发布求助
文献互助 智能选刊 最新文献

2013 Eighth Asia Joint Conference on Information Security最新文献

筛选
英文 中文
Formal Analysis of ISO/IEC 9798-2 Authentication Standard Using AVISPA ISO/IEC 9798-2认证标准使用AVISPA的形式化分析
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.25
Sheikh Ziauddin, Bruno Martin
{"title":"Formal Analysis of ISO/IEC 9798-2 Authentication Standard Using AVISPA","authors":"Sheikh Ziauddin, Bruno Martin","doi":"10.1109/ASIAJCIS.2013.25","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.25","url":null,"abstract":"Use of formal methods is considered as a useful and efficient technique for the validation of security properties of the protocols. In this paper, we analyze the protocols of ISO/IEC 9798-2 entity authentication standard using a state-of-the-art tool for automated analysis named AVISPA. Our analysis of the standard using AVISPA's OFMC and CL-AtSe back-ends shows that the two party protocols are secure against the specified security properties while the back-ends are able to find attacks against unilateral and mutual authentication protocols involving a trusted third party.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132122220","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
On Zero-Knowledge Identification Based on Q-ary Syndrome Decoding 基于Q-ary综合征解码的零知识识别
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.10
Rong Hu, Kirill Morozov, T. Takagi
{"title":"On Zero-Knowledge Identification Based on Q-ary Syndrome Decoding","authors":"Rong Hu, Kirill Morozov, T. Takagi","doi":"10.1109/ASIAJCIS.2013.10","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.10","url":null,"abstract":"Cayrel.et.al at SAC 2010 proposed a zero-knowledge identification scheme based on syndrome decoding of q-ary codes. It is a 5-pass scheme with soundness error q/2(q-1). We propose an alternative to this scheme by generalizing (binary) Stern zero-knowledge identification from CRYPTO 1993 directly to q-ary setting. Our proposal is a 3-pass scheme with soundness error 2/3. We show that it is superior to Cayrel et al scheme in terms of communication cost for the case q = {3, 4}. A possible application for q-ary code-based identification schemes with small q is a proof of plaintext knowledge for code-based public key encryption.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115705822","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Search Engine Based Investigation on Misconfiguration of Zone Transfer 基于搜索引擎的区域转移错误配置研究
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.16
Yin Minn Pa Pa, K. Yoshioka, Tsutomu Matsumoto
{"title":"Search Engine Based Investigation on Misconfiguration of Zone Transfer","authors":"Yin Minn Pa Pa, K. Yoshioka, Tsutomu Matsumoto","doi":"10.1109/ASIAJCIS.2013.16","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.16","url":null,"abstract":"This study proposes how to investigate the existence of misconfigurations of zone transfer in any level of domain name system hierarchy using search engine based approach without the need to look at the zone file. The analysis has been conducted on 1,284 authoritative name servers of 314 top-level domains and 46,416 authoritative name servers of second level domain of 249 country code top-level domains. In case of top-level domains investigation, 84 name servers authoritative to answer for 53 top-level domains are misconfigured and allow zone transfer to us. In case of second level domains investigation, 5,394 authoritative name servers authoritative to answer for 6,234 second-level domains allow zone transfer. In particular, we found a serious misconfiguration case where the misconfigured DNS server was authoritative for not only its TLD but also SLD and lower level, exposing 83 % the DNS related information of the country to the public.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126615764","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
An Efficient and Provable Secure Security-Mediated Identity-Based Identification Scheme 一种高效且可证明的安全安全的安全中介身份识别方案
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.12
Ji-Jian Chin, R. Behnia, Swee-Huay Heng, R. Phan
{"title":"An Efficient and Provable Secure Security-Mediated Identity-Based Identification Scheme","authors":"Ji-Jian Chin, R. Behnia, Swee-Huay Heng, R. Phan","doi":"10.1109/ASIAJCIS.2013.12","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.12","url":null,"abstract":"In USENIX 2001, Boneh et al. introduced a new way of obtaining fast revocation for RSA keys with the help of a security mediator. In 2003, Boneh et al. also showed how to convert the security-mediated RSA encryption scheme into an identity-based mediated RSA encryption scheme. This new technique addressed the shortcoming of identity-based cryptography where revocation required appending the valid date for a user's keys together with his identity-string, allowing for instant revocation of invalid user keys. Subsequently, many security-mediated cryptographic primitives were proposed. Surprisingly however, no work has yet to be done to address security-mediated identity-based identification schemes despite more than a decade has passed since this feature was incorporated into encryption and signature primitives. In this paper, we provide that contribution by defining the appropriate security notions for achieving fast revocation for identity-based identification schemes. Subsequently we show a concrete scheme that achieves these security notions under provable security.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125027048","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Adaptive Feature-Weighted Alert Correlation System Applicable in Cloud Environment 适用于云环境的自适应特征加权报警关联系统
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.14
Chih-Hung Wang, Ji-Min Yang
{"title":"Adaptive Feature-Weighted Alert Correlation System Applicable in Cloud Environment","authors":"Chih-Hung Wang, Ji-Min Yang","doi":"10.1109/ASIAJCIS.2013.14","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.14","url":null,"abstract":"Growing with the technology, there are many new attack techniques presented in the cloud environment. Different from the general server, once the cloud environment suffered from malicious attacks, people or companies will get caught in extreme dangers. Therefore, it is important for network security in cloud. Since there are a lot of packets in network traffic including malicious packets, huge amounts of alerts will be generated by the intrusion detection system. Analyzing these alert data is time-consuming and it is difficult to obtain the attack steps and strategies immediately by directly performing these analyses. We proposed an adaptive feature-weighted alert correlation system that employs a Bayesian Network to choose the features with high relevance and then adjusts the feature weights according to the statistics of Bayesian Network in a period of time. We estimate the correlation probability of two alerts with the relevant features by using the Feature Wight Matrix, and the correlation probability is recorded in Alert Correlation Matrix. Using the information in Alert Correlation Matrix, we can extract high level attack strategies and construct attack graphs. In our system, facing a great deal of network traffic, the administrator can accurately recognize intruders' intentions and learn about the attack probabilities and network security situations.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"112 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133659845","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Automatic Adding License Management Functionality for Android Applications Android应用自动添加License管理功能
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.26
Ming-Chih Kao, W. Kuo, Yu-Hsuan Pan
{"title":"Automatic Adding License Management Functionality for Android Applications","authors":"Ming-Chih Kao, W. Kuo, Yu-Hsuan Pan","doi":"10.1109/ASIAJCIS.2013.26","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.26","url":null,"abstract":"With the growth of applications on mobile devices, developers can easy distribute their applications by the various software marketplaces. Generally, the applications need some code to execute license management functionality, and so developers must learn how to add such license management code for each software marketplace. This has resulted in increasing complexity and development time of applications. In order to prevent the potential errors or bugs resulted from adding functionality, we designed an automatic process of adding license management code for an application marketplace prototype. Experimental results show the automatic process can repackage hundreds of Android applications efficiently and meet the requirement of the marketplace prototype.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133289394","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Efficient and Practical Fair Buyer-Anonymity Exchange Scheme Using Bilinear Pairings 一个高效实用的双线性对公平买方匿名交换方案
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.11
Wen-Shenq Juang
{"title":"An Efficient and Practical Fair Buyer-Anonymity Exchange Scheme Using Bilinear Pairings","authors":"Wen-Shenq Juang","doi":"10.1109/ASIAJCIS.2013.11","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.11","url":null,"abstract":"A practical and efficient fair exchange scheme can be used in electronic commerce for exchanging digital goods with payment. In order to provide offline transaction, most of the practical and flexible fair exchange schemes need the involving of the trusted third parties to resolve the disputes and ensure the fairness in the exchange. Also, if a fair exchange service deals with the exchange between the payment and the digital goods, buyer-anonymity is a nice function to attract customers to use this service. In this paper, we propose a practical and efficient fair buyer-anonymity exchange scheme for electronic commerce. In our scheme, we use bilinear pairings in elliptic curves to reduce the computation and communication cost. Since only the customer and the merchant are involved during the exchange phase, our scheme can provide truly offline transaction. Also, the buyer anonymity is preserved in our scheme for attracting customers to use this service.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123114220","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Detecting HTTP-Based Botnet Based on Characteristic of the C & C Session Using by SVM 基于http特性的僵尸网络检测C会话使用SVM
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.17
Kazumasa Yamauchi, Y. Hori, K. Sakurai
{"title":"Detecting HTTP-Based Botnet Based on Characteristic of the C & C Session Using by SVM","authors":"Kazumasa Yamauchi, Y. Hori, K. Sakurai","doi":"10.1109/ASIAJCIS.2013.17","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.17","url":null,"abstract":"With the spread of computer, the increase of malwareis a serious problem. In some malware, damage caused by bot net is a serious problem. Botnets perform the attack by remote control. The purpose of the present work is to suppress the bot net activity by detecting the C&C traffic through well-suited observations. There already exists many detection techniques, most of which focus on IRC-based bot net, and very little focus on HTTP-based bot net, even less, which include comparisons between both detection techniques. In this work, we focus on the HTTP-based bot net, and in order to classify normal HTTP session and C&C session, we make use of Support Vector Machine.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128209518","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Histogram-Based Reversible Information Hiding Improved by Prediction with the Variance to Enhance Image Quality 利用方差预测改进基于直方图的可逆信息隐藏,提高图像质量
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.23
C. Weng, Cheng-Hsing Yang, Chun-I Fan, Kuan-Liang Liu, Hung-Min Sun
{"title":"Histogram-Based Reversible Information Hiding Improved by Prediction with the Variance to Enhance Image Quality","authors":"C. Weng, Cheng-Hsing Yang, Chun-I Fan, Kuan-Liang Liu, Hung-Min Sun","doi":"10.1109/ASIAJCIS.2013.23","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.23","url":null,"abstract":"Reversible data hiding based on prediction-based is a good technique that can hide message bits into digital images with low distortion. In this paper, we propose a reversible data hiding method based on interleaving prediction and local complexity for enhancing stego-image quality. The thresholds and local complexity are used to determine which predicted error should join the group of pixel shifting or message concealing. If the local complexity is smaller than thresholds, the predicted error will be taken for message hiding or pixel shifting, otherwise, if the local complexity is larger than thresholds, the predicted error will quit joining the process of data concealing and pixel shifting. Therefore, more pixels will avoid executing the process of pixel shifting, resulting to images with lower distortion. The experimental results show that our image quality is superior to other approaches at the same payload.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"40 ","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120873890","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Efficient Malware Packer Identification Using Support Vector Machines with Spectrum Kernel 基于谱核支持向量机的恶意软件高效识别
2013 Eighth Asia Joint Conference on Information Security Pub Date : 2013-07-25 DOI: 10.1109/ASIAJCIS.2013.18
Tao Ban, Ryoichi Isawa, Shanqing Guo, D. Inoue, K. Nakao
{"title":"Efficient Malware Packer Identification Using Support Vector Machines with Spectrum Kernel","authors":"Tao Ban, Ryoichi Isawa, Shanqing Guo, D. Inoue, K. Nakao","doi":"10.1109/ASIAJCIS.2013.18","DOIUrl":"https://doi.org/10.1109/ASIAJCIS.2013.18","url":null,"abstract":"Packing is among the most popular obfuscation techniques to impede anti-virus scanners from successfully detecting malware. Efficient and automatic packer identification is an essential step to perform attack on ever increasing malware databases. In this paper we present a p-spectrum induced linear Support Vector Machine to implement an automated packer identification with good accuracy and scalability. The efficacy and efficiency of the method is evaluated on a dataset composed of 3228 packed files created by 25 packers with near-perfect identification results reported. This method can help to improve the scanning efficiency of anti-virus products and ease efficient back-end malware research.","PeriodicalId":286298,"journal":{"name":"2013 Eighth Asia Joint Conference on Information Security","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132828585","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信