发布求助
文献互助 智能选刊 最新文献

2010 International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
Detection of Spyware by Mining Executable Files 通过挖掘可执行文件检测间谍软件
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.105
R. Shahzad, S. Haider, Niklas Lavesson
{"title":"Detection of Spyware by Mining Executable Files","authors":"R. Shahzad, S. Haider, Niklas Lavesson","doi":"10.1109/ARES.2010.105","DOIUrl":"https://doi.org/10.1109/ARES.2010.105","url":null,"abstract":"Spyware represents a serious threat to confidentiality since it may result in loss of control over private data for computer users. This type of software might collect the data and send it to a third party without informed user consent. Traditionally two approaches have been presented for the purpose of spyware detection: Signature-based Detection and Heuristic-based Detection. These approaches perform well against known Spyware but have not been proven to be successful at detecting new spyware. This paper presents a Spyware detection approach by using Data Mining (DM)technologies. Our approach is inspired by DM-based malicious code detectors, which are known to work well for detecting viruses and similar software. However, this type of detector has not been investigated in terms of how well it is able to detect spyware. We extract binary features, called n-grams, from both spyware and legitimate software and apply five different supervised learning algorithms to train classifiers that are able to classify unknown binaries by analyzing extracted n-grams. The experimental results suggest that our method is successful even when the training data is scarce.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123846547","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
Pitfalls in Formal Reasoning about Security Protocols 安全协议形式推理中的陷阱
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.36
Nina Moebius, K. Stenzel, W. Reif
{"title":"Pitfalls in Formal Reasoning about Security Protocols","authors":"Nina Moebius, K. Stenzel, W. Reif","doi":"10.1109/ARES.2010.36","DOIUrl":"https://doi.org/10.1109/ARES.2010.36","url":null,"abstract":"Formal verification can give more confidence in the security of cryptographic protocols. Application specific security properties like \"The service providerdoes not loose money\" can give even more confidence than standard propertieslike secrecy or authentication. However, it is surprisingly easy to get a meaningful property slightly wrong. The result is that an insecure protocol can be 'proven' secure. We illustrate the problem with a very small application, a copy card, that has only five different messages. The example is taken from a paper where the protocol is secure, but the proved property slightly wrong. We propose to solve the problemby incorporating more of the real-world application into the formal model.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128737849","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
The Road to Hell is Paved with Good Intentions: A Story of (In)secure Software Development 通往地狱的道路是由良好的意图铺就的:一个(In)安全软件开发的故事
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.44
Richard Sasson, M. Jaatun, Jostein Jensen
{"title":"The Road to Hell is Paved with Good Intentions: A Story of (In)secure Software Development","authors":"Richard Sasson, M. Jaatun, Jostein Jensen","doi":"10.1109/ARES.2010.44","DOIUrl":"https://doi.org/10.1109/ARES.2010.44","url":null,"abstract":"In this paper, we present the results of a security assessment performed on a home care system based on SOA, realized as web services. The security design concepts of this platform were specifically tailored to meet new security challenges and to be compliant with legal frameworks applicable to the healthcare domain. This security design was fed as input to the development team,which implemented the system. However, our assessment revealed a software platform with severe security weaknesses and vulnerabilities, demonstrating pitfalls that are, or should be, well known.Our experience re-confirms that security must be built as an intrinsic software property and emphasizes the need for security awareness throughout the whole software development lifecycle.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"55 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121595095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Secure Monitoring of Service Level Agreements 服务水平协议的安全监控
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.33
K. Clark, M. Warnier, F. Brazier, T. Quillinan
{"title":"Secure Monitoring of Service Level Agreements","authors":"K. Clark, M. Warnier, F. Brazier, T. Quillinan","doi":"10.1109/ARES.2010.33","DOIUrl":"https://doi.org/10.1109/ARES.2010.33","url":null,"abstract":"Service Level Agreements (SLA) are commonly used to define terms and conditions of service provisioning. WS-Agreement1 is an SLA specification that addresses the need of both producers and consumers of services to specify and negotiate terms and conditions of access to these services. This specification has gained wide acceptance in both the Grid computing and Web Services communities. WS-Agreement includes support for both negotiating and specifying penalties that arise from violation of these terms and conditions. It does not, however, include support for monitoring these agreements to determine if any such violations have occurred and, if so, determining which parties are responsible.This paper proposes a framework and design for secure and reliable monitoring of WS-Agreement specified SLAs. Modifications to WS-Agreement are necessary for effective monitoring. These modifications are outlined, along with an implementation of the framework in the AgentScape middle- ware system.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122038421","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Classification of Buffer Overflow Vulnerability Monitors 缓冲区溢出漏洞监视器的分类
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.15
H. Shahriar, Mohammad Zulkernine
{"title":"Classification of Buffer Overflow Vulnerability Monitors","authors":"H. Shahriar, Mohammad Zulkernine","doi":"10.1109/ARES.2010.15","DOIUrl":"https://doi.org/10.1109/ARES.2010.15","url":null,"abstract":"Buffer overflow is one of the worst program vulnerabilities. Many preventive approaches are applied to mitigate buffer overflow (BOF) vulnerabilities. However, BOF vulnerabilities are still being discovered in programs on a daily basis which might be exploited to crash programs and execute unwanted code at runtime. Monitoring is a popular approach for detecting BOF attacks during program execution and can prevent the consequences of BOF vulnerability exploitations. However, there is no classification of the proposed approaches to understand their common characteristics, objectives, and limitations. In this paper, we classify the current BOF vulnerability monitoring approaches based on the following five characteristics: monitoring objective, program state utilization, implementation mechanism, environmental change, and attack response. The classification will enable researchers to differentiate among existing monitoring approaches. Moreover, it will provide a guideline to choose monitoring approaches suitable for their needs.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"137 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114655957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A Security Decision-Reaction Architecture for Heterogeneous Distributed Network 异构分布式网络的安全决策-反应体系结构
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.57
C. Feltus, D. Khadraoui, Jocelyn Aubert
{"title":"A Security Decision-Reaction Architecture for Heterogeneous Distributed Network","authors":"C. Feltus, D. Khadraoui, Jocelyn Aubert","doi":"10.1109/ARES.2010.57","DOIUrl":"https://doi.org/10.1109/ARES.2010.57","url":null,"abstract":"The main objective of this paper is to provide a global decision-reaction architectural built on the requirements for a reaction after alert detection mechanisms in the frame of information systems security and more particularly applied to telecom infrastructures security. These infrastructures are distributed in nature, therefore the architecture is elaborated using the multi-agents system that provides the advantages of autonomous and interaction facilities, and has been associated to the ontoBayes model for decision support mechanism. This model helps agents to make decisions according to preference values and is built upon ontology based knowledge sharing, bayesian networks based uncertainty management and influence diagram based decision support. The Multi-Agent System decision-reaction architecture is developed in a distributed perspective and is composed of three basic layers: low level, intermediate level and high level. The proposed approach has been illustrated based on the network architecture for heterogeneous mobile computing developed by the BARWAN project. Accordingly: the Building Area constitutes the low level and aims to be the interface between the main architecture and the targeted infrastructure. The Campus-Area is the intermediate level responsible of correlating the alerts coming from different domains of the infrastructure and to smartly deploy the reaction actions.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130876114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Identifying Security Relevant Warnings from Static Code Analysis Tools through Code Tainting 通过代码污染从静态代码分析工具识别安全相关警告
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.108
D. Baca
{"title":"Identifying Security Relevant Warnings from Static Code Analysis Tools through Code Tainting","authors":"D. Baca","doi":"10.1109/ARES.2010.108","DOIUrl":"https://doi.org/10.1109/ARES.2010.108","url":null,"abstract":"Static code analysis tools are often used by developers as early vulnerability detectors. Due to their automation they are less time-consuming and error-prone then manual reviews. However, they produce large quantities of warnings that developers have to manually examine and understand.In this paper, we look at a solution that makes static code analysis tools more useful as an early vulnerability detector. We use flow-sensitive, interprocedural and context-sensitive data flow analysis to determine the point of user input and its migration through the source code to the actual exploit. By determining a vulnerabilities point of entry we lower the number of warnings a tool produces and we provide the developer with more information why this warning could be a real security threat. We use our approach in three different ways depending on what tool we examined. First, With the commercial static code analysis tool, Coverity, we reanalyze its results and create a set of warnings that are specifically relevant from a security perspective. Secondly, we altered the open source analysis tool Findbugs to only analyze code that has been tainted by user input. Third, we created an own analysis tool that focuses on XSS vulnerabilities in Java code.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122266807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Communal Reputation and Individual Trust (CRIT) in Wireless Sensor Networks 无线传感器网络中的公共信誉和个人信任(CRIT)
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.64
T. Zia, M. Islam
{"title":"Communal Reputation and Individual Trust (CRIT) in Wireless Sensor Networks","authors":"T. Zia, M. Islam","doi":"10.1109/ARES.2010.64","DOIUrl":"https://doi.org/10.1109/ARES.2010.64","url":null,"abstract":"Deployment of wireless sensor networks in sensitive applications such as healthcare, defence, habitat monitoring and early bushfire detection requires a careful consideration. These networks are prone to security attacks due to their wireless and deployment nature. It is very likely that after deployment of the network, sensor nodes are left unattended which causes serious security concerns. Insecure wireless communication aggravates the inherent vulnerabilities of wireless sensor networks. Several countermeasures have been proposed in literature to counter the threats posed by attacks in sensor networks; however, security does not come for free. Especially for the resource limited nodes it is very costly to deploy computationally extensive security solutions. This paper studies the notion of trust in wireless sensor networks and proposes a solution based on communal reputation and individual trust (CRIT) in sensor nodes. A very important aspect which determines the viability of this study is the simulation results and performance analysis.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127643937","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
A Generic Metamodel for IT Security Attack Modeling for Distributed Systems 分布式系统IT安全攻击建模的通用元模型
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.17
André Miede, Nedislav Nedyalkov, C. Gottron, André König, N. Repp, R. Steinmetz
{"title":"A Generic Metamodel for IT Security Attack Modeling for Distributed Systems","authors":"André Miede, Nedislav Nedyalkov, C. Gottron, André König, N. Repp, R. Steinmetz","doi":"10.1109/ARES.2010.17","DOIUrl":"https://doi.org/10.1109/ARES.2010.17","url":null,"abstract":"Understanding and discussing the security aspects of IT systems during their development is challenging for both domain specialists and IT experts - neglecting this aspect leads to communication problems and, eventually, to less secure systems. An important factor for these challenges is the distribution and variety of basic IT security concepts, attacks, and countermeasures, e.g., in the standard literature. In this paper, we propose a generic metamodel for IT security capturing both its major concepts and their relationships to each other. With a focus on attacks, we show how this model is applied to different scenarios in distributed systems, i.e., Peer-to-Peer systems, Service-oriented Architectures, and Mobile ad hoc Networks. This allows for a better understanding of IT security in general and attacks in particular, thus, enabling effective communication between different parties during the development of security-critical IT systems.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131516524","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Risk-Based Methodology for Real-Time Security Monitoring of Interdependent Services in Critical Infrastructures 关键基础设施中相互依赖服务实时安全监控的基于风险的方法
2010 International Conference on Availability, Reliability and Security Pub Date : 2010-03-25 DOI: 10.1109/ARES.2010.102
Jocelyn Aubert, Thomas Schaberreiter, Christophe Incoul, D. Khadraoui, B. Gâteau
{"title":"Risk-Based Methodology for Real-Time Security Monitoring of Interdependent Services in Critical Infrastructures","authors":"Jocelyn Aubert, Thomas Schaberreiter, Christophe Incoul, D. Khadraoui, B. Gâteau","doi":"10.1109/ARES.2010.102","DOIUrl":"https://doi.org/10.1109/ARES.2010.102","url":null,"abstract":"In today’s world, where most of the critical infrastructures (CI) are based on distributed systems, security failures have become very common, even within large corporations. The critical infrastructures are tightly interconnected, mutually dependent, and are exposed everyday to new risks.These (inter)dependencies generate potential cascading effects that may spread a malfunction or an attack from one part of the system to another dependent infrastructure.In this paper, we propose a risk-based methodology that aims to monitor interdependent services based on generic risks and assurance levels using the classical security properties: Confidentiality, Integrity and Availability. This allows each CI owner to monitor, react and adopt the best behavior corresponding to the security status of its different services.","PeriodicalId":360339,"journal":{"name":"2010 International Conference on Availability, Reliability and Security","volume":"135 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-03-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131561190","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信