发布求助
文献互助 智能选刊 最新文献

2009 International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
Enhancing Computer Forensics Investigation through Visualisation and Data Exploitation 通过可视化和数据利用加强计算机取证调查
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.120
G. Osborne, B. Turnbull
{"title":"Enhancing Computer Forensics Investigation through Visualisation and Data Exploitation","authors":"G. Osborne, B. Turnbull","doi":"10.1109/ARES.2009.120","DOIUrl":"https://doi.org/10.1109/ARES.2009.120","url":null,"abstract":"This paper focuses on establishing the need for new architectures on which to build visualisation systems that enhance computer forensic investigation of digital evidence. The issues surrounding processing of large quantities of digital evidence are established. In addition, the current state of visualisation and data analysis techniques for computer forensics are highlighted. This paper suggests need for new visualisation techniques in order to display data in familiar visual forms that facilitate efficient insight gaining into digital evidence. Visualisations techniques also require a source of processed data that contains context relevant information to present to an investigator. To this end this paper introduces the notion of data exploitation as a way to describe techniques that provide opportunistic data analysis across multiple sources of digital evidence. Data exploitation techniques provide normalisation techniques, event correlation, relationship extraction and investigative domain knowledge processing to occur across a set of evidence. This enables a visual representation of digital evidence to highlight relationships and events across many data sources, support an investigator throughout the entire data analysis process and enable an investigator to focus on the context of the current crime.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121116082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Detecting Image Tampering Using Feature Fusion 利用特征融合检测图像篡改
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.150
Pin Zhang, Xiangwei Kong
{"title":"Detecting Image Tampering Using Feature Fusion","authors":"Pin Zhang, Xiangwei Kong","doi":"10.1109/ARES.2009.150","DOIUrl":"https://doi.org/10.1109/ARES.2009.150","url":null,"abstract":"Along with the development of sophisticated image processing software, it is getting easier forging a digital image but harder to detect it. It is already a problem for us to distinguish tampered photos from authentic ones. In this paper, we propose an approach based on feature fusion to detect digital image tampering. First, we extract the feature statistics that can represent the property of a camera from the images taken by that camera. These feature statistics are used for training a one-class classifier in order to get the feature pattern of the given camera. Then, we do sliding segmentation to testing images. Finally, feature statistics extracted from image blocks are fed into the trained one-class classifier to match the feature pattern of the given camera. The images with low percentage of matched blocks are classified as tampered ones. Our method could achieve a high accuracy in detecting the tampered images that undergone post-processing such as JPEG compression, re-sampling and retouching.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"257 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115009587","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Defeating Dynamic Data Kernel Rootkit Attacks via VMM-Based Guest-Transparent Monitoring 通过基于虚拟机的客户透明监控击败动态数据内核Rootkit攻击
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.116
J. Rhee, Ryan D. Riley, Dongyan Xu, Xuxian Jiang
{"title":"Defeating Dynamic Data Kernel Rootkit Attacks via VMM-Based Guest-Transparent Monitoring","authors":"J. Rhee, Ryan D. Riley, Dongyan Xu, Xuxian Jiang","doi":"10.1109/ARES.2009.116","DOIUrl":"https://doi.org/10.1109/ARES.2009.116","url":null,"abstract":"Targeting the operating system kernel, the core of trust in a system, kernel rootkits are able to compromise the entire system, placing it under malicious control, while eluding detection efforts. Within the realm of kernel rootkits, dynamic data rootkits are particularly elusive due to the fact that they attack only data targets. Dynamic data rootkits avoid code injection and instead use existing kernel code to manipulate kernel data. Because they do not execute any new code, they are able to complete their attacks without violating kernel code integrity. We propose a prevention solution that blocks dynamic data kernel rootkit attacks by monitoring kernel memory access using virtual machine monitor (VMM) policies. Although the VMM is an external monitor, our system preemptively detects changes to monitored kernel data states and enables fine-grained inspection of memory accesses on dynamically changing kernel data. In addition, readable and writable kernel data can be protected by exposing the illegal use of existing code by dynamic data kernel rootkits.We have implemented a prototype of our system using the QEMU VMM. Our experiments show that it successfully defeats synthesized dynamic data kernel rootkits in real-time, demonstrating its effectiveness and practicality.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133860423","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 95
Applying an MDA-Based Approach to Consider Security Rules in the Development of Secure DWs 基于mda的安全规则在安全数据仓库开发中的应用
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.68
C. Blanco, I. G. D. Guzmán, E. Fernández-Medina, J. Trujillo, M. Piattini
{"title":"Applying an MDA-Based Approach to Consider Security Rules in the Development of Secure DWs","authors":"C. Blanco, I. G. D. Guzmán, E. Fernández-Medina, J. Trujillo, M. Piattini","doi":"10.1109/ARES.2009.68","DOIUrl":"https://doi.org/10.1109/ARES.2009.68","url":null,"abstract":"Data Warehouses (DWs) manage crucial information for enterprises which must be protected from unauthorized accesses. The  question of which security issues are present in all stages of the DW design is therefore of great  importance when considering these security constraints in design decisions. We have used the Model Driven Architecture (MDA) approach to propose an MDA architecture with which to develop secure DWs, which defines secure models at different abstraction levels along with their automatic transformation between models. Our approach considers a multidimensional path towards On-Line Analytical Processing (OLAP) tools, but did not, until now, support the transformation of complex security rules from conceptual models. After carrying out a modification of our conceptual metamodel to support a better representation of security rules and to define several sets of transformation rules, this paper shows how to transform these security rules through an example.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130530646","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Capturing Information Flow with Concatenated Dynamic Taint Analysis 用串联动态污点分析捕获信息流
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.56
Hyung Chan Kim, A. Keromytis, M. Covington, R. Sahita
{"title":"Capturing Information Flow with Concatenated Dynamic Taint Analysis","authors":"Hyung Chan Kim, A. Keromytis, M. Covington, R. Sahita","doi":"10.1109/ARES.2009.56","DOIUrl":"https://doi.org/10.1109/ARES.2009.56","url":null,"abstract":"Dynamic taint analysis (DTA) is a technique used for tracking information flow by propagating taint propagation across memory locations during program execution. Most implementations of DTA are based on dynamic binary instrumentation (DBI) frameworks or whole-system emulators/virtual machine monitors. The boundary of information tracking with DBI frameworks is a single process, while system emulators can cover a host, including the OS. Using system emulators, it may be possible to consider taint propagation across multiple processes executing locally, within the emulator. However, there is an increasing need for tracking information flow across single-system boundaries and across the whole enterprise. We describe a proof-of-concept architecture for tracking multiple mixed-information flows among several processes across a distributed enterprise. Our DTA tool is based on PIN, a DBI framework by Intel, and the concatenated DTA processing is realized with per-host flow managers. We have tested our prototype with typical enterprise applications. As a motivating example, we track information leakage due to a SQL injection attack from a web-based database server query. Our work is of an exploratory nature, aiming to expose our early findings and identify areas where additional research is needed in improving usability and performance.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124910956","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
Proactive Resource Management for Failure Resilient High Performance Computing Clusters 面向故障弹性高性能计算集群的主动资源管理
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.13
S. Fu, Chengzhong Xu
{"title":"Proactive Resource Management for Failure Resilient High Performance Computing Clusters","authors":"S. Fu, Chengzhong Xu","doi":"10.1109/ARES.2009.13","DOIUrl":"https://doi.org/10.1109/ARES.2009.13","url":null,"abstract":"Virtual machine (VM) technology provides an additional layer of abstraction for resource management in high performance computing (HPC) systems. In large-scale computing clusters, component failures become norms instead of exceptions, caused by the ever-increasing system complexity. VM construction and reconfiguration is a potent tool for efficient online system maintenance and failure resilience. In this paper, we study how VM-based HPC clusters benefits from failure prediction in resource management for dependable computing. We consider both the reliability and performance status of compute nodes in making selection decisions. We define a capacity-reliability metric to combine the effects of both factors, and propose the Best-fit algorithm to find the best qualified nodes on which to instantiate VMs to run user jobs. We have conducted experiments using failure traces from the Los Alamos National Laboratory (LANL) HPC clusters. The results show the enhancement of system dependability by using our proposed strategy with practically achievable accuracy of failure prediction. With the Best-fit strategies, the job completion rate is increased by 10.5% compared with that achieved in the current LANL HPC cluster. The task completion rate reaches 82.5% with improved utilization of relatively unreliable nodes.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129104351","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Building a Responsibility Model Including Accountability, Capability and Commitment 建立包括问责、能力和承诺的责任模型
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.45
C. Feltus, Michaël Petit
{"title":"Building a Responsibility Model Including Accountability, Capability and Commitment","authors":"C. Feltus, Michaël Petit","doi":"10.1109/ARES.2009.45","DOIUrl":"https://doi.org/10.1109/ARES.2009.45","url":null,"abstract":"This paper aims at building a responsibility model based on the concepts of Accountability, Capability and Commitment. The model's objectives are firstly to help organizations for verifying the organizational structure and detecting policy problems and inconsistency. Secondly, the paper brings up a conceptual framework to support organization for defining their corporate, security and access control policies. Our work provides a preliminary review of the researches performed in that field and proposes, based on the analyses, an UML responsibility model and a definition of all its concepts. Thereafter, to propose a formal representation of the model, we have selected the suitable language and logic system. The analyze highlights that an important variable is whether the responsibility is perceived at a user or at a company level.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128071459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 33
Identifying and Resolving Least Privilege Violations in Software Architectures 识别和解决软件架构中的最小权限冲突
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.48
Koen Buyens, Bart De Win, W. Joosen
{"title":"Identifying and Resolving Least Privilege Violations in Software Architectures","authors":"Koen Buyens, Bart De Win, W. Joosen","doi":"10.1109/ARES.2009.48","DOIUrl":"https://doi.org/10.1109/ARES.2009.48","url":null,"abstract":"Security principles, like least privilege, are among the resources in the security body of knowledge that survived the test of time. The implementation of these principles in a software architecture is difficult, as there are no systematic rules on how to apply them in practice. As a result, they are often neglected, which lowers the overall security level of the software system and increases the cost necessary to fix this later in the development life-cycle.This paper improves the support for least privilege in software architectures by (i) defining the foundations to identify potential violations of the principle herein and (ii) elicitating architectural transformations that positively impact the security properties of the architecture, while preserving the semantics thereof. These results have been implemented and validated in a number of case studies.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122862785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Including Security Rules Support in an MDA Approach for Secure DWs 在安全数据仓库的MDA方法中包括安全规则支持
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.67
C. Blanco, I. G. D. Guzmán, E. Fernández-Medina, J. Trujillo, M. Piattini
{"title":"Including Security Rules Support in an MDA Approach for Secure DWs","authors":"C. Blanco, I. G. D. Guzmán, E. Fernández-Medina, J. Trujillo, M. Piattini","doi":"10.1109/ARES.2009.67","DOIUrl":"https://doi.org/10.1109/ARES.2009.67","url":null,"abstract":"Information security is a crucial aspect for enterprises that has to be considered as a strong requirement from the early stages of the development process and Data Warehouses (DWs) manage highly important information used to make strategic decisions which has to be protected from unauthorized users. In order to develop secure DWs we have proposed a Model Driven Architecture (MDA) composed of several secure metamodels at different abstraction levels and transformations between them. Lately, a specialization  of this architecture considering a multidimensional approach towards On-Line Analytical Processing (OLAP) tools has been defined, but the support to automatically transform complex security rules has not been dealt with so far.  This paper analyzes this lack and defines improvements in our metamodels and a set of transformations between models in order to fulfill our MDA approach.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122869378","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
hACMEgame: A Tool for Teaching Software Security hACMEgame:一个软件安全教学工具
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.135
Øyvind Nerbråten, Lillian Røstad
{"title":"hACMEgame: A Tool for Teaching Software Security","authors":"Øyvind Nerbråten, Lillian Røstad","doi":"10.1109/ARES.2009.135","DOIUrl":"https://doi.org/10.1109/ARES.2009.135","url":null,"abstract":"Digital game-based learning has a great potential and can make a strong addition to traditional teaching within the field of software security. It can help improve the education of current and future software developers, by giving them hands-on experience in a controlled environment. This paper presents the results from the development process and evaluation of a digital learning game for teaching software security to computer science students. The purpose has been to design and implement a learning game, but also to test the game on the student body, in order to gather data to help evaluate and improve it. The game is not meant to replace traditional teaching, but as an alternative and complementary way of teaching software security and help raise awareness and interest in the subject as well as train developers.The implemented game is Web-based, which means the users only need a Web browser to play it. It simulates security vulnerabilities commonly found in Web applications, to help give students hands-on security experience in a controlled environment.The game is based on design suggestions from other studies within digital game-based learning and evaluated based on data collected from user testing and user feedback. The game evaluation has resulted in several suggestions on how to improve the learning game and the overall learning process, as well as suggestions for further studies.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115228786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信