发布求助
文献互助 智能选刊 最新文献

2017 International Conference on Software Security and Assurance (ICSSA)最新文献

筛选
英文 中文
Endpoint Data Classification Using Markov Chains 使用马尔可夫链的端点数据分类
2017 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2017-07-01 DOI: 10.1109/ICSSA.2017.17
Stefan Marschalek, R. Luh, S. Schrittwieser
{"title":"Endpoint Data Classification Using Markov Chains","authors":"Stefan Marschalek, R. Luh, S. Schrittwieser","doi":"10.1109/ICSSA.2017.17","DOIUrl":"https://doi.org/10.1109/ICSSA.2017.17","url":null,"abstract":"Behavior based analysis of software executed in a sandbox environment has become an established part of malware and APT detection. In this paper, we explore a unique approach to conduct such an analysis based on data generated by live corporate workstations. We specifically collect high-level Windows events via a real-time kernel monitoring agent and build event propagation trees on top of it. Those trees are representative for the behavior exhibited by the programs running on the monitored machine. After a necessary discretization phase we use a moderately modified version of the Markov chain algorithm to create a distance matrix based on the discretized behavioral profiles. Distance based clustering is then applied to classify the processes in question. We evaluated our approach on a goodware dataset collected on actively used workstations. Initial results show that the Markov approach can be used to reliably classify arbitrary processes and helps identify potentially harmful outliers.","PeriodicalId":307280,"journal":{"name":"2017 International Conference on Software Security and Assurance (ICSSA)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126633891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Common Requirements for Web Application Vulnerability Scanners for the Internet of Things 面向物联网的Web应用漏洞扫描器通用需求
2017 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2017-07-01 DOI: 10.1109/ICSSA.2017.31
H. Lee, Young Sun Park
{"title":"Common Requirements for Web Application Vulnerability Scanners for the Internet of Things","authors":"H. Lee, Young Sun Park","doi":"10.1109/ICSSA.2017.31","DOIUrl":"https://doi.org/10.1109/ICSSA.2017.31","url":null,"abstract":"This paper presents 3 common requirements for web application vulnerability scanners for the Internet of things devices, including browser's rendering engine support, false positive minimization, and device setting change minimization. These requirements have been drawn from the experience of the previous project, security vulnerabilities in residential gateways.","PeriodicalId":307280,"journal":{"name":"2017 International Conference on Software Security and Assurance (ICSSA)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129325549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Software Application to Evaluate the Complexity Theory of the RSA and Elliptic Curves Asymmetric Algorithms 评估RSA和椭圆曲线非对称算法复杂性理论的软件应用
2017 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2017-07-01 DOI: 10.1109/ICSSA.2017.20
Wendy Ayala, Walter Fuertes, Fernando Galarraga, Hernán Aules, T. Toulkeridis
{"title":"Software Application to Evaluate the Complexity Theory of the RSA and Elliptic Curves Asymmetric Algorithms","authors":"Wendy Ayala, Walter Fuertes, Fernando Galarraga, Hernán Aules, T. Toulkeridis","doi":"10.1109/ICSSA.2017.20","DOIUrl":"https://doi.org/10.1109/ICSSA.2017.20","url":null,"abstract":"In the current study, we performed a quantitative evaluation of digital signature algorithms between the asymmetric cryptographic scheme RSA (Rivest, Shamir, and Adleman) and ECDSA (Elliptic Curve Digital Signature Algorithm) with the purpose to limit or block illegal digital interferences. Mathematical foundations of asymmetric digital signature algorithms have been analyzed, giving a special focus to the mentioned algorithms. RSA and ECDSA have been coded in Java Development Environment, with their respective libraries. In addition, a Java software application has been designed and implemented with the respective algorithms of key generation and verification. We have used Scrum by articulating each of its phases with the architecture and extensible security elements of the Java platform. Thus, all of these processes have been applied, in order to establish the RSA or ECDSA with the most suitable characteristics for the performance and confidentiality of transmitted information. The own standards of asymmetric digital signature algorithms and elliptic curves have been taken into account, so that the comparison appears adequate and produces data that, besides of being measurable, are also sustainable. The results obtained have been visualized through a statistical process as products of the determination of the response times obtained during this process. To verify these results, we have used a mathematical validation, based on the Least Squares method.","PeriodicalId":307280,"journal":{"name":"2017 International Conference on Software Security and Assurance (ICSSA)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121579646","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Secure Password Translation for Document Protection of SOHO Companies SOHO公司文件安全密码翻译
2017 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2017-07-01 DOI: 10.1109/ICSSA.2017.33
Hyung-Jong Kim, Soyeon Park
{"title":"Secure Password Translation for Document Protection of SOHO Companies","authors":"Hyung-Jong Kim, Soyeon Park","doi":"10.1109/ICSSA.2017.33","DOIUrl":"https://doi.org/10.1109/ICSSA.2017.33","url":null,"abstract":"To set a password for MS-Office documents would be the most common method that users can think first for their document protection. People also consider the easiest and cheapest way to preserve the confidentiality of documents even though the strength of this security measure merely depends on the complexity of passphrase chosen by document authors. The human factor dependency in documents' password security has been an obstacle of choosing it as a major security countermeasure. In this work, we suggest a new password management scheme for SOHO companies with a limited budget for information security. We have named this scheme as the SPT (Secure Password Translation) which separates users' chosen passphrases and companies' chosen ones for document security. This separation brings about differentiating the security level of documents in accordance with the physical location of documents. The contribution of this work is in suggesting and implementing of security management scheme, which SOHO companies can deploy with a limited budget.","PeriodicalId":307280,"journal":{"name":"2017 International Conference on Software Security and Assurance (ICSSA)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2017-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127771279","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信