{"title":"Identifying Hierarchical Structures in Sequences on GPU","authors":"P. Jalan, A. Jain, Subhajit Roy","doi":"10.1109/Trustcom.2015.609","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.609","url":null,"abstract":"Identifying hierarchical structures in sequences is an important problem with applications in lossless data-compression to program profiling. A popular algorithm for identifying hierarchical structures in sequences is the Sequitur algorithm developed by Nevill-Manning and Witten. Sequitur is not just a compression algorithm, it attempts to learn the hierarchical structure of the input sequence as a context-free grammar. However, Sequitur is difficult to parallelize. Inspired by Sequitur, we have developed a new GPU algorithm, that reveals the hierarchical structure in sequences and is also concurrency-friendly. Our algorithm, Pequitur, is built as a series of fast kernels (for intermittent synchronization), where each kernel attempts to minimize inter-thread communication and achieve a good load balance among the GPU threads. As opposed to Sequitur, Pequitur follows a greedy strategy to find good productions, that are productions formed by long and frequent substrings. We have implemented and evaluated our algorithm on the NVIDIA K20c card on random strings drawn from multiple distributions. On our benchmarks, Pequitur achieves an average speedup of more than 3X over an optimized Sequitur implementation with similar compression ratios.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122432332","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"From ZeuS to Zitmo: Trends in Banking Malware","authors":"Najla Etaher, G. Weir, M. Alazab","doi":"10.1109/Trustcom.2015.535","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.535","url":null,"abstract":"In the crimeware world, financial botnets are a global threat to banking organizations. Such malware purposely performs financial fraud and steals critical information from clients' computers. A common example of banking malware is the ZeuS botnet. Recently, variants of this malware have targeted mobile platforms, as The-ZeuS-in-the-Mobile or Zitmo. With the rise in mobile systems, platform security is becoming a major concern across the mobile world, with rising incidence of compromising Android devices. In similar vein, there have been mobile botnet attacks on iPhones, Blackberry and Symbian devices. In this setting, we report on trends and developments of ZeuS and its variants.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122122363","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Formalization of Fingerprinting Techniques","authors":"Fabian Lanze, A. Panchenko, T. Engel","doi":"10.1109/Trustcom.2015.452","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.452","url":null,"abstract":"Fingerprinting techniques aim to identify objects such as devices, data, users, or even attacks, based on distinctive characteristics. In the context of computer network security, these techniques have been proposed and successfully applied in different application scenarios and with different goals in mind, e.g., to detect attacks or even to perform attacks. However, the related works in this field do not follow a consistent definition and notation of fingerprinting. Hence, central concepts such as uniqueness are mistakenly confused. In this paper, we tackle this issue by proposing a novel formalization approach of fingerprinting techniques. Our formal model is based on clear mathematical definitions and centered around the concept of a fingerprinting feature as a distinctive characteristic. We apply our formal model in two different application scenarios of remarkable research interest to illustrate its validity, flexibility and universality.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116835652","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Dynamic Credible Factory Reset Mechanism of Personal Data in Android Device","authors":"Dali Zhu, Zheming Fan, N. Pang","doi":"10.1109/Trustcom.2015.474","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.474","url":null,"abstract":"Due to plenty of confidential and private information stored on the phone, the security of it has become more prominent increasingly. The private information storing on Android devices can be recovered easily even if it is reset by traditional data factory reset process. It is extremely unsafe and unreliable especially for the phone lent to others. In this paper, we proposed a dynamic credible factory mechanism of personal data in Android device to protect privacy. Not only it can allow users to factory reset the system quickly and safely, but it also thoroughly crushes application data files while applications are not deleted. The mechanism is based on a private file recognition algorithm that checks the properties of file tree dynamically proposed in the paper and credible erase on data blocks pointed from special inode of private files on the flash storage under the condition of no remounting and no rebooting. It aims to provide a more secure, fast crush method in Android system to prevent individual private data being recovered maliciously. We implemented our credible factory mechanism to evaluate their performance.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"2016 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128995398","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Extended Model of Side-Information in Garbling","authors":"Tommi Meskanen, Valtteri Niemi, Noora Nieminen","doi":"10.1109/Trustcom.2015.469","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.469","url":null,"abstract":"Increasingly many applications utilize network-based solutions these days, such as cloud computing or Internet of Things technologies. Processing private data in various applications over the Internet raises concerns about the user privacy. These concerns may be solved by using novel cryptographic methods, of which garbling schemes is one. Side-information is a key concept for defining the security of garbling schemes since it tells what is allowed to be leaked about the garbled evaluation. Current definitions have a full support to logic circuits while the concept of a garbling scheme should encompass all garbling techniques independent of the model of computation. In this paper, we improve the definition of side-information to fit any computation model, especially Turing machines. Moreover, we show that our definition of side-information also describes better the various threats against the security of garbling schemes, including possible side-channel attacks. We also demonstrate that the new definition has also the following advantages compared to the existing definitions. Our model of side-information supports a wider set of applications, including partial garbling schemes. Our model simplifies the security definitions of garbling schemes without compromising the existing results about the security relations of garbling schemes.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129641103","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"EyeCloud: A BotCloud Detection System","authors":"M. Memarian, M. Conti, V. Leppänen","doi":"10.1109/Trustcom.2015.484","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.484","url":null,"abstract":"Leveraging cloud services, companies and organizations can significantly improve their efficiency, as well as building novel business opportunities. A significant research effort has been put in protecting cloud tenants against external attacks. However, attacks that are originated from elastic, on-demand and legitimate cloud resources should still be considered seriously. The cloud-based botnet or botcloud is one of the prevalent cases of cloud resources misuses. Unfortunately, some of the cloud's essential characteristics enable criminals to form reliable and low cost botclouds in a short time. In this paper, we present EyeCloud, a system that helps to detect distributed infected Virtual Machines (VMs) acting as elements of botclouds. Based on a set of botnet related system level symptoms, EyeCloud groups VMs. Grouping VMs helps to separate infected VMs from others and narrows down the target group under inspection. EyeCloud takes advantages of Virtual Machine Introspection (VMI) and data mining techniques.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126683838","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"An Algorithm for Identifying the Learning Patterns in Big Data","authors":"Majed Farrash, Wenjia Wang","doi":"10.1109/Trustcom.2015.561","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.561","url":null,"abstract":"Divide-and-Conquer is probably the most commonly used strategy to deal with a big data that is too big to be loaded into any computing system's memory as a whole for analysis. It partitions such a big dataset into many smaller subsets that can be loaded into computer memory separately to induce models, which can be combined by machine learning ensemble methods. However, it is not clear that how the size of subsets may affect the learning performance of individual models and their ensemble. This paper proposes an ensemble based algorithm to quickly detect their relational patterns in terms of ensemble accuracy and the size of partitioned data subset. An ensemble framework of the algorithm is implemented and tested on 12 relatively big benchmark datasets. The experimental results indicate that it is able to identify the relation patterns accurately and efficiently in less than 10 steps. The identified patterns show that in most cases it is not necessary to use the whole big dataset for analysis as few smaller subsets are already sufficiently representative of the underlying problem, which is obviously a useful knowledge in big data analysis.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125627892","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Save Our Passwords","authors":"M. Boonk, Ronald Petrlic, Christoph Sorge","doi":"10.1109/Trustcom.2015.449","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.449","url":null,"abstract":"Passwords, despite the problems they entail, are still the most common method of user authentication-mainly due to convenience. We present an approach that aims at keeping passwords as an authentication mechanisms while significantly improving their practical security. We store passwords on smartcards -- which is not new -- , but the novelty of our approach is that we perform user authentication with those securely stored passwords between the smartcard and the server, without requiring any changes on the server side. We show the results of our implementation and provide our TLS handshake implementation on a smartcard for the community.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121866459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Secure Northbound Interface for SDN Applications","authors":"Christian Banse, S. Rangarajan","doi":"10.1109/Trustcom.2015.454","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.454","url":null,"abstract":"Software-Defined Networking (SDN) promises to introduce flexibility and programmability into networks by offering a northbound interface (NBI) for developers to create SDN applications. However, current designs and implementations have several drawbacks, including the lack of extended security features. In this paper, we present a secure northbound interface, through which an SDN controller can offer network resources, such as statistics, flow information or topology data, via a REST-like API to registered SDN applications. A trust manager ensures that only authenticated and trusted applications can utilize the interface. Furthermore, a permission system allows for fine-grained authorization and access control to the aforementioned resources. We present a prototypical implementation of our interface and developed example applications using our interface, including an SDN management dashboard.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121722487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Idrees, S. Ayed, N. Cuppens-Boulahia, F. Cuppens
{"title":"Dynamic Security Policies Enforcement and Adaptation Using Aspects","authors":"M. Idrees, S. Ayed, N. Cuppens-Boulahia, F. Cuppens","doi":"10.1109/Trustcom.2015.533","DOIUrl":"https://doi.org/10.1109/Trustcom.2015.533","url":null,"abstract":"Enforcing access and usage control requirements, like permissions and obligations, to govern distributed systems is a complex and error-prone task and notably hard to implement. In this paper, we claim that various enforcement modes are needed to obtain an overall consistent enforcement of access and usage control requirements. We build our approach based on the aspect oriented concepts to dynamically enforce security policies. We also describe how this approach can be supported through the deployment phase of security aspects across the system.","PeriodicalId":277092,"journal":{"name":"2015 IEEE Trustcom/BigDataSE/ISPA","volume":"86 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134153913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
