发布求助
文献互助 智能选刊 最新文献

Proceedings of the 8th International Conference on Security of Information and Networks最新文献

筛选
英文 中文
DRACO: DRoid analyst combo an android malware analysis framework DRoid分析师组合一个android恶意软件分析框架
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800003
S. Bhandari, Rishabh Gupta, V. Laxmi, M. Gaur, A. Zemmari, M. Anikeev
{"title":"DRACO: DRoid analyst combo an android malware analysis framework","authors":"S. Bhandari, Rishabh Gupta, V. Laxmi, M. Gaur, A. Zemmari, M. Anikeev","doi":"10.1145/2799979.2800003","DOIUrl":"https://doi.org/10.1145/2799979.2800003","url":null,"abstract":"Android being the most popular open source mobile operating system, attracts a plethora of app developers. Millions of applications are developed for Android platform with a great extent of behavioral diversities and are available on Play Store as well as on many third party app stores. Due to its open nature, in the past Android Platform has been targeted by many malware writers. The conventional way of signature-based detection methods for detecting malware on a device are no longer promising due to an exponential increase in the number of variants of the same application with different signatures. Moreover, they lack in dynamic analysis too. In this paper, we propose DRACO, which employs a two-phase detection technique that blends the synergy of both static and dynamic analysis. It has two modules, client module that is in the form an Android app and gets installed on mobile devices and a server module that runs on a server. DRACO also explains user about the features contributing to the maliciousness of analyzed app and generates scoring for that maliciousness. It does not require any root or super-user privileges. In an evaluation of 18,000 benign applications and 10,000 malware samples, DRACO performs better than several related existing approaches and detects 98.4% of the malware with few false alerts. On ten popular smartphones, the method requires an average of 6 seconds for on device analysis and 90 seconds on server analysis.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115146350","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
Modeling of next-generation firewalls as queueing services 将下一代防火墙建模为排队服务
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2799997
S. Zapechnikov, N. Miloslavskaya, A. Tolstoy
{"title":"Modeling of next-generation firewalls as queueing services","authors":"S. Zapechnikov, N. Miloslavskaya, A. Tolstoy","doi":"10.1145/2799979.2799997","DOIUrl":"https://doi.org/10.1145/2799979.2799997","url":null,"abstract":"The paper presents an analytical model to study the performance and availability of queueing systems with finite queue and a lot of service phases. The first phase has the exponential distribution of service time, while the second one has the hyper-Erlangian distribution. The analytical results obtained are verified using discrete-event simulation. A few numerical examples for varying the service rates and arrival rates are given. The results presented in the paper can be used for analysis of the Next Generation Firewalls (NGFWs).","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122409778","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Towards proactive detection of advanced persistent threat (APT) attacks using honeypots 利用蜜罐主动检测高级持续性威胁(APT)攻击
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800042
Zainab Saud, M. H. Islam
{"title":"Towards proactive detection of advanced persistent threat (APT) attacks using honeypots","authors":"Zainab Saud, M. H. Islam","doi":"10.1145/2799979.2800042","DOIUrl":"https://doi.org/10.1145/2799979.2800042","url":null,"abstract":"The Advanced Persistent Threat (APT) attacks are special kind of slow moving attacks that are designed to defeat security controls using unique attack vectors and malware specifically developed for the target organization. Aim behind APT attacks is not to disrupt services but to steal valuable data and intellectual property. Therefore, timely detection of APT attack is very important. We believe that deception tools like honeypots can significantly increase the possibility of early detection of such sophisticated attacks. In this research effort, a framework is proposed in which Honeypot along with NIDS is used to actively alert the administrator and not leaving the detection of APT in the hands to administrator by correlating different network events. The proposed framework is also implemented to test effectiveness of the proposed technique.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122078520","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Cryptanalysis of factoring-based fully homomorphic encryption 基于因子的全同态加密的密码分析
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800038
L. Babenko, A. Trepacheva
{"title":"Cryptanalysis of factoring-based fully homomorphic encryption","authors":"L. Babenko, A. Trepacheva","doi":"10.1145/2799979.2800038","DOIUrl":"https://doi.org/10.1145/2799979.2800038","url":null,"abstract":"This paper deals with fully homomorphic cryptosystems exploiting the problem of big integers factoring. We give a short review of them and highlight two main types of such fully homomorphic cryptosystems (FHCs): polynomial-based and matrix-based. The main focus of the discussion is placed on one recently proposed polynomial-based FHC. Its construction is recalled, but mainly we concentrate on security issues. And here our contribution is twofold. First, we review a known-plaintext attack (KPA) proposed in literature on this FHC. We give the general idea of KPA, the probability of its success and the number of pairs (plaintext, ciphertext) necessary to break the FHC. Second, we discuss how the reviewed KPA may be extended in order to decrease the necessary number of pairs. On a high level the proposed extension of KPA may be applied not only to this concrete FHC, but to all reviewed here FHCs. Our KPA essentially uses non-uniformity of probabilistic distribution over plaintexts to obtain a high probability of success. And instead of missing pairs it requires an additional sequence of ciphertexts produced on the same key.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127585664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Modern trends in the regulatory framework of the information security compliance assessment in Russia based on common criteria 基于共同标准的俄罗斯信息安全合规评估监管框架的现代趋势
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2799980
A. Barabanov, A. Markov
{"title":"Modern trends in the regulatory framework of the information security compliance assessment in Russia based on common criteria","authors":"A. Barabanov, A. Markov","doi":"10.1145/2799979.2799980","DOIUrl":"https://doi.org/10.1145/2799979.2799980","url":null,"abstract":"We briefly describe Russia's current approach to the Common Criteria-based IT-certification scheme and its current state. Basic historical and perspective issues are observed, as well as our statistics and future plans.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128868880","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Modern techniques of function-level fault tolerance in MFM-systems mfm系统功能级容错的现代技术
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800016
Alexander Tarasov
{"title":"Modern techniques of function-level fault tolerance in MFM-systems","authors":"Alexander Tarasov","doi":"10.1145/2799979.2800016","DOIUrl":"https://doi.org/10.1145/2799979.2800016","url":null,"abstract":"The questions of protection of information systems against threats of functional failures are considered. The concept of active protection technology realizing the functional restructuring of the system is suggested. The conceptual apparatus of functional redundancy are developed. The principles of operation of the immutability of purpose and principle of operation of the reduction target are defined. The classification of methods to ensure functional stability is submitted.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123330302","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Synthesis of secure software development controls 安全软件开发控制的综合
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2799998
A. Barabanov, A. Markov, Andrey Fadin, V. Tsirlov, Igor Shakhalov
{"title":"Synthesis of secure software development controls","authors":"A. Barabanov, A. Markov, Andrey Fadin, V. Tsirlov, Igor Shakhalov","doi":"10.1145/2799979.2799998","DOIUrl":"https://doi.org/10.1145/2799979.2799998","url":null,"abstract":"A study of the available approaches aimed at mitigating vulnerabilities in the software development, and their applicability during the software compliance evaluation was carried out. Having systematized the standards and guidelines on the development of secure software, we made a list of basic requirements that enables us, among other things, to assess the software development processes for compliance with secure software requirements. We present an original conceptual model for analysis and synthesis of controls for secure software development, which allows software developers to select reasonable controls for developing secure software.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122856206","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
Secure e-Learning portal for teaching business continuity and information security management 安全的电子学习门户,用于教学业务连续性和信息安全管理
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800020
N. Miloslavskaya, A. Tolstoy, V. Petrov
{"title":"Secure e-Learning portal for teaching business continuity and information security management","authors":"N. Miloslavskaya, A. Tolstoy, V. Petrov","doi":"10.1145/2799979.2800020","DOIUrl":"https://doi.org/10.1145/2799979.2800020","url":null,"abstract":"E-Learning portal (EP) developers are facing many security issues to make it a trusted tool for e-Learning. The paper discusses EP usage in blended learning of Masters on the \"Business continuity and information security maintenance\" (BC&ISM) at the NRNU MEPhI. The motivation of security implementation expedience for EP including a brief overview of typical attacks against EP is given. BC&ISM EP's structure as a protection object is discussed. The key security requirements and functional security subsystem components of a secure BC&ISM EP being able to protect it against the main possible attacks are described.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127679802","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A perfect dynamic-id and biometric based remote user authentication scheme under multi-server environments using smart cards 基于智能卡的多服务器环境下基于动态id和生物特征的远程用户认证方案
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2799984
Subhasish Banerjee, M. P. Dutta, C. Bhunia
{"title":"A perfect dynamic-id and biometric based remote user authentication scheme under multi-server environments using smart cards","authors":"Subhasish Banerjee, M. P. Dutta, C. Bhunia","doi":"10.1145/2799979.2799984","DOIUrl":"https://doi.org/10.1145/2799979.2799984","url":null,"abstract":"In modern era, remote user can access the multiple-services from anywhere in the world at any time through Internet. So, to provide the legitimacy among the users, various remote user authentication schemes have been designed. Recently, Chuang and Chang has proposed a scheme under multi-server architecture based on three security factors namely, smart card, password and biometric and claimed that, their scheme can resist several kind of attacks and can be successful to provide more security properties than that of existing schemes. In this paper, we have reviewed their schemes and proved that Chuang and Chang's scheme cannot resist server spoofing or user impersonate attack, password guessing attack and also fails to achieve forward key secrecy. To overcome their weaknesses and fulfill such important security requirements, we have proposed an improved remote user authentication scheme under multi-server environment.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123279611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Information theoretic method for classification of packed and encoded files 打包和编码文件分类的信息理论方法
Proceedings of the 8th International Conference on Security of Information and Networks Pub Date : 2015-09-08 DOI: 10.1145/2799979.2800015
Jithu Raphel, P. Vinod
{"title":"Information theoretic method for classification of packed and encoded files","authors":"Jithu Raphel, P. Vinod","doi":"10.1145/2799979.2800015","DOIUrl":"https://doi.org/10.1145/2799979.2800015","url":null,"abstract":"Malware authors make use of some anti-reverse engineering and obfuscation techniques like packing and encoding in-order to conceal their malicious payload. These techniques succeeded in evading the traditional signature based AV scanners. Packed or encoded malware samples are difficult to be analysed directly by the AV scanners. So, such samples must be initially unpacked or decoded for efficient analysis of the malicious code. This paper illustrates a static information theoretic method for the classification of packed and encoded files. The proposed method extracts fragments of fixed size from the files and calculates the entropy scores of the fragments. These entropy scores are then used for computing the Similarity Distance Matrix for fragments in a file-pair. The proposed system classifies all the encoded and packed samples properly, thereby obtaining improved detection. The proposed system is also capable of differentiating the type of packers used for the packing or encoding process.","PeriodicalId":293190,"journal":{"name":"Proceedings of the 8th International Conference on Security of Information and Networks","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2015-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129239322","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信