发布求助
文献互助 智能选刊 最新文献

2008 The Fourth International Conference on Information Assurance and Security最新文献

筛选
英文 中文
A Composite Network Security Assessment 网络安全综合评估
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.59
Suleyman Kondakci
{"title":"A Composite Network Security Assessment","authors":"Suleyman Kondakci","doi":"10.1109/IAS.2008.59","DOIUrl":"https://doi.org/10.1109/IAS.2008.59","url":null,"abstract":"This paper presents a new concept of security assessment methodology while promoting several areas of its application. Attack pattern analysis, network security monitoring locally or remotely are the major application areas of this concept. Instead of testing each asset or a network node separately by applying repetitive attacks and assessments, the composite system generates and executes attacks once, composes risk data, and uses the risk data for the entire network in order to perform the overall assessment. This unique approach can be used as a model to guide development of intrusion detection systems, intelligent network security analysis, monitoring systems, and also as a complementary function in information security test and evaluation laboratories.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128270233","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Geolocation-Based Trust for Vanet's Privacy 基于地理位置的隐私信任
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.21
Jetzabel M. Serna, Jesus Luna, Manuel Medina
{"title":"Geolocation-Based Trust for Vanet's Privacy","authors":"Jetzabel M. Serna, Jesus Luna, Manuel Medina","doi":"10.1109/IAS.2008.21","DOIUrl":"https://doi.org/10.1109/IAS.2008.21","url":null,"abstract":"Research in vehicular ad hoc networks (VANETs) has evolved considerably over the last years. Security and privacy in VANETs have recently appealed special interest in the research community. In this paper we overview the main privacy concepts and explain why this concept is fundamental for wide adoption of VANETs. A set of privacy requirements for VANETs are established and studied, towards proposing a novel mechanism beyond the use of pseudonyms. In particular, this research demonstrates that there are still several challenges concerning privacy which solution is feasible to be extrapolated from highly demanding environments like e-Health. This paper reports our work in progress mainly describing the basis of a privacy mechanism that uses an authorization paradigm based on a Mandatory Access Control model and a novel mechanism that propagates trust information based on a vehicle's geolocation.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"38 11","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120838585","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 42
A Model for the Study of Privacy Issues in Secure Shell Connections 一个研究安全外壳连接中隐私问题的模型
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.46
M. Dusi, F. Gringoli, L. Salgarelli
{"title":"A Model for the Study of Privacy Issues in Secure Shell Connections","authors":"M. Dusi, F. Gringoli, L. Salgarelli","doi":"10.1109/IAS.2008.46","DOIUrl":"https://doi.org/10.1109/IAS.2008.46","url":null,"abstract":"The secure shell protocol strives to protect the privacy of its users in several ways. On one hand, the strong encryption and authentication algorithms that it adopts provide guarantees that the data exchanged between two SSH endpoints remain private to third parties. On the other hand, the type of traffic that each SSH channel transports, such as e-mail, remote shell activity, etc., is also supposed to be hidden from any observer that does not possess the necessary keys. This paper introduces a simple but accurate model of the SSH channel which can be used to study the level of privacy that SSH-protected traffic can achieve with respect to the users' activities. We think that the model can facilitate several types of projects. For example, network managers can detect traffic anomalies hidden by SSH connections more easily by relying on the output of our model. Another example, which we present in this paper, is the use of this model to derive accurate fingerprints of the type of applications run through an SSH channel by simply starting from the statistics of captured clear-text traffic. Such fingerprints can then be used to detect what type of activity, i.e., what type of traffic, is going on within an SSH channel, thereby breaking user privacy.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"18 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132756849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Provenance Tracking with Bit Vectors 用位矢量跟踪来源
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.47
Siddharta S. Gadang, B. Panda, J. Hoag
{"title":"Provenance Tracking with Bit Vectors","authors":"Siddharta S. Gadang, B. Panda, J. Hoag","doi":"10.1109/IAS.2008.47","DOIUrl":"https://doi.org/10.1109/IAS.2008.47","url":null,"abstract":"Data provenance (information about the origin of data items and the transformations that they have gone through) can be a useful security tool, particularly for forensic investigation. Provenance information can also be used to enforce information assurance concepts like integrity and authenticity. The current techniques for finding data source and lineage information are annotations and query inversion. Annotations lack scalability and require additional space for storing and querying provenance information, while query inversion incurs more time and processing overhead. In this paper, we offer fast and scalable models for computing source information, each of which are based on associating bit vectors with data sources.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134328971","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
IRC Traffic Analysis for Botnet Detection 僵尸网络检测的IRC流量分析
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.58
Claudio Mazzariello
{"title":"IRC Traffic Analysis for Botnet Detection","authors":"Claudio Mazzariello","doi":"10.1109/IAS.2008.58","DOIUrl":"https://doi.org/10.1109/IAS.2008.58","url":null,"abstract":"Networked hosts' vulnerabilities pose some serious threats to the operation of computer networks. Modern at tacks are increasingly complex, and exploit many strategies in order to perform their intended malicious tasks. Attackers have developed the ability of controlling large sets of infected hosts, characterized by complex executable command sets, each taking part in cooperative and coordinated attacks. There are many ways to perform control on an army of possibly unaware infected hosts, and an example of such techniques is discussed in this paper. We will address the problem of detecting botnets, by introducing a network traffic analysis architecture, and describing a behavioral model, for a specific class of network users, capable of identifying botnet-related activities.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133635298","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 50
Managing Reputation over MANETs 通过manet管理声誉
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.24
G. Bella, Gianpiero Costantino, S. Riccobene
{"title":"Managing Reputation over MANETs","authors":"G. Bella, Gianpiero Costantino, S. Riccobene","doi":"10.1109/IAS.2008.24","DOIUrl":"https://doi.org/10.1109/IAS.2008.24","url":null,"abstract":"The use of small portables and mobile devices has made MANETs (mobile ad hoc networks) very popular. A MANET is a network composed by a group of mobile nodes without any fixed device or a central coordination. They work in an open net and their collaboration is the sole means to allow communications and the survival of the MANET itself. A critical issue is to assess the behaviour of the nodes that participate in the network, possibly identifying selfish conduct that can compromise the functioning of the system. This paper shows a method to evaluate the behaviour of all nodes by establishing a reputation value that represents the trustworthiness of each node. A protocol is presented to calculate the reputation of a node by locally observing the node from another one, and then tuning this intermediate value with additional observations from other participants. When the reputation value of a node is available, it is circulated and distributed uniformly over the network. This reputation protocol is viable. Each node can efficiently calculate the reputation values of its neighbours and then of all network nodes. A variety of simulations conducted using the network simulator NS-2 strongly support these claims.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"80 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125147215","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Challenges for Security Typed Web Scripting Languages Design 安全类型Web脚本语言设计的挑战
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.33
D. Hassan, S. El-Kassas, I. Ziedan
{"title":"Challenges for Security Typed Web Scripting Languages Design","authors":"D. Hassan, S. El-Kassas, I. Ziedan","doi":"10.1109/IAS.2008.33","DOIUrl":"https://doi.org/10.1109/IAS.2008.33","url":null,"abstract":"This paper focuses on the different challenges to design a security typed web scripting language. It uses the type system approach on a simple imperative language that captures a subset of the security typed Web language constructs to express the security properties that must be held in the language with respect to its formal semantics to prevent insecure information flow in Web application system and hence the common Web application security vulnerabilities.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129784788","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Device Management Framework for Secure Ubiquitous Service Delivery 安全泛在服务交付的设备管理框架
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.28
Adrian Leung, C. Mitchell
{"title":"A Device Management Framework for Secure Ubiquitous Service Delivery","authors":"Adrian Leung, C. Mitchell","doi":"10.1109/IAS.2008.28","DOIUrl":"https://doi.org/10.1109/IAS.2008.28","url":null,"abstract":"In a mobile ubiquitous environment, service interactions between a user device and a service provider should be secure, regardless of the type of device used to access or consume a service. We present a secure device management framework (SDMF), designed to securely deliver services to user devices, whilst also hiding (some of) the complexity of security management from users. Key to this framework is the device management entity (DME), that manages a user device's security credentials, and interacts with service providers on its behalf. This framework also provides users with assurance that a compromised device cannot consume the delivered service, and, at the same time, prevents users from illegally sharing their credentials with other users. We achieve these objectives using trusted computing functionality and certain other security mechanisms.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115061358","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Efficient Hierarchical Group-Oriented Key Establishment and Decryption 高效分层面向组的密钥建立与解密
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.51
Sigurd Eskeland, V. Oleshchuk
{"title":"Efficient Hierarchical Group-Oriented Key Establishment and Decryption","authors":"Sigurd Eskeland, V. Oleshchuk","doi":"10.1109/IAS.2008.51","DOIUrl":"https://doi.org/10.1109/IAS.2008.51","url":null,"abstract":"In this paper, we present three related and efficient cryptographic schemes for secure communication for hierarchically composed user groups. In such a group, each user is associated with a hierarchical level, so that the group members are divided into two or more hierarchical security classes. Most existing hierarchical cryptographic schemes provide hierarchical deduction of hierarchically arranged predefined keys. In contrast, the first scheme provides secure establishment of hierarchically ordered session keys. Since it prohibits long-term key deduction for underlying (and overlying) classes, such keys do not need to be updated session-wise. An essential security property is that the users can only obtain hierarchical session keys for their own and underlying levels, while it is prevented that a user can obtain hierarchical session keys of overlying levels.This scheme is extended to a hierarchical public key cryptosystem based on the ElGamal cryptosystem, and furthermore to an ElGamal-based threshold decryption scheme. Due to the threshold security requirement, at least t arbitrary group members are required to carry out decryption. The threshold scheme requires only one round of broadcasting in the decryption phase, and is thuswell-suitable for wireless networks.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":" 21","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131893734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Steganography in Textiles 纺织品中的隐写术
2008 The Fourth International Conference on Information Assurance and Security Pub Date : 2008-09-08 DOI: 10.1109/IAS.2008.11
S. Shirali-Shahreza, M. Shirali-Shahreza
{"title":"Steganography in Textiles","authors":"S. Shirali-Shahreza, M. Shirali-Shahreza","doi":"10.1109/IAS.2008.11","DOIUrl":"https://doi.org/10.1109/IAS.2008.11","url":null,"abstract":"Covert exchange of information has been long a significant and highlighted affair. Numerous methods have been devised for the matter of which steganography is a popular one. Already applied in the past, the method has been massive used following the invention of computer. This paper discusses a new application of steganography in textiles in which information is hidden in the images on the clothes. In this way, information is first hidden by computer in images by a special method. Then the provided images are printed on clothes. The related information is extracted after scanning the images by relevant programs.","PeriodicalId":103328,"journal":{"name":"2008 The Fourth International Conference on Information Assurance and Security","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123669703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信