发布求助
文献互助 智能选刊 最新文献

Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop最新文献

筛选
英文 中文
Toward a decentralized trust-based access control system for dynamic collaboration 面向动态协作的分散信任访问控制系统
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495969
William J. Adams, Nathaniel J. Davis
{"title":"Toward a decentralized trust-based access control system for dynamic collaboration","authors":"William J. Adams, Nathaniel J. Davis","doi":"10.1109/IAW.2005.1495969","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495969","url":null,"abstract":"As ad-hoc collaborative environments become more common, the need for access control becomes more imperative. Centralized access control determination fails to work in mobile ad-hoc networking environments, as the information necessary for pre-configuration is not available. This situation is exacerbated by the dynamic nature of the environment's membership, so that the time and resources expended in offline management are largely wasted. This paper presents a decentralized access control system that implements sociological trust constructs in a quantitative system to evaluate interaction partners. A distributed, node-centric approach to reputation management processes nodal behavior feedback and provides a reputation index that nodes use to determine trustworthiness their peers before establishing associations. The availability of a reputation index gives a measure of expectation of a peer's behavior, based on past performance, and makes a MANET a more distributed operational environment.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133939067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 76
A log independent distributed database damage assessment model 一个与日志无关的分布式数据库损害评估模型
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495967
Jing Zhou, B. Panda, Y. Hu
{"title":"A log independent distributed database damage assessment model","authors":"Jing Zhou, B. Panda, Y. Hu","doi":"10.1109/IAW.2005.1495967","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495967","url":null,"abstract":"In a distributed database system, damage assessment after an information attack is a complicated task due to intricate transaction relationships among distributed sites. In these systems, when any sub-transaction reads a damaged data at any site the entire transaction of which the sub-transaction is a part is considered affected by the damage. Hence, the data items updated by that transaction irrespective of sites are also considered damaged. To control spread of damage, accurate damage assessment and appropriate recovery procedures must be performed as soon as an attack is detected. This research focuses on damage assessment procedures for distributed database systems and uses pre-developed data structures for fast and accurate result. The method presented in this paper quickly identifies all affected transactions and all damaged data items without any log access.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133879827","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Building compact exploitation graphs for a cluster computing environment 为集群计算环境构建紧凑的开发图
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495933
Wei Li, R. Vaughn
{"title":"Building compact exploitation graphs for a cluster computing environment","authors":"Wei Li, R. Vaughn","doi":"10.1109/IAW.2005.1495933","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495933","url":null,"abstract":"In this paper, a modeling process is described to address challenges in analyzing attack scenarios and mitigating vulnerabilities in networked environments. Known system vulnerability data, system configuration data, and vulnerability scanner results are combined to create exploitation graphs (e-graphs), which are used to represent attack scenarios. The modeling process consists of three primary steps. The first step is the creation of a knowledge base of known system vulnerabilities. These vulnerabilities are represented using preconditions and postconditions. A template is used to represent preconditions and postconditions, and vulnerabilities are encoded using a predefined set of attributes. The second step involves the association of multiple vulnerabilities to create an e-graph specific to the system being modeled. The third step of this process involves the development of abstraction techniques that can be used to simplify exploitation graphs. A novel abstraction technique is proposed based on host connection similarity and exploitation similarity. These techniques have been applied into a high-performance cluster computing environment to show that they facilitate a compact representation of attack scenarios and provide in-depth vulnerability assessments.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130992328","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Anomaly intrusion detection based on biometrics 基于生物特征的异常入侵检测
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495997
Ahmed Awad E. Ahmed, I. Traoré
{"title":"Anomaly intrusion detection based on biometrics","authors":"Ahmed Awad E. Ahmed, I. Traoré","doi":"10.1109/IAW.2005.1495997","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495997","url":null,"abstract":"In this work we introduce the idea of using behavioral biometrics in intrusion detection applications. We propose a new approach to user profiling, which can be used to detect intrusion without the need for any special hardware implementation and without forcing the user to perform any special actions. The technique is based on using \"keystroke dynamics\" and \"mouse dynamics\" biometrics. The profiles computed in this case are more accurate than those obtained through the traditional statistical profiling techniques, since they are based on distinctive biological characteristics of users.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"402 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124289820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 122
Wireless security policy development for sensitive organizations 为敏感组织开发无线安全策略
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495946
M. Manley, C. McEntee, A. Molet, J.S. Park
{"title":"Wireless security policy development for sensitive organizations","authors":"M. Manley, C. McEntee, A. Molet, J.S. Park","doi":"10.1109/IAW.2005.1495946","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495946","url":null,"abstract":"As the benefits of wireless technology draw organizations into employing their own wireless networks, the issue of security has become increasingly important. Wireless networks pose their own distinct security challenges to those organizations, which adopt the technology. This paper is not a review of the various technological wireless security measures; rather, this paper's focus is the examination of wireless security policy. The goal of this paper is to make the reader aware of the weakness in current wireless security models and to lay a framework for the creation of an effective wireless security policy for sensitive organizations. Finally, the authors concluded with an examination of a case study, the Department of Defense, of real world implementation of wireless security policies, pointing out their deficiencies based on our proposed framework.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123284031","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Community security awareness training 社区保安意识培训
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495976
Barbara E. Endicott-Popovsky, Ivan Orton, Kirk Bailey, Deb Frincke
{"title":"Community security awareness training","authors":"Barbara E. Endicott-Popovsky, Ivan Orton, Kirk Bailey, Deb Frincke","doi":"10.1109/IAW.2005.1495976","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495976","url":null,"abstract":"NIST special publication 800-50 outlines standards for the development and implementation of security awareness training by Wilson, M. and Hash, J. (2003). Recognizing that the \"peoplefactor\" is the weakest link, NIST recommends that all users of any information system be made aware of their roles and responsibilities in maintaining security by Wilson, M. and Hash, J. (2003). Further, to be effective, any awareness event should be designed for the intended audience, built around a message and desired outcomes and gain attention by Wilson, M. and Hash, J. (2003). Such a security awareness event was conducted for the business community leadership in Seattle, Washington. The purpose was to alert them to the risks of identity theft through misuse of online search engines. The means adopted for focusing attention, was a Google-hacking contest. Based on observations of this trial, the authors suggest that a security awareness program, based on NIST standards, can be effective, not only for organizations, but for specifically defined communities, as well. This paper describes the event, the outcomes and the authors' conclusions. The approach presented in this paper could be repeatable in any community for a variety of purposes.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121524710","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Efficient log authentication for forensic computing 用于取证计算的高效日志身份验证
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495955
N. Kawaguchi, N. Obata, S. Ueda, Y. Azuma, H. Shigeno, K. Okada
{"title":"Efficient log authentication for forensic computing","authors":"N. Kawaguchi, N. Obata, S. Ueda, Y. Azuma, H. Shigeno, K. Okada","doi":"10.1109/IAW.2005.1495955","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495955","url":null,"abstract":"In this paper, an efficient log authentication scheme for forensic computing is proposed. To conduct reliable forensic computing, it is required that the logs as digital evidences be verified. To verify them, digital signatures issued by authorities are needed. However, if many logging hosts connect to the server that issues the signatures, the traffic of the server will increase. Therefore, the authors proposed an efficient log authentication scheme for forensic computing. The scheme reduces the traffic of the sign server, which signs the logs of the logging hosts, by using distributed Merkle tree algorithm among the logging hosts. The scheme's effectiveness was shown through evaluation experiments.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126052911","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Malware examiner using disassembled code (MEDiC) 恶意软件审查员使用反汇编代码(MEDiC)
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495985
A. Sulaiman, K. Ramamoorthy, S. Mukkamala, A. Sung
{"title":"Malware examiner using disassembled code (MEDiC)","authors":"A. Sulaiman, K. Ramamoorthy, S. Mukkamala, A. Sung","doi":"10.1109/IAW.2005.1495985","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495985","url":null,"abstract":"Current static malware detection techniques have serious limitations, and sandbox testing also fails to provide a complete solution due to time constraints. In this paper, we present a robust assembly language signature-based malware detection technique, with emphasis on detecting obfuscated (or polymorphic) malware and mutated (or metamorphic) malware. The hypothesis is that all versions of the same malware share a common core signature that is a combination of several features of the code. After a particular malware has been first identified, it can be analyzed to extract the signature, which provides a basis for detecting variants and mutants of the same malware in the future. Given that the technique uses disassembled code, it can be used on any operating system. Encouraging experimental results on a large set of recent malware are presented.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126241690","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
User profiling using text classification 使用文本分类的用户分析
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495963
P. Carter
{"title":"User profiling using text classification","authors":"P. Carter","doi":"10.1109/IAW.2005.1495963","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495963","url":null,"abstract":"Computer user behavior over time is abstracted into text documents. Using text classification methods users from a small group are well-distinguished from one another by their behaviors, even using relatively small amounts of data. This technique is particularly appropriate to forensics, but is widely applicable in information assurance.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127239800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Detecting honeypots and other suspicious environments 探测蜜罐和其他可疑环境
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495930
Thorsten Holz, F. Raynal
{"title":"Detecting honeypots and other suspicious environments","authors":"Thorsten Holz, F. Raynal","doi":"10.1109/IAW.2005.1495930","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495930","url":null,"abstract":"To learn more about attack patterns and attacker behavior, the concept of electronic decoys, i.e. network resources (computers, routers, switches, etc.) deployed to be probed, attacked, and compromised, is used in the area of IT security under the name honeypots. These electronic baits lure in attackers and help in assessment of vulnerabilities. Because honeypots are more and more deployed within computer networks, malicious attackers start to devise techniques to detect and circumvent these security tools. This paper will explain how an attacker typically proceeds in order to attack this kind of systems. We will introduce several techniques and present diverse tools and techniques which help attackers. In addition, we present several methods to detect suspicious environments (e.g. virtual machines and presence of debuggers). The article aims at showing the limitation of current honey pot-based research. After a brief theoretical introduction, we present several technical examples of different methodologies.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128534594","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 186
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信