发布求助
文献互助 智能选刊 最新文献

2013 Eighth Asia Joint Conference on Information Security最新文献

筛选
英文 中文
Detecting and Preventing Drive-By Download Attack via Participative Monitoring of the Web 通过参与式Web监控检测和防止驱动下载攻击
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.15
T. Matsunaka, J. Urakawa, A. Kubota
{"title":"Detecting and Preventing Drive-By Download Attack via Participative Monitoring of the Web","authors":"T. Matsunaka, J. Urakawa, A. Kubota","doi":"10.1109/ASIAJCIS.2013.15","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.15","url":null,"abstract":"Drive-by Download Attack (DBD) is one of the major threats on the web infrastructure. DBD attacks are triggered by user access to a malicious website and force users to download malware by exploiting the vulnerabilities of web browsers or plugins. Malicious websites are ephemeral. Therefore, it is necessary to gather fresh information related to malicious activities to detect and prevent such attacks. In this paper, we propose a framework that combats with DBD attacks with users' voluntary monitoring of the web. This framework tackles the two issues: ways to obtain up-to-date information related malicious activities and ways to provide up-to-date information to the world. The framework aims to realize a security ecosystem: users actively offer information about their activities on the web (e.g. access URL, download contents), and security analysts inspect the information to detect new threats and devise countermeasures for any new threats and then provide the countermeasures to users as feedback. The framework consists of sensors located on the user side and a centralized center located on the network side. Sensors are deployed in the web browser, in web proxies, and DNS servers. Sensors monitors the access URLs download contents, the method of triggering the link events (e.g. mouse click, move, redirected by the server), then the sensors report the data to the center. The center analyzes the data, derives the statistical data and the web link structure, and detects new threats by facilitating the characteristics of malicious web pages. This paper also shows a real world example that demonstrates the potential of our framework. The example implies that our focus on the change of the web link structure can detect illegal falsification of web pages. Our framework can obtain long-term data on how many hosts users are forced to access by the access of a web page, so we believe that our framework can distinguish legitimate changes in web pages with compromised changes.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129023176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Cryptanalysis on RFID Authentications Using Minimum Disclosure Approach 基于最小披露方法的RFID认证密码分析
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.13
H. Chien
{"title":"Cryptanalysis on RFID Authentications Using Minimum Disclosure Approach","authors":"H. Chien","doi":"10.1109/ASIAJCIS.2013.13","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.13","url":null,"abstract":"Secure authentication of low cost Radio Frequency Identification (RFID) with low computing capacity is a big challenge, as low-cost RFIDs own very-limited resources. Recently, Doss et al. proposed eye-catching RFID authentications, using minimum disclosure approach. These schemes were claimed to own several excellent security properties while required only very low computational complexities on tags. However, we shall examine the securities and show they fail in resisting tag impersonation attack and in protecting forward secrecy. Simple amendments are proposed to enhance the security.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113937166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Preventing Abuse of Cookies Stolen by XSS 防止滥用Cookies被盗的XSS
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.20
H. Takahashi, Kenji Yasunaga, M. Mambo, Kwangjo Kim, H. Youm
{"title":"Preventing Abuse of Cookies Stolen by XSS","authors":"H. Takahashi, Kenji Yasunaga, M. Mambo, Kwangjo Kim, H. Youm","doi":"10.1109/ASIAJCIS.2013.20","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.20","url":null,"abstract":"Cross Site Scripting (XSS) makes victims execute an arbitrary script and leaks out personal information from victims' computers. An adversary can easily get victim's cookies by the XSS attack. If the adversary cannot use the stolen cookies to impersonate the victim, stealing cookie has no meaning. Therefore, we propose a method to prohibit the abuse of stolen cookies in order to make it ineffective to steal cookies through the XXS attack. The proposed method uses one-time password and challenge-response authentication to identify whether a person is a valid owner of the cookie or not.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133930881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
A Scripting Language for Automating Secure Multiparty Computation 一种自动化安全多方计算的脚本语言
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.27
Kung Chen, T. Hsu, C. Liau, Da-Wei Wang
{"title":"A Scripting Language for Automating Secure Multiparty Computation","authors":"Kung Chen, T. Hsu, C. Liau, Da-Wei Wang","doi":"10.1109/ASIAJCIS.2013.27","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.27","url":null,"abstract":"In this paper, we report our work on a scripting language for automating the development of complex protocols for a commodity-based approach to SMC. Our scripting language models the participating parties in a peer-to-peer symmetric manner that each party holds their private data as well as any intermediate results jointly. We propose a three-level security attributes, namely public, private, and shared, that users can employ to express their security requirements by associating variables with these attributes. Furthermore, these security attributes also direct how our compiler should perform security check as well as code generation. We show how complex protocols can be expressed in our scripting language and how the compiler works to generates code exploiting the distributed SMC runtime environment we developed.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122144490","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Memory Forensics for Key Evidence Investigations in Case Illustrations 案例插图中关键证据调查的记忆取证
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.22
Ya-Ting Chang, Min-Ju Chung, Chin-Feng Lee, Cheng-Ta Huang, Shiuh-Jeng Wang
{"title":"Memory Forensics for Key Evidence Investigations in Case Illustrations","authors":"Ya-Ting Chang, Min-Ju Chung, Chin-Feng Lee, Cheng-Ta Huang, Shiuh-Jeng Wang","doi":"10.1109/ASIAJCIS.2013.22","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.22","url":null,"abstract":"Typically instant messaging software has to install inside the computer. By this way, the evidence could be therefore probed from the relative paths after operating it by the forensic procedures. Accompanying the appearance of the Web version of the instant messaging, this situation is changed accordingly. It has become a new challenge about the Information-volatile attributes and the data generated by the Web version of instant messaging. The chat messages will not leave any records in the hard disk by the Web version of instant messaging. The methods of forensic investigation are bound to change. However, during the running process, part of or the entire records will be dumped in the memory, the paging file and unallocated hard disk space. In this paper, we use the common instant messaging software \"Skype\" and Web version of \"Facebook Messenger\" as the target-cases. Because of the memory features mentioned above, some temporary volatile data will be collected by memory forensic technology. We illustrate our memory forensic technology by the two cases and show how to collect key-evidence in the forensic procedures step by step. In our scheme, we propose the forensic procedure to obtain the effective evidence such as the user's login account, password, contact list, and conversation records, etc. We turn out that the crime scene is able to be reconstructed by the key-evidence we seize in the Web version of instant messaging.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121031333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Suspicious URL Filtering Based on Logistic Regression with Multi-view Analysis 基于多视图逻辑回归的可疑URL过滤
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.19
Ke-Wei Su, Kuo-Ping Wu, Hahn-Ming Lee, Te-En Wei
{"title":"Suspicious URL Filtering Based on Logistic Regression with Multi-view Analysis","authors":"Ke-Wei Su, Kuo-Ping Wu, Hahn-Ming Lee, Te-En Wei","doi":"10.1109/ASIAJCIS.2013.19","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.19","url":null,"abstract":"The current malicious URLs detecting techniques based on whole URL information are hard to detect the obfuscated malicious URLs. The most precise way to identify a malicious URL is verifying the corresponding web page contents. However, it costs very much in time, traffic and computing resource. Therefore, a filtering process that detecting more suspicious URLs which should be further verified is required in practice. In this work, we propose a suspicious URL filtering approach based on multi-view analysis in order to reduce the impact from URL obfuscation techniques. URLs are composed of several portions, each portion has a specific use. The proposed method intends to learn the characteristics from multiple portions (multi-view) of URLs for giving the suspicion level of each portion. Adjusting the suspicion threshold of each portion, the proposed system would select the most suspicious URLs. This work uses the real dataset from T. Co. to evaluate the proposed system. The requests from T. Co. are (1) detection rate should be less than 25%, (2) missing rate should be lower than 25%, and (3) the process with one hour data should be end in an hour. The experiment results show that our approach is effective, is capable to reserve more malicious URLs in the selected suspicious ones and satisfy the requests given by practical environment, such as T. Co. daily works.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116078180","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Present Cyber Threat Management (Methodologies to Mitigate Evolving Cyber-Attacks) 当前网络威胁管理(缓解不断演变的网络攻击的方法)
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.24
B. G. Mawudor
{"title":"Present Cyber Threat Management (Methodologies to Mitigate Evolving Cyber-Attacks)","authors":"B. G. Mawudor","doi":"10.1109/ASIAJCIS.2013.24","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.24","url":null,"abstract":"Current lifestyle of organizations depend on information exchange and easy access to allow for a progressive business continuity. All these are done with computers and the internet and with the fast pace at which information sharing through the internet is evolving, so as the level of threat increases to hackers with malicious intent. The methods of cyber-attacks are changing for faster results and thus requires organizations to adopt and adapt to working solutions to curb such threats if not eradicate them.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129126096","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Detect Zero by Using Symmetric Homomorphic Encryption 利用对称同态加密检测零
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.8
D. Guan, Chen-Yu Tsai, E. Zhuang
{"title":"Detect Zero by Using Symmetric Homomorphic Encryption","authors":"D. Guan, Chen-Yu Tsai, E. Zhuang","doi":"10.1109/ASIAJCIS.2013.8","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.8","url":null,"abstract":"First, we prove that a homomorphic encryption with a function of detecting zero, detecting equality, comparing the value or detecting overflow on cipher texts is not secure if there is no restriction to limit the times of operating these functions. Then we analyze that a homomorphic encryption scheme can still detect zero with some restrictions. If we allow all the people to detect zero on cipher texts, then there is no method better than the key-owner decrypts the cipher text and announces the result. However, if we allow only few people to detect zero when key owner agrees, then we can construct a symmetric homomorphic encryption scheme with our new version of ring learn with error assumption.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127368891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Secure Certificateless Signature Scheme Supporting Batch Verification 支持批量验证的安全无证书签名方案
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.9
Chun-I Fan, P. Ho, Jheng-Jia Huang, Yi-Fan Tseng
{"title":"Secure Certificateless Signature Scheme Supporting Batch Verification","authors":"Chun-I Fan, P. Ho, Jheng-Jia Huang, Yi-Fan Tseng","doi":"10.1109/ASIAJCIS.2013.9","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.9","url":null,"abstract":"In this paper, we propose a secure certificate less signature scheme supporting batch verification, which makes it possible for a verifier to verify a set of signatures more efficiently than verifying them one by one. In our proposed scheme, it is impossible for PKG to produce a signature which is indistinguishable from any signature produced by a user. Compared with existing signature schemes with batch verification, although our proposed scheme is not the most efficient one, it achieves Girault's Level-3 security, while the others have Girault's Level-1 or Level-2 security only.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127618420","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Design and Implementation of Digital Forensic Software for iPhone iPhone数字取证软件的设计与实现
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.21
Chung-Nan Chen, R. Tso, Chung-Huang Yang
{"title":"Design and Implementation of Digital Forensic Software for iPhone","authors":"Chung-Nan Chen, R. Tso, Chung-Huang Yang","doi":"10.1109/ASIAJCIS.2013.21","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.21","url":null,"abstract":"IPhone, which is equipped with the iOS operating system has become one of the most popular smart phones since its release in June, 2007, with its popularity and extensive use, it has certainly become the microcomputer that is necessary in our daily lives. However, the increasing trend of safety and criminal issues has made the development of iPhone forensics become a must. Because of the gradual development and the increasing attention it receives, it's required to develop forensic software. The aim of the research is to develop and implement Mac operating system forensic software towards iOS system which uses Objective-C and Shell Script. We conduct logical acquisition through the forensic program combined with open source device-libimobile device to conduct logical collection on the device. to extract phone calls, text messages, photos, contact list, web browsing information, SIM card information, memos, etc, use the characteristic of SQLite to recover old and deleted data to assist the investigators to conduct the acquisition and analysis of digital evidence.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126408984","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信