发布求助
文献互助 智能选刊 最新文献

2016 11th International Conference on Availability, Reliability and Security (ARES)最新文献

筛选
英文 中文
IFCaaS: Information Flow Control as a Service for Cloud Security IFCaaS:信息流控制即云安全服务
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.27
Marwa A. Elsayed, Mohammad Zulkernine
{"title":"IFCaaS: Information Flow Control as a Service for Cloud Security","authors":"Marwa A. Elsayed, Mohammad Zulkernine","doi":"10.1109/ARES.2016.27","DOIUrl":"https://doi.org/10.1109/ARES.2016.27","url":null,"abstract":"With the maturity of service-oriented architecture (SOA) and Web technologies, web services have become critical components of Software as a Service (SaaS) applications in cloud ecosystem environments. Most SaaS applications leverage multi-tenant data stores as a back end to keep and process data with high agility. Although these technologies promise impressive benefits, they put SaaS applications at risk against novel as well as prevalent attack vectors. This security risk is further magnified by the loss of control and lack of security enforcement over sensitive data manipulated by SaaS applications. An effective solution is needed to fulfill several requirements originating in the dynamic and complex nature of such applications. Inspired by the rise of Security as a Service (SecaaS) model, this paper introduces \"Information Flow Control as a Service (IFCaaS)\". IFCaaS lays the foundation of cloud-delivered IFC-based security analysis and monitoring services. As an example of the adoption of the IFCaaS, this paper presents a novel framework that addresses the detection of information flow vulnerabilities in SaaS applications. Our initial experiments show that the framework is a viable solution to protect against data integrity and confidentiality violations leading to information leakage.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129685284","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Towards a Unified Secure Cloud Service Development and Deployment Life-Cycle 迈向统一的安全云服务开发和部署生命周期
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.73
Aleksandar Hudic, Matthias Flittner, T. Lorünser, Philipp M. Radl, R. Bless
{"title":"Towards a Unified Secure Cloud Service Development and Deployment Life-Cycle","authors":"Aleksandar Hudic, Matthias Flittner, T. Lorünser, Philipp M. Radl, R. Bless","doi":"10.1109/ARES.2016.73","DOIUrl":"https://doi.org/10.1109/ARES.2016.73","url":null,"abstract":"Designing and developing cloud services is a challenging task that includes requirements engineering, secure service deployment, maintenance, assurance that proper actions have been taken to support security and, in addition, considering legal aspects. This is unfortunately not possible by taking current methods and techniques into consideration. Therefore, we require a systematic and comprehensive approach for building such services that starts the integration of security concerns from early stages of design and development, and continuous to refines and integrate them in the deployment phase. In this paper we therefore propose a solution that integrates security requirements engineering and continuous refinement in a comprehensive security development and deployment life-cycle for cloud services and applications. Our approach is focused on iterative refinement of the security-based requirements during both software engineering (development phase) and software maintenance (deployment phase).","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121376949","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Lightweight Encryption for Smart Home 用于智能家居的轻量级加密
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.40
S. A. Salami, J. Baek, K. Salah, E. Damiani
{"title":"Lightweight Encryption for Smart Home","authors":"S. A. Salami, J. Baek, K. Salah, E. Damiani","doi":"10.1109/ARES.2016.40","DOIUrl":"https://doi.org/10.1109/ARES.2016.40","url":null,"abstract":"Smart home is one of the most popular IoT (Internet of Things) applications, which connects a wide variety of objects and home appliances in a single logical network. Smart home applications have benefited from interactions and data transmissions among different devices over the integrated network with or without human interventions. However, like other technologies, smart home likely introduces new security vulnerabilities due to its dynamic and open nature of connectivity with heterogeneous features. Among such vulnerabilities, is the breach of confidentiality which needs to be addressed urgently as data exchanged between smart home devices can contain crucial information related to user's privacy and safety. However, some of the challenges in providing smart home system with confidentiality service are the flexibility of key management and efficiency of computation and communication. These challenges should be addressed carefully as many small and resource-constrained devices are usually involved in smart home systems. In this paper, we address these challenges by proposing a lightweight encryption scheme for smart homes. This scheme will provide users and smart objects with confidentiality service without incurring much overhead cost associated with computation and communication. Our proposed scheme also supports flexible public key management through adopting identity-based encryption, which does not require complex certificate handling. We provide a formal security analysis of our scheme and a performance simulation study. The simulation shows that our scheme provides favorable level of efficiency in terms of overhead cost associated with computation and communication.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116375995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 81
An Empirical Study on the Relationship between Software Security Skills, Usage and Training Needs in Agile Settings 敏捷环境下软件安全技能、使用与培训需求关系的实证研究
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.103
Tosin Daniel Oyetoyan, D. Cruzes, M. Jaatun
{"title":"An Empirical Study on the Relationship between Software Security Skills, Usage and Training Needs in Agile Settings","authors":"Tosin Daniel Oyetoyan, D. Cruzes, M. Jaatun","doi":"10.1109/ARES.2016.103","DOIUrl":"https://doi.org/10.1109/ARES.2016.103","url":null,"abstract":"Organizations recognize that protecting their assets against attacks is an important business. However, achieving what is adequate security requires taking bold steps to address security practices within the organization. In the Agile software development world, security engineering process is unacceptable as it runs counter to the agile values. Agile teams have thus approached software security activities in their own way. To improve security within agile settings requires that management understands the current practices of software security activities within their agile teams. In this study, we use survey to investigate software security usage, competence, and training needs in two agile organizations. We find that (1) The two organizations perform differently in core software security activities but are similar when activities that could be leveraged for security are considered (2) regardless of cost or benefit, skill drives the kind of activities that are performed (3) Secure design is expressed as the most important training need by all groups in both organizations (4) Effective software security adoption in agile setting is not automatic, it requires a driver.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"810 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116419427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
How Secure are Web Servers? An Empirical Study of Slow HTTP DoS Attacks and Detection Web服务器有多安全?慢HTTP DoS攻击及检测的实证研究
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.20
Nikhil Tripathi, N. Hubballi, Yogendra Singh
{"title":"How Secure are Web Servers? An Empirical Study of Slow HTTP DoS Attacks and Detection","authors":"Nikhil Tripathi, N. Hubballi, Yogendra Singh","doi":"10.1109/ARES.2016.20","DOIUrl":"https://doi.org/10.1109/ARES.2016.20","url":null,"abstract":"Slow HTTP Denial of Service (DoS) is an application layer DoS attack in which large number of incomplete HTTP requests are sent. If number of such open connections in the server exhaust a preset threshold, server does not accept any new connections thus creating DoS. In this paper we make twofold contributions. We do an empirical study on different HTTP servers for their vulnerability against slow HTTP DoS attacks. Subsequently we propose a method to detect Slow HTTP Dos attack. The proposed detection system is an anomaly detection system which measures the Hellinger distance between two probability distributions generated in training and testing phases. In the training phase it creates a normal profile as a probability distribution comprising of complete and incomplete HTTP requests. In case of Slow HTTP attack the proportion of incomplete messages is increased in the overall traffic and detection system leverages this for detection by generating another probability distribution and finding difference between two probability distributions. We experiment by collecting data from a real web server and report the detection performance of proposed detection system.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"5 4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127230189","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 42
Collaborative Attribute Retrieval in Environment with Faulty Attribute Managers 错误属性管理器环境下的协同属性检索
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.51
M. Faiella, F. Martinelli, P. Mori, A. Saracino, M. Alishahi
{"title":"Collaborative Attribute Retrieval in Environment with Faulty Attribute Managers","authors":"M. Faiella, F. Martinelli, P. Mori, A. Saracino, M. Alishahi","doi":"10.1109/ARES.2016.51","DOIUrl":"https://doi.org/10.1109/ARES.2016.51","url":null,"abstract":"Attributes describing the features of subjects, objects and of the environment are used in access and usage control models to determine the right of a subject to use an object in a given environment. Hence, it is crucial for the effective enforcement of access and usage policies that authorization systems are able to promptly retrieve the values of the required attributes from the Attribute Providers. However, sometimes attribute providers could not respond when queried by Authorization systems, because they could be temporary down or unreachable. This could affect the decision processes, causing some requests to be unduly denied or some ongoing accesses to be unduly interrupted. This paper proposes a strategy that can be adopted by an Authorization system to estimate the value of the attributes it requires when the corresponding attribute providers are not responding. This strategy leverages on the collaboration of the other Authorization systems which exploit the same attribute providers, and which could have cached a value for the required attributes. We validate the presented approach through a set of simulative experiments which consider the presence of malicious authorization systems in the cooperative environment.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123798214","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
A Host-Based Intrusion Detection and Mitigation Framework for Smart Home IoT Using OpenFlow 基于OpenFlow的基于主机的智能家居物联网入侵检测和缓解框架
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.64
Mehdi Nobakht, V. Sivaraman, R. Boreli
{"title":"A Host-Based Intrusion Detection and Mitigation Framework for Smart Home IoT Using OpenFlow","authors":"Mehdi Nobakht, V. Sivaraman, R. Boreli","doi":"10.1109/ARES.2016.64","DOIUrl":"https://doi.org/10.1109/ARES.2016.64","url":null,"abstract":"Smart devices are gaining popularity in our homes with the promise to make our lives easier and more comfortable. However, the increased deployment of such smart devices brings an increase in potential security risks. In this work, we propose an intrusion detection and mitigation framework, called IoT-IDM, to provide a network-level protection for smart devices deployed in home environments. IoT-IDM monitors the network activities of intended smart devices within the home and investigates whether there is any suspicious or malicious activity. Once an intrusion is detected, it is also capable of blocking the intruder in accessing the victim device on the fly. The modular design of IoT-IDM gives its users the flexibility to employ customized machine learning techniques for detection based on learned signature patterns of known attacks. Software-defined networking technology and its enabling communication protocol, OpenFlow, are used to realise this framework. Finally, a prototype of IoT-IDM is developed and the applicability and efficiency of proposed framework demonstrated through a real IoT device: a smart light bulb.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121391675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 168
Geographic Localization of an Anonymous Social Network Message Data Set 匿名社交网络消息数据集的地理定位
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.47
Alexander Böhm, Benjamin Taubmann, Hans P. Reiser
{"title":"Geographic Localization of an Anonymous Social Network Message Data Set","authors":"Alexander Böhm, Benjamin Taubmann, Hans P. Reiser","doi":"10.1109/ARES.2016.47","DOIUrl":"https://doi.org/10.1109/ARES.2016.47","url":null,"abstract":"Nowadays, privacy and anonymity are becoming more and more important for users of social networks. Thus, it is of particular interest for user of an anonymous, location-based social network if the network is able to provided the anonymity that it appears to provide. In this work, we present an approach to obtain the geographic location of users of the popular Jodel social network. We are able to reconstruct the exact location from which a message was sent with an accuracy of 10 meters, using only 20 requests sent from virtual clients at different locations to the social network service.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127952136","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Role Mining with Missing Values 缺失值的角色挖掘
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.32
Sokratis Vavilis, A. Egner, M. Petkovic, Nicola Zannone
{"title":"Role Mining with Missing Values","authors":"Sokratis Vavilis, A. Egner, M. Petkovic, Nicola Zannone","doi":"10.1109/ARES.2016.32","DOIUrl":"https://doi.org/10.1109/ARES.2016.32","url":null,"abstract":"Over the years several organizations are migrating to Role-Based Access Control (RBAC) as a practical solution to regulate access to sensitive information. Role mining has been proposed to automatically extract RBAC policies from the current set of permissions assigned to users. Existing role mining approaches usually require that this set of permissions is retrievable and complete. Such an assumption, however, cannot be met in practice as permissions can be hard-coded in the applications or distributed over several subsystems. In those cases, permissions can be obtained from activity logs recording the actions performed by users. This, however, can provide an incomplete representation of the permissions within the system. Thus, existing role mining solutions are not directly applicable. In this work, we study the problem of role mining with incomplete knowledge. In particular, we investigate approaches for two instances of the role mining problem with missing values. Moreover, we study metrics to properly evaluate the obtained RBAC policies. We validate the investigated approaches using both synthetic and real data.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116564851","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Provable User Authentication Scheme in Telecare Medicine Information System Using Elliptic Curve Cryptosystem 远程医疗信息系统中椭圆曲线密码系统的可证明用户认证方案
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.43
Toan-Thinh Truong, Duong-Tien Phan, Minh Tran, A. Duong, I. Echizen
{"title":"Provable User Authentication Scheme in Telecare Medicine Information System Using Elliptic Curve Cryptosystem","authors":"Toan-Thinh Truong, Duong-Tien Phan, Minh Tran, A. Duong, I. Echizen","doi":"10.1109/ARES.2016.43","DOIUrl":"https://doi.org/10.1109/ARES.2016.43","url":null,"abstract":"Recently, the telecare medicine information system (TMIS) is one of the most convenient health-care deliveries. It helps the patient and doctor keep frequent connection, so the quality of medical treatment is enhanced. Two main problems needed to be considered are the security and privacy of patient. Many schemes proposed to satisfy such requirements are not suitable for public medical environment because of their some limitations. For example, the patients identity and password are not protected, time consuming computations in such schemes take a lot of time in authentication phase. In this paper, we survey some typical previous results in this area to inherit some advantages. Afterward, we propose a provable lightweight dedicated scheme appropriate for TMIS in insecure channel.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133278732","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信