发布求助
文献互助 智能选刊 最新文献

2016 11th International Conference on Availability, Reliability and Security (ARES)最新文献

筛选
英文 中文
Extraction and Analysis of Volatile Memory in Android Systems: An Approach Focused on Trajectory Reconstruction Based on NMEA 0183 Standard Android系统中易失性内存的提取与分析:基于NMEA 0183标准的轨迹重建方法
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.17
João Sousa, J. Gondim
{"title":"Extraction and Analysis of Volatile Memory in Android Systems: An Approach Focused on Trajectory Reconstruction Based on NMEA 0183 Standard","authors":"João Sousa, J. Gondim","doi":"10.1109/ARES.2016.17","DOIUrl":"https://doi.org/10.1109/ARES.2016.17","url":null,"abstract":"Android devices are widely used in the world and can function as GPS receivers. Time and position information have great relevance in investigation, however, data stored in non-volatile media may be limited with respect to the reconstruction of trajectories, since data from GPS receivers usually remains in RAM and is not written on log files, databases, and other artifacts. A prospective method for recovering data with GPS-coordinates stored in RAM memory of Android mobile devices is presented. Experiments were performed in different scenarios, with different device architectures, to analyze the feasibility of reconstruction of trajectories based on the NMEA 0183 protocol sentences retrieved from RAM memory. In developing the technique, it was possible to verify issues that can hinder the process of extraction and analysis of data and also assess tools that have been developed to aid the process.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129092722","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Stopping Amplified DNS DDoS Attacks through Distributed Query Rate Sharing 通过分布式查询速率共享防范DNS DDoS放大攻击
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.93
Saurabh Verma, Ali Hamieh, J. Huh, Henrik Holm, S. R. Rajagopalan, Maciej Korczyński, N. Fefferman
{"title":"Stopping Amplified DNS DDoS Attacks through Distributed Query Rate Sharing","authors":"Saurabh Verma, Ali Hamieh, J. Huh, Henrik Holm, S. R. Rajagopalan, Maciej Korczyński, N. Fefferman","doi":"10.1109/ARES.2016.93","DOIUrl":"https://doi.org/10.1109/ARES.2016.93","url":null,"abstract":"An Amplified DNS DDoS (ADD) attack involves tens of thousands of DNS resolvers that send huge volumes of amplified DNS responses to a single victim host, quickly flooding the victim's network bandwidth. Because ADD attacks are distributed, it is difficult for individual DNS resolvers to detect them based on local DNS query rates alone. Even if a victim detects an ADD attack, it cannot stop the attacker from flooding its network bandwidth. To address this problem, we present a novel mitigation system called\"Distributed Rate Sharing based Amplified DNS-DDoS Attack Mitigation\" (DRS-ADAM). DRS-ADAM facilitates DNS query rate sharing between DNS resolvers that are involved in an attack to detect and completely stop an ADD attack. Each DNS resolver quickly builds the global DNS query rate for potential victims by accumulating the shared rate values, and uses that global rate to make mitigation decisions locally. DRS-ADAM can be easily deployed through a small software update on resolvers and victim hosts, and does not require any additional server component. Our simulation results show that DRS-ADAM can contain the peak attack rates close to a victim's acceptable threshold values (which are far smaller than their sustainable bandwidth) at all times, regardless of the number of resolvers involved in ADD attacks. ADD attacks can be fully mitigated within a few seconds.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"723 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126949111","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Identification and Analysis of Email and Contacts Artefacts on iOS and OS X iOS和OS X上电子邮件和联系人伪制品的识别和分析
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.56
Kenneth M. Ovens, G. Morison
{"title":"Identification and Analysis of Email and Contacts Artefacts on iOS and OS X","authors":"Kenneth M. Ovens, G. Morison","doi":"10.1109/ARES.2016.56","DOIUrl":"https://doi.org/10.1109/ARES.2016.56","url":null,"abstract":"Acquiring data from cloud storage services has become increasingly important to digital forensic investigations. As more providers offer greater online storage facilities and user data is synchronised across multiple devices, an abundance of data sources has become available to assist with forensic investigations. However, such data can only become evidence when there is a thorough understanding of the data dynamics between client devices and the cloud, and there are explanations for any variations. This paper documents and analyses the artefacts created by interactions between Apple's cloud service, email and contacts applications. An explanation of why some artefacts synchronised over the cloud do not have matching cryptographic hashes is offered, and the ability to establish email origin on a system of multiple devices sharing a single account is established.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127800032","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Hybrid Focused Crawling for Homemade Explosives Discovery on Surface and Dark Web 地面和暗网自制炸药发现的混合聚焦爬行
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.66
Christos Iliou, George Kalpakis, T. Tsikrika, S. Vrochidis, Y. Kompatsiaris
{"title":"Hybrid Focused Crawling for Homemade Explosives Discovery on Surface and Dark Web","authors":"Christos Iliou, George Kalpakis, T. Tsikrika, S. Vrochidis, Y. Kompatsiaris","doi":"10.1109/ARES.2016.66","DOIUrl":"https://doi.org/10.1109/ARES.2016.66","url":null,"abstract":"This work proposes a generic focused crawling framework for discovering resources on any given topic that reside on the Surface or the Dark Web. The proposed crawler is able to seamlessly traverse the Surface Web and several darknets present in the Dark Web (i.e. Tor, I2P and Freenet) during a single crawl by automatically adapting its crawling behavior and its classifier-guided hyperlink selection strategy based on the network type. This hybrid focused crawler is demonstrated for the discovery of Web resources containing recipes for producing homemade explosives. The evaluation experiments indicate the effectiveness of the proposed ap-proach both for the Surface and the Dark Web.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133249555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
A New Vision for ATM Security Management: The Security Management Platform ATM安全管理的新愿景:安全管理平台
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.50
Claudio Porretti, Raoul Lahaije, Denis Kolev
{"title":"A New Vision for ATM Security Management: The Security Management Platform","authors":"Claudio Porretti, Raoul Lahaije, Denis Kolev","doi":"10.1109/ARES.2016.50","DOIUrl":"https://doi.org/10.1109/ARES.2016.50","url":null,"abstract":"The aim of this paper is to describe a new vision for ATM Security Management that is proposed by the GAMMA project, and implemented by its \"core\" prototype called Security Management Platform. GAMMA is an FP7 project with the goal of developing solutions capable to manage emerging ATM vulnerabilities. The GAMMA vision recognises the opportunities opened by a collaborative framework for managing security, building a solution based on the self-protection and resilience of the ATM system, with the possibility to share security information in a distributed federated environment. This concept is implemented with the Security Management Platform prototype, and can be conceptualized as a network of distributed nodes embedded within the ATM system, providing interfaces to (ATM) internal and external security stakeholders. The Security Management Platform prototype provides a basis for the management of security throughout phases, from prevention to the identification of security incidents and the efficient resolution of the resulting ATM crises.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130265430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Co-creating Security-and-Privacy-by-Design Systems 共同创建安全与隐私设计系统
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.74
Sauro Vicini, Francesco Alberti, Nicolás Notario, A. Crespo, J. Troncoso-Pastoriza, A. Sanna
{"title":"Co-creating Security-and-Privacy-by-Design Systems","authors":"Sauro Vicini, Francesco Alberti, Nicolás Notario, A. Crespo, J. Troncoso-Pastoriza, A. Sanna","doi":"10.1109/ARES.2016.74","DOIUrl":"https://doi.org/10.1109/ARES.2016.74","url":null,"abstract":"The elicitation and the analysis of security and privacy requirements are generally intended as being mainly performed by field experts. In this paper we show how it is possible to integrate practical Co-Creation processes into Security-and-Privacy-by-Design methodologies. In addition, we present some guidelines showing how it is possible to translate the high-level requirements obtained from the end-user engaging into verifiable low-level requirements and technological requirements. The paper demonstrates as well the feasibility of our approach by applying it in two realistic scenarios where the outsourcing of personal and sensitive data requires high-level of security and privacy.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129977088","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Notary-Assisted Certificate Pinning for Improved Security of Android Apps 公证辅助证书固定,提高Android应用程序的安全性
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.42
Georg Merzdovnik, D. Buhov, A. Voyiatzis, E. Weippl
{"title":"Notary-Assisted Certificate Pinning for Improved Security of Android Apps","authors":"Georg Merzdovnik, D. Buhov, A. Voyiatzis, E. Weippl","doi":"10.1109/ARES.2016.42","DOIUrl":"https://doi.org/10.1109/ARES.2016.42","url":null,"abstract":"The security provided to Internet applications by the TLS protocol relies on the trust we put on Certificate Authorities (CAs) issuing valid identity certificates. TLS certificate pinning is a proposed approach to defend against man-in-the-middle (MitM) attacks that are realized using valid albeit fraudulent certificates. Yet, the implementation of certificate pinning for mobile applications, and especially for Google Android apps, is cumbersome and error-prone, resulting in inappropriate connection handling and privacy leaks of user information. We propose the use of TLS notary-assisted certificate pinning at the Android Runtime level. Our approach defends against a wide range of MitM attacks without needing to update the application using TLS. Furthermore, by relying on the collective knowledge of the trusted TLS notaries, we increase both the security and the usability, while at the same time we remove the burden for the user making trust decisions about system security issues. We describe a proof-of-concept implementation demonstrating its capabilities and discuss the next steps necessary towards general availability of our solution.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133273263","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
SPARER: Secure Cloud-Proof Storage for e-Health Scenarios SPARER:用于电子健康场景的安全防云存储
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.14
Gabriela Gheorghe, M. R. Asghar, Jean Lancrenon, Sankalp Ghatpande
{"title":"SPARER: Secure Cloud-Proof Storage for e-Health Scenarios","authors":"Gabriela Gheorghe, M. R. Asghar, Jean Lancrenon, Sankalp Ghatpande","doi":"10.1109/ARES.2016.14","DOIUrl":"https://doi.org/10.1109/ARES.2016.14","url":null,"abstract":"With the surge of data breaches, practitioner ignorance and unprotected hardware, secure information management in healthcare environments is becoming a challenging problem. In the context of healthcare systems, confidentiality of patient data is of particular sensitivity. For economic reasons, cloud services are spreading, but there is still no clear solution to the problem of truly secure data storage at a remote location. To tackle this issue, we first examine if it is possible to have a secure storage of healthcare data without fully relying on trusted third-parties, and without impeding system usability on the side of the caregivers. The novelty of this approach is that it offers a standard-based deployable solution tailored for healthcare scenarios, using cloud services, but where trust is shifted from the cloud provider to the healthcare institution. This approach is unlike state-of-the-art solutions: there are secure cloud storage solutions that insist on having no knowledge of the stored data, but we discovered that they still require too much trust to manage user credentials, these credentials actually give them access to confidential data. In the paper, we present SPARER as a solution to the secure cloud storage problem and discuss the trade-offs of our approach. Moreover, we look at performance benchmarks that can hint to the feasibility and cost of using off-the-shelf cryptographic tools as building blocks in SPARER.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131972394","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Case Study of Security Development in an Agile Environment: Building Identity Management for a Government Agency 敏捷环境下的安全开发案例研究:为政府机构建立身份管理
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.45
Kalle Rindell, S. Hyrynsalmi, V. Leppänen
{"title":"Case Study of Security Development in an Agile Environment: Building Identity Management for a Government Agency","authors":"Kalle Rindell, S. Hyrynsalmi, V. Leppänen","doi":"10.1109/ARES.2016.45","DOIUrl":"https://doi.org/10.1109/ARES.2016.45","url":null,"abstract":"In contemporary software development projects and computing tasks, security concerns have an increasing effect, and sometimes even guide both the design and the project's processes. In certain environments, the demand for the security becomes the main driver of the development. In these cases, the development of the product requires special security arrangements for development and hosting, and specific security-oriented processes for governance. Compliance with these requirements using agile development methods may not only be a chance to improve the project efficiency, but can in some cases, such as in the case discussed in this paper, be an organizational requirement. This paper describes a case of building a secure identity management system and its management processes, in compliance with the Finnish government's VAHTI security instructions. The building project was to be implemented in accordance to the governmental security instructions, while following the service provider's own management framework. Project itself was managed with Scrum. The project's steering group required the use of Scrum, and this project may be viewed as a showcase of Scrum's suitability to multi-teamed, multi-site, security standard-compliant work. We also discuss the difficulties of fulfilling strict security regulations regarding both the development process and the end product in this project, and the difficulties utilizing Scrum to manage a multi-site project organization. Evaluation of the effects of the security work to project cost and efficiency is also presented. Finally, suggestions to enhance the Scrum method for security-related projects are made.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129538855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
PRISMACLOUD Tools: A Cryptographic Toolbox for Increasing Security in Cloud Services PRISMACLOUD工具:用于提高云服务安全性的加密工具箱
2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI: 10.1109/ARES.2016.62
T. Lorünser, Daniel Slamanig, T. Länger, H. C. Pöhls
{"title":"PRISMACLOUD Tools: A Cryptographic Toolbox for Increasing Security in Cloud Services","authors":"T. Lorünser, Daniel Slamanig, T. Länger, H. C. Pöhls","doi":"10.1109/ARES.2016.62","DOIUrl":"https://doi.org/10.1109/ARES.2016.62","url":null,"abstract":"The EC Horizon 2020 project PRISMACLOUD aims at cryptographically addressing several severe risks threatening end user security and privacy in current cloud settings. This shall be achieved by the provision of a reusable toolbox encapsulating cryptographic functionality from which dependably secure cloud services can be assembled. In order to provide a tangible abstraction of the complexity involved with the construction of cryptographically secured cloud services, we introduce the four-layer PRISMACLOUD architecture. Top down, it consists of a use cases (application) layer, a services layer, a tools layer, and a cryptographic primitives and protocols layer. In this paper we provide a detailed description of the PRISMACLOUD tools in terms of functional components, as well as how they interact to provide the desired security functionality. We also briefly describe the cutting-edge cryptographic primitives which are encompassed by the tools. Both the toolbox and the cryptographic primitives and protocols are being currently developed and will be provided as reference implementation by project end in July 2018.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127747533","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信