发布求助
文献互助 智能选刊 最新文献

21st Annual Computer Security Applications Conference (ACSAC'05)最新文献

筛选
英文 中文
Privacy-preserving alert correlation: a concept hierarchy based approach 隐私保护警报关联:一种基于概念层次结构的方法
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.45
Dingbang Xu, P. Ning
{"title":"Privacy-preserving alert correlation: a concept hierarchy based approach","authors":"Dingbang Xu, P. Ning","doi":"10.1109/CSAC.2005.45","DOIUrl":"https://doi.org/10.1109/CSAC.2005.45","url":null,"abstract":"With the increasing security threats from infrastructure attacks such as worms and distributed denial of service attacks, it is clear that the cooperation among different organizations is necessary to defend against these attacks. However, organizations' privacy concerns for the incident and security alert data require that sensitive data be sanitized before they are shared with other organizations. Such sanitization process usually has negative impacts on intrusion analysis (such as alert correlation). To balance the privacy requirements and the need for intrusion analysis, we propose a privacy-preserving alert correlation approach based on concept hierarchies. Our approach consists of two phases. The first phase is entropy guided alert sanitization, where sensitive alert attributes are generalized to high-level concepts to introduce uncertainty into the dataset with partial semantics. To balance the privacy and the usability of alert data, we propose to guide the alert sanitization process with the entropy or differential entropy of sanitized attributes. The second phase is sanitized alert correlation. We focus on defining similarity functions between sanitized attributes and building attack scenarios from sanitized alerts. Our preliminary experimental results demonstrate the effectiveness of the proposed techniques","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"436 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126114850","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 49
Evolving successful stack overflow attacks for vulnerability testing 发展成功的堆栈溢出攻击以进行漏洞测试
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.23
H. G. Kayacik, A. N. Zincir-Heywood, M. Heywood
{"title":"Evolving successful stack overflow attacks for vulnerability testing","authors":"H. G. Kayacik, A. N. Zincir-Heywood, M. Heywood","doi":"10.1109/CSAC.2005.23","DOIUrl":"https://doi.org/10.1109/CSAC.2005.23","url":null,"abstract":"The work presented in this paper is intended to test crucial system services against stack overflow vulnerabilities. The focus of the test is the user-accessible variables, that is to say, the inputs from the user as specified at the command line or in a configuration file. The tester is defined as a process for automatically generating a wide variety of user-accessible variables that result in malicious buffers (an exploit). In this work, the search for successful exploits is formulated as an optimization problem and solved using evolutionary computation. Moreover the resulting attacks are passed through the Snort misuse detection system to observe the detection (or not) of each exploit","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115015781","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 22
A Nitpicker’s guide to a minimal-complexity secure GUI 一个简单的安全GUI指南
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.7
Norman Feske, C. Helmuth
{"title":"A Nitpicker’s guide to a minimal-complexity secure GUI","authors":"Norman Feske, C. Helmuth","doi":"10.1109/CSAC.2005.7","DOIUrl":"https://doi.org/10.1109/CSAC.2005.7","url":null,"abstract":"Malware such as Trojan horses and spyware remain to be persistent security threats that exploit the overly complex graphical user interfaces of today's commodity operating systems. In this paper, we present the design and implementation of Nitpicker - an extremely minimized secure graphical user interface that addresses these problems while retaining compatibility to legacy operating systems. We describe our approach of kernelizing the window server and present the deployed security mechanisms and protocols. Our implementation comprises only 1,500 lines of code while supporting commodity software such as X11 applications alongside protected graphical security applications. We discuss key techniques such as client-side window handling, a new floating-labels mechanism, drag-and-drop, and denial-of-service-preventing resource management. Furthermore, we present an application scenario to evaluate the feasibility, performance, and usability of our approach","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120957051","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 92
Graphical passwords: a survey 图形密码:一项调查
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.27
Xiaoyuan Suo, Ying Zhu, G. Owen
{"title":"Graphical passwords: a survey","authors":"Xiaoyuan Suo, Ying Zhu, G. Owen","doi":"10.1109/CSAC.2005.27","DOIUrl":"https://doi.org/10.1109/CSAC.2005.27","url":null,"abstract":"The most common computer authentication method is to use alphanumerical usernames and passwords. This method has been shown to have significant drawbacks. For example, users tend to pick passwords that can be easily guessed. On the other hand, if a password is hard to guess, then it is often hard to remember. To address this problem, some researchers have developed authentication methods that use pictures as passwords. In this paper, we conduct a comprehensive survey of the existing graphical password techniques. We classify these techniques into two categories: recognition-based and recall-based approaches. We discuss the strengths and limitations of each method and point out the future research directions in this area. We also try to answer two important questions: \"Are graphical passwords as secure as text-based passwords?\"; \"What are the major design and implementation issues for graphical passwords?\" This survey will be useful for information security researchers and practitioners who are interested in finding an alternative to text-based authentication methods","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130262565","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 651
A host-based approach to network attack chaining analysis 基于主机的网络攻击链分析方法
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.6
P. Ammann, J. Pamula, Julie A. Street, Ronald W. Ritchey
{"title":"A host-based approach to network attack chaining analysis","authors":"P. Ammann, J. Pamula, Julie A. Street, Ronald W. Ritchey","doi":"10.1109/CSAC.2005.6","DOIUrl":"https://doi.org/10.1109/CSAC.2005.6","url":null,"abstract":"The typical means by which an attacker breaks into a network is through a chain of exploits, where each exploit in the chain lays the groundwork for subsequent exploits. Such a chain is called an attack path, and the set of all possible attack paths form an attack graph. Researchers have proposed a variety of methods to generate attack graphs. In this paper, we provide a novel alternative approach to network vulnerability analysis by utilizing a penetration tester's perspective of maximal level of penetration possible on a host. Our approach has the following benefits: it provides a more intuitive model in which an analyst can work, and its algorithmic complexity is polynomial in the size of the network, and so has the potential of scaling well to practical networks. The drawback is that we track only \"good\" attack paths, as opposed to all possible attack paths. Hence, an analyst may make suboptimal choices when repairing the network. Since attack graphs grow exponentially with the size of the network, we argue that suboptimal solutions are an unavoidable cost of scalability, and hence practical utility. A working prototype tool has been implemented to demonstrate the practicality of our approach","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133312234","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 104
Improved port knocking with strong authentication 改进端口敲门与强认证
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.32
Rennie deGraaf, John Aycock, M. Jacobson
{"title":"Improved port knocking with strong authentication","authors":"Rennie deGraaf, John Aycock, M. Jacobson","doi":"10.1109/CSAC.2005.32","DOIUrl":"https://doi.org/10.1109/CSAC.2005.32","url":null,"abstract":"It is sometimes desirable to allow access to open ports on a firewall only to authorized external users and present closed ports to all others. We examine ways to construct an authentication service to achieve this goal, and then examine one such method, \"port knocking\", and its existing implementations, in detail. We improve upon these existing implementations by presenting a novel port knocking architecture that provides strong authentication while addressing the weaknesses of existing port knocking systems","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123947872","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 69
Layering public key distribution over secure DNS using authenticated delegation 使用经过身份验证的委托在安全DNS上分层公钥分发
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.35
J. Jones, Daniel F. Berger, C. Ravishankar
{"title":"Layering public key distribution over secure DNS using authenticated delegation","authors":"J. Jones, Daniel F. Berger, C. Ravishankar","doi":"10.1109/CSAC.2005.35","DOIUrl":"https://doi.org/10.1109/CSAC.2005.35","url":null,"abstract":"We present the Internet key service (IKS), a distributed architecture for authenticated distribution of public keys, layered on secure DNS (DNSSEC). Clients use DNSSEC to securely discover the identities of the relevant IKS servers, and send key lookup or management requests directly to these servers using a special-purpose protocol. Clients authenticate keys retrieved from IKS servers using key commitments published in DNSSEC IKS derives its authentication authority from the authority DNS domains have over Internet names. The IKS architecture is loosely coupled with DNS to minimize overhead on DNS servers. We also present RIKS, a prototype IKS implementation","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126933251","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Java for mobile devices: a security study 移动设备的Java:安全研究
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.34
M. Debbabi, Mohamed Saleh, C. Talhi, Sami Zhioua
{"title":"Java for mobile devices: a security study","authors":"M. Debbabi, Mohamed Saleh, C. Talhi, Sami Zhioua","doi":"10.1109/CSAC.2005.34","DOIUrl":"https://doi.org/10.1109/CSAC.2005.34","url":null,"abstract":"Java 2 Micro-Edition connected limited device configuration (J2ME CLDC) is the platform of choice when it comes to running mobile applications on resource-constrained devices (cell phones, set-top boxes, etc.). The large deployment of this platform makes it a target for security attacks. The intent of this paper is twofold: first, we study the security architecture of J2ME CLDC; and second, we provide a vulnerability analysis of this Java platform. The analyzed components are: virtual machine, CLDC API and MIDP (mobile information device profile) API. The analysis covers the specifications, the reference implementation (RI) as well as several other widely deployed implementations of this platform. The aspects targeted by this security analysis encompass: networking, record management system, virtual machine, multi-threading and digital right management. This work identifies security weaknesses in J2ME CLDC that may represent sources of security exploits. Moreover, the results reported in this paper are valuable for any attempt to test or harden the security of this platform","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124990678","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Defensive execution of transactional processes against attacks 防御攻击的事务性流程执行
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.18
Meng Yu, Wanyu Zang, Peng Liu
{"title":"Defensive execution of transactional processes against attacks","authors":"Meng Yu, Wanyu Zang, Peng Liu","doi":"10.1109/CSAC.2005.18","DOIUrl":"https://doi.org/10.1109/CSAC.2005.18","url":null,"abstract":"It is a well known problem that the attack recovery of a self-healing system rolls back not only malicious transactions, but also legitimate transactions that are dependent on the malicious transactions. Rolling back and re-executing damaged transactions increase the response time of the system and may cause a significant processing delay. In such situations, the availability of the system is compromised and the system suffers the vulnerability of denial of service (DoS). In this paper, we propose a defensive executing technique and analyze its effectiveness. Our technique concurrently executes multiple paths of a transactional processes based on the prediction generated by a discrete time Markov chain. The defensive execution can reduce the delay caused by recovery. We also propose a branch cutting technique to reduce the extra cost introduced by defensive execution. Our analytical results show that our technique is practical against transactional level attacks","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128098856","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
PorKI: making user PKI safe on machines of heterogeneous trustworthiness PorKI:使用户PKI在异构可信的机器上安全
21st Annual Computer Security Applications Conference (ACSAC'05) Pub Date : 2005-12-05 DOI: 10.1109/CSAC.2005.43
S. Sinclair, Sean W. Smith
{"title":"PorKI: making user PKI safe on machines of heterogeneous trustworthiness","authors":"S. Sinclair, Sean W. Smith","doi":"10.1109/CSAC.2005.43","DOIUrl":"https://doi.org/10.1109/CSAC.2005.43","url":null,"abstract":"As evidenced by the proliferation of phishing attacks and keystroke loggers, we know that human beings are not well-equipped to make trust decisions about when to use their passwords or other personal credentials. Public key cryptography can reduce this risk of attack, because authentication using PKI is designed to not give away sensitive data. However, using private keys on standard platforms exposes the user to \"keyjacking\"; mobile users wishing to use keypairs on an unfamiliar and potentially untrusted workstation face even more obstacles. In this paper we present the design and prototype of PorKI, a software application for mobile devices that offers an alternative solution to the portable key problem. Through the use of temporary keypairs, proxy certificates, and wireless protocols, PorKI enables a user to employ her PKI credentials on any Bluetooth-enabled workstation, including those not part of her organization's network, and even those that might be malicious. Moreover, by crafting XACML policy statements that limit the key usage to the workstation's trustworthiness level, and inserting these statements into extensions of the proxy certificates, PorKI provides the user or the relying party with the ability to limit the amount of trust that can be put in the temporary keypair used on that workstation, and thus the scope of a potential compromise","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134162049","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信