发布求助
文献互助 智能选刊 最新文献

18th Annual Computer Security Applications Conference, 2002. Proceedings.最新文献

筛选
英文 中文
Gender-preferential text mining of e-mail discourse 电子邮件话语的性别偏好文本挖掘
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176299
M. Corney, O. Vel, Alison Anderson, G. Mohay
{"title":"Gender-preferential text mining of e-mail discourse","authors":"M. Corney, O. Vel, Alison Anderson, G. Mohay","doi":"10.1109/CSAC.2002.1176299","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176299","url":null,"abstract":"This paper describes an investigation of authorship gender attribution mining from e-mail text documents. We used an extended set of predominantly topic content-free e-mail document features such as style markers, structural characteristics and gender-preferential language features together with a support vector machine learning algorithm. Experiments using a corpus of e-mail documents generated by a large number of authors of both genders gave promising results for author gender categorisation.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131233360","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 195
Detecting and defending against Web-server fingerprinting 检测和防御web服务器指纹
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176304
Dustin Lee, J. Rowe, C. Ko, K. Levitt
{"title":"Detecting and defending against Web-server fingerprinting","authors":"Dustin Lee, J. Rowe, C. Ko, K. Levitt","doi":"10.1109/CSAC.2002.1176304","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176304","url":null,"abstract":"Cyber attacks continue to increase in sophistication. Advanced attackers often gather information about a target system before launching a precise attack to exploit a discovered vulnerability. This paper discusses techniques for remote identification of web servers and suggests possible defenses to the probing activity. General concepts of finger-printing and their application to the identification of Web servers, even where server information has been omitted are described and methodologies for detecting and limiting such activity are discussed.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114433282","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 19
Digging for worms, fishing for answers 挖掘蠕虫,寻找答案
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176293
Florian P. Buchholz, Thomas E. Daniels, James P. Early, R. Gopalakrishna, R. P. Gorman, Benjamin A. Kuperman, S. Nystrom, A. Schroll, Andrew Smith
{"title":"Digging for worms, fishing for answers","authors":"Florian P. Buchholz, Thomas E. Daniels, James P. Early, R. Gopalakrishna, R. P. Gorman, Benjamin A. Kuperman, S. Nystrom, A. Schroll, Andrew Smith","doi":"10.1109/CSAC.2002.1176293","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176293","url":null,"abstract":"Worms continue to be a leading security threat on the Internet. This paper analyzes several of the more widespread worms and develops a general life-cycle for them. The lifecycle, from the point of view of the victim host, consists of four stages: target selection, exploitation, infection, and propagation. While not all worms fall into this framework perfectly, by understanding them in this way, it becomes apparent that the majority of detection techniques used today focus on the first three stages. This paper presents a technique that is used in the fourth stage to detect the class of worms that use a horizontal scan to propagate. An argument is also made that detection in the fourth stage is a viable, but under-used technique.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115063232","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Enforcing resource bound safety for mobile SNMP agents 加强移动SNMP代理的资源绑定安全性
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176280
Weijiang Yu, A. Mok
{"title":"Enforcing resource bound safety for mobile SNMP agents","authors":"Weijiang Yu, A. Mok","doi":"10.1109/CSAC.2002.1176280","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176280","url":null,"abstract":"The integration of mobile agents with SNMP creates significant advantages for the management of complex networks. Nevertheless, the security concerns of mobile agent technology limit its acceptance in practice. A key issue is to safeguard resource usage abuse by malicious or buggy mobile agents on the hosting system. This paper describes how the TINMAN architecture, a framework and a suite of tools for enforcing resource safety of mobile code is applied to mobile SNMP agents. TINMAN uses a suite of resource-usage checking tools which consists of a resource bound predictor a usage certification generator and a verifier at compile-time, and certificate validation and monitoring tools at run-time. This paper shows how TINMAN tools can provide 100% coverage by a combination of off-line static analysis and run-time monitoring in enforcing safety on resource consumption of mobile SNMP agents. Experimental results from the current TINMAN implementation are given.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122410047","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
A context-aware security architecture for emerging applications 用于新兴应用程序的上下文感知安全体系结构
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176296
M. Covington, Prahlad Fogla, Zhiyuan Zhan, M. Ahamad
{"title":"A context-aware security architecture for emerging applications","authors":"M. Covington, Prahlad Fogla, Zhiyuan Zhan, M. Ahamad","doi":"10.1109/CSAC.2002.1176296","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176296","url":null,"abstract":"We describe an approach to building security services for context-aware environments. Specifically, we focus on the design of security services that incorporate the use of security-relevant \"context\" to provide flexible access control and policy enforcement. We previously presented a generalized access control model that makes significant use of contextual information in policy definition. This document provides a concrete realization of such a model by presenting a system-level service architecture, as well as early implementation experience with the framework. Through our context-aware security services, our system architecture offers enhanced authentication services, more flexible access control and a security subsystem that can adapt itself based on current conditions in the environment. We discuss our architecture and implementation and show how it can be used to secure several sample applications.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124782596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 216
Advanced features for enterprise-wide role-based access control 用于企业级基于角色的访问控制的高级功能
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176305
A. Kern
{"title":"Advanced features for enterprise-wide role-based access control","authors":"A. Kern","doi":"10.1109/CSAC.2002.1176305","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176305","url":null,"abstract":"The administration of users and access rights in large enterprises is a complex and challenging task. Roles are a powerful concept for simplifying access control, but their implementation is normally restricted to single systems and applications. In this article we define enterprise roles capable of spanning all IT systems in an organisation. We show how the enterprise role-based access control (ERBAC) model exploits the RBAC model outlined in the NIST standard draft and describe its extensions. We have implemented ERBAC as a basic concept of SAM Jupiter, a commercial security administration tool. Based on practical experience with the deployment of Enterprise Roles during SAM implementation projects in large organisations, we have enhanced the ERBAC model by including different ways of parametrising the roles. We show that using parameters can significantly reduce the number of roles needed in an enterprise and simplify the role structure, thereby reducing the administration effort considerably. The enhanced ERBAC features are illustrated by real-life examples.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123344813","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 70
Throttling viruses: restricting propagation to defeat malicious mobile code 节流病毒:限制传播以击败恶意移动代码
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176279
Matthew M. Williamson
{"title":"Throttling viruses: restricting propagation to defeat malicious mobile code","authors":"Matthew M. Williamson","doi":"10.1109/CSAC.2002.1176279","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176279","url":null,"abstract":"Modern computer viruses spread incredibly quickly, far faster than human-mediated responses. This greatly increases the damage that they cause. This paper presents an approach to restricting this high speed propagation automatically. The approach is based on the observation that during virus propagation, an infected machine will connect to as many different machines as fast as possible. An uninfected machine has a different behaviour: connections are made at a lower rate, and are locally correlated (repeat connections to recently accessed machines are likely). This paper describes a simple technique to limit the rate of connections to \"new\" machines that is remarkably effective at both slowing and halting virus propagation without affecting normal traffic. Results of applying the filter to Web browsing data are included. The paper concludes by suggesting an implementation and discussing the potential and limitations of this approach.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"92 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128688347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 414
Wireless security: vulnerabilities and countermeasures 无线安全:漏洞与对策
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176282
Dale M. Johnson
{"title":"Wireless security: vulnerabilities and countermeasures","authors":"Dale M. Johnson","doi":"10.1109/CSAC.2002.1176282","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176282","url":null,"abstract":"The panel session will cover current issues and problems in wireless security and approaches to dealing with them.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126544832","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Malicious code detection for open firmware 开放固件的恶意代码检测
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176312
F. Adelstein, M. Stillerman, D. Kozen
{"title":"Malicious code detection for open firmware","authors":"F. Adelstein, M. Stillerman, D. Kozen","doi":"10.1109/CSAC.2002.1176312","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176312","url":null,"abstract":"Malicious boot firmware is a largely unrecognized but significant security risk to our global information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. We describe an approach to this problem based on load-time verification of onboard device drivers against a standard security policy designed to limit access to system resources. We also describe our ongoing effort to construct a prototype of this technique for open firmware boot platforms.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126582966","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 40
A toolkit for detecting and analyzing malicious software 用于检测和分析恶意软件的工具包
18th Annual Computer Security Applications Conference, 2002. Proceedings. Pub Date : 2002-12-09 DOI: 10.1109/CSAC.2002.1176314
Michael Weber, M. Schmid, M. Schatz, David Geyer
{"title":"A toolkit for detecting and analyzing malicious software","authors":"Michael Weber, M. Schmid, M. Schatz, David Geyer","doi":"10.1109/CSAC.2002.1176314","DOIUrl":"https://doi.org/10.1109/CSAC.2002.1176314","url":null,"abstract":"We present PEAT: the Portable Executable Analysis Toolkit. It is a software prototype designed to provide a selection of tools that an analyst may use in order to examine structural aspects of a Windows Portable Executable (PE) file, with the goal of determining whether malicious code has been inserted into an application after compilation. These tools rely on structural features of executables that are likely to indicate the presence of inserted malicious code. The underlying premise is that typical application programs are compiled into one binary, homogeneous from beginning to end with respect to certain structural features; any disruption of this homogeneity is a strong indicator that the binary has been tampered with. For example, it could now harbor a virus or a Trojan horse program. We present our investigation into structural feature analysis, the development of these ideas into the PEAT prototype, and results that illustrate PEAT's practical effectiveness.","PeriodicalId":389487,"journal":{"name":"18th Annual Computer Security Applications Conference, 2002. Proceedings.","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2002-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128156633","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 46
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信