发布求助
文献互助 智能选刊 最新文献

Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop最新文献

筛选
英文 中文
Security issues in biometric authentication 生物识别认证中的安全问题
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495927
{"title":"Security issues in biometric authentication","authors":"","doi":"10.1109/IAW.2005.1495927","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495927","url":null,"abstract":"User authentication is fundamental to the protection of information systems. It is the first and most critical link in the security chain that restricts access to system and data resources to legitimate users only. The advantages of using biometrics to verify a person's identity over using passwords or tokens have been broadly presented. However, recent research has revealed that biometric technologies can be defeated with low-tech and cheap materials. This presents a new challenge at a time when people are encouraged to use biometrics as a means to enhance network security. Since biometrics are not secrets, there exists a risk of them being captured, copied, and forged. In this paper, the biometric authentication's vulnerability to various attacks is analyzed, and efforts to defeat the spoofing attacks are presented. In particular, multimodal biometric fusion approaches are presented to counteract security threats.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123218383","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 54
A visualization paradigm for network intrusion detection 网络入侵检测的可视化范例
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495939
Y. Livnat, Jim Agutter, Sham Moon, R. Erbacher, Stefan 0 Foresti
{"title":"A visualization paradigm for network intrusion detection","authors":"Y. Livnat, Jim Agutter, Sham Moon, R. Erbacher, Stefan 0 Foresti","doi":"10.1109/IAW.2005.1495939","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495939","url":null,"abstract":"We present a novel paradigm for visual correlation of network alerts from disparate logs. This paradigm facilitates and promotes situational awareness in complex network environments. Our approach is based on the notion that, by definition, an alert must possess three attributes, namely: what, when, and where. This fundamental premise, which we term w/sup 3/, provides a vehicle for comparing between seemingly disparate events. We propose a concise and scalable representation of these three attributes, that leads to a flexible visualization tool that is also clear and intuitive to use. Within our system, alerts can be grouped and viewed hierarchically with respect to both their type, i.e., the what, and to their where attributes. Further understanding is gained by displaying the temporal distribution of alerts to reveal complex attack trends. Finally, we propose a set of visual metaphor extensions that augment the proposed paradigm and enhance users' situational awareness. These metaphors direct the attention of users to many-to-one correlations within the current display helping them detect abnormal network activity.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120962939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 110
Fileprints: identifying file types by n-gram analysis Fileprints:通过n-gram分析识别文件类型
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495935
Wei-Jen Li, Ke Wang, Salvatore J. Stolfo, Benjamin Herzog, Wei-Jen Kewang, Sal
{"title":"Fileprints: identifying file types by n-gram analysis","authors":"Wei-Jen Li, Ke Wang, Salvatore J. Stolfo, Benjamin Herzog, Wei-Jen Kewang, Sal","doi":"10.1109/IAW.2005.1495935","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495935","url":null,"abstract":"We propose a method to analyze files to categorize their type using efficient 1-gram analysis of their binary contents. Our aim is to be able to accurately identify the true type of an arbitrary file using statistical analysis of their binary contents without parsing. Consequently, we may determine the type of a file if its name does not announce its true type. The method represents each file type by a compact representation we call a fileprint, effectively a simple means of representing all members of the same file type by a set of statistical 1-gram models. The method is designed to be highly efficient so that files can be inspected with little or no buffering, and on a network appliance operating in high bandwidth environment or when streaming the file from or to disk.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132565547","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 59
Knowledge sharing honeynets 知识共享蜜网
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495958
S. Sudaharan, S. Dhammalapathi, S. Rai, D. Wijesekera
{"title":"Knowledge sharing honeynets","authors":"S. Sudaharan, S. Dhammalapathi, S. Rai, D. Wijesekera","doi":"10.1109/IAW.2005.1495958","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495958","url":null,"abstract":"Due to the prevalence of distributed and coordinated Internet attacks, many researchers and network administrators study the nature and strategies of attackers. To analyze event logs, using intrusion detection systems and active network monitoring, honeynets are being deployed to attract potential attackers in order to investigate their modus operandi. The goal is to use honeynet clusters as real-time warning systems in production networks. Towards satisfying this objective, we have built a honeynet cluster and have run experiments to determine its effectiveness. Majority of the honeynets function in isolation, not sharing information in real time. In order to rectify this deficiency, the authors built a federation of cooperating honeynets (referred to as knowledge sharing honeynets) that shares knowledge of malicious traffic. This paper describes the methods in building a hardware assisted honeynet cluster and testing its effectiveness.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133399239","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Evaluation of image compression algorithms for fingerprint and face recognition systems 评价指纹和人脸识别系统的图像压缩算法
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495936
W. Funk, M. Arnold, C. Busch, A. Munde
{"title":"Evaluation of image compression algorithms for fingerprint and face recognition systems","authors":"W. Funk, M. Arnold, C. Busch, A. Munde","doi":"10.1109/IAW.2005.1495936","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495936","url":null,"abstract":"A variety of widely accepted and efficient compression methods do exist for still images. To name a few, there are standardised schemes like JPEG and JPEG2000 which are well suited for photorealistic true colour and grey scale images and usually operated in lossy mode to achieve high compression ratios. These schemes are well suited for images that are processed within face recognition systems. In the case of forensic biometric systems, compression of fingerprint images has already been applied in automatic fingerprint identification systems (AFIS) applications, where the size of the digital fingerprint archives would be tremendous for uncompressed images. In these large scale applications wavelet scalar quantization has a long tradition as an effective encoding scheme. This paper gives an overview of the study BioCompress that has been conducted at Fraunhofer IGD on behalf of the Federal Office for Information Security (BSI). Based on fingerprint and face image databases and different biometric algorithms we evaluated the impact of lossy compression algorithms on the recognition performance of biometric recognition systems.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128896117","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
Real-time and forensic network data analysis using animated and coordinated visualization 实时和取证网络数据分析使用动画和协调可视化
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495932
S. Krasser, Gregory Conti, J. Grizzard, Jeff Gribschaw, Henry L Owen
{"title":"Real-time and forensic network data analysis using animated and coordinated visualization","authors":"S. Krasser, Gregory Conti, J. Grizzard, Jeff Gribschaw, Henry L Owen","doi":"10.1109/IAW.2005.1495932","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495932","url":null,"abstract":"Rapidly detecting and classifying malicious activity contained within network traffic is a challenging problem exacerbated by large datasets and functionally limited manual analysis tools. Even on a small network, manual analysis of network traffic is inefficient and extremely time consuming. Current machine processing techniques, while fast, suffer from an unacceptable percentage of false positives and false negatives. To complement both manual and automated analysis of network traffic, we applied information visualization techniques to appropriately and effectively bring the human into the analytic loop. This paper describes the implementation and lessons learned from the creation of a novel network traffic visualization system capable of both realtime and forensic data analysis. Combining the strength of link analysis using parallel coordinate plots with the time-sequence animation of scatter plots, we examine a 2D and 3D coordinated display that provides insight into both legitimate and malicious network activity. Our results indicate that analysts can rapidly examine network traffic and detect anomalies far more quickly than with manual tools.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127628260","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 97
Ad hoc network security: peer identification and authentication using signal properties 自组织网络安全:使用信号属性的对等识别和认证
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495987
Tina Suen, Alec Yasinsac
{"title":"Ad hoc network security: peer identification and authentication using signal properties","authors":"Tina Suen, Alec Yasinsac","doi":"10.1109/IAW.2005.1495987","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495987","url":null,"abstract":"As networking architectures grow and develop, the pace of security in these networks must keep pace. This paper is interested in identification and authentication in ad hoc networks, which are particularly susceptible to identity attacks, such as masquerading and malicious alias attacks. To mitigate these identity attacks, we propose to associate the message transmitter with a location and use this location information to reason about identity. There are several cooperative location schemes detailed in the literature, but because we cannot assume that a malicious party would cooperate in a location scheme, we propose to determine transmitter location by using the physical properties of the received signal.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122796682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
DGKD: distributed group key distribution with authentication capability DGKD:具有认证能力的分布式组密钥分发
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495965
Pratima Adusumilli, X. Zou, B. Ramamurthy
{"title":"DGKD: distributed group key distribution with authentication capability","authors":"Pratima Adusumilli, X. Zou, B. Ramamurthy","doi":"10.1109/IAW.2005.1495965","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495965","url":null,"abstract":"Group key management (GKM) is the most important issue in secure group communication (SGC). The existing GKM protocols fall into three typical classes: centralized group key distribution (CGKD), decentralized group key management (DGKM), and distributed/contributory group key agreement (CGKA). Serious problems remains in these protocols, as they require existence of central trusted entities (such as group controller or subgroup controllers), relaying of messages (by subgroup controllers), or strict member synchronization (for multiple round stepwise key agreement), thus suffering from the single point of failure and attack, performance bottleneck, or misoperations in the situation of transmission delay or network failure. In this paper, we propose a new class of GKM protocols: distributed group key distribution (DGKD). The new DGKD protocol solves the above problems and surpasses the existing GKM protocols in terms of simplicity, efficiency, scalability, and robustness.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124970307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 39
Queue-based analysis of DoS attacks 基于队列的DoS攻击分析
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495962
Suraiya Khan, I. Traoré
{"title":"Queue-based analysis of DoS attacks","authors":"Suraiya Khan, I. Traoré","doi":"10.1109/IAW.2005.1495962","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495962","url":null,"abstract":"Computer security is very important for any organization that maintains sensitive assets electronically. This is stressed in the statistics collected by the Computer Security Institute and FBI through their annual surveys. Hence, DoS is a very important problem that needs to be dealt with seriously. DoS attacks are of two types: flooding attacks and logic attacks. When an attack has impact on a system parameter, then the parameter can be used as an attack detection metric. In this paper, we qualitatively and quantitatively analyze the impact of DoS attacks on three simple system parameters - request arrival rate, queue-growth-rate, and response time. The importance of this analysis lies in the fact that we don't need to observe the system for a long time to understand the comparative system degradations that may happen under certain types of attacks.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121654938","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
Virtual honeynets revisited 重新访问虚拟蜜网
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495957
Lok K. Yan
{"title":"Virtual honeynets revisited","authors":"Lok K. Yan","doi":"10.1109/IAW.2005.1495957","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495957","url":null,"abstract":"A new user-mode Linux based virtual honeynet architecture is presented in this paper. The new architecture has improved functionality that is difficult to realize in the GenII honeynet. Two new honeynet capabilities in particular are introduced. Honeypot controller is a new virtual honeynet component that assists in data control. The honeywall promises to have finer control over the honeypots through signal and system call redirections. The second new capability is the disk imager. The disk imager is capable of making forensic images of the virtual machine's file systems for further analysis. Since security for virtual honeynets is a big concern, the new virtual honeynet architecture utilizes security enhanced Linux to isolate the untrusted honeypots from the completely trusted honeywall. SELinux and other research work done in this field made the new honeynet architecture a viable alternative to GenII honeynets. A file system logging mechanism, FSLog, has been developed for the UML based virtual honeynet. In conjunction with the built-in tty logger, UML based honeynets have logging capabilities that are equivalent to their GenII honeynet counterparts. The current version of FSLog successfully logs eighteen virtual file systems system calls including the common, read(), write(), open() and close() functions. Its current functionality and how it pieces into the new architecture is also discussed. This work provides researchers with an alternative honeynet platform. The new virtual honeynet architecture is more portable, easier to setup, more cost effective and as secure as the GenII honeynet. The addition of the honeypot controller and disk imager components also makes the new virtual honeynet architecture more capable.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126331370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信