发布求助
文献互助 智能选刊 最新文献

2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)最新文献

筛选
英文 中文
Improvements on Easypaysy: The Bitcoin’s Layer-2 Accounts Protocol easyypaysy的改进:比特币的第二层账户协议
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261905
Elnaz Ebadi, H. Yajam, M. Akhaee
{"title":"Improvements on Easypaysy: The Bitcoin’s Layer-2 Accounts Protocol","authors":"Elnaz Ebadi, H. Yajam, M. Akhaee","doi":"10.1109/ISCISC51277.2020.9261905","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261905","url":null,"abstract":"Bitcoin employs multiple technologies from various fields of science and engineering to provide a solution for decentralized digital currency. However, it can be used as an infrastructure to build many other schemes. Protocols over the Bitcoin’s blockchain use the power of decentralization to achieve interesting goals. These protocols often improve Bitcoin’s properties or increase its capabilities.Easypaysy is one of these protocols that are considered as blockchain layer-2. The goal of Easypaysy is to add user-friendliness of having accounts to Bitcoin while maintaining the level of privacy it already provides. In this paper, two improvements over Easypaysy protocol are proposed. In the first one, we suggest a new type of payment that can offer deniable authentication property. The other proposal provides hierarchical account systems. We discuss the scenarios in which each one can be useful. Then, the security features of each proposed scheme will be explained.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"154 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121879073","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Detecting Disk Sectors Data Types Using Hidden Markov Model 利用隐马尔可夫模型检测磁盘扇区数据类型
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261906
S. Sadegh Mousavi
{"title":"Detecting Disk Sectors Data Types Using Hidden Markov Model","authors":"S. Sadegh Mousavi","doi":"10.1109/ISCISC51277.2020.9261906","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261906","url":null,"abstract":"file carving is process of recovering data without knowledge of file system like recovering files from a formatted disk. Sometime the file systems do not write a file to disk in continues sectors and may split it to more than one chunks. Recovering of such a fragmented file can be difficult because if we found the first chunk of the file, the second chunk can be anywhere on disk. If the disk is large, the search process for finding the second chunk of file will be a time-consuming process. Data type classification help to classify disk sectors based on the type stored on them. Understanding the type of stored data on disk sectors, help to search for a specified file only on area of disk that more likely have the file type we want. In this article we propose an approach to create a hidden markov model that can help classifying disk sector based on their type and detect the point of disk that a fragmentation probably happened. The created hidden markov model classify sectors based on their entropy. The results show 52% of correct data type detection on disks with 512Bytes sector size.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129807666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Analysis of Geometrical Parameters for Remote Side-Channel Attacks on Multi-Tenant FPGAs 多租户fpga远程侧信道攻击的几何参数分析
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261904
Milad Salimian, A. Jahanian
{"title":"Analysis of Geometrical Parameters for Remote Side-Channel Attacks on Multi-Tenant FPGAs","authors":"Milad Salimian, A. Jahanian","doi":"10.1109/ISCISC51277.2020.9261904","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261904","url":null,"abstract":"Considering the dependency between the power consumption of implemented cryptographic algorithms and the data being processed, side-channel analysis methods can reveal the secret information of these systems. It was previously thought that data acquisition of dynamic power needs physical access to these systems, but recent studies show, it is possible to gather information about power consumption from FPGAs without any physical access. High flexibilities of modern FPGAs cause that they are used for cloud accelerator in Platform as a Service (PaaS) system; however, new serious vulnerabilities emerged for these platforms. Although there are some reports about how switching activities from one region of FPGA affect other regions, details of this technique are not analyzed. In this paper, we analyzed the strength of this kind of attack and examined the impact of geometrical and electrical parameters of the victim/attacker modules on the efficiency of this attack. Experimental results and analyses show that the relational location, and the distance of victim/attacker modules, have considerable impacts on the quality of attack. Results of this analysis can help the FPGA manufacturer and IP developers to protect their systems against this serious attack.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128296468","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cost-Effective and Practical Countermeasure against the Template Side Channel Attack 抗模板侧信道攻击的经济实用对策
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261918
Farshideh Kordi, Hamed Hossein-Talaee, A. Jahanian
{"title":"Cost-Effective and Practical Countermeasure against the Template Side Channel Attack","authors":"Farshideh Kordi, Hamed Hossein-Talaee, A. Jahanian","doi":"10.1109/ISCISC51277.2020.9261918","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261918","url":null,"abstract":"One of the most efficient attacks for exploiting the secret key is a template attack. Recent researches show that regular countermeasures against these attacks are costly. Randomized shuffling in the time domain is known as a cost-effective countermeasures against side-channel attacks are widely used. In this article, we implemented a real template attack and proposed an efficient countermeasure against it. We practically evaluated security improvement with this method in the AES algorithm on a template attack and reported the analysis results of our countermeasure. According to these results, template attack will be hardened significantly after the proposed protection such that the grade of the key recovery increases from 1 with 350K traces in unprotected design to 2100 with 700K traces in the protected circuit. This security improvement gains in the cost of about 7% delay overhead.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116459175","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A New Method for Ransomware Detection Based on PE Header Using Convolutional Neural Networks 基于PE头卷积神经网络的勒索软件检测新方法
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261903
F. Manavi, A. Hamzeh
{"title":"A New Method for Ransomware Detection Based on PE Header Using Convolutional Neural Networks","authors":"F. Manavi, A. Hamzeh","doi":"10.1109/ISCISC51277.2020.9261903","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261903","url":null,"abstract":"With the spread of information technology in human life, data protection is a critical task. On the other hand, malicious programs are developed, which can manipulate sensitive and critical data and restrict access to this data. Ransomware is an example of such a malicious program that encrypts data, restricts users’ access to the system or their data, and then request a ransom payment. Many types of research have been proposed for ransomware detection. Most of these methods attempt to identify ransomware by relying on program behavior during execution. The main weakness of these methods is that it is not clear how long the program should be monitored to show its real behavior. Therefore, sometimes, these researches cannot early detect ransomware. In this paper, a new method for ransomware detection is proposed that does not require running the program and uses the PE header of the executable files. To extract effective features from the PE header files, an image based on PE header is constructed. Then, according to the advantages of Convolutional Neural Networks in extracting features from images and classifying them, CNN is used. The proposed method achieves 93.33% accuracy. Our results indicate the usefulness and practicality method for ransomware detection.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129971051","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
A Decentralized App Store Using the Blockchain Technology 使用区块链技术的去中心化应用商店
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261911
Mahsa Monem Moharrer, Sadegh Dorri Nogoorani
{"title":"A Decentralized App Store Using the Blockchain Technology","authors":"Mahsa Monem Moharrer, Sadegh Dorri Nogoorani","doi":"10.1109/ISCISC51277.2020.9261911","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261911","url":null,"abstract":"Today, applications have become an important part of the ecosystem of smartphones. With the increasing use of applications, key issues such as avoidance of single point of failure, availability, throughput problem, ensuring software authenticity, protecting the intellectual property rights of application developers have become areas that have a significant impact on this ecosystem. In this paper, we introduce the first autonomous decentralized mobile application distribution platform (app store) that utilizes blockchain, smart contracts and a distributed file system to fulfill the aforementioned requirements. With the use of smart contracts, this app store works autonomously, and its management is not centralized. In addition, the app store does not have single point of failure, availability, and download throughput problem thanks to its distributed design. Comparison to related works shows our proposed app store is superior to competing proposals and existing app stores in several aspects.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"351 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124443187","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Enhancing Monkey to trigger malicious payloads in Android malware 增强Monkey触发Android恶意软件中的恶意载荷
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261909
Hayyan Hasan, B. T. Ladani, B. Zamani
{"title":"Enhancing Monkey to trigger malicious payloads in Android malware","authors":"Hayyan Hasan, B. T. Ladani, B. Zamani","doi":"10.1109/ISCISC51277.2020.9261909","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261909","url":null,"abstract":"Dynamic analysis is a prominent approach in analyzing the behavior of Android apps. To perform dynamic analysis, we need an event generator to execute the app. Monkey is the most popular event generator that is used in Android dynamic analysis. Monkey provides high code coverage, and yet high speed in generating events. However, in the case of malware analysis, Monkey suffers from several limitations. It only considers UI events but no system events. Moreover, it causes disconnecting the connectivity of the test environment during the analysis process. In this paper, we try to enhance Monkey to reduce its limitations while preserving its advantages. The proposed approach includes preparing Monkey with a facility for handling system events and keeping the connectivity of the test environment up during the analysis process. To evaluate the extended version of Monkey, we compare it with its original version regarding two important criteria in the case of malware analysis: the number of called sensitive APIs, and the code coverage. The evaluation process uses 100 randomly selected samples from AMD malware dataset. The results show that enhanced Monkey improves its ability to trigger sensitive APIs, and increases its code coverage.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122112642","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
On the Security of Some Recently Proposed Certificateless Signcryption Schemes 最近提出的几种无证书签名加密方案的安全性研究
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261917
Parvin Rastegari
{"title":"On the Security of Some Recently Proposed Certificateless Signcryption Schemes","authors":"Parvin Rastegari","doi":"10.1109/ISCISC51277.2020.9261917","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261917","url":null,"abstract":"A certificateless signcryption (CL-SC) scheme is an important cryptographic primitive which provides the goals of a signature scheme (i.e. the unforgeability) and an encryption scheme (i.e. the confidentiality) both at once, in a certificateless setting. The certificateless public key cryptography (CL-PKC) setting, makes it possible to overcome the problems of the conventional public key infrastructure (i.e. the certificates management) and the ID-Based public key cryptography (i.e. the key escrow problem), concurrently. Recently, Caixue [4], Shan [16] and Ullah et al. [17] have proposed CL-SC schemes. In this paper, these schemes are analyzed. Some attacks are designed which show that Caixue’s scheme is easily forgeable and Shan’s scheme is forgeable against a malicious key generation center (KGC). Moreover, it is shown that Ullah et al.’s scheme has basic errors in its algorithms, as it does not even satisfy the correctness of the verification algorithm and it is not a CL-SC scheme at all.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122156415","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Secure and Improved Authentication Scheme for Heterogeneous Wireless Sensor Networks in the Internet of Things Environment 物联网环境下异构无线传感器网络安全改进认证方案
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261922
H. Yazdanpanah, M. Azizi, S. M. Pournaghi
{"title":"A Secure and Improved Authentication Scheme for Heterogeneous Wireless Sensor Networks in the Internet of Things Environment","authors":"H. Yazdanpanah, M. Azizi, S. M. Pournaghi","doi":"10.1109/ISCISC51277.2020.9261922","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261922","url":null,"abstract":"The emergence of Internet of Things (IoT) is turning common conceptions of the current Internet into a dream of smart objects that communicate with each other. Wireless Sensor Networks (WSNs) play an important role in such an environment, since they include a wide range of applications. Researchers are already working on how WSN can be effectively integrated into the IoT environment. One part of the integration is the security aspect. In recent years, Farash et al. proposed an efficient user authentication and key agreement scheme for Heterogeneous WSN (HWSN) tailored for the IoT environment. Although their scheme is efficient, we found that this scheme is vulnerable to several cryptographic attacks. This paper first demonstrates all security weaknesses of the Farash et al.’s scheme and then proposes a secure and improved mutual authentication and key agreement scheme.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131050082","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Security Analysis of an Efficient Authentication Scheme for Vehicular Ad Hoc Networks 一种高效车载Ad Hoc网络认证方案的安全性分析
2020 17th International ISC Conference on Information Security and Cryptology (ISCISC) Pub Date : 2020-09-09 DOI: 10.1109/ISCISC51277.2020.9261912
Saeed Zarbi, Seyed Amir Mortazavi, P. Salehpour
{"title":"Security Analysis of an Efficient Authentication Scheme for Vehicular Ad Hoc Networks","authors":"Saeed Zarbi, Seyed Amir Mortazavi, P. Salehpour","doi":"10.1109/ISCISC51277.2020.9261912","DOIUrl":"https://doi.org/10.1109/ISCISC51277.2020.9261912","url":null,"abstract":"As the number of machines increases, the need for a communication channel between machines becomes more and more felt. VANET provides vehicle to infrastructure and vehicle to vehicle communication for weather alerts, control of traffic congestion, and navigation services.Security and performance are two essential issues in VANET applications. Security concerns such as confidentiality, privacy, and authentication of network nodes are crucial issues. In recent years, several protocols have been proposed to meet these security requirements. Most of these schemes are proposed in three categories: Public Key Infrastructure, ID-based, and MAC-based authentication schemes.One of the recently proposed schemes for VANETs is Bayat et al.’s scheme. Unfortunately, the used digital signature in this scheme can be forged. This vulnerability allows an adversary to send invalid messages in a network without detection by authorities. This vulnerability is a severe threat to an authentication problem in this scheme.","PeriodicalId":206256,"journal":{"name":"2020 17th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133769872","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信