发布求助
文献互助 智能选刊 最新文献

First International Conference on Availability, Reliability and Security (ARES'06)最新文献

筛选
英文 中文
Feasibility of multi-protocol attacks 多协议攻击的可行性
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.63
C. Cremers
{"title":"Feasibility of multi-protocol attacks","authors":"C. Cremers","doi":"10.1109/ARES.2006.63","DOIUrl":"https://doi.org/10.1109/ARES.2006.63","url":null,"abstract":"Formal modeling and verification of security protocols typically assumes that a protocol is executed in isolation, without other protocols sharing the network. We investigate the existence of multi-protocol attacks on protocols described in literature. Given two or more protocols, that share key structures and are executed in the same environment, are new attacks possible? Out of 30 protocols from literature, we find that 23 are vulnerable to multi-protocol attacks. We identify two likely attack patterns and sketch a tagging scheme to prevent multi-protocol attacks.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"346 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123416749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 59
Diversity to enhance autonomic computing self-protection 增强自主计算的多样性自我保护
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.55
Michael Jarrett, R. Seviora
{"title":"Diversity to enhance autonomic computing self-protection","authors":"Michael Jarrett, R. Seviora","doi":"10.1109/ARES.2006.55","DOIUrl":"https://doi.org/10.1109/ARES.2006.55","url":null,"abstract":"Self-protection is an attribute of autonomic computing systems, reflecting the requirement to proactively defend against attackers, and automatically detect and recover from attacks. As demonstrated by increasing numbers of Internet worms, a single previously unknown vulnerability can cause an entire infrastructure to crumble, due to software and hardware monocultures. One defence against complete failures is diversity: by utilizing differing implementations of software and hardware, the potential total damage from a single exploit is lessened. The self-deployment and self-configuration features of an autonomic computing infrastructure make it practical to use diversity as a self-protection mechanism. We explore the idea of using diversity as a factor in resource allocation decisions, showing how it could be used to limit the damage an attacker can inflict.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121731165","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Modeling permissions in a (U/X)ML world (U/X)ML世界中的建模权限
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.84
Muhammad Alam, R. Breu, M. Hafner
{"title":"Modeling permissions in a (U/X)ML world","authors":"Muhammad Alam, R. Breu, M. Hafner","doi":"10.1109/ARES.2006.84","DOIUrl":"https://doi.org/10.1109/ARES.2006.84","url":null,"abstract":"In this paper we present a novel approach for the specification of access rights in a service oriented architecture. Being part of the SECTET framework for model driven security for B2B-workflows, our specification language SECTET-PL for permissions is influenced by the OCL specification language and is interpreted in the context of UML models. Concerning the technological side, SECTET-PL specifications are translated into platform independent XACML permissions interpreted by a security gateway.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"173 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124231517","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 35
A selector method for providing mobile location estimation services within a radio cellular network 一种用于在无线蜂窝网络内提供移动位置估计服务的选择器方法
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.16
Junyang Zhou, J. Ng
{"title":"A selector method for providing mobile location estimation services within a radio cellular network","authors":"Junyang Zhou, J. Ng","doi":"10.1109/ARES.2006.16","DOIUrl":"https://doi.org/10.1109/ARES.2006.16","url":null,"abstract":"Mobile location estimation or mobile positioning is becoming an important service for a mobile phone network. It is well-known that GPS can provide accurate location estimation, but it is also a known fact that GPS does not perform well in urban areas like downtown New York and cities like Hong Kong. Then many mobile location estimation approaches based on radio cellular networks have been proposed to compensate the problem of the lost of GPS signals in providing location services to mobile users in metropolitan areas. In this paper, we present a selector method with the linear discriminant analysis (LDA) among different kinds of mobile location estimation technologies we had proposed in previous work in order to combine their merits, then provide a more accurate estimation for location services. We build up a three-level binary tree to classify these four algorithms. These three levels are named as Stat-Geo level, CG-nonCG level and CT-EPM level. And these success ratios of these three levels are 85.22%, 88.45% and 88.89% respectively. We have tested our selector method with real data taken in Hong Kong and it is proven that it outperforms other existing location estimation algorithms among different kinds of terrains.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126377886","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Identifying intrusions in computer networks with principal component analysis 用主成分分析法识别计算机网络入侵
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.73
Wei Wang, R. Battiti
{"title":"Identifying intrusions in computer networks with principal component analysis","authors":"Wei Wang, R. Battiti","doi":"10.1109/ARES.2006.73","DOIUrl":"https://doi.org/10.1109/ARES.2006.73","url":null,"abstract":"Most current anomaly intrusion detection systems (IDSs) detect computer network behavior as normal or abnormal but cannot identify the type of attacks. Moreover, most current intrusion detection methods cannot process large amounts of audit data for real-time operation. In this paper, we propose a novel method for intrusion identification in computer networks based on principal component analysis (PCA). Each network connection is transformed into an input data vector. PCA is employed to reduce the dimensionality of the data vectors and identification is handled in a low dimensional space with high efficiency and low use of system resources. The normal behavior is profiled based on normal data for anomaly detection and models of each type of attack are built based on attack data for intrusion identification. The distance between a vector and its reconstruction onto those reduced subspaces representing the different types of attacks and normal activities is used for identification. The method is tested with network data from MIT Lincoln labs for the 1998 DARPA intrusion detection evaluation program and testing results show that the model is promising in terms of identification accuracy and computational efficiency for real-time intrusion identification.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129851725","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 117
Improving security management through passive network observation 通过被动网络观察改进安全管理
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.74
Yohann Thomas, Hervé Debar, B. Morin
{"title":"Improving security management through passive network observation","authors":"Yohann Thomas, Hervé Debar, B. Morin","doi":"10.1109/ARES.2006.74","DOIUrl":"https://doi.org/10.1109/ARES.2006.74","url":null,"abstract":"Detailed and reliable knowledge of the characteristics of an information system is becoming a very important feature for operational security. Unfortunately, vulnerability assessment tools have important side effects on the monitored information systems. In this paper, we propose an approach to gather or deduce information similar to vulnerability assessment reports, based on passive network observation. Information collected goes beyond classic server vulnerability assessment, enabling compliance verification of desktop clients.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129555425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Highly adaptable dynamic quorum schemes for managing replicated data 用于管理复制数据的高适应性动态仲裁方案
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.72
C. Storm, Oliver E. Theel
{"title":"Highly adaptable dynamic quorum schemes for managing replicated data","authors":"C. Storm, Oliver E. Theel","doi":"10.1109/ARES.2006.72","DOIUrl":"https://doi.org/10.1109/ARES.2006.72","url":null,"abstract":"Dynamic data replication schemes perform superior compared to static schemes in terms of operation availabilities. However, most of them are bounded wrt. the replication degree, i.e. \"classic\" dynamics varies the degree in the range from one to n replicas not allowing to exceed this upper bound at run-time. In this paper, we present a new framework for adaptable dynamic replication schemes that is able to overcome this limitation by means of creating and deleting an arbitrary number of replicas at run-time. The new framework conceptually extends the dynamic general structured voting framework. The underlying concepts are presented and an example scenario is provided that compares the adaptable approach to the dynamic grid protocol via simulation. It is shown that adaptiveness increases operation availability while providing cost-efficiency.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116047669","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Modeling dependable systems using hybrid Bayesian networks 基于混合贝叶斯网络的可靠系统建模
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.83
M. Neil, Manesh Tailor, N. Fenton, D. Marquez, P. Hearty
{"title":"Modeling dependable systems using hybrid Bayesian networks","authors":"M. Neil, Manesh Tailor, N. Fenton, D. Marquez, P. Hearty","doi":"10.1109/ARES.2006.83","DOIUrl":"https://doi.org/10.1109/ARES.2006.83","url":null,"abstract":"A hybrid Bayesian network (BN) is one that incorporates both discrete and continuous nodes. In our extensive applications of BNs for system dependability assessment the models are invariably hybrid and the need for efficient and accurate computation is paramount. We apply a new iterative algorithm that efficiently combines dynamic discretisation with robust propagation algorithms on junction tree structures to perform inference in hybrid BNs. We illustrate its use on two example dependability problems: reliability estimation and diagnosis of a faulty sensor in a temporal system. Dynamic discretisation can be used as an alternative to analytical or Monte Carlo methods with high precision and can be applied to a wide range of dependability problems.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126901752","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 84
Defense trees for economic evaluation of security investments 安全投资经济评价的防御树
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.46
Stefano Bistarelli, F. Fioravanti, Pamela Peretti
{"title":"Defense trees for economic evaluation of security investments","authors":"Stefano Bistarelli, F. Fioravanti, Pamela Peretti","doi":"10.1109/ARES.2006.46","DOIUrl":"https://doi.org/10.1109/ARES.2006.46","url":null,"abstract":"In this paper we present a mixed qualitative and quantitative approach for evaluation of information technology (IT) security investments. For this purpose, we model security scenarios by using defense trees, an extension of attack trees with attack countermeasures and we use economic quantitative indexes for computing the defender's return on security investment and the attacker's return on attack. We show how our approach can be used to evaluate effectiveness and economic profitability of countermeasures as well as their deterrent effect on attackers, thus providing decision makers with a useful tool for performing better evaluation of IT security investments during the risk management process.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124198463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 173
Choosing the right wireless LAN security protocol for the home and business user 为家庭和企业用户选择正确的无线局域网安全协议
First International Conference on Availability, Reliability and Security (ARES'06) Pub Date : 2006-04-20 DOI: 10.1109/ARES.2006.42
C. Maple, H. Jacobs, M. Reeve
{"title":"Choosing the right wireless LAN security protocol for the home and business user","authors":"C. Maple, H. Jacobs, M. Reeve","doi":"10.1109/ARES.2006.42","DOIUrl":"https://doi.org/10.1109/ARES.2006.42","url":null,"abstract":"The introduction and evolution of security standards for wireless networking has been a problematic process. Flaws in the initial security standard resulted in quick-fix solutions and interoperability issues. As wireless networks are not confined to a building, there is an added security risk that radio signals can be detected externally. Wireless networking has rapidly increased in popularity over the last few years due to the flexibility it provides. Given the simultaneous growth of e-government services there is particular risk to the citizen of identity theft. This article discusses the progression of wireless security protocols since their introduction and the effect this has had on home and business users. The risks of using wireless networks are outlined in the paper and recommendations for securing wireless networks are reviewed.","PeriodicalId":106780,"journal":{"name":"First International Conference on Availability, Reliability and Security (ARES'06)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129071377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信