发布求助
文献互助 智能选刊 最新文献

ISC Int. J. Inf. Secur.最新文献

筛选
英文 中文
Impossible Differential Cryptanalysis on Deoxys-BC-256 Deoxys-BC-256的不可能差分密码分析
ISC Int. J. Inf. Secur. Pub Date : 2018-07-05 DOI: 10.22042/ISECURE.2018.114245.405
Alireza Mehrdad, F. Moazami, H. Soleimany
{"title":"Impossible Differential Cryptanalysis on Deoxys-BC-256","authors":"Alireza Mehrdad, F. Moazami, H. Soleimany","doi":"10.22042/ISECURE.2018.114245.405","DOIUrl":"https://doi.org/10.22042/ISECURE.2018.114245.405","url":null,"abstract":"Deoxys is a final-round candidate of the CAESAR competition. Deoxys is built upon an internal tweakable block cipher Deoxys-BC, where in addition to the plaintext and key, it takes an extra non-secret input called a tweak. This paper presents the first impossible differential cryptanalysis of Deoxys-BC-256 which is used in Deoxys as an internal tweakable block cipher. First, we find a 4.5-round ID characteristic by utilizing a miss-in-the-middle-approach. We then present several cryptanalysis based upon the 4.5 rounds distinguisher against round-reduced Deoxys-BC-256 in both single-key and related-key settings. Our contributions include impossible differential attacks on up to 8-round Deoxys-BC-256 in the single-key model. Our attack reaches 9 rounds in the related-key related-tweak model which has a slightly higher data complexity than the best previous results obtained by a related-key related-tweak rectangle attack presented at FSE 2018, but requires a lower memory complexity with an equal time complexity.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130109115","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
A Survey of Anomaly Detection Approaches in Internet of Things 物联网中异常检测方法综述
ISC Int. J. Inf. Secur. Pub Date : 2018-07-01 DOI: 10.22042/ISECURE.2018.116976.408
M. Behniafar, A. Nowroozi, H. Shahriari
{"title":"A Survey of Anomaly Detection Approaches in Internet of Things","authors":"M. Behniafar, A. Nowroozi, H. Shahriari","doi":"10.22042/ISECURE.2018.116976.408","DOIUrl":"https://doi.org/10.22042/ISECURE.2018.116976.408","url":null,"abstract":"Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion Detection System is required to detect and to prevent attacks from malicious nodes. In this regard, Anomaly based Intrusion Detection Systems identify anomalous behavior of the network and consequently detect possible intrusion, unknown and stealth attacks. To this end, this paper analyses, evaluates and classifies anomaly detection approaches and systems specific to the Internet of Things. For this purpose, anomaly detection systems and approaches are analyzed in terms of engine architecture, application position, and detection method and in each point of view, approaches are investigated considering the associated classification.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128721998","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Distributed Contingency Logic and Security 分布式应急逻辑和安全性
ISC Int. J. Inf. Secur. Pub Date : 2018-07-01 DOI: 10.22042/ISECURE.2018.114354.406
Rahim Ramezanian
{"title":"Distributed Contingency Logic and Security","authors":"Rahim Ramezanian","doi":"10.22042/ISECURE.2018.114354.406","DOIUrl":"https://doi.org/10.22042/ISECURE.2018.114354.406","url":null,"abstract":"In information security, ignorance is not bliss. It is always stated that hiding the protocols (let the other be ignorant about it) does not increase the security of organizations. However, there are cases that ignorance creates protocols. In this paper, we propose distributed contingency logic, a proper extension of contingency (ignorance) logic. Intuitively, a formula is distributed contingent in a group of agent if and only if it does not follow from the knowledge of all individual agents put together. We formalize secret sharing scheme (a security property that is built upon ignorance of all agents), and a man in the middle attack to a weak protocol in our logic. We also illustrate a condition where disclose a secret may hide another one forever. Finally we prove the main theorems of every logic, soundness and completeness. We also prove that distributed contingency logic is more expressive than classical contingency logic and epistemic logic.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"116 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122249366","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
On the Security of O-PSI: A Delegated Private Set Intersection on Outsourced Datasets (Extended Version) 论O-PSI的安全性:外包数据集上的委托私有集交集(扩展版)
ISC Int. J. Inf. Secur. Pub Date : 2018-07-01 DOI: 10.22042/ISECURE.2018.120860.410
Mahdi Mahdavi Oliaee, M. Delavar, Mohammad Hassan Ameri, J. Mohajeri, M. Aref
{"title":"On the Security of O-PSI: A Delegated Private Set Intersection on Outsourced Datasets (Extended Version)","authors":"Mahdi Mahdavi Oliaee, M. Delavar, Mohammad Hassan Ameri, J. Mohajeri, M. Aref","doi":"10.22042/ISECURE.2018.120860.410","DOIUrl":"https://doi.org/10.22042/ISECURE.2018.120860.410","url":null,"abstract":"In recent years, determining the common information privately and efficiently between two mutually mistrusting parties have become an important issue in social networks. Many Private Set Intersection (PSI) protocols have been introduced to address this issue. By applying these protocols, two parties can compute the intersection between their sets without disclosing any information about components that are not in the intersection. Due to the broad range of computational resources that the cloud can provide for its users, determining the set intersection by cloud may decrease the computational cost of the users. The proposed protocols by Abadi et al. are two protocols in this context. In this paper, we show that their protocols are vulnerable to eavesdropping attack. Also, a solution is proposed to secure the protocol against mentioned attack. Moreover, we analyze the performance of both O-PSI and modified O-PSI protocols and show that our scheme is comparable with the O-PSI protocol. Actually, one trivial solution for the Abadi et al.’s proposed schemes is to use a secure channel like TLS. However, in the performance evaluation, we compare our applied modification with this trivial solution, and show that our proposed modification is more efficient as some extra encryptions imposed by TLS are no longer required.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127864794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Feature-based Malicious URL and Attack Type Detection Using Multi-class Classification 基于特征的恶意URL及多类分类攻击类型检测
ISC Int. J. Inf. Secur. Pub Date : 2018-03-20 DOI: 10.22042/ISECURE.2018.0.0.1
D. Patil, J. Patil
{"title":"Feature-based Malicious URL and Attack Type Detection Using Multi-class Classification","authors":"D. Patil, J. Patil","doi":"10.22042/ISECURE.2018.0.0.1","DOIUrl":"https://doi.org/10.22042/ISECURE.2018.0.0.1","url":null,"abstract":"Nowadays, malicious URLs are the common threat to the businesses, social networks, net-banking. Existing approaches have focused on binary detection i.e., either the URL is malicious or benign. Very few literature is found which focused on the detection of malicious URLs and their attack types. Hence, it becomes necessary to know the attack type and adopt an effective countermeasure. This paper proposes a methodology to detect malicious URLs and the type of attacks based on multi-class classification. In this work, we propose 42 new features of spam, phishing and malware URLs. These features are not considered in the earlier studies for malicious URLs detection and attack types identification. Binary and multi-class dataset is constructed using 49935 malicious and benign URLs. It consists of 26041 benign and 23894 malicious URLs containing 11297 malware, 8976 phishing and 3621 spam URLs. To evaluate the proposed approach, the state-of-the-art supervised batch and online machine learning classifiers are used. Experiments are performed on the binary and multi-class dataset using the aforementioned machine learning classifiers. It is found that, confidence weighted learning classifier achieves the best 98.44% average detection accuracy with 1.56% error-rate in the multi-class setting and 99.86% detection accuracy with negligible error-rate of 0.14% in binary setting using our proposed URL features.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"168 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-03-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122518579","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
Phishing website detection using weighted feature line embedding 基于加权特征线嵌入的钓鱼网站检测
ISC Int. J. Inf. Secur. Pub Date : 2017-07-31 DOI: 10.22042/ISECURE.2017.83439.377
M. Imani, G. Montazer
{"title":"Phishing website detection using weighted feature line embedding","authors":"M. Imani, G. Montazer","doi":"10.22042/ISECURE.2017.83439.377","DOIUrl":"https://doi.org/10.22042/ISECURE.2017.83439.377","url":null,"abstract":"The aim of phishing is tracing the users’ s private information without their permission by designing a new website which mimics the trusted website. The specialists of information technology do not agree on a unique definition for the discriminative features that characterizes the phishing websites. Therefore, the number of reliable training samples in phishing detection problems is limited. Moreover, among the available training samples, there are abnormal samples that cause classification error. For instance, it is possible that there are phishing samples with similar features to legitimate ones and vice versa. A supervised feature extraction method, called weighted feature line embedding, is proposed in this paper to solve these problems. The proposed method virtually generates training samples by utilizing the feature line metric. Hence, it can solve the small sample size problem. Moreover, by assigning appropriate weights to each pair of feature points, it corrects the undesirable quality of abnormal samples. The features extracted by our method improve the performance of phishing website detection specially by using small training","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132301639","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
A new CPA resistant software implementation for symmetric ciphers with smoothed power consumption: SIMON case study 具有平滑功耗的对称密码的一种新的抗CPA软件实现:SIMON案例研究
ISC Int. J. Inf. Secur. Pub Date : 2017-07-31 DOI: 10.22042/ISECURE.2017.82990.376
Morteza Safaei Pour, M. Salmasizadeh
{"title":"A new CPA resistant software implementation for symmetric ciphers with smoothed power consumption: SIMON case study","authors":"Morteza Safaei Pour, M. Salmasizadeh","doi":"10.22042/ISECURE.2017.82990.376","DOIUrl":"https://doi.org/10.22042/ISECURE.2017.82990.376","url":null,"abstract":"In this paper we propose a new method for applying hiding countermeasure against CPA attacks. This method is for software implementation, based on smoothing power consumption of the device. This method is evaluated on the SIMON scheme as a case study; however, it is not relying on any specific SIMON features. Our new method includes only AND equivalent and XOR equivalent operations since every cryptographic algorithm can be implemented with two basic operations, namely AND and XOR. Therefore, hamming weight and hamming distance take constant values at each moment of time. This can decrease data-dependency between processed values and consumed power. In order to practically evaluate the resulting implementation overheads and the resistance improvement against CPA, we implement the proposed coding scheme on SIMON, a lightweight block cipher, on a smart card with the ATmega163 microprocessor. We define resistance as the number of traces, which for less than that number; the correct key cannot be distinguished from all other hypothetical keys by its correlation coefficient in any moment of time. The results of this implementation show 350 times more immunity against correlation attacks.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133570589","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
An efficient secure channel coding scheme based on polar codes 一种有效的基于极化码的安全信道编码方案
ISC Int. J. Inf. Secur. Pub Date : 2017-07-28 DOI: 10.22042/ISECURE.2017.84609.380
Behnam Mafakheri, T. Eghlidos, Hossein Pilaram
{"title":"An efficient secure channel coding scheme based on polar codes","authors":"Behnam Mafakheri, T. Eghlidos, Hossein Pilaram","doi":"10.22042/ISECURE.2017.84609.380","DOIUrl":"https://doi.org/10.22042/ISECURE.2017.84609.380","url":null,"abstract":"In this paper, we propose a new framework for joint encryption encoding scheme based on polar codes, namely efficient and secure joint secret key encryption channel coding scheme. The issue of using new coding structure, i.e. polar codes in Rao-Nam (RN) like schemes is addressed. Cryptanalysis methods show that the proposed scheme has an acceptable level of security with a relatively smaller key size in comparison with the previous works. The results indicate that the scheme provides an efficient error performance and benefits from a higher code rate which can approach the channel capacity for large enough polar codes. The most important property of the proposed scheme is that if we increase the block length of the code, we can have a higher code rate and higher level of security without significant changes in the key size of the scheme. The resulting characteristics of the proposed scheme make it suitable for high-speed communications, such as deep space communication systems.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116206242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Analyzing new features of infected web content in detection of malicious web pages 分析受感染网页内容在检测恶意网页中的新特征
ISC Int. J. Inf. Secur. Pub Date : 2017-07-20 DOI: 10.22042/ISECURE.2017.9.2.2
Javad Hajian Nezhad, M. V. Jahan, Mohammad-Hassan Tayarani-Najaran, Zohre Sadrnezhad
{"title":"Analyzing new features of infected web content in detection of malicious web pages","authors":"Javad Hajian Nezhad, M. V. Jahan, Mohammad-Hassan Tayarani-Najaran, Zohre Sadrnezhad","doi":"10.22042/ISECURE.2017.9.2.2","DOIUrl":"https://doi.org/10.22042/ISECURE.2017.9.2.2","url":null,"abstract":"Recent improvements in web standards and technologies enable the attackers to hide and obfuscate infectious codes with new methods and thus escaping the security filters. In this paper, we study the application of machine learning techniques in detecting malicious web pages. In order to detect malicious web pages, we propose and analyze a novel set of features including HTML, JavaScript (jQuery library) and XSS attacks. The proposed features are evaluated on a data set that is gathered by a crawler from malicious web domains, IP and address black lists. For the purpose of evaluation, we use a number of machine learning algorithms. Experimental results show that using the proposed set of features, the C4.5-Tree algorithm offers the best performance with 97.61% accuracy, and F1-measure has 96.75% accuracy. We also rank the quality of the features. Experimental results suggest that nine of the proposed features are among the twenty best discriminative features.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122739958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
On the computational complexity of finding a minimal basis for the guess and determine attack 在计算复杂度上寻找最小基进行猜测和确定攻击
ISC Int. J. Inf. Secur. Pub Date : 2017-07-12 DOI: 10.22042/ISECURE.2017.79681.373
Shahram Khazaei, F. Moazami
{"title":"On the computational complexity of finding a minimal basis for the guess and determine attack","authors":"Shahram Khazaei, F. Moazami","doi":"10.22042/ISECURE.2017.79681.373","DOIUrl":"https://doi.org/10.22042/ISECURE.2017.79681.373","url":null,"abstract":"Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, we present a relation between the minimum numbers of the guessed bits and uniquely restricted matching of a graph. This leads us to see that finding the minimum number of the guessed bits is NP-complete. Although fixed parameter tractability of the problem in term of minimum number of the guessed bits remains an open question, we provide some related results. Moreover, we introduce some closely related graph concepts and problems including alternating cycle free matching, jump number and forcing number of a perfect matching.","PeriodicalId":436674,"journal":{"name":"ISC Int. J. Inf. Secur.","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122108709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信