{"title":"Passive Wireless Host Detection Using Local RTT Timing Characteristics on an Enterprise Network","authors":"C. Mano, David A. Cieslak","doi":"10.1109/SECCOMW.2006.359581","DOIUrl":"https://doi.org/10.1109/SECCOMW.2006.359581","url":null,"abstract":"Wireless network access is a great convenience to users while at the same time can be a burden to network security personnel. This is magnified by the fact that inexpensive wireless access points can be easily installed in a network without the approval or knowledge of network administrators. For this reason, wireless host detection is an essential capability, but remains a very difficult problem. We present a passive method of detecting wireless hosts using a local RTT metric, and perform analysis on an enterprise network. Pre-processing techniques are utilized to remove noise associated with a large network, which is not present in a typical experimental lab environment, resulting in more effective wireless detection capabilities","PeriodicalId":156828,"journal":{"name":"2006 Securecomm and Workshops","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126123698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Implementation and Performance Evaluation of EAP-TLS-KS","authors":"J. Cordasco, Ulrike Meyer, S. Wetzel","doi":"10.1109/SECCOMW.2006.359535","DOIUrl":"https://doi.org/10.1109/SECCOMW.2006.359535","url":null,"abstract":"In this paper we analyze the performance of authentication protocols for roaming in 802.11i-protected WLANs. In particular, we compare the recently introduced EAP-TLS-KS protocol to standard configurations in EAP-TLS. Roaming configurations for EAP-TLS are such that all traffic is forwarded to the home network leaving the foreign network no control over the authentication. Alternatively, the foreign network handles authentication on its own, and the home network relinquishes control. In contrast, EAP-TLS-KS involves both networks and gives each of them control over the authentication. In addition to performance evaluations, we discuss how to implement EAP-TLS-KS, what difficulties one may encounter, and how they can be solved","PeriodicalId":156828,"journal":{"name":"2006 Securecomm and Workshops","volume":"120 5","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114017701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"An Identity-based Ring Signature Scheme with Enhanced Privacy","authors":"C. Gamage, Ben Gras, B. Crispo, A. Tanenbaum","doi":"10.1109/SECCOMW.2006.359554","DOIUrl":"https://doi.org/10.1109/SECCOMW.2006.359554","url":null,"abstract":"There are many applications in which it is necessary to transmit authenticatable messages while achieving certain privacy goals such as signer ambiguity. The emerging area of vehicular ad-hoc network is a good example application domain with this requirement The ring signature technique that uses an ad-hoc group of signer identities is a widely used method for generating this type of privacy preserving digital signatures. The identity-based cryptographic techniques do not require certificates. The construction of ring signatures using identity-based cryptography allow for privacy preserving digital signatures to be created in application when certificates are not readily available or desirable such as in vehicle area networks. We propose a new designated verifier identity-based ring signature scheme that is secure against full key exposure attacks even for a small group size. This is a general purpose primitive that can be used in many application domains such as ubiquitous computing where signer ambiguity is required in small groups. We consider the usefulness of identity-based cryptographic primitives in vehicular ad-hoc networks and use a specific example application to illustrate the use of identity-based ring signatures as a tool to create privacy preserving authenticatable messages","PeriodicalId":156828,"journal":{"name":"2006 Securecomm and Workshops","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131243212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"An Intellilgent Infrastructure Strategy to Improvilng the Performance and Detection Capability of Intrusion Detection Systems","authors":"E. Hooper","doi":"10.1109/seccomw.2006.359547","DOIUrl":"https://doi.org/10.1109/seccomw.2006.359547","url":null,"abstract":"Network and host intrusion detection systems (IDS) are used to identify suspicious network traffic. However, a high percentage of alerts generated by such systems are liable to be false positives. False positives create considerable administrative overheads, since these alerts typically require manual intervention from a network administrator. In order to reduce the number of false positives, we propose a novel infrastructure approach involving what we call network quarantine channels. The network quarantine channels and associated techniques are used to perform further interaction with hosts that have been identified as the source of suspicious traffic. The network quarantine channels are used to provide a more accurate assessment of the potential attacks sent by suspicious hosts, before sending the final status of the alerts to the IDS monitor for the network administrator's response","PeriodicalId":156828,"journal":{"name":"2006 Securecomm and Workshops","volume":"222 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128839855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
