECOMMENDATION
conflict. The success of this Salami tactics depends on the In a nutshell Salami attack is the stealing of information
committers keeping their accurate enduring intentions from numerous sources where the victims remain unaware, this
concealed and maintaining an attitude of cooperativeness and may occur internally within an organization or externally
usefulness though betrothed in the envisioned regular outside the organization and may be intentional or accidental.
dismantling [10][11]. The most efficient way to avoid Salami attack is to define
efficient and robust user and security policy, which may
VI. DETECTION AND MITIGATION OF SALAMI ATTACK involve keeping every sensitive information within an
A. Detection organization confidential or use of multi-step security
authentication. In the impending, more augmentations can be
There may be different software to verify the authentication completed in creating warnings called as “Salami Alerts” or
of information in an organization but the most efficient and “NNT alerts” as and when the stealing materialized to display
effective way to detect Salami attack according to researchers and tracks the information (asset).
is to check each and every line of code and each and every
process and transaction (also known as white box testing) Acknowledgement
[7][9].
The authors are very grateful to the entire reviewers for
B. Mitigations procedures [8] their suggestions on all the revisions of the paper. Nazifi
The organization should establish a security Alhassan Sani acknowledges the full support of all staffs in the
Computer Science department, Noida International University,
policy; this policy should contain different India.
privileges of who can access certain
information at certain level and who to deny
References
[1] M. E. Kabay, “Salami Fraud” Northfield VT: Norwich University.
such access. This will reduce the internal [2] Handbook of Information Security Management: Law, Investigation, and
attack on organizational assets. Ethics, www.cccure.org/Documents/HISM/522-525.html
[3] S. Bosworth and M. E. Kabay, “Computer Security Handbook”, 4th
The organization should also frequently update Edition, New York: Wiley
[4] http://www.mekabay.com/index.htm
their security systems in order to avoid any [5] A. Scott., “Salami Attacks”, www.all.net/cid/attack/papers/Salami.html
ongoing attack to the organization. [6] www.nwfusion.com/newsletters/sec/2002/01467137.html
[7] The Security Database: Attack #93 Salami Attacks, www.all.net