发布求助
文献互助 智能选刊 最新文献

2016 International Conference on Information Science and Security (ICISS)最新文献

筛选
英文 中文
All-or-Nothing Key Derivation Function Based on Quasigroup String Transformation 基于拟群串变换的全或无键派生函数
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885839
Abdulkadir Hassan Disina, Sapiee Jamel, Z. Pindar, M. M. Deris
{"title":"All-or-Nothing Key Derivation Function Based on Quasigroup String Transformation","authors":"Abdulkadir Hassan Disina, Sapiee Jamel, Z. Pindar, M. M. Deris","doi":"10.1109/ICISSEC.2016.7885839","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885839","url":null,"abstract":"Traditionally, Cryptographic ciphers (Block and Stream) uses Key Derivation Function (KDF) to generate cryptographic keys for encryption purpose. These KDFs are usually designed based on existing Hash functions and ciphers as primitives, to achieve better security. However, this method of construction can be costly to resources- constrain environments. The main function of KDFs is to generate random and unpredictable secret keys. Therefore, the use of predefined public string increases the predictability level and provides some partial knowledge of the key to cryptanalyst, thus jeopardies the security. This paper proposed a new algorithm to minimize the use of cryptographic Hash function and ciphers as a key derivation function and to optimally mitigate the use of predefined public string in KDF. The proposed KDF is entirely key-dependent and cryptanalyst has to correctly predict all the elements in the key string otherwise he got nothing. To achieve that, a new definition of Quasigroup string transformation, a Quasigroup- based expansion function, and key-metadata expansion function as well as reduction function are integrated together in the design of the proposed KDF. The proposed algorithm will be evaluated using statistical test for Randomness developed and recommended by the National Institute of Standard and Technology (NIST), Avalanche, Brute Force and Correlation Assessment test. The proposed algorithm will ensure not only confidentiality of information but integrity as well.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122330671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Enhanced Weighted Method for Test Case Prioritization in Regression Testing Using Unique Priority Value 基于唯一优先级值的回归测试用例优化加权方法
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885851
A. Ammar, S. Baharom, A. Ghani, J. Din
{"title":"Enhanced Weighted Method for Test Case Prioritization in Regression Testing Using Unique Priority Value","authors":"A. Ammar, S. Baharom, A. Ghani, J. Din","doi":"10.1109/ICISSEC.2016.7885851","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885851","url":null,"abstract":"Regression testing is an integral and expensive part in software testing. To reduce its effort, test case prioritization approaches were proposed. The problem with most of the existing approaches is the random ranking of test cases with equal weight. In this paper, an enhanced weighted method to prioritize the full test suite without using random ranking is presented. In addition, a controlled experiment was executed to evaluate the effectiveness of the proposed method. The results show an improved performance in terms of prioritizing test cases and recording higher APFD values over the original weighted method. In future, a larger experiment would be executed to generalize the results.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122160798","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Reconstruction of 'Phi' in Thresholding Process for a Better Compressed Image Quality 阈值分割过程中“Phi”的重构以获得更好的压缩图像质量
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885868
N. Taujuddin, R. Ibrahim, S. Sari
{"title":"Reconstruction of 'Phi' in Thresholding Process for a Better Compressed Image Quality","authors":"N. Taujuddin, R. Ibrahim, S. Sari","doi":"10.1109/ICISSEC.2016.7885868","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885868","url":null,"abstract":"In this paper, a new thresholding algorithm that can distinguish between significant and non-significant coefficient at each detail subbands using standard deviation-based wavelet coefficients threshold estimation is proposed. The proposed algorithm start with calculating the threshold value by using the proposed threshold value estimator at wavelet detail subbands (Diagonal, Vertical and Horizontal subband). This proposed algorithm will estimate the suitable threshold value for each individual subband. The calculated threshold values are then applied to its' respective subband. The coefficients with a lower value than the calculated threshold will be discarded while the rest are retained. The novelty of the proposed method is it use the principle of the standard deviation method in deriving the threshold estimator equation. Experiments show that the proposed method effectively remove a large amount of insignificant wavelet coefficient without compromising with the image quality.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114700676","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Hybrid Intrusion Detection in Information Systems 信息系统中的混合入侵检测
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885857
D. Pierrot, Nouria Harbi, J. Darmont
{"title":"Hybrid Intrusion Detection in Information Systems","authors":"D. Pierrot, Nouria Harbi, J. Darmont","doi":"10.1109/ICISSEC.2016.7885857","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885857","url":null,"abstract":"The expansion and democratization of the digital world coupled with the effect of the Internet globalization, has allowed individuals, countries, states and companies to interconnect and interact at incidence levels never previously imagined. Cybercrime, in turn, is unfortunately one the negative aspects of this rapid global interconnection expansion. We often find malicious individuals and/or groups aiming to undermine the integrity of Information Systems for either financial gain or to serve a cause. Our study investigates and proposes a hybrid data mining methodology in order to detect abnormal behavior that could potentially threaten the security of an Information System, in a simple way that is understandable to all involved parties, whether they are security experts or standard users.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127975517","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
An Evaluation Framework for Intrusion Detection Dataset 一种入侵检测数据集评估框架
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885840
Amirhossein Gharib, Iman Sharafaldin, Arash Habibi Lashkari, A. Ghorbani
{"title":"An Evaluation Framework for Intrusion Detection Dataset","authors":"Amirhossein Gharib, Iman Sharafaldin, Arash Habibi Lashkari, A. Ghorbani","doi":"10.1109/ICISSEC.2016.7885840","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885840","url":null,"abstract":"The growing number of security threats on the Internet and computer networks demands highly reliable security solutions. Meanwhile, Intrusion Detection (IDSs) and Intrusion Prevention Systems (IPSs) have an important role in the design and development of a robust network infrastructure that can defend computer networks by detecting and blocking a variety of attacks. Reliable benchmark datasets are critical to test and evaluate the performance of a detection system. There exist a number of such datasets, for example, DARPA98, KDD99, ISC2012, and ADFA13 that have been used by the researchers to evaluate the performance of their intrusion detection and prevention approaches. However, not enough research has focused on the evaluation and assessment of the datasets themselves. In this paper we present a comprehensive evaluation of the existing datasets using our proposed criteria, and propose an evaluation framework for IDS and IPS datasets.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"333 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115966582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 167
Information Security between Standards, Certifications and Technologies: An Empirical Study 标准、认证和技术之间的信息安全:实证研究
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885859
Y. Benslimane, Zijiang Yang, B. Bahli
{"title":"Information Security between Standards, Certifications and Technologies: An Empirical Study","authors":"Y. Benslimane, Zijiang Yang, B. Bahli","doi":"10.1109/ICISSEC.2016.7885859","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885859","url":null,"abstract":"This paper investigates the relative role of security standards, professional security certifications and technological tools in the protection of organizational data. Findings from the content analysis of 100 job postings for information security analysts and managers show that in general, organizations give more importance to knowledge validated by relevant professional certifications and to the working knowledge of IT products and solutions for the management of their information security than to the knowledge of a particular security standard. Details for such findings and their implications for research and practice are discussed.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131100462","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Development of Inventory Checking System Based on UAV and RFID in Open Storage Yard 基于无人机和RFID的开放式堆场库存盘点系统的开发
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885849
S. Bae, K. Han, C. Cha, Hwa Yong Lee
{"title":"Development of Inventory Checking System Based on UAV and RFID in Open Storage Yard","authors":"S. Bae, K. Han, C. Cha, Hwa Yong Lee","doi":"10.1109/ICISSEC.2016.7885849","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885849","url":null,"abstract":"Many companies monitor status of product and detect storing or releasing of stocks using RFID technology. The actual status of inventory, however, is sometimes different from the recorded data due to many reasons. To prevent the mismatch between real world and information system, companies investigate stocks regularly and adjust the status of information system. In open storage yard, manual inventory checking is very hard work and automated system requires much cost. In this paper, we proposed new approach to investigate open storage yard using unmanned aerial vehicle and RFID. It reduces cost of inventory checking and mismatch of real world and cyber world. We also implemented a prototype system to show the feasibility.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115593401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Prioritizing Software Maintenance Plan by Analyzing User Feedback 通过分析用户反馈确定软件维护计划的优先级
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885865
Kittiya Srewuttanapitikul, Pornsiri Muengchaisri
{"title":"Prioritizing Software Maintenance Plan by Analyzing User Feedback","authors":"Kittiya Srewuttanapitikul, Pornsiri Muengchaisri","doi":"10.1109/ICISSEC.2016.7885865","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885865","url":null,"abstract":"Normally when developers obtain defects list from users, the development team will decide which defects should be fixed first. The software maintenance plan, which consists of list of defects to be fixed sequentially, is mostly generated using developer experience to prioritize the defects. With the current strategy, the software maintenance plan may not serve well to customer needs. This research proposes a method to prioritizing the software defects to be fixed by focusing on 3 impact factors: severity, priority and the number of users who found the same defects. The proposed method uses natural language process (NLP) to analyze user feedbacks in order to extract defect-related keywords. The ranking process uses analytical hierarchy process (AHP) to prioritize defects to be resolved. An evaluation of the prioritizing method is provided.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129897961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
An Improved Smartcard for the South African Social Security Agency (SASSA): A Proof of Life Based Solution 为南非社会保障局(SASSA)改进的智能卡:基于生命证明的解决方案
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885842
Sthembile Mthethwa, Graham Barbour, M. Thinyane
{"title":"An Improved Smartcard for the South African Social Security Agency (SASSA): A Proof of Life Based Solution","authors":"Sthembile Mthethwa, Graham Barbour, M. Thinyane","doi":"10.1109/ICISSEC.2016.7885842","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885842","url":null,"abstract":"The rapid growth of biometric technologies and wide accessibility of capturing devices has resulted in biometric systems becoming increasingly common in different applications. This has led to the introduction of ATMs in countries like Japan that have adapted biometrics, whereby fingerprints are used instead of PINs. Whilst in South Africa, biometrics is still not regulated in financial sectors. South Africa has one of the largest cash transfer systems in Africa, whereby approximately 16, 900, 000 grants are paid out monthly. SASSA is responsible for the administration and payments of grants with the help of a third entity, namely; Cash Paymaster Services (CPS). These grants are a way of fighting against poverty and recipients are known as beneficiaries. SASSA has a challenge when it comes to proving whether a beneficiary is still alive. Cases of impersonation have been identified, which led to money being paid out to people who are not eligible to receive it. Thus, the main aim of this paper is to propose a solution for this challenge. Therefore, an improved biometric-based smartcard is presented as a solution. Whereby, fingerprints are used to activate a smartcard before it is inserted into a machine (POS/ATM). This approach allows the owner of the card to be the only one that can use the card, which at the end links the transaction to the card-owner.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127234649","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Formulation of Certificate Policy and Certification Practice Statement Framework for Subordinate Certification Authorities Indonesia 印度尼西亚下级认证机构的证书政策和认证实践声明框架的制定
2016 International Conference on Information Science and Security (ICISS) Pub Date : 2016-12-01 DOI: 10.1109/ICISSEC.2016.7885854
Arfive Gandhi, Y. G. Sucahyo, T. Sirait
{"title":"Formulation of Certificate Policy and Certification Practice Statement Framework for Subordinate Certification Authorities Indonesia","authors":"Arfive Gandhi, Y. G. Sucahyo, T. Sirait","doi":"10.1109/ICISSEC.2016.7885854","DOIUrl":"https://doi.org/10.1109/ICISSEC.2016.7885854","url":null,"abstract":"Certificate Policy (CP) and Certification Practice Statement (CPS) are mandatory documents for Subordinate Certification Authorities (Sub-CAs) to explain their process business in Indonesia National Public Key Infrastructure (INPKI). Due to Sub-CAs' low proficiency in preparing CP and CPS, Ministry of Communication and Information Technology (MCIT) need to formulate CP and CPS framework for them. The usage of Request For Comment (RFC) 3647 as standard of CP and CPS format should be complemented with statements to comply with legal aspect of information security in Indonesia. This compliance explained in the relevant of provisions in CP and CPS. The research will contribute the acceleration of Sub-CA's readiness in CP and CPS requirements, both in technical and legal aspect. Sub-CAs CP and CPS are important in gaining trust from government as regulator and citizen as subscriber. This research provides guidance for Sub-CAs to compose sufficient CP and CPS related to three aspects: governance, technical, and human resources requirements. This research also promote future analysis about Level of Assurance, DN structure modification, and physical infrastructure standardization as recommendation for MCIT and Sub-CAs.","PeriodicalId":420224,"journal":{"name":"2016 International Conference on Information Science and Security (ICISS)","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122964070","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信