发布求助
文献互助 智能选刊 最新文献

2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing最新文献

筛选
英文 中文
Cyber-Threats Information Sharing in Cloud Computing: A Game Theoretic Approach 云计算中的网络威胁信息共享:一种博弈论方法
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.80
C. Kamhoua, Andrew P. Martin, Deepak K. Tosh, K. Kwiat, Chad Heitzenrater, S. Sengupta
{"title":"Cyber-Threats Information Sharing in Cloud Computing: A Game Theoretic Approach","authors":"C. Kamhoua, Andrew P. Martin, Deepak K. Tosh, K. Kwiat, Chad Heitzenrater, S. Sengupta","doi":"10.1109/CSCloud.2015.80","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.80","url":null,"abstract":"Cybersecurity is among the highest priorities in industries, academia and governments. Cyber-threats information sharing among different organizations has the potential to maximize vulnerabilities discovery at a minimum cost. Cyber-threats information sharing has several advantages. First, it diminishes the chance that an attacker exploits the same vulnerability to launch multiple attacks in different organizations. Second, it reduces the likelihood an attacker can compromise an organization and collect data that will help him launch an attack on other organizations. Cyberspace has numerous interconnections and critical infrastructure owners are dependent on each other's service. This well-known problem of cyber interdependency is aggravated in a public cloud computing platform. The collaborative effort of organizations in developing a countermeasure for a cyber-breach reduces each firm's cost of investment in cyber defense. Despite its multiple advantages, there are costs and risks associated with cyber-threats information sharing. When a firm shares its vulnerabilities with others there is a risk that these vulnerabilities are leaked to the public (or to attackers) resulting in loss of reputation, market share and revenue. Therefore, in this strategic environment the firms committed to share cyber-threats information might not truthfully share information due to their own self-interests. Moreover, some firms acting selfishly may rationally limit their cybersecurity investment and rely on information shared by others to protect themselves. This can result in under investment in cybersecurity if all participants adopt the same strategy. This paper will use game theory to investigate when multiple self-interested firms can invest in vulnerability discovery and share their cyber-threat information. We will apply our algorithm to a public cloud computing platform as one of the fastest growing segments of the cyberspace.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123763475","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 33
Detection and Identification of Android Malware Based on Information Flow Monitoring 基于信息流监控的Android恶意软件检测与识别
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.27
Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong
{"title":"Detection and Identification of Android Malware Based on Information Flow Monitoring","authors":"Radoniaina Andriatsimandefitra, Valérie Viet Triem Tong","doi":"10.1109/CSCloud.2015.27","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.27","url":null,"abstract":"Information flow monitoring has been mostly used to detect privacy leaks. In a previous work, we showed that they can also be used to characterize Android malware behaviours and in the current one we show that these flows can also be used to detect and identify Android malware. The characterization consists in computing automatically System Flow Graphs that describe how a malware disseminates its data in the system. In the current work, we propose a method that uses these SFG-based malware profile to detect the execution of Android malware by monitoring the information flows they cause in the system. We evaluated our method by monitoring the execution of 39 malware samples and 70 non malicious applications. Our results show that our approach detected the execution of all the malware samples and did not raise any false alerts for the 70 non malicious applications.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127011414","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
PhD Forum: A System Identification Approach to Monitoring Network Traffic Security 博士论坛:监控网络流量安全的系统识别方法
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.85
Quentin Mayo, Renée C. Bryce, R. Dantu
{"title":"PhD Forum: A System Identification Approach to Monitoring Network Traffic Security","authors":"Quentin Mayo, Renée C. Bryce, R. Dantu","doi":"10.1109/CSCloud.2015.85","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.85","url":null,"abstract":"Network security is a growing area of interest for cyber systems, especially given the increasing number of attacks on companies each year. Though there are a vast amount of tools already available, System Identification (SI) complements intrusion detection systems to help manage network traffic stability. SI is the science of building mathematical models of dynamic systems. This paper introduces the use of SI for modeling network traffic and utilizes a linear time invariant model to analyze performance of real connections and attack instances. We generated several ARX models where each represented a different threat state in the network. We utilized the KDD CUP 1999's DARPA dataset to analyze the performance when dealing with different attacks. Results show that the average model fit was 84.14% when determining if the system was experiencing normal traffic. This value is promising because it shows how well the system is able to determine a network state in a given time when fed input.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114912594","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An Uneven Distributed System for Dynamic Taint Analysis Framework 动态污点分析框架的非均匀分布式系统
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.20
Xuefei Wang, Hengtai Ma, Ke Yang, Hongliang Liang
{"title":"An Uneven Distributed System for Dynamic Taint Analysis Framework","authors":"Xuefei Wang, Hengtai Ma, Ke Yang, Hongliang Liang","doi":"10.1109/CSCloud.2015.20","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.20","url":null,"abstract":"Dynamic taint analysis has been widely used in software testing, debugging, vulnerability detection and other fields. A popular idea is that we can combine dynamic taint analysis with symbolic execution techniques or fuzz techniques forming the testing framework to test automatically. When testing large applications which costs longer time, a distributed system can be very practical. However, the common distributed system is load balancing which distributes tasks without considering the various performance of each machine, resulting that some machines with poor configuration will burden too much load. In this paper, we present an uneven distributed system, which splits the dynamic taint analysis framework into some modules, and then distributes the modules to different machines classified by their performance. The design and distribution method are all based on the feature of each module. In the studies, we applied the system to test 5 applications compared with the load balancing distributed system, and the results shows it can indeed distribute tasks uneven according to different performance.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128656627","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Split-System: The New Frontier of Cloud Computing 分裂系统:云计算的新前沿
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.29
B. Rawal, R. Karne, Quiang Duan
{"title":"Split-System: The New Frontier of Cloud Computing","authors":"B. Rawal, R. Karne, Quiang Duan","doi":"10.1109/CSCloud.2015.29","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.29","url":null,"abstract":"Split-protocol computing paradigm uses web services on geographically distributed Web servers. A network of large Split-servers that form the cloud to handles computing and storage task that would otherwise create a heavy CPU utilization for the traditional individual server. The split-protocol concept was devised for load balancing and faster data transmission. Connection and data communication phases are clearly divided between servers without involving the client or the central controlling mechanism, like a dispatcher or a load balancer. In an earlier paper, we demonstrated that the application Split-protocol produces higher performance compared to traditional clusters. Based on the need, different types of split configurations are implemented for throughput, response time, and connection time. The observed throughput improvement was within the range 6.5% - 25% over non-split systems. This paper first time examines the empirical results of Split-system to understand its analytical behavior and compares with traditional non-split systems. Also, this paper prepares the groundwork for the scientific understanding of Split-systems. The split-system technique with given sets of constraints can produce better throughput than conventional equivalent server systems. The performance improvement resulted because of the Split-system operates as a fine-grained pipeline of the parallel system.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117180940","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Adaptive Resource Allocation Optimization in Heterogeneous Mobile Cloud Systems 异构移动云系统中的自适应资源分配优化
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.60
Longbin Chen, Yucong Duan, Meikang Qiu, Jian Xiong, Keke Gai
{"title":"Adaptive Resource Allocation Optimization in Heterogeneous Mobile Cloud Systems","authors":"Longbin Chen, Yucong Duan, Meikang Qiu, Jian Xiong, Keke Gai","doi":"10.1109/CSCloud.2015.60","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.60","url":null,"abstract":"Recent growth of cloud computing has driven the development of Heterogeneous Cloud Federation (HCF) that has been considered an approach of improving the diversity of cloud systems by enable cloud users to select resources provided by different service providers. Using this mechanism can divide a complicate task into a group of sub-tasks in order to increase the efficiency of application executions, which can support simultaneously executing different cloud systems. One of the resource allocation mechanisms is to schedule tasks among cloud providers. However, current challenge of implementing this mechanism is to generate an efficient task scheduling. We consider mobile cloud computing an adaptive approach for increasing the utilizations of mobile devices. Addressing this dimension, we propose our solution named Mobile Cloud-based Heterogeneous Resource Allocation Model (MC-HRAM), which is designed to minimize the execution time. The main algorithm used in the proposed model is Dynamic Heterogeneous Task Assignments Algorithm (DHTA). Our experimental evaluation has proved that our proposed schema has an advantage of saving execution time.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122848613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 25
Predicting Vulnerability Exploits in the Wild 预测野外的漏洞利用
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.56
Michel Edkrantz, Staffan Truvé, Alan Said
{"title":"Predicting Vulnerability Exploits in the Wild","authors":"Michel Edkrantz, Staffan Truvé, Alan Said","doi":"10.1109/CSCloud.2015.56","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.56","url":null,"abstract":"Every day numerous new vulnerabilities and exploits are reported for a wide variety of different software configurations. There is a big need to be able to quickly assess associated risks and sort out which vulnerabilities that are likely to be exploited in real-world attacks. A small percentage of all vulnerabilities account for almost all the observed attack volume. We use machine learning to make automatic predictions for unseen vulnerabilities based on previous exploit patterns.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124251816","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Privacy-Preserving Data Exfiltration Monitoring Using Homomorphic Encryption 利用同态加密保护隐私的数据泄露监控
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.96
K. Rohloff
{"title":"Privacy-Preserving Data Exfiltration Monitoring Using Homomorphic Encryption","authors":"K. Rohloff","doi":"10.1109/CSCloud.2015.96","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.96","url":null,"abstract":"Monitoring and encryption are essential to secure today's computer networks. Monitoring network traffic data can be especially useful to protect against data exfiltration by detecting signatures in file metadata to identify especially sensitive files that should not be publicly released. Encryption restricts the visibility of signatures, but this may be needed because some signatures used to protect against data exfiltration may themselves be sensitive, as knowledge of signatures could help adversaries circumvent monitoring. We present results on a prototype exfiltration guard to securely and privately monitor flows of encrypted information for encrypted signatures without requiring the decryption of the data flows or the signatures or the sharing of decryption keys. Our approach is based on using homomorphic encryption to enables secure computing on encrypted data. We show experimental results with a prototype proof-of-concept encrypted data guard running on a commodity computing hardware. These designs point to possible future advances driven by ongoing homomorphic encryption improvements to compute on encrypted data for more advanced and secure filtering and exfiltration protection schemes.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"287 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132384682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Secure and Efficient Personal Health Record Scheme Using Attribute-Based Encryption 基于属性加密的安全高效的个人健康记录方案
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.40
K. Fan, Nana Huang, Yue Wang, Hui Li, Yintang Yang
{"title":"Secure and Efficient Personal Health Record Scheme Using Attribute-Based Encryption","authors":"K. Fan, Nana Huang, Yue Wang, Hui Li, Yintang Yang","doi":"10.1109/CSCloud.2015.40","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.40","url":null,"abstract":"With the rapid development of the cloud computing, personal health record (PHR) has attracted great attention of many researchers all over the world recently. However, PHR, which is often outsourced to be stored at a third party, has many security and efficiency issues. Therefore, the study of secure and efficient Personal Health Record Scheme to protect users' privacy in PHR files is of great significance. In this paper, we present a secure and efficient Personal Health Record scheme called SE-PHR. In the SE-PHR scheme, we divide the users into personal domain (PSD) and public domain (PUD) logically. In the PSD, the Key-Aggregate Encryption called KAE is exploited. For the users of PUD, we use outsource-able multi-authority attribute-based encryption (MA-ABE) to largely eliminate the overhead for users and support efficient attribute revocation without updating the user's private key. Our scheme also presents a new algorithm which enables dynamic modification of access policies. Function and performance testing results show the security and efficiency of the proposed SE-PHR.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124588868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Threshold Attribute-Based Signcryption in Standard Model 标准模型中基于阈值属性的签名加密
2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing Pub Date : 2015-11-03 DOI: 10.1109/CSCloud.2015.16
Haibin Zheng, Jing Qin, Jiankun Hu, Qianhong Wu
{"title":"Threshold Attribute-Based Signcryption in Standard Model","authors":"Haibin Zheng, Jing Qin, Jiankun Hu, Qianhong Wu","doi":"10.1109/CSCloud.2015.16","DOIUrl":"https://doi.org/10.1109/CSCloud.2015.16","url":null,"abstract":"Signcryption is a public key cryptosystem that achieves the functions of digital signature and public key encryption simultaneously. It significantly reduces the cost of traditional signature-then-encryption approach. Although a large body of signcryption schemes have been proposed, few works have been done on attribute-based signcrytion (ABSC) which simultaneously achieves the functionalities of attribute-based encryption (ABE) and attribute-based signature (ABS), two important cryptographic primitives proposed to enforce fine-grained access control and user authentication in cloud computing applications. In this paper, we present a threshold attribute-based signcryption (TABSC) scheme. The scheme is proven secure under the well-established Decisional Bilinear Diffie-Hellman (DBDH) and the standard Computational Diffie-Hellman (CDH) assumptions in the standard model. Compared with the state of the ABSC art, our scheme has comparable efficiency without relying on any random oracle.","PeriodicalId":278090,"journal":{"name":"2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122665207","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信