发布求助
文献互助 智能选刊 最新文献

Fourth IEEE International Workshop on Information Assurance (IWIA'06)最新文献

筛选
英文 中文
An intelligent detection and response strategy to false positives and network attacks 对误报和网络攻击的智能检测和响应策略
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-05-23 DOI: 10.1007/11760146_101
E. Hooper
{"title":"An intelligent detection and response strategy to false positives and network attacks","authors":"E. Hooper","doi":"10.1007/11760146_101","DOIUrl":"https://doi.org/10.1007/11760146_101","url":null,"abstract":"","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126346933","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Jamming commercial satellite communications during wartime an empirical study 战时干扰商业卫星通信的实证研究
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.15
H. Rausch
{"title":"Jamming commercial satellite communications during wartime an empirical study","authors":"H. Rausch","doi":"10.1109/IWIA.2006.15","DOIUrl":"https://doi.org/10.1109/IWIA.2006.15","url":null,"abstract":"Satellite communications parameters - carrier to noise ratio, bandwidth, power, and frequency - were recorded for approximately 500 satellite communication carriers continuously, over a period of 16 months. These carriers support communications for military operations in the current Iraq war. Communications outages during this period were logged and the reason for outage was determined. Some outages caused by electromagnetic interference are shown to have characteristics that would be expected if these carriers were being subjected to a hostile denial of service attack","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128361599","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
An application of information theory to intrusion detection 信息论在入侵检测中的应用
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.3
E. Eiland, L. Liebrock
{"title":"An application of information theory to intrusion detection","authors":"E. Eiland, L. Liebrock","doi":"10.1109/IWIA.2006.3","DOIUrl":"https://doi.org/10.1109/IWIA.2006.3","url":null,"abstract":"Zero-day attacks, new (anomalous) attacks exploiting previously unknown system vulnerabilities, are a serious threat. Defending against them is no easy task, however. Having identified \"degree of system knowledge\" as one difference between legitimate and illegitimate users, theorists have drawn on information theory as a basis for intrusion detection. In particular, Kolmogorov complexity (K) has been used successfully. In this work, we consider information distance (Observed_K - Expected_K) as a method of detecting system scans. Observed_K is computed directly, Expected_K is taken from compression tests shared herein. Results are encouraging. Observed scan traffic has an information distance at least an order of magnitude greater than the threshold value we determined for normal Internet traffic. With 320 KB packet blocks, separation between distributions appears to exceed 4sigma","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"145 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117075623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 30
Present and future challenges concerning DoS-attacks against PSAPs in VoIP networks VoIP网络中针对psap的dos攻击的现状和未来挑战
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.19
N. Aschenbruck, M. Frank, P. Martini, J. Tölle, Roland Legat, Heinz-Dieter Richmann
{"title":"Present and future challenges concerning DoS-attacks against PSAPs in VoIP networks","authors":"N. Aschenbruck, M. Frank, P. Martini, J. Tölle, Roland Legat, Heinz-Dieter Richmann","doi":"10.1109/IWIA.2006.19","DOIUrl":"https://doi.org/10.1109/IWIA.2006.19","url":null,"abstract":"Nowadays, voice over IP (VoIP) telephony networks are connected to classic public switched telephony networks (PSTNs). Emergency calls from VoIP peers to PSTN public service answering points (PSAPs) are possible. Through the connection of IP networks and PSTNs the PSAP may be a victim of new, more powerful denial of service (DoS) attacks. This paper describes the present and future architecture of a PSAP. Based on measurements at a PSAP the challenge of attack detection at the PSAP is revealed. Furthermore, first solutions are pointed out and evaluated","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121992184","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
The LAIDS/LIDS framework for systematic IPS design 系统IPS设计的LAIDS/LIDS框架
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.21
S. Chung, A. Mok
{"title":"The LAIDS/LIDS framework for systematic IPS design","authors":"S. Chung, A. Mok","doi":"10.1109/IWIA.2006.21","DOIUrl":"https://doi.org/10.1109/IWIA.2006.21","url":null,"abstract":"The recent outbreaks of extremely fast spreading worms highlight the inadequacy of the current patching approach. Intrusion prevention systems (IPSs) that automatically generate and apply protection to client systems have been proposed as a solution. Despite all the effort in this area, the design of IPSs remains a difficult, ad hoc process. In this paper, we propose the LAIDS/LIDS framework for systematic design of IPS. A major advantage of our framework is that IPSs designed in this framework have a very simple countermeasure-generation process. To better illustrate our idea, we have implemented a prototype IPS, the Lazy Shepherding IPS, based on our framework. Evaluation shows that the prototype is effective against all tested attacks, and incurs an overhead of less than 3% when it is configured to defend against a large number of attacks. Our prototype also avoids a lot of practical problems faced by many other IPSs","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116752675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
HonIDS: enhancing honeypot system with intrusion detection models 利用入侵检测模型增强蜜罐系统
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.14
Yong Tang, Huaping Hu, Xicheng Lu, Jie Wang
{"title":"HonIDS: enhancing honeypot system with intrusion detection models","authors":"Yong Tang, Huaping Hu, Xicheng Lu, Jie Wang","doi":"10.1109/IWIA.2006.14","DOIUrl":"https://doi.org/10.1109/IWIA.2006.14","url":null,"abstract":"Honeypots are highly valued for their detective function. However, suitable detection models use in honeypot system have not been fully explored. We present HonIDS, a honeypot system for detecting malicious hosts and intruders in local network. HonIDS is characterized by its layered structure and is enhanced by two detection models: TFRPP (times, frequency, range, port risk, average payload length) model and Bayes model. The basic idea of these models is that although it is hard to directly judge whether one interaction with the honeypots is an attack or malicious activity, it is possible to identify intruders by analyzing the plentiful and global events of honeypots in a given period of time. The TFRPP model gives the honeypot system the ability to assess different risks, by assigning dubiety scores to the hosts who visited honeypots. The Bayes detection model can detect some main types of attacks by classification. The results of our evaluation experiments indicate that TFRPP model and Bayes model are effective and suitable for honeypot system","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133986261","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Factoring high level information flow specifications into low level access controls 将高级信息流规范分解为低级访问控制
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.8
Kevin Kahley, M. Radhakrishnan, Jon A. Solworth
{"title":"Factoring high level information flow specifications into low level access controls","authors":"Kevin Kahley, M. Radhakrishnan, Jon A. Solworth","doi":"10.1109/IWIA.2006.8","DOIUrl":"https://doi.org/10.1109/IWIA.2006.8","url":null,"abstract":"Low level access controls must provide efficient mechanisms for allowing or denying operations and hence are typically based on the access matrix. However, when combining the goals of efficiency along with the support for least privilege and higher level authorization properties (such as information flow confidentiality), the resulting access controls become tedious to encode. Compositional high level specifications can be much more succinct. When combined with administrative controls, they can be robust in changing what is authorized in a controlled manner. Such specifications offer the promise of being easier to configure and understand, and in fact can be automatically analyzed for authorization properties. However, there remains the issue of how to generate the low level access control configuration from the high level specification. In this paper, we describe a factoring algorithm to algorithmically translate a high level specification of information flow authorization properties into low level access controls. In addition, several optimizations are given which dramatically reduce the size of the access control configuration generated","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126263768","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Designing a secure point-of-sale system 设计一个安全的销售点系统
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.6
A. Pedersen, Anders Hedegaard, Robin Sharp
{"title":"Designing a secure point-of-sale system","authors":"A. Pedersen, Anders Hedegaard, Robin Sharp","doi":"10.1109/IWIA.2006.6","DOIUrl":"https://doi.org/10.1109/IWIA.2006.6","url":null,"abstract":"This paper describes some experiences with using the Common Criteria for Information Security Evaluation as the basis for a design methodology when designing secure systems. As an example, the design process for a point-of-sale (POS) system is described","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127078703","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
High robustness requirements in a Common Criteria protection profile 公共标准保护配置文件中的高健壮性要求
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.13
Thuy D. Nguyen, T. Levin, C. Irvine
{"title":"High robustness requirements in a Common Criteria protection profile","authors":"Thuy D. Nguyen, T. Levin, C. Irvine","doi":"10.1109/IWIA.2006.13","DOIUrl":"https://doi.org/10.1109/IWIA.2006.13","url":null,"abstract":"The development of a Common Criteria Protection Profile for high robustness separation kernels requires explicit modifications of several common criteria requirements as well as extrapolation from existing (e.g., medium robustness) guidance and decisions. The draft U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness (SKPP) is intended to be applicable to a class of products (the target of evaluation, or TOE) that includes, but is not limited to, real time and embedded systems. This paper describes certain SKPP concepts and requirements and provides underlying motivations and rationale for their inclusion in the SKPP. Primary areas of focus are the security requirements regarding information flow, dynamic configuration, and the application of the principle of least privilege to restrict actions of active entities","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125832736","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
A remote IT security evaluation scheme: a proactive approach to risk management 远程IT安全评估方案:一种前瞻性的风险管理方法
Fourth IEEE International Workshop on Information Assurance (IWIA'06) Pub Date : 2006-04-13 DOI: 10.1109/IWIA.2006.1
Suleyman Kondakci
{"title":"A remote IT security evaluation scheme: a proactive approach to risk management","authors":"Suleyman Kondakci","doi":"10.1109/IWIA.2006.1","DOIUrl":"https://doi.org/10.1109/IWIA.2006.1","url":null,"abstract":"We present a new model to conduct security evaluation of remote assets with dedicated profiles. An alternative approach to risk management in information assurance (IA) and a related protocol for remote evaluation of information assets is presented here. Application of this protocol ensures long-term risk management, hence efficient proactive lifecycle protection of critical information systems. Due to its generic and interoperable structure based on the modern Web technologies, the protocol can be applied to risk assessment and evaluation of a multitude type of systems. The protocol consists of a secure communication architecture associated with each asset a security profile, and software services and agents that communicate over the Internet and other open networks. The secure communication architecture uses a secure exchange protocol incorporating the fast elliptic curve cryptography. Interoperable, continuous, inexpensive, time- and location-neutral, and minimum resource usage are some of its advantages. With this new notion, we also aim at inspiring developers and researchers to develop value-added security evaluation tools, techniques and procedures","PeriodicalId":156960,"journal":{"name":"Fourth IEEE International Workshop on Information Assurance (IWIA'06)","volume":"199 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133281621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信