Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017)最新文献

The performance of error correcting codes in discrete and continuous fuzzy pairing protocols 离散和连续模糊配对协议中纠错码的性能

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19518

H. R. Deus, Vladimir P. Parente, Jeroen van de Graaf

{"title":"The performance of error correcting codes in discrete and continuous fuzzy pairing protocols","authors":"H. R. Deus, Vladimir P. Parente, Jeroen van de Graaf","doi":"10.5753/sbseg.2017.19518","DOIUrl":"https://doi.org/10.5753/sbseg.2017.19518","url":null,"abstract":"In fuzzy pairing, two parties compare two bit strings which are supposed to be similar, but almost never identical. So A and B engage in a protocol to verify whether d(sA, sB) is less than some threshold T; if not, the parties abort and authentication failed. Here d() is to be taken as the Hamming distance. One standard protocol is the code-offset method: A computes a random vector x such that sA − x is a code word of some pre-agreed error-correcting x. Together they verify whether the code and sends x to B, who decodes sB − two decoded codewords are the same. A common secret key can be obtained subsequently, We cast this problem in a different context, in which A and B want to compare continuous signals, instead of discrete bit strings. We test the code offset method for four classes of error-correcting codes: Reed-Solomon (RS) Codes, Low Density Parity Check (LDPC) Codes, Repeat-Accumulate Codes (RAC) and Low Density Lattice Codes (LDLC). For similar error correction capability our results show that RS codes perform slowly, while LDPC and RAC which very similar are both really fast. LDLC has the best correction capabilities, but are slower because of their mathematical complexity. Our results can be generalized to fuzzy extractors.","PeriodicalId":322419,"journal":{"name":"Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121971305","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Analysis, Anti-Analysis, Anti-Anti-Analysis: An Overview of the Evasive Malware Scenario 分析、反分析、反反分析:规避型恶意软件场景概述

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19504

Marcus Botacin, V. F. Rocha, P. Geus, A. Grégio

{"title":"Analysis, Anti-Analysis, Anti-Anti-Analysis: An Overview of the Evasive Malware Scenario","authors":"Marcus Botacin, V. F. Rocha, P. Geus, A. Grégio","doi":"10.5753/sbseg.2017.19504","DOIUrl":"https://doi.org/10.5753/sbseg.2017.19504","url":null,"abstract":"Malicious programs are persistent threats to computer systems, and their damages extend from financial losses to critical infrastructure attacks. Malware analysis aims to provide useful information to be used for forensic procedures and countermeasures development. To thwart that, attackers make use of anti-analysis techniques that prevent or difficult their malware from being analyzed. These techniques rely on instruction side-effects and that system's structure checks are inspection-aware. Thus, detecting evasion attempts is an important step of any successful investigative procedure. In this paper, we present a broad overview of what anti-analysis techniques are being used in malware and how they work, as well as their detection counterparts, i.e., the anti-anti-analysis techniques that may be used by forensic investigators to defeat evasive malware. We also evaluated over one hundred thousand samples in the search of the presence of anti-analysis technique and summarized the obtained information to present an evasion-aware malware threat scenario.","PeriodicalId":322419,"journal":{"name":"Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130402489","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2

Esquema de Acordo de Chaves de Conferência Baseado em um Problema de Funções Quadráticas de Duas Variáveis 基于二次双变量函数问题的会议键协议方案

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19495

L. A. Kowada, R. Machado

引用次数: 2

Um Método para Detecção de Bots Sociais Baseado em Redes Neurais Convolucionais Aplicadas em Mensagens Textuais 一种基于卷积神经网络的社交机器人检测方法应用于短信

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19524

Paulo A. Braz, R. Goldschmidt

引用次数: 2

Uso de Controle Chaveado para Mitigação de Ataque Ativo de Identificação de Sistemas com Malha Fechada 使用开关控制缓解主动攻击识别闭环系统

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19516

Alan Oliveira de Sá, L. Carmo, R. Machado

引用次数: 0

Cache nFace: uma Contramedida Simples para o Ataque em Conluio Produtor-Consumidor em Redes Centradas em Conteúdo nFace缓存:内容中心网络中生产者-消费者串通攻击的简单对策

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19509

André Nasserala, I. M. Moraes

引用次数: 0

Mitigando a Evasão de Instrumentadores Binários Dinâmicos 减少动态二进制仪表的规避

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19521

Ailton Santos Filho, Arthur Bindá Alves, Isaque Vieira, Eduardo L. Feitosa

引用次数: 0

Experiências com um Honeypot DNS: Caracterização e Evoluão do Tráfego Malicioso DNS蜜罐实验:恶意流量的特征和进化

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19507

Tiago Heinrich, Felipe de Souza Longo, R. Obelheiro

引用次数: 1

An operational costs analysis of similarity digest search strategies using approximate matching tools 使用近似匹配工具的相似摘要搜索策略的操作成本分析

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19497

V. Moia, M. A. Henriques

引用次数: 2

Using Huffman Trees in Features Selection to Enhance Performance in Spam Detection 利用Huffman树特征选择提高垃圾邮件检测性能

Anais do XVII Simpósio Brasileiro de Segurança da Informação e de Sistemas Computacionais (SBSeg 2017) Pub Date : 2017-11-06 DOI: 10.5753/sbseg.2017.19506

Cleber K. Olivo, A. Santin, L. S. Oliveira

引用次数: 0