发布求助
文献互助 智能选刊 最新文献

2015 Information Security for South Africa (ISSA)最新文献

筛选
英文 中文
Playing hide-and-seek: Detecting the manipulation of Android Timestamps 玩捉迷藏:检测Android时间戳的操作
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335065
H. Pieterse, M. Olivier, R. V. Heerden
{"title":"Playing hide-and-seek: Detecting the manipulation of Android Timestamps","authors":"H. Pieterse, M. Olivier, R. V. Heerden","doi":"10.1109/ISSA.2015.7335065","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335065","url":null,"abstract":"Mobile technology continues to evolve in the 21st century, providing users with improved capabilities and advance functionality. One of the leaders of this evolution is Android, a mobile operating system that continuously elevates existing features and offers new applications. Such improvements allowed Android to gain popularity worldwide. A combination of Android's advance technology and increasing popularity allow smartphones supporting this operating system to become a rich source of trace evidence. Traces found on Android smartphones form a significant part of digital investigations, especially when the user of the smartphone is involved in criminal activities. A key component of these traces is the date and time, often formed as timestamps. These timestamps allow the examiner to relate the traces found on Android smartphones to some real event that took place. Knowing when events occurred in digital investigations is of great importance to the overall success of the investigation. This paper introduces a new solution, called the Authenticity Framework for Android Timestamps (AFAT) that establishes the authenticity of timestamps found on Android smartphones. Currently the framework determines the authenticity of timestamps found in SQLite databases by following two individual methods. The first method identifies the presence of certain changes in the Android file system, which are indications of the manipulation of the SQLite databases. The second method subsequently focuses on the individual SQLite databases and the identification of inconsistencies in these databases. The presence of specific file system changes as well as inconsistencies in the associated SQLite databases indicates that authenticity of the timestamps might be compromised. The results presented in the paper provide preliminary evidence that the suggested approach, Authenticity Framework for Android Timestamps, shows potential.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"80 10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128126481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Protection of Personal Information in the South African Cloud Computing environment: A framework for Cloud Computing adoption 南非云计算环境中的个人信息保护:采用云计算的框架
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335049
D. Skolmen, M. Gerber
{"title":"Protection of Personal Information in the South African Cloud Computing environment: A framework for Cloud Computing adoption","authors":"D. Skolmen, M. Gerber","doi":"10.1109/ISSA.2015.7335049","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335049","url":null,"abstract":"Cloud Computing has advanced to the point where it may be considered an attractive proposition for an increasing number of South African organizations, yet the adoption of Cloud Computing in South Africa remains relatively low. Many organizations are hesitant to adopt Cloud solutions due to a variety of inhibiting factors and concerns that lead to the mistrust in Cloud Computing. One of the major concerns identified is information security within the Cloud Computing environment. The approaching commencement of new information security legislation in South Africa, known as the Protection of Personal Information Act (POPI), may provide an ideal opportunity to address the information security-related concerns and foster a trust relationship between potential Cloud users and Cloud providers. POPI applies to anyone who processes personal information and regulates how they must handle, store and secure that information. Cloud providers who can demonstrate that they protect personal information may be more trustworthy and therefore more attractive to potential Cloud users. This paper discusses a proposed Framework for Cloud Computing Adoption which could assist South African Cloud providers in approaching compliance with the POPI Act, providing transparency and accountability to potential Cloud users, fostering a trust relationship and ultimately promoting the adoption of Cloud Computing in South Africa.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122475446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Robustness of computational intelligent assurance models when assessing e-Commerce sites 评估电子商务网站时计算智能保证模型的鲁棒性
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335067
Thembekile O. Mayayise, I. Osunmakinde
{"title":"Robustness of computational intelligent assurance models when assessing e-Commerce sites","authors":"Thembekile O. Mayayise, I. Osunmakinde","doi":"10.1109/ISSA.2015.7335067","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335067","url":null,"abstract":"E-commerce assurance platforms continue to emerge in order to facilitate trustworthy transactional relationships between buyers and sellers. However, as the sophistication of the e-commerce environments increase, the risks associated with transacting online also increase which pose a challenge to consumers to freely transact online. Although traditional assurance models are still used by various e-commerce sites, some of these models are not robust enough to provide adequate assurance on key areas of customer concerns in the cyber space. This research proposes a robust intelligent PRAHP framework built on Analytical Hierarchy Process complemented with an evidential reasoning from page ranking. PRAHP algorithms are modularised to run concurrently whose consensus decision takes place in a decision table. PRAHP objectively extracts real-life data directly from each of the 10 e-commerce websites comparatively using assurance attributes: Advanced Security, Policy, Advanced ISO, Advanced legislation and Availability. The assurance of e-commerce sites using PRAHP was experimented on small and large e-Commerce enterprises and validated by determining the effects of varied damping factor d on PRAHP, and comparing with customer's site perceptions. The experimental results demonstrate that the proposed framework is sufficiently robust for current site assurance applications and shows the trustworthiness aspect of the framework in instances of uncertainty.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116158917","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Self-sanitization of digital images using steganography 使用隐写术的数字图像的自消毒
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335073
Tayana Morkel
{"title":"Self-sanitization of digital images using steganography","authors":"Tayana Morkel","doi":"10.1109/ISSA.2015.7335073","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335073","url":null,"abstract":"Sanitization of an image is a process where certain areas of an image are removed to keep the contents safe from unauthorised viewers. Image sanitization is often required by authorities, for example law enforcement or in legal cases, when the image contains sensitive material that should not be shown to the general public. This paper proposes a system for the self-sanitization of a digital image using information hiding, specifically image steganography, techniques to hide part of the image within the image itself. The proposed self-sanitization system allows for the removal of a specific part of the image and then uses Least Significant Bit (LSB) steganography to embed the sanitized part of the image within the rest of the image, making it unnecessary to store the sanitized and unsanitized versions of the image separately. The self-sanitization system includes a method for reducing the size of the embedded information in an attempt to make the information more difficult to detect. Experimental results show that the proposed self-sanitization system is undetectable to visual and statistical analysis techniques.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116547981","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A model for the design of next generation e-supply chain digital forensic readiness tools 设计下一代电子供应链数字取证准备工具的模型
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335075
D. Masvosvere, H. Venter
{"title":"A model for the design of next generation e-supply chain digital forensic readiness tools","authors":"D. Masvosvere, H. Venter","doi":"10.1109/ISSA.2015.7335075","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335075","url":null,"abstract":"The internet has had a major impact on how information is shared within supply chains, and in commerce in general. This has resulted in the establishment of information systems such as e-supply chains amongst others which integrate the internet and other information and communications technology (ICT) with traditional business processes for the swift transmission of information between trading partners. Many organisations have reaped the benefits of adopting the eSC model, but have also faced the challenges with which it comes. One such major challenge is information security. Digital forensic readiness is a relatively new exciting field which can prepare and prevent incidents from occurring within an eSC environment if implemented strategically. With the current state of cybercrime, tool developers are challenged with the task of developing cutting edge digital forensic readiness tools that can keep up with the current technological advancements, such as (eSCs), in the business world. Therefore, the problem addressed in this paper is that there are no DFR tools that are designed to support eSCs specifically. There are some general-purpose monitoring tools that have forensic readiness functionality, but currently there are no tools specifically designed to serve the eSC environment. Therefore, this paper discusses the limitations of current digital forensic readiness tools for the eSC environment and an architectural design for next-generation eSC DFR systems is proposed, along with the system requirements that such systems must satisfy. It is the view of the authors that the conclusions drawn from this paper can spearhead the development of cutting-edge next-generation digital forensic readiness tools, and bring attention to some of the shortcomings of current tools.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129417157","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Towards a PHP webshell taxonomy using deobfuscation-assisted similarity analysis 使用去混淆辅助相似性分析实现PHP webshell分类
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335066
Peter M. Wrench, B. Irwin
{"title":"Towards a PHP webshell taxonomy using deobfuscation-assisted similarity analysis","authors":"Peter M. Wrench, B. Irwin","doi":"10.1109/ISSA.2015.7335066","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335066","url":null,"abstract":"The abundance of PHP-based Remote Access Trojans (or web shells) found in the wild has led malware researchers to develop systems capable of tracking and analysing these shells. In the past, such shells were ably classified using signature matching, a process that is currently unable to cope with the sheer volume and variety of web-based malware in circulation. Although a large percentage of newly-created webshell software incorporates portions of code derived from seminal shells such as c99 and r57, they are able to disguise this by making extensive use of obfuscation techniques intended to frustrate any attempts to dissect or reverse engineer the code. This paper presents an approach to shell classification and analysis (based on similarity to a body of known malware) in an attempt to create a comprehensive taxonomy of PHP-based web shells. Several different measures of similarity were used in conjunction with clustering algorithms and visualisation techniques in order to achieve this. Furthermore, an auxiliary component capable of syntactically deobfuscating PHP code is described. This was employed to reverse idiomatic obfuscation constructs used by software authors. It was found that this deobfuscation dramatically increased the observed levels of similarity by exposing additional code for analysis.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134554599","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Analyzing the security posture of South African websites 分析南非网站的安全态势
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335063
J. Mtsweni
{"title":"Analyzing the security posture of South African websites","authors":"J. Mtsweni","doi":"10.1109/ISSA.2015.7335063","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335063","url":null,"abstract":"Today, public-facing websites are virtually used across all different sectors by different types of organizations for information sharing and conducting core business activities. At the same time, the increasing use of mobile devices in Africa has also propelled the deployment and adoption of web-based applications. However, as the use of websites increases, so are the cyber-attacks. Web-based attacks are prevalent across the globe, and in South Africa an increase in such attacks is being observed. Research studies also suggest that over 80% of the active websites are vulnerable to a myriad of attacks. This paper reports on a study conducted to passively analyze and determine the security posture of over 70 South African websites from different sectors. The security posture of the local websites was thereafter compared against the top ten (10) global websites. The list of the websites was mainly chosen using the Amazon's Alexa service. The focus of the study was mainly on the security defense mechanisms employed by the chosen websites. This approach was chosen because the client-side security policies, which may give an indication of the security posture of a website, can be analyzed without actively scanning multiple websites. Consequently, relevant web-based vulnerabilities and security countermeasures were selected for the analysis. The results of the study suggest that most of the 70 South African websites analyzed are vulnerable to cross-site scripting, injection vulnerabilities, clickjacking and man-in-middle attacks. Over 67% of the analyzed websites unnecessarily expose server information, approximately 50% of the websites do not protect session cookies, about 30% of the websites use secure communications, in particular for transmitting users' sensitive information, and some websites use deprecated security policies. From the study, it was also determined that South African websites lag behind in adopting basic security defense mechanisms when compared against top global websites.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131396729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Towards a digital forensic science 走向数字法医科学
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335077
M. Olivier
{"title":"Towards a digital forensic science","authors":"M. Olivier","doi":"10.1109/ISSA.2015.7335077","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335077","url":null,"abstract":"The scientific principles that underlie digital forensic science are still not clear. Possible foundations have been proposed by Gladyshev, Carrier, Cohen, The Scientific Working Group on Digital Evidence of the US Department of Justice and others. However, all these proposals, although valuable contributions, do not provide a satisfactory scientific basis. The current article argues that the search for a suitable foundation is hampered by the conflation of science used for investigative purposes and science used for probative purposes. We argue that some aspects of forensic science are indeed useful for both purposes, but that large portions of the application of science for use in matters of law are only applicable to one of these categories. The paper focuses on the probative use of science for matters of law. We suggest that the explicit focus on proof (rather than investigation) leads to a clearer understanding of the notion of the claims to be proven. Based on this it is shown that such claims may be expressed as propositions that can be proven, disproven, or determined to be ambiguous given the available evidence using well-known computing concepts. It also indicates how this approach helps one to determine the accuracy (which will not always be the opposite of error rates) of any findings. Given its specific focus the paper establishes a basis for digital forensic science without asserting that it is the only possible scientific basis.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115014098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
State-on-nationals' electronic communication surveillance in South Africa: A murky legal landscape to navigate? 南非国家对国民的电子通信监控:一个模糊的法律环境?
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335047
M. Watney
{"title":"State-on-nationals' electronic communication surveillance in South Africa: A murky legal landscape to navigate?","authors":"M. Watney","doi":"10.1109/ISSA.2015.7335047","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335047","url":null,"abstract":"The discussion concerns itself with state-on-nationals' electronic communication surveillance in South Africa. The 2013 Snowden revelations of collaboration between the United States National Security Agency and the United Kingdom Government Communications Headquarters conducting bulk surveillance of all people as well as the 2015 South African spy cable disclosures involving communications between the South African State Security Agency and other foreign intelligence agencies confirmed that surveillance technology provides for covert, mass and undiscriminating government surveillance of nationals and states. Although the latter surveillance was conducted for national security purposes, government agencies also conduct surveillance for law enforcement purposes. The question pertaining to this discussion is whether information of South African nationals is lawfully accessed and/or retained in terms of a legal framework. This should include effective checks and balances, accountability and transparency to ensure that the information gathered is effectively protected against abuse such as its utilization for means other than the original purpose for which it was accessed and/or retained. Another concern is whether different thresholds apply to the purposes in conducting state electronic communications' surveillance. The aim of the discussion is not to vilify government surveillance practices as governments carry the onerous task of protecting nationals against threats within the ever-advancing electronic communication technology medium. The aim is rather to establish whether there exist voids and/or deficiencies and if affirmative, how it could be addressed to ensure an open and transparent surveillance landscape aimed at striking a balance between security and human rights protection.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130168113","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Access control for local personal smart spaces 本地个人智能空间的访问控制
2015 Information Security for South Africa (ISSA) Pub Date : 2015-11-23 DOI: 10.1109/ISSA.2015.7335056
B. Greaves, M. Coetzee
{"title":"Access control for local personal smart spaces","authors":"B. Greaves, M. Coetzee","doi":"10.1109/ISSA.2015.7335056","DOIUrl":"https://doi.org/10.1109/ISSA.2015.7335056","url":null,"abstract":"As computer systems grow more compact, powerful and cheap to produce, they become more pervasive in society. Smart devices enable users to compute and share resources on the go. Services such as Wi-Fi Direct allow for the creation of device-to-device networks, of a peer-to-peer nature, deemed “smart spaces”. Smart spaces are capable of providing an access-point-less means to share information and resources between their peers. Recent research points to the personalisation of smart spaces, making their management more challenging. Personalised smart spaces, advanced as they may be, introduce new security challenges such as secure resource sharing. This paper consequently evaluates a family-related scenario then a LPSS access control framework is proposed, with a focus on the specific nature of LPSS environments namely, local and global sets of rules defined in local and global policies. Finally, access control rules are presented, with respect to the motivating scenario, to illustrate the operation of access control enforcement using local and global policy rules.","PeriodicalId":126848,"journal":{"name":"2015 Information Security for South Africa (ISSA)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130542160","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信