发布求助
文献互助 智能选刊 最新文献

2008 International Conference on Information Security and Assurance (isa 2008)最新文献

筛选
英文 中文
An Inter-Classes Obfuscation Method for Java Program Java程序的类间混淆方法
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.49
Xuesong Zhang, Fengling He, Wanli Zuo
{"title":"An Inter-Classes Obfuscation Method for Java Program","authors":"Xuesong Zhang, Fengling He, Wanli Zuo","doi":"10.1109/ISA.2008.49","DOIUrl":"https://doi.org/10.1109/ISA.2008.49","url":null,"abstract":"Software is a valuable form of data, representing significant intellectual property, and reverse engineering of software code by competitors may reveal important technological secrets. This problem becomes more serious when facing with the platform independent language - Java byte code. We introduce an inter-classes software obfuscation technique which extracts the codes of some methods in user-defined classes and embeds them into some other object's methods in the object pool. Since all objects in the object pool are upcast to their common base type, which object's method will really execute can only be ascertained at runtime. Thus, drastically obscured the program flow. Combined with some enhanced mechanisms, this technique can even resist to dynamic analysis to a certain extent. Experimental result shows that there is little influence to the execution efficiency.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133745800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Improvement of a Fingerprint-Based Remote User Authentication Scheme 基于指纹的远程用户认证方案的改进
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.62
Jing Xu, W. Zhu, Deng-guo Feng
{"title":"Improvement of a Fingerprint-Based Remote User Authentication Scheme","authors":"Jing Xu, W. Zhu, Deng-guo Feng","doi":"10.1109/ISA.2008.62","DOIUrl":"https://doi.org/10.1109/ISA.2008.62","url":null,"abstract":"Password authentication has been adopted as one of the most commonly used solutions in network environments to protect resources from unauthorized access. Recently, Khan et al. proposed an efficient fingerprint-based remote user authentication scheme with smart cards, in which a password/verification table is not required on the remote server, and users are allowed to choose and update their passwords freely. In this paper, we show that their scheme is vulnerable to the parallel session attack. Furthermore, their scheme is susceptible to the impersonation attack provided that the information stored in the smart card is disclosed by an adversary. We also propose an improved scheme which is immune to the presented attacks.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124250475","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 30
Implementation and Automatic Testing for Security Enhancement of Linux Based on Least Privilege 基于最小权限的Linux安全增强实现与自动测试
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.61
Gaoshou Zhai, Jie Zeng, Miaoxia Ma, L. Zhang
{"title":"Implementation and Automatic Testing for Security Enhancement of Linux Based on Least Privilege","authors":"Gaoshou Zhai, Jie Zeng, Miaoxia Ma, L. Zhang","doi":"10.1109/ISA.2008.61","DOIUrl":"https://doi.org/10.1109/ISA.2008.61","url":null,"abstract":"Nowadays, technologies of information security have been attached more and more importance to and it's a critical problem to take measures to ensure the reliability of related trustworthy software such as secure operating systems (SOSs). Thereafter, it's always necessary for such systems to be taken complete and rigorous security test and evaluation among development team and/or by third-party security certification organization. However, such software testing is usually time consuming, cost consuming and boresome and thus technologies of software testing automation have alluring application foreground in that field. In this paper, methods and technologies about how to test a SOS automatically are discussed in breadth and in depth at first. Then least privilege is studied and the corresponding modules of security enhancement are added to Linux based on Linux Kernel Modules (LKM). Finally, a prototype of automatic security testing as to such least privilege mechanism is implemented and the results are analyzed.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":" 38","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120831063","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Revision of Security Proof on f-OAEP f-OAEP安全证明的修订
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.38
Jie Liu, Gongliang Chen, Jianhua Li
{"title":"Revision of Security Proof on f-OAEP","authors":"Jie Liu, Gongliang Chen, Jianhua Li","doi":"10.1109/ISA.2008.38","DOIUrl":"https://doi.org/10.1109/ISA.2008.38","url":null,"abstract":"OAEP is widely accepted because of its provable security and practicability. However, there was a twist in the security proof in the random oracle model. Shoup revealed a flaw in the original security proof by Bellare and Rogaway. In this paper, a revision of the security proof is presented to fix the flaw. Furthermore, compared with some existing improved prove methods, the revised proof is applicable for the underlying trapdoor permutation being a general case.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125997429","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Web Metering Scheme for Fair Advertisement Transactions 公平广告交易的网上计量计划
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.48
Ren-Chiun Wang, Wen-Shenq Juang, C. Lei
{"title":"A Web Metering Scheme for Fair Advertisement Transactions","authors":"Ren-Chiun Wang, Wen-Shenq Juang, C. Lei","doi":"10.1109/ISA.2008.48","DOIUrl":"https://doi.org/10.1109/ISA.2008.48","url":null,"abstract":"Since the rapid development of the Internet, many advertisers would want to introduce their goods on Web sites. For achieving fair network advertisement payment, a payment system may need to evaluate the number of visited clients for particular Web pages. However, advertisers fear that Web servers inflate the number of metering. Also, Web servers fear to receive a forged witness from a client. If one of the above situations happened, the payment of network advertisement is unfair. In this paper, we propose a user-efficient and fair Web metering scheme for ubiquitous environments, where clients can use various intelligent devices to obtain their desired services at any time and any place.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129762963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Cyber Criminal Activity Analysis Models using Markov Chain for Digital Forensics 基于马尔可夫链的数字取证网络犯罪分析模型
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.90
Do Do Kim, H. In
{"title":"Cyber Criminal Activity Analysis Models using Markov Chain for Digital Forensics","authors":"Do Do Kim, H. In","doi":"10.1109/ISA.2008.90","DOIUrl":"https://doi.org/10.1109/ISA.2008.90","url":null,"abstract":"Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the noise page elimination algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo simulation.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"24 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127095458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Research on Software Dependability Testing Profile in Internet Environment 互联网环境下软件可靠性测试方法研究
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.20
Changjie Ma, J. Zhao, Guochang Gu, X. Ma
{"title":"Research on Software Dependability Testing Profile in Internet Environment","authors":"Changjie Ma, J. Zhao, Guochang Gu, X. Ma","doi":"10.1109/ISA.2008.20","DOIUrl":"https://doi.org/10.1109/ISA.2008.20","url":null,"abstract":"In Internet environment, software needs to be tested sufficiently before it is considered dependable. The operational profile based testing is an efficient way for both the reliability testing and the security testing. In practice, the two kinds of testing are often carried out separately to validate the dependability of the software, but it is resources consuming to develop the operational profile and security intrusion profile. In this paper, the feasibilities and the benefits of the idea of taking the dependability testing are given. Since the testing profile is often different from the operational profile with the influence of the security testing, a description method of the testing profile is needed. A brief analysis of the description of operational profile is made, and on the base of the extended operational profile, the method to describe the dependability testing profile is proposed.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130257209","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Detection SYN Flooding Attacks Using Fuzzy Logic 利用模糊逻辑检测SYN泛洪攻击
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.50
T. Tuncer, Y. Tatar
{"title":"Detection SYN Flooding Attacks Using Fuzzy Logic","authors":"T. Tuncer, Y. Tatar","doi":"10.1109/ISA.2008.50","DOIUrl":"https://doi.org/10.1109/ISA.2008.50","url":null,"abstract":"Denial of Service attacks are one of the major type of problems in the computer network security. Because they include many other type of attacks they are one of the most frequently used attack methods.. In general, DoS attacks are used to block access to the computer networks or personal computers. SYN flooding attack is the most widespread of the DoS attacks. In these attacks normal SYN packets can not be distinguished from the SYN attack packets. In this paper, we propose a fuzzy logic based system for detecting SYN flooding attacks. Performance of the proposed system has been compared with Cumulative Sum (CUSUM) algorithm. The simulation results show that the proposed system has better performance for low and high intensity attacks than the CUSUM algorithm.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122320361","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
Security Research on WiMAX with Neural Cryptography 基于神经密码的WiMAX安全研究
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.17
Dong Hu, Yuyan Wang
{"title":"Security Research on WiMAX with Neural Cryptography","authors":"Dong Hu, Yuyan Wang","doi":"10.1109/ISA.2008.17","DOIUrl":"https://doi.org/10.1109/ISA.2008.17","url":null,"abstract":"The paper gives an overview of the security issue on WiMAX, which is a new and hot research point for telecommunication and computer scientist. In the IEEE 802.11 technology, security was added later while IEEE 802.16 considered the security issues during the design of the protocol. However, security mechanism of the IEEE 802.16 still remains a question. WiMAX is relatively a new technology and does not deployed widely to justify the evidence of threats, risk and vulnerability in real situations. We also discuss how to apply neural cryptography at WiMAX application in the end.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126684408","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A New Electronic Communication Technology - VT Position Code Communication Technology and Its Implementation 一种新的电子通信技术——VT位置码通信技术及其实现
2008 International Conference on Information Security and Assurance (isa 2008) Pub Date : 2008-04-24 DOI: 10.1109/ISA.2008.43
S.Y. Zhou, G.H. Qin, Y. Jin
{"title":"A New Electronic Communication Technology - VT Position Code Communication Technology and Its Implementation","authors":"S.Y. Zhou, G.H. Qin, Y. Jin","doi":"10.1109/ISA.2008.43","DOIUrl":"https://doi.org/10.1109/ISA.2008.43","url":null,"abstract":"Now computer and electronic device technology has been monopolized by binary system, not only unable to break through the existing technology bottleneck, but bring a lot of potential safety problems. Aiming at this question, a new electronic communication technology is presented in this paper. The technology quantifies the time axis and the voltage axis synchronously, uses the quantified time dot as the address of the communication, and realizes the transmission of the multi-system [1] data via transmitting the multi-steps voltage quantification. The technology solves the bottleneck problem of the speed, circuit and electromagnetism in the electronic communication, changes the binary system coding mode and communication connection form of the electronic device, reduces the transmission quantity of the redundant information, advances the security of electronic system and network, debases the complexity of the devices connection, enhances the rate of the processing and the transmission, simplifies the transformation between the difference protocols. The experimental results approve the validity and the robustness of the technology.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114176734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信