发布求助
文献互助 智能选刊 最新文献

2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)最新文献

筛选
英文 中文
Scalable security analysis in hierarchical attack representation model using centrality measures 基于中心性度量的分层攻击表示模型的可扩展安全性分析
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615507
Jin B. Hong, Dong Seong Kim
{"title":"Scalable security analysis in hierarchical attack representation model using centrality measures","authors":"Jin B. Hong, Dong Seong Kim","doi":"10.1109/DSNW.2013.6615507","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615507","url":null,"abstract":"Network security can be analysed using attack representation models (ARMs) (e.g., Attack Graphs (AGs) and Attack Trees (ATs)). One can analyse the network security by computing all possible attack scenarios, but it suffers from a scalability problem. We propose centrality based network security analysis by ranking important hosts based on network centrality measures, and vulnerabilities based on security metric values. We used two-layer hierarchical attack representation model to evaluate the network security, by taking into account importance of hosts and vulnerabilities in the upper and the lower layers, respectively. We define a new centrality measure based on the location of an attacker and a target. We simulate security analysis using centrality measures comparing with an exhaustive search method. Further, we investigate the performance when the location of the attacker is different in the network.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128249487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Investigating DNS traffic anomalies for malicious activities 调查DNS流量异常的恶意活动
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615506
Fedor V. Yarochkin, V. Kropotov, Yennun Huang, Guo-Kai Ni, S. Kuo, Ing-Yi Chen
{"title":"Investigating DNS traffic anomalies for malicious activities","authors":"Fedor V. Yarochkin, V. Kropotov, Yennun Huang, Guo-Kai Ni, S. Kuo, Ing-Yi Chen","doi":"10.1109/DSNW.2013.6615506","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615506","url":null,"abstract":"The Domain Name System (DNS) is one of the critical components of modern Internet networking. Proper Internet functions (such as mail delivery, web browsing and so on) are typically not possible without the use of DNS. However with the growth and commercialization of global networking, this protocol is often abused for malicious purposes which negatively impacts the security of Internet users. In this paper we perform security data analysis of DNS traffic at large scale for a prolonged period of time. In order to do this, we developed DNSPacketlizer, a DNS traffic analysis tool and deployed it at a mid-scale Internet Service Provider (ISP) for a period of six months. The findings presented in this paper demonstrate persistent abuse of the protocol by Botnet herders and antivirus software vendors for covert communication. Other suspicious or potentially malicious activities in DNS traffic are also discussed.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128302179","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
IOCheck: A framework to enhance the security of I/O devices at runtime IOCheck:一个在运行时增强I/O设备安全性的框架
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615523
Fengwei Zhang
{"title":"IOCheck: A framework to enhance the security of I/O devices at runtime","authors":"Fengwei Zhang","doi":"10.1109/DSNW.2013.6615523","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615523","url":null,"abstract":"Securing hardware is the foundation for implementing a secure system. However, securing hardware devices remains an open research problem. In this paper, we present IOCheck, a framework to enhance the security of I/O devices at runtime. It leverages System Management Mode (SMM) to quickly check the integrity of I/O configurations and firmware. IOCheck does not rely on the operating system and is OS-agnostic. In our preliminary results, IOCheck takes 4 milliseconds to switch to SMM which introduces low performance overhead.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"65 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121693759","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Predicting job completion times using system logs in supercomputing clusters 在超级计算集群中使用系统日志预测作业完成时间
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615513
Xin Chen, Charng-Da Lu, K. Pattabiraman
{"title":"Predicting job completion times using system logs in supercomputing clusters","authors":"Xin Chen, Charng-Da Lu, K. Pattabiraman","doi":"10.1109/DSNW.2013.6615513","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615513","url":null,"abstract":"Most large systems such as HPC/cloud computing clusters and data centers are built from commercial off-the-shelf components. System logs are usually the main source of choice to gain insights into the system issues. Therefore, mining logs to diagnose anomalies has been an active research area. Due to the lack of organization and semantic consistency in commodity PC clusters' logs, what constitutes a fault or an error is subjective and thus building an automatic failure prediction model from log messages is hard. In this paper we sidestep the difficulty by asking a different question: Given the concomitant system log messages of a running job, can we predict the job's remaining time? We adopt Hidden Markov Model (HMM) coupled with frequency analysis to achieve this. Our HMM approach can predict 75% of jobs' remaining times with an error of less than 200 seconds.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128031019","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
Practical Experiences with real-world systems: Security in the world of reliable and safe systems 真实世界系统的实践经验:可靠和安全系统世界中的安全性
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615515
N. Silva, Rui Lopes
{"title":"Practical Experiences with real-world systems: Security in the world of reliable and safe systems","authors":"N. Silva, Rui Lopes","doi":"10.1109/DSNW.2013.6615515","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615515","url":null,"abstract":"Reliability and Safety have always been associated to Safety Critical Systems. Since the failure of a Safety Critical System may lead to loss of human lives or large economical effects, the standards that guide the development of these systems have always focused in these two aspects, independently of the domain applicable. By looking into Reliability and Safety independently and focused, one can design a system highly reliable and safe without Security concerns. However, Security plays a major role in the achievement of both Reliability and Safety. A system cannot be reliable and safe if it is not secure. Therefore, the current processes to certify a Safety Critical System also address Security aspects, together with Reliability and Safety. This work presents the activities that have been performed in the scope of the certification of a Safety Critical System in the railway domain and how Security is tackled without jeopardizing Reliability and Safety. The data collected and its importance for guaranteeing safety, reliability and security is presented and discussed. A relationship between the activities performed and the standards concerns is established and examples of architecture decisions that could provide more Reliability and Safety but less Security will be presented.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130501387","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
SAFE: Shoulder-surfing attack filibustered with ease 安全:肩冲攻击很容易被阻挠
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615517
Narayan Gowraj, S. Avireddy, P. Ravi, R. B. Subramanian, S. Prabhu
{"title":"SAFE: Shoulder-surfing attack filibustered with ease","authors":"Narayan Gowraj, S. Avireddy, P. Ravi, R. B. Subramanian, S. Prabhu","doi":"10.1109/DSNW.2013.6615517","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615517","url":null,"abstract":"Websites have become an integral part of everyones life. The most important vulnerable issue in websites which has to be subjected to uncompromising security is user authentication. There is a good level of security when we use the conventional textual based password but memorizing these passwords is difficult when they are too long. Hence, users tend to keep password that are simple and short which compromises security and makes it vulnerable to many password cracking attacks. Users may also tend to write them down or store them inside the computer in the form of sticky notes which makes it even more vulnerable. This issue has motivated users towards an alternative solution which is the Graphical User Authentication (GUA) which makes use of images, patterns instead of plain text. However, one big issue incurred with the GUA is that it is very vulnerable to shoulder-surfing and spyware attacks. In this paper we propose a system called SAFE (Shoulder-Surfing Attacks Filibustered with Ease) that could restrict or filibuster shoulder-surfing and spyware attacks. This system uses an algorithm called as RALUT-G (Randomized Lookup Table-Generator) that generates a randomized look-up table with dynamic content for the user authentication based on its working module. We have also evaluated the efficiency and the effectiveness of our system using comprehensive experimental analysis.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128905772","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Autonomous Emergency Braking: A System-of-Systems perspective 自动紧急制动:系统的视角
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615526
H. Kopetz, S. Poledna
{"title":"Autonomous Emergency Braking: A System-of-Systems perspective","authors":"H. Kopetz, S. Poledna","doi":"10.1109/DSNW.2013.6615526","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615526","url":null,"abstract":"In June 2012 the Ratings Group of EURO-NCAP published a strategic roadmap of the NCAP organization about the required safety features of new cars up to the year 2016. According to this roadmap Autonomous Emergency Braking Systems (AEBS) to detect and protect pedestrians should be deployed on a wide scale in new cars by the year 2016. In a car equipped with an AEBS there are two autonomous systems that compete for the control over the car, the human driver and the AEBS. In this paper we analyze the coordination of these two autonomous subsystems from the perspective of System-of-Systems in order to avoid the emergence of detrimental behavior and elaborate on the dependability mechanisms required to ensure safe operation.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"65 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125898020","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Towards Systems Resilience 实现系统弹性
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615532
H. Maruyama
{"title":"Towards Systems Resilience","authors":"H. Maruyama","doi":"10.1109/DSNW.2013.6615532","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615532","url":null,"abstract":"Some systems are resilient - they recover from unanticipated large scale perturbations and continue to exist - while others are not. We started a new project called “Systems Resilience” that aims to study underlying principles of resilience. We study a wide variety of domains, such as biology, ecology, economics, engineering, sociology, and business management, and extract common characteristics that differentiate resilient systems from non-resilient ones. We are building a mathematical model to represent these characteristics and to quantify resilience.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121274259","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Driver performance in the presence of adaptive cruise control related failures: Implications for safety analysis and fault tolerance 驾驶员在自适应巡航控制相关故障中的表现:对安全分析和容错的影响
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615531
Josef Nilsson, N. Strand, P. Falcone, J. Vinter
{"title":"Driver performance in the presence of adaptive cruise control related failures: Implications for safety analysis and fault tolerance","authors":"Josef Nilsson, N. Strand, P. Falcone, J. Vinter","doi":"10.1109/DSNW.2013.6615531","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615531","url":null,"abstract":"This study explored how failures related to an adaptive cruise control (ACC) were handled by drivers and what the effects on safety can be. The experimental study included forty-eight subjects and was performed in a moving base driving simulator equipped with an ACC. Each subject experienced two different failures in separate scenarios. In total, the study included four different failures, i.e., Unwanted acceleration, Complete lack of deceleration, Partial lack of deceleration, and Speed limit violation. The outcome of each failure scenario has been categorized based on whether the driver managed to avoid a collision or not. For the outcomes where collisions were successfully avoided, the situations were analyzed in more detail and classified according to the strategy used by the driver. Besides showing that partial lack of deceleration caused more collisions than complete lack of deceleration (43% compared to 14% of the participants colliding), the results also indicate a preference among drivers to steer and change lane rather than to apply the brakes when faced with acceleration and deceleration failures. A trade off relationship was identified between allowing a failing ACC to stay operational and on the other hand disabling it when an error is detected. Keeping the system operational can cause confusion about the mode of the system but as the results of the study indicate it can also improve the situation by reducing impact speed.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"104 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122704415","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 38
Keynote: Toward vehicle automation ADAS, the new challenges 主题演讲:面向汽车自动化ADAS的新挑战
2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W) Pub Date : 2013-06-24 DOI: 10.1109/DSNW.2013.6615525
S. Boverie
{"title":"Keynote: Toward vehicle automation ADAS, the new challenges","authors":"S. Boverie","doi":"10.1109/DSNW.2013.6615525","DOIUrl":"https://doi.org/10.1109/DSNW.2013.6615525","url":null,"abstract":"Vehicle automation started many years ago (engine control, automatic starter, ABS, ESP, ...) and more recently the development of Advanced Driver Assistance Systems (ADAS) has generated a real technological break. These new functions inform the drivers, warn them in critical situation or even substitute them. They relieve the driver mental workload and help the respect of the driving rules to increase safety, to save energy, while preserving a good mobility.","PeriodicalId":377784,"journal":{"name":"2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2013-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121883657","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信