发布求助
文献互助 智能选刊 最新文献

2017 IEEE Trustcom/BigDataSE/ICESS最新文献

筛选
英文 中文
Insider Threat Detection Through Attributed Graph Clustering 基于属性图聚类的内部威胁检测
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2018-09-01 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.227
A. Gamachchi, S. Boztaş
{"title":"Insider Threat Detection Through Attributed Graph Clustering","authors":"A. Gamachchi, S. Boztaş","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.227","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.227","url":null,"abstract":"While most organizations continue to invest in traditional network defences, a formidable security challenge has been brewing within their own boundaries. Malicious insiders with privileged access in the guise of a trusted source have carried out many attacks causing far reaching damage to financial stability, national security and brand reputation for both public and private sector organizations. Growing exposure and impact of the whistleblower community and concerns about job security with changing organizational dynamics has further aggravated this situation. The unpredictability of malicious attackers, as well as the complexity of malicious actions, necessitates the careful analysis of network, system and user parameters correlated with insider threat problem. Thus it creates a high dimensional, heterogeneous data analysis problem in isolating suspicious users. This research work proposes an insider threat detection framework, which utilizes the attributed graph clustering techniques and outlier ranking mechanism for enterprise users. Empirical results also confirm the effectiveness of the method by achieving the best area under curve value of 0.7648 for the receiver operating characteristic curve.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"101 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123520248","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Vehicle Incident Hot Spots Identification: An Approach for Big Data 车辆事故热点识别:基于大数据的方法
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-11 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.329
I. Triguero, G. Figueredo, M. Mesgarpour, J. Garibaldi, R. John
{"title":"Vehicle Incident Hot Spots Identification: An Approach for Big Data","authors":"I. Triguero, G. Figueredo, M. Mesgarpour, J. Garibaldi, R. John","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.329","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.329","url":null,"abstract":"In this work we introduce a fast big data approach for road incident hot spot identification using Apache Spark. We implement an existing immuno-inspired mechanism, namely SeleSup, as a series of MapReduce-like operations. SeleSup is composed of a number of iterations that remove data redundancies and result in the detection of areas of high likelihood of vehicles incidents. It has been successfully applied to large datasets, however, as the size of the data increases to millions of instances, its performance drops significantly. Our objective therefore is to re-conceptualise the method for big data. In this paper we present the new implementation, the challenges faced when converting the method for the Apache Spark platform as well as the outcomes obtained. For our experiments we employ a large dataset containing hundreds of thousands of Heavy Good Vehicles incidents, collected via telematics. Results show a significant improvement in performance with no detriment to the accuracy of the method.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126187237","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
SEEAD: A Semantic-Based Approach for Automatic Binary Code De-obfuscation SEEAD:一种基于语义的自动二进制代码去混淆方法
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-11 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.246
Zhanyong Tang, Kaiyuan Kuang, Lei Wang, Chao Xue, Xiaoqing Gong, Xiaojiang Chen, Dingyi Fang, Jie Liu, Z. Wang
{"title":"SEEAD: A Semantic-Based Approach for Automatic Binary Code De-obfuscation","authors":"Zhanyong Tang, Kaiyuan Kuang, Lei Wang, Chao Xue, Xiaoqing Gong, Xiaojiang Chen, Dingyi Fang, Jie Liu, Z. Wang","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.246","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.246","url":null,"abstract":"Increasingly sophisticated code obfuscation techniques are quickly adopted by malware developers to escape from malware detection and to thwart the reverse engineering effort of security analysts. State-of-the-art de-obfuscation approaches rely on dynamic analysis, but face the challenge of low code coverage as not all software execution paths and behavior will be exposed at specific profiling runs. As a result, these approaches often fail to discover hidden malicious patterns. This paper introduces SEEAD, a novel and generic semantic-based de-obfuscation system. When building SEEAD, we try to rely on as few assumptions about the structure of the obfuscation tool as possible, so that the system can keep pace with the fast evolving code obfuscation techniques. To increase the code coverage, SEEAD dynamically directs the target program to execute different paths across different runs. This dynamic profiling scheme is rife with taint and control dependence analysis to reduce the search overhead, and a carefully designed protection scheme to bring the program to an error free status should any error happens during dynamic profile runs. As a result, the increased code coverage enables us to uncover hidden malicious behaviors that are not detected by traditional dynamic analysis based de-obfuscation approaches. We evaluate SEEAD on a range of benign and malicious obfuscated programs. Our experimental results show that SEEAD is able to successfully recover the original logic from obfuscated binaries.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"63 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123322114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Implementing Chain of Custody Requirements in Database Audit Records for Forensic Purposes 在数据库审计记录中实施监管链规定,以供司法鉴定之用
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-11 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.299
Denys A. Flores, A. Jhumka
{"title":"Implementing Chain of Custody Requirements in Database Audit Records for Forensic Purposes","authors":"Denys A. Flores, A. Jhumka","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.299","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.299","url":null,"abstract":"During forensic database investigations, audit records become a crucial evidential element; particularly, when certain events can be attributed to insider activity. However, traditional reactive forensic methods may not be suitable, urging the adoption of proactive approaches that can be used to ensure accountability through audit records whilst satisfying Chain of Custody (CoC) requirements for forensic purposes. In this paper, role segregation, evidence provenance, event timeliness and causality are considered as CoC requirements in order to implement a forensically ready architecture for the proactive generation, collection and preservation of database audit records that can be used as digital evidence for the investigation of insider activity. Our proposal implements triggers and stored procedures as forensic routines in order to build a vector-clock-based timeline for explaining causality in transactional events recorded in audit tables. We expect to encourage further work in the field of proactive digital forensics and forensic readiness; in particular, for justifying admissibility of audit records under CoC restrictions.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"53 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132287075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Authenticating Compromisable Storage Systems 验证易入侵存储系统
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-11 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.216
Jiangshan Yu, M. Ryan, Liqun Chen
{"title":"Authenticating Compromisable Storage Systems","authors":"Jiangshan Yu, M. Ryan, Liqun Chen","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.216","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.216","url":null,"abstract":"A service may be implemented over several servers, and those servers may become compromised by an attacker, e.g. through software vulnerabilities. When this happens, the service manager will remove the vulnerabilities and re-instate the server. Typically, this will involve regenerating the public key by which clients authenticate the service, and revoking the old one. This paper presents a scheme which allows a storage service composed of several servers to create a group public key in a decentralised manner, and maintain its security even when such compromises take place. By maintaining keys for a long term, we reduce the reliance on public-key certification. The storage servers periodically update the decryption secrets corresponding to a public key, in such a way that secrets gained by an attacker are rendered useless after an update takes place. An attacker would have to compromise all the servers within a short period lying between two updates in order to fully compromise the system.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133355374","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Public Key Encryption Scheme for String Identification 用于字符串识别的公钥加密方案
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-11 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.226
I. G. Ray, M. Rajarajan
{"title":"A Public Key Encryption Scheme for String Identification","authors":"I. G. Ray, M. Rajarajan","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.226","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.226","url":null,"abstract":"One of the major limitations of index based encrypted string search on big dataset is the inherent problem of big index generation, maintenance and update which stops it from being dynamic in a sense that one could not modify data or add or remove keywords. Also for a resource constraint client, to generate an index linear in the size of big dataset is difficult. In this paper, we provide an efficient easy-toimplement public key based searchable encryption scheme for string search which is adaptively secure and does not need any index. We provide concrete proof of the adaptive security of our scheme against honest-but-curious server. We validate our scheme against three different publicly available datasets.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125117844","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Online Social Network Information Forensics: A Survey on Use of Various Tools and Determining How Cautious Facebook Users are? 在线社交网络信息取证:对各种工具使用的调查和确定Facebook用户的谨慎程度?
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-07 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.364
Amber Umair, P. Nanda, Xiangjian He
{"title":"Online Social Network Information Forensics: A Survey on Use of Various Tools and Determining How Cautious Facebook Users are?","authors":"Amber Umair, P. Nanda, Xiangjian He","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.364","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.364","url":null,"abstract":"Online Social Networks (OSN) such as Facebook, Twitter, LinkedIn, and Instagram are heavily used to socialize, entertain or gain insights on people behavior and their activities. Everyday terabytes of data is generated over these networks, which is then used by the businesses to generate revenue or misused by the wrongdoers to exploit vulnerabilities of these social network platforms. Specifically social network information helps in extracting various important features such as; user association, access pattern, location information etc. Recent research shows, many such features could be used to develop novel attack models and investigate further into defending the users from exposing their information to outsiders. This paper analyzes some of the available tools to extract OSN information and discusses research work on similar type of unstructured data. Recent research works, which focus on gathering bits and pieces of information to extract meaningful results for digital forensics, has been discussed. An online survey is conducted to gauge the cautiousness of users in social media usage in terms of personal information dissemination.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"124 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124197904","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
An Efficient Disjunctive Query Enabled Ranked Searchable Encryption Scheme 一种高效的析取查询排序可搜索加密方案
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-07 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.267
Shahzaib Tahir, S. Ruj, M. Rajarajan
{"title":"An Efficient Disjunctive Query Enabled Ranked Searchable Encryption Scheme","authors":"Shahzaib Tahir, S. Ruj, M. Rajarajan","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.267","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.267","url":null,"abstract":"Cloud computing motivates data owners to economically outsource large amounts of data to the cloud. To preserve the privacy and confidentiality of the documents, the documents need to be encrypted prior to being outsourced to the cloud. In this paper, we propose a lightweight construction that facilitates ranked disjunctive keyword (multi-keyword) searchable encryption based on probabilistic trapdoors. The security analysis yieldsthat the probabilistic trapdoors help resist distinguishability attacks. Through the computational complexity analysis we realize that our scheme outperforms similar existing schemes. We explore the use of searchable encryption in the telecom domain by implementing and deploying our proof of concept prototypeonto the British Telecommunication's Public Cloud offering and testing it over a real corpus of audio transcriptions. The extensive experimentation thereafter validates our claim that our scheme is lightweight.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"600 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115107463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Secure and Light Weight Fine-grained Access Mechanism for Outsourced Data 外包数据的安全和轻量级细粒度访问机制
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-07 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.238
Mosarrat Jahan, P. Roy, K. Sakurai, A. Seneviratne, Sanjay Jha
{"title":"Secure and Light Weight Fine-grained Access Mechanism for Outsourced Data","authors":"Mosarrat Jahan, P. Roy, K. Sakurai, A. Seneviratne, Sanjay Jha","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.238","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.238","url":null,"abstract":"In this paper we explore the problem of providing selective read/write access to the outsourced data for clients using mobile devices in an environment that supports users from multiple domains and where attributes are generated by multiple authorities. We consider Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme as it can provide access control on the encrypted outsourced data. One limitation of CP-ABE is that users can modify the access policy specified by the data owner if write operations are introduced in the scheme. We propose a protocol for providing different levels of access to outsourced data that permits the authorized users to perform write operation without altering the access policy specified by the data owner. Our scheme provides fine-grained read/write access to the users, accompanied with a light weight signature scheme and computationally inexpensive user revocation mechanism suitable for resource-constrained mobile devices. The security analysis demonstrates the robustness of the proposed scheme.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121643948","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Lightweight Authentication Protocol (LAUP) for 6LoWPAN Wireless Sensor Networks 6LoWPAN无线传感器网络的轻量级认证协议(LAUP)
2017 IEEE Trustcom/BigDataSE/ICESS Pub Date : 2017-09-07 DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.260
Annie Gilda Roselin, P. Nanda, S. Nepal
{"title":"Lightweight Authentication Protocol (LAUP) for 6LoWPAN Wireless Sensor Networks","authors":"Annie Gilda Roselin, P. Nanda, S. Nepal","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.260","DOIUrl":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.260","url":null,"abstract":"6LoWPAN networks involving wireless sensors consist of resource starving miniature sensor nodes. Since secured authentication of these resource-constrained sensors is one of the important considerations during communication, use of asymmetric key distribution scheme may not be the perfect choice to achieve secure authentication. Recent research shows that Lucky Thirteen attack has compromised Datagram Transport Layer Security (DTLS) with Cipher Block Chaining (CBC) mode for key establishment. Even though EAKES6Lo and S3K techniques for key establishment follow the symmetric key establishment method, they strongly rely on a remote server and trust anchor for secure key distribution. Our proposed Lightweight Authentication Protocol (LAUP) used a symmetric key method with no preshared keys and comprised of four flights to establish authentication and session key distribution between sensors and Edge Router in a 6LoWPAN environment. Each flight uses freshly derived keys from existing information such as PAN ID (Personal Area Network IDentification) and device identities. We formally verified our scheme using the Scyther security protocol verification tool for authentication properties such as Aliveness, Secrecy, Non-Injective Agreement and Non-Injective Synchronization. We simulated and evaluated the proposed LAUP protocol using COOJA simulator with ContikiOS and achieved less computational time and low power consumption compared to existing authentication protocols such as the EAKES6Lo and SAKES.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116300521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信