发布求助
文献互助 智能选刊 最新文献

2015 10th International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
A Framework for the Discovery, Analysis, and Retrieval of Multimedia Homemade Explosives Information on the Web 网络上多媒体自制爆炸物信息的发现、分析和检索框架
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.86
T. Tsikrika, George Kalpakis, S. Vrochidis, Y. Kompatsiaris, I. Paraskakis, I. Kavasidis, Jonathan Middleton, Una Williamson
{"title":"A Framework for the Discovery, Analysis, and Retrieval of Multimedia Homemade Explosives Information on the Web","authors":"T. Tsikrika, George Kalpakis, S. Vrochidis, Y. Kompatsiaris, I. Paraskakis, I. Kavasidis, Jonathan Middleton, Una Williamson","doi":"10.1109/ARES.2015.86","DOIUrl":"https://doi.org/10.1109/ARES.2015.86","url":null,"abstract":"This work proposes a novel framework that integrates diverse state-of-the-art technologies for the discovery, analysis, retrieval, and recommendation of heterogeneous Web resources containing multimedia information about homemade explosives (HMEs), with particular focus on HME recipe information. The framework corresponds to a knowledge management platform that enables the interaction with HME information, and consists of three major components: (i) a discovery component that allows for the identification of HME resources on the Web, (ii) a content-based multimedia analysis component that detects HME-related concepts in multimedia content, and (iii) an indexing, retrieval, and recommendation component that processes the available HME information to enable its (semantic) search and provision of similar information. The proposed framework is being developed in a user-driven manner, based on the requirements of law enforcement and security agencies personnel, as well as HME domain experts. In addition, its development is guided by the characteristics of HME Web resources, as these have been observed in an empirical study conducted by HME domain experts. Overall, this framework is envisaged to increase the operational effectiveness and efficiency of law enforcement and security agencies in their quest to keep the citizen safe.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127934607","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Towards a CERT-Communication Model as Basis to Software Assurance 以cert -通信模型为基础的软件保障
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.83
O. Hellwig, G. Quirchmayr, Edith Huber, Timo Mischitz, M. Huber
{"title":"Towards a CERT-Communication Model as Basis to Software Assurance","authors":"O. Hellwig, G. Quirchmayr, Edith Huber, Timo Mischitz, M. Huber","doi":"10.1109/ARES.2015.83","DOIUrl":"https://doi.org/10.1109/ARES.2015.83","url":null,"abstract":"This paper describes an approach towards modelling the communication in and between CERTs, of CERTs with their constituents, and of CERTs with other stakeholders and partners. As achieving their sometimes diverging goals is essential for CERTs, an extended goal-scenario model is suggested.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"153 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123088964","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An Active Testing Tool for Security Testing of Distributed Systems 一种分布式系统安全测试的主动测试工具
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.97
Mohamed H. E. Aouadi, Khalifa Toumi, A. Cavalli
{"title":"An Active Testing Tool for Security Testing of Distributed Systems","authors":"Mohamed H. E. Aouadi, Khalifa Toumi, A. Cavalli","doi":"10.1109/ARES.2015.97","DOIUrl":"https://doi.org/10.1109/ARES.2015.97","url":null,"abstract":"This paper describes the TestGen-IF tool, that allows the automatic generation of test cases based on model based active testing techniques. This paper describes the overall functionality and architecture of the tool, discusses its strengths and weaknesses, and reports our experience with using the tool on a case study, the Dynamic Route Planning (DRP) service of Vehicular Networks. This case study demonstrates how to use our testing tool to verify the system implementation against its security requirements. This paper also proposes improvements to this tool in the form of a GUI interface to facilitate its use and an approach which permits a gain in time and efficiency by generating test objectives.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116944810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Hardware Security Evaluation Using Assurance Case Models 使用保证案例模型的硬件安全评估
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.60
Henrique Kawakami, R. Gallo, R. Dahab, Erick N. Nascimento
{"title":"Hardware Security Evaluation Using Assurance Case Models","authors":"Henrique Kawakami, R. Gallo, R. Dahab, Erick N. Nascimento","doi":"10.1109/ARES.2015.60","DOIUrl":"https://doi.org/10.1109/ARES.2015.60","url":null,"abstract":"The security of computing systems relies heavily on their hardware architecture. Currently, hardware is evaluated using mostly manual processes that are prone to errors, and generate a large, complex workload. In this paper, we are the first to report the use of the Assurance Case methodology to guide a hardware architecture security analysis. We were able to analyze real-world systems, and to detect known and some possibly unknown vulnerabilities. We also show that, by employing Assurance Cases, other benefits are gained, such as better security analysis coverage and better documentation of the security-relevant aspects of the system.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124459671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
All-Solution Satisfiability Modulo Theories: Applications, Algorithms and Benchmarks 全解可满足模理论:应用、算法和基准
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.14
Quoc-Sang Phan, P. Malacaria
{"title":"All-Solution Satisfiability Modulo Theories: Applications, Algorithms and Benchmarks","authors":"Quoc-Sang Phan, P. Malacaria","doi":"10.1109/ARES.2015.14","DOIUrl":"https://doi.org/10.1109/ARES.2015.14","url":null,"abstract":"Satisfiability Modulo Theories (SMT) is a decision problem for logical formulas over one or more first-order theories. In this paper, we study the problem of finding all solutions of an SMT problem with respect to a set of Boolean variables, henceforth All-SMT. First, we show how an All-SMT solver can benefit various domains of application: Bounded Model Checking, Automated Test Generation, Reliability analysis, and Quantitative Information Flow. Secondly, we then propose algorithms to design an All-SMT solver on top of an existing SMT solver, and implement it into a prototype tool, called aZ3. Thirdly, we create a set of benchmarks for All-SMT in the theory of linear integer arithmetic QF_LIA and the theory of bit vectors with arrays and uninterpreted functions QF_AUFBV. We compare aZ3 against Math SAT, the only existing All-SMT solver, on our benchmarks. Experimental results show that aZ3 is more precise than Math SAT.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133638878","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Behavioural Evidence Analysis Applied to Digital Forensics: An Empirical Analysis of Child Pornography Cases Using P2P Networks 应用于数字取证的行为证据分析:基于P2P网络的儿童色情案件实证分析
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.49
N. A. Mutawa, Jo Bryce, V. N. Franqueira, A. Marrington
{"title":"Behavioural Evidence Analysis Applied to Digital Forensics: An Empirical Analysis of Child Pornography Cases Using P2P Networks","authors":"N. A. Mutawa, Jo Bryce, V. N. Franqueira, A. Marrington","doi":"10.1109/ARES.2015.49","DOIUrl":"https://doi.org/10.1109/ARES.2015.49","url":null,"abstract":"The utility of Behavioural Evidence Analysis (BEA) has gained attention in the field of Digital Forensics in recent years. It has been recognized that, along with technical examination of digital evidence, it is important to learn as much as possible about the individuals behind an offence, the victim (s) and the dynamics of a crime. This can assist the investigator in producing a more accurate and complete reconstruction of the crime, in interpreting associated digital evidence, and with the description of investigative findings. Despite these potential benefits, the literature shows limited use of BEA for the investigation of cases of the possession and dissemination of Sexually Exploitative Imagery of Children (SEIC). This paper represents a step towards filling this gap. It reports on the forensic analysis of 15 SEIC cases involving P2P file sharing networks, obtained from the Dubai Police. Results confirmed the predicted benefits and indicate that BEA can assist digital forensic practitioners and prosecutors.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121598689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Complexity Estimates of a SHA-1 Near-Collision Attack for GPU and FPGA 基于GPU和FPGA的SHA-1近碰撞攻击复杂度估计
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.34
Jürgen Fuß, Stefan Gradinger, Bernhard Greslehner-Nimmervoll, Robert Kolmhofer
{"title":"Complexity Estimates of a SHA-1 Near-Collision Attack for GPU and FPGA","authors":"Jürgen Fuß, Stefan Gradinger, Bernhard Greslehner-Nimmervoll, Robert Kolmhofer","doi":"10.1109/ARES.2015.34","DOIUrl":"https://doi.org/10.1109/ARES.2015.34","url":null,"abstract":"The complexity estimate of a hash collision algorithm is given by the unit hash compressions. This paper shows that this figure can lead to false runtime estimates when accelerating the algorithm by the use of graphics processing units (GPU) and field-programmable gate arrays (FPGA). For demonstration, parts of the CPU reference implementation of Marc Stevens' SHA-1 Near-Collision Attack are implemented on these two accelerators by taking advantage of their specific architectures. The implementation, runtime behavior and performance of these ported algorithms are discussed, and in conclusion, it is shown that the acceleration results in different complexity estimates for each type of coprocessor.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129612055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Gradually Improving the Forensic Process 逐步完善司法鉴定程序
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.32
S. Neuner, M. Mulazzani, S. Schrittwieser, E. Weippl
{"title":"Gradually Improving the Forensic Process","authors":"S. Neuner, M. Mulazzani, S. Schrittwieser, E. Weippl","doi":"10.1109/ARES.2015.32","DOIUrl":"https://doi.org/10.1109/ARES.2015.32","url":null,"abstract":"At the time of writing, one of the most pressing problems for forensic investigators is the huge amount of data to analyze per case. Not only the number of devices increases due to the advancing computerization of every days life, but also the storage capacity of each and every device raises into multi-terabyte storage requirements per case for forensic working images. In this paper we improve the standardized forensic process by proposing to use file deduplication across devices as well as file white listing rigorously in investigations, to reduce the amount of data that needs to be stored for analysis as early as during data acquisition. These improvements happen in an automatic fashion and completely transparent to the forensic investigator. They furthermore be added without negative effects to the chain of custody or artefact validity in court, and are evaluated in a realistic use case.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121733433","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
An Open Source Code Analyzer and Reviewer (OSCAR) Framework 一个开放源代码分析和审查(OSCAR)框架
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.36
S. Tjoa, Patrick Kochberger, Christoph Malin, Andreas Schmoll
{"title":"An Open Source Code Analyzer and Reviewer (OSCAR) Framework","authors":"S. Tjoa, Patrick Kochberger, Christoph Malin, Andreas Schmoll","doi":"10.1109/ARES.2015.36","DOIUrl":"https://doi.org/10.1109/ARES.2015.36","url":null,"abstract":"Due to the intense usage of IT and the growing number of fields of application, we rely more than ever on functional software components. In conjunction with this development it could be observed that in the last years the popularity of open source software was on the rise for various reasons. However, in the recent past, serious vulnerabilities have been discovered. In order to support open source developers testing their source code for security bugs, in this paper, we present the idea of a framework which combines existing open source security checkers. After presenting the architecture of the framework we demonstrate the functionality of the framework using the vulnerable application Web Goat.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122385573","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Empirical Evaluation of the A3 Environment: Evaluating Defenses Against Zero-Day Attacks A3环境的经验评估:评估对零日攻击的防御
2015 10th International Conference on Availability, Reliability and Security Pub Date : 2015-08-24 DOI: 10.1109/ARES.2015.89
Shane S. Clark, Aaron M. Paulos, B. Benyo, P. Pal, R. Schantz
{"title":"Empirical Evaluation of the A3 Environment: Evaluating Defenses Against Zero-Day Attacks","authors":"Shane S. Clark, Aaron M. Paulos, B. Benyo, P. Pal, R. Schantz","doi":"10.1109/ARES.2015.89","DOIUrl":"https://doi.org/10.1109/ARES.2015.89","url":null,"abstract":"A3 is an execution management environment that aims to make network-facing applications and services resilient against zero-day attacks. A3 recently underwent two adversarial evaluations of its defensive capabilities. In one, A3 defended an App Store used in a Capture the Flag (CTF) tournament, and in the other, a tactically relevant network service in a red team exercise. This paper describes the A3 defensive technologies evaluated, the evaluation results, and the broader lessons learned about evaluations for technologies that seek to protect critical systems from zero-day attacks.","PeriodicalId":331539,"journal":{"name":"2015 10th International Conference on Availability, Reliability and Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-08-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133325332","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信