发布求助
文献互助 智能选刊 最新文献

2016 4th International Symposium on Digital Forensic and Security (ISDFS)最新文献

筛选
英文 中文
Generating high quality data for the protection of modern critical infrastructures 为保护现代关键基础设施生成高质量数据
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-05-19 DOI: 10.1109/ISDFS.2016.7473517
B. Genge, I. Kiss, P. Haller, C. Siaterlis
{"title":"Generating high quality data for the protection of modern critical infrastructures","authors":"B. Genge, I. Kiss, P. Haller, C. Siaterlis","doi":"10.1109/ISDFS.2016.7473517","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473517","url":null,"abstract":"This paper discusses the main issues regarding the procedures for generating High Quality Data (HQD) as support for conducting realistic cyber security studies on Modern Critical Infrastructures (CI). It identifies the most important requirements of what constitutes HQD: accuracy/realism, representation, and completeness. Based on these requirements, it discusses two strategies to achieve these requirements: the data collection strategy and the data generation strategy. While in the traditional Information & Technologies Communication (ICT) sector we find a variety of freely available datasets, in CI research data sources are scarce and of limited size. On the other hand, the data generation strategy has given birth to a new body of research built on the development of simulation software and of research testbeds. The paper describes two frameworks aimed at facilitating the generation of HQD for CI security research. Experimental results including the Tennessee-Eastman chemical process and the IEEE 14-bus electricity grid demonstrate the effectiveness of the developed frameworks.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131683278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Control flow change in assembly as a classifier in malware analysis 恶意软件分析中控制流变化的分类器
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-27 DOI: 10.1109/ISDFS.2016.7473514
Andree Linke, Nhien-An Le-Khac
{"title":"Control flow change in assembly as a classifier in malware analysis","authors":"Andree Linke, Nhien-An Le-Khac","doi":"10.1109/ISDFS.2016.7473514","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473514","url":null,"abstract":"As currently classical malware detection methods based on signatures fail to detect new malware, they are not always efficient with new obfuscation techniques. Besides, new malware is easily created and old malware can be recoded to produce new one. Therefore, classical Antivirus becomes consistently less effective in dealing with those new threats. Also malware gets hand tailored to bypass network security and Antivirus. But as analysts do not have enough time to dissect suspected malware by hand, automated approaches have been developed. To cope with the mass of new malware, statistical and machine learning methods proved to be a good approach classilying programs, especially when using multiple approaches together to provide a likelihood of software being malicious. In normal approach, some steps have been taken, mostly by analyzing the opcodes or mnemonics of disassembly and their distribution. In this paper, we focus on the control flow change (CFC) itself and finding out if it is significant to detect malware. In the scope of this work only relative control flow changes are contemplated, as these are easier to extract from the first chosen disassembler library and are within a range of 256 addresses. These features are analyzed as a raw feature, as n-grams of length 2, 4 and 6 and the even more abstract feature of the occurrences of the n-grams is used. Statistical methods were used as well as the Naïve-Bayes algorithm to find out if there is significant data in CFC. We also test our approach with real-world datasets.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"1 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134299718","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Practical inspection workflow for digital image forensic authentication 数字图像法医鉴定的实用检验工作流程
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473540
Jinhua Zeng, Shaopei Shi, Yan Li, Qimeng Lu
{"title":"Practical inspection workflow for digital image forensic authentication","authors":"Jinhua Zeng, Shaopei Shi, Yan Li, Qimeng Lu","doi":"10.1109/ISDFS.2016.7473540","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473540","url":null,"abstract":"Combining with newly emerging and mature practical tools in digital image forensics, we explore a typical inspection workflow for digital image forensic authentication in practical case examination. The techniques both in digital and multimedia forensics are integrated into the workflow which covers the whole life cycle inspection of digital images. We divide the workflow into the digital-based, metadata-based, and statistical-based image forensics techniques. In the digital-based image forensics, the operation system (OS) and the physical storage examination are considered. In the metadata-based image authentication, we inspect the coding related metadata. The statistical related artifact detection, such as the sensor noise, recompression, copy-pasting, resampling, etc., is included in the statistical-based image forensics. The proposed inspection workflow for digital image forensic authentication can well deal with the anti and counter forensics techniques in the image tampering.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131846844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Graphics processing unit based next generation DDoS prevention system 基于图形处理单元的下一代DDoS防御系统
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473518
Selcuk Keskin, Hasan Tugrul Erdogan, T. Koçak
{"title":"Graphics processing unit based next generation DDoS prevention system","authors":"Selcuk Keskin, Hasan Tugrul Erdogan, T. Koçak","doi":"10.1109/ISDFS.2016.7473518","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473518","url":null,"abstract":"Packet filtering is the main component of prevention systems to protect the network system of the devices against attacks. The algorithm allows the packets to access to network after passing some rules. The packets with decisions are written into a connection table that consists of essential network information. In this paper, we design and implement a massively parallel computation approach of Graphics Processing Unit (GPU) that can be used for network connection tracking. The results show that the GPU based connection table tracking algorithms achieve 90,000,000 packets per second (pps) throughput which is 35 times faster than the packet filtering function defined in Linux kernel.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"104 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121867343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Secure behavioral biometric authentication with leap motion 安全的行为生物识别认证与跳跃运动
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473528
G. Xiao, M. Milanova, Mengjun Xie
{"title":"Secure behavioral biometric authentication with leap motion","authors":"G. Xiao, M. Milanova, Mengjun Xie","doi":"10.1109/ISDFS.2016.7473528","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473528","url":null,"abstract":"In this paper we examine the effectiveness of user authentication using biometrics and behavioral motion data captured by the Leap Motion sensor. The biometrics data is derived from the user's hand and the behavioral motion data is generated when the user signs his or her signature using his or her hand in front of the sensor. We have developed a prototype system to collect experiment data from 10 participants and used the data to analyze the accuracy and effectiveness of our authentication method. The experimental results are measured by FAR, FRR, and EER. For the hand biometrics data involving 17 genuine hand samples and 162 attacking ones for each of the 10 users, the system has achieved an average EER of 34.80%. For the behavioral signature motion data involving 17 genuine samples and 262 attacking samples for each of the 10 users, the system has achieved an average EER of 3.75% Our study indicates that behavioral biometrics with Leap Motion is a viable authentication approach.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"80 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129413978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
DynamicMultiProTru: An adaptive trust model for Wireless Sensor Networks 动态多凸点:无线传感器网络的自适应信任模型
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473516
Gulustan Dogan, Koksal Avincan, T. Brown
{"title":"DynamicMultiProTru: An adaptive trust model for Wireless Sensor Networks","authors":"Gulustan Dogan, Koksal Avincan, T. Brown","doi":"10.1109/ISDFS.2016.7473516","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473516","url":null,"abstract":"In Wireless Sensor Networks nodes can get untrusted after initial setup due to different reasons such as low energy, difficult environmental conditions, unexpected attacks, hardware defects. When nodes start sending faulty data, the network creates wrong observations. Errors in data can have severe impacts in wireless sensor networks such as leading to wrong decisions mission critical networks. In our earlier work, we designed an architecture for one-hop WSNs called ProTru[1]. In ProTru a static trust threshold was chosen at the time of deployment. In this work, we redeveloped the algorithm for multi-hop networks in a way that trust thresholds are chosen dynamically. We ran simulations to test the effectiveness of this proposed architecture DynamicProTru.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131295625","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A secured resource access management in educational cloud computing environment 教育云计算环境下的安全资源访问管理
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473510
Saley Mato Idrissa, Karimou Djibo, S. Bisso, H. Saliah-Hassane
{"title":"A secured resource access management in educational cloud computing environment","authors":"Saley Mato Idrissa, Karimou Djibo, S. Bisso, H. Saliah-Hassane","doi":"10.1109/ISDFS.2016.7473510","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473510","url":null,"abstract":"The paper discusses the problems of data security in the Cloud Computing and proposes an approach based on network technologies and algorithms. The main idea is to establish a criterion of trust between the service provider and the client to control data access and updates which are operated by the owner or a third party. The method allows limiting and filtering the access, to detect corrupted data and proposes corrective action in the case of an illegal access to the cloud computing services. Similarly, this approach examines the strategies to secure the resources through a distributed cloud computing.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117351717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Veritabanlarında ışlem denetimi ve tarihsel veri modelleme yaklaşımı
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473535
Hayrettin Evirgen, Ibrahim Dokuzer
{"title":"Veritabanlarında ışlem denetimi ve tarihsel veri modelleme yaklaşımı","authors":"Hayrettin Evirgen, Ibrahim Dokuzer","doi":"10.1109/ISDFS.2016.7473535","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473535","url":null,"abstract":"Monitoring and recording of the changes which are stored (recorded) in the databases is very essential. Withdrawal of the changes without compromising data integrity in relational databases is also a significant issue. The reason of keeping too busy of the system resources by these transactions while being recorded, maintaining the data integrity, returning to a specific date in the history and the need of high storage capacity while keeping the necessary information for the control process are the main problems of these structures. There are some solutions which are dependent on the particular platforms for the creation of this mechanism. It is observed that there is a need of a structure to be used for all sub-structures. In this document, it is touched upon to the data changes in object-oriented databases with that point of view and given some information about the alternative systems which are doing the same work today. Then, it is mentioned about the new approach which can make data control in the database and work independently on database types in all systems which is using java architecture without depending on any platform and can restore the data on any specific date and any forward data changes can be made automatically.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133487811","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
The forensic effectiveness of virtual disk sanitization 虚拟磁盘消毒的取证有效性
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473530
Joshua Sablatura, Umit Karabiyik
{"title":"The forensic effectiveness of virtual disk sanitization","authors":"Joshua Sablatura, Umit Karabiyik","doi":"10.1109/ISDFS.2016.7473530","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473530","url":null,"abstract":"It is a very likely situation for a digital forensics investigator to encounter a virtual machine during an investigation. The evidence found in a vmdk disk may not necessarily belong to the virtual machine. It is possible that a vmdk disk could contain previously deleted data from the host machine. In this paper we investigate the possibility of type 1 and type 2 hypervisor virtual disks to contain previously deleted data from the host machine. We specifically tested VMware Workstation 11 and ESXi vSphere 6.0 products for each type respectively. We also attempt to identify the disk sanitization strategies employed by these products, and locations within a virtual disk that could potentially contain unallocated host data.","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126814774","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Improvement of ETSFS algorithm for secure database 安全数据库中ETSFS算法的改进
2016 4th International Symposium on Digital Forensic and Security (ISDFS) Pub Date : 2016-04-25 DOI: 10.1109/ISDFS.2016.7473519
Prathyusha Uduthalapally, Bing Zhou
{"title":"Improvement of ETSFS algorithm for secure database","authors":"Prathyusha Uduthalapally, Bing Zhou","doi":"10.1109/ISDFS.2016.7473519","DOIUrl":"https://doi.org/10.1109/ISDFS.2016.7473519","url":null,"abstract":"In the present era, one of the major encounters is data security. Most organizations store their data in huge databases that enables uncomplicated retrieval, manipulations, and also helps in an efficient way of sharing. Database security has now become a more dynamic issue as data is the greatest asset to any organization. Due to the rapid increase in the database usage, it is vulnerable to many threats like unauthorized access etc. To overcome these issues, numerous security techniques have emerged to protect the data in databases. Database encryption - a security technique involves various encryption algorithms such as, Data Encryption Standard (DES), Triple DES and Enhanced-Transposition-Substitution-Folding-Shifting (ETSFS). Each of them has its specific merits and demerits. Unlike ETSFS, has constraint on data size and number of special characters, the proposed method improvement focuses on the encryption of large data considering all types of special characters and a random generator is used for generating keys in substitution phase. The proposed methodology of the paper focused on the future work of the ETSFS algorithm and successfully implemented for securing database with the comparison of the insert and select queries of the four encryption algorithms (AES, DES, ETSFS, and Enhanced ETSFS).","PeriodicalId":136977,"journal":{"name":"2016 4th International Symposium on Digital Forensic and Security (ISDFS)","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132557693","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信