发布求助
文献互助 智能选刊 最新文献

2009 International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
Server-Side Prediction of Source IP Addresses Using Density Estimation 使用密度估计源IP地址的服务器端预测
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.113
Markus Goldstein, Matthias Reif, A. Stahl, T. Breuel
{"title":"Server-Side Prediction of Source IP Addresses Using Density Estimation","authors":"Markus Goldstein, Matthias Reif, A. Stahl, T. Breuel","doi":"10.1109/ARES.2009.113","DOIUrl":"https://doi.org/10.1109/ARES.2009.113","url":null,"abstract":"Source IP addresses are often used as a major feature for user modeling in computer networks. Particularly in the field of Distributed Denial of Service (DDoS) attack detection and mitigation traffic models make extensive use of source IP addresses for detecting anomalies. Typically the real IP address distribution is strongly undersampled due to a small amount of observations. Density estimation overcomes this shortage by taking advantage of IP neighborhood relations. In many cases simple models are implicitly used or chosen intuitively as a network based heuristic. In this paper we review and formalize existing models including a hierarchical clustering approach first. In addition, we present a modified k-means clustering algorithm for source IP density estimation as well as a statistical motivated smoothing approach using the Nadaraya-Watson kernel-weighted average. For performance evaluation we apply all methods on a 90 days real world dataset consisting of 1.3 million different source IP addresses and try to predict the users of the following next 10 days. ROC curves and an example DDoS mitigation scenario show that there is no uniformly better approach: k-means performs best when a high detection rate is needed whereas statistical smoothing works better for low false alarm rate requirements like the DDoS mitigation scenario.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"239 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115992385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Perfect Failure Detection in the Partitioned Synchronous Distributed System Model 分区同步分布式系统模型中的完美故障检测
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.165
R. Macêdo, Sérgio Gorender
{"title":"Perfect Failure Detection in the Partitioned Synchronous Distributed System Model","authors":"R. Macêdo, Sérgio Gorender","doi":"10.1109/ARES.2009.165","DOIUrl":"https://doi.org/10.1109/ARES.2009.165","url":null,"abstract":"In this paper we show that it is possible to implement a perfect failure detector P (one that detects all faulty processes if and only if those processes failed) in a non-synchronous distributed system. To realize that, we introduce the partitioned synchronous system (Spa) that is weaker than the conventional synchronous system. From some properties we introduce (such as strong partitioned synchrony) that must be valid in Spa and a trivially implementable Timeliness oracle, we show how to implement P in Spa. Moreover, we show that even if strong partitioned synchrony is not valid, we are still able to take advantage of the existing synchronous partitions for improving the robustness of applications, by introducing a partially perfect failure detector named xP. We also discus show applications can benefit from these failure detectors and present some related experimental data. The necessary properties and algorithms for implementing P and xP are presented in the paper, as well as the related correctness proofs.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127482838","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
A Dynamic Attribute-Based Group Signature Scheme and its Application in an Anonymous Survey for the Collection of Attribute Statistics 一种基于动态属性的群签名方案及其在属性统计信息匿名调查中的应用
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.2197/ipsjjip.17.216
K. Emura, A. Miyaji, Kazumasa Omote
{"title":"A Dynamic Attribute-Based Group Signature Scheme and its Application in an Anonymous Survey for the Collection of Attribute Statistics","authors":"K. Emura, A. Miyaji, Kazumasa Omote","doi":"10.2197/ipsjjip.17.216","DOIUrl":"https://doi.org/10.2197/ipsjjip.17.216","url":null,"abstract":"Recently, cryptographic schemes based on the user's attributes have been proposed. An Attribute-Based Group Signature (ABGS) scheme is a kind of group signature schemes, where a user with a set of attributes can prove anonymously whether she has these attributes or not. An access tree is applied to express the relationships among some attributes. However, previous schemes do not provide the changing an access tree. In this paper, we propose a Dynamic ABGS scheme that enables an access tree to be changed. Our ABGS is efficient in that re-issuing of the attribute certificate previously issued for each user is not necessary. Moreover, calculations depending on the number of attributes are calculated on the domain of a pairing. Therefore, the number of calculations in a pairing does not depend on the number of attributes associated with a signature. Finally, we discuss how our ABGS can be applied to an anonymous survey for collection of attribute statistics.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114348055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 37
On Privacy Preserving Convex Hull 关于隐私保护凸壳
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.159
Sandeep Hans, Sarat C. Addepalli, Anuj Gupta, K. Srinathan
{"title":"On Privacy Preserving Convex Hull","authors":"Sandeep Hans, Sarat C. Addepalli, Anuj Gupta, K. Srinathan","doi":"10.1109/ARES.2009.159","DOIUrl":"https://doi.org/10.1109/ARES.2009.159","url":null,"abstract":"Computing convex hull for a given set of points is one of the most explored problems in the area of computational geometry (CG). If the set of points is distributed among a set of parties who jointly wish to compute the convex hull, each party can send his points to every other party, and can then locally compute the hull using any of the existing algorithms in CG. However such an approach does not work if the parties wish to compute the convex hull securely, i.e., no party wishes to reveal any of his input points to any other party apart from those that are part of the answer. The problem of secure computation of convex hull for two parties was first introduced by Du and Atallah (NSPW '01). The first solution to the problem was given by Wang et. al(ARES '08). However, the proposed solution was based on well known algorithms for computing convex hull in CG which are proven to be sub-optimal. We propose a new solution for secure computation of convex hull with a considerable improvement in computational complexity. We further show how to extend our two-party protocol for the case of any number of parties.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123942598","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
SecureMDD: A Model-Driven Development Method for Secure Smart Card Applications SecureMDD:用于安全智能卡应用的模型驱动开发方法
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.22
Nina Moebius, K. Stenzel, H. Grandy, W. Reif
{"title":"SecureMDD: A Model-Driven Development Method for Secure Smart Card Applications","authors":"Nina Moebius, K. Stenzel, H. Grandy, W. Reif","doi":"10.1109/ARES.2009.22","DOIUrl":"https://doi.org/10.1109/ARES.2009.22","url":null,"abstract":"In this paper we introduce our model-driven software engineering method, called SecureMDD, which facilitates the development of security-critical applications that are based on cryptographic protocols. The approach seamlessly integrates the generation of code and formal methods. Starting with a platform-independent UML model of a system under development, we generate executable Java (Card) code as well as a formal model from the UML model. Subsequent to this, the formal model is used to verify the security of the modeled system. Our goal is to prove that the generated code is correct w.r.t. the generated formal model in terms of formal refinement. The approach is tailored to the domain of security-critical systems, e.g. smart card applications.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121493091","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 36
Improving Reliability for Multi-home Inbound Traffic: MHLB/I Packet-Level Inter-domain Load-Balancing 提高多归属入站流量的可靠性:MHLB/I包级域间负载均衡
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.66
H. Fujinoki
{"title":"Improving Reliability for Multi-home Inbound Traffic: MHLB/I Packet-Level Inter-domain Load-Balancing","authors":"H. Fujinoki","doi":"10.1109/ARES.2009.66","DOIUrl":"https://doi.org/10.1109/ARES.2009.66","url":null,"abstract":"Multi-homing is a network configuration that connects a customer network to multiple service providers. It is used to improve fault-tolerance and throughput. One of its problems is the lack of dynamic load-balancing for inbound network traffic to multi-homed networks, which prohibits us from taking advantage of multi-homing to improve reliability for inbound network traffic. This paper proposes a new routing architecture and a protocol, BGP-MHLB/I (BGP-Multi-Home Load Balancing/Inbound), to realize dynamic load-balancing for inbound traffic to multi-homed networks. In MHLB/I routing, reliability will be improved by a factor of (m ´ n), where m is the number of multiple BGP paths available between two end customer networks and n stands for the degree of multi-homing. Our analysis found approximately 80 multiple BGP paths available between two customer networks for up to two extra AS-hop paths. This finding suggests that the proposed BGP-MHLB/I routing will be an effective solution for improving reliability in the Internet.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122143590","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Automated Support for Security Requirements Engineering in Software Product Line Domain Engineering 软件产品线领域工程中安全需求工程的自动化支持
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.23
D. Mellado, Jesús Rodríguez, E. Fernández-Medina, M. Piattini
{"title":"Automated Support for Security Requirements Engineering in Software Product Line Domain Engineering","authors":"D. Mellado, Jesús Rodríguez, E. Fernández-Medina, M. Piattini","doi":"10.1109/ARES.2009.23","DOIUrl":"https://doi.org/10.1109/ARES.2009.23","url":null,"abstract":"Security and requirements engineering are one of the most important factor of success in the development of a software product line due to the complexity and extensive nature of them, given that a weakness in security can cause problems throughout all the products of a product line. However, without a CARE (Computer-Aided Requirements Engineering) tool, the application of any security requirements engineering process or methodology is much more difficult because it has to be manually performed. Therefore, in this paper, we will present a prototype of SREPPLineTool, which provides automated support to facilitate the application of the security quality requirements engineering process for software product lines, SREPPLine. SREPPLineTool simplifies the management of security requirements in product lines by providing us with a guided, systematic and intuitive way to deal with them from the early phases of product lines development, simplifying the management and the visualization of the artefacts variability and traceability links and the integration of the security standards, as well as the management of the security reference model proposed by SREPPLine. Finally we shall illustrate the application of SREPPLineTool by describing a simple example as a preliminary validation of it","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125040318","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Making Use of Human Visual Capability to Improve Information Security 利用人的视觉能力提高信息安全
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.157
M. Nishigaki, Takumi Yamamoto
{"title":"Making Use of Human Visual Capability to Improve Information Security","authors":"M. Nishigaki, Takumi Yamamoto","doi":"10.1109/ARES.2009.157","DOIUrl":"https://doi.org/10.1109/ARES.2009.157","url":null,"abstract":"This paper describes how to make use of human visual capability to improve information security. Here in this paper, two pilot studies are shown; a content protection scheme with image tainting, and a user authentication scheme with unclear images.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123433310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Automated Instruction-Set Randomization for Web Applications in Diversified Redundant Systems 多样化冗余系统中Web应用程序的自动指令集随机化
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.64
Frédéric Majorczyk, Jonathan-Christofer Demay
{"title":"Automated Instruction-Set Randomization for Web Applications in Diversified Redundant Systems","authors":"Frédéric Majorczyk, Jonathan-Christofer Demay","doi":"10.1109/ARES.2009.64","DOIUrl":"https://doi.org/10.1109/ARES.2009.64","url":null,"abstract":"The use of diversity and redundancy in the security domain is an interesting approach to prevent or detect intrusions. Many researchers have proposed architectures based on those concepts where diversity is either natural or artificial. These architectures are based on the architecture of N-version programming and were often instantiated for web servers without taking into account the web application(s) running on those. In this article, we present a solution to protect the web applications running on this kind of architectures in order to detect and tolerate code injection intrusions. Our solution consists in creating diversity in the web application scripts by randomizing the language understood by the interpreter so that an injected code can not be executed by all the servers. We also present the issues related to the automatization of our solution and present some solutions to tackle these issues.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128701683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Yet Another Sanitizable Signature from Bilinear Maps 双线性映射的另一个可消毒签名
2009 International Conference on Availability, Reliability and Security Pub Date : 2009-03-16 DOI: 10.1109/ARES.2009.14
T. Izu, N. Kunihiro, K. Ohta, Makoto Sano, M. Takenaka
{"title":"Yet Another Sanitizable Signature from Bilinear Maps","authors":"T. Izu, N. Kunihiro, K. Ohta, Makoto Sano, M. Takenaka","doi":"10.1109/ARES.2009.14","DOIUrl":"https://doi.org/10.1109/ARES.2009.14","url":null,"abstract":"The sanitizable signature attracts much attention since it allows to modify the original document for hiding partial information with keeping the validity of the signature and the integrity of unmodified parts of the document. The sanitizable signature is quite useful in governmental or military offices where there is a dilemma between is closure laws for public documents and privacy or diplomatic  secrets. This paper proposes two new sanitizable signature schemes from bilinear maps with a new structure.","PeriodicalId":169468,"journal":{"name":"2009 International Conference on Availability, Reliability and Security","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125343055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信