发布求助
文献互助 智能选刊 最新文献

Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001最新文献

筛选
英文 中文
Graph-based authentication of digital streams 基于图形的数字流认证
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924301
Sara Miner More, Jessica Staddon
{"title":"Graph-based authentication of digital streams","authors":"Sara Miner More, Jessica Staddon","doi":"10.1109/SECPRI.2001.924301","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924301","url":null,"abstract":"We consider the authentication of digital streams over a lossy network. The overall approach taken is graph-based, as this yields simple methods for controlling overhead, delay, and the ability to authenticate, while serving to unify many previously known hash- and MAC-based techniques. The loss pattern of the network is defined probabilistically, allowing both bursty and random packet loss to be modeled. Our authentication schemes are customizable by the sender of the stream; that is, within reasonable constraints on the input parameters, we provide schemes that achieve the desired authentication probability while meeting the input upper bound on the overhead per packet. In addition, we demonstrate that some of the shortcomings of previously known schemes correspond to easily identifiable properties of a graph, and hence, may be more easily avoided by taking a graph-based approach to designing authentication schemes.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"176 1","pages":"232-246"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86806175","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 171
Information-theoretic measures for anomaly detection 异常检测的信息论方法
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924294
Wenke Lee, Dong Xiang
{"title":"Information-theoretic measures for anomaly detection","authors":"Wenke Lee, Dong Xiang","doi":"10.1109/SECPRI.2001.924294","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924294","url":null,"abstract":"Anomaly detection is an essential component of protection mechanisms against novel attacks. We propose to use several information-theoretic measures, namely, entropy, conditional entropy, relative conditional entropy, information gain, and information cost for anomaly detection. These measures can be used to describe the characteristics of an audit data set, suggest the appropriate anomaly detection model(s) to be built, and explain the performance of the model(s). We use case studies on Unix system call data, BSM data, and network tcpdump data to illustrate the utilities of these measures.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"47 1","pages":"130-143"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86324206","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 638
A fast automaton-based method for detecting anomalous program behaviors 一种基于快速自动机的异常程序行为检测方法
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924295
R. Sekar, M. Bendre, Dinakar Dhurjati, P. Bollineni
{"title":"A fast automaton-based method for detecting anomalous program behaviors","authors":"R. Sekar, M. Bendre, Dinakar Dhurjati, P. Bollineni","doi":"10.1109/SECPRI.2001.924295","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924295","url":null,"abstract":"Anomaly detection on system call sequences has become perhaps the most successful approach for detecting novel intrusions. A natural way for learning sequences is to use a finite-state automaton (FSA). However previous research indicates that FSA-learning is computationally expensive, that it cannot be completely automated or that the space usage of the FSA may be excessive. We present a new approach that overcomes these difficulties. Our approach builds a compact FSA in a fully automatic and efficient manner, without requiring access to source code for programs. The space requirements for the FSA is low - of the order of a few kilobytes for typical programs. The FSA uses only a constant time per system call during the learning as well as the detection period. This factor leads to low overheads for intrusion detection. Unlike many of the previous techniques, our FSA-technique can capture both short term and long term temporal relationships among system calls, and thus perform more accurate detection. This enables our approach to generalize and predict future behaviors from past behaviors. As a result, the training periods needed for our FSA based approach are shorter. Moreover false positives are reduced without increasing the likelihood of missing attacks. This paper describes our FSA based technique and presents a comprehensive experimental evaluation of the technique.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"2 4 1","pages":"144-155"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89158561","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 639
Cryptographic key generation from voice 从语音生成加密密钥
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924299
F. Monrose, M. Reiter, Qi Li, S. Wetzel
{"title":"Cryptographic key generation from voice","authors":"F. Monrose, M. Reiter, Qi Li, S. Wetzel","doi":"10.1109/SECPRI.2001.924299","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924299","url":null,"abstract":"We propose a technique to reliably generate a cryptographic key from a user's voice while speaking a password. The key resists cryptanalysis even against an attacker who captures all system information related to generating or verifying the cryptographic key. Moreover, the technique is sufficiently robust to enable the user to reliably regenerate the key by uttering her password again. We describe an empirical evaluation of this technique using 250 utterances recorded from 50 users.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"8 1","pages":"202-213"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89576628","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 383
On confidentiality and algorithms: programming under the constraints of noninterference 机密性与算法:非干扰约束下的程序设计
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924288
Johan Agat, David Sands
{"title":"On confidentiality and algorithms: programming under the constraints of noninterference","authors":"Johan Agat, David Sands","doi":"10.1109/SECPRI.2001.924288","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924288","url":null,"abstract":"Recent interest in methods for certifying programs for secure information flow (noninterference) have failed to raise a key question: can efficient algorithms be written so as to satisfy the requirements of secure information flow? We discuss how algorithms for searching and sorting can be adapted to work on collections of secret data without leaking any confidential information, either directly, indirectly, or through timing behaviour. We pay particular attention to the issue of timing channels caused by cache behaviour and argue that it is necessary to disable the affect of the cache in order to construct algorithms manipulating pointers to objects in such a way that they satisfy the conditions of noninterference. We also discuss how randomisation can be used to implement secure algorithms, and discuss how randomised hash tables might be made practically secure.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"14 1","pages":"64-77"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91256969","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Intrusion detection via static analysis 通过静态分析进行入侵检测
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924296
D. Wagner, Drew Dean
{"title":"Intrusion detection via static analysis","authors":"D. Wagner, Drew Dean","doi":"10.1109/SECPRI.2001.924296","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924296","url":null,"abstract":"One of the primary challenges in intrusion detection is modelling typical application behavior so that we can recognize attacks by their atypical effects without raising too many false alarms. We show how static analysis may be used to automatically derive a model of application behavior. The result is a host-based intrusion detection system with three advantages: a high degree of automation, protection against a broad class of attacks based on corrupted code, and the elimination of false alarms. We report on our experience with a prototype implementation of this technique.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"38 1","pages":"156-168"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76240401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 773
Protection of keys against modification attack 保护密钥免受修改攻击
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924285
W. W. Fung, M. Golin, J. W. Gray
{"title":"Protection of keys against modification attack","authors":"W. W. Fung, M. Golin, J. W. Gray","doi":"10.1109/SECPRI.2001.924285","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924285","url":null,"abstract":"Anderson and Kuhn (1997) described an attack against tamper-resistant devices wherein a secret key stored in EEPROM is compromised using a simple and low-cost attack. The attack consists of setting bits in the EEPROM using low-cost probes and observing the effect on the output of the device. These attacks are extremely general, as they apply to virtually any cryptosystem. The objective of the present work is to explore cryptographic techniques with the goal of raising the cost (in terms of time and money) of carrying out the EEPROM modification attack by Class I attackers, at least to a point where it is as prohibitive as the cost of purchasing more expensive equipment. We propose the m-permutation protection scheme in which the key will be encoded in a special way and burned into the EEPROM of the device. To attack the scheme, the attacker needs to be able to solve for K in the equation K=/spl oplus//sub i=1//sup m/P/sub i/ in which P/sub i/'s are unknown. It is observed that the m-permutation protection scheme does not distribute the key K uniformly. Analysis shows that m=3 or m=5 are already good enough practically to provide strong security if the encoding is done properly and that m>5 may not give significant improvement to the security of the scheme.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"42 1","pages":"26-36"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79992716","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
A model for asynchronous reactive systems and its application to secure message transmission 异步响应系统模型及其在消息安全传输中的应用
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924298
B. Pfitzmann, M. Waidner
{"title":"A model for asynchronous reactive systems and its application to secure message transmission","authors":"B. Pfitzmann, M. Waidner","doi":"10.1109/SECPRI.2001.924298","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924298","url":null,"abstract":"We present a rigorous model for secure reactive systems in asynchronous networks with a sound cryptographic semantics, supporting abstract specifications and the composition of secure systems. This enables modular proofs of security, which is essential in bridging the gap between the rigorous proof techniques of cryptography and tool-supported formal proof techniques. The model follows the general simulatability approach of modern cryptography. A variety of network structures and trust models can be described such as static and adaptive adversaries, some examples of this are given. As an example of our specification methodology we provide an abstract and complete specification for Secure Message Transmission, improving on recent results by Lynch (1999), and verify one concrete implementation. Our proof is based on a general theorem on the security of encryption in a reactive multi-user setting, generalizing a recent result by Bellare et. al (2000).","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"100 1","pages":"184-200"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86223460","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 391
Evaluation of intrusion detectors: a decision theory approach 入侵探测器的评估:决策理论方法
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924287
J. Gaffney, J. Ulvila
{"title":"Evaluation of intrusion detectors: a decision theory approach","authors":"J. Gaffney, J. Ulvila","doi":"10.1109/SECPRI.2001.924287","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924287","url":null,"abstract":"We present a method of analysis for evaluating intrusion detection systems. The method can be used to compare the performance of intrusion detectors, to evaluate performance goals for intrusion detectors, and to determine the best configuration of an intrusion detector for a given environment. The method uses a decision analysis that integrates and extends ROC (receiver operating characteristics) and cost analysis methods to provide an expected cost metric. We provide general results and illustrate the method in several numerical examples that cover a range of detectors that meet a performance goal and two actual detectors operating in a realistic environment. We demonstrate that, contrary to common advice, the value of an intrusion detection system and the optimal operation of that system depend not only on the system's ROC curve, but also on cost metrics and the hostility of the operating environment as summarized by the probability of intrusion. Extensions of the method are outlined, and conclusions are drawn.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"102 1","pages":"50-61"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76106454","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 148
Understanding trust management systems 了解信任管理系统
Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001 Pub Date : 2001-05-14 DOI: 10.1109/SECPRI.2001.924290
Stephen Weeks
{"title":"Understanding trust management systems","authors":"Stephen Weeks","doi":"10.1109/SECPRI.2001.924290","DOIUrl":"https://doi.org/10.1109/SECPRI.2001.924290","url":null,"abstract":"We present a mathematical framework for expressing trust management systems. The framework makes it easier to understand existing systems and to compare them to one another as well as to design new systems. The framework defines the semantics of a trust management engine via a least fixpoint in a lattice, which, in some situations, leads to an efficient implementation. To demonstrate its flexibility, we present KeyNote and SPKI as instantiations by the framework.","PeriodicalId":20502,"journal":{"name":"Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001","volume":"8 1","pages":"94-105"},"PeriodicalIF":0.0,"publicationDate":"2001-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82401489","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 153
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信