2012 IEEE International Carnahan Conference on Security Technology (ICCST)最新文献

{"title":"Addressing insider threat using “where you are” as fourth factor authentication","authors":"Sung Choi, David Zage","doi":"10.1109/CCST.2012.6393550","DOIUrl":"https://doi.org/10.1109/CCST.2012.6393550","url":null,"abstract":"Current physical and cybersecurity systems have been relying on traditional three factor authentication to mitigate the threats posed by insider attacks. Typically, systems use one or two of the following factors to authenticate end-users: what you know (e.g., password), what you have (e.g., RSA ID), or what you are (e.g., fingerprint). Systems based on these factors have the following limitations: 1) access is typically bound to a single authentication occurrence leading to remote vulnerabilities, 2) the factors have little impact against persistent insider threats, and 3) many of the authentication systems violate system design principles such as user psychological acceptability by inconveniencing the end-users. In order to mitigate the identified limitations, we propose the usage of “where you are” as a complementary factor that can significantly improve both cybersecurity and physical security. Having accurate location tracking as a new factor for authentication: 1) provides continuous identification tracking and continuous mediation of access to resources, 2) requires remote threats to acquire a physical presence, 3) allows for the enforcement of cybersecurity and physical security policies in real-time through automation, and 4) provides enhanced security without inconveniencing the end-users. Using the strength of location as an authentication factor, this paper specifies design requirements that must be present in an insider-threat Prevention System (iTPS) that is capable of actively monitoring malicious insider behaviors. iTPS has the potential to radically change the physical protection systems and cybersecurity landscape by providing practitioners with the first-of-its-kind tool for real-time insider-threat prevention capabilities. iTPS is particularly suited to address the safety and security needs of critical infrastructure, nuclear facilities, and emergency response situations.","PeriodicalId":405531,"journal":{"name":"2012 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129400923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Biometrie keys based on pseudorandom sequences","authors":"Mofreh A. Hogo","doi":"10.1109/CCST.2012.6393545","DOIUrl":"https://doi.org/10.1109/CCST.2012.6393545","url":null,"abstract":"This paper introduces a new technique for Key Generation based on fingerprints, Genetic Algorithms, and pseudorandom generator. The proposed technique can be applied in block ciphering techniques to enhance its performance (increase its complexity space). The paper introduces the different stages of the key generation sub-system; including preprocessing and features extraction to represent the fingerprints signature (ID). Secondly the computation of genetic biometric signature ID, the third stage is computation of the pseudorandom generator to generate the different keys for 3DES. Results analysis proved that; the generated keys were strong when compared with the weak or semi weak keys. The proposed key generation technique increases the key space as well as it increases the total overheads on the encryption system due to the extra operations added but these overheads can be neglected when compared with the strong generated keys and its high complexity space.","PeriodicalId":405531,"journal":{"name":"2012 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128750399","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"New evolutionary tools for a new ciphering system SEC version","authors":"M. Bougrine, Fouzia Omaiy, S. Trichni, B. Boulahiat","doi":"10.1109/CCST.2012.6393549","DOIUrl":"https://doi.org/10.1109/CCST.2012.6393549","url":null,"abstract":"This paper suggests a new cryptographic system based on evolutionary algorithms. The system is inspired from the symmetric encryption SEC. First, it transforms the problem of encryption to a combinatorial optimization problem. Second, it introduces a new evaluation function which allows the appearance frequencies to be equal .As a consequence the system will end the frequency analysis attack. Furthermore, the system uses a new mechanism of mutation in the context of genetic operators. The fact that this mechanism is based on the partition problem makes the attack against our system a difficult problem. During the ciphering, our system generates two keys, the first one is generated at the end of the algorithm and the second one is generated when the mutation operator. Both of them are session keys which might be beneficial for the security.","PeriodicalId":405531,"journal":{"name":"2012 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"117 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128778136","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Combination of multiple detectors for EEG based biometric identification/authentication","authors":"G. Safont, A. Salazar, A. Soriano, L. Vergara","doi":"10.1109/CCST.2012.6393564","DOIUrl":"https://doi.org/10.1109/CCST.2012.6393564","url":null,"abstract":"The different structures of the brain of human beings produce spontaneous electroencephalographic (EEG) records that can be used to identify subjects. This paper presents a method for biometric authorization and identification based on EEG signals. The hardware uses a simple 2-signal electrode and a reference electrode configuration. The electrodes are positioned in such a way to be as unobtrusive as possible for the tested subject. Multiple features are extracted from the EEG signals that are processed by different classifiers. The system uses all the possible combinations between classifiers and features, fusing the best results. The fused decision improves the classification performance for even a small number of observation vectors. Results were obtained from a population of 50 subjects and 20 intruders, both in authentication and identification tasks. The system obtains an Equal Error Rate (EER) of 2.4% with only a few seconds for testing. The obtained performance measures are an improvement over the results of current EEG-based systems.","PeriodicalId":405531,"journal":{"name":"2012 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"2013 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131004210","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Trial results conducted by multiple Canadian government agencies of the recent covert technology developped by Tektrap to trace and track the integrity of maritime containers worldwide","authors":"A. Gagnon, R. Schmidt","doi":"10.1109/CCST.2012.6393540","DOIUrl":"https://doi.org/10.1109/CCST.2012.6393540","url":null,"abstract":"iCargo is an easy-to-install miniature covert electronic device combining GPS and door lock tracking with wireless and satellite communications to remotely track the status and position of maritime containers worldwide. A system of strategically placed readers combined with satellite or cellular communications and redundant technologies ensures that security breaches are detected early and reliably anywhere along the supply chain. iCargo provides a GPS trace of where a container has travelled and where the container might have been opened. Deviations from the expected itinerary in time and/or distance are detected and the container can be flagged for physical inspection. Such a system helps borders authorities to focus their energy on suspicious cargo with the overall impact of speeding the flow of all cargo. iCargo uses a patented technique to convert the metal structure of the container into an antenna thereby allowing it to be installed behind the rubber seal of the door in a truly covert fashion. Other technologies are visible from the exterior and vulnerable to tampering and damage during container handling. The location within the door gasket is ideal for monitoring the door open/close status as well as for acting as a communications gateway to optional internal sensors. There are approximately 7 million maritime containers entering/leaving North America every year. The interiors of such containers are rarely inspected. Such containers may include contraband, hazmats, weapons or illegal items that present an economic or security risk. Despite significant security improvements since Sept-11th, only 5% of the maritime containers go through physical inspection. The use of the iCargo mounted on a container at the point of departure will assist government authorities in making better decisions about which containers to inspect thereby speeding up the overall throughput of all containers. In today's lean economy, goods in transit do not contribute to economic growth but instead are added costs to customers and shippers. With rising fuel and transportation costs, delays at borders are becoming increasingly expensive. Early detection via the iCargo system will help to reduce these costs by not only helping to shorten inspection delays but by also allowing officials to focus their energy on suspicious cargo thereby improving border security. Tektrap has been selected for the Pool of Pre-qualified Proposals for the Canadian Innovation Commercialization Program (CICP). CICP is a very competitive program that targets recent innovations, especially in the field of national security, which are ready for the beta phase of product development. Within this award, iCargo will be evaluated during spring and early summer 2012 by Canada Border Services Agency for Canadian-US border application, by Defense Research and Development Canada, DND, for land, rail and air applications in the Canada Nordic environment, and by Transport Canada for trans-Canada land/rail","PeriodicalId":405531,"journal":{"name":"2012 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"254 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121158111","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cost-effective automatic stereoscopic security video system 3DSec","authors":"S. Vítek, M. Klima, Petr Dostál","doi":"10.1109/CCST.2012.6393584","DOIUrl":"https://doi.org/10.1109/CCST.2012.6393584","url":null,"abstract":"Object detecting and camera tracking in a large range of distances is still important problem in the research field of security and more recently also in the research field of assistive technologies too, when it is necessary to monitor intruders in the protected perimeter or elderly and disabled people both in hospital and at home. This paper discusses the design of an automatic stereoscopic video system using two identical pan-tilt-zoom (PTZ) cameras. A PTZ camera can provide a detailed live video of selected areas within a large potential field of view. Using two such cameras the TV system can be enriched by the possibility of estimating distances of monitored object or monitoring of two selected areas simultaneously. It means that both cameras can be jointly driven as a stereoscopic pair or can be run independently.","PeriodicalId":405531,"journal":{"name":"2012 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129736824","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Encryption in mobile wireless mesh networks","authors":"E. L. Witzke, J. P. Brenkosh, Karl L. Green, L. E. Riblett, J. M. Wiseman","doi":"10.1109/CCST.2012.6393567","DOIUrl":"https://doi.org/10.1109/CCST.2012.6393567","url":null,"abstract":"Wireless mesh networks (WMNs) are growing in popularity because of their inherent robustness, versatility, and ease of deployment in situations such as natural or man-made disasters. Another area of potential use for these networks is in physical security systems where they can potentially improve mobile communications, communications with remote locations, temporary communications, and geolocation applications. Since these physical security systems may employ a mobile WMN to transport sensitive or classified information, questions arise as to whether end-to-end encryption would work within a very dynamic WMN. We could not find published data or results concerning this. Therefore, we set out to find whether end-to-end encryption will continue to work through an ever-changing WMN. We examined the behavior of end-to-end encryption when the path through the wireless network changes (that is, when routing is forced through a different intermediate node or nodes) and when traversing a radio frequency (RF) shadow. We especially wished to determine whether a tunnel, as used in software virtual private networks (VPNs) or hardware encryption devices, would survive RF shadow transits and mesh network topology changes. This paper presents an introduction to WMNs, their applicability to physical security systems, our end-to-end encryption experiments, analysis of the results, and our conclusions.","PeriodicalId":405531,"journal":{"name":"2012 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"62 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126262596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Probabilistic basis and assessment methodology for effectiveness of protecting nuclear materials","authors":"F. Durán","doi":"10.1109/CCST.2012.6393536","DOIUrl":"https://doi.org/10.1109/CCST.2012.6393536","url":null,"abstract":"Safeguards and security systems for nuclear facilities include material control and accounting (MC&A) and a physical protection system (PPS) to protect against theft, sabotage and other malevolent human acts. The insider threat is most often addressed as part of the evaluation of a facility's PPS. A PPS is evaluated using probabilistic analysis of adversary paths on the basis of detection, delay, and response timelines to determine timely detection. Because insider adversaries have access to, knowledge of, and authority for facility operations, the PPS actually provides minimal protection against the insider threat. By monitoring and tracking critical materials, MC&A activities are an important protection element against inside adversaries. Timely detection for MC&A activities, however, has been difficult to determine so that for the most part, the effectiveness of these activities has not been explicitly incorporated in the insider threat evaluation of a PPS. This paper presents research on a new approach to incorporate MC&A protection elements explicitly within the existing probabilistic path analysis methodology. MC&A activities, from monitoring to inventory measurements, provide many, often recurring opportunities to determine the status of critical items, including detection of missing materials. Human reliability analysis methods for nuclear power plant operations are used to determine human error probabilities to characterize the detection capabilities of MC&A activities. An object-based state machine paradigm was developed to characterize the path elements and timing of an insider theft scenario as a race against MC&A detection that can move a facility from a normal state to an alert state having additional detection opportunities. Event sequence diagrams describe insider paths through the PPS and also incorporate MC&A activities as path elements. To address the insider threat, this work establishes a probabilistic basis for timely MC&A detection and methods to evaluate the effectiveness of MC&A activities explicitly within the existing path analysis methodology.","PeriodicalId":405531,"journal":{"name":"2012 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123361942","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}