发布求助
文献互助 智能选刊 最新文献

2013 International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
Counteract DNS Attacks on SIP Proxies Using Bloom Filters 使用Bloom过滤器抵消SIP代理上的DNS攻击
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.89
Ge Zhang, S. Fischer-Hübner
{"title":"Counteract DNS Attacks on SIP Proxies Using Bloom Filters","authors":"Ge Zhang, S. Fischer-Hübner","doi":"10.1109/ARES.2013.89","DOIUrl":"https://doi.org/10.1109/ARES.2013.89","url":null,"abstract":"SIP proxies play an important part in VoIP services. A Denial of Service (DoS) attack on them may cause the failure of the whole network. We investigate such a DoS attack by exploiting DNS queries. A SIP proxy needs to resolve domain names for processing a message. However, a DNS resolution may take a while. To avoid being blocked, a proxy suspends the processing task of the current message during its name resolution, so that it can continue to deal with other messages. Later when the answer is received, the suspended task will be resumed. It is an asynchronous implementation of DNS queries. Unfortunately, this implementation consumes memory storage and also brings troubles like a race condition. An attacker can collect a list of domain names which take seconds to resolve. Then, the attacker sends to a victim SIP proxy messages which contain these domain names. As a result, the victim proxy has to suspend a number of messages in a short while. Our experiments show that a SIP proxy can be easily crashed by such an attack and thus be not available anymore. To solve the problem, we analyzed the reasons that make a DNS query time-consuming, and then proposed a prevention scheme using bloom filters to blacklist suspicious DNS authoritative servers. Results of our experiments show it efficiently mitigates the attack with a reasonable false positive rate.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"18 791 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127555468","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
The Big Four - What We Did Wrong in Advanced Persistent Threat Detection? 四大——我们在高级持续威胁检测中做错了什么?
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.32
Nikos Virvilis, D. Gritzalis
{"title":"The Big Four - What We Did Wrong in Advanced Persistent Threat Detection?","authors":"Nikos Virvilis, D. Gritzalis","doi":"10.1109/ARES.2013.32","DOIUrl":"https://doi.org/10.1109/ARES.2013.32","url":null,"abstract":"As both the number and the complexity of cyber-attacks continuously increase, it is becoming evident that current security mechanisms have limited success in detecting sophisticated threats. Stuxnet, Duqu, Flame and Red October have troubled the security community due to their severe complexity and their ability to evade detection - in some cases for several years. The significant technical and financial resources needed for orchestrating such complex attacks are a clear indication that perpetrators are well organized and, likely, working under a state umbrella. In this paper we perform a technical analysis of these advanced persistent threats, highlighting particular characteristics and identifying common patterns and techniques. We also focus on the issues that enabled the malware authors to evade detection from a wide range of security solutions and propose technical countermeasures for strengthening our defenses against similar threats.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127424074","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 171
DNSSEC: Interoperability Challenges and Transition Mechanisms DNSSEC:互操作性挑战和转换机制
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.53
A. Herzberg, Haya Schulmann
{"title":"DNSSEC: Interoperability Challenges and Transition Mechanisms","authors":"A. Herzberg, Haya Schulmann","doi":"10.1109/ARES.2013.53","DOIUrl":"https://doi.org/10.1109/ARES.2013.53","url":null,"abstract":"Recent cache poisoning attacks motivate protecting DNS with strong cryptography, by adopting DNSSEC, rather than with challenge-response 'defenses'. We discuss the state of DNSSEC deployment and obstacles to adoption. We then present an overview of challenges and potential pitfalls of DNSSEC, including: Incremental Deployment: we review deployment status of DNSSEC, and discuss potential for increased vulnerability due to popular practices of incremental deployment, and provide recommendations. Long DNSSEC Responses; Long DNS responses are vulnerable to attacks, we review cache poisoning attack on fragmented DNS responses, and discuss mitigations; Trust Model of DNS: we review the trust model of DNS and show that it may not be aligned with the security model of DNSSEC. We discuss using trust anchor repositories (TARs) to mitigate the trust problem. TARs were proposed to allow transition to DNSSEC and to provide security for early adopters.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115615271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Privacy-Preserving Publishing of Pseudonym-Based Trajectory Location Data Set 基于假名的轨迹定位数据集的隐私保护发布
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.81
K. Mano, Kazuhiro Minami, H. Maruyama
{"title":"Privacy-Preserving Publishing of Pseudonym-Based Trajectory Location Data Set","authors":"K. Mano, Kazuhiro Minami, H. Maruyama","doi":"10.1109/ARES.2013.81","DOIUrl":"https://doi.org/10.1109/ARES.2013.81","url":null,"abstract":"Anonymization is a common technique for publishing a location data set in a privacy-preserving way. However, such an anonymized data set lacks trajectory information of users, which could be beneficial to many location-based analytic services. In this paper, we present a dynamic pseudonym scheme for constructing alternate possible paths of mobile users to protect their location privacy. We introduce a formal definition of location privacy for pseudonym-based location data sets and develop a polynomial-time verification algorithm for determining whether each user in a given location data set has sufficient number of possible paths to disguise the user's true movements. We also provide the correctness proof of the algorithm.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"117 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130863242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
A Novel Proximity Based Trust Model for Opportunistic Networks 一种基于邻近度的机会网络信任模型
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.37
Mai H. El-Sherief, Marianne A. Azer
{"title":"A Novel Proximity Based Trust Model for Opportunistic Networks","authors":"Mai H. El-Sherief, Marianne A. Azer","doi":"10.1109/ARES.2013.37","DOIUrl":"https://doi.org/10.1109/ARES.2013.37","url":null,"abstract":"Trust should be earned. This is a famous quote that we use everyday implicitly or explicitly. Trust often is an inherent characteristic of our daily life, but in the digital community and between devices how can we represent trust? Since our mobile and digital devices became our confidants, we cannot share the information embedded in these devices with other devices without establishing trust. Hence, in this research a proximity based trust model based on Homophily principle is proposed. Earlier social studies have shown that people tend to have similarities with others in close proximity. In such clustered communities of interest people tend to communicate, socialize and potentially trust each other. In this paper, a novel proximity based trust model is built taking into consideration different aspects like cooperation or unselfishness, honesty, similarity and Activity.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127890797","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Enhancing CHASSIS: A Method for Combining Safety and Security 增强底盘:一种安全与保障相结合的方法
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.102
Christian Raspotnig, Vikash Katta, P. Kárpáti, A. Opdahl
{"title":"Enhancing CHASSIS: A Method for Combining Safety and Security","authors":"Christian Raspotnig, Vikash Katta, P. Kárpáti, A. Opdahl","doi":"10.1109/ARES.2013.102","DOIUrl":"https://doi.org/10.1109/ARES.2013.102","url":null,"abstract":"Safety and security assessments aim to keep harm away from systems. Although they consider different causes of harm, the mitigations suggested by the assessments are often interrelated and affect each other, either by strengthening or weakening the other. Considering the relations and effects, a combined process for safety and security could save resources. It also improves the reliability of the system development when compared to having two independent processes whose results might contradict. This paper extends our previous research on a combined method for security and safety assessment, named CHASSIS, by detailing the process in a broader context of system development with the help of feedback from a safety expert. The enhanced CHASSIS method is discussed based on a case from the Air Traffic Management domain.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"128 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131425881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Applying the SecRAM Methodology in a CLOUD-Based ATM Environment SecRAM方法在基于云的ATM环境中的应用
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.108
A. Marotta, G. Carrozza, L. Battaglia, Patrizia Montefusco, Vittorio Manetti
{"title":"Applying the SecRAM Methodology in a CLOUD-Based ATM Environment","authors":"A. Marotta, G. Carrozza, L. Battaglia, Patrizia Montefusco, Vittorio Manetti","doi":"10.1109/ARES.2013.108","DOIUrl":"https://doi.org/10.1109/ARES.2013.108","url":null,"abstract":"The SESAR ATM Security Risk Assessment Methodology (SecRAM) aims at providing a methodology to be applied by the SESAR Operational Focus Areas (OFAs). To give effectiveness to the evaluation of SecRAM, Air Traffic Management (ATM) operative scenarios are greatly required. In this paper we leverage a Cloud-based approach to build up a virtualized replica of a real Air Control Centre (ACC) in order to realize a vulnerability analysis and to find some possible points of attacks. Then we applied the SecRAM methodology on our test-bed and we built a real threat scenario for which a risk treatment is properly designed.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125503942","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
The Scourge of Internet Personal Data Collection 互联网收集个人资料的祸害
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.110
Esma Aïmeur, Manuel Lafond
{"title":"The Scourge of Internet Personal Data Collection","authors":"Esma Aïmeur, Manuel Lafond","doi":"10.1109/ARES.2013.110","DOIUrl":"https://doi.org/10.1109/ARES.2013.110","url":null,"abstract":"In today's age of exposure, websites and Internet services are collecting personal data-with or without the knowledge or consent of users. Not only does new technology provide an abundance of methods for organizations to gather and store information, but people are also willingly sharing data with increasing frequency, exposing their intimate lives on social media websites such as Facebook, Twitter, You tube, My space and others. Moreover, online data brokers, search engines, data aggregators and many other actors of the web are profiling people for various purposes such as the improvement of marketing through better statistics and an ability to predict consumer behaviour. Other less known reasons include understanding the newest trends in education, gathering people's medical history or observing tendencies in political opinions. People who care about privacy use the Privacy Enhancing Technologies (PETs) to protect their data, even though clearly not sufficiently. Indeed, as soon as information is recorded in a database, it becomes permanently available for analysis. Consequently even the most privacy aware users are not safe from the threat of re-identification. On the other hand, there are many people who are willing to share their personal information, even when fully conscious of the consequences. A claim from the advocates of open access information is that the preservation of privacy should not be an issue, as people seem to be confortable in a world where their tastes, lifestyle or personality are digitized and publicly available. This paper deals with Internet data collection and voluntary information disclosure, with an emphasis on the problems and challenges facing privacy nowadays.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"902 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123269756","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
PyTrigger: A System to Trigger & Extract User-Activated Malware Behavior PyTrigger:触发&提取用户激活的恶意软件行为
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.16
D. Fleck, A. Tokhtabayev, Alex Alarif, A. Stavrou, Tomas Nykodym
{"title":"PyTrigger: A System to Trigger & Extract User-Activated Malware Behavior","authors":"D. Fleck, A. Tokhtabayev, Alex Alarif, A. Stavrou, Tomas Nykodym","doi":"10.1109/ARES.2013.16","DOIUrl":"https://doi.org/10.1109/ARES.2013.16","url":null,"abstract":"We introduce PyTrigger, a dynamic malware analysis system that automatically exercises a malware binary extracting its behavioral profile even when specific user activity or input is required. To accomplish this, we developed a novel user activity record and playback framework and a new behavior extraction approach. Unlike existing research, the activity recording and playback includes the context of every object in addition to traditional keyboard and mouse actions. The addition of the context makes the playback more accurate and avoids dependencies and pitfalls that come with pure mouse and keyboard replay. Moreover, playback can become more efficient by condensing common activities into a single action. After playback, PyTrigger analyzes the system trace using a combination of multiple states and behavior differencing to accurately extract the malware behavior and user triggered behavior from the complete system trace log. We present the algorithms, architecture and evaluate the PyTrigger prototype using 3994 real malware samples. Results and analysis are presented showing PyTrigger extracts additional behavior in 21% of the samples.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120898700","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Universal Peer-to-Peer Network Investigation Framework 通用点对点网络调查框架
2013 International Conference on Availability, Reliability and Security Pub Date : 2013-09-02 DOI: 10.1109/ARES.2013.91
M. Scanlon, Mohand Tahar Kechadi
{"title":"Universal Peer-to-Peer Network Investigation Framework","authors":"M. Scanlon, Mohand Tahar Kechadi","doi":"10.1109/ARES.2013.91","DOIUrl":"https://doi.org/10.1109/ARES.2013.91","url":null,"abstract":"Peer-to-Peer (P2P) networking has fast become a useful technological advancement for a vast range of cyber criminal activities. Cyber crimes from copyright infringement and spamming, to serious, high financial impact crimes, such as fraud, distributed denial of service attacks (DDoS) and phishing can all be aided by applications and systems based on the technology. The requirement for investigating P2P based systems is not limited to the more well known cyber crimes listed above, as many more legitimate P2P based applications may also be pertinent to a digital forensic investigation, e.g., VoIP and instant messaging communications, etc. Investigating these networks has become increasingly difficult due to the broad range of network topologies and the ever increasing and evolving range of P2P based applications. This paper introduces the Universal Peer-to-Peer Network Investigation Framework (UP2PNIF), a framework which enables significantly faster and less labour intensive investigation of newly discovered P2P networks through the exploitation of the commonalities in network functionality. In combination with a reference database of known network protocols and characteristics, it is envisioned that any known P2P network can be instantly investigated using the framework. The framework can intelligently determine the best methodology dependant on the focus of the investigation resulting in a significantly expedited evidence gathering process.","PeriodicalId":302747,"journal":{"name":"2013 International Conference on Availability, Reliability and Security","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124935738","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信