发布求助
文献互助 智能选刊 最新文献

2006 IEEE Information Assurance Workshop最新文献

筛选
英文 中文
P3ARM: Privacy-Preserving Protocol for Association Rule Mining P3ARM:关联规则挖掘的隐私保护协议
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652080
I. Saleh, Alaa Mokhtar, Amin Shoukry, Mohamed Eltoweissy
{"title":"P3ARM: Privacy-Preserving Protocol for Association Rule Mining","authors":"I. Saleh, Alaa Mokhtar, Amin Shoukry, Mohamed Eltoweissy","doi":"10.1109/IAW.2006.1652080","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652080","url":null,"abstract":"The ability to mine large volumes of distributed datasets enables more precise decision making. However, privacy concerns should be carefully addressed when mining datasets distributed over autonomous sites. We propose a new privacy-preserving protocol for association rule mining (P3ARM) over horizontally partitioned data. P3ARM is based on a distributed implementation of the Apriori algorithm. The key idea is to arbitrary assign polling sites to collect itemsets' supports in encrypted forms using homomorphic encryption techniques. A pair of polling sites is assigned for each itemset. Polling sites are different for consecutive rounds of the protocol to reduce the potential for collusion. Our performance analysis shows that P3ARM significantly outperforms a leading existing protocol. Moreover, P3ARM is scalable in the number of sites and the volume of data","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"114 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132211296","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Battery-Sensing Intrusion Protection System 电池感应入侵保护系统
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652093
T. Buennemeyer, G. A. Jacoby, W.G. Chiang, R. Marchany, J. Tront
{"title":"Battery-Sensing Intrusion Protection System","authors":"T. Buennemeyer, G. A. Jacoby, W.G. Chiang, R. Marchany, J. Tront","doi":"10.1109/IAW.2006.1652093","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652093","url":null,"abstract":"This paper proposes an innovative battery-sensing intrusion protection system (B-SIPS) for mobile computers, which alerts on power changes detected on small wireless devices. These hosts are employed as sensors in a wireless network and form the basis of the \"Canary-Net\" intrusion detection system (IDS). This detection capability is scalable and complementary with existing commercial and open system network IDSs. B-SIPS implementation correlates device power consumption with IEEE 802.11 and Bluetooth communication activity. Irregular and attack activity is detected and reported to the intrusion detection engine for correlation with existing signatures in a database and for forensic investigation by a security manager","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133553555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Analyzing Attack Trees using Generalized Stochastic Petri Nets 基于广义随机Petri网的攻击树分析
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652085
George C. Dalton, R. Mills, J. Colombi, R. Raines
{"title":"Analyzing Attack Trees using Generalized Stochastic Petri Nets","authors":"George C. Dalton, R. Mills, J. Colombi, R. Raines","doi":"10.1109/IAW.2006.1652085","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652085","url":null,"abstract":"In recent years, attack trees have been developed to describe processes by which malicious users attempt to exploit or break computer software and/or networks. Attack trees are a way of decomposing, visualizing, and determining the cost or likeliness of attacks. Similarly, Petri nets (PNs) are graphical representations of a system or process used for modeling, formal analysis, and design verification. PNs are easy to build and simulate using a myriad of available tools. There are a number of subclasses of PNs, including colored, timed, stochastic, etc. This paper focuses on the use of generalized stochastic PNs (GSPNs) to model and analyze attack trees with the ultimate goal of automating the analysis using simulation tools. The results of this simulation and analysis can be used to further refine the attack tree or to develop countermeasures","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114676060","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 92
Fault-Tolerant Overlay Protocol Network 容错覆盖协议网络
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652118
N. Shelly, N. Jensen, L. Baird, J. Moore
{"title":"Fault-Tolerant Overlay Protocol Network","authors":"N. Shelly, N. Jensen, L. Baird, J. Moore","doi":"10.1109/IAW.2006.1652118","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652118","url":null,"abstract":"Voice over Internet Protocol (VoIP) and other time critical communications require a level of availability much higher than the typical transport network supporting traditional data communications. These critical command and control channels must continue to operate and remain available in the presence of an attack or other network disruption. Even disruptions of short duration can severely damage, degrade, or drop a VoIP connection. Routing protocols in use today can dynamically adjust for a changing network topology. However, they generally cannot converge quickly enough to continue an existing voice connection. As packet switching technologies continue to erode traditional circuit switching applications, some methodology or protocol must be developed that can support these traditional requirements over a packet-based infrastructure. We propose the use of a modified overlay tunneling network and associated routing protocols called the fault tolerant overlay protocol (FTOP) network. This network is entirely logical; the supporting routing protocol may be greatly simplified due to the overlays's ability to appear fully connected. Therefore, ensuring confidentiality and availability are much simpler using traditional cryptographic isolation and VPN technologies. Empirical results show for substrate networks, convergence time may be as high as six to ten minutes. However, the FTOP overlay network has been shown to converge in a fraction of a second, yielding an observed two order of magnitude convergence time improvement. This unique ability enhances availability of critical network services allowing operation in the face of substrate network disruption caused by malicious attack or other failure","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117065043","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
The CERT Survivability and Information Assurance Curriculum: Building Enterprise Networks on a Firm Educational Foundation CERT生存能力和信息保障课程:在坚实的教育基础上构建企业网络
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652078
L. Rogers
{"title":"The CERT Survivability and Information Assurance Curriculum: Building Enterprise Networks on a Firm Educational Foundation","authors":"L. Rogers","doi":"10.1109/IAW.2006.1652078","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652078","url":null,"abstract":"Today's professional system and network administrators are increasingly challenged to make computer and network security a greater part of their overflowing set of daily activities. In response to this trend, the Software Engineering Institute (SEI1), specifically the CERTreg Program2, has designed a three-course curriculum in survivability and information assurance (SIA)","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124284608","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
The Need for a Technical Approach to Digital Forensic Evidence Collection for Wireless Technologies 对无线技术数字取证技术方法的需求
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652086
J. Slay, B. Turnbull
{"title":"The Need for a Technical Approach to Digital Forensic Evidence Collection for Wireless Technologies","authors":"J. Slay, B. Turnbull","doi":"10.1109/IAW.2006.1652086","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652086","url":null,"abstract":"Whilst 802.11a/b/g wireless security is well documented by academic literature, there is little work discussing the forensic issues associated with the technology. This paper aims to discuss how 802.11-based wireless technologies may be misused compared with current electronic evidence collection and analysis techniques. The lack of procedural guides in the identification of wireless networks is noted, and the need for a technological solution in the evidence collection process of potential electronic evidence","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124095224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Quantitative Analysis of Efficient Antispam Techniques 高效反垃圾邮件技术的定量分析
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652091
Anders Wiehe, Erik Hjelmås, S. Wolthusen
{"title":"Quantitative Analysis of Efficient Antispam Techniques","authors":"Anders Wiehe, Erik Hjelmås, S. Wolthusen","doi":"10.1109/IAW.2006.1652091","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652091","url":null,"abstract":"While dynamic content-based filtering mechanisms for the identification of unsolicited commercial email (UCE, or more commonly \"spam\") have proven to be effective, these techniques require considerable computational resources. It is therefore highly desirable to reduce the number of emails that must be subjected to a content-based analysis. In this paper, a number of efficient techniques based on lower protocol level properties are analyzed using a large real-world data set. We show that combinations of several network-based filters can provide a computationally efficient pre-filtering mechanism at acceptable false-positive rates","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"108 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132514195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Design and Implementation of the Honey-DVD Honey-DVD的设计与实现
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652100
M. Dornseif, F. Freiling, N. Gedicke, Thorsten Holz
{"title":"Design and Implementation of the Honey-DVD","authors":"M. Dornseif, F. Freiling, N. Gedicke, Thorsten Holz","doi":"10.1109/IAW.2006.1652100","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652100","url":null,"abstract":"Honeynets are a valuable source of data about techniques, tactics and motives of attackers in the Internet, but up to now they have been notoriously difficult to set up and maintain. This work describes the development and implementation of an easy to use, freely distributable, bootable solution on DVD for deploying honeynets. The system is based on a live Linux distribution and can be set up without installing anything on a local hard drive. It sets up a group of virtually emulated honeypots and links them together in a virtual network. Moreover, a honeywall is added to protect the honeypots. The whole honeynet is configured and maintained via a centralised controller software on the DVD which allows an easy configuration and automates all necessary procedures in the virtual network","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128748307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
LibsafeXP: A Practical and Transparent Tool for Run-time Buffer Overflow Preventions LibsafeXP:一个实用和透明的工具,用于防止运行时缓冲区溢出
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652114
Zhiqiang Lin, Bing Mao, Li Xie
{"title":"LibsafeXP: A Practical and Transparent Tool for Run-time Buffer Overflow Preventions","authors":"Zhiqiang Lin, Bing Mao, Li Xie","doi":"10.1109/IAW.2006.1652114","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652114","url":null,"abstract":"This paper presents a practical tool, LibsafeXP, to protect the software against the most common and severe attack, buffer overflows. As a dynamic shared library and an extension to Libsafe and LibsafePlus, LibsafeXP contains wrapper functions for all the buffer related functions in C standard library. These wrapper functions are enforced to check the source and target buffer's size using the following information: global buffer knowledge extracted from the program symbol information, heap buffer knowledge by intercepting memory allocation family functions, and stack buffer bound information by dynamically determined from the frame pointer. Compared with other approaches, LibsafeXP is more transparent to programs: it works on binary mode, and neither requires the source code nor any debugging information. The performance and effectiveness evaluation indicates LibsafeXP could be used to defend against buffer overflow attacks and impose about 10 percent overhead on the protected software","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131515504","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Grid Based Network Address Space Browsing for Network Traffic Visualization 基于网格的网络地址空间浏览网络流量可视化
2006 IEEE Information Assurance Workshop Pub Date : 2006-06-21 DOI: 10.1109/IAW.2006.1652104
E. Le Malécot, M. Kohara, Y. Hori, K. Sakurai
{"title":"Grid Based Network Address Space Browsing for Network Traffic Visualization","authors":"E. Le Malécot, M. Kohara, Y. Hori, K. Sakurai","doi":"10.1109/IAW.2006.1652104","DOIUrl":"https://doi.org/10.1109/IAW.2006.1652104","url":null,"abstract":"The security of computer networks has become a priority during the past few years. More and more organizations heavily depend on services that are provided by computer networks and this trend is certainly going to rise in the near future. At the same time, malicious attacks against such systems are also increasing in number and variety. System administrators can try to prevent these attacks with the use of firewalls for instance. However, these precautions are not always enough and so they also need to monitor the network traffic in order to detect anomalies and intrusions. Usually, system administrators use automated systems to process network traffic logs and to analyze them. This processing is based on learning techniques, signature databases or statistical analysis. Another approach is to use visualization techniques to display these logs and to favor user interaction with the data. This paper presents a visualization design based on interactive grids representing the network space. The network traffic is then displayed on these grids. We also introduce a prototype of this design that has been implemented to test its validity","PeriodicalId":326306,"journal":{"name":"2006 IEEE Information Assurance Workshop","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131780226","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信