Tuesday, August 27, 2013

Introduction to NoSQL and Neo4j graph database


What is NoSQL?

NoSQL word is derived from the word SQL. SQL stands for Structured Query Language. Basically SQL is a special kind of programming language (actually it's a query language) which is used to manage data (retrieve data  data,insert data,update existing data) in relational database management system.

So What's a relational database? If I wrote a complete description about the relational database this post will be too long to read. :) Shortly relational database uses the relational schema as the data model of the database. In a relational database data is stored as collection of relations (tables). 

So again let's come to our question. NoSQL ? 

NoSQL doesn't means Not SQL or good bye SQL. It's simply means NOT ONLY SQL. There are several common characteristics for NoSQL databases. Those are

In relational database system the relational schema is the data model of the database. So what is the data model of the NoSQL database. Actually there are several data storing models for NoSQL database. Based on those data models the NoSQL databases can be catorgorized as follows.
  • Column
  • Document
  • Key-Value
  • Graph
Next part of this document contains detailed description of the Graph data model and how to implement a simple graph database using Neo4j graph database.

Graph data Model?

Graph is the most generic data structure that we can think of when representing/ storing the data. What is a graph? It is a collection of vertices and edges.


Here in this example graph we have three vertices. Let denotes the vertices set as V={a,b,c}. If we denotes the set of edges as E, we can write E={ab,ac, bc}. The graph in the image is not a directional graph. That means the direction of the edges actually doesn't matter. But in our graph data model we uses the directional graphs.





Let's consider the following graph,

Here in this graph we have several people and their relationships. Basically in a graph database data is stored in basically two places.  They are,

  • Vertices /Nodes
  • Edges / Relationships

In this graph "Peter" is a Node. This node might contain several properties. In this case it has only one property (that is name). The edge between Node Peter and Node Ray can be called as a relationship. Relationship must have some type and might contain other properties. In this case relationship type between Peter and Ray is Knows. But it might contain other properties such as Since when peter knows Ray. Note: In this scenario Peter knows Ray, but Ray does't know Peter because there is no directed edge going from Ray to Peter. 

Now let see how to build a simple graph database using Neo4j.

What is Neo4j?

Neo4j is a NoSQL database management system which uses a graph data as the NoSQL data model. For more details you can visit Neo4j home page: http://www.neo4j.org/

How to Install Neo4j?

Installation Neo4j is extremely simple. You first have to download the Neo4j from Neo4j homepage. Neo4j is available for both windows and Linux environments.
To download the Neo4j use the following Link.

After You have downloaded the zip file uncompressed it to any location you want. In Linux environment to run the Neo4j database server just follow the below steps.
  • First go to your neo4j folder using the cd command
  • Then go inside the bin folder
  • type ./neo4j start to start the neo4j database. You can type ./neo4j-shell to start the neo4j database and neo4j-shell in the same time.
Then in the terminal it will show a localhost port number where the neo4j server runs.










In terminal showing start up of the neo4j server 














Neo4j web admin interface.

Creating Our first graph database

So let's create a simple graph database. I will create a graph database for the graph shown in the figure above.

To create a node for peter. Like that we can create nodes for all other people.


 CREATE n={name:'peter', age:'21' ,sex:'male'};  
 CREATE n={name:'slimer', age:'22' ,sex:'male'};  
 CREATE n={name:'winston', age:'20' ,sex:'male'};  
 CREATE n={name:'egon', age:'20' ,sex:'male'};  
 CREATE n={name:'ray', age:'20' ,sex:'male'};  


Now we have to represent the Relationships between these friends.

To that we need to know particular nodes with their node id.

To find all nodes in your database


 START n=NODE(*) RETURN n;  

To Create a relation ship between peter and ray and other friends

 START a=NODE(20) ,b=NODE(21) CREATE a-[r:knows]->b RETURN r;  
 START a=NODE(24) ,b=NODE(23) CREATE a-[r:knows]->b RETURN r;  
 START a=NODE(24) ,b=NODE(22) CREATE a-[r:knows]->b RETURN r;  
 START a=NODE(22) ,b=NODE(21) CREATE a-[r:knows]->b RETURN r;  




That's it. It is that simple Now we have created our simple graph.





Now Let's do some queries. If we want to find all the friends of 'ray'

 START n=NODE(24) MATCH n-[:knows]-friend RETURN friend;  



If we want to find ray's friend's friends,

 START n=NODE(24) MATCH n-[:knows]-()-[:knows]->friend RETURN friend;  






This is a very small introduction on Neo4j. It is actually very powerful database management system which enables you to do large data processing very efficiently. If you want to learn more on Neo4j Please download and read the Neo4j manual. I hope this tutorial helped you to understand the basic knowledge on the graph databases and how to use Neo4j to create simple graph database. If you have any problems regarding graph databases or Neo4j Please send me an email or Comment you question on this article. I'll try my best to answer. :)

Tuesday, August 13, 2013

Steganography with images and histogram checks

What is Steganography ?

Steganography is the hiding of a secret message within an ordinary message and the extraction of it at its destination. Here we have used an image to hide some message in side it. After encrypting the message we will try to analyze the histograms of the original image and the encrypted image to detect the differences of the images.

For more details : http://en.wikipedia.org/wiki/Steganography

Tools


Mozaiq - Online steganography tool
Mozaiq is an online steganography tool which provides a simple interface for hide plain text messages in a given image. Wikipedia states that terrorists has used this tool to send secret messages via public forum avatar images.


Mozaiq decryption tool
This decryption tool can be used to find the text message hidden in an image.


MatLab- To get histograms of the images and calculate the difference between the histograms of the images.


GIMP - To obtain visual representations of image histograms


Message


This is the message we encrypted using steganography for this experiment.



I am happy to join with you today in what will go down in history as the greatest demonstration for freedom in the history of our nation.
Five score years ago, a great American, in whose symbolic shadow we stand today, signed the Emancipation Proclamation. This momentous decree came as a great beacon light of hope to millions of Negro slaves who had been seared in the flames of withering injustice. It came as a joyous daybreak to end the long night of their captivity.
But one hundred years later, the Negro still is not free. One hundred years later, the life of the Negro is still sadly crippled by the manacles of segregation and the chains of discrimination. One hundred years later, the Negro lives on a lonely island of poverty in the midst of a vast ocean of material prosperity. One hundred years later, the Negro is still languished in the corners of American society and finds himself an exile in his own land. And so we've come here today to dramatize a shameful condition.
In a sense we've come to our nation's capital to cash a check. When the architects of our republic wrote the magnificent words of the Constitution and the Declaration of Independence, they were signing a promissory note to which every American was to fall heir. This note was a promise that all men, yes, black men as well as white men, would be guaranteed the "unalienable Rights" of "Life, Liberty and the pursuit of Happiness." It is obvious today that America has defaulted on this promissory note, insofar as her citizens of color are concerned. Instead of honoring this sacred obligation, America has given the Negro people a bad check, a check which has come back marked "insufficient funds."
But we refuse to believe that the bank of justice is bankrupt. We refuse to believe that there are insufficient funds in the great vaults of opportunity of this nation. And so, we've come to cash this check, a check that will give us upon demand the riches of freedom and the security of justice.



Side by side image view

         

Original Image Image with encrypted message        

Histograms of the Images
Histograms are obtained from both Matlab and GIMP.


           

Histogram of the Original Image




Histogram of the Encrypted message inside the image.
                                                  


Matlab code for obtaining two histograms and finding the difference between two histograms is given below. This is useful in measuring the quantitative statistical difference two images.
GIMP provides a detailed graphical interpretation of the histograms.This graphical representation provides a good sense of quantitative differences between two images.


Subtle differences in histogram peaks can be observed by carefully analyzing the two histograms.


We have used MatLab to draw the histograms of the given images. Here are the histograms created using matlab.



Here the histogram of the original image is one the left and the encrypted image’s histogram is on right.



We have coded a matlab function to calculate the differences between the histograms.  We have got an answer of 3.812e-0.005. This figure proves that there two images that we have used to calculate histograms are same to the human naked eye but they are actually two different images.

Monday, August 12, 2013

Controlling a wheel chair according to the head movements of wheel chair user (Sheersha Yathra)



Sheersha Yathra is a project carried out by the department of computer science and engineering, University of Moratuwa Sri Lanka.

I'm proud to say that I was a member in this "Sheersha Yathra" Project Group.





Abstract


As a result of civil war which existed for three decades there are many soldiers who have been affected. So as engineering students we thought that it is our responsibility to utilize our knowledge and capabilities in a way that is beneficial to the country. The motivation behind this project is to support for such an officer who has not control below his neck.
At the moment he is staying at Mihindu Seth Madura. What we noticed was that he cannot do anything of his own. What he requested mainly was a way to move his wheel chair of his own.

So we came with up an idea to carry on a project which results in making a wheel chair which can be moved according to the head movements of the officer’s head.

Our Solution
To control the wheelchair according to the head movements of the user we have fixed a two dimensional tilt sensor in the user's head. According to the angle which the user's head is angled we will generate an analog signal and pass that analog signal to the main circuit board of the wheelchair. So the electric wheelchair main circuit board thinks that the signal is came from the joystick of the wheelchair. It will be a burden if the wheelchair is always controlled according to the head movements of the user. so user has given facility to activate and deactivate the head movement control of the wheelchair according to the voice commands of the user. We have use an arduino Mega board as the main control board of out project. We have connected a Voice recognition chip, R2R ladder to generate the analog signal. 


Here is a demo video of the Project




System Security Assessment of the Moddle


Moodle is an open source learning management System. Our university uses a some Open source version of this moodle.  In this article I try to explain some weakness currently present in the moodle.

Selected organization



LearnOrg moodle- University of Moratuwa



The tools we have used in this System security assessment are, 

  • metasploit 4.7
  • nmap
  • wireshark

Vulnerability identification



vulnerabilities are system defects that an attacker can use to launch an attack against the system. In the UOM moodle we have tried out some tests to detect vulnerabilities. All these tests were carried out using the current UOM moodle which is accessible at https://lms.uom.lk.


Test 1 Attempting Session Hijacking on the Same Machine



To see if session hijacking can be done two separate browsers were installed in the same machine. We have used Firefox and Google chrome browsers for this test. First we logged in to the moodle student account using Google chrome browser with cookies enabled. We can get the cookie values for the moodle session using the Google browser.

After using these cookie values we have created new cookies in Firefox using the cookie manager add-on. Then when we visit to the module in Firefox we will automatically redirected to the student account who logged in Google browser. So session hijacking is a one vulnerability in the UOM Moodle system.








Test 2 Attempting Session Hijacking over a network



Session values are not encrypted in http packets. Packet sniffing tool like wireshark can be easily used to track packets and get the session variables. Those can be copied into cookies in firefox and successfully login to the account.
We started wireshark and filtered to track ip packets. While it was running logged in to an user account in moodle.Then we stopped wireshark tracking packets. And analyze one by one packets.

Following is the ip packet with session variable.






Then we simply copied those variables into firefox and reloaded moodle. We successfully logged into the account. To perform this attack passive tampering is needed on the network connection which the target user machine is connecte



Test 3 identification of open/closed ports



nmap can be used to identify server details and its open and closed ports. A good security practice is hiding unused or security critical ports from the public. By this nmap search we discovered port 80, port 443 and port 631. So this is a good security move against attackers who are trying to launch DoS attacks on the server.


nmap -A lms.uom.lk


Starting Nmap 5.21 ( http://nmap.org ) at 2013-08-06 15:30 IST
Nmap scan report for lms.uom.lk (192.248.8.105)
Host is up (0.85s latency).
Not shown: 997 filtered ports
PORT STATE  SERVICE  VERSION
80/tcp  open   http Apache httpd 2.2.3 ((Red Hat))
|_html-title: Site doesn't have a title (text/html; charset=UTF-8).
443/tcp open   ssl/http Apache httpd 2.2.3 ((Red Hat))
|_html-title: Site doesn't have a title (text/html; charset=UTF-8).
631/tcp closed ipp


Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 69.74 seconds


Test 4 brute-force attacks to crack a password of a specific user



Number of attempts to login is stored in a cookie file. This is not a good security practice because an attacker can write a program to automatically reset the cookie file, he can continue to try new password values without being blocked.

So this introduces another security vulnerability which has to be addressed by the server end to ensure that no attacker is allowed to try a wrong password more than a certain number of times.









Threat identification



Following threats are present in the moodle system according to the tests that have been performed.


  • User account hacks
  • Server shutdowns and DoS attacks
  • User security policy violations



Attack identification



Attacks can be deployed by using the vulnerabilities.  


  • Session hijacking on the same machine.
  • Session hijacking through network interfaces.
  • automated user name- password brute force attacks.


Vulnerability-to-attack mapping



System vulnerabilities and respective attacks are listed below.


  • server port exposure - DoS attacks
  • inadequate security for cookie files - Session hijacking in same machine and through network interface.
  • session management by only using cookies - Brute force attacks by resetting cookies


Attack risk assessment



  • Identified risks are highly critical because an attacker can steal sensitive information or completely take down the system by gaining access to the system.
  • Data confidentiality and integrity is breached by such an attack and sensitive user data can be exposed to the public.
  • Availability of the service can also be compromised if an DoS attack is deployed.




Risk mitigation approaches/techniques covering software security



  • Decouple security options from cookie files because using cookies to control sessions is not a good security  practice and it could violate security policies. (attackers can easily use session variables in cookies to attack system)
  • Close all unused ports and block unauthorized access.
  • Increase security of the server center in order to increase physical security.


Physical security



  • Only authorized people are allowed to access the server rooms.  
  • Implementing a surveillance camera facility is recommended.



Data security



Sql injection threats are not found in the system. Databases should be kept securely so that no unauthorized access can be performed on the data.


User security

Session hijacking is present in the moodle system. So session management shall be improved to prevent this.


Server security


nmap can be used to identify open and closed ports on a remote server. If these details are known, an attacker may deploy a malicious application to a specific port.