发布求助
文献互助 智能选刊 最新文献

Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop最新文献

筛选
英文 中文
An e-mail honeypot addressing spammers' behavior in collecting and applying addresses 解决垃圾邮件发送者在收集和申请地址时的行为的电子邮件蜜罐
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495931
G. Schryen
{"title":"An e-mail honeypot addressing spammers' behavior in collecting and applying addresses","authors":"G. Schryen","doi":"10.1109/IAW.2005.1495931","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495931","url":null,"abstract":"Spam has become one of the most annoying and costly phenomenon in the Internet. Valid e-mail addresses belong to the most valuable resources of spammers, but little is known about spammers' behavior when collecting and harvesting addresses and spammers' capabilities and interest in carefully directed, consumer-oriented marketing have not been explored yet. Gaining insight into spammers' ways to obtain and (mis)use e-mail addresses is useful in many ways, e.g. for the assessment of the effectiveness of address obscuring techniques and the usability and necessity of hiding e-mail addresses on the Internet. This paper presents a spam honeypot project in progress addressing these issues by systematically placing e-mail addresses in the Internet and analyzing received e-mails. The honeypot's conceptual framework, its implementation, and first empirical results are presented. Finally, an outlook on further work and activities is provided.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114385839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
In the search of the "gene of self-replication" in malicious codes 在恶意代码中寻找“自我复制基因”
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495952
V. Skormin, A. Volynkin, Douglas Summervil, J. Moronski
{"title":"In the search of the \"gene of self-replication\" in malicious codes","authors":"V. Skormin, A. Volynkin, Douglas Summervil, J. Moronski","doi":"10.1109/IAW.2005.1495952","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495952","url":null,"abstract":"Most information attacks on the Internet are perpetrated by deploying malicious codes. The spread of viruses and worms throughout the Internet is accomplished by self-replication, resulting in computer epidemics. Since most legitimate computer programs do not self-replicate and the number of ways to achieve self-replication is quite limited, the detection of self-replicating malicious codes could be reduced to the detection of the \"various mutations of the gene of self-replication\" in the code in question. The description of such a detection mechanism for unencrypted script-type computer viruses is presented.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115518116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Designing security courses and lab for undergraduate and graduate students 为本科生和研究生设计安全课程和实验室
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1496001
Xiangdong Li, M. Anshel
{"title":"Designing security courses and lab for undergraduate and graduate students","authors":"Xiangdong Li, M. Anshel","doi":"10.1109/IAW.2005.1496001","DOIUrl":"https://doi.org/10.1109/IAW.2005.1496001","url":null,"abstract":"This paper describes the information security course module which contains three courses and a security laboratory for the undergraduate students at New York City College of Technology; and quantum cryptography course and the research laboratory for the graduate students (master's and Ph.D. programs) at the Graduate School and Center of City University of New York, CUNY.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"194 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125861621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Biometrics for massive access control - traditional problems and innovative approaches 大规模访问控制的生物识别技术——传统问题和创新方法
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495937
L. Riccardi, B. Peticone, M. Savastano
{"title":"Biometrics for massive access control - traditional problems and innovative approaches","authors":"L. Riccardi, B. Peticone, M. Savastano","doi":"10.1109/IAW.2005.1495937","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495937","url":null,"abstract":"The increase in security measures due to the complex international situation is forcing the realization of several access control systems equipped with biometric identifiers. Apart from technical problems, a number of nontechnical issues, strongly related to the user's acceptance, may have a strong influence on the design of the application and suggest particular choices in the selection of the biometric technique to be adopted. Starting from the assumption that facial recognition represents one of the most widely \"accepted\" biometric techniques, and that, due to contradictory performances shown in operating conditions, this methodology is seldom considered for high-security applications, the authors have investigated the possibility of improving the error figures by means of an original approach. The innovation consists in \"enriching\" the template obtained by means of canonical facial recognition algorithms with additional information extracted from behavioral characteristics of the user. The study, still in the early stage, is carried out in the framework of a collaboration between the National Research Council of Italy (CNR) and the Italian Ministry of the Defense (MoD) in the area of the strong authentication for physical access to military compounds. The aim of the present paper is only the highlighting of the potentiality of such an approach since first experimental data are not mature to generate consolidated error figures such as FAR and FRR. In any event, a very good capability in distinguishing between identical twins, a very well known problem in facial recognition, is a promising preamble for the continuation of the research.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130864738","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Flow based observations from NETI@home and honeynet data 基于流量的观察从NETI@home和蜜网数据
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495959
J. Grizzard, C. R. Simpson, S. Krasser, Henry L Owen, G. Riley
{"title":"Flow based observations from NETI@home and honeynet data","authors":"J. Grizzard, C. R. Simpson, S. Krasser, Henry L Owen, G. Riley","doi":"10.1109/IAW.2005.1495959","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495959","url":null,"abstract":"We conduct a flow based comparison of honeynet traffic, representing malicious traffic, and NETI@home traffic, representing typical end user traffic. We present a cumulative distribution function of the number of packets for a TCP flow and learn that a large portion of these flows in both datasets are failed and potentially malicious connection attempts. Next, we look at a histogram of TCP port activity over large time scales to gain insight into port scanning and worm activity. One key observation is that new worms can linger on for more than a year after the initial release date. Finally, we look at activity relative to the IP address space and observe that the sources of malicious traffic are spread across the allocated range.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125716777","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
FABS: file and block surveillance system for determining anomalous disk accesses 用于确定异常磁盘访问的文件和块监视系统
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495954
P. Stanton, W. Yurcik, L. Brumbaugh
{"title":"FABS: file and block surveillance system for determining anomalous disk accesses","authors":"P. Stanton, W. Yurcik, L. Brumbaugh","doi":"10.1109/IAW.2005.1495954","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495954","url":null,"abstract":"Despite increasingly sophisticated security measures, attackers have continued to find ways to gain access to stored data with impacts including data disclosure, modification, or deletion. There currently exist no tools independent of the operating system to monitor storage status. The authors introduced FABS as a comprehensive tool to monitor storage for anomalous accesses. A scalable GUI prototype, VisFlowConnect-SS, which represents storage accesses visually to human operators, was also introduced. The goal is an integrated storage-based monitoring system that provides intrusion detection, minimizes attack damage, and assists with post-attack forensic analysis.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121017371","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A new on-line certificate validation method using LDAP component matching technology 提出了一种新的基于LDAP组件匹配技术的在线证书验证方法
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495964
Jong Hyuk Choi, Sang Seok Lim, Kurt D. Zeilenga
{"title":"A new on-line certificate validation method using LDAP component matching technology","authors":"Jong Hyuk Choi, Sang Seok Lim, Kurt D. Zeilenga","doi":"10.1109/IAW.2005.1495964","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495964","url":null,"abstract":"This paper presents a new on-line certificate validation method which provides higher degree of security, scalability, and interoperability than do the pre-existing approaches. It combines two basic data structures for certificate revocation, certificate revocation list (CRL) and the authenticated dictionary such as certificate revocation tree (CRT), into a single framework by utilizing the component matching enabled lightweight directory access protocol (LDAP) service. With the new method, end entities that want to check the validity of certificates can request an extended LDAP search operation with a component matching assertion against all revoked certificate components in a CRL and check whether a revoked certificate having the asserted serial number is found. In order to ensure strong security without requiring trusted directories, CRLs are represented as an authenticated dictionary when decoded from distinguished encoding rules (DER) to an internal ASN.1 representation. The information required to construct the authenticated dictionary is conveyed from the certificate authority (CA) via a new CRL extension. The proposed method facilitates a number of advantages over the previous approaches like online certificate status protocol (OCSP): 1) it enables higher security because it does not require trusted entities other than the CA such as trusted LDAP servers and trusted OCSP responders; 2) it improves scalability and performance because it does not require responses to be signed as in OCSP; 3) it can intemperate well with the existing CRL framework; and 4) it does not need support for additional protocols for on-line certificate validation because it is built on LDAP which is the main access method to download CRLs. The proposed method can also be used as a CRL back-end of OCSP to offload CRL management and to enhance its trust model.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116562157","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Investigating performance and impacts on fingerprint recognition systems 研究指纹识别系统的性能和影响
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495926
M. Arnold, C. Busch, Heinrich Ihmor
{"title":"Investigating performance and impacts on fingerprint recognition systems","authors":"M. Arnold, C. Busch, Heinrich Ihmor","doi":"10.1109/IAW.2005.1495926","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495926","url":null,"abstract":"This paper presents a comparative study on fingerprint recognition systems. The goal of this study was to investigate the capability characteristics of biometric systems regarding integration of biometric features in personnel documents such as ID cards and Visa application documents. Thus the designed test has the focus on performance testing of selected algorithms and systems with dedicated investigations on side effects such as independence of matching rates and results from the scanning device or the impacts of ageing effects on the received operator characteristics. The study was carried out in close collaboration between German Federal Criminal Police Office (Bundeskriminalamt, BKA), the German Federal Office for Information Security (Bundesamt fuer Sicherheit in der Informationstechnik, BSI) and the Fraunhofer-IGD.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124339524","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Host anomalies from network data 主机网络数据异常
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495970
Carrie Gates, Damon Becknel
{"title":"Host anomalies from network data","authors":"Carrie Gates, Damon Becknel","doi":"10.1109/IAW.2005.1495970","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495970","url":null,"abstract":"Network administrators need to be able to quickly synthesize a large amount of raw data into comprehensive information and knowledge about a network system in order to determine if there is any unusual activity occurring on that network. This paper presents some initial results of a simplistic baselining method applied to a class B-sized network. These baselines are then used as the basis for an anomaly detection system that examines unusual amounts of activity to any one port on any one host. Thus we provide a system that can detect changes in the activity of any one host, regardless of whether those changes are noticeable when observing overall traffic behavior.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130286219","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
CuPIDS enhances StUPIDS: exploring a co-processing paradigm shift in information system security CuPIDS增强StUPIDS:探索信息系统安全中的协同处理范式转变
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495943
Paul D. Williams Eugene H. Spafford
{"title":"CuPIDS enhances StUPIDS: exploring a co-processing paradigm shift in information system security","authors":"Paul D. Williams Eugene H. Spafford","doi":"10.1109/IAW.2005.1495943","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495943","url":null,"abstract":"The CuPIDS project is an exploration of increasing information system security by dedicating computational resources to system security tasks in a shared resource, multiprocessor (MP) architecture. Our research explores ways in which this architecture offers improvements over the traditional uniprocessor (UP) model of security. There are a number of areas to explore, one of which has a protected application running on one processor in a symmetric multiprocessing (SMP) system while a shadow process specific to that application runs on a different processor, monitoring its activity, ready to respond immediately if the application veers off course. This paper describes initial work into defining such an architecture and the prototype work done to validate our ideas.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121512563","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信