发布求助
文献互助 智能选刊 最新文献

EAI Endorsed Trans. Security Safety最新文献

筛选
英文 中文
Efficient Public Blockchain Client for Lightweight Users 轻量级用户的高效公共区块链客户端
EAI Endorsed Trans. Security Safety Pub Date : 2018-01-04 DOI: 10.4108/eai.4-1-2018.153528
Lei Xu, Lin Chen, Zhimin Gao, Shouhuai Xu, W. Shi
{"title":"Efficient Public Blockchain Client for Lightweight Users","authors":"Lei Xu, Lin Chen, Zhimin Gao, Shouhuai Xu, W. Shi","doi":"10.4108/eai.4-1-2018.153528","DOIUrl":"https://doi.org/10.4108/eai.4-1-2018.153528","url":null,"abstract":"Public blockchains provide a decentralized method for storing transaction data and have many applications in different sectors. In order for users to track transactions, a simple method is to let them keep a local copy of the entire public ledger. Since the size of the ledger keeps growing, this method becomes increasingly less practical, especially for lightweight users such as IoT devices and smartphones. In order to cope with the problem, several solutions have been proposed to reduce the storage burden. However, existing solutions either achieve a limited storage reduction (e.g., simple payment verification), or rely on some strong security assumption (e.g., the use of trusted server). In this paper, we propose a new approach to solving the problem. Specifically, we propose an underline{e}fficient verification protocol for underline{p}ublic underline{b}lockunderline{c}hains, or EPBC for short. EPBC is particularly suitable for lightweight users, who only need to store a small amount of data that is {it independent of} the size of the blockchain. We analyze EPBC's performance and security, and discuss its integration with existing public ledger systems. Experimental results confirm that EPBC is practical for lightweight users.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116380284","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Probabilistic Inference of the Stealthy Bridges between Enterprise Networks in Cloud 云环境下企业网络间隐形桥的概率推断
EAI Endorsed Trans. Security Safety Pub Date : 2018-01-04 DOI: 10.4108/eai.4-1-2018.153526
Xiaoyan Sun, Jun Dai, A. Singhal, Peng Liu
{"title":"Probabilistic Inference of the Stealthy Bridges between Enterprise Networks in Cloud","authors":"Xiaoyan Sun, Jun Dai, A. Singhal, Peng Liu","doi":"10.4108/eai.4-1-2018.153526","DOIUrl":"https://doi.org/10.4108/eai.4-1-2018.153526","url":null,"abstract":"Cloud computing, with the paradigm of computing as a utility, has the potential to significantly tranform the IT industry. Attracted by the high efficiency, low cost, and great flexibility of cloud, enterprises began to migrate large parts of their networks into cloud. The cloud becomes a public space where multiple “tenants” reside. Except for some public services, the enterprise networks in cloud should be absolutely isolated from each other. However, some “stealthy bridges” could be established to break such isolation due to two features of the public cloud: virtual machine image sharing and virtual machine co-residency. This paper proposes to use cross-layer Bayesian networks to infer the stealthy bridges existing between enterprise network islands. Cloud-level attack graphs are firstly built to capture the potential attacks enabled by stealthy bridges and reveal hidden possible attack paths. Cross-layer Bayesian networks are then constructed to infer the probability of stealthy bridge existence. The experiment results show that the cross-layer Bayesian networks are capable of inferring the existence of stealthy bridges given supporting evidence from other intrusion steps in a multi-step attack. Received on 25 December 2017; accepted on 26 December 2017; published on 4 January 2018","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133566958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An Evaluation Framework for Moving Target Defense Based on Analytic Hierarchy Process 基于层次分析法的移动目标防御评价框架
EAI Endorsed Trans. Security Safety Pub Date : 2018-01-04 DOI: 10.4108/eai.4-1-2018.153527
Chu Huang, Sencun Zhu, Yi Yang
{"title":"An Evaluation Framework for Moving Target Defense Based on Analytic Hierarchy Process","authors":"Chu Huang, Sencun Zhu, Yi Yang","doi":"10.4108/eai.4-1-2018.153527","DOIUrl":"https://doi.org/10.4108/eai.4-1-2018.153527","url":null,"abstract":"A Moving Target Defense (MTD)-enabled system is one which can dynamically and rapidly change its properties and code such that the attackers do not have sufficient time to exploit it. Although a variety of MTD systems have been proposed, fewwork has focused on assessing the relative cost-effectiveness of differentMTD approaches. In this paper, based on a generic MTD theory, we propose five general evaluation metrics and an assessment framework on top of Analytic Hierarchy Process (AHP), which aggregates these five metrics and systematically evaluates/compares security strengths and costs of multiple MTD-based approaches in the same category. This framework could be widely used in different MTD categories under various attacks and it will enable a security specialist to choose the best MTD approach from a set of possible alternatives based on his/her goal and understanding of the problem. A detailed case study on a specific MTD category called software diversification validates the effectiveness of this framework. Our evaluation results rank three software diversity algorithms and choose the best one among three based on problem setting and situation constraints. Received on XXXX; accepted on XXXX; published on XXXX","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115607419","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Defence Mechanisms for Public Systems 公共系统防御机制
EAI Endorsed Trans. Security Safety Pub Date : 2018-01-04 DOI: 10.4108/eai.4-1-2018.153524
Sencun Zhu, Kevin I. Jones, L. Maglaras
{"title":"Defence Mechanisms for Public Systems","authors":"Sencun Zhu, Kevin I. Jones, L. Maglaras","doi":"10.4108/eai.4-1-2018.153524","DOIUrl":"https://doi.org/10.4108/eai.4-1-2018.153524","url":null,"abstract":"","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122728709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Vulnerability Analysis, Intrusion Detection and Privacy Preservation of Modern Communication Systems 现代通信系统的漏洞分析、入侵检测与隐私保护
EAI Endorsed Trans. Security Safety Pub Date : 2017-12-28 DOI: 10.4108/eai.28-12-2017.153514
Sencun Zhu, Kevin I. Jones, L. Maglaras
{"title":"Vulnerability Analysis, Intrusion Detection and Privacy Preservation of Modern Communication Systems","authors":"Sencun Zhu, Kevin I. Jones, L. Maglaras","doi":"10.4108/eai.28-12-2017.153514","DOIUrl":"https://doi.org/10.4108/eai.28-12-2017.153514","url":null,"abstract":"The second issue of the fourth volume of the EAI transactions on Security and Safety provides an insight to methods and techniques that improve security, safety and privacy of modern systems, such as Software-Defined Systems (SDNs), Cognitive radio networks (CRNs) or 802.11wireless networks. The articles that constitute this issue can be divided into two main classes. The first one consists of novel methods that can strengthen either intrusion detection or encryption capabilities of the system under consideration, while the second one is based on the analysis of collected data from different wireless access points in order to reveal vulnerabilities and security level of the providers. In particular, in the area of novel security and privacy methods the issue presents (i) a deep learning based DDoS detection system for multi-vector attack detection in an SDN environment, (ii) an adaptive parameter and component selection mechanism for online anomaly detection problem in CRNs (iii) a compact homomorphic symmetric encryption scheme based on learning with errors (LWE) principle. In the area of the data collection and analysis study, the issue presents an overview of the security level of wireless networks in Romania.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"185 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116210789","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Exploration of Singular Spectrum Analysis for Online Anomaly Detection in CRNs 奇异谱分析在CRNs在线异常检测中的应用
EAI Endorsed Trans. Security Safety Pub Date : 2017-12-28 DOI: 10.4108/eai.28-12-2017.153516
Qi Dong, Zekun Yang, Yu Chen, Xiaohua Li, K. Zeng
{"title":"Exploration of Singular Spectrum Analysis for Online Anomaly Detection in CRNs","authors":"Qi Dong, Zekun Yang, Yu Chen, Xiaohua Li, K. Zeng","doi":"10.4108/eai.28-12-2017.153516","DOIUrl":"https://doi.org/10.4108/eai.28-12-2017.153516","url":null,"abstract":"Cognitive radio networks (CRNs) have been recognized as a promising technology that allows secondary users (SUs) extensively explore spectrum resource usage efficiency, while not introducing interference to licensed users. Due to the unregulated wireless network environment, CRNs are susceptible to various malicious entities. Thus, it is critical to detect anomalies in the first place. However, from the perspective of intrinsic features of CRNs, there is hardly in existence of an universal applicable anomaly detection scheme. Singular Spectrum Analysis (SSA) has been theoretically proven an optimal approach for accurate and quick detection of changes in the characteristics of a running (random) process. In addition, SSA is a model-free method and no parametric models have to be assumed for different types of anomalies, which makes it a universal anomaly detection scheme. In this paper, we introduce an adaptive parameter and component selection mechanism based on coherence for basic SSA method, upon which we built up a sliding window online anomaly detector in CRNs. Our experimental results indicate great accuracy of the SSA-based anomaly detector for multiple anomalies.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"140 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131672224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Overview of Romania 802.11Wireless Security & Statistics 罗马尼亚802.11无线安全和统计概述
EAI Endorsed Trans. Security Safety Pub Date : 2017-12-28 DOI: 10.4108/eai.28-12-2017.153518
C. Leca
{"title":"Overview of Romania 802.11Wireless Security & Statistics","authors":"C. Leca","doi":"10.4108/eai.28-12-2017.153518","DOIUrl":"https://doi.org/10.4108/eai.28-12-2017.153518","url":null,"abstract":"This paper presents a study of wireless network security and statistics in Romania aimed at raising public awareness on security issues and highlighting the prevalence of known vulnerabilities in commercial equipment. The data used for the study consist of wireless network broadcast data acquisitioned by the technique of war-driving. In order to ensure a thorough overview, the data collected includes more than 100000 unique wireless networks gathered in Bucharest, major urban areas and the surrounding rural areas. The results of the study cover security protocol usage, the percentage in which known vulnerabilities are still deployed in wireless networks and statistics regarding channel and band usage, common SSIDs in Romania, top equipment manufacturers and the situation of provider wireless access points. The study also shows that provider wireless access points on average offer better security than private networks. Received on 28 January 2017; accepted on 20 April 2017; published on 28 December 2017","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"2472 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131087078","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Compact lossy and all-but-one trapdoor functions from lattice 晶格上的紧致有损和除一个以外的所有活门函数
EAI Endorsed Trans. Security Safety Pub Date : 2017-12-13 DOI: 10.4108/eai.28-12-2017.153517
Leixiao Cheng, Quanshui Wu, Yunlei Zhao
{"title":"Compact lossy and all-but-one trapdoor functions from lattice","authors":"Leixiao Cheng, Quanshui Wu, Yunlei Zhao","doi":"10.4108/eai.28-12-2017.153517","DOIUrl":"https://doi.org/10.4108/eai.28-12-2017.153517","url":null,"abstract":"Lossy trapdoor functions (LTDF) and all-but-one trapdoor functions (ABO-TDF) are fundamental cryptographic primitives. And given the recent advances in quantum computing, it would be much desirable to develop new and improved lattice-based LTDF and ABO-TDF. In this work, we provide more compact constructions of LTDF and ABO-TDF based on the learning with errors (LWE) problem. In addition, our LWE-based ABO-TDF can allow smaller system parameters to support super-polynomially many injective branches in the construction of CCA secure public key encryption. As a core building tool, we provide a more compact homomorphic symmetric encryption schemes based on LWE, which might be of independent interest. To further optimize the ABO-TDF construction, we employ the full rank difference encoding technique. As a consequence, the results presented in this work can substantially improve the performance of all the previous LWE-based cryptographic constructions based upon LTDF and ABO-TDF.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"114 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127967898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Data Flow Analysis on Android Platform with Fragment Lifecycle Modeling and Callbacks 基于片段生命周期建模和回调的Android平台数据流分析
EAI Endorsed Trans. Security Safety Pub Date : 2017-12-07 DOI: 10.4108/eai.7-12-2017.153394
Yongfeng Li, Jinbin Ouyang, Bing Mao, Kai Ma, Shanqing Guo
{"title":"Data Flow Analysis on Android Platform with Fragment Lifecycle Modeling and Callbacks","authors":"Yongfeng Li, Jinbin Ouyang, Bing Mao, Kai Ma, Shanqing Guo","doi":"10.4108/eai.7-12-2017.153394","DOIUrl":"https://doi.org/10.4108/eai.7-12-2017.153394","url":null,"abstract":"Smartphones carry a large quantity of sensitive information to satisfy people’s various requirements, but the way of using information is important to keep the security of users’ privacy. There are two kinds of misuses of sensitive information for apps. On the one hand, careless programmers may leak the data by accident. On the other hand, the attackers develop malware to collect sensitive data intentionally. Many researchers apply data flow analysis to detect data leakages of an app. However, data flow analysis on Android platform is quite di ff erent from the programs on desktop. Many researchers have solved some problems of data flow analysis on Android platform, like Activity lifecycle, callback methods, inter-component communication. We find that Fragment’s lifecycle also has an e ff ect on the data flow analysis of Android apps. Some data will be leaked if we don’t take Fragment’s lifecycle into consideration when performing data flow analysis in Android apps. So in this paper, we propose an approach to model Fragment’s lifecycle and its relationship with Activity’s lifecycle, then introduce a tool called FragDroid based on FlowDroid [7]. We conduct some experiments to evaluate the e ff ectiveness of our tool and the results show that there are 8% of apps in our data set using Fragment. In particular, for popular apps, the result is 50.8%. We also evaluate the performance of using FragDroid to analyze Android apps, the result shows the average overhead is 17%.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"108 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122546735","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
MAAT: Multi-Stage Attack Attribution in Enterprise Systems using Software Defined Networks 基于软件定义网络的企业系统多阶段攻击归因
EAI Endorsed Trans. Security Safety Pub Date : 2017-12-07 DOI: 10.4108/EAI.7-12-2017.153396
S. Kannan, Paul C. Wood, S. Chaterji, S. Bagchi, Larry Deatrick, Patricia Beane
{"title":"MAAT: Multi-Stage Attack Attribution in Enterprise Systems using Software Defined Networks","authors":"S. Kannan, Paul C. Wood, S. Chaterji, S. Bagchi, Larry Deatrick, Patricia Beane","doi":"10.4108/EAI.7-12-2017.153396","DOIUrl":"https://doi.org/10.4108/EAI.7-12-2017.153396","url":null,"abstract":"","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124645017","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信