发布求助
文献互助 智能选刊 最新文献

2018 International Conference on Software Security and Assurance (ICSSA)最新文献

筛选
英文 中文
About ICSSA 2018
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/icssa45270.2018.00005
{"title":"About ICSSA 2018","authors":"","doi":"10.1109/icssa45270.2018.00005","DOIUrl":"https://doi.org/10.1109/icssa45270.2018.00005","url":null,"abstract":"","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123072712","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Hey Siri – Are You There?: Jamming of Voice Commands Using the Resonance Effect (Work-in-Progress) 嘿Siri -你在吗?:利用共振效应干扰语音指令(正在进行中)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00026
Taekkyung Oh, William Aiken, Hyoungshick Kim
{"title":"Hey Siri – Are You There?: Jamming of Voice Commands Using the Resonance Effect (Work-in-Progress)","authors":"Taekkyung Oh, William Aiken, Hyoungshick Kim","doi":"10.1109/ICSSA45270.2018.00026","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00026","url":null,"abstract":"Micro Electro-Mechanical Systems (MEMS) microphones have become popularly used in portable devices thanks to their numerous advantages over other types of microphones. However, MEMS microphones introduce their own vulnerabilities, and in this paper we discuss the possibility of new attacks that impact devices equipped with a MEMS microphone. We found that these devices can be vulnerable to a new jamming attack based on the resonance effect inherent in the vibrating nature of MEMS devices. For example, a user’s voice commands can be canceled by a jamming attack by broadcasting carefully crafted audio signals. When these signals are generated with a frequency that matches the inherent frequency of the target MEMS microphone, the microphone’s membrane will resonant at a significantly large amplitude which prevents the device from receiving the victim’s command.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117131780","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
An IoT Risk Analysis Approach for Smart Homes (Work-in-Progress) 智能家居的物联网风险分析方法(正在进行中)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00021
J. Ryoo, S. Tjoa, Ho-Sang Ryoo
{"title":"An IoT Risk Analysis Approach for Smart Homes (Work-in-Progress)","authors":"J. Ryoo, S. Tjoa, Ho-Sang Ryoo","doi":"10.1109/ICSSA45270.2018.00021","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00021","url":null,"abstract":"There is no doubt that IoT use in private homes (e.g., to control heating, entertainment systems, or security cameras) is rapidly increasing. While IoT has the potential to solve many problems and bring convenience to consumers, dependence on it introduces certain risks such as ransomware targeting smart homes and privacy violations by IoT vendors through extensive data mining. In this paper, we present an approach to model the risks of home IoT devices and introduce our vision for a user-friendly risk management tool.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131604976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Building a DNS Security Range in a Closed Network (Lightning Talk) 在封闭网络中构建DNS安全范围(闪电讲座)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00031
H. Lee, Hyun Min Park, Kyu Don Hwang, Gyeong-Hun Min, Young Sun Park
{"title":"Building a DNS Security Range in a Closed Network (Lightning Talk)","authors":"H. Lee, Hyun Min Park, Kyu Don Hwang, Gyeong-Hun Min, Young Sun Park","doi":"10.1109/ICSSA45270.2018.00031","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00031","url":null,"abstract":"In this paper, we present how we built a DNS security range in a closed network. To enable trainees to practice DNS attack labs, such as DNS amplification and DNS cache poisoning, within a closed network, we implemented a pseudo DNS server emulating upstream servers. A modified version of BIND8, in which DNS transaction IDs increase sequentially as in BIND4, and a custom module for Metasploit were implemented to facilitate DNS cache poisoning attacks.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126523248","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Discrimination of Facial Image Generated via GAN (Work-in-Progress) 基于GAN的人脸图像识别(在研)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00027
Hyo-Kyung Choi, Eun-Jung Choi
{"title":"Discrimination of Facial Image Generated via GAN (Work-in-Progress)","authors":"Hyo-Kyung Choi, Eun-Jung Choi","doi":"10.1109/ICSSA45270.2018.00027","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00027","url":null,"abstract":"Generated fake facial images remain a serious problem for corporations, governments, developers and individuals, as the voice of anxiety about the side effects of artificial intelligence grows. However, today the AI is still done mainly as a way to keep up with a real facial image rather than researching how to discriminate the generated image. As the world that is no longer able to distinguish between real and fake facial images is coming, the need for radical AI technology to detect generated images arises. In this paper, we introduce an approach that addresses these issues, describing in feasible detail the discriminative models based on various machine learning algorithms. Specifically, we show that the model with the highest accuracy in supervised learning achieved a 92.5% detection rate at 7.5% false positive rate (FPR), out of 400 images. And we have also achieved positive results in unsupervised learning. Our results demonstrate that the fake facial images generated by the GAN can be discriminated by the machine learning algorithms. Since GAN models tend to improve rapidly, we foresee new neural network discrimination models gaining in importance as part of a generated image detection strategy in coming years.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"125 4","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114111871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
How to Measure Similarity between Source Codes of Cryptocurrencies for Detecting Plagiarism (Lightning Talk) 如何衡量加密货币源代码之间的相似度以检测剽窃(闪电演讲)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00032
Won-Seok Choi, Hyoungshick Kim
{"title":"How to Measure Similarity between Source Codes of Cryptocurrencies for Detecting Plagiarism (Lightning Talk)","authors":"Won-Seok Choi, Hyoungshick Kim","doi":"10.1109/ICSSA45270.2018.00032","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00032","url":null,"abstract":"Since Bitcoin appeared in 2009, various other cryptocurrencies have also begun to attract attention and supporters. At the same time, because many cryptocurrency investors want to make a profit using cryptocurrencies, cryptocurrency exchanges list them without any special or technical verification. Cryptocurrency developers often write white papers to describe their cryptocurrency's special techniques and expected future worth. However, based solely on the contents of the white paper and/or a surface inspection of the source code, we cannot know if the developer has simply leveraged existing code bases without incorporating novel functionality. In order to address this problem, we present a framework to measure the similarity between the source codes of cryptocurrencies for detecting plagiarism.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114207917","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Study on the Privacy Protection Layer for Android IoT Services (Lightning Talk) Android物联网服务的隐私保护层研究(Lightning Talk)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00022
Hyung-Jong Kim, Hae Young Lee
{"title":"A Study on the Privacy Protection Layer for Android IoT Services (Lightning Talk)","authors":"Hyung-Jong Kim, Hae Young Lee","doi":"10.1109/ICSSA45270.2018.00022","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00022","url":null,"abstract":"In this work, we propose the privacy protection layer for IoT services in Android platform. The layer will be a foundation for protection of confidentiality and integrity of the data which is used in the IoT services over the Android platform.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122908571","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A Study on Document Password Management using the Trust-Chain Based SPT (Work-in-Progress) 基于信任链的SPT文档密码管理研究
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00016
Hyung-Jong Kim, Soyeon Park
{"title":"A Study on Document Password Management using the Trust-Chain Based SPT (Work-in-Progress)","authors":"Hyung-Jong Kim, Soyeon Park","doi":"10.1109/ICSSA45270.2018.00016","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00016","url":null,"abstract":"The password setting of the MS-Office document file is a representative security countermeasure which is commonly used. Especially in the SOHO (Small Office Home Office) company case, the password for the MS-Office document file could be the affordable and solitary solution for the document security. By setting the password of the document, the owner of the file can ensure the confidentiality and integrity of the content of the document file. However, there are issues in this simple security mechanism such as the dependency of the strength of passwords and the difficulty of the password management. In this work, we propose two mechanisms for overcoming these two issues by adding simple but effective mechanisms named the SPT (Secure Password Translation) and the chain of trust. The SPT generates passwords for the MS-Office document files and the generated password has enough strength that the government regulation requires. For the preserving the integrity of the passwords and software components, we propose the chain of trust. By using these mechanisms, SOHO companies can preserve the confidentiality and integrity of the document files. In addition, the implementation of the trust-chain based SPT is easy and affordable to deploy. The contribution of this work is in proposing the design of software for managing passwords of the MS-Office document using SPT and the chain of trust.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132731102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An Analysis of Research Trends in Computer Security over the Last Decade 近十年来计算机安全研究趋势分析
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00030
D. Lee, Hyoungshick Kim
{"title":"An Analysis of Research Trends in Computer Security over the Last Decade","authors":"D. Lee, Hyoungshick Kim","doi":"10.1109/ICSSA45270.2018.00030","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00030","url":null,"abstract":"Recently, text mining has popularly been used not only to identify important topics but also predict future tends in a research field. In this paper, we apply text mining to analyze the research trends in the field of computer security over the last decade. We collected 2,256 papers published in the four major security conferences (CCS, NDSS, USENIX Security and S&P) between 2008 and 2017. We extracted keywords from the title and abstract in each paper and used them to identify important topics based on word frequency counts for each keyword. We analyzed the rankings and the changes in the most frequent keywords every year. Our observations from the analysis would be useful for understanding the popularity of computer security research, and predict potentially important research topics (e.g., SGX, Fuzzing, Blockchain, IoT and SDN) in the near future.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130284262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Blockchain and the Protection of Patient Information: Using Blockchain to Protect the Information of Patients in Line with HIPAA (Work-in-Progress) 区块链与患者信息保护:利用区块链保护符合HIPAA的患者信息(工作中)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00017
Colin DeLeon, Young B. Choi, J. Ryoo
{"title":"Blockchain and the Protection of Patient Information: Using Blockchain to Protect the Information of Patients in Line with HIPAA (Work-in-Progress)","authors":"Colin DeLeon, Young B. Choi, J. Ryoo","doi":"10.1109/ICSSA45270.2018.00017","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00017","url":null,"abstract":"The effect of Blockchain on the protection of patient information can serve as a way for hospitals and other medical facilities to secure patient records. With more threats targeting hospitals and other medical facilities, it is becoming more important for these organizations to improve the information systems that are charged with protecting their patient records. HIPPA regulations are in place to try and protect patient records and information but the hospitals do not allocate enough funds to information systems so they are put at risk of attack. Blockchain can offer the type of protection that these medical facilities need without them having to worry about upgrading the technology every year. The blockchain is not without its faults, and that can be seen in the attacks that take place against Bitcoin. Even with these attacks, the use of Blockchain would be beneficial to the hospitals and medical facilities.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127725523","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信