发布求助
文献互助 智能选刊 最新文献

2013 2nd National Conference on Information Assurance (NCIA)最新文献

筛选
英文 中文
Timing filter for counter mode encryption 计数器模式加密的定时滤波器
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725333
Naveed Ahmed
{"title":"Timing filter for counter mode encryption","authors":"Naveed Ahmed","doi":"10.1109/NCIA.2013.6725333","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725333","url":null,"abstract":"An encryption scheme, such as counter (CTR) mode encryption, uses a block cipher to achieve the confidentiality of plaintext. Assuming the block cipher to be a pseudorandom function (PRF), CTR mode encryption is provably secure, namely it achieves indistinguishability under chosen plaintext attacks (IND-CPA). The CTR mode, however, is not specifically designed to hide timing patterns present in the plaintext generation process. Thus, a direct implementation of the CTR mode may leak these timing patterns in the ciphertext, which can be used to cryptanalyse the encryption system. In this paper we propose a timing filter for the CTR mode, which is specifically designed to hide such timing patterns in the ciphertext. We prove that the timing filter is secure in the sense of IND-CPA. Our timing filter poses a negligible overhead on the channel throughput.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115094542","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An efficient elliptic curve based signcryption scheme for firewalls 一种有效的基于椭圆曲线的防火墙签名加密方案
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725326
Waseem Iqbal, M. Afzal, Farhan Ahmad
{"title":"An efficient elliptic curve based signcryption scheme for firewalls","authors":"Waseem Iqbal, M. Afzal, Farhan Ahmad","doi":"10.1109/NCIA.2013.6725326","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725326","url":null,"abstract":"In this paper, a modified digital signcryption model has been proposed keeping in view the requirements of firewall signcryption. Based on this model, the security and efficiency of existing signcryption schemes that are presented over the years have been analyzed. The analysis shows that these schemes lack certain security attributes and violate the basic principles of firewall signcryption. Furthermore, a new signcryption scheme has been proposed that provides all essential security attributes and complies with all the requirements of firewall signcryption. The proposed scheme also has computational advantages over existing schemes. Since the construction of the proposed scheme is based on elliptic curve cryptography, it is also suitable for resource constrained applications.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130424078","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Experimental evaluation of Snort against DDoS attacks under different hardware configurations 不同硬件配置下Snort抗DDoS攻击的实验评估
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725321
A. Saboor, M. Akhlaq, B. Aslam
{"title":"Experimental evaluation of Snort against DDoS attacks under different hardware configurations","authors":"A. Saboor, M. Akhlaq, B. Aslam","doi":"10.1109/NCIA.2013.6725321","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725321","url":null,"abstract":"Network intrusion detection systems are considered as one of the basic entities widely utilized and studied in the field of network security that aim to detect any hostile intrusion within a given network. Among many network intrusion detection systems (NIDS), open source systems have gained substantial preference due to their flexibility, support and cost effectiveness. Snort, an open source system is considered as the de-facto standard for NIDS. In this paper, effort has been made to gauge Snort in terms of performance (packet handling) and detection accuracy against TCP Flooding Distributed Denial of Service attack. The evaluation has been done using a sophisticated test-bench under different hardware configurations. This paper has analyzed the major factors affecting the performance and detection capability of Snort and has recommended techniques to make Snort a better intrusion detection system (IDS). Experimental results have shown significant improvement in Snort packet handling capability by using better hardware. However; Snort detection capability is not improved by improving hardware and is dependent upon its internal architecture (signature database and rate filtration). Furthermore, the findings can be applied to other signature based intrusion detection systems for refining their performance and detection capability.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"46 21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115394492","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Survey on secure live virtual machine (VM) migration in Cloud 云环境下动态虚拟机(VM)安全迁移研究
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725332
Naveed Ahmad, A. Kanwal, M. A. Shibli
{"title":"Survey on secure live virtual machine (VM) migration in Cloud","authors":"Naveed Ahmad, A. Kanwal, M. A. Shibli","doi":"10.1109/NCIA.2013.6725332","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725332","url":null,"abstract":"The core of Cloud computing includes virtualization of hardware resources such as storage, network and memory provided through virtual machines (VM). The live migration of these VMs is introduced to obtain multiple benefits which mainly include high availability, hardware maintenance, fault takeover and workload balancing. Besides various facilities of the VM migration, it is susceptible to severe security risks during migration process due to which the industry is hesitant to accept it. The research done so far is on the performance of migration process; whereas the security aspects in migration are not fully explored. We have carried out an extensive survey to investigate the vulnerabilities, threats and possible attacks on the live VM migration. Furthermore, we have identified security requirements for secure VM migration and presented a detailed analysis of existing solutions on the basis of these security requirements. Finally, limitations in the existing solutions are presented.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126675743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Cyber security challenges and wayforward for developing countries 发展中国家面临的网络安全挑战与前进方向
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725318
Muhammad Sharjeel Zareen, M. Akhlaq, M. Tariq, Umar Khalid
{"title":"Cyber security challenges and wayforward for developing countries","authors":"Muhammad Sharjeel Zareen, M. Akhlaq, M. Tariq, Umar Khalid","doi":"10.1109/NCIA.2013.6725318","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725318","url":null,"abstract":"Twenty first century has seen a new dimension of warfare; the cyber warfare. Developed countries have started exploiting the vulnerabilities of cyberspace to gain supremacy and influence over the rivals and over countries. Projects like PRISM and Boundless Information and malwares like Stuxnet and Disttrack have surprised the world by revealing how the cyberspace is being exploited by developed countries. Reliance of developing countries on a reliable and secure cyberspace do not match with that of western world but still few of their critical organizations like national, military and private sector hold significant share in cyberspace. Mostly, these developing countries rely on the products developed by western world. The dependency has inherent vulnerabilities and opportunities which place their critical organizations vulnerable to cyber exploitation. This research focuses on the cyber security challenges foreseen by the developing countries, specifically the threats crafted to avoid conventional security measures, by adversaries who have attained credible technical advancement. Finally, the solution is proposed for the developing countries to tackle the issue administratively, and organizationally.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127219494","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
GSM downlink protocol analysis and decoding using open-source hardware and software GSM下行协议分析和解码采用开源硬件和软件
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725322
J. Burki, Fahad M. Malik, M. Mushtaq
{"title":"GSM downlink protocol analysis and decoding using open-source hardware and software","authors":"J. Burki, Fahad M. Malik, M. Mushtaq","doi":"10.1109/NCIA.2013.6725322","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725322","url":null,"abstract":"Since its introduction in 1992, Global System for Mobile Communications (GSM) has evolved to become a worldwide standard in mobile telephony. Security in GSM, albeit being one of the most important issues, has not yet been scrutinized to a level it deserves owing mainly to the expensive hardware requirements and lack of thorough understanding of GSM protocols in general. This scenario is changing significantly with the growing rate of development of open-source tools, which can serve to harness the RF signaling and enable processing on a general purpose workstation. In this paper, these open-source tools are utilized to study the feasibility of developing a GSM Protocol Analyzer and investigating the theoretical security protocols and procedures through practical implementation of such system. Universal Software Programmable Radio Peripheral (USRP) was selected as the RF frontend for the protocol analyzer. The USRP is a general purpose, open-hardware transceiver that can be linked to a workstation via an RJ45 Gigabit Ethernet link. Various open-source software, based primarily on GNU Radio, are then utilized to synchronize, demodulate and decode the received signal.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133510370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Selective region based images encryption 基于选择区域的图像加密
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725336
Irfan Ullah, Waseem Iqbal, A. Masood
{"title":"Selective region based images encryption","authors":"Irfan Ullah, Waseem Iqbal, A. Masood","doi":"10.1109/NCIA.2013.6725336","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725336","url":null,"abstract":"Image security is of great importance in many applications including Military, Medical and many others. Generally, images are of very large sizes and conventional encryption techniques are not considered good. An approach that is very recently found in literature is of selective encryption of multimedia images. In this paper a new approach is introduced for the selection of the area in the image that will select maximum information area for encryption based on percentage of coefficients. Un-encrypted area is permuted with the encrypted area that will further enhance the security of the images. The mean square error (MSE) and peak signal to noise ratio (PSNR) values show a huge difference in between the original and encrypted images.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132098211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Information Security Management in academic institutes of Pakistan 巴基斯坦学术机构的信息安全管理
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725323
Huma Rehman, A. Masood, A. R. Cheema
{"title":"Information Security Management in academic institutes of Pakistan","authors":"Huma Rehman, A. Masood, A. R. Cheema","doi":"10.1109/NCIA.2013.6725323","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725323","url":null,"abstract":"Academic institutions are among the most targeted information systems in the world. Their highly decentralized infrastructure makes it difficult to ensure reliable security measures across their networks. Moreover, academic institutes have different departments, with diverse users (faculty, staff, students, and researchers), with abundant public and private data residing on servers and end systems. The probability and impact of threats and damage to the confidentiality, integrity and availability have never been higher. Although the educational institutes are now aware that the security of their information assets (included IT infrastructure, records, research data, faculty and students) is their highest priority in terms of risk, business continuity and reputation, very little research/work has been carried out in this field. This paper provides a general framework to implement the Information Security Management System (ISMS) in academic institutes and suggests some best practices to adopt or implement in order to make the system and network secure to some extent.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"38 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130758565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
A novel steganography algorithm to hide a grayscale BMP image in two grayscale BMP images for dual secrecy 一种新的隐写算法,将灰度BMP图像隐藏在两幅灰度BMP图像中,实现双重保密
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725327
F. Jassim
{"title":"A novel steganography algorithm to hide a grayscale BMP image in two grayscale BMP images for dual secrecy","authors":"F. Jassim","doi":"10.1109/NCIA.2013.6725327","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725327","url":null,"abstract":"Recent researches in steganography get used to hire one cover image as a host image. In this paper, a novel method was proposed to use two cover images as host images with one secret (stego) image. The main principle of using two host images is to increase the security in the receiver side when sending each host image alone in different times. The first phase starts with sending the first cover image alone with special stego key. The second phase, is to sent the other cover image with different stego key. The dispatched images are send without introducing noticeable artifacts. Actually, this process will make the way difficult and arduous for the adversary. The experiments demonstrate that the proposed method can provide excellent perceptual quality of the reconstructed secret image. The performance metrics have proven that the reconstructed secret image has high PSNR value with very small MSE.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115859315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
User Centric Access control policy management framework for Cloud applications 以用户为中心的云应用访问控制策略管理框架
2013 2nd National Conference on Information Assurance (NCIA) Pub Date : 2013-12-01 DOI: 10.1109/NCIA.2013.6725338
Abdul Ghafoor, Misbah Irum, M. Qaisar
{"title":"User Centric Access control policy management framework for Cloud applications","authors":"Abdul Ghafoor, Misbah Irum, M. Qaisar","doi":"10.1109/NCIA.2013.6725338","DOIUrl":"https://doi.org/10.1109/NCIA.2013.6725338","url":null,"abstract":"Cloud computing environment is a collection of various Cloud applications deployed by different Cloud service vendors for their customers. The online availability, variety and easy access of Cloud applications allow users to create, upload and store numerous resources across the Cloud. However, Protection of these resources from different security threats in Cloud environment is still a serious concern for the Cloud users. Cloud applications provide diverse and complex authorization and access control mechanisms to different Cloud users. Moreover, Access control is limited and tightly bound to the functionality of the applications and does not cater the access control requirements of individual users. Securing every resource with different, complex and limited access control solutions is a tedious task and results in poorly protected resources susceptible to unauthorized access and different other security threats. A new approach to access control in Cloud environment is presented in this paper. It externalizes access control from Cloud applications and enables users to create, and manage access control policies on their resources according to their own security and access control requirements. The framework also provides users with a central control point, standard policy definition language and easy to use interface to specify and manage access control on all their resources scattered across the Cloud. We presented the framework and described the protocol which defines the interaction between different components of the system to specify and enforce User-Centric policies using XACML standards.","PeriodicalId":222016,"journal":{"name":"2013 2nd National Conference on Information Assurance (NCIA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124250540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信