2022 17th Asia Joint Conference on Information Security (AsiaJCIS)最新文献

筛选
英文 中文
An HDL Simulator with Direct Register Access for Improving Code Coverage 一个具有直接寄存器访问的HDL模拟器,用于提高代码覆盖率
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/AsiaJCIS57030.2022.00018
Ryoichi Isawa, Nobuyuki Kanaya, Yoshitada Fujiwara, T. Takehisa, Hayato Ushimaru, Dai Arisue, Daisuke Makita, Satoshi Mimura, D. Inoue
{"title":"An HDL Simulator with Direct Register Access for Improving Code Coverage","authors":"Ryoichi Isawa, Nobuyuki Kanaya, Yoshitada Fujiwara, T. Takehisa, Hayato Ushimaru, Dai Arisue, Daisuke Makita, Satoshi Mimura, D. Inoue","doi":"10.1109/AsiaJCIS57030.2022.00018","DOIUrl":"https://doi.org/10.1109/AsiaJCIS57030.2022.00018","url":null,"abstract":"When debugging a DUT (Device Under Test) written in HDL (Hardware Description Language) code in simulation, code coverage is one of the most important evaluation metrics because it indicates how many unchecked statements remain where bugs could be hidden. A typical random test-pattern generator can be used very easily for debugging; however, it could fail to obtain enough code coverage of DUTs because it does not provide effective strategies for code coverage. In this paper, we propose an HDL simulator to improve branch coverage of DUTs up to 100%. A key idea behind our simulator is to directly write values to registers of DUTs for intentionally transfer a state to an unchecked state in the state machine of DUTs. This improves code coverage by executing statements corresponding to an unchecked state. Our simulator uses an SMT (Satisfiability Modulo Theories) solver to obtain the values written to registers from the condition (e.g., if and case) corresponding to an unchecked state. With the evaluation, we confirmed that our simulator successfully obtained a branch coverage of 100% for each of three open-sourced IP (Intellectual Property) core modules. As a bench mark, we also used a random test-pattern generator for those modules.","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128861142","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Organizing Committee: AsiaJCIS 2022 组委会:AsiaJCIS 2022
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/asiajcis57030.2022.00007
{"title":"Organizing Committee: AsiaJCIS 2022","authors":"","doi":"10.1109/asiajcis57030.2022.00007","DOIUrl":"https://doi.org/10.1109/asiajcis57030.2022.00007","url":null,"abstract":"","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130625718","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Bot-pelganger: Predict and Preserve Game Bots' Behavior Bot-pelganger:预测并保存游戏bot的行为
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/AsiaJCIS57030.2022.00019
Yong-Seob Kim, H. Kim
{"title":"Bot-pelganger: Predict and Preserve Game Bots' Behavior","authors":"Yong-Seob Kim, H. Kim","doi":"10.1109/AsiaJCIS57030.2022.00019","DOIUrl":"https://doi.org/10.1109/AsiaJCIS57030.2022.00019","url":null,"abstract":"In most multiplayer online games, players' repetitive tasks (i.e., spec-up) are required to grow their characters. However, some users use illegal programs, “game bots,” to achieve a high level fast or gain cyber-money. Various methods have been proposed to identify game bots. However, the methods have generalization issues. Because the methods use features only existed in the specific game. Thus, we carefully use common features that existed in multiple datasets broadly, such as ‘login’ or ‘exit’ events to detect bots. Choosing such general events gives merits from the applicability view; however, if we only use time or space-related features, we fail to detect bots from normal users because the bots' behavior patterns are omitted too much. We use a convolutional LSTM (ConvLSTM) model to overcome this problem, superimpose their behavioral histories over time, and record them as image sequences. By finding a user who shows high self-similar behavior, we regard it as an unidentified bot; then, we update their behavior patterns for future use. As a result, the proposed model showed a high accuracy of 98% in classifyina game bot users.","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128169134","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Constructing a Network Graph of File Tracking Results Against Information Leakage 基于信息泄漏的文件跟踪结果网络图构建
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/AsiaJCIS57030.2022.00012
Tomohiko Yano, Hiroki Kuzuno, Kenichi Magata
{"title":"Constructing a Network Graph of File Tracking Results Against Information Leakage","authors":"Tomohiko Yano, Hiroki Kuzuno, Kenichi Magata","doi":"10.1109/AsiaJCIS57030.2022.00012","DOIUrl":"https://doi.org/10.1109/AsiaJCIS57030.2022.00012","url":null,"abstract":"It is important for organizations to take measures against information leakage. Confidential files can be leaked through various channels, so it is necessary to have a method to prevent information leakage against various threats. Some of the previous works have utilized the difference of users' legitimate file access patterns, and other works use strings about confidential files, or the similarity of confidential files in the organizations. However, the former works are difficult to detect traitors and unintentional perpetrators, and latter works are difficult to perform when confidential files are significantly transformed through encryption or encoding. Therefore, we need a method for discovering information leakage that are independent of the subjects and of the file transformation formats. In this paper, we present a novel method for file tracking and visualization to assist the discovery of information leakage. In our file tracking method, we track all user processes that read confidential files and files written by these processes. Therefore, tracking is possible whoever manipulate the confidential files and even who even when the data is heavily transformed from the original files. In our visualization method, we present these file tracking results in the form of a network graph. We represent what process the confidential file is read and what file is written by process, by using the flow of a network graph based on the result of confidential file tracking. By using our proposed network graph, it is possible to track events briefly even when the file transforms into another file through multiple events. Additionally, in order to reduce the events needed to focus on as information leakage, we prune the network graph based on past read and write events. By pruning the network graph, visibility is expected to be improved. Our experiment shows that we observed the results of the network graph when files under two information leakage scenarios were moved and copied. Most of the results were visualized according to the scenario, and we could reduce the vertices by 11.5 % and edges by 7.3 % by pruning the network graph.","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115238286","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cryptanalysis and Discussion on Two Attribute-Based Encryption Schemes 两种基于属性的加密方案的密码分析与讨论
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/AsiaJCIS57030.2022.00014
Yi-Fan Tseng, Jheng-Jia Huang, Hao Yang, Tsung-Yu Chien, Chieh-Han Wu
{"title":"Cryptanalysis and Discussion on Two Attribute-Based Encryption Schemes","authors":"Yi-Fan Tseng, Jheng-Jia Huang, Hao Yang, Tsung-Yu Chien, Chieh-Han Wu","doi":"10.1109/AsiaJCIS57030.2022.00014","DOIUrl":"https://doi.org/10.1109/AsiaJCIS57030.2022.00014","url":null,"abstract":"Attribute-based encryption (ABE), which was first conceptualized by Sahai and Waters in 2005, has been developed into one of the most popular research topics in modern cryptography. Various variants of ABE has been designed and proposed in literature, e.g., ABE supporting user/attribute revocation, pairing-free ABE, etc. In this work, we study two ABE schemes proposed by Sethia et al. and Guo et al., respectively, in 2001. We found that, the scheme of Sethia et al. is insecure against the collusion attacks, and the scheme of Guo et al. fails to revoke a user. Therefore, in this manuscript, we will review on their schemes, and give the corresponding cryptanalysis. Besides, the discussion on the reasons to the attacks and possible improvement will be presented as well.","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114760726","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Program Committee: AsiaJCIS 2022 项目委员会:AsiaJCIS 2022
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/asiajcis57030.2022.00008
{"title":"Program Committee: AsiaJCIS 2022","authors":"","doi":"10.1109/asiajcis57030.2022.00008","DOIUrl":"https://doi.org/10.1109/asiajcis57030.2022.00008","url":null,"abstract":"","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"497 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134175623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Reviewers: AsiaJCIS 2022
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/asiajcis57030.2022.00010
{"title":"Reviewers: AsiaJCIS 2022","authors":"","doi":"10.1109/asiajcis57030.2022.00010","DOIUrl":"https://doi.org/10.1109/asiajcis57030.2022.00010","url":null,"abstract":"","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125178410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
SPOT: Analyzing IoT Ransomware Attacks using Bare Metal NAS Devices SPOT:分析使用裸机NAS设备的物联网勒索软件攻击
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/AsiaJCIS57030.2022.00013
Hiroki Yasui, Takahiro Inoue, Takayuki Sasaki, Rui Tanabe, K. Yoshioka, Tsutomu Matsumoto
{"title":"SPOT: Analyzing IoT Ransomware Attacks using Bare Metal NAS Devices","authors":"Hiroki Yasui, Takahiro Inoue, Takayuki Sasaki, Rui Tanabe, K. Yoshioka, Tsutomu Matsumoto","doi":"10.1109/AsiaJCIS57030.2022.00013","DOIUrl":"https://doi.org/10.1109/AsiaJCIS57030.2022.00013","url":null,"abstract":"Ransomware attacks targeting Network Attached Storage (NAS) devices have shown a steady presence in the threat landscape since 2019. Early research has analyzed the functionality of IoT ransomware but its attack infrastructure and operation remain unrevealed. In this paper, we propose an attack observation system named SPOT, which uses popular bare metal NAS devices, QNAP, as honeypot and malware sandbox to conduct an in-depth analysis of the ransomware attacks. During the three-month observation with SPOT from September to November 2021, we observed, on average, 130 hosts per day accessing from the Internet that retrieves files in the storage and exploits the vulnerable services of the NAS devices, indicating NAS devices are intensively targeted. Moreover, we obtained 39 eCh0raix samples from VirusTotal and executed them in the SPOT sandboxes. We identified six remote Onion proxy servers used to connect to the C&C server behind the TOR network to hide their locations. By redirecting the C&C connections to active proxy servers, we successfully observed two malware samples interacting with the C&C server, encrypting files in the infected NAS device, and leaving ransom notes. Two kinds of contact points for ransom payment were found in the ransom notes; instruction web pages and email addresses. While the email addresses were not reachable during the experiment, we could access the instruction website, which was hosted on the same TOR hidden service as the C&C server. We kept monitoring the instruction page as it was created for each ransomware infection and we even observed a “30% discount campaign” of ransom payments for a limited period. We observe that the degree of automation in the attack operation is much higher compared to the tailored and targeted ransomware attacks. While each case of successful ransom payment is limited to 0.03 BTC, the automated nature of the attacks would maximize the frequency of such successful cases.","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"28 24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132207688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Lightweight Searchable Encryption with Small Clients on Edge Cloud 边缘云上的小型客户端轻量级可搜索加密
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/AsiaJCIS57030.2022.00017
Ruizhong Du, Haoyu Jiang, Mingyue Li
{"title":"Lightweight Searchable Encryption with Small Clients on Edge Cloud","authors":"Ruizhong Du, Haoyu Jiang, Mingyue Li","doi":"10.1109/AsiaJCIS57030.2022.00017","DOIUrl":"https://doi.org/10.1109/AsiaJCIS57030.2022.00017","url":null,"abstract":"In view of the limited storage and computing power of the client and the high delay of interaction with the cloud platform in public key searchable encryption, a new public key searchable encryption scheme SE-EPOMFC based on edge cloud network is proposed. The scheme adopts a multi cloud multi edge node architecture. By delegating the task of generating searchable ciphertext, trapdoor and general keyword set from the client to the edge node, the storage and computing overhead of the client is reduced. The edge network caches the frequently searched hot data, and the client can search on the edge network, so as to reduce the traffic load of the backbone network. At the same time, the response speed of the system is improved. A filtering algorithm based on partial homomorphic encryption is designed to filter completely mismatched tasks, which reduces the communication overhead between distributed systems and saves storage space for cloud services. The filtering algorithm can be calculated in the ciphertext state, which proves that it is safe under the collusion attack of semi trusted edge cloud nodes. In addition, the distributed two trapdoor public key cryptosystem is used to divide the keys for multiple nodes. Through the subset decisionmaking mechanism, the relationship between keywords is represented by binary strings to realize the search of multiple keywords. The simulation results show that the communication time of se-epomfc is saved by 25.46% in the case of task set matching degree II and 62.21% in the case of task set matching degree I.","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125601621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Security-Alert Screening with Oversampling Based on Conditional Generative Adversarial Networks 基于条件生成对抗网络的过采样安全警报筛选
2022 17th Asia Joint Conference on Information Security (AsiaJCIS) Pub Date : 2022-07-01 DOI: 10.1109/AsiaJCIS57030.2022.00011
Samuel Ndichu, Tao Ban, Takeshi Takahashi, D. Inoue
{"title":"Security-Alert Screening with Oversampling Based on Conditional Generative Adversarial Networks","authors":"Samuel Ndichu, Tao Ban, Takeshi Takahashi, D. Inoue","doi":"10.1109/AsiaJCIS57030.2022.00011","DOIUrl":"https://doi.org/10.1109/AsiaJCIS57030.2022.00011","url":null,"abstract":"Imbalanced class distribution can cause information loss and missed/false alarms for deep learning and machine-learning algorithms. The detection performance of traditional intrusion detection systems tend to degenerate due to skewed class distribution caused by the uneven allocation of observations in different kinds of attacks. To combat class imbalance and improve network intrusion detection performance, we adopt the conditional generative adversarial network (CTGAN) that enables the generation of samples of specific classes of interest. CTGAN builds on the generative adversarial networks (GAN) architecture to model tabular data and generate high quality synthetic data by conditionally sampling rows from the generated model. Oversampling using CTGAN adds instances to the minority class such that both data in the majority and the minority class are of equal distribution. The generated security alerts are used for training classifiers that realize critical alert detection. The proposed scheme is evaluated on a real-world dataset collected from security operation center of a large enterprise. The experiment results show that detection accuracy can be substantially improved when CTGAN is adopted to produce a balanced security-alert dataset. We believe the proposed CTGAN-based approach can cast new light on building effective systems for critical alert detection with reduced missed/false alarms.","PeriodicalId":304383,"journal":{"name":"2022 17th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123740729","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信