2013 International Conference on Availability, Reliability and Security最新文献

{"title":"Security Blind Spots in the ATM Safety Culture","authors":"Howard Chivers, J. Hird","doi":"10.1109/ARES.2013.103","DOIUrl":"https://doi.org/10.1109/ARES.2013.103","url":null,"abstract":"In 2008 EUROCONTROL published Information and Communications Technology (ICT) Security Guidance to Air Navigation Service Providers (ANSPs), to assist them in complying with regulatory security requirements. The validation of that guidance included surveys which were conducted to contrast current practice in European ANSPs with a baseline control set based on ISO/IEC 27001:2005. The surveys are confidential and unpublished, however, by identifying the controls that are missing in all the survey responses it is possible to identify potential 'blind spots' in Air Traffic Management (ATM) security while maintaining the anonymity of the respondents. Key issues identified in this way include security management and senior management engagement, system accreditation, the validation and authentication of data used by ATM systems, incident management, and business continuity preparedness. Since little can be said about the original surveys these results are necessarily indicative, so the paper contrasts these findings with contemporaneous audit reports on security in US ATM systems. The two sources prove to be in close agreement, suggesting that the issues identified are systematic difficulties in introducing security into Air Traffic Management culture.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115753418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Ultra-lightweight Mutual Authentication Protocols: Weaknesses and Countermeasures","authors":"Zeeshan Bilal, K. Martin","doi":"10.1109/ARES.2013.41","DOIUrl":"https://doi.org/10.1109/ARES.2013.41","url":null,"abstract":"This paper reviews weaknesses highlighted in existing proposals for a family of mutual authentication protocols belonging to the ultra-lightweight class, which are designed for low-cost RFID systems. This family is suitable for systems where authenticating parties already share secrets, which are updated in each authentication round to counter tracking of the tag. We propose a new ultra-lightweight authentication protocol that builds on the strengths of existing schemes yet incorporates countermeasures to overcome previous weaknesses. Significantly our protocol uses lower resources than previous proposals.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116124423","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Using Twitter's Mentions for Efficient Emergency Message Propagation","authors":"Kelly Y. Itakura, N. Sonehara","doi":"10.1109/ARES.2013.70","DOIUrl":"https://doi.org/10.1109/ARES.2013.70","url":null,"abstract":"Using social media such as Twitter for emergency message propagation in times of crisis is widely thought to be a good addition to other traditional emergency population warning systems such as televisions. At the same time, most studies on Twitter influence propagation focus on retweetability of tweets. In this paper, we propose the importance of Twitter's mention function as another method of message propagation. Specifically, we show that graphs constructed from Twitter's retweet, mention, and reply functions show structural differences suggesting that using the mention function is the most efficient method of reaching the mass audience. Moreover, we show that influencers are the most prominent on the mention graph. From these analysis we conclude that we need further research in the direction of non-traditional methods of population warning systems. Further, this is the first paper that characterizes the structural differences of the retweet/mention/reply graphs in Twitter.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121171113","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Assessing Water Cooling System Performance: Lz-Transform Method","authors":"I. Frenkel, L. Khvatskin, Svetlana Daichman, A. Lisnianski","doi":"10.1109/ARES.2013.97","DOIUrl":"https://doi.org/10.1109/ARES.2013.97","url":null,"abstract":"Modern high-tech medical equipment requires precise temperature control and effective cooling, which allow medical equipment to be operated for longer periods and increased in availability of the equipment to patients. This paper presents the application of the Lz-transform method to assessing cooling performance of aging multi-state cooling system for MRI equipment. Straightforward Markov method applied to solve this problem will require building of a system model with numerous numbers of states and solving a corresponding system of multiple differential equations. Lz-transform method, which is used for assessing of the system performance for this cooling system, drastically simplified the solution.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125106562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Limiting MitM to MitE Covert-Channels","authors":"A. Herzberg, Haya Schulmann","doi":"10.1109/ARES.2013.138","DOIUrl":"https://doi.org/10.1109/ARES.2013.138","url":null,"abstract":"We study covert channels between a MitM attacker, and her MitE 'malware', running within the protected network of a victim organisation, and how to prevent or limit such channels. Our focus is on advanced timing channels, that allow communication between the MitM and MitE, even when hosts inside the protected network are restricted to only communicate to other (local and remote) hosts in the protected network. Furthermore, we assume communication is encrypted with fixed packet size (padding). We show that these do not suffice to prevent covert channels between MitM and MitE; furthermore, we show that even if we restrict communication to a constant rate, e.g., one packet everysecond, communication from MitE to MitM is still possible.We present efficient traffic shapers against covert channels between MitM and MitE. Our solutions preserve efficiency and bounded delay (QoS), while limiting covert traffic leakage, in both directions.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"398 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115994040","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Software Vulnerability Detection Using Backward Trace Analysis and Symbolic Execution","authors":"Hongzhe Li, Taebeom Kim, Munkhbayar Bat-Erdene, Heejo Lee","doi":"10.1109/ARES.2013.59","DOIUrl":"https://doi.org/10.1109/ARES.2013.59","url":null,"abstract":"Software vulnerability has long been considered an important threat to the safety of software systems. When source code is accessible, we can get much help from the information of source code to detect vulnerabilities. Static analysis has been used frequently to scan code for errors that cause security problems when source code is available. However, they often generate many false positives. Symbolic execution has also been proposed to detect vulnerabilities and has shown good performance in some researches. However, they are either ineffective in path exploration or could not scale well to large programs. During practical use, since most of paths are actually not related to security problems and software vulnerabilities are usually caused by the improper use of security-sensitive functions, the number of paths could be reduced by tracing sensitive data backwardly from security-sensitive functions so as to consider paths related to vulnerabilities only. What's more, in order to leave ourselves free from generating bug triggering test input, formal reasoning could be used by solving certain program conditions. In this research, we propose backward trace analysis and symbolic execution to detect vulnerabilities from source code. We first find out all the hot spot in source code file. Based on each hot spot, we construct a data flow tree so that we can get the possible execution traces. Afterwards, we do symbolic execution to generate program constraint(PC) and get security constraint(SC) from our predefined security requirements along each execution trace. A program constraint is a constraint imposed by program logic on program variables. A security constraint(SC) is a constraint on program variables that must be satisfied to ensure system security. Finally, this hot spot will be reported as a vulnerability if there is an assignment of values to program inputs which could satisfy PC but violates SC, in other words, satisfy PC Λ S̅C̅. We have implemented our approach and conducted experiments on test cases which we randomly choose from Juliet Test Suites provided by US National Security Agency(NSA). The results show that our approach achieves Precision value of 83.33%, Recall value of 90.90% and F1 Value of 86.95% which gains the best performance among competing tools. Moreover, our approach can efficiently mitigate path explosion problem in traditional symbolic execution.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116222786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cuteforce Analyzer: A Distributed Bruteforce Attack on PDF Encryption with GPUs and FPGAs","authors":"Bianca Danczul, Jürgen Fuß, Stefan Gradinger, Bernhard Greslehner-Nimmervoll, Wolfgang Kastl, Florian Wex","doi":"10.1109/ARES.2013.94","DOIUrl":"https://doi.org/10.1109/ARES.2013.94","url":null,"abstract":"Working on cryptanalytic tasks using a heterogeneous cluster with different types of processors (CPU, GPU, FPGA) can be an advantage over classical homogeneous clusters. In this paper we demonstrate that distributing crypt analytics tasks to different types of processors can lead to better performance than can be achieved using a single type of processor. To this end we have built a framework for the management of a heterogeneous cluster and implented a password brute forcer for password protected PDF documents. Our results show that such a framework can be implemented with little overhead in terms of performance.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126754218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Shared Crowds: A Token-Ring Approach to Hide the Receiver","authors":"R. Wigoutschnigg, P. Schartner, S. Rass","doi":"10.1109/ARES.2013.51","DOIUrl":"https://doi.org/10.1109/ARES.2013.51","url":null,"abstract":"Because of the intensive usage of the internet and services provided over the world wide web, the privacy of the users is threatened by various attacks. This paper shows how to build a protocol for anonymous data transmission, with the primary focus on hiding the identity of the receiver (receiver anonymity), using multi path transmission and secret sharing. This protocol extends the crowds system by Reiter and Rubin, which only weakly hides the identity of the receiver. Due to the use of a circular channel topology the receiver is hidden even if timing attacks are mounted. Additionally this protocol gives the participating nodes the possibility to detect active attacks during the channel setup phase. Another positive aspect is the ability to handle some kind of node failures by repairing the virtual channel.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126938248","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Bootstrapping Approach for Developing a Cyber-security Ontology Using Textbook Index Terms","authors":"Arwa M. Wali, Soon Ae Chun, J. Geller","doi":"10.1109/ARES.2013.75","DOIUrl":"https://doi.org/10.1109/ARES.2013.75","url":null,"abstract":"Developing a domain ontology with concepts and relationships between them is a challenge, since knowledge engineering is a labor intensive process that can be a bottleneck and is often not scalable. Developing a cyber-security ontology is no exception. A security ontology can improve search for security learning resources that are scattered in different locations in different formats, since it can provide a common controlled vocabulary to annotate the resources with consistent semantics. In this paper, we present a bootstrapping method for developing a cyber-security ontology using both a security textbook index that provides a list of terms in the security domain and an existing security ontology as a scaffold. The bootstrapping approach automatically extracts the textbook index terms (concepts), derives a relationship to a concept in the security ontology for each and classifies them into the existing security ontology. The bootstrapping approach relies on the exact and approximate similarity matching of concepts as well as the category information obtained from external sources such as Wikipedia. The results show feasibility of our method to develop a more comprehensive and scalable cyber-security ontology with rich concepts from a textbook index. We provide criteria used to select a scaffold ontology among existing ontologies. The current approach can be improved by considering synonyms, deep searching in Wikipedia categories, and domain expert validation.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129490444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards Harmonising the Legislative, Regulatory, and Standards-Based Framework for ATM Security: Developing a Software Support Tool","authors":"R. Koelle, W. Strijland, Stefan Roels","doi":"10.1109/ARES.2013.105","DOIUrl":"https://doi.org/10.1109/ARES.2013.105","url":null,"abstract":"This research-in-progress paper addresses the elementary capabilities and underlying challenges pertaining to the development of a software tool to support the identification and harmonisation of legislation, regulation, standards, and best practices for ATM Security. The consistent application of ATM Security requirements throughout the SESAR Joint Undertaking Work Programme is a challenge. There is a need to provide a tool for security experts, concept developers and technical experts to ensure compliance with the underlying framework for ATM Security. The software tool described in this paper addresses this issue. In particular, it supports functions that allow for the extraction, categorisation, association, and harmonisation of the rules imposed by the framework. The approach and challenges to the design of the envisaged tool capabilities are outlined. Initial lessons learnt are presented based on the findings at the current prototyping stage. It is reasoned that the feasibility stage is completed and that further development can adhere to the identified capabilities and design outline. User interaction specification and development will be facilitated with an iterative user-based agile software development process.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126059637","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}