发布求助
文献互助 智能选刊 最新文献

2013 International Conference on Security and Cryptography (SECRYPT)最新文献

筛选
英文 中文
SVD-based digital image watermarking on approximated orthogonal matrix 基于svd的近似正交矩阵数字图像水印
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004507903210330
Y. Zolotavkin, M. Juhola
{"title":"SVD-based digital image watermarking on approximated orthogonal matrix","authors":"Y. Zolotavkin, M. Juhola","doi":"10.5220/0004507903210330","DOIUrl":"https://doi.org/10.5220/0004507903210330","url":null,"abstract":"A new watermarking method based on Singular Value Decomposition is proposed in this paper. The method uses new embedding rules to store a watermark in orthogonal matrix U that is preprocessed in advance in order to fit a proposed model of orthogonal matrix. Some experiments involving common distortions for grayscale images were done in order to confirm efficiency of the proposed method. The robustness of watermark embedded by our method was higher for all the proposed rules under condition of jpeg compression and in some cases outperformed existing method for more than 46%.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116225284","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A game theory based repeated rational secret sharing scheme for privacy preserving distributed data mining 基于博弈论的分布式数据挖掘重复理性秘密共享方案
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004525205120517
Nirali R. Nanavati, D. Jinwala
{"title":"A game theory based repeated rational secret sharing scheme for privacy preserving distributed data mining","authors":"Nirali R. Nanavati, D. Jinwala","doi":"10.5220/0004525205120517","DOIUrl":"https://doi.org/10.5220/0004525205120517","url":null,"abstract":"Collaborative data mining has become very useful today with the immense increase in the amount of data collected and the increase in competition. This in turn increases the need to preserve the participants' privacy. There have been a number of approaches proposed that use Secret Sharing for privacy preservation for Secure Multiparty Computation (SMC) in different setups and applications. The different multiparty scenarios may have parties that are semi-honest, rational or malicious. A number of approaches have been proposed for semi honest parties in this setup. The problem however is that in reality we have to deal with parties that act in their self-interest and are rational. These rational parties may try and attain maximum gain without disrupting the protocol. Also these parties if cautioned would correct themselves to have maximum individual gain in the future. Thus we propose a new practical game theoretic approach with three novel punishment policies with the primary advantage that it avoids the use of expensive techniques like homomorphic encryption. Our proposed approach is applicable to the secret sharing scheme among rational parties in distributed data mining. We have analysed theoretically the proposed novel punishment policies for this approach. We have also empirically evaluated and implemented our scheme using Java. We compare the punishment policies proposed in terms of the number of rounds required to attain the Nash equilibrium with eventually no bad rational nodes with different percentage of initial bad nodes.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122602584","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Efficient group signatures with verifier-local revocation employing a natural expiration 具有使用自然过期的验证器本地撤销的高效组签名
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004600105550560
L. Malina, J. Hajny, Zdenek Martinasek
{"title":"Efficient group signatures with verifier-local revocation employing a natural expiration","authors":"L. Malina, J. Hajny, Zdenek Martinasek","doi":"10.5220/0004600105550560","DOIUrl":"https://doi.org/10.5220/0004600105550560","url":null,"abstract":"This paper presents a novel proposal of group signatures with verifier-local revocation employing a natural expiration to ensure an efficient verification of signatures and a revocation check. Current group signatures have an expensive verification phase which takes several pairing operations and checks a long-sized revocation list, especially, if a large number of users are in the group. Generally, the revocation list grows linearly every time when a new revoked user is added into the list unless group parameters and keys are not reinitialized. Nevertheless, the reinitialization is not feasible and burdens the communication overhead in many communication systems. In these schemes, the verification of several signatures with the long-sized revocation list takes too much time. Our proposed group signature scheme offers the more efficient verification phase which employs the revocation list that is reduced in time by a natural expiration of group member secret keys. Due to an optimization in the verification phase, our scheme is more efficient than related solutions.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127793240","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Modelling SCADA and corporate network of a medium voltage power grid under cyber attacks 网络攻击下的中压电网SCADA和企业网络建模
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004523501230134
E. Ciancamerla, M. Minichino, S. Palmieri
{"title":"Modelling SCADA and corporate network of a medium voltage power grid under cyber attacks","authors":"E. Ciancamerla, M. Minichino, S. Palmieri","doi":"10.5220/0004523501230134","DOIUrl":"https://doi.org/10.5220/0004523501230134","url":null,"abstract":"There is an increasing concern over the cyber security of Critical Infrastructures (CI) due to the increasing ability of cyber attackers to cause even catastrophic failures. It is mainly due to the pervasiveness of ICT (Information and Communication Technologies) and to the consequent de isolation of SCADA (Supervision, Control and Data Acquisition) system, which represents the nervous system of most CIs. Cyber attacks could block the connection between SCADA Control Centre and its remote devices or insert fake commands/measurements in the equipment communications. With reference to an actual case study, constituted by a SCADA system controlling a portion of a medium voltage power grid and a corporate network, we discuss how cyber threats, vulnerabilities and attacks might degrade the functionalities of SCADA and corporate network, which, in turn, might lead to outages of the electrical grid. We represent SCADA and corporate network under malware propagation, Denial of Service and Man In The Middle attacks and predict their consequent performance degradation. Particularly, we use NetLogo to identify possible malware propagation in relation to SCADA & corporate security policies adopted from the utility and NS2 simulator to compute the consequences of the attacks on SCADA and in turn on power grid.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129277032","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
An efficient and provably secure certificateless identification scheme 一个有效且可证明安全的无证书识别方案
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004526303710378
Ji-Jian Chin, R. Phan, R. Behnia, Swee-Huay Heng
{"title":"An efficient and provably secure certificateless identification scheme","authors":"Ji-Jian Chin, R. Phan, R. Behnia, Swee-Huay Heng","doi":"10.5220/0004526303710378","DOIUrl":"https://doi.org/10.5220/0004526303710378","url":null,"abstract":"Identity-based identification, first formalized independently by Bellare et al. and Kurosawa and Heng in 2004, still had the inherent key escrow problem, as the TA generating the user secret keys had full access to every user's secret key. In 2003, Al-Riyami and Paterson introduced the notion of certificateless cryptography, and subsequently many certificateless encryption, signature and other schemes were introduced in literature. However, to this date there are still no certificateless identification schemes in existence. Therefore, in this paper, we formalize the notion of certificateless identification schemes and construct the first concrete certificateless identification scheme.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127851783","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Policy-based security assessment of mobile end-user devices an alternative to mobile device management solutions for Android smartphones 基于策略的移动终端用户设备安全评估是Android智能手机移动设备管理解决方案的替代方案
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004509903470354
Thomas Zefferer, Peter Teufl
{"title":"Policy-based security assessment of mobile end-user devices an alternative to mobile device management solutions for Android smartphones","authors":"Thomas Zefferer, Peter Teufl","doi":"10.5220/0004509903470354","DOIUrl":"https://doi.org/10.5220/0004509903470354","url":null,"abstract":"For security-critical applications, the integrity and security of end-user devices is of particular importance. This especially applies to mobile applications that use smartphones to process security-critical data. Unfortunately, users often compromise the security of smartphones by disabling security features for convenience reasons or by unintentionally installing malware from untrusted application sources. Mobile device management (MDM) solutions overcome this problem by providing means to centrally manage and configure smartphones. However, MDM is mainly suitable for corporate environments but often cannot be applied in non-corporate fields of application such as m-banking or m-government. To address this problem, we propose an alternative approach to assure the security and integrity of smartphones. Our approach relies on a device assessor that evaluates the current state of a smartphone according to a security policy. Integration of this device assessor allows smartphone applications to condition the processing of security-critical data on the smartphone's compliance with a defined security policy. We have shown the practicability of the proposed approach by means of a concrete implementation for the Android platform. We have evaluated this implementation on different Android devices. Obtained results show that our approach constitutes an appropriate alternative for scenarios, in which MDM cannot be applied.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126693630","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Intent security testing: An Approach to testing the Intent-based vulnerability of Android components 意图安全测试:一种测试Android组件基于意图漏洞的方法
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-07-29 DOI: 10.5220/0004515203550362
S. Salva, Stassia R. Zafimiharisoa, Patrice Laurençot
{"title":"Intent security testing: An Approach to testing the Intent-based vulnerability of Android components","authors":"S. Salva, Stassia R. Zafimiharisoa, Patrice Laurençot","doi":"10.5220/0004515203550362","DOIUrl":"https://doi.org/10.5220/0004515203550362","url":null,"abstract":"The intent mechanism is a powerful feature of the Android platform that helps compose existing components together to build a Mobile application. However, hackers can leverage the intent messaging to extract personal data or to call components without credentials by sending malicious intents to components. This paper tackles this issue by proposing a security testing method which aims at detecting whether the components of an Android application are vulnerable to malicious intents. Our method takes Android projects and intent-based vulnerabilities formally represented with models called vulnerability patterns. The originality of our approach resides in the generation of partial specifications from configuration files and component codes to generate test cases. A tool, called APSET, is presented and evaluated with experimentations on some Android applications.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125872213","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
On the effectiveness of dynamic taint analysis for protecting against private information leaks on Android-based devices 动态污点分析在android设备上防止隐私信息泄露的有效性研究
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2013-05-22 DOI: 10.5220/0004535104610468
Golam Sarwar, O. Mehani, R. Boreli, M. Kâafar
{"title":"On the effectiveness of dynamic taint analysis for protecting against private information leaks on Android-based devices","authors":"Golam Sarwar, O. Mehani, R. Boreli, M. Kâafar","doi":"10.5220/0004535104610468","DOIUrl":"https://doi.org/10.5220/0004535104610468","url":null,"abstract":"We investigate the limitations of using dynamic taint analysis for tracking privacy-sensitive information on Android-based mobile devices. Taint tracking keeps track of data as it propagates through variables, interprocess messages and files, by tagging them with taint marks. A popular taint-tracking system, TaintDroid, uses this approach in Android mobile applications to mark private information, such as device identifiers or user's contacts details, and subsequently issue warnings when this information is misused (e.g., sent to an un-desired third party). We present a collection of attacks on Android-based taint tracking. Specifically, we apply generic classes of anti-taint methods in a mobile device environment to circumvent this security technique. We have implemented the presented techniques in an Android application, ScrubDroid. We successfully tested our app with the TaintDroid implementations for Android OS versions 2.3 to 4.1.1, both using the emulator and with real devices. Finally, we evaluate the success rate and time to complete of the presented attacks. We conclude that, although taint tracking may be a valuable tool for software developers, it will not effectively protect sensitive data from the black-box code of a motivated attacker applying any of the presented anti-taint tracking methods.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125019255","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 125
Topological study and Lyapunov exponent of a secure steganographic scheme 安全隐写方案的拓扑研究与Lyapunov指数
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 2012-06-13 DOI: 10.5220/0004504202750283
J. Bahi, Nicolas Friot, C. Guyeux
{"title":"Topological study and Lyapunov exponent of a secure steganographic scheme","authors":"J. Bahi, Nicolas Friot, C. Guyeux","doi":"10.5220/0004504202750283","DOIUrl":"https://doi.org/10.5220/0004504202750283","url":null,"abstract":"CIS2 is a steganographic scheme proposed formerly, belonging into the small category of algorithms being both stego and topologically secure. Due to its stego-security, this scheme is able to face attacks that take place into the “watermark only attack” framework. Its topological security reinforce its capability to face threats in other frameworks as “known message attack” or “known original attack”, in the Simmons' prisoner problem. In this research work, the study of topological properties of CIS2 is enlarged by describing this scheme as iterations over the real line, and investigating other security properties of topological nature as the Lyapunov exponent, that have been reported as important in the field of information hiding security. Results show that this scheme is able to withdraw a malicious attacker in the “estimated original attack” context too.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130526735","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Trust-based secure cloud data storage with cryptographic role-based access control 基于信任的安全云数据存储,具有基于加密角色的访问控制
2013 International Conference on Security and Cryptography (SECRYPT) Pub Date : 1900-01-01 DOI: 10.5220/0004508600620073
Lan Zhou, V. Varadharajan, M. Hitchens
{"title":"Trust-based secure cloud data storage with cryptographic role-based access control","authors":"Lan Zhou, V. Varadharajan, M. Hitchens","doi":"10.5220/0004508600620073","DOIUrl":"https://doi.org/10.5220/0004508600620073","url":null,"abstract":"Role-based access control (RBAC) model is a widely used access control model which can simplify security management in large-scale systems. Recently, several cryptographic RBAC schemes have been proposed to integrate cryptographic techniques with RBAC models to secure data storage in an outsourced environment such as a cloud. These schemes allow data to be encrypted in such a way that only the users who are members of an appropriate role can decrypt and view the data. However, the issue of trust in such a data storage system is not addressed in these schemes. In this paper, we propose trust models to improve the security of such a system which uses cryptographic RBAC schemes. The trust models provide an approach for the users and roles to determine the trustworthiness of individual roles and owners in the RBAC system. The users can use the trust models to decide whether to join a particular role for accessing data in the system. The roles can use the trust models in their decision to ensure that only data from data owners with good behaviours are accepted by the roles. The proposed trust models take into account role inheritance and hierarchy in the evaluation of trustworthiness of the roles. In addition, we present a design of a trust-based cloud storage system which shows how the trust models can be integrated into a system that uses cryptographic RBAC schemes.","PeriodicalId":174026,"journal":{"name":"2013 International Conference on Security and Cryptography (SECRYPT)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122857939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信