2016 IEEE International Carnahan Conference on Security Technology (ICCST)最新文献

{"title":"A new approach to automatic signature complexity assessment","authors":"O. Miguel-Hurtado, R. Guest, Thomas Chatzisterkotis","doi":"10.1109/CCST.2016.7815678","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815678","url":null,"abstract":"Understanding signature complexity has been shown to be a crucial facet for both forensic and biometric appbcations. The signature complexity can be defined as the difficulty that forgers have when imitating the dynamics (constructional aspects) of other users signatures. Knowledge of complexity along with others facets such stability and signature length can lead to more robust and secure automatic signature verification systems. The work presented in this paper investigates the creation of a novel mathematical model for the automatic assessment of the signature complexity, analysing a wider set of dynamic signature features and also incorporating a new layer of detail, investigating the complexity of individual signature strokes. To demonstrate the effectiveness of the model this work will attempt to reproduce the signature complexity assessment made by experienced FDEs on a dataset of 150 signature samples.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"66 1","pages":"1-7"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80936422","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Human activity recognition using optical flow based feature set","authors":"S. S. Kumar, M. John","doi":"10.1109/CCST.2016.7815694","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815694","url":null,"abstract":"An optical flow based approach for recognizing human actions and human-human interactions in video sequences has been addressed in this paper. We propose a local descriptor built by optical flow vectors along the edges of the action performer(s). By using the proposed feature descriptor with multi-class SVM classifier, recognition rates as high as 95.69% and 94.62% have been achieved for Weizmann action dataset and KTH action dataset respectively. The recognition rate achieved is 92.7% for UT interaction Set_1, 90.21% for UT interaction Set_2. The results demonstrate that the method is simple and efficient.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"1 1","pages":"1-5"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83223317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Transitioning security software and hardware systems for use on unsecured or externally connected networks","authors":"R. Kulchyski","doi":"10.1109/CCST.2016.7815721","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815721","url":null,"abstract":"The threat of online attacks has become a growing concern in technological environments across the globe. As is quite obvious, having a physical security system tampered with maliciously over an internet connection can be an enormous threat. Historically many security sensor companies have avoided this concern by leaving their security networks isolated from the external internet Presently we approach an age where operating an isolated network on a client site will become less and less appealing to the client With the added benefits of monitoring from their own network, use of existing infrastructure, remote connectivity options and the threat and or fear of an uncontrolled network on their site, many customers have a desire to have their security system on their own monitored, externally connected network An exploration is taken into the process of converting a product using its isolation for network security, into a product that can be dropped with confidence into an externally connected or potentially unsecure network environment. A range of concepts are covered at varying depths, including testing tools for getting started, encryption and reverse engineering, penetration testing, tools used for adding security and the difficulties and logistics of keeping patches up to date and virus definitions current.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"120 1","pages":"1-3"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89376160","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Biometric encryption system for increased security","authors":"Ranjith Jayapal, Pramod Govindan","doi":"10.1109/CCST.2016.7815700","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815700","url":null,"abstract":"Security is very important in present day life. In this computer-networked world, most of the activities are computer based, and the data transactions arc protected by passwords. These passwords identify various entities such as bank accounts, mobile phones, etc. People might reuse the same password, or passwords might be related to an individual that can lead to dictionary attacks. Indeed, remembering several passwords become a tedious task. Biometrics is a science that measures individual physical characteristics in a unique way. Thus, biometrics serves as a method to replace the cumbersome use of complex passwords. Our research uses the features of biometrics to efficiently implement a biometric encryption system with high level of security.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"11 1","pages":"1-3"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75417136","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Online and offline conformance checking of inter-organizational business processes with incomplete process logs","authors":"A. C. D'Iddio, C. Schunck, F. Arcieri, M. Talamo","doi":"10.1109/CCST.2016.7815702","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815702","url":null,"abstract":"Ensuring the compliance of inter-organizational business processes with security, privacy and workflow requirements poses significant challenges. For compliance checking a specification of the process model which contains important requirements like causal dependencies among actions must be compared to the available data from the process execution. Complete execution data may only become available by combining distributed event logs which are maintained and stored independently by the participants. Frequently the information in combined event logs is found to be of limited reliability and quality: the overall maturity of some event logs may be low, the temporal structure of events may be unclear/imprecise (e.g. when logs of different organizations are combined), confidentiality constraints may prevent certain activities from being logged and logs may be partially corrupted. We propose an approach using abstraction techniques based on over-approximation and under-approximation for checking the compliance of incomplete process logs with a given process specification. Such methods are widely used in Model Checking to model unmanageable information about the states of a system (state explosion). Here these techniques are applied to model unavailable information, in particular incomplete event descriptions. We show under what conditions deviations from a specification can be confirmed as anomalies and when a process can be certified as correct even in the presence of incomplete event descriptions. The methods described here can be adopted for post mortem investigation, for the prevention and detection of security anomalies and for assessing the maturity level of event logs.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"20 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82284925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An integrated multidisciplinary model for security management and related supporting integrated technological system","authors":"F. Garzia","doi":"10.1109/CCST.2016.7815690","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815690","url":null,"abstract":"The purpose of this paper is to illustrate a general Integrated Multidisciplinary Model for Security Management (IMMSM), the related optimized implementation technique based on Genetic Algorithms (GAs) and the supporting Integrated Technological System Framework (ITSF) which can be adopted in most situations and which has produced interesting results, both from a theoretical and practical point of view, in security management, and even from a cost/benefit point of view in different existing organizations which have started to adopt the IMMSM and have started to modify their already existing technological systems to support it through the above mentioned ITSF.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"133 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74876959","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Vulnerabilities of biometric systems integrated in mobile devices: An evaluation","authors":"Ines Goicoechea-Telleria, J. Liu-Jimenez, R. Sánchez-Reillo, Wendy Ponce-Hernandez","doi":"10.1109/CCST.2016.7815677","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815677","url":null,"abstract":"With the growing number of people that own a smartphone with a fingerprint sensor, it is necessary to be able to assess and compare different smartphones' ability to reject false fingerprints, as attackers could have access to sensitive data (bank accounts, pictures, documents). For this end, a common ground is needed to perform comparable security evaluations. This paper unifies several methodologies to evaluate the security of fingerprint biometric systems embedded in mobile devices. Then, this methodology is applied on 5 different smartphones for a security evaluation and their ability' to reject false fingerprints is compared.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"22 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74165121","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"System for monitoring natural disasters using natural language processing in the social network Twitter","authors":"Miguel Maldonado, D. Alulema, D. Morocho, Marida Proano","doi":"10.1109/CCST.2016.7815686","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815686","url":null,"abstract":"This paper presents the design and implementation of an automated system that allows monitoring the social network Twitter, making a connection to the API, to filter content according to four categories (volcanic, telluric, fires and climatological) which affect Ecuador because of its geographical location, taking into account that these cannot be easily predicted, and stores all tweets in a database for analysis. The filtering process is performed by using the NLTK tool with which the frequency of a word is determined within a tweet, to be classified later in one of the proposed categories. The results for each category are displayed on a web page that contains real-time statistics of the database. This work provides access to information on natural disasters because they are classified.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"15 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77143436","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Airport security system standards development: Challenges and outcomes","authors":"C. Wilkinson, Art Kosatka","doi":"10.1109/CCST.2016.7815716","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815716","url":null,"abstract":"The complexity of security systems at airports within the United States - indeed, worldwide - has grown significantly over the years in response to increasing threats and regulatory developments. Initially, each airport developed its own security system without recourse to unified standards. The result was a mixed bag of proprietary systems which were typically over budget, poorly integrated, did not fully meet security requirements, and were both difficult and expensive to maintain. To address this, in the early 90s the ACC (Airports Consultants Council) chaired an RTCA Federal Advisory Committee to develop performance standards for staff access control systems to permit access to security-related areas of an airport. This was followed several years later by TSA's technical guidelines for checked baggage and passenger screening systems. Tying these together, a comprehensive document known within the industry as “The Guidelines”, (The full title is: “Recommended Security Guidelines for Airport Planning, Design and Construction “) was commissioned by TSA in 2006 to replace an earlier 2001 FAA version. This was updated in 2011, and a revision is currently underway for a 4th iteration. The RTCA access control standards are currently in their 7th iteration and the checkpoint and baggage guidelines in their 5th and 6th iteration respectively: demonstrating the need to update such standards regularly, as technology and regulatory requirements change to meet the changing threat. The RTCA access control standard is a substantial document, totaling over 300 pages. The checked baggage guidelines are over 500 pages; the checkpoint guidelines are over 150 pages. Together with “The Guidelines” they comprise a comprehensive set of airport security guidance, frequently referenced throughout the world. This paper reviews how the content of each of these standards was developed: how the developmental activity was funded: how participation by airport professionals contributed, and how the various documents continue to be coordinated. It addresses the issue of uneven technology development cycles and requirements, both within each document and between documents, and how to handle these changes without developing “silos”, as well as providing details of how these challenges were addressed in the access control system standards and the Guidelines.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"1 1","pages":"1-6"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83157152","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Interaction evaluation of a mobile voice authentication system","authors":"O. Miguel-Hurtado, Ramón Blanco-Gonzalo, R. Guest, Chiara Lunerti","doi":"10.1109/CCST.2016.7815697","DOIUrl":"https://doi.org/10.1109/CCST.2016.7815697","url":null,"abstract":"Biometric recognition is nowadays widely used in smartphones, making the users' authentication easier and more transparent than PIN codes or patterns. Starting from this idea, the EU project PIDaaS aims to create a secure authentication system through mobile devices based on voice and face recognition as two of the most reliable and user-accepted modalities. This work introduces the project and the first PIDaaS usability evaluation carried out by means of the well-known HBSI model In this experiment, participants interact with a mobile device using the PIDaaS system under laboratory conditions: video recorded and assisted by an operator. Our findings suggest variability among sessions in terms of usability and feed the next PIDaaS HCI design.","PeriodicalId":6510,"journal":{"name":"2016 IEEE International Carnahan Conference on Security Technology (ICCST)","volume":"1 1","pages":"1-8"},"PeriodicalIF":0.0,"publicationDate":"2016-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89867841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}