发布求助
文献互助 智能选刊 最新文献

Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop最新文献

筛选
英文 中文
Initial documentation requirements for a high assurance system: lessons learned 高保证系统的初始文件要求:经验教训
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495988
P. Clark, C.E. Irvine, T. Levin, T.D. Nguyen, D. Shifflett, D. Miller
{"title":"Initial documentation requirements for a high assurance system: lessons learned","authors":"P. Clark, C.E. Irvine, T. Levin, T.D. Nguyen, D. Shifflett, D. Miller","doi":"10.1109/IAW.2005.1495988","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495988","url":null,"abstract":"The validation that a system is high assurance is provide via an independent third-party evaluation. A key aspect of a high assurance evaluation is the documented methodologies, standards, and processes that are used throughout the product lifecycle. This paper presents the lessons learned to date through the creation of document required prior to the engineering phase of development.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122109878","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Attacking automatic wireless network selection 攻击无线网络自动选择
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495975
A., Zovi, Shane A. Macaulay
{"title":"Attacking automatic wireless network selection","authors":"A., Zovi, Shane A. Macaulay","doi":"10.1109/IAW.2005.1495975","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495975","url":null,"abstract":"Wireless 802.11 networking is becoming so prevalent that many users have become accustomed to having available wireless networks in their workplace, home, and many public places such as airports and coffee shops. Modern client operating systems implement automatic wireless network discovery and known network identification to facilitate wireless networking for the end-user. In order to implement known network discovery, client operating systems remember past wireless networks that have been joined and automatically look for these networks (referred to as preferred or trusted networks) whenever the wireless network adapter is enabled. By examining these implementations in detail, we have discovered previously undisclosed vulnerabilities in the implementation of these algorithms under the two most prevalent client operating systems, Windows XP and MacOS X. With custom base station software, an attacker may cause clients within wireless radio range to associate to the attacker's wireless network without user interaction or notification. This occurs even if the user has never connected to a wireless network before or they have an empty preferred/trusted networks list. We describe these vulnerabilities as well as their implementation and impact.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134146220","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 37
Honeynet maintenance procedures and tools 蜜网维护程序和工具
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495960
C.H.P.C. Chaves, L. Franco, A. Montes
{"title":"Honeynet maintenance procedures and tools","authors":"C.H.P.C. Chaves, L. Franco, A. Montes","doi":"10.1109/IAW.2005.1495960","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495960","url":null,"abstract":"As part of an effort to improve honeynet's maintenance process, several procedures and tools automating high-interaction honeypot management tasks have been developed. Among the advantages of the adoption and use of these procedures and tools are the documentation of the maintenance procedures, the standardization of the collected data structure, the elimination of errors during the maintenance of honeypots, the automatization of the tasks that are executed and the reduction of the time between the deactivation and activation of a compromised honeypot.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128119653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Towards a third generation data capture architecture for honeynets 面向蜜网的第三代数据捕获体系结构
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495929
E. Balas, C. Viecco
{"title":"Towards a third generation data capture architecture for honeynets","authors":"E. Balas, C. Viecco","doi":"10.1109/IAW.2005.1495929","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495929","url":null,"abstract":"Honeynets have become an important tool for researchers and network operators. However, their effectiveness has been impeded by a lack of a standard unified honeynet data model which results from having multiple unrelated data sources, each with its own access method and format. In this paper we propose a new data collection architecture that addresses the need for both rapid comprehension and detailed analysis by providing two data access methods: a relational model based fast path, and a canonical slow path. We also present a set of tools based on this architecture.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123314407","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 70
Safe renewal of a random key pre-distribution scheme for trusted devices 安全更新可信设备的随机密钥预分发方案
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495945
M. Ramkumar
{"title":"Safe renewal of a random key pre-distribution scheme for trusted devices","authors":"M. Ramkumar","doi":"10.1109/IAW.2005.1495945","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495945","url":null,"abstract":"Evolving application scenarios involving ubiquitous, heterogeneous devices (some of which may be severely resource constrained) forming cooperative ad hoc networks, calls for a different model for \"trust\". It is the devices that are trusted - not the operators or the \"owners\" of the devices. Any security solution based on trusted devices demands mechanisms for read-proofing the secrets stored in tamper-resistant devices. However, as perfect tamper-resistance may not be feasible, for long-lived security of such deployments, it is essential that the stored secrets be renewed periodically. This paper addresses issues involved safe renewal of secrets stored in trusted devices. For safe renewal of keys, (irrespective of the key distribution scheme used) some assurances from technology for tamper-resistance is needed. In this paper the author address issues involved in safe renewal of a recently proposed random key pre-distribution scheme, HARPS (hashed random preloaded subsets) (Ramkumar, et al., 2005). The authors discuss: 1) some \"reasonable\" assurances that technology could provide (like partial tamper resistance and circuit-delay based authentication), and 2) possible security precautions and policies (like use of a pass-phrase, use of an additional stored secret, and rest encryption), and their effect on the security of HARPS.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114164071","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Closing-the-loop: discovery and search in security visualizations 闭环:安全可视化中的发现和搜索
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495934
K. Lakkaraju, R. Bearavolu, A. Slagell, W. Yurcik
{"title":"Closing-the-loop: discovery and search in security visualizations","authors":"K. Lakkaraju, R. Bearavolu, A. Slagell, W. Yurcik","doi":"10.1109/IAW.2005.1495934","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495934","url":null,"abstract":"The tasks of security engineers include detecting attacks and responding to them. In order to accomplish this, a security engineer must be able to decide what behavior indicates an attack and then search for this behavior. Current security visualization tools provide rich and concise visualizations of network data that allow security engineers to determine the nature of attacks on the network. However, current security visualizations lack the ability for security engineers to search for these behaviors in the network logs. The process of finding interesting patterns in the data is called discovery, and finding instances of these patterns is called searching. Security engineers must do both discovery and search, but current security visualization tools only help in discovery. In this paper, we describe the modifications we have made to our security visualization tool, NVisionIP, that allow security engineers to not only discover patterns in the data, but also to search for those patterns in other data.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"69 ","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120862309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Towards collaborative security and P2P intrusion detection 协同安全与P2P入侵检测
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495971
M. Locasto, Janak J. Parekh, A. Keromytis, S. Stolfo
{"title":"Towards collaborative security and P2P intrusion detection","authors":"M. Locasto, Janak J. Parekh, A. Keromytis, S. Stolfo","doi":"10.1109/IAW.2005.1495971","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495971","url":null,"abstract":"The increasing array of Internet-scale threats is a pressing problem for every organization that utilizes the network. Organizations have limited resources to detect and respond to these threats. The end-to-end (E2E) sharing of information related to probes and attacks is a facet of an emerging trend toward \"collaborative security\". The key benefit of a collaborative approach to intrusion detection is a better view of global network attack activity. Augmenting the information obtained at a single site with information gathered from across the network can provide a more precise model of an attacker's behavior and intent. While many organizations see value in adopting such a collaborative approach, some challenges must be addressed before intrusion detection can be performed on an inter-organizational scale. We report on our experience developing and deploying a decentralized system for efficiently distributing alerts to collaborating peers. Our system, worminator, extracts relevant information from alert streams and encodes it in bloom filters. This information forms the basis of a distributed watchlist. The watchlist can be distributed via a choice of mechanisms ranging from a centralized trusted third party to a decentralized P2P-style overlay network.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116744489","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 168
Reverse code engineering: an in-depth analysis of the Bagle virus 反向代码工程:对Bagle病毒的深入分析
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495977
K. Rozinov
{"title":"Reverse code engineering: an in-depth analysis of the Bagle virus","authors":"K. Rozinov","doi":"10.1109/IAW.2005.1495977","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495977","url":null,"abstract":"This paper is the result of work done in the field of reverse code engineering and how it could be applied to better detecting viruses and worms. The goal of this paper is to try to answer the following two questions: How do you reverse engineer a virus and can reverse engineering a virus lead to better ways of detecting, preventing, and recovering from a virus and its future variants? In addition, the paper describes the Bagle virus, the resources and environment used for analysis, the approach and techniques used to completely reverse engineer the Bagle virus, and some of the analysis problems encountered and their solutions. It also presents some best practices to use while reverse code engineering.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115374535","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Application of zeta function to quantum cryptography ζ函数在量子密码学中的应用
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495986
Xiangdong Li, M. Anshel
{"title":"Application of zeta function to quantum cryptography","authors":"Xiangdong Li, M. Anshel","doi":"10.1109/IAW.2005.1495986","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495986","url":null,"abstract":"A central problem in cryptography is to establish the existence of one-way function. We introduce a new class of one-way functions based on the arithmetic theory of zeta functions and recent research on quantum algorithms on zeta function computation.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115054311","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
MAC layer anomaly detection in ad hoc networks ad hoc网络中的MAC层异常检测
Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop Pub Date : 2005-06-15 DOI: 10.1109/IAW.2005.1495980
Yu Liu, Yang Li, H. Man
{"title":"MAC layer anomaly detection in ad hoc networks","authors":"Yu Liu, Yang Li, H. Man","doi":"10.1109/IAW.2005.1495980","DOIUrl":"https://doi.org/10.1109/IAW.2005.1495980","url":null,"abstract":"It is evident that traditional end-to-end intrusion detection mechanisms developed on wireless local area networks (WLANs) and wired networks are no longer sufficient for breach investigation in ad hoc networks. Most existing intrusion detection techniques for ad hoc networks are proposed on the network layer. In general, these techniques have difficulty to localize attack source, and can not respond to attacks promptly. In this paper, we investigate the use of MAC layer traffic data to characterize normal behaviors in the neighborhood of a mobile node, and to detect misbehaving nodes through MAC layer anomalies. In particular, we evaluate and select a set of features from MAC layer to profile normal behaviors of mobile nodes, and then we apply cross-feature analysis on feature vectors constructed from training data according to the proposed feature set. We are able to reliably detect MAC layer anomalies, some of which may be in fact caused by misbehavior of network layer, since most routing attacks directly impact MAC layer operations. We validate our work through ns-2 simulations. Experimental results show the effectiveness of our method.","PeriodicalId":252208,"journal":{"name":"Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-06-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126374943","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 54
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信