Proceedings of the 12th INDIACom; INDIACom-2018; IEEE Conference ID: 42835
2018 5 International Conference on “Computing for Sustainable Global Development”, 14 th - 16th March, 2018
th
Bharati Vidyapeeth's Institute of Computer Applications and Management (BVICAM), New Delhi (INDIA)
Salami Attacks and their Mitigation - An Overview
Nazifi Sani Alhassan
Computer Science Department
Noida International University
Greater Noida, India
Email: nalhassansani@gmail.com
Aliyu Rabiu Karmanje
Computer Science Department
Noida International University
Greater Noida, India
Email: aliyukarmanje@gmail.com
Abstract—One of the essential elements of every organization
is information. In the field of Computer Science information is
relevant in every aspect, be it in developing a software,
organization of data warehouse, sorting, searching etc. Given the
important of information, securing is particularly relevant and
should be given a high priority. Most of this company, school,
banks to mention but few contain sensible information which
when tempered can cause a serious damage to the organization.
This paper aims to describe a type of information attack or theft
called Salami fraud or simply a Salami attack. In a nutshell,
Salami attack occurs when a small piece of information is
acquired from various sources in such a way that the victims
whose information ware acquired from didn’t notice. So many
researches were carried out till date to solve the issue of Salami
attack nevertheless all of them seem to be very unrealistic. Salami
attack is correspondingly called Penny Splinter, Not Observed
Stealing (NOS) or Very Precarious When Originate Stealing
(VPWOS). The remedy for this kind of attack is achieved by
striking the thought of ethical hacking on to Salami stealing to
perceive and also precise the stealing of Profound Evidence at
prior phases.
Keywords—Salami theft, Sensitive information (SInfo),
information risk, Ethical hacking.
I. INTRODUCTION
In the present competitive world of hackers where every
computer expert is looking forward to make money or to be
famous, one of the major attack used is the Salami attack, for
this reason Salami attack is one of the most discussed attack in
computer classes or between security experts. Salami attack is
a process by which an individual steal small amount of
information from numerous sources. There are two
etymologies, which the computer experts believe are the origin
of the word ‘Salami’. The first is from institute of security
specialist, which privilege that ‘Salami denotes carving or
shaping the tinny numbers - like Salami”. Others refer to it as
“building up a significant or important object from tiny scraps
– like Salami” [1].
Copy Right © INDIACom-2018; ISSN 0973-7529; ISBN 978-93-80544-28-1
Mukhtar Opeyemi Yusuf
Computer Science Department
Noida International University
Greater Noida, India
Email: mukhtaropeyemi@gmail.com
Mahtab Alam
Computer Science Department
Noida International University
Greater Noida, India
Email: alam12mahtab@gmail.com
By means of the organization grows, the activity or some
mechanisms of the structure may be supplementary or
superfluous, which origin the alteration in planning. Any errors
through alteration lead to offer attack boundary, which
emphases to new security desires or go through the prevailing
one prudently [2]. The hazard calculation is achieved by the
subsequent phases.
 The proprietor of the association regulates the aims or
task to be attained by recognizing precarious items
(Assets) which requisite security requirements.
 Invent the shabbiest apparent of the structure
(Vulnerabilities) over which threats can deed and clues
to risk.
 Categorize the Threats and classify them using STRIDE
model (Spoofing, Tampering, Repudiation, Information
disclosure, Denial of Service, and Elevation of
Privilege) which delivers risk.
 Exuberant the threats using the DREAD classifications
(Damage potential, Reproducibility, Exploitability,
Affected Users, and discoverability) which can be
diminished with security panels (Countermeasures and
safeguards). The panels can be Practical, Operative or
Administrative.
The risk is vibrant once threat and vulnerability are
demarcated. An improved description of risk, from NIST SP
800-30, is “The disposable job influence seeing the likelihood
that a specific [threat] will work out (inadvertently triggers or
deliberately deed) a certain [vulnerability] and the subsequent
influence if this should happen. All the above mentioned four
activities are shown in Fig. 1.
4639
 Proceedings of the 12th INDIACom; INDIACom-2018; IEEE Conference ID: 42835
2018 5 International Conference on “Computing for Sustainable Global Development”, 14th - 16th March, 2018
th
Fig. 1. Risk Assessment
The real story behind the Salami attack comes from the old
“collect-the-round off” trick. Collect-the-round off scam is a
situation where by a computer scientist adjusts the
mathematics procedures such as interest calculations.
Characteristically, the calculations are accepted out to
numerous fraction places outside the habitual 2 or 3 reserved
for monetary registers. For instance, when money is in rupee,
the round figure drives up to the adjacent paisa around half the
time and down the rest of the time. These fractions of paises
when gathered by the computer scientist in to a distinct
account will lead to substantial fund without any warning to
the financial institution. Salami attacks are unfortunately very
hard to detect or noticed. The only solution towards detecting
this attack is by having random audits, especially of financial
data, when pattern of discrepancies is detected this will lead to
discovery [1].
This paper is organized into seven (7) sections. First section
contains the introduction of the Salami attack, the second
section describes the Salami attack, the third section talks
about the major types of Salami attacks, the fourth section
discuss the form of Salami attacks, the fifth section compares
Salami attacks and Salami tactics, the sixth section talks about
the detection and mitigation of the attacks, then the seventh
section is the Conclusion, Recommendation and References.
II. WHAT IS SALAMI ATTACK
A small attack that transform into a large attack is known
Salami attack. It is sometimes called Salami slicing, because
the attack occurs almost unnoticed by the victims due to the
nature of the attack. In general, Salami slicing is defined as
anything that is reduced interested in minor activities or
segments. For instance, during an automated bank transfers,
the process of acquiring minuscule segments from each deal
that figures into a big amount of illegitimately gained fund is
known as Salami slicing. When a money slices of a paises on a
deal it might drive unobserved and if it were to steal this minor
quantity from many transactions it can rapidly add up to a
large amount of money [2].
The requirement used for this kind of cyber-attack is a
computer which is castoff as together the goal and likewise an
instrument to achieve the pony-trekking of information i.e.,
theft of subtle information. This means in Salami attack the
computer is said to be the subject as well as object of an attack
[6].
Copy Right © INDIACom-2018; ISSN 0973-7529; ISBN 978-93-80544-28-1
III. TYPES OF SALAMI ATTACKS
Various small attacks that combine to form large attack that
may affect the organization’s day-to-day activities are known
as Salami attacks. There are two major types of Salami attacks
[5]:
A. Internal attacks
This is the most common type of Salami attack which
occurs when an individual working in the organization who
knows about the security system within the organization try to
steal from the organization and causes serious damage. For
example, when an accountant of a particular bank who
engaged with the bank customers on a daily basis, try to insert
a program in to the bank server that will divert one rupee (1₹)
from each customer that makes a transaction from his work
station to his account, at the end of the day after transacting
with five thousand (5,000) customers he will get a sum of
5,000 rupees (₹5000.00) into his account.
B. External attack
As the name implies, external attack is a kind of Salami
attack that occurs outside the organization. A situation where
the attacker leaves outside the organization but try to steal
information from the organization causing serious damage to
the organization is known as external attack. Salami attack is
occasionally named fragmentary approach used by the Nazi
party.
IV. FORMS OF SALAMI ATTACKS
In 1940s Salami attack was used to lunch different kind of
internet attack such as, stealing one’s internet banking
information or revealing opponent’s sensitive information
during political race for this reasons Salami attack was also
called divide and conquer.
In these present days of modern technology, there are
several and different kind of operational wallets where one can
enhance currency to the wallet and used the added money to
make online transactions (that is to buy goods or transfer the
money to another wallet) it can also be used to make payments
in an eatery, supermarket, to a taxi driver etc. this
improvement is a good technology advancement. However,
this wallet can be hacked by inserting a program in to the
wallet server to deduct a small amount of money from each
wallet, for example if one rupee ( 1) is deducted from each
wallet, would someone aware in communicating them to
crisscross about the facts? If someone acquaintances them, for
sure the telephone charges will be more than one rupee ( 1) if
there is not a toll free facility. Maximum of us won’t
cognizance loosing that one rupee ( 1). Now, if the hacker
deduct one rupee ( 1) from 5 million wallets, then he will
make a sum of 5million rupees ( 5,000,000.00). Salami
attack is classified in to two forms [4]:
A. Intentional form
This form of Salami attack refers to stealing of one’s
information knowingly, mostly for fun, fame, fund, political
uses etc. for example When we go to a mall to purchase some
4640
Salami Attacks and their Mitigation - An Overview
clothes etc. on the price tag we will see price like 1999/-
(one thousand nine hundred and nighty nine rupees) but when
we give the cashier 2000\- (two thousand rupees) he will not
give back the one rupee ( 1) change. Imagine if this were
done on 5000 customers, the cashier would accumulate a
sizable sum at the close of the day. These things are not
somewhat novel, but maximum of the individuals already
familiar about it.
B. Unintentional form
Unintentional form of Salami attack occurs accidentally,
mostly as a result of complexity of information that an
individual is working on, singularity of information source etc.
V. SALAMI ATTACK AND SALAMI TACTICS
Penny shaving, Salami slicing or Salami Attack or is
mostly based on financial crimes. The idea behind this attack is
to make the alteration so irrelevant that it would go completely
unnoticed. The idea of Salami attack is widely used not just on
financial crimes alone but also as a strategy in politics called
“Salami tactics” [10].
Salami-slice strategy or Salami tactics comprises of two
terms, threats and alliances, which is used to overcome
opposition party. This strategy occurs when several groups are
created with in the opposition party and gradually disorganize
the party piece by piece from the inside without causing any
conflict. The success of this Salami tactics depends on the
committers keeping their accurate enduring intentions
concealed and maintaining an attitude of cooperativeness and
usefulness though betrothed in the envisioned regular
dismantling [10][11].
VI. DETECTION AND MITIGATION OF SALAMI ATTACK
A. Detection
There may be different software to verify the authentication
of information in an organization but the most efficient and
effective way to detect Salami attack according to researchers
is to check each and every line of code and each and every
process and transaction (also known as white box testing)
[7][9].
B. Mitigations procedures [8]
 The organization should establish a security
policy; this policy should contain different
privileges of who can access certain
information at certain level and who to deny
such access. This will reduce the internal
attack on organizational assets.
 The organization should also frequently update
their security systems in order to avoid any
ongoing attack to the organization.
Copy Right © INDIACom-2018; ISSN 0973-7529; ISBN 978-93-80544-28-1
 The banking system should initiate both SMS
and email message to alert their customers
on any transaction that occurs and also
advise the customers to immediately report
any unaware money reduction no matter how
small it is, so the bank can update their
security system [7].
 Individuals should avoid using their date of
birth, surname, mothers name or cell phone
number as their password of their phone,
ATMs or e-banking as it can be easily
determined by the attackers.
 The most important one is bank should advise
their customer to avoid saving their bank
details inside their cell phone or on any of
their social media [9].
VII. CONCLUSION AND RECOMMENDATION
In a nutshell Salami attack is the stealing of information
from numerous sources where the victims remain unaware, this
may occur internally within an organization or externally
outside the organization and may be intentional or accidental.
The most efficient way to avoid Salami attack is to define
efficient and robust user and security policy, which may
involve keeping every sensitive information within an
organization confidential or use of multi-step security
authentication. In the impending, more augmentations can be
completed in creating warnings called as “Salami Alerts” or
“NNT alerts” as and when the stealing materialized to display
and tracks the information (asset).
Acknowledgement
The authors are very grateful to the entire reviewers for
their suggestions on all the revisions of the paper. Nazifi
Alhassan Sani acknowledges the full support of all staffs in the
Computer Science department, Noida International University,
India.
References
[1] M. E. Kabay, “Salami Fraud” Northfield VT: Norwich University.
[2] Handbook of Information Security Management: Law, Investigation, and
Ethics, www.cccure.org/Documents/HISM/522-525.html
[3] S. Bosworth and M. E. Kabay, “Computer Security Handbook”, 4th
Edition, New York: Wiley
[4] http://www.mekabay.com/index.htm
[5] A. Scott., “Salami Attacks”, www.all.net/cid/attack/papers/Salami.html
[6] www.nwfusion.com/newsletters/sec/2002/01467137.html
[7] The Security Database: Attack #93 Salami Attacks, www.all.net
4641
 Proceedings of the 12th INDIACom; INDIACom-2018; IEEE Conference ID: 42835
2018 5 International Conference on “Computing for Sustainable Global Development”, 14th - 16th March, 2018
th

[8] D. B. Parker, “Fighting Computer Crime: A New Framework for

Protecting Information,” New York: John Wiley & Sons, Inc., 1998.
[9] M. Alnatheer and K. Nelson, “A Proposed Framework for Understanding
Information Security Culture and Practices in the Saudi Context,” in
Proc. 7th Australian Information Security Management Conference, 2009,
pp. 1-3.
[10] Time Magazine - Hungary: Salami Tactics (April 14, 1952).
[11] J. Horvath, “Salami Tactics, Telepolis” Heise.de
.

Copy Right © INDIACom-2018; ISSN 0973-7529; ISBN 978-93-80544-28-1 4642