Cybersecurity Conference Publications, Early 2015

---

	Cybersecurity Conference Publications, Early 2015

The works cited here were presented during the first six weeks of 2015. Also included is the IEEE Standard for substations system cybersecurity.

---

 

“IEEE Standard Cybersecurity Requirements for Substation Automation, Protection, and Control Systems," IEEE Std C37.240-2014, pp. 1, 38, Jan. 30 2015. doi: 10.1109/IEEESTD.2015.7024885
Cybersecurity measures require that a balance be achieved between technical feasibility and economic feasibility and that this balance addresses the risks expected to be present at a substation. Further, cybersecurity measures must be designed and implemented in such a manner that access and operation to legitimate activities is not impeded, particularly during times of emergency or restoration activity. This standard presents a balance of the above factors.
Keywords: Access controls; Authentication; Computer crime; Computer security; Encryption; IEEE standards; Passwords; Remote access; IEEE C37.240;critical infrastructure protection; cybersecurity; electronic access; encryption; password management; remote access; substations (ID#: 15-4088)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7024885&isnumber=7024884

 

Dark, Melissa, "Thinking about Cybersecurity," Security & Privacy, IEEE, vol. 13, no.1, pp.61, 65, Jan.-Feb. 2015. doi: 10.1109/MSP.2015.17 What is a "security mindset" beyond a healthy dose of paranoia? This article explores advances in neuroscience and the science of learning as a foundation for thinking about whether cybersecurity educators can teach the security mindset, and if so, what that might entail.
Keywords: Computer security; Educational institutions; Neuroscience; Privacy; Uncertainty; cybersecurity; neurocognitive research; science of learning; security; security mindset (ID#: 15-4089)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7031840&isnumber=7031815

 

Geer, Daniel E., "Less Is More: Saving the Internet from Itself," Security & Privacy, IEEE, vol.13, no.1, pp. 80, 80, Jan.-Feb. 2015. doi: 10.1109/MSP.2015.6 Explores the need to protect the content and information gleamed from the Internet while, at the same time, ensure that freedom of access and quality of content remains intact. Claims that there is a choice - do we want to make protection of individual Internet elements the owner's problem for all values of "owner," subject to unpredictable differentiation and a picking of winners and losers by emergent processes that we can perhaps still influence but never again control? Or do we want near monocultures of a few winning platforms whose vastness represents empire and thus requires a level of defense that only a nationstate can provide, if at all? On the former lies the path of so much science fiction, especially if the Singularity is imminent. On the latter lies the path to a state-level control far more invasive than fiat currency and secret standing armies. If neither of these options appeals, now is the time to apply the brakes. Now is the time, individually and collectively, to tamp down risk by tamping down dependence on the Internet. Now is the time to say that target richness is a disease for which the cure is intolerable.
Keywords: Government; Information filters; Information retrieval; Information security; Internet; Philosophical considerations; Social implications of technology; Internet; Internet extension; attacker economics; cybersecurity; security (ID#: 15-4090)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7031818&isnumber=7031815

 

Fonash, Peter; Schneck, Phyllis, "Cybersecurity: From Months to Milliseconds," Computer, vol.48, no.1, pp. 42, 50, Jan. 2015. doi: 10.1109/MC.2015.11 Computer technology is the nexus of our critical infrastructures, yet it remains extremely vulnerable to cyberattacks. A proposed Integrated Adaptive Cyber Defense architecture promises to create a healthy cyber ecosystem by automating many risk decisions and optimizing human oversight of security processes too complex or important for machines alone to solve.
Keywords: Computer crime; Computer hacking; Computer security; Ecosystems; Internet of things; IACD; Integrated Adaptive Cyber Defense; Internet of Things; IoT; cyberattacks; cybersecurity; security (ID#: 15-4091)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7030229&isnumber=7030133

 

Arief, Budi; Adzmi, Mohd Azeem Bin; Gross, Thomas, "Understanding Cybercrime from Its Stakeholders' Perspectives: Part 1--Attackers," Security & Privacy, IEEE, vol.13, no.1, pp.71, 76, Jan.-Feb. 2015. doi: 10.1109/MSP.2015.19 Although cybercrime is rampant, there is no authoritative definition of the term and all that it implies. A comprehensive model and taxonomy of cybercrime, including all of its stakeholders, would contribute to better cybersecurity. Part one of this two-part series explores attackers and their motives in detail.
Keywords: Computer crime; Computers; Cyberspace; National security; Psychology; Training; attackers; cybercrime; cybercrime stakeholders; cybersecurity; security (ID#: 15-4092)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7031833&isnumber=7031815

 

Mazurczyk, Wojciech; Rzeszutko, Elzybieta, "Security--A Perpetual War: Lessons from Nature," IT Professional, vol.17, no. 1, pp.16,22, Jan.-Feb. 2015. doi: 10.1109/MITP.2015.14 For ages, people have sought inspiration in nature. Biomimicry has propelled inventions from Velcro tape to "cat's eyes" retroreflective road markers. At the same time, scientists have been developing biologically inspired techniques, including genetic algorithms and neural and sensor networks. Although a first glance shows no direct connection between the Internet's offensive and defensive techniques and patterns present in nature, closer inspection reveals many analogies between these two worlds. Botnets, distributed denial-of-service attacks, intrusion detection/prevention systems, and others techniques use strategies that closely resemble actions undertaken by certain species in the natural kingdom. The authors analyze these analogies and conclude by suggesting that the security community should turn to nature in search of new offensive and defensive techniques for virtual world security. This article is part of a special issue on IT security.
Keywords: Bioinformatics; Biological system modeling; Computer crime; Computer security; Computer worms; Firewalls (computing);Internet; Intrusion detection; Malware; DDoS attacks; bio-inspired security; bioinformatics; botnets; cybersecurity; honeypots; information technology; intrusion detection; intrusion prevention; security; worms (ID#: 15-4093)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7030143&isnumber=7030137

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

International Conferences: Information Theory Workshop (ITW), 2014, Hobart, Tasmania

 

	International Conferences: Information Theory Workshop (ITW), 2014, Hobart, Tasmania

 

The 2014 IEEE Information Theory Workshop (ITW) was held 2-5 Nov. 2014 in Hobart, Tasmania.  ITW2014 describes itself as a forum for technical exchange among scientists and engineers working on the fundamentals of information theory. The agenda covered diverse topics including source coding, distributed source and channel coding, joint source and channel coding, coding for wireless systems, coding for sensor and ad-hoc networks, mimo and space-time coding, graph-based codes and iterative decoding, cooperation in wireless systems, sequences and coding, compressed sensing, coding applications: optical communications, smart grid, underwater, etc., and information theoretic security.  The works cited here are from the security area.  The conference site is at: http://itw2014.jaist.ac.jp/  The contributors came from Europe, Asia, and the Americas, as well as Australia—truly an international event.

---

 

Shuiyin Liu; Yi Hong; Viterbo, E., "On Measures Of Information Theoretic Security," Information Theory Workshop (ITW), 2014 IEEE , vol., no., pp.309,310, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970843
Abstract: While information-theoretic security is stronger than computational security, it has long been considered impractical. In this work, we provide new insights into the design of practical information-theoretic cryptosystems. Firstly, from a theoretical point of view, we give a brief introduction into the existing information theoretic security criteria, such as the notions of Shannon's perfect/ideal secrecy in cryptography, and the concept of strong secrecy in coding theory. Secondly, from a practical point of view, we propose the concept of ideal secrecy outage and define a outage probability. Finally, we show how such probability can be made arbitrarily small in a practical cryptosystem.
Keywords: cryptography; information theory; Shannon perfect secrecy; computational security; ideal secrecy; information theoretic cryptosystem; information theoretic security; Australia; Cryptography; Entropy; Information theory; Probability; Vectors (ID#: 15-5155)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970843&isnumber=6970773

 

Rao, K.S.; Prabhakaran, V.M., "A New Upperbound For The Oblivious Transfer Capacity Of Discrete Memoryless Channels," Information Theory Workshop (ITW), 2014 IEEE, pp. 35, 39, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970787
Abstract: We derive a new upper bound on the string oblivious transfer capacity of discrete memoryless channels (DMCs). The main tool we use is the tension region of a pair of random variables introduced in Prabhakaran and Prabhakaran (2014) where it was used to derive upper bounds on rates of secure sampling in the source model. In this paper, we consider secure computation of string oblivious transfer in the channel model. Our bound is based on a monotonicity property of the tension region in the channel model. We show that our bound strictly improves upon the upper bound of Ahlswede and Csiszár (2013).
Keywords: channel capacity; telecommunication security; DMCs; channel model; discrete memoryless channels; monotonicity property; oblivious transfer capacity; random variables; secure sampling rates; source model; string oblivious transfer; tension region; upper bound; Markov processes; Monte Carlo methods; Noise measurement; Privacy; Protocols; Random variables; Upper bound (ID#: 15-5156)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970787&isnumber=6970773

 

Pengwei Wang; Safavi-Naini, R., "An Efficient Code For Adversarial Wiretap Channel," Information Theory Workshop (ITW), 2014 IEEE, pp. 40, 44, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970788
Abstract: In the (ρr, ρw)-adversarial wiretap (AWTP) channel model of [13], a codeword sent over the communication channel is corrupted by an adversary who observes a fraction ρr of the codeword, and adds noise to a fraction ρw of the codeword. The adversary is adaptive and chooses the subsets of observed and corrupted components, arbitrarily. In this paper we give the first efficient construction of a code family that provides perfect secrecy in this model, and achieves the secrecy capacity.
Keywords: channel coding; telecommunication security; wireless channels; AWTP channel model; adversarial wiretap channel model; code family; codeword; communication channel; secrecy capacity; Computational modeling; Decoding; Encoding; Reed-Solomon codes; Reliability; Security; Vectors (ID#: 15-5157)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970788&isnumber=6970773

 

Zhiqing Xiao; Yunzhou Li; Ming Zhao; Jing Wang, "Interactive Code To Correct And Detect Omniscient Byzantine Adversaries," Information Theory Workshop (ITW), 2014 IEEE, pp. 45, 49, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970789
Abstract: This paper considers interactive transmissions in the presence of omniscient Byzantine attacks. Unlike prior papers, it is assumed that the number of transmissions, the number of erroneous transmissions therein, and the direction of each transmission are predetermined. Besides, the size of the alphabet in each transmission is unequal and predefined. Using these transmissions, two nodes communicate interactively to send a message. In this model, both attack strategies and coding bounds are considered. Although the codebook cannot fully describe the interactive code, we still assert the existence of successful attack strategies according to the relations between codewords in the codebook. Furthermore, to ensure that the code is able to detect or correct a given number of transmission errors, upper bounds on the size of code are derived. Finally, the tightness of the bounds is discussed.
Keywords: error correction codes; error detection codes; security of data; attack strategies; codebook; codewords; coding bounds; erroneous transmissions; interactive code; interactive transmissions; omniscient Byzantine attacks; transmission errors; Decoding; Educational institutions; Encoding; Error correction; Error correction codes; Indexes; Upper bound (ID#: 15-5158)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970789&isnumber=6970773

 

Mirghasemi, H.; Belfiore, J.-C., "The Semantic Secrecy Rate Of The Lattice Gaussian Coding For The Gaussian Wiretap Channel," Information Theory Workshop (ITW), 2014 IEEE, pp. 112, 116, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970803
Abstract: In this paper, we investigate the achievable semantic secrecy rate of existing lattice coding schemes, proposed in [6], for both the mod-Λ Gaussian wiretap and the Gaussian wiretap channels. For both channels, we propose new upper bounds on the amount of leaked information which provide milder sufficient conditions to achieve semantic secrecy. These upper bounds show that the lattice coding schemes in [6] can achieve the secrecy capacity to within ½ln e/2 nat for the mod-Λ Gaussian and to within ½(1 - ln (1 + SNRe / SNRe+1)) nat for the Gaussian wiretap channels where SNRe is the signal-to-noise ratio of Eve.
Keywords: Gaussian channels; channel capacity; data privacy; wireless channels; Gaussian wiretap channels; SNRe; lattice coding schemes; mod-Λ Gaussian wiretap; secrecy capacity; semantic secrecy rate; signal-to-noise ratio of Eve; Encoding; Gaussian distribution; Lattices; Security; Semantics; Upper bound; Zinc (ID#: 15-5159)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970803&isnumber=6970773

 

Geil, O.; Martin, S.; Matsumoto, R.; Ruano, D.; Yuan Luo, "Relative Generalized Hamming Weights Of One-Point Algebraic Geometric Codes," Information Theory Workshop (ITW), 2014 IEEE, pp.137,141, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970808
Abstract: Security of linear ramp secret sharing schemes can be characterized by the relative generalized Hamming weights of the involved codes [23], [22]. In this paper we elaborate on the implication of these parameters and we devise a method to estimate their value for general one-point algebraic geometric codes. As it is demonstrated, for Hermitian codes our bound is often tight. Furthermore, for these codes the relative generalized Hamming weights are often much larger than the corresponding generalized Hamming weights.
Keywords: Hamming codes; algebraic geometric codes; security of data; Hermitian codes; general one-point algebraic geometric codes; linear ramp secret sharing schemes security; relative generalized Hamming weights; Cryptography; Galois fields; Geometry; Hamming weight; Linear codes; Vectors (ID#: 15-5160)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970808&isnumber=6970773

 

Pak Hou Che; Kadhe, S.; Bakshi, M.; Chung Chan; Jaggi, S.; Sprintson, A., "Reliable, Deniable And Hidable Communication: A Quick Survey," Information Theory Workshop (ITW), 2014 IEEE , vol., no., pp.227,231, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970826
Abstract: We survey here recent work pertaining to “deniable” communication - i.e., talking without being detected. We first highlight connections to other related notions (anonymity and secrecy). We then contrast the notions of deniability and secrecy. We highlight similarities and distinctions of deniability with a variety of related notions (LPD communications, stealth, channel resolvability) extant in the literature.
Keywords: cryptography; steganography; telecommunication channels; telecommunication network reliability; telecommunication security; LPD communications; channel resolvability; deniable communication; hidable communication; Cryptography; Noise; Reliability theory; Throughput (ID#: 15-5161)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970826&isnumber=6970773

 

Thangaraj, A., "Coding For Wiretap Channels: Channel Resolvability And Semantic Security," Information Theory Workshop (ITW), 2014 IEEE, pp. 232, 236, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970827
Abstract: Wiretap channels form the most basic building block of physical-layer and information-theoretic security. Considerable research work has gone into the information-theoretic, cryptographic and coding aspects of wiretap channels in the last few years. The main goal of this tutorial article is to provide a self-contained presentation of two recent results - one is a new and simplified proof for secrecy capacity using channel resolvability, and the other is the connection between semantic security and information-theoretic strong secrecy.
Keywords: channel coding; cryptography; information theory; telecommunication security; channel resolvability; coding aspects; cryptography; information-theoretic security; physical-layer; secrecy capacity; semantic security; wiretap channels coding; Cryptography; Encoding; Semantics; Standards; Zinc (ID#: 15-5162)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970827&isnumber=6970773

 

Pradhan, P.; Venkitasubramaniam, P., "Under The Radar Attacks In Dynamical Systems: Adversarial Privacy Utility Tradeoffs," Information Theory Workshop (ITW), 2014 IEEE, pp. 242, 246, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970829
Abstract: Cyber physical systems which integrate physical system dynamics with digital cyber infrastructure are envisioned to transform our core infrastructural frameworks such as the smart electricity grid, transportation networks and advanced manufacturing. This integration however exposes the physical system functioning to the security vulnerabilities of cyber communication. Both scientific studies and real world examples have demonstrated the impact of data injection attacks on state estimation mechanisms on the smart electricity grid. In this work, an abstract theoretical framework is proposed to study data injection/modification attacks on Markov modeled dynamical systems from the perspective of an adversary. Typical data injection attacks focus on one shot attacks by adversary and the non-detectability of such attacks under static assumptions. In this work we study dynamic data injection attacks where the adversary is capable of modifying a temporal sequence of data and the physical controller is equipped with prior statistical knowledge about the data arrival process to detect the presence of an adversary. The goal of the adversary is to modify the arrivals to minimize a utility function of the controller while minimizing the detectability of his presence as measured by the KL divergence between the prior and posterior distribution of the arriving data. Adversarial policies and tradeoffs between utility and detectability are characterized analytically using linearly solvable control optimization.
Keywords: Markov processes; radar; telecommunication security; Markov modeled dynamical systems; advanced manufacturing; adversarial privacy utility tradeoffs; core infrastructural frameworks; cyber communication; cyber physical systems; data arrival process; data injection attacks; digital cyber infrastructure; dynamic data injection attacks; dynamical systems; physical system dynamics; radar attacks; security vulnerabilities; smart electricity grid; state estimation mechanisms; temporal sequence; transportation networks; Markov processes; Mathematical model; Power system dynamics; Privacy; Process control; Smart grids; State estimation (ID#: 15-5163)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970829&isnumber=6970773

 

Kosut, O.; Li-Wei Kao, "On Generalized Active Attacks By Causal Adversaries In Networks," Information Theory Workshop (ITW), 2014 IEEE, pp. 247, 251, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970830
Abstract: Active attacks are studied on noise-free graphical multicast networks. A malicious adversary may enter the network and arbitrarily corrupt transmissions. A very general model is adopted for the scope of attack: a collection of sets of edges is specified, and the adversary may control any one set of edges in this collection. The adversary is assumed to be omniscient but causal, such that the adversary is forced to decide on transmissions before knowing random choices by the honest nodes. Four main results are presented. First, a precise characterization of whether any positive rate can be achieved. Second, a simple erasure upper bound. Third, an achievable bound wherein random hashes are generated and distributed, so that nodes in the network can filter out adversarial corruption. Finally, an example network is presented that has capacity strictly between the general upper and lower bounds.
Keywords: graph theory; multicast communication; network coding; telecommunication security; adversarial corruption; erasure upper bound; generalized active attacks; graphical multicast networks; malicious adversary; Artificial neural networks; Decoding; Encoding; Error correction; Network coding; Upper bound; Vectors (ID#: 15-5164)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970830&isnumber=6970773

 

Li-Chia Choo; Cong Ling, "Superposition Lattice Coding For Gaussian Broadcast Channel With Confidential Message," Information Theory Workshop (ITW), 2014 IEEE, pp. 311, 315, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970844
Abstract: In this paper, we propose superposition coding based on the lattice Gaussian distribution to achieve strong secrecy over the Gaussian broadcast channel with one confidential message, with a constant gap to the secrecy capacity (only for the confidential message). The proposed superposition lattice code consists of a lattice Gaussian code for the Gaussian noise and a wiretap lattice code with strong secrecy. The flatness factor is used to analyze the error probability, information leakage and achievable rates. By removing the secrecy coding, we can modify our scheme to achieve the capacity of the Gaussian broadcast channel with one common and one private message without the secrecy constraint.
Keywords: Gaussian channels; broadcast channels; channel coding; error statistics; lattice theory; telecommunication security; Gaussian broadcast channel; Gaussian noise; achievable rates; confidential message; constant gap; error probability analysis; flatness factor ;information leakage; lattice Gaussian code; lattice Gaussian distribution; secrecy capacity; superposition lattice coding; wiretap lattice code; Decoding; Encoding; Error probability; Gaussian distribution Lattices; Noise; Vectors (ID#: 15-5165)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970844&isnumber=6970773

 

Jinlong Lu; Harshan, J.; Oggier, F., "A USRP Implementation Of Wiretap Lattice Codes," Information Theory Workshop (ITW), 2014 IEEEpp. 316, 320, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970845
Abstract: A wiretap channel models a communication channel between a legitimate sender Alice and a legitimate receiver Bob in the presence of an eavesdropper Eve. Confidentiality between Alice and Bob is obtained using wiretap codes, which exploit the difference between the channels to Bob and to Eve. This paper discusses a first implementation of wiretap lattice codes using USRP (Universal Software Radio Peripheral), which focuses on the channel between Alice and Eve. Benefits of coset encoding for Eve's confusion are observed, using different lattice codes in small dimensions, and varying the position of the eavesdropper.
Keywords: channel coding; software radio; telecommunication security; USRP implementation; communication channel; coset encoding; eavesdropper; universal software radio peripheral; wiretap channel models; wiretap lattice codes; Baseband; Decoding; Encoding; Lattices; Receivers; Security; Signal to noise ratio (ID#: 15-5166)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970845&isnumber=6970773

 

Ng, D.W.K.; Schober, R., "Max-Min Fair Wireless Energy Transfer For Secure Multiuser Communication Systems," Information Theory Workshop (ITW), 2014 IEEE, pp. 326, 330, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970847
Abstract: This paper considers max-min fairness for wireless energy transfer in a downlink multiuser communication system. Our resource allocation design maximizes the minimum harvested energy among multiple multiple-antenna energy harvesting receivers (potential eavesdroppers) while providing quality of service (QoS) for secure communication to multiple single-antenna information receivers. In particular, the algorithm design is formulated as a non-convex optimization problem which takes into account a minimum required signal-to-interference-plus-noise ratio (SINR) constraint at the information receivers and a constraint on the maximum tolerable channel capacity achieved by the energy harvesting receivers for a given transmit power budget. The proposed problem formulation exploits the dual use of artificial noise generation for facilitating efficient wireless energy transfer and secure communication. A semidefinite programming (SDP) relaxation approach is exploited to obtain a global optimal solution of the considered problem. Simulation results demonstrate the significant performance gain in harvested energy that is achieved by the proposed optimal scheme compared to two simple baseline schemes.
Keywords: MIMO communication; antenna arrays; channel capacity; energy harvesting; next generation networks; optimisation; quality of service; resource allocation; telecommunication security; MIMO communication; QoS; artificial noise generation; max-min fair wireless energy transfer; maximum tolerable channel capacity; minimum harvested energy; multiple multiple-antenna energy harvesting receivers; multiple single-antenna information receivers; multiuser communication system security; next generation wireless communication system; nonconvex optimization problem; potential eavesdroppers; quality of service; resource allocation; semidefinite programming relaxation approach; Energy harvesting; Interference; Noise; Optimization; Receivers; Resource management; Wireless communication (ID#: 15-5167)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970847&isnumber=6970773

 

Jianwei Xie; Ulukus, S., "Secure Degrees Of Freedom Region Of The Gaussian Interference Channel With Secrecy Constraints," Information Theory Workshop (ITW), 2014 IEEE, pp. 361, 365, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970854
Abstract: The sum secure degrees of freedom (s.d.o.f.) of the K-user interference channel (IC) with secrecy constraints has been determined recently as equation [1], [2]. In this paper, we determine the entire s.d.o.f. region of this channel model. The converse includes constraints both due to secrecy as well as due to interference. Although the portion of the region close to the optimum sum s.d.o.f. point is governed by the upper bounds due to secrecy constraints, the other portions of the region are governed by the upper bounds due to interference constraints. Different from the existing literature, in order to fully understand the characterization of the s.d.o.f. region of the IC, one has to study the 4-user case, i.e., the 2 or 3-user cases do not illustrate the generality of the problem. In order to prove the achievability, we use the polytope structure of the converse region. The extreme points of the converse region are achieved by a (K - m)-user IC with confidential messages, m helpers, and N external eavesdroppers, for m ≥ 1 and a finite N. A byproduct of our results in this paper is that the sum s.d.o.f. is achieved only at one extreme point of the s.d.o.f. region, which is the symmetric-rate extreme point.
Keywords: Gaussian channels; interference (signal);security of data; wireless channels; Gaussian interference channel; K-user interference channel; channel model; converse region; interference constraints; polytope structure; secrecy constraints; secure degrees of freedom; symmetric-rate extreme point; upper bounds; Integrated circuits; Interference channels; Noise; Receivers; Transmitters; Upper bound (ID#: 15-5168)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970854&isnumber=6970773

 

Xuan Guang; Jiyong Lu; Fang-Wei Fu, "Locality-Preserving Secure Network Coding," Information Theory Workshop (ITW), 2014 IEEE, pp. 396, 400, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970861
Abstract: In the paradigm of network coding, when wiretapping attacks occur, secure network coding is introduced to prevent information leaking adversaries. In practical network communications, the source often multicasts messages at several different rates within a session. How to deal with information transmission and information security simultaneously under variable rates and fixed security-level is introduced in this paper as a variable-rate and fixed-security-level secure network coding problem. In order to solve this problem effectively, we propose the concept of locality-preserving secure linear network codes of different rates and fixed security-level, which have the same local encoding kernel at each internal node. We further present an approach to construct such a family of secure linear network codes and give an algorithm for efficient implementation. This approach saves the storage space for both source node and internal nodes, and resources and time on networks. Finally, the performance of the proposed algorithm is analyzed, including the field size, computational and storage complexities.
Keywords: linear codes; network coding; telecommunication security; variable rate codes; fixed-security-level secure network coding problem; information security; information transmission; internal nodes; local encoding kernel; locality-preserving secure linear network codes; source node; variable-rate secure network coding problem; wiretapping attacks; Complexity theory; Decoding; Encoding; Information rates; Kernel; Network coding; Vectors (ID#: 15-5169)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970861&isnumber=6970773

 

Bin Dai; Zheng Ma, "Feedback Enhances The Security Of Degraded Broadcast Channels With Confidential Messages And Causal Channel State Information," Information Theory Workshop (ITW), 2014 IEEE, pp.411,415, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970864
Abstract: In this paper, we investigate the degraded broadcast channels with confidential messages (DBC-CM), causal channel state information (CSI), and with or without noiseless feedback. The inner and outer bounds on the capacity-equivocation region are given for the non-feedback mode, and the capacity-equivocation region is determined for the feedback model. We find that by using this noiseless feedback, the achievable rate-equivocation region (inner bound on the capacity-equivocation region) of the DBC-CM with causal CSI is enhanced.
Keywords: broadcast channels; channel capacity; channel coding; feedback; telecommunication security; DBC-CM; capacity-equivocation region; channel state information; confidential messages; degraded broadcast channels; noiseless feedback; rate-equivocation region; Decoding; Joints; Random variables; Receivers; Silicon; Transmitters; Zinc; Broadcast channel; channel state information; confidential message; feedback (ID#: 15-5170)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970864&isnumber=6970773

 

Fei Lang; Zhixiang Deng; Bao-Yun Wang, "Secure Communication Of Correlated Sources Over Broadcast Channels," Information Theory Workshop (ITW), 2014 IEEE, pp. 416, 420, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970865
Abstract: Broadcast channels with correlated sources are considered from a joint source-channel coding perspective, where each receiver is kept in ignorance of the source intended for the other receiver. This setting can be seen as a generalization of Han-Costa's broadcast channel with correlated sources under additional secrecy constraints on both receivers. General outer and inner bounds for this reliable and secure communication are determined. The joint source-channel coding is proved to be optimal for two special cases, including the sources satisfying a certain Markov property sent over semi-deterministic broadcast channels, and arbitrary correlated sources sent over less-noisy broadcast channels.
Keywords: broadcast channels; channel coding; correlation methods; radiocommunication; source coding; telecommunication network reliability; telecommunication security; Han-Costa broadcast channel; broadcast channels; correlated source; joint source-channel coding; less-noisy broadcast channel; reliable communication; secure communication; Decoding; Educational institutions; Encoding; Joints; Markov processes; Receivers; Reliability (ID#: 15-5171)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970865&isnumber=6970773

 

Benammar, M.; Piantanida, P., "On The Secrecy Capacity Region Of The Wiretap Broadcast Channel," Information Theory Workshop (ITW), 2014 IEEE, pp. 421, 425, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970866
Abstract: This work investigates the secrecy capacity region of the Wiretap Broadcast Channel (WBC) where an encoder communicates two private messages over a Broadcast Channel (BC) while keeping both messages secret from the eavesdropper. Our main result is the derivation of a novel outer bound and an inner bound on the secrecy capacity region of this setting. These results allow us to characterize the capacity region for three non-degraded classes of WBCs: the deterministic and the semi-deterministic WBC with a more noisy eavesdropper, and the WBC when users exhibit less noisiness order between them.
Keywords: broadcast channels; encoding; telecommunication security; WBC nondegraded class; eavesdropper; encoder; private messaging; secrecy capacity region; secret messaging; wiretap broadcast channel; Decoding; Encoding; Noise measurement; Receivers; Standards; Zinc (ID#: 15-5172)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970866&isnumber=6970773

 

Mansour, A.S.; Schaefer, R.F.; Boche, H., "Secrecy Measures For Broadcast Channels With Receiver Side Information: Joint Vs Individual," Information Theory Workshop (ITW), 2014 IEEE, pp. 426, 430, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970867
Abstract: We study the transmission of a common message and three confidential messages over a broadcast channel with two legitimate receivers and an eavesdropper. Each legitimate receiver is interested in decoding two of the three confidential messages, while having the third one as side information. In order to measure the ignorance of the eavesdropper about the confidential messages, we investigate two different secrecy criteria: joint secrecy and individual secrecy. For both criteria, we provide a general achievable rate region. We establish both the joint and individual secrecy capacity if the two legitimate receivers are less noisy than the eavesdropper. We further investigate the scenario where the eavesdropper is less noisy than the two legitimate receivers. It is known that the joint secrecy constraints can not be fulfilled under this scenario, however, we manage to establish a non vanishing capacity region for the individual secrecy case.
Keywords: broadcast channels; radio receivers; telecommunication security; broadcast channels; confidential messages; individual secrecy; joint secrecy; receiver side information; Decoding; Encoding; Joints; Markov processes; Noise measurement; Receivers; Reliability (ID#: 15-5173)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970867&isnumber=6970773

 

Bracher, A.; Hof, E.; Lapidoth, A., "Distributed Storage For Data Security," Information Theory Workshop (ITW), 2014 IEEE, pp. 506, 510, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970883
Abstract: We study the secrecy of a distributed storage system for passwords. The encoder, Alice, observes a length-n password and describes it using two hints, which she then stores in different locations. The legitimate receiver, Bob, observes both hints. In one scenario we require that the number of guesses it takes Bob to guess the password approach 1 as n tends to infinity and in the other that the size of the list that Bob must form to guarantee that it contain the password approach 1. The eavesdropper, Eve, sees only one of the hints; Alice cannot control which. For each scenario we characterize the largest normalized (by n) exponent that we can guarantee for the number of guesses it takes Eve to guess the password.
Keywords: authorisation; message authentication; storage management; data security; distributed storage system; password approach; Blogs; Encoding; Entropy; Equations; Receivers; Stochastic processes; Upper bound (ID#: 15-5174)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970883&isnumber=6970773

 

Iwamoto, M.; Omino, T.; Komano, Y.; Ohta, K., "A New Model Of Client-Server Communications Under Information Theoretic Security," Information Theory Workshop (ITW), 2014 IEEE, pp. 511, 515, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970884
Abstract: A new model for a Client-Server Communication (CSC) system satisfying information theoretic security is proposed, and its fundamental properties are discussed. Our CSC allows n users to upload their respective messages to a server securely by using symmetric key encryptions with their own keys, and all ciphertexts are decrypted by the server. If we require all messages to be perfectly secure in CSC against the corrupted clients and adversaries without any keys, it is proved that a one time pad or more inefficient encryption must be used for each communication link between a client and the server. This means that, in order to realize more efficient CSC, it is necessary to leak out some information of each message. Based on these observations, we introduce a new model for such a secure CSC formally, and discuss its fundamental properties. In addition, we propose the optimal construction of CSC under several constraints on security parameters called security rates.
Keywords: client-server systems; cryptography; information theory; telecommunication security; CSC; ciphertexts; client-server communication system; communication link; corrupted clients; information theoretic security; security parameters; security rates; symmetric key encryptions; Correlation; Cryptography; Educational institutions; Electronic mail; Protocols; Servers (ID#: 15-5175)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970884&isnumber=6970773

 

Ye Wang; Ishwar, P.; Rane, S., "An Elementary Completeness Proof For Secure Two-Party Computation Primitives," Information Theory Workshop (ITW), 2014 IEEE, pp. 521, 525, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970886
Abstract: In the secure two-party computation problem, two parties wish to compute a (possibly randomized) function of their inputs via an interactive protocol, while ensuring that neither party learns more than what can be inferred from only their own input and output. For semi-honest parties and information-theoretic security guarantees, it is well-known that, if only noise-less communication is available, only a limited set of functions can be securely computed; however, if interaction is also allowed over general communication primitives (multi-input/output channels), there are “complete” primitives that enable any function to be securely computed. The general set of complete primitives was characterized recently by Maji, Prabhakaran, and Rosulek leveraging an earlier specialized characterization by Kilian. Our contribution in this paper is a simple, self-contained, alternative derivation using elementary information-theoretic tools.
Keywords: cryptographic protocols; cryptographic protocols; elementary completeness proof; general communication; information theoretic security; interactive protocol; noise less communication; secure two party computation primitives; Joints; Markov processes; Mutual information; Protocols; Random variables; Redundancy; Security (ID#: 15-5176)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970886&isnumber=6970773

 

Subramanian, R.; Land, I., "The Role Of Artificial Noise In Multi-Antenna Fading Wiretap Channels: Useful Or Harmful?," Information Theory Workshop (ITW), 2014 IEEE, pp. 641, 645, 2-5 Nov. 2014. doi: 10.1109/ITW.2014.6970910
Abstract: New insights into the role of artificial noise in securing communication in a Gaussian multi-antenna fading wiretap channel are presented. An appropriate secrecy-outage-based optimization framework is developed for the Multiple-Input Single-Output Single-Eavesdropper (MISOSE) case to measure the performance of artificial noise. It is assumed that only the legitimate receiver's instantaneous channel state information and the average statistics of the eavesdropper's channel are available at the transmitter. The optimization is based on maximizing the effective secret-message rate constrained by a given maximum secrecy outage criterion. Under this framework, a fundamental investigation is conducted into whether it is worthwhile for the transmitter to allocate any of its available power for artificial noise. By numerically solving the optimization problem, it is demonstrated that there are: (i) scenarios where artificial noise does indeed give significant gains in the secret-message rate, and (ii) scenarios where any amount of power allocation to artificial noise is wasteful in view of the overall performance.
Keywords: Gaussian channels; fading channels; noise; optimisation; telecommunication security; Gaussian multi-antenna fading wiretap channel; MISOSE; artificial noise; channel state information; eavesdroppers channel; multiple-input single-output single-eavesdropper; power allocation; secrecy-outage-based optimization framework; secret-message rate; Encoding; Linear programming; Noise; Optimization; Receivers; Resource management; Transmitters (ID#: 15-5177)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6970910&isnumber=6970773

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

International Conferences: Computer Security Applications Conference, December 2014, New Orleans, Part 1

---

	International Conferences: Computer Security Applications Conference, December 2014, New Orleans, Part 1

 

The 2014 Annual Computer Security Applications Conference (ACSAC) had special focus on Cybersecurity for Cyber-Physical Systems.  Held December 8-12, 2014, ACSAC has a tradition of bringing together security professionals from academia, government and industry who are interested in applied security. It is an internationally recognized forum where practitioners, researchers, and developers in information system security meet to learn and to exchange practical ideas and experiences. 

---

 

Aviel D. Rubin; Taking Two-Factor To The Next Level: Protecting Online Poker, Banking, Healthcare And Other Applications; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 1-5. Doi: 10.1145/2664243.2684461 As an avid poker player, I enjoyed playing low stakes cash games and low buy-in tournaments on Full Tilt Poker before Black Friday.i However, as a Computer Scientist specializing in network and software security, I would never play poker online for any significant stakes, due to security concerns around malware and malicious remote access tools. Similarly, malware and remote access tools threaten online banking, online access to healthcare records and many other applications. In this article, I describe a new solution to the problem of remote access via malware that is easy to adopt, requires no new hardware or user training, and which I believe greatly reduces the threats to online applications.
Keywords: online applications security, security, two-factor (ID#: 15-4993)
URL: http://doi.acm.org/10.1145/2664243.2684461

 

Adrian Dabrowski, Nicola Pianta, Thomas Klepp, Martin Mulazzani, Edgar Weippl; IMSI-Catch Me If You Can: IMSI-Catcher-Catchers;  ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 246-255.  Doi: 10.1145/2664243.2664272 IMSI Catchers are used in mobile networks to identify and eavesdrop on phones. When, the number of vendors increased and prices dropped, the device became available to much larger audiences. Self-made devices based on open source software are available for about US$ 1,500.  In this paper, we identify and describe multiple methods of detecting artifacts in the mobile network produced by such devices. We present two independent novel implementations of an IMSI Catcher Catcher (ICC) to detect this threat against everyone's privacy. The first one employs a network of stationary (sICC) measurement units installed in a geographical area and constantly scanning all frequency bands for cell announcements and fingerprinting the cell network parameters. These rooftop-mounted devices can cover large areas. The second implementation is an app for standard consumer grade mobile phones (mICC), without the need to root or jailbreak them. Its core principle is based upon geographical network topology correlation, facilitating the ubiquitous built-in GPS receiver in today's phones and a network cell capabilities fingerprinting technique. The latter works for the vicinity of the phone by first learning the cell landscape and than matching it against the learned data. We implemented and evaluated both solutions for digital self-defense and deployed several of the stationary units for a long term field-test. Finally, we describe how to detect recently published denial of service attacks.
Keywords: (not provided) (ID#: 15-4994)
URL: http://doi.acm.org/10.1145/2664243.2664272

 

Yuru Shao, Xiapu Luo, Chenxiong Qian, Pengfei Zhu, Lei Zhang; Towards a Scalable Resource-Driven Approach For Detecting Repackaged Android Applications; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 56-65. Doi: 10.1145/2664243.2664275 Repackaged Android applications (or simply apps) are one of the major sources of mobile malware and also an important cause of severe revenue loss to app developers. Although a number of solutions have been proposed to detect repackaged apps, the majority of them heavily rely on code analysis, thus suffering from two limitations: (1) poor scalability due to the billion opcode problem; (2) unreliability to code obfuscation/app hardening techniques. In this paper, we explore an alternative approach that exploits core resources, which have close relationships with codes, to detect repackaged apps. More precisely, we define new features for characterizing apps, investigate two kinds of algorithms for searching similar apps, and propose a two-stage methodology to speed up the detection. We realize our approach in a system named ResDroid and conduct large scale evaluation on it. The results show that ResDroid can identify repackaged apps efficiently and effectively even if they are protected by obfuscation or hardening systems.
Keywords:  (not provided) (ID#: 15-4995)
URL:  http://doi.acm.org/10.1145/2664243.2664275

 

Drew Davidson, Matt Fredrikson, Benjamin Livshits;  MoRePriv: Mobile OS Support For Application Personalization And Privacy; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, pages 236-245. Doi: 10.1145/2664243.2664266 Privacy and personalization of mobile experiences are inherently in conflict: better personalization demands knowing more about the user, potentially violating user privacy. A promising approach to mitigate this tension is to migrate personalization to the client, an approach dubbed client-side personalization. This paper advocates for operating system support for client-side personalization and describes MoRePriv, an operating system service implemented in the Windows Phone OS. We argue that personalization support should be as ubiquitous as location support, and should be provided by a unified system within the OS, instead of by individual apps.  We aim to provide a solution that will stoke innovation around mobile personalization. To enable easy application personalization, MoRePriv approximates users' interests using personae such as technophile or business executive. Using a number of case studies and crowd-sourced user studies, we illustrate how more complex personalization tasks can be achieved using MoRePriv.  For privacy protection, MoRePriv distills sensitive user information to a coarse-grained profile, which limits the potential damage from information leaks. We see MoRePriv as a way to increase end-user privacy by enabling client-side computing, thus minimizing the need to share user data with the server. As such, MoRePriv shepherds the ecosystem towards a better privacy stance by nudging developers away from today's privacy-violating practices. Furthermore, MoRePriv can be combined with privacy-enhancing technologies and is complimentary to recent advances in data leak detection.
Keywords: personalization, privacy, security (ID#: 15-4996)
URL:   http://doi.acm.org/10.1145/2664243.2664266

 

Amir Herzberg, Haya Shulman; DNS Authentication As A Service: Preventing Amplification Attacks; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 356-365. Doi: 10.1145/2664243.2664281 We present the first defence against DNS-amplification DoS attacks, which is compatible with the common DNS servers configurations and with the (important standard) DNSSEC. We show that the proposed DNS-authentication system is efficient, and effectively prevents DNS-based amplification DoS attacks abusing DNS name servers. We present a game-theoretic model and analysis, predicting a wide-spread adoption of our design, sufficient to reduce the threat of DNS amplification DoS attacks. To further reduce costs and provide additional defences for DNS servers, we show how to deploy our design as a cloud based service.
Keywords: DNS amplification, DNS authentication, DNS reflection, denial of service attacks, source authentication (ID#: 15-4997)
URL:  http://doi.acm.org/10.1145/2664243.2664281

 

Yuzhe Tang, Ting Wang, Ling Liu, Xin Hu, Jiyong Jang; Lightweight Authentication of Freshness in Outsourced Key-Value Stores; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 176-185. Doi: 10.1145/2664243.2664244 Data outsourcing offers cost-effective computing power to manage massive data streams and reliable access to data. Data owners can forward their data to clouds, and the clouds provide data mirroring, backup, and online access services to end users. However, outsourcing data to untrusted clouds requires data authenticity and query integrity to remain in the control of the data owners and users.  In this paper, we address the authenticated data-outsourcing problem specifically for multi-version key-value data that is subject to continuous updates under the constraints of data integrity, data authenticity, and "freshness" (i.e., ensuring that the value returned for a key is the latest version). We detail this problem and propose IncBM-Tree, a novel construct delivering freshness and authenticity. Compared to existing work, we provide a solution that offers (i) lightweight signing and verification on massive data update streams for data owners and users (e.g., allowing for small memory footprint and CPU usage for a low-budget IT department), (ii) immediate authentication of data freshness, (iii) support of authentication in the presence of both real-time and historical data accesses. Extensive benchmark evaluations demonstrate that IncBM-Tree achieves higher throughput (in an order of magnitude) for data stream authentication than existing work. For data owners and end users that have limited computing power, IncBM-Tree can be a practical solution to authenticate the freshness of outsourced data while reaping the benefits of broadly available cloud services.
Keywords:  (not provided) (ID#: 15-4998)
URL:  http://doi.acm.org/10.1145/2664243.2664244

 

Marco Balduzzi, Alessandro Pasta, Kyle Wilhoit; A Security Evaluation Of AIS Automated Identification System; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 436-445. Doi: 10.1145/2664243.2664257 AIS, Automatic Identification System, is an application of cyber-physical systems (CPS) to smart transportation at sea. Being primarily used for collision avoidance and traffic monitoring by ship captains and maritime authorities, AIS is a mandatory installation for over 300,000 vessels worldwide since 2002. Other promoted benefits are accident investigation, aids to navigation and search and rescue (SAR) operations. In this paper, we present a unique security evaluation of AIS, by introducing threats affecting both the implementation in online providers and the protocol specification. Using a novel software-based AIS transmitter that we designed, we show that our findings affect all transponders deployed globally on vessels and other maritime stations like lighthouses, buoys, AIS gateways, vessel traffic services and aircraft involved in SAR operations. Our concerns have been acknowledged by online providers and international standards organizations, and we are currently and actively working together to improve the overall security.
Keywords:  (not provided) (ID#: 15-4999)
URL: http://doi.acm.org/10.1145/2664243.2664257

 

Gabi Nakibly, Adi Sosnovich, Eitan Menahem, Ariel Waizel, Yuval Elovici; OSPF Vulnerability To Persistent Poisoning Attacks: A Systematic Analysis; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 336-345. Doi: 10.1145/2664243.2664278  Open Shortest Path First (OSPF) is one of the most widely deployed interior gateway routing protocols on the Internet. The most common attack vector against OSPF is spoofing of routing advertisements on behalf of a remote router. OSPF employs a self-defense "fight-back" mechanism that quickly reverts the effects of such attacks. Nonetheless, some attacks that evade the fight-back mechanism have been discovered, making it possible to persistently falsify routing advertisements. This type of attacks are the most serious threat to a routing protocol since they allow an attacker to gain persistent control over how traffic is routed throughout the network. This shows that despite its maturity, the OSPF specification is not without security flaws and may have still-unknown vulnerabilities. In this work we systematically analyze -- manually and by formal verification -- the OSPF specification for additional vulnerabilities in the fight-back mechanism. Our analysis uncovered a fundamental security flaw in OSPF that allows a simple means for an attacker to evade the fight-back mechanism. Most major router vendors acknowledged the existence of this vulnerability in their products. Fortunately, our analysis strongly indicates that no other vulnerabilities in the fight-back mechanism are likely to exist.
Keywords: OSPF, formal verification, routing security (ID#: 15-5000)
URL: http://doi.acm.org/10.1145/2664243.2664278

 

Sevtap Duman, Kaan Onarlioglu, Ali Osman Ulusoy, William Robertson, Engin Kirda; TrueClick: Automatically Distinguishing Trick Banners From Genuine Download Links; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 456-465. Doi: 10.1145/2664243.2664279 The ubiquity of Internet advertising has made it a popular target for attackers. One well-known instance of these attacks is the widespread use of trick banners that use social engineering techniques to lure victims into clicking on deceptive fake links, potentially leading to a malicious domain or malware. A recent and pervasive trend by attackers is to imitate the "download" or "play" buttons in popular file sharing sites (e.g., one-click hosters, video-streaming sites, bittorrent sites) in an attempt to trick users into clicking on these fake banners instead of the genuine link.  In this paper, we explore the problem of automatically assisting Internet users in detecting malicious trick banners and helping them identify the correct link. We present a set of features to characterize trick banners based on their visual properties such as image size, color, placement on the enclosing webpage, whether they contain animation effects, and whether they consistently appear with the same visual properties on consecutive loads of the same webpage. We have implemented a tool called TrueClick, which uses image processing and machine learning techniques to build a classifier based on these features to automatically detect the trick banners on a webpage. Our approach automatically classifies trick banners, and requires no manual effort to compile blacklists as current approaches do. Our experiments show that TrueClick results in a 3.55 factor improvement in correct link selection in the absence of other ad blocking software, and that it can detect trick banners missed by a popular ad detection tool, Adblock Plus.
Keywords:  (not provided) (ID#: 15-5001)
URL:  http://doi.acm.org/10.1145/2664243.2664279

 

Yiming Jing, Ziming Zhao, Gail-Joon Ahn, Hongxin Hu; Morpheus: Automatically Generating Heuristics To Detect Android Emulators; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 216-225. Doi: 10.1145/2664243.2664250 Emulator-based dynamic analysis has been widely deployed in Android application stores. While it has been proven effective in vetting applications on a large scale, it can be detected and evaded by recent Android malware strains that carry detection heuristics. Using such heuristics, an application can check the presence or contents of certain artifacts and infer the presence of emulators. However, there exists little work that systematically discovers those heuristics that would be eventually helpful to prevent malicious applications from bypassing emulator-based analysis. To cope with this challenge, we propose a framework called Morpheus that automatically generates such heuristics. Morpheus leverages our insight that an effective detection heuristic must exploit discrepancies observable by an application. To this end, Morpheus analyzes the application sandbox and retrieves observable artifacts from both Android emulators and real devices. Afterwards, Morpheus further analyzes the retrieved artifacts to extract and rank detection heuristics. The evaluation of our proof-of-concept implementation of Morpheus reveals more than 10,000 novel detection heuristics that can be utilized to detect existing emulator-based malware analysis tools. We also discuss the discrepancies in Android emulators and potential countermeasures.
Keywords: Android, emulator, malware (ID#: 15-5002)
URL: http://doi.acm.org/10.1145/2664243.2664250

 

Hubert Ritzdorf, Nikolaos Karapanos, Srdjan Čapkun; Assisted Deletion of Related Content; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 206-215. Doi: 10.1145/2664243.2664287 On primary storage systems content is often replicated, converted or modified, and the users quickly lose control over its dispersal on the system. Deleting content related to a particular project from the system therefore becomes a labor-intensive task for the user. In this paper we present IRCUS, a system that assists the user in securely removing project-related content, but does not require changes to the user's behavior or to any of the system components, such as the file system, kernel or applications. IRCUS transparently integrates within the user's system, operates in user-space and stores the resulting metadata alongside the files. We implemented and evaluated our system and show that its overhead and accuracy are acceptable for practical use and deployment.
Keywords:  (Not provided) (ID#: 15-5003)
URL:  http://doi.acm.org/10.1145/2664243.2664287

 

Arthur Gervais, Srdjan Capkun, Ghassan O. Karame, Damian Gruber; On the Privacy Provisions Of Bloom Filters In Lightweight Bitcoin Clients; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 326-335. Doi: 10.1145/2664243.2664267 Lightweight Bitcoin clients are gaining increasing adoption among Bitcoin users, owing to their reduced resource and bandwidth consumption. These clients support a simplified payment verification (SPV) mode as they are only required to download and verify a part of the block chain---thus supporting the usage of Bitcoin on constrained devices, such as smartphones. SPV clients rely on Bloom filters to receive transactions that are relevant to their local wallet. These filters embed all the Bitcoin addresses used by the SPV clients, and are outsourced to more powerful Bitcoin nodes which then only forward to those clients transactions relevant to their outsourced Bloom filters.  In this paper, we explore the privacy of existing SPV clients. We show analytically and empirically that the reliance on Bloom filters within existing SPV clients leaks considerable information about the addresses of Bitcoin users. Our results show that an SPV client who uses a modest number of Bitcoin addresses (e.g., < 20) risks revealing almost all of his addresses. We also show that this information leakage is further exacerbated when users restart their SPV clients and/or when the adversary has access to more than one Bloom filter pertaining to the same SPV client. Motivated by these findings, we propose an efficient countermeasure to enhance the privacy of users which rely on SPV clients; our proposal can be directly integrated within existing SPV client implementations.
Keywords:  (not provided) (ID#: 15-5004)
URL: http://doi.acm.org/10.1145/2664243.2664267

 

Qian Feng, Aravind Prakash, Heng Yin, Zhiqiang Lin; MACE: High-Coverage And Robust Memory Analysis For Commodity Operating Systems; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 196-205. Doi: 10.1145/2664243.2664248 Memory forensic analysis collects evidence for digital crimes and malware attacks from the memory of a live system. It is increasingly valuable, especially in cloud computing. However, memory analysis on on commodity operating systems (such as Microsoft Windows) faces the following key challenges: (1) a partial knowledge of kernel data structures; (2) difficulty in handling ambiguous pointers; and (3) lack of robustness by relying on soft constraints that can be easily violated by kernel attacks. To address these challenges, we present MACE, a memory analysis system that can extract a more complete view of the kernel data structures for closed-source operating systems and significantly improve the robustness by only leveraging pointer constraints (which are hard to manipulate) and evaluating these constraint globally (to even tolerate certain amount of pointer attacks). We have evaluated MACE on 100 memory images for Windows XP SP3 and Windows 7 SP0. Overall, MACE can construct a kernel object graph from a memory image in just a few minutes, and achieves over 95% recall and over 96% precision. Our experiments on real-world rootkit samples and synthetic attacks further demonstrate that MACE outperforms other external memory analysis tools with respect to wider coverage and better robustness.
Keywords: memory analysis, random surfer, rootkit detection (ID#: 15-5005)
URL: http://doi.acm.org/10.1145/2664243.2664248

 

Lance Alt, Robert Beverly, Alberto Dainotti; Uncovering Network Tarpits With Degreaser; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 156-165. Doi: 10.1145/2664243.2664285 Network tarpits, whereby a single host or appliance can masquerade as many fake hosts on a network and slow network scanners, are a form of defensive cyber-deception. In this work, we develop degreaser, an efficient fingerprinting tool to remotely detect tarpits. In addition to validating our tool in a controlled environment, we use degreaser to perform an Internet-wide scan. We discover tarpits of non-trivial size in the wild (prefixes as large as/16), and characterize their distribution and behavior. We then show how tarpits pollute existing network measurement surveys that are tarpit-naïve, e.g. Internet census data, and how degreaser can improve the accuracy of such surveys. Lastly, our findings suggest several ways in which to advance the realism of current network tarpits, thereby raising the bar on tarpits as an operational security mechanism.
Keywords: deception, internet census, sticky honeypot, tarpits (ID#: 15-5006)
URL:  http://doi.acm.org/10.1145/2664243.2664285

 

Rui Han, Alejandro Mesa, Mihai Christodorescu, Saman Zonouz; TroGuard: Context-Aware Protection Against Web-Based Socially Engineered Trojans; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference. December 2014, Pages 66-75. Doi: 10.1145/2664243.2664270 Despite the increasing number of social engineering attacks through web browser applications, detection of socially engineered trojan downloads by enticed victim users remains a challenging endeavor. In this paper, we present TroGuard, a semi-automated web-based trojan detection solution, that notifies the user if the application she downloaded behaves differently than what she expected at download time. TroGuard builds on the hypothesis that in spite of millions of currently downloadable executables on the Internet, almost all of them provide functionalities from a limited set. Additionally, because each functionality, e.g., text editor, requires particular system resources, it exhibits a unique system-level activity pattern. During an offline process, TroGuard creates a profile dictionary of various functionalities. This profile dictionary is then used to warn the user if she downloads an executable whose observed activity does not match its advertised functionality (extracted through automated analysis of the download website). Our experimental results prove the above mentioned premise empirically and show that TroGuard can identify real-world socially engineered trojan download attacks effectively.
Keywords:  (not provided) (ID#: 15-5007)
URL:  http://doi.acm.org/10.1145/2664243.2664270

 

Sören Bleikertz, Carsten Vogel, Thomas Groß; Cloud Radar: Near Real-Time Detection of Security Failures in Dynamic Virtualized infrastructures;  ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference. December 2014, Pages 26-35. Doi: 10.1145/2664243.2664274  Cloud infrastructures are designed to share physical resources among many different tenants while ensuring overall security and tenant isolation. The complexity of dynamically changing and growing cloud environments, as well as insider attacks, can lead to misconfigurations that ultimately result in security failures. The detection of these misconfigurations and subsequent failures is a crucial challenge for cloud providers---an insurmountable challenge without tools. We establish an automated security analysis of dynamic virtualized infrastructures that detects misconfigurations and security failures in near real-time. The key is a systematic, differential approach that detects changes in the infrastructure and uses those changes to update its analysis, rather than performing one from scratch. Our system, called Cloud Radar, monitors virtualized infrastructures for changes, updates a graph model representation of the infrastructure, and also maintains a dynamic information flow graph to determine isolation properties. Whereas existing research in this area performs analyses on static snapshots of such infrastructures, our change-based approach yields significant performance improvements as demonstrated with our prototype for VMware environments.
Keywords:  (not provided) (ID#: 15-5008)
URL:   http://doi.acm.org/10.1145/2664243.2664274

 

Michael Backes, Sven Bugiel, Sebastian Gerling; Scippa: System-Centric IPC Provenance on Android; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 36-45. Doi: 10.1145/2664243.2664264  Google's Android OS provides a lightweight IPC mechanism called Binder, which enables the development of feature-rich apps that seamlessly integrate services and data of other apps. Whenever apps can act both as service consumers and service providers, it is inevitable that the IPC mechanism provides message receivers with message provenance information to establish trust. However, the Android OS currently fails in providing sufficient provenance information, which has led to a number of attacks.  We present an extension to the Android IPC mechanism, called Scippa, that establishes IPC call-chains across application processes. Scippa provides provenance information required to effectively prevent recent attacks such as confused deputy attacks. Our solution constitutes a system-centric approach that extends the Binder kernel module and Android's message handlers. Scippa integrates seamlessly into the system architecture and our evaluation shows a performance overhead of only 2.23% on Android OS v4.2.2.
Keywords:  (not provided) (ID#: 15-5009)
URL:   http://doi.acm.org/10.1145/2664243.2664264

 

Amir Herzberg, Haya Shulman, Bruno Crispo; Less is More: Cipher-Suite Negotiation for DNSSEC; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 346-355. Doi: 10.1145/2664243.2664283  We propose a transport layer cipher-suite negotiation mechanism for DNSSEC standard, allowing name-servers to send responses containing only the keys and signatures that correspond to the cipher-suite option negotiated with the resolver, rather than sending all the signatures and keys (as is done currently).  As we show, a lack of cipher-suite negotiation, is one of the factors impeding deployment of DNSSEC, and also results in adoption of weak ciphers. Indeed, the vast majority of domains rely on RSA 1024-bit cryptography, which is already considered insecure. Furthermore, domains, that want better security, have to support a number of cryptographic ciphers. As a result, the DNSSEC responses are large and often fragmented, harming the DNS functionality, and causing inefficiency and vulnerabilities.  A cipher-suite negotiation mechanism reduces responses' sizes, and hence solves the interoperability problems with DNSSEC-signed responses, and prevents reflection and cache poisoning attacks.
Keywords: DNS interoperability, DNS security, DNSSEC, cipher suite negotiation (ID#: 15-5010)
URL:   http://doi.acm.org/10.1145/2664243.2664283

 

Sebastian Biedermann, Stefan Katzenbeisser, Jakub Szefer; Hot-Hardening: Getting More Out Of Your Security Settings; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 6-15. Doi: 10.1145/2664243.2664246 Applying optimized security settings to applications is a difficult and laborious task. Especially in cloud computing, where virtual servers with various pre-installed software packages are leased, selecting optimized security settings is very difficult. In particular, optimized security settings are not identical in every setup. They depend on characteristics of the setup, on the ways an application is used or on other applications running on the same system. Configuring optimized settings given these interdependencies is a complex and time-consuming task. In this work, we present an autonomous agent which improves security settings of applications which run in virtual servers. The agent retrieves custom-made security settings for a target application by investigating its specific setup, it tests and transparently changes settings via introspection techniques unbeknownst from the perspective of the virtual server. During setting selection, the application's operation is not disturbed nor any user interaction is needed. Since optimal settings can change over time or they can change depending on different tasks the application handles, the agent can continuously adapt settings as well as improve them periodically. We call this approach hot-hardening and present results of an implementation that can hot-harden popular networking applications such as Apache2 and OpenSSH.
Keywords:  (not provided) (ID#: 15-5011)
URL:  http://doi.acm.org/10.1145/2664243.2664246

 

Jannik Pewny, Felix Schuster, Lukas Bernhard, Thorsten Holz, Christian Rossow;  Leveraging Semantic Signatures For Bug Search In Binary Programs; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 406-415. Doi: 10.1145/2664243.2664269 Software vulnerabilities still constitute a high security risk and there is an ongoing race to patch known bugs. However, especially in closed-source software, there is no straightforward way (in contrast to source code analysis) to find buggy code parts, even if the bug was publicly disclosed.  To tackle this problem, we propose a method called Tree Edit Distance Based Equational Matching (TEDEM) to automatically identify binary code regions that are "similar" to code regions containing a reference bug. We aim to find bugs both in the same binary as the reference bug and in completely unrelated binaries (even compiled for different operating systems). Our method even works on proprietary software systems, which lack source code and symbols.  The analysis task is split into two phases. In a preprocessing phase, we condense the semantics of a given binary executable by symbolic simplification to make our approach robust against syntactic changes across different binaries. Second, we use tree edit distances as a basic block-centric metric for code similarity. This allows us to find instances of the same bug in different binaries and even spotting its variants (a concept called vulnerability extrapolation). To demonstrate the practical feasibility of the proposed method, we implemented a prototype of TEDEM that can find real-world security bugs across binaries and even across OS boundaries, such as in MS Word and the popular messengers Pidgin (Linux) and Adium (Mac OS).
Keywords:  (not provided) (ID#: 15-5012)
URL:   http://doi.acm.org/10.1145/2664243.2664269

 

Michael Backes, Sven Bugiel, Sebastian Gerling, Philipp von Styp-Rekowsky; Android Security Framework: Extensible Multi-Layered Access Control on Android; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 46-55. Doi: 10.1145/2664243.2664265 We introduce the Android Security Framework (ASF), a generic, extensible security framework for Android that enables the development and integration of a wide spectrum of security models in form of code-based security modules. The design of ASF reflects lessons learned from the literature on established security frameworks (such as Linux Security Modules or the BSD MAC Framework) and intertwines them with the particular requirements and challenges from the design of Android's software stack. ASF provides a novel security API that supports authors of Android security extensions in developing their modules. This overcomes the current unsatisfactory situation to provide security solutions as separate patches to the Android software stack or to embed them into Android's mainline codebase. This system security extensibility is of particular benefit for enterprise or government solutions that require deployment of advanced security models, not supported by vanilla Android. We present a prototypical implementation of ASF and demonstrate its effectiveness and efficiency by modularizing different security models from related work, such as dynamic permissions, inlined reference monitoring, and type enforcement.
Keywords:  (not provided) (ID#: 15-5013)
URL:   http://doi.acm.org/10.1145/2664243.2664265

 

Carlos Barreto, Alvaro A. Cárdenas, Nicanor Quijano, Eduardo Mojica-Nava; CPS: Market Analysis Of Attacks Against Demand Response In The Smart Grid; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 136-145, doi: http://doi.acm.org/10.1145/2664243.2664284 Demand response systems assume an electricity retail-market with strategic electricity consuming agents. The goal in these systems is to design load shaping mechanisms to achieve efficiency of resources and customer satisfaction. Recent research efforts have studied the impact of integrity attacks in simplified versions of the demand response problem, where neither the load consuming agents nor the adversary are strategic.  In this paper, we study the impact of integrity attacks considering strategic players (a social planner or a consumer) and a strategic attacker. We identify two types of attackers: (1) a malicious attacker who wants to damage the equipment in the power grid by producing sudden overloads, and (2) a selfish attacker that wants to defraud the system by compromising and then manipulating control (load shaping) signals. We then explore the resiliency of two different demand response systems to these fraudsters and malicious attackers. Our results provide guidelines for system operators deciding which type of demand-response system they want to implement, how to secure them, and directions for detecting these attacks.
Keywords:  (not provided) (ID#: 15-5014)
URL:  http://doi.acm.org/10.1145/2664243.2664284

 

Hongyu Gao, Yi Yang, Kai Bu, Yan Chen, Doug Downey, Kathy Lee, Alok Choudhary; Spam Ain't As Diverse As It Seems: Throttling OSN Spam With Templates Underneath; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 76-85. Doi: 10.1145/2664243.2664251 In online social networks (OSNs), spam originating from friends and acquaintances not only reduces the joy of Internet surfing but also causes damage to less security-savvy users. Prior countermeasures combat OSN spam from different angles. Due to the diversity of spam, there is hardly any existing method that can independently detect the majority or most of OSN spam. In this paper, we empirically analyze the textual pattern of a large collection of OSN spam. An inspiring finding is that the majority (63.0%) of the collected spam is generated with underlying templates. We therefore propose extracting templates of spam detected by existing methods and then matching messages against the templates toward accurate and fast spam detection. We implement this insight through Tangram, an OSN spam filtering system that performs online inspection on the stream of user-generated messages. Tangram automatically divides OSN spam into segments and uses the segments to construct templates to filter future spam. Experimental results show that Tangram is highly accurate and can rapidly generate templates to throttle newly emerged campaigns. Specifically, Tangram detects the most prevalent template-based spam with 95.7% true positive rate, whereas the existing template generation approach detects only 32.3%. The integration of Tangram and its auxiliary spam filter achieves an overall accuracy of 85.4% true positive rate and 0.33% false positive rate.
Keywords: online social networks, spam, spam campaigns (ID#: 15-5015)
URL:   http://doi.acm.org/10.1145/2664243.2664251

 

Robert Gawlik, Thorsten Holz; Towards Automated Integrity Protection Of C++ Virtual Function Tables In Binary Programs; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 396-405. doi: 10.1145/2664243.2664249 Web browsers are one of the most used, complex, and popular software systems nowadays. They are prone to dangling pointers that result in use-after-free vulnerabilites and this is the de-facto way to exploit them. From a technical point of view, an attacker uses a technique called vtable hijacking to exploit such bugs. More specifically, she crafts bogus virtual tables and lets a freed C++ object point to it in order to gain control over the program at virtual function call sites.  In this paper, we present a novel approach towards mitigating and detecting such attacks against C++ binary code. We propose a static binary analysis technique to extract virtual function call site information in an automated way. Leveraging this information, we instrument the given binary executable and add runtime policy enforcements to thwart the illegal usage of these call sites. We implemented the proposed techniques in a prototype called T-VIP and successfully hardened three versions of Microsoft's Internet Explorer and Mozilla Firefox. An evaluation with several zero-day exploits demonstrates that our method prevents all of them. Performance benchmarks both on micro and macro level indicate that the overhead is reasonable with about 2.2%, which is only slightly higher compared to recent compiler-based approaches that address this problem.
Keywords:  (not provided) (ID#: 15-5016)
URL:  http://doi.acm.org/10.1145/2664243.2664249

 

Tianwei Zhang, Ruby B. Lee; New Models Of Cache Architectures Characterizing Information Leakage From Cache Side Channels; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 96-105. Doi: 10.1145/2664243.2664273 Side-channel attacks try to breach confidentiality and retrieve critical secrets through the side channels. Cache memories are a potential source of information leakage through side-channel attacks, many of which have been proposed. Meanwhile, different cache architectures have also been proposed to defend against these attacks. However, there are currently no means for comparing and evaluating the effectiveness of different defense solutions against these attacks.  In this paper, we propose a novel method to evaluate a system's vulnerability to side-channel attacks. We establish side-channel leakage models based on the non-interference property. Then we define how the security aspects of a cache architecture can be modeled as a finite-state machine (FSM) with state transitions that cause interference. We use mutual information to quantitatively reveal potential side-channel leakage of the architectures, and allow comparison of these architectures for their relative vulnerabilities to side-channel attacks. We use real attacks to validate our results.
Keywords:  (not provided) (ID#: 15-5017)
URL:  http://doi.acm.org/10.1145/2664243.266427

 

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

 

International Conferences: Computer Security Applications Conference, December 2014, New Orleans, Part 2

---

	International Conferences: Computer Security Applications Conference, December 2014, New Orleans, Part 2

 

The 2014 Annual Computer Security Applications Conference (ACSAC) had special focus on Cybersecurity for Cyber-Physical Systems.  Held December 8-12, 2014, ACSAC has a tradition of bringing together security professionals from academia, government and industry who are interested in applied security. It is an internationally recognized forum where practitioners, researchers, and developers in information system security meet to learn and to exchange practical ideas and experiences.  

---

 

Henry Carter, Charles Lever, Patrick Traynor; Whitewash: Outsourcing Garbled Circuit Generation for Mobile Devices; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 266-275. Doi: 10.1145/2664243.2664255 Garbled circuits offer a powerful primitive for computation on a user's personal data while keeping that data private. Despite recent improvements, constructing and evaluating circuits of any useful size remains expensive on the limited hardware resources of a smartphone, the primary computational device available to most users around the world. In this work, we develop a new technique for securely outsourcing the generation of garbled circuits to a Cloud provider. By outsourcing the circuit generation, we are able to eliminate the most costly operations from the mobile device, including oblivious transfers. Our proofs of security show that this technique provides the best security guarantees of any existing garbled circuit outsourcing protocol. We also experimentally demonstrate that our new protocol, on average, decreases execution time by 75% and reduces network costs by 60% compared to previous outsourcing protocols. In so doing, we demonstrate that the use of garbled circuits on mobile devices can be made nearly as practical as it is becoming for server-class machines.
Keywords:  (not provided) (ID#: 15-5018)
URL:   http://doi.acm.org/10.1145/2664243.2664255

 

Mingshen Sun, Min Zheng, John C. S. Lui, Xuxian Jiang; Design and Implementation of an Android Host-Based Intrusion Prevention System; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 226-235. Doi: 10.1145/2664243.2664245 Android has a dominating share in the mobile market and there is a significant rise of mobile malware targeting Android devices. Android malware accounted for 97% of all mobile threats in 2013 [26]. To protect smartphones and prevent privacy leakage, companies have implemented various host-based intrusion prevention systems (HIPS) on their Android devices. In this paper, we first analyze the implementations, strengths and weaknesses of three popular HIPS architectures. We demonstrate a severe loophole and weakness of an existing popular HIPS product in which hackers can readily exploit. Then we present a design and implementation of a secure and extensible HIPS platform---"Patronus." Patronus not only provides intrusion prevention without the need to modify the Android system, it can also dynamically detect existing malware based on runtime information. We propose a two-phase dynamic detection algorithm for detecting running malware. Our experiments show that Patronus can prevent the intrusive behaviors efficiently and detect malware accurately with a very low performance overhead and power consumption.
Keywords:  (not provided) (ID#: 15-5019)
URL:   http://doi.acm.org/10.1145/2664243.2664245

 

Xavier de Carné de Carnavalet, Mohammad Mannan; Challenges and Implications Of Verifiable Builds For Security-Critical Open-Source Software; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 16-25. Doi: 10.1145/2664243.2664288 The majority of computer users download compiled software and run it directly on their machine. Apparently, this is also true for open-sourced software -- most users would not compile the available source, and implicitly trust that the available binaries have been compiled from the published source code (i.e., no backdoor has been inserted in the binary). To verify that the official binaries indeed correspond to the released source, one can compile the source of a given application, and then compare the locally generated binaries with the developer-provided official ones. However, such simple verification is non-trivial to achieve in practice, as modern compilers, and more generally, toolchains used in software packaging, have not been designed with verifiability in mind. Rather, the output of compilers is often dependent on parameters that can be strongly tied to the building environment. In this paper, we analyze a widely-used encryption tool, TrueCrypt, to verify its official binary with the corresponding source. We first manually replicate a close match to the official binaries of sixteen most recent versions of TrueCrypt for Windows up to v7.1a, and then explain the remaining differences that can solely be attributed to non-determinism in the build process. Our analysis provides the missing guarantee on official binaries that they are indeed backdoor-free, and makes audits on TrueCrypt's source code more meaningful. Also, we uncover several sources of non-determinism in TrueCrypt's compilation process; these findings may help create future verifiable build processes.
Keywords: TrueCrypt, bitcoin, debian, deterministic build, reproducible build, tor (ID#: 15-5020)
URL:  http://doi.acm.org/10.1145/2664243.2664288

 

Fabienne Eigner, Aniket Kate, Matteo Maffei, Francesca Pampaloni, Ivan Pryvalov;  Differentially Private Data Aggregation With Optimal Utility; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 316-325. Doi: 10.1145/2664243.2664263 Computing aggregate statistics about user data is of vital importance for a variety of services and systems, but this practice has been shown to seriously undermine the privacy of users. Differential privacy has proved to be an effective tool to sanitize queries over a database, and various cryptographic protocols have been recently proposed to enforce differential privacy in a distributed setting, e.g., statical queries on sensitive data stored on the user's side. The widespread deployment of differential privacy techniques in real-life settings is, however, undermined by several limitations that existing constructions suffer from: they support only a limited class of queries, they pose a trade-off between privacy and utility of the query result, they are affected by the answer pollution problem, or they are inefficient.  This paper presents PrivaDA, a novel design architecture for distributed differential privacy that leverages recent advances in secure multiparty computations on fixed and floating point arithmetics to overcome the previously mentioned limitations. In particular, PrivaDA supports a variety of perturbation mechanisms (e.g., the Laplace, discrete Laplace, and exponential mechanisms) and it constitutes the first generic technique to generate noise in a fully distributed manner while maintaining the optimal utility. Furthermore, PrivaDA does not suffer from the answer pollution problem. We demonstrate the efficiency of PrivaDA with a performance evaluation, and its expressiveness and flexibility by illustrating several application scenarios such as privacy-preserving web analytics.
Keywords:  (not provided) (ID#: 15-5021)
URL:  http://doi.acm.org/10.1145/2664243.2664263  

 

Daniela Oliveira, Marissa Rosenthal, Nicole Morin, Kuo-Chuan Yeh, Justin Cappos, Yanyan Zhuang; It's the Psychology Stupid: How Heuristics Explain Software Vulnerabilities And How Priming Can Illuminate Developer's Blind Spots; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 296-305. Doi: 10.1145/2664243.2664254  Despite the security community's emphasis on the importance of building secure software, the number of new vulnerabilities found in our systems is increasing. In addition, vulnerabilities that have been studied for years are still commonly reported in vulnerability databases. This paper investigates a new hypothesis that software vulnerabilities are blind spots in developer's heuristic-based decision-making processes. Heuristics are simple computational models to solve problems without considering all the information available. They are an adaptive response to our short working memory because they require less cognitive effort. Our hypothesis is that as software vulnerabilities represent corner cases that exercise unusual information flows, they tend to be left out from the repertoire of heuristics used by developers during their programming tasks. To validate this hypothesis we conducted a study with 47 developers using psychological manipulation. In this study each developer worked for approximately one hour on six vulnerable programming scenarios. The sessions progressed from providing no information about the possibility of vulnerabilities, to priming developers about unexpected results, and explicitly mentioning the existence of vulnerabilities in the code. The results show that (i) security is not a priority in software development environments, (ii) security is not part of developer's mindset while coding, (iii) developers assume common cases for their code, (iv) security thinking requires cognitive effort, (v) security education helps, but developers can have difficulties correlating a particular learned vulnerability or security information with their current working task, and (vi) priming or explicitly cueing about vulnerabilities on-the-spot is a powerful mechanism to make developers aware about potential vulnerabilities.
Keywords:  (not provided) (ID#: 15-5022)
URL:  http://doi.acm.org/10.1145/2664243.2664254

 

Mathy Vanhoef, Frank Piessens;  Advanced Wi-Fi Attacks Using Commodity Hardware; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, pages 256-265. Doi: 10.1145/2664243.2664260 We show that low-layer attacks against Wi-Fi can be implemented using user-modifiable firmware. Hence cheap off-the-shelf Wi-Fi dongles can be used carry out advanced attacks. We demonstrate this by implementing five low-layer attacks using open source Atheros firmware. The first attack consists of unfair channel usage, giving the user a higher throughput while reducing that of others. The second attack defeats countermeasures designed to prevent unfair channel usage. The third attack performs continuous jamming, making the channel unusable for other devices. For the fourth attack we implemented a selective jammer, allowing one to jam specific frames already in the air. The fifth is a novel channel-based Man-in-the-Middle (MitM) attack, enabling reliable manipulation of encrypted traffic.  These low-layer attacks facilitate novel attacks against higher-layer protocols. To demonstrate this we show how our MitM attack facilitates attacks against the Temporal Key Integrity Protocol (TKIP) when used as a group cipher. Since a substantial number of networks still use TKIP as their group cipher, this shows that weaknesses in TKIP have a higher impact than previously thought.
Keywords:  (not provided) (ID#: 15-5023)
URL: http://doi.acm.org/10.1145/2664243.2664260

 

Samuel Junjie Tan, Sergey Bratus, Travis Goodspeed; Interrupt-Oriented Bugdoor Programming: A Minimalist Approach To Bugdooring Embedded Systems Firmware; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 116-125, doi: 10.1145/2664243.2664268 We demonstrate a simple set of interrupt-related vulnerability primitives that, despite being apparently innocuous, give attackers full control of a microcontroller platform. We then present a novel, minimalist approach to constructing deniable bugdoors for microcontroller firmware, and contrast this approach with the current focus of exploitation research on demonstrations of maximum computational power that malicious computation can achieve. Since the introduction of Return-oriented programming, an ever-increasing number of targets have been demonstrated to unintentionally yield Turing-complete computation environments to attackers controlling the target's various input channels, under ever more restrictive sets of limitations. Yet although modern OS defensive measures indeed require complex computations to bypass, this focus on maximum expressiveness of exploit programming models leads researchers to overlook other research directions for platforms that lack strong defensive measure but occur in mission-critical systems, namely, microcontrollers. In these systems, common exploiter goals such as sensitive code and data exfiltration or arbitrary code execution do not typically require complex computation; instead, a minimal computation is preferred and a simple set of vulnerability primitives typically suffices. We discuss examples of vulnerabilities and the new kinds of tools needed to avoid them in future firmware.
Keywords: ACSAC proceedings, hacking, microprocessor exploitation, security (ID#: 15-5024)
URL: http://doi.acm.org/10.1145/2664243.2664268 

 

M. Zubair Rafique, Juan Caballero, Christophe Huygens, Wouter Joosen; Network Dialog Minimization And Network Dialog Diffing: Two Novel Primitives For Network Security Applications; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 166-175. Doi: 10.1145/2664243.2664261 In this work, we present two fundamental primitives for network security: network dialog minimization and network dialog diffing. Network dialog minimization (NDM) simplifies an original dialog with respect to a goal, so that the minimized dialog when replayed still achieves the goal, but requires minimal network communication, achieving significant time and bandwidth savings. We present network delta debugging, the first technique to solve NDM. Network dialog diffing compares two dialogs, aligns them, and identifies their common and different parts. We propose a novel dialog diffing technique that aligns two dialogs by finding a mapping that maximizes similarity.  We have applied our techniques to 5 applications. We apply our dialog minimization approach for: building drive-by download milkers for 9 exploit kits, integrating them in a infrastructure that has collected over 14,000 malware samples running from a single machine; efficiently measuring the percentage of popular sites that allow cookie replay, finding that 31% do not destroy the server-side state when a user logs out and that 17% provide cookies that live over a month; simplifying a cumbersome user interface, saving our institution 3 hours of time per year and employee; and finding a new vulnerability in a SIP server. We apply our dialog diffing approach for clustering benign (F-Measure = 100%) and malicious (F-Measure = 87.6%) dialogs.
Keywords: network delta debugging, network dialog diffing, network dialog minimization, network security (ID#: 15-5025)
URL:  http://doi.acm.org/10.1145/2664243.2664261

 

Willem De Groef, Fabio Massacci, Frank Piessens; NodeSentry: Least-Privilege Library Integration For Server-Side JavaScript; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 446-455. Doi: 10.1145/2664243.2664276 Node.js is a popular JavaScript server-side framework with an efficient runtime for cloud-based event-driven architectures. Its strength is the presence of thousands of third-party libraries which allow developers to quickly build and deploy applications. These very libraries are a source of security threats as a vulnerability in one library can (and in some cases did) compromise one's entire server.  In order to support the least-privilege integration of libraries, we developed NodeSentry, the first security architecture for server-side JavaScript. Our policy enforcement infrastructure supports an easy deployment of web-hardening techniques and access control policies on interactions between libraries and their environment, including any dependent library.  We discuss the implementation of NodeSentry, and present its practical evaluation. For hundreds of concurrent clients, NodeSentry has the same capacity and throughput as plain Node.js. Only on a large scale, when Node.js itself yields to a heavy load, NodeSentry shows a limited overhead.
Keywords: JavaScript, web security (ID#: 15-5026)
URL:  http://doi.acm.org/10.1145/2664243.2664276

 

Hyungsub Kim, Sangho Lee, Jong Kim; Exploring and Mitigating Privacy Threats of HTML5 Geolocation API; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 306-315. Doi: 10.1145/2664243.2664247 The HTML5 Geolocation API realizes location-based services via theWeb by granting web sites the geographical location information of user devices. However, the Geolocation API can violate a user's location privacy due to its coarse-grained permission and location models. The API provides either exact location or nothing to web sites even when they only require approximate location. In this paper, we first conduct case studies on numerous web browsers and web sites to explore how they implement and utilize the Geolocation API. We detect 14 vulnerable web browsers and 603 overprivileged web sites that can violate a user's location privacy. To mitigate the privacy threats of the Geolocation API, we propose a novel scheme that (1) supports fine-grained permission and location models, and (2) recommends appropriate privacy settings to each user by inspecting the location sensitivity of each web page. Our scheme can accurately estimate each web page's necessary geolocation degree (estimation accuracy: ~93.5%). We further provide suggestions to improve the Geolocation API.
Keywords:  (not provided) (ID#: 15-5027)
URL:  http://doi.acm.org/10.1145/2664243.2664247

 

Adam J. Aviv, Dane Fichter; Understanding Visual Perceptions of Usability and Security of Android's Graphical Password Pattern; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 286-295. Doi: 10.1145/2664243.2664253 This paper reports the results of a user study of the Android graphical password system using an alternative survey methodology, pairwise preferences, that requests participants to select between pairs of patterns indicating either a security or usability preference. By carefully selecting password pairs to isolate a visual feature, a visual perception of usability and security of different features can be measured. We conducted a large IRB-approved survey using pairwise preferences which attracted 384 participants on Amazon Mechanical Turk. Analyzing the results, we find that visual features that can be attributed to complexity indicated a stronger perception of security, while spatial features, such as shifts up/down or left/right are not strong indicators for security or usability. We extended and applied the survey data by building logistic models to predict perception preferences by training on features used in the survey and other features proposed in related work. The logistic model accurately predicted preferences above 70%, twice the rate of random guessing, and the strongest feature in classification is password distance, the total length of all lines in the pattern, a feature not used in the online survey. This result provides insight into the internal visual calculus of users when comparing choices and selecting visual passwords, and the ultimate goal of this work is to leverage the visual calculus to design systems where inherent perceptions for usability coincides with a known metric of security.
Keywords:  (not provided) (ID#: 15-5028)
URL:  http://doi.acm.org/10.1145/2664243.2664253

 

Hendrik Meutzner, Viet-Hung Nguyen, Thorsten Holz, Dorothea Kolossa; Using Automatic Speech Recognition For Attacking Acoustic CAPTCHAs: The Trade-Off Between Usability And Security; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 276-285. Doi: 10.1145/2664243.2664262 A common method to prevent automated abuses of Internet services is utilizing challenge-response tests that distinguish human users from machines. These tests are known as CAPTCHAs (Completely Automated Public Turing Tests to Tell Computers and Humans Apart) and should represent a task that is easy to solve for humans, but difficult for fraudulent programs. To enable access for visually impaired people, an acoustic CAPTCHA is typically provided in addition to the better-known visual CAPTCHAs. Recent security studies show that most acoustic CAPTCHAs, albeit difficult to solve for humans, can be broken via machine learning.  In this work, we suggest using speech recognition rather than generic classification methods for better analyzing the security of acoustic CAPTCHAs. We show that our attack based on an automatic speech recognition system can successfully defeat CAPTCHA with a significantly higher success rate than reported in previous studies. A major difficulty in designing CAPTCHAs arises from the trade-off between human usability and robustness against automated attacks. We present and analyze an alternative CAPTCHA design that exploits specific capabilities of the human auditory system, i.e., auditory streaming and tolerance to reverberation. Since state-of-the-art speech recognition technology still does not provide these capabilities, the resulting CAPTCHA is hard to solve automatically. A detailed analysis of the proposed CAPTCHA shows a far better trade-off between usability and security than the current quasi-standard approach of reCAPTCHA.
Keywords:  (not provided) (ID#: 15-5029)
URL:   http://doi.acm.org/10.1145/2664243.2664262

 

Marina Krotofil, Alvaro A. Cárdenas, Bradley Manning, Jason Larsen; CPS: Driving Cyber-Physical Systems to Unsafe Operating Conditions by Timing DoS Attacks on Sensor Signals; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 146-155. Doi: 10.1145/2664243.2664290 DoS attacks on sensor measurements used for industrial control can cause the controller of the process to use stale data. If the DoS attack is not timed properly, the use of stale data by the controller will have limited impact on the process; however, if the attacker is able to launch the DoS attack at the correct time, the use of stale data can cause the controller to drive the system to an unsafe state. Understanding the timing parameters of the physical processes does not only allow an attacker to construct a successful attack but also to maximize its impact (damage to the system). In this paper we use Tennessee Eastman challenge process to study an attacker that has to identify (in realtime) the optimal timing to launch a DoS attack. The choice of time to begin an attack is forward-looking, requiring the attacker to consider each opportunity against the possibility of a better opportunity in the future, and this lends itself to the theory of optimal stopping problems. In particular we study the applicability of the Best Choice Problem (also known as the Secretary Problem), quickest change detection, and statistical process outliers. Our analysis can be used to identify specific sensor measurements that need to be protected, and the time that security or safety teams required to respond to attacks, before they cause major damage.
Keywords: CUSUM, DoS attacks, Tennessee eastman process, cyber-physical systems, optimal stopping problems (ID#: 15-5030)
URL:   http://doi.acm.org/10.1145/2664243.2664290

 

John Slankas, Xusheng Xiao, Laurie Williams, Tao Xie; Relation Extraction for Inferring Access Control Rules From Natural Language Artifacts; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 366-375. Doi: 10.1145/2664243.2664280 With over forty years of use and refinement, access control, often in the form of access control rules (ACRs), continues to be a significant control mechanism for information security. However, ACRs are typically either buried within existing natural language (NL) artifacts or elicited from subject matter experts. To address the first situation, our research goal is to aid developers who implement ACRs by inferring ACRs from NL artifacts. To aid in rule inference, we propose an approach that extracts relations (i.e., the relationship among two or more items) from NL artifacts such as requirements documents. Unlike existing approaches, our approach combines techniques from information extraction and machine learning. We develop an iterative algorithm to discover patterns that represent ACRs in sentences. We seed this algorithm with frequently occurring nouns matching a subject--action--resource pattern throughout a document. The algorithm then searches for additional combinations of those nouns to discover additional patterns. We evaluate our approach on documents from three systems in three domains: conference management, education, and healthcare. Our evaluation results show that ACRs exist in 47% of the sentences, and our approach effectively identifies those ACR sentences with a precision of 81% and recall of 65%; our approach extracts ACRs from those identified ACR sentences with an average precision of 76% and an average recall of 49%.
Keywords: access control, classification, natural language parsing, security (ID#: 15-5031)
URL: http://doi.acm.org/10.1145/2664243.2664280

 

Marios Pomonis, Theofilos Petsios, Kangkook Jee, Michalis Polychronakis, Angelos D. Keromytis; IntFlow: Improving the Accuracy Of Arithmetic Error Detection Using Information Flow Tracking; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 416-425. Doi: 10.1145/2664243.2664282 Integer overflow and underflow, signedness conversion, and other types of arithmetic errors in C/C++ programs are among the most common software flaws that result in exploitable vulnerabilities. Despite significant advances in automating the detection of arithmetic errors, existing tools have not seen widespread adoption mainly due to their increased number of false positives. Developers rely on wrap-around counters, bit shifts, and other language constructs for performance optimizations and code compactness, but those same constructs, along with incorrect assumptions and conditions of undefined behavior, are often the main cause of severe vulnerabilities. Accurate differentiation between legitimate and erroneous uses of arithmetic language intricacies thus remains an open problem.  As a step towards addressing this issue, we present IntFlow, an accurate arithmetic error detection tool that combines static information flow tracking and dynamic program analysis. By associating sources of untrusted input with the identified arithmetic errors, IntFlow differentiates between non-critical, possibly developer-intended undefined arithmetic operations, and potentially exploitable arithmetic bugs. IntFlow examines a broad set of integer errors, covering almost all cases of C/C++ undefined behaviors, and achieves high error detection coverage. We evaluated IntFlow using the SPEC benchmarks and a series of real-world applications, and measured its effectiveness in detecting arithmetic error vulnerabilities and reducing false positives. IntFlow successfully detected all real-world vulnerabilities for the tested applications and achieved a reduction of 89% in false positives over standalone static code instrumentation.
Keywords: arithmetic errors, information flow tracking, static analysis (ID#: 15-5032)
URL: http://doi.acm.org/10.1145/2664243.2664282

 

Tamara Denning, Daniel B. Kramer, Batya Friedman, Matthew R. Reynolds, Brian Gill, Tadayoshi Kohno; CPS: Beyond Usability: Applying Value Sensitive Design Based Methods To Investigate Domain Characteristics For Security For Implantable Cardiac Devices; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 426-435. Doi: 10.1145/2664243.2664289 Wireless implantable medical devices (IMDs) are cyber-physical systems that deliver life-saving treatments to cardiac patients with dangerous heart conditions. Current access control models for these systems are insufficient; more security is necessary. In response to this problem, the technical security community has investigated new directions for improving security on these resource-constrained devices. Defenses, however, must not only be technically secure; in order to be deployable, defenses must be designed to work within the needs and constraints of their relevant application spaces. Designing for an application space---particularly a specialized one---requires a deep understanding of the stakeholders, their values, and the contexts of technology usage. Grounding our work in value sensitive design (VSD), we collaborated as an interdisciplinary team to conduct three workshops with medical providers for the purpose of gathering their values and perspectives. The structure of our workshop builds on known workshop structures within the human-computer interaction (HCI) community, and the number of participants in our workshops (N=24) is compatible with current practices for inductive, exploratory studies. We present results on: what the participants find important with respect to providing care and performing their jobs; their reactions to potential security system concepts; and their views on what security system properties should be sought or avoided due to side effects within the context of their work practice. We synthesize these results, use the results to articulate design considerations for future technical security systems, and suggest directions for further research. Our research not only provides a contribution to security research for an important class of cyber-physical systems (IMDs); it also provides an example of leveraging techniques from other communities to better explore the landscape of security designs for technologies.
Keywords: cyber-physical systems, envisioning workshops, human factors, implantable cardiac devices, implantable cardioverter-defibrillators, implantable medical devices, medical, methods, pacemaker, practical security, privacy, security, stakeholders, value sensitive design (ID#: 15-5033)
URL:  http://doi.acm.org/10.1145/2664243.2664289

 

Dina Hadžiosmanović, Robin Sommer, Emmanuele Zambon, Pieter H. Hartel; Through the Eye of the PLC: Semantic Security Monitoring for Industrial Processes; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 126-135. Doi: 10.1145/2664243.2664277 Off-the-shelf intrusion detection systems prove an ill fit for protecting industrial control systems, as they do not take their process semantics into account. Specifically, current systems fail to detect recent process control attacks that manifest as unauthorized changes to the configuration of a plant's programmable logic controllers (PLCs). In this work we present a detector that continuously tracks updates to corresponding process variables to then derive variable-specific prediction models as the basis for assessing future activity. Taking a specification-agnostic approach, we passively monitor plant activity by extracting variable updates from the devices' network communication. We evaluate the capabilities of our detection approach with traffic recorded at two operational water treatment plants serving a total of about one million people in two urban areas. We show that the proposed approach can detect direct attacks on process control, and we further explore its potential to identify more sophisticated indirect attacks on field device measurements as well.
Keywords:  (not provided) (ID#: 15-5034)
URL:  http://doi.acm.org/10.1145/2664243.2664277

 

Jason Gionta, Ahmed Azab, William Enck, Peng Ning, Xiaolan Zhang; SEER: Practical Memory Virus Scanning As a Service; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 186-195. Doi: 10.1145/2664243.2664271 Virus Scanning-as-a-Service (VSaaS) has emerged as a popular security solution for virtual cloud environments. However, existing approaches fail to scan guest memory, which can contain an emerging class of Memory-only Malware. While several host-based memory scanners are available, they are computationally less practical for cloud environments. This paper proposes SEER as an architecture for enabling Memory VSaaS for virtualized environments. SEER leverages cloud resources and technologies to consolidate and aggregate virus scanning activities to efficiently detect malware residing in memory. Specifically, SEER combines fast memory snapshotting and computation deduplication to provide practical and efficient off-host memory virus scanning. We evaluate SEER and demonstrate up to an 87% reduction in data size that must be scanned and up to 72% savings in overall scan time, compared to naively applying file-based scanning approaches. Furthermore, SEER provides a 50% reduction in scan time when using a warm cache. In doing so, SEER provides a practical solution for cloud vendors to transparently and periodically scan virtual machine memory for malware.
Keywords:  (not provided) (ID#: 15-5035)
URL:   http://doi.acm.org/10.1145/2664243.2664271

 

Yinzhi Cao, Xiang Pan, Yan Chen, Jianwei Zhuge; JShield: Towards Real-Time And Vulnerability-Based Detection Of Polluted Drive-By Download Attacks; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 466-475. Doi: 10.1145/2664243.2664256 Drive-by download attacks, which exploit vulnerabilities of web browsers to control client computers, have become a major venue for attackers. To detect such attacks, researchers have proposed many approaches such as anomaly-based [22, 23] and vulnerability-based [44, 50] detections. However, anomaly-based approaches are vulnerable to data pollution, and existing vulnerability-based approaches cannot accurately describe the vulnerability condition of all the drive-by download attacks. In this paper, we propose a vulnerability-based approach, namely JShield, which uses novel opcode vulnerability signature, a deterministic finite automaton (DFA) with a variable pool at opcode level, to match drive-by download vulnerabilities. We investigate all the JavaScript engine vulnerabilities of web browsers from 2009 to 2014, as well as those of portable document files (PDF) readers from 2007 to 2014. JShield is able to match all of those vulnerabilities; furthermore, the overall evaluation shows that JShield is so lightweight that it only adds 2.39 percent of overhead to original execution as the median among top 500 Alexa web sites.
Keywords:  (not provided) (ID#: 15-5036)
URL: http://doi.acm.org/10.1145/2664243.2664256

 

Chao Yang, Jialong Zhang, Guofei Gu; A Taste of Tweets: Reverse Engineering Twitter Spammers; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 86-95. Doi: 10.1145/2664243.2664258 In this paper, through reverse engineering Twitter spammers' tastes (their preferred targets to spam), we aim at providing guidelines for building more effective social honeypots, and generating new insights to defend against social spammers. Specifically, we first perform a measurement study by deploying "benchmark" social honeypots on Twitter with diverse and fine-grained social behavior patterns to trap spammers. After five months' data collection, we make a deep analysis on how Twitter spammers find their targets. Based on the analysis, we evaluate our new guidelines for building effective social honeypots by implementing "advanced" honeypots. Particularly, within the same time period, using those advanced honeypots can trap spammers around 26 times faster than using "traditional" honeypots.  In the second part of our study, we investigate new active collection approaches to complement the fundamentally passive procedure of using honeypots to slowly attract spammers. Our goal is that, given limited resources/time, instead of blindly crawling all possible (or randomly sampling) Twitter accounts at the first place (for later spammer analysis), we need a lightweight strategy to prioritize the active crawling/sampling of more likely spam accounts from the huge Twittersphere. Applying what we have learned about the tastes of spammers, we design two new, active and guided sampling approaches for collecting most likely spammer accounts during the crawling. According to our evaluation, our strategies could efficiently crawl/sample over 17,000 spam accounts within a short time with a considerably high "Hit Ratio", i.e., collecting 6 correct spam accounts in every 10 sampled accounts.
Keywords: Twitter, online social network websites, spam (ID#: 15-5037)
URL: http://doi.acm.org/10.1145/2664243.2664258

 

Weixuan Mao, Zhongmin Cai, Xiaohong Guan, Don Towsley; Centrality Metrics of Importance in Access Behaviors And Malware Detections; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 376-385. Doi: 10.1145/2664243.2664286 System objects play different roles in a computer system and exhibit different degrees of importance with respect to system security. Identifying importance metrics can help us to develop more effective and efficient security protection methods. However, there is little previous work on evaluating the importance of objects from the perspective of security. In this paper, we propose a novel approach to evaluate the importance of various system objects based on a bipartite dependency network representation of access behaviors observed in a computer system. We introduce centrality metrics from network science to quantitatively measure the relative importance of system objects and reveal their inherent connections to security properties such as integrity and confidentiality. Furthermore, we propose importance-metric based models to characterize process behaviors and identify abnormal access patterns with respect to confidentiality and integrity. Extensive experimental results on one real-world dataset demonstrate that our model is capable of detecting 7,257 malware samples from 27,840 benign processes at 93.94% TPR under 0.1% FPR. Moreover, a selective protection scheme based on a partial behavioral model of important objects achieves comparable or even better results in malware detection when compared with complete behavior models. This demonstrates the feasibility of the devised importance metrics and presents a promising new approach to malware detection.
Keywords: access behaviors, centrality, importance metrics, malware detection (ID#: 15-5038)
URL:  http://doi.acm.org/10.1145/2664243.2664286

 

Raoul Strackx, Bart Jacobs, Frank Piessens; ICE: a Passive, High-Speed, State-Continuity Scheme; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 106-115.  Doi: 10.1145/2664243.2664259  The amount of trust that can be placed in commodity computing platforms is limited by the likelihood of vulnerabilities in their huge software stacks. Protected-module architectures, such as Intel SGX, provide an interesting alternative by isolating the execution of software modules. To minimize the amount of code that provides support for the protected-module architecture, persistent storage of (confidentiality and integrity protected) states of modules can be delegated to the untrusted operating system. But precautions should be taken to ensure state continuity: an attacker should not be able to cause a module to use stale states (a so-called rollback attack), and while the system is not under attack, a module should always be able to make progress, even when the system could crash or lose power at unexpected, random points in time (i.e., the system should be crash resilient).  Providing state-continuity support is non-trivial as many algorithms are vulnerable to attack, require on-chip non-volatile memory, wear-out existing off-chip secure non-volatile memory and/or are too slow for many applications.  We present ICE, a system and algorithm providing state-continuity guarantees to protected modules. ICE's novelty lies in the facts that (1) it does not rely on secure non-volatile storage for every state update (e.g., the slow TPM chip). (2) ICE is a passive security measure. An attacker interrupting the main power supply or any other source of power, cannot break state-continuity. (3) Benchmarks show that ICE already enables state-continuous updates almost 5x faster than writing to TPM NVRAM. With dedicated hardware, performance can be increased 2 orders of magnitude.  ICE's security properties are guaranteed by means of a machine-checked proof and a prototype implementation is evaluated on commodity hardware.
Keywords:  (not provided) (ID#: 15-5039)
URL: http://doi.acm.org/10.1145/2664243.2664259

 

Tamas K. Lengyel, Steve Maresca, Bryan D. Payne, George D. Webster, Sebastian Vogl, Aggelos Kiayias; Scalability, Fidelity and Stealth in the DRAKVUF Dynamic Malware Analysis System; ACSAC '14 Proceedings of the 30th Annual Computer Security Applications Conference, December 2014, Pages 386-395. Doi: 10.1145/2664243.2664252 Malware is one of the biggest security threats on the Internet today and deploying effective defensive solutions requires the rapid analysis of a continuously increasing number of malware samples. With the proliferation of metamorphic malware the analysis is further complicated as the efficacy of signature-based static analysis systems is greatly reduced. While dynamic malware analysis is an effective alternative, the approach faces significant challenges as the ever increasing number of samples requiring analysis places a burden on hardware resources. At the same time modern malware can both detect the monitoring environment and hide in unmonitored corners of the system.  In this paper we present DRAKVUF, a novel dynamic malware analysis system designed to address these challenges by building on the latest hardware virtualization extensions and the Xen hypervisor. We present a technique for improving stealth by initiating the execution of malware samples without leaving any trace in the analysis machine. We also present novel techniques to eliminate blind-spots created by kernel-mode rootkits by extending the scope of monitoring to include kernel internal functions, and to monitor file-system accesses through the kernel's heap allocations. With extensive tests performed on recent malware samples we show that DRAKVUF achieves significant improvements in conserving hardware resources while providing a stealthy, in-depth view into the behavior of modern malware.
Keywords: dynamic malware analysis, virtual machine introspection (ID#: 15-5040)
URL:  http://doi.acm.org/10.1145/2664243.2664252

---

 

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

International Conferences: Information Networking (ICOIN), 2015, Cambodia

 

	International Conferences: Information Networking (ICOIN), 2015, Cambodia

 

The 29th edition of the International Conference on Information Networking (ICOIN) was originally started under the name of Joint Workshop on Computer Communication in 1986. ICOIN 2015 took place in Siem Reap, Cambodia, under the organization of Korea Institute of Information Scientists and Engineers (KIISE) on 12-14 Jan. 2015.  Conference topics included computer communications, wireless/mobile networks, and converged networks in both theoretical and applied aspects.  

---

 

Lima, D.S.; Paula, M.R.P.; Roberto, F.M.; Ribeiro Cardoso, A.; Celestino Junior, J., "ProbT: A Temporal Probabilistic Protocol To Mitigate The Broadcast Storm Problem In Vanets," Information Networking (ICOIN), 2015 International Conference on, pp. 7, 12, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057848
Abstract: VANETs are self-organized networks in which their constituent nodes are vehicles. They can be classified as a subcategory of MANETs. Due to their special characteristics, they demand protocols designed specifically for their scenario of action. Different types of applications can be created for VANETs such as security protocols, traffic management, systems maintenance, comfort for drivers and passengers, and others. In general, applications developed for VANETs make use of broadcast information. However, there are many issues to be considered. One of the central problems is the broadcast storm. In this paper we propose a temporal probabilistic protocol, named ProbT, to mitigate the broadcast storm problem. The ProbT performance was measured and compared to the protocols Blind Flooding, Weighted p-Persistence, AutoCast and Irresponsible Forwarding. Based on the results, the ProbT shows a good performance when compared to the mentioned protocols.
Keywords: broadcast communication; probability; protocols; vehicular ad hoc networks; MANET; ProbT protocol; VANET; autocast forwarding; blind flooding; broadcast storm problem; irresponsible forwarding; maintenance system; security protocol; self-organized network; temporal probabilistic protocol; traffic management; weighted p-persistence; Packet loss; Probabilistic logic; Protocols; Receivers; Storms; Vehicles (ID#: 15-5108)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057848&isnumber=7057846

 

Chun-Ta Li; Chin-Wen Lee; Jau-Ji Shen, "A Secure Three-Party Authenticated Key Exchange Protocol Based On Extended Chaotic Maps In Cloud Storage Service," Information Networking (ICOIN), 2015 International Conference on, pp. 31, 36, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057852
Abstract: In order to guarantee secure communications in cloud storage service, we integrated the concept of session key establishment and extended chaotic maps into our proposed method which aims to allow data senders and data receivers to establish a secure common session key through a trusted cloud server over an insecure channel when they wish to share the sensitive data in cloud storage service. Moreover, due to the characteristics of extended chaotic maps and session key establishment, the agreed session key is only known by the communication participants. Therefore, we propose a secure three-party authenticated key exchange protocol (3PAKE) based on extended chaotic maps in cloud storage service without using smart card and timestamp, which requires neither long-term secret keys nor symmetric cryptosystems. According to our security analysis, our proposed protocol not only can achieve many general requirements that 3PAKE protocols should fulfill but also can against various known attacks. In this paper, comparing with other 3PAKE protocols, our proposed protocol is more secure and practical for real environments.
Keywords: chaos; cloud computing; cryptographic protocols; storage management; 3PAKE protocols; cloud storage service; extended chaotic maps; secure three-party authenticated key exchange protocol; security analysis; session key establishment; trusted cloud server; Chaotic communication; Cloud computing; Cryptography; Protocols; Receivers; Servers; Cloud storage service; Extended chaotic maps; Network security; Session key; Three-party authenticated key exchange (ID#: 15-5109)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057852&isnumber=7057846

 

Mesit, J.; Brust, M.R., "Secured Node-To-Node Key Agreement For Wireless Sensor Networks," Information Networking (ICOIN), 2015 International Conference on, pp. 37, 39, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057853
Abstract: Sensor networks are mostly deployed in unsecured environments, thus protecting a sensor network from any attack is critical in order to maintain the health of the network. Recently, many researchers have focused on making security for sensor networks available and reliable. In this paper, a secured node-to-node key agreement protocol is proposed to generate secured communication among principle nodes A and B, a ticket granting server, and a key server. Since a sensor network is usually a resource-constrained infrastructure, it is not suitable for computationally expensive asymmetric key protocols such as public-private key cryptography. Therefore, setting up a shared key in our proposed protocol is based on a symmetric key protocol processed by two trusted agents, which are the ticket granting server and the key server. The data confidentiality, authentication, and freshness of the network security are also considered in the design of the proposed protocol.
Keywords: cryptographic protocols; private key cryptography; public key cryptography; telecommunication security; wireless sensor networks; asymmetric key protocols; data authentication; data confidentiality; key server; network security; principle nodes; public-private key cryptography; resource-constrained infrastructure; secured node-to-node key agreement protocol; symmetric key protocol; ticket granting server; wireless sensor networks; Authentication; Cryptography; Protocols; Servers; Wireless communication; Wireless sensor networks;Authentication;Confidential;Freshness;Security;Wireless sensor networks (ID#: 15-5110)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057853&isnumber=7057846

 

Nagrath, P.; Aneja, S.; Purohit, G.N., "Defending Flooding Attack In Delay Tolerant Networks," Information Networking (ICOIN), 2015 International Conference on pp. 40, 45, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057854
Abstract: In Delay Tolerant Networks (DTNs), routing protocols work in an environment where there is no guarantee of end to end path between source and destination. Mobility of nodes is an important factor that helps to deliver packets in DTN. Intermediate nodes receive, store and forward packets to other intermediate nodes or destination. The packets are stored in entirety at intermediate nodes even if intermediate nodes may not have path to destination. Since mobile nodes have limited buffer space and are connected intermittently, therefore, finding a node that is a good forwarder is important for delivery of messages. Probabilistic routing protocols suggest predictability measure on information stored to know which node in contact is potential forwarder in terms to deliver message to destined node. However, any malicious node in network may inject other nodes with bogus messages in order to degrade network performance. This paper presents updated metric called reputation of node which captures predictability as well as enables node in network to decide whether to accept messages from node in contact or not. When node transfers genuine messages it gains reputation as well as predictability with respect to destined node. Simulation results show that algorithm prevents flow of bogus messages in the network and thereby increases message delivery and reduces overhead in presence of malicious nodes.
Keywords: delay tolerant networks; routing protocols; telecommunication security; DTN; delay tolerant networks; flooding attack; intermediate nodes; malicious nodes; routing protocols; Delays; Floods; Logic gates; Probabilistic logic; Routing; Routing protocols; Bogus Messages; Buffer Resource; Flooding Attack; Malicious Node (ID#: 15-5111)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057854&isnumber=7057846

 

Dahal, S.; Junghee Lee; Jungmin Kang; Seokjoo Shin, "Analysis On End-To-End Node Selection Probability In Tor Network," Information Networking (ICOIN), 2015 International Conference on, pp. 46, 50, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057855
Abstract: Tor is an open network that helps to defend against traffic analysis and thus achieves anonymity and resisting censorship online. Nowadays many researches have been carried out to attack Tor and to break the anonymity. To deanonymize the Tor, the attacker must be able to control both the guard node and exit node of a circuit. In this paper, we present an analysis on end-to-end node selection probability when an attacker adds different types of compromised nodes in the existing Tor network. For accurate Tor simulation, we used Shadow simulator for our experiment. By extensive performance evaluation, we conclude that when guard + exit flagged compromised nodes are added to Tor network, the selection probability of compromised nodes gets higher.
Keywords: computer network security; probability; telecommunication network routing; Shadow simulator; Tor network; Tor simulation; compromised nodes ;end-to-end node selection probability; online anonymity; online censorship resistance; open network; selection probability; traffic analysis; Bandwidth; Peer-to-peer computing; Privacy; Relays; Routing; Security; Servers; Shadow; Tor; nodes; selection probability (ID#: 15-5112)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057855&isnumber=7057846

 

Soonhwa Sung; Cheong Youn; Eunbae Kong; Jaecheol Ryou, "User Authentication Using Mobile Phones For Mobile Payment," Information Networking (ICOIN), 2015 International Conference on, pp. 51, 56, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057856
Abstract: Mobile authentication systems for mobile payment often use either the Web or mobile channel individually to confirm the identity request of a remote user. Most common activity in mobile commerce is done through mobile phones. The mobile phones are vulnerable to numerous security threats due to involvement of valuable financial and personal information.To provide secure Web transactions using mobile phones, multifactorial authentication techniques are preferred. In former study, user authentication software technology using mobile phones, one of the multifactorial authentication techniques, can potentially be copied to another device. For the solution of the problem, this paper proposes Transaction Certificate Mode (TCM), a software token, which supports mutual authentication considering stolen, borrowed, and infected mobile phones for mobile payments. It uses a novel approach based on TCM to enforce a lightweight mobile security and provides a highly secure environment that is simple to use and deploy.
Keywords: authorisation; mobile commerce; mobile computing; mobile handsets; security of data; TCM; financial information; lightweight mobile security; mobile authentication systems; mobile commerce; mobile payment; mobile payments; mobile phones; multifactorial authentication techniques; personal information; remote user identity request; secure Web transactions; security threats; software token; transaction certificate mode; user authentication software technology; Authentication; Mobile communication; Mobile handsets; Protocols; Servers; Software; mobile payment protocol; mobile phone; mutual authentication; software token; transaction certificate (ID#: 15-5113)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057856&isnumber=7057846

 

Nirmala, M.B.; Manjunath, A.S., "Mobile Agent Based Secure Code Update In Wireless Sensor Networks," Information Networking (ICOIN), 2015 International Conference on, pp. 75, 80, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057860
Abstract: Most of the sensor nodes are battery powered and energy utilization is one of the important criteria. At the same time Securing code update is very much essential for military, health care and environmental applications. But to send the code updates in a distributed, multihop sensor networks, most of the energy will be consumed in forwarding the packets to next hop sensor nodes. In order to avoid this and save energy consumption at sensor nodes, a small number of mobile agents are used to distribute the code. Mobile agents traverse along the desired path to disseminate the code. Sensor nodes have to authenticate the mobile agent and at the same time they have to check the integrity of the packets. Mobile agents are more vulnerable for adversaries, hence measures are taken to detect the attacks and rectify them. Secure code update using mobile agents provides confidentiality and immediate authentication. This protocol is implemented on Tiny OS platform, tested using Tossim simulator and evaluated the Performance.
Keywords: mobile agents; telecommunication computing; telecommunication security; wireless sensor networks; Tiny OS platform; Tossim simulator; mobile agent based secure code update; multihop sensor networks; wireless sensor networks; Authentication; Base stations; Cryptography; Energy consumption; Mobile agents; Protocols; Wireless sensor networks; Code update; Mobile Agent; Security; TinyOS; Wireless Sensor Networks (ID#: 15-5114)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057860&isnumber=7057846

 

Win-Bin Huang; Wei-Tsung Su, "Identity-Based Access Control For Digital Content Based On Ciphertext-Policy Attribute-Based Encryption," Information Networking (ICOIN), 2015 International Conference on, pp. 87, 91, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057862
Abstract: Digital content is easily spread out in the era of cloud computing. However, the challenge is providing an identity-based access control mechanism to carry out the rating system for preventing specific digital content from being obtained by inappropriate users. In this paper, we proposed a novel identity-based access control approach for digital content based on ciphertext-policy attribute-based encryption (iDAC). In iDAC, the access control still works even the digital content is duplicated to another content server. Moreover, only one copy of encrypted digital content is required to share with multiple users. This could efficiently reduce the overhead of content servers. As shown in our performance analysis with respect of security, space complexity, and time complexity, iDAC outperforms the traditional access control list based and encryption-based access control approaches.
Keywords: authorisation; cloud computing; computational complexity; cryptography; ciphertext-policy attribute-based encryption; cloud computing; content server; digital content encryption; iDAC; identity-based access control mechanism; performance analysis; security; space complexity; time complexity; Access control; Encryption; Servers; Time complexity; access control ;ciphertext-policy attribute-based encryption; identity-based; rating system (ID#: 15-5115)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057862&isnumber=7057846

 

Mowla, N.I.; Inshil Doh; Kijoon Chae, "An Efficient Defense Mechanism For Spoofed IP Attack In SDN Based CDNi," Information Networking (ICOIN), 2015 International Conference on, pp. 92, 97, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057863
Abstract: In recent years enhancing the capability of network services automatically and dynamically through SDN and CDN/CDNi networks has become a new field of research. These future network architectures pose both a blessing and a threat in the network field. Such network architectures can optimize the overall network services by analyzing the topology, traffic paths, packet handling and so on and also can create a potential target for spoofed IP attacks. We, therefore, propose an architecture for an SDN based CDNi network to detect spoofed ip and create a defense against attacks created by them. We also propose ALTO like servers in our architecture which enable mapping a very big network to provide a summarized view. In the ALTO server we propose an additional map named the mark map as a mechanism to detect spoofed IP addresses. SDN switches are utilized to extract rules associated with the ALTO server mark map and follow a mechanism of spoofed IP detection fed to them by the SDN controller application layer.
Keywords: IP networks; telecommunication network topology; telecommunication security; ALTO server mark map; SDN based CDNi network; SDN controller application layer;SDN switches; efficient defense mechanism; network architectures; overall network services; packet handling; spoofed IP addresses; spoofed IP attacks; spoofed IP detection; topology; traffic paths; Computer architecture; Control systems; Encryption; IP networks; Servers; Topology; ALTO; Attack; CDN; CDNi; SDN; defense (ID#: 15-5116)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057863&isnumber=7057846

 

Jin-Hyeok Park; Pham Ngoc Giao; Teak-Young Seung; Ki-Ryong Kwon; Kwang-Seok Moon; Gi-Chang Kwon; Suk-Hwan Lee, "Selective-Encrypted GIS Vector Map With Low Complexity," Information Networking (ICOIN), 2015 International Conference on, pp. 98, 103, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057864
Abstract: Recently years, vector map has many advantages than raster map when it is used in many domains as research, education, military or digital map services. And in most cases vector map data contains confidential information which must be kept away from unauthorized users. Moreover, the producing process of a vector map is considerably complex, and the maintenance of a digital map requires substantial monetary, human resources. With the rapid development of vector map contents, a large volume of valuable vector map dataset has been illegal distributed by pirates, hackers or unauthorized users. Therefore the problem focuses on how to protect the vector map data for multimedia applications, storage and transmission. This paper presents the selective encryption algorithm for vector map protection for storage, transmission, distribution to authorized users. In proposed algorithm, we just select some values of polylines and polygons in DCT domain to encrypt by random algorithms and cryptography. Experimental results verified that proposed algorithm is effectively and security. Maps are changed whole after encryption process, and unauthorized users cannot access to copy or use them. Encrypted maps do not alter the size of file and it does not have loss accuracy. The error between original map and decrypted map is approximate zero.
Keywords: cryptography; geographic information systems; DCT domain; approximate zero; cryptography; decrypted map; digital map; encryption process; hackers; human resources; multimedia applications; multimedia storage; multimedia transmission; original map; pirates; polygons; polylines; raster map; selective encrypted GIS vector map; selective encryption algorithm; substantial monetary; unauthorized users; valuable vector map; vector map data; vector map protection; Algorithm design and analysis; Discrete cosine transforms; Encryption; Geographic information systems; Vectors; DCT; GIS vector map; digital vector map; random algorithm; selective encryption (ID#: 15-5117)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057864&isnumber=7057846

 

Shi Li; Inshil Doh; Kijoon Chae, "Key Management Mechanism in ALTO/SDN based CDNi Architecture," Information Networking (ICOIN), 2015 International Conference on, pp. 110, 115, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057866
Abstract: Content delivery network interconnection (CDNi) as a new interactive network which inherits all of the advantages of single CDN. Moreover, CDNs supported by different network operators can communicate with each other directly through the interfaces between them. Meanwhile, the interactivity also brings some security issues. In this paper, we propose a new CDNi communication architecture which combined with another two efficient technologies, ALTO and SDN. Based on this architecture, a key generation and distribution mechanism is also proposed to ensure the security communication of content in CDNi. From the analysis result, we can proof that it is scarcely possible for attackers to break our security system.
Keywords: computer network security; optimisation; software defined networking; telecommunication traffic; ALTO-SDN based CDNi communication architecture; application-layer traffic optimization; content communication security; content delivery network interconnection; interactive network; key distribution mechanism; key management mechanism; software defined networking; Computer architecture; Equations; Routing; Security; Servers; Symmetric matrices; Vectors; ALTO service; CDNi; Key management; SDN; Security (ID#: 15-5118)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057866&isnumber=7057846

 

Techapanupreeda, C.; Chokngamwong, R.; Thammarat, C.; Kungpisdan, S., "An Accountability Model For Internet Transactions," Information Networking (ICOIN), 2015 International Conference on, pp. 127,132, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057869
Abstract: Internet transaction is increasing significantly due to very fast grown of mobile devices, electronic commerce, and electronic records. Many researchers proposed several protocols to analyze the accountability in Internet transaction. In this paper we propose accountability model and protocol in Internet transaction that have advantages over existing protocols and satisfies essential security properties: Confidentiality, Integrity, Authorization, Authentication, Non-repudiation, Liability and Responsiveness. The protocol is designed using asymmetric cryptography and hash function to ensure that it meets all above accountability properties. The proposed protocol is also analyzed and compared with existing accountability protocols.
Keywords: Internet; cryptographic protocols; electronic commerce; mobile computing; mobile handsets; Internet transactions; accountability model; accountability properties; accountability protocols; asymmetric cryptography; electronic commerce; electronic records; hash function; mobile devices security properties; Authentication; Authorization; Electronic commerce; Internet; Protocols; Public key; Accountability; Liability; Network Security; Payment Protocol; Responsiveness; Security Protocols (ID#: 15-5119)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057869&isnumber=7057846

 

Thammarat, C.; Chokngamwong, R.; Techapanupreeda, C.; Kungpisdan, S., "A Secure Lightweight Protocol For NFC Communications With Mutual Authentication Based On Limited-Use Of Session Keys," Information Networking (ICOIN), 2015 International Conference on, pp. 133, 138, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057870
Abstract: Nowadays, mobile phones are equipped with enhanced short-range communication functionality called Near Field Communication (or NFC for short). NFC requires no pairing between devices and suitable for transferring small amount of data in very limited area. A number of researchers proposed authentication techniques for NFC communications but they still lack some necessary security properties, especially mutual authentication.. This paper introduces new authentication protocols for NFC communication that provides mutual authentication between connecting devices. Mutual authentication is a security property that prevents replay and man-in-the-middle attack. The proposed protocols deploy limited-use offline session key generation and distribution technique to enhance security and importantly make our protocol lightweight.
Keywords: computer network security; cryptographic protocols; mobile radio; near-field communication; NFC communication authentication technique; data transfer; enhanced short-range communication functionality; man-in-the-middle attack; mobile phone; mutual authentication protocol; near field communication security enhancement; offline session key distribution technique limited-use; offline session key generation limited-use; secure lightweight protocol; Authentication; Encryption; Mobile handsets; Protocols; Servers; Cryptographic protocols; Mutual Authentication; NFC; Near Field Communications; Network Security; Security Protocols (ID#: 15-5120)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057870&isnumber=7057846

 

Nhu-Ngoc Dao; Junho Park; Minho Park; Sungrae Cho, "A Feasible Method To Combat Against DDoS Attack In SDN Network," Information Networking (ICOIN), 2015 International Conference on, pp. 309, 311, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057902
Abstract: In Software Defined Network, the controller is so vulnerable to flooding attack. By injecting spoofed request packets continuously, attackers make a burdensome process to the controller, cause bandwidth occupation in the controller-switch channel, and overload the flow table in switch. The final target of attackers is to downgrade or even shutdown the stability and quality of service of the network. In this paper, we introduce a feasible method to protect the network against Distributed Denial of Service attacks more effectively.
Keywords: computer network security; quality of service; software defined networking; telecommunication switching; DDoS attack; SDN network; bandwidth occupation; controller-switch channel; distributed denial of service attacks; flooding attack; flow table; network stability; quality of service; software defined network; spoofed request packet injection; Bandwidth; Computer crime; IP networks; Radiation detectors; Switches; DDoS; DoS; Openflow; SDN (ID#: 15-5121)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057902&isnumber=7057846

 

SunWook Nam; Dohyung Kim; Ikjun Yeom, "Content Verification in Named Data Networking," Information Networking (ICOIN), 2015 International Conference on, pp. 414, 415, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057931
Abstract: It is crucial to guarantee content integrity in Named Data Networking(NDN), where copies of the contents are distributed over the network. NDN adopts digital signatures, and contents are verified whenever they are stored in caches. However, the current scheme is not practical in practice since its operations incur too much overhead. In this paper, we suggest a simple but effective solution for content verification in NDN.
Keywords: Internet; digital signatures; NDN; content verification; digital signatures; named data networking; Bandwidth; Computational modeling; Delays; Educational institutions; Electronic mail; Security; Topology (ID#: 15-5122)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057931&isnumber=7057846

 

Nguyen Tri, H.T.; Kyungbaek Kim, "Assessing the Impact Of Resource Attack in Software Defined Network," Information Networking (ICOIN), 2015 International Conference on, pp. 420, 425, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057934
Abstract: Software Defined Network (SDN) empowers network operators with more flexibility to program their networks. In SDN, dummy switches on the data plane dynamically forward packets based on the rules which are managed by a centralized controller. To apply the rules, switches need to write the rules in its flow table. However, because the size of the flow table is limited, a scalability problem can be an issue. Also, this scalability problem becomes a security issue related to Distributed Denial of Service (DDoS) attacks, especially the resource attack which consumes all flow tables of switches. In this paper, we explore the impact of the resource attack to a SDN network. The resource attack is emulated on the SDN with mininet and OpenDaylight, and the effect of resource attack to the SDN is deeply analyzed in the aspects of delay and bandwidth. Through the evaluation, we highlight the importance of managing the flow tables with the awareness of their size limitation. Also, we discuss solutions which can address the resource attack and their challenges.
Keywords: computer network security; resource allocation; software defined networking; Distributed Denial of Service attack; SDN network; mininet; open daylight; packet forwarding; resource attack; software defined network; Bandwidth; Control systems; Delays; Ports (Computers); Process control; Security; Servers (ID#: 15-5123)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057934&isnumber=7057846

 

Yuchae Jung; Yongik Yoon, "Behavior Tracking Model In Dynamic Situation Using The Risk Ratio EM," Information Networking (ICOIN), 2015 International Conference on,  pp.  444,  448, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057942
Abstract: Closed Circuit Television (CCTV) system has been popular in daily life such as traffic, airport, street and public place. The common goal of CCTV system is the prevention of crime and disorder by observing objects. In the future, smart CCTV camera combined with mobile phone will be used to protect human from crime and dangerous situations. Intelligent CCTV system in public place will monitor human behavior in real-time and transfer image data to control tower for the security purpose. In this paper, we propose an abnormal behavioral tracking model for prediction of abnormal situation by using Expectation Maximization (EM) algorithm combined with Viterbi algorithm. The tracking model will detect objects from CCTV image in dynamic environment for the prediction of dangerous situation. This tracking system has five main steps. (1) The detection of object and their environment, (2) Feature extraction from objects and situations such as human body posture, weather, and time (3) Location information such as object trajectory and area safety level (4) knowledge update and decision making (5) prediction of abnormal situation and maximized risk rates.
Keywords: behavioural sciences computing; closed circuit television; expectation-maximisation algorithm; feature extraction; object detection; object recognition; object tracking; CCTV system; Viterbi algorithm; abnormal behavioral tracking model; abnormal situation prediction; closed circuit television; decision making; expectation maximization algorithm; feature extraction; knowledge update; location information; object detection; risk rate maximisation; risk ratio EM algorithm; Computational modeling; Decision making; Event detection; Meteorology; Safety; Trajectory; Videos; CCTV; Expectation Maximization (EM); Tracking Abnormal behavior (ID#: 15-5124)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057942&isnumber=7057846

 

JongWon Kim, "Designing Multi-Level Connectivity for IoT-enabled SmartX Boxes," Information Networking (ICOIN), 2015 International Conference on, pp. 462, 463, 12-14 Jan. 2015.  doi: 10.1109/ICOIN.2015.7057946
Abstract: In this paper, we discuss about a futuristic design for multi-level connectivity that plays the pivotal role in enabling IoT services employing the hyper-convergent SmartX Boxes.
Keywords: Internet of Things; ubiquitous computing; IoT services; IoT-enabled SmartX boxes; futuristic design; hyper-convergent SmartX boxes; multilevel connectivity design; Cloud computing; Computer architecture; Mobile communication; Real-time systems; Safety; Security; Internet of Things; Software-Defined Infrastructue; inter-connected box; multi-level connectivity (ID#: 15-5125)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057946&isnumber=7057846

 

Louk, M.; Hyotaek Lim, "Homomorphic Encryption In Mobile Multi Cloud Computing," Information Networking (ICOIN), 2015 International Conference on, pp. 493,  497, 12-14 Jan. 2015.   doi: 10.1109/ICOIN.2015.7057954
Abstract: Multi cloud computing has become a new trend for complementing existing cloud computing today. Multi cloud computing is considered safer and more efficient in maintaining data regulation of user(s). The paper discusses the security of mobile multi cloud computing (MMC) and the advantages for mobile user(s), beside that for the data security itself cover with homomorphic encryption which predictable by many researchers as the optimum method for cloud computing environment. The implementation and evaluation of homomorphic encryption in mobile cloud computing are discussed in this paper.
Keywords: cloud computing; cryptography; mobile computing; MMC; cloud computing environment; data regulation; data security; homomorphic encryption; mobile multicloud computing; optimum method; Cloud computing; Clouds; Encryption; Mobile communication; Homomorphic Encryption; Mobile; Multi Cloud Computing; Security (ID#: 15-5126)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057954&isnumber=7057846

 

Chun-Ta Li; Cheng-Chi Lee; Hua-Hsuan Chen; Min-Jie Syu; Chun-Cheng Wang, "Cryptanalysis Of An Anonymous Multi-Server Authenticated Key Agreement Scheme Using Smart Cards And Biometrics," Information Networking (ICOIN), 2015 International Conference on, pp. 498, 502, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057955
Abstract: With the growing popularity of network applications, multi-server architectures are becoming an essential part of heterogeneous networks and numerous security mechanisms have been widely studied in recent years. To protect sensitive information and restrict the access of precious services for legal privileged users only, smart card and biometrics based password authentication schemes have been widely utilized for various transaction-oriented environments. In 2014, Chuang and Chen proposed an anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards, password, and biometrics. They claimed that their three-factor scheme achieves better efficiency and security as compared to those for other existing biometrics-based and multi-server schemes. Unfortunately, in this paper, we found that the user anonymity of Chuang-Chen's authentication scheme cannot be protected from an eavesdropping attack during authentication phase. Moreover, their scheme is vulnerable to smart card lost problems, many logged-in users' attacks and denial-of-service attacks and is not easily reparable.
Keywords: biometrics (access control); cryptography; message authentication; smart cards; trusted computing; anonymous multiserver authenticated key agreement scheme; biometrics; cryptanalysis; denial-of-service attacks; eavesdropping attack; password authentication; smart card loss problems; trusted computing; user anonymity; Authentication; Biometrics (access control);Computer crime; Cryptography; Servers; Smart cards; Anonymity; Authentication; Biometrics; Cryptanalysis; Multi-server; Password; Smart cards (ID#: 15-5127)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057955&isnumber=7057846

 

Wooguil Pak; Youngrok Cha; Sunki Yeo, "Detecting And Tracing Leaked Private Phone Number Data In Android Smartphones," Information Networking (ICOIN), 2015 International Conference on, pp. 503, 508, 12-14 Jan. 2015. doi: 10.1109/ICOIN.2015.7057956
Abstract: Easy and open development environments of Android make itself not only as the most famous platform in the world but also as the most preferred platform for malicious users. In this paper, we propose a new approach to protect the private phone number data in smartphones from leaking and stealing through malicious applications. Our approach differently deals with trusted and suspicious applications and avoids the malfunctions of applications caused by security policy. Most of outstanding feature of our approach is that it can detect the leakage of the private phone number data, trace the leaked data and finally identify which application leaked them. Furthermore, it can minimize the damage owing to the data even though it is abused for cyber-crimes.
Keywords: Android (operating system);data privacy; invasive software; smart phones; trusted computing; Android smartphones; cyber-crimes; leaked private phone number data detection; leaked private phone number data tracing; malicious applications; malicious users; security policy; suspicious applications; trusted applications; Computer crime; Computers; Databases; Educational institutions; Relays; Servers; Smart phones; Android; Detection; Private data leaks; Tracing (ID#: 15-5128)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7057956&isnumber=7057846

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

International Conferences: Innovations in Theoretical Computer Science, Israel, 2015

 

	International Conferences: Innovations in Theoretical Computer Science, Israel, 2015

 

The 6th Innovations in Theoretical Computer Science (ITCS) conference, sponsored by the ACM Special Interest Group on Algorithms and Computation Theory (SIGACT), was held at the Weizmann Institute of Science, Israel, January 11-13, 2015.  ITCS (previously known as ICS) seeks to promote research that carries a strong conceptual message (e.g., introducing a new concept or model, opening a new line of inquiry within traditional or cross-interdisciplinary areas, or introducing new techniques or new applications of known techniques). ITCS welcomes all submissions, whether aligned with current theory of computation research directions or deviating from them.

---

 

Pranjal Awasthi, Afonso S. Bandeira, Moses Charikar, Ravishankar Krishnaswamy, Soledad Villar, Rachel Ward; Relax, No Need to Round: Integrality of Clustering Formulations;  ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 191-200. Doi: 10.1145/2688073.2688116 We study exact recovery conditions for convex relaxations of point cloud clustering problems, focusing on two of the most common optimization problems for unsupervised clustering: k-means and k-median clustering. Motivations for focusing on convex relaxations are: (a) they come with a certificate of optimality, and (b) they are generic tools which are relatively parameter-free, not tailored to specific assumptions over the input. More precisely, we consider the distributional setting where there are k clusters in Rm and data from each cluster consists of n points sampled from a symmetric distribution within a ball of unit radius. We ask: what is the minimal separation distance between cluster centers needed for convex relaxations to exactly recover these k clusters as the optimal integral solution? For the k-median linear programming relaxation we show a tight bound: exact recovery is obtained given arbitrarily small pairwise separation ε > O between the balls. In other words, the pairwise center separation is δ > 2+ε. Under the same distributional model, the k-means LP relaxation fails to recover such clusters at separation as large as δ = 4. Yet, if we enforce PSD constraints on the k-means LP, we get exact cluster recovery at separation as low as δ > min{2 + √2k/m}, 2+√2 + 2/m} + ε. In contrast, common heuristics such as Lloyd's algorithm (a.k.a. the k means algorithm) can fail to recover clusters in this setting; even with arbitrarily large cluster separation, k-means++ with overseeding by any constant factor fails with high probability at exact cluster recovery. To complement the theoretical analysis, we provide an experimental study of the recovery guarantees for these various methods, and discuss several open problems which these experiments suggest.
Keywords: clustering, convex optimization, exact recovery, kmeans, kmedians (ID#: 15-5041)
URL: http://doi.acm.org/10.1145/2688073.2688116

 

Mika Göös, Toniann Pitassi, Thomas Watson; Zero-Information Protocols and Unambiguity in Arthur-Merlin Communication; ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 113-122. Doi: 10.1145/2688073.2688074 We study whether information complexity can be used to attack the long-standing open problem of proving lower bounds against Arthur{Merlin (AM) communication protocols. Our starting point is to show that|in contrast to plain randomized communication complexity|every boolean function admits an AM communication protocol where on each yes- input, the distribution of Merlin's proof leaks no information about the input and moreover, this proof is unique for each outcome of Arthur's randomness. We posit that these two properties of zero information leakage and unambiguity on yes-inputs are interesting in their own right and worthy of investigation as new avenues toward AM. 

Zero-information protocols (ZAM). Our basic ZAM protocol uses exponential communication for some functions, and this raises the question of whether more efficient protocols exist. We prove that all functions in the classical space-bounded complexity classes NL and L have polynomial-communication ZAM protocols. We also prove that ZAM complexity is lower bounded by conondeterministic communication complexity. •Unambiguous protocols (UAM). Our most technically substantial result is a (n) lower bound on the UAM complexity of the NP-complete set-intersection function; the proof uses information complexity arguments in a new, indirect way and overcomes the \zero-information barrier" described above. We also prove that in general, UAM complexity is lower bounded by the classic discrepancy bound, and we give evidence that it is not generally lower bounded by the classic corruption bound.
Keywords: arthur-merlin protocols, communication complexity, information complexity (ID#: 15-5042)
URL:  http://doi.acm.org/10.1145/2688073.2688074

 

Oded Goldreich, Dana Ron; On Sample-Based Testers; ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 337-345. Doi: 10.1145/2688073.2688080 The standard definition of property testing endows the tester with the ability to make arbitrary queries to "elements" of the tested object. In contrast, sample-based testers only obtain independently distributed elements (a.k.a. labeled samples) of the tested object. While sample-based testers were defined by Goldreich, Goldwasser, and Ron  JACM 1998), with few exceptions, most research in property testing is focused on query-based testers. In this work, we advance the study of sample-based property testers by providing several general positive results as well as by revealing relations between variants of this testing model. In particular:
•We show that certain types of query-based testers yield sample-based testers of sublinear sample complexity. For example, this holds for a natural class of proximity oblivious testers.
•We study the relation between distribution-free sample-based testers and one-sided error sample-based testers w.r.t. the uniform distribution. While most of this work ignores the time complexity of testing, one part of it does focus on this aspect. The main result in this part is a sublinear-time sample-based tester in the dense graphs model for k-Colorability, for any k > 2.
Keywords: property testing, sampling, sublinear algorithms (ID#: 15-5043)
URL: http://doi.acm.org/10.1145/2688073.2688080

 

Tom Gur, Ron D. Rothblum; Non-Interactive Proofs of Proximity; ITCS '15 Proceedings of the 2015  Conference on Innovations in Theoretical Computer Science, January 2015, Pages 133-142. Doi: 10.1145/2688073.2688079 We initiate a study of non-interactive proofs of proximity. These proof-systems consist of a verifier that wishes to ascertain the validity of a given statement, using a short (sublinear length) explicitly given proof, and a sublinear number of queries to its input. Since the verifier cannot even read the entire input, we only require it to reject inputs that are far from being valid. Thus, the verifier is only assured of the proximity of the statement to correct one. Such proof-systems can be viewed as the NP (or more accurately MA) analogue of property testing.  We explore both the power and limitations of non interactive proofs of proximity. We show that such proof-systems can be exponentially stronger than property testers, but are exponentially weaker than the interactive proofs of proximity studied by Rothblum, Vadhan and Wigderson (STOC 2013). In addition, we show a natural problem that has a full and (almost) tight multiplicative trade-off between the length of the proof and the verifier's query complexity. On the negative side, we also show that there exist properties for which even a linearly-long (non-interactive) proof of proximity cannot significantly reduce the query complexity.
Keywords: probabilistic proof systems, property testing (ID#: 15-5044)
URL:  http://doi.acm.org/10.1145/2688073.2688079

 

Moshe Babaioff, Moran Feldman, Moshe Tennenholtz; Mechanism Design with Strategic Mediators; ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 307-316. Doi: 10.1145/2688073.2688081 We consider the problem of designing mechanisms that interact with strategic agents through strategic intermediaries (or mediators), and investigate the cost to society due to the mediators' strategic behavior. Selfish agents with private information are each associated with exactly one strategic mediator, and can interact with the mechanism exclusively through that mediator. Each mediator aims to optimize the combined utility of his agents, while the mechanism aims to optimize the combined utility of all agents. We focus on the problem of facility location on a metric induced by a publicly known tree. With non-strategic mediators, there is a dominant strategy mechanism that is optimal. We show that when both agents and mediators act strategically, there is no dominant strategy mechanism that achieves any approximation. We, thus, slightly relax the incentive constraints, and define the notion of a two-sided incentive compatible mechanism. We show that the 3-competitive deterministic mechanism suggested by Procaccia and Tennenholtz (2009) and Dekel et al. (2010) for lines extends naturally to trees, and is still 3-competitive as well as two-sided incentive compatible. This is essentially the best possible. We then show that by allowing randomization one can construct a 2-competitive randomized mechanism that is two-sided incentive compatible, and this is also essentially tight. This result also closes a gap left in the work of Procaccia and Tennenholtz (2009) and Lu et al. (2009) for the simpler problem of designing strategy-proof mechanisms for weighted agents with no mediators on a line, while extending to the more general model of trees. We also investigate a further generalization of the above setting where there are multiple levels of mediators.
Keywords: facility location, mechanism design, mediators (ID#: 15-5045)
URL:  http://doi.acm.org/10.1145/2688073.2688081

 

Mohammad Bavarian, Peter W. Shor; Information Causality, Szemerédi-Trotter and Algebraic Variants of CHSH; ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 123-132. Doi: 10.1145/2688073.2688112 In this work, we consider the following family of two prover one-round games. In the CHSH_q game, two parties are given x,y in F_q uniformly at random, and each must produce an output a,b in F_q without communicating with the other. The players' objective is to maximize the probability that their outputs satisfy a+b=xy in F_q. This game was introduced by Buhrman and Massar (PRA 2005) as a large alphabet generalization of the celebrated CHSH game---which is one of the most well-studied two-prover games in quantum information theory, and which has a large number of applications to quantum cryptography and quantum complexity. Our main contributions in this paper are the first asymptotic and explicit bounds on the entangled and classical values of CHSH_q, and the realization of a rather surprising connection between CHSH_q and geometric incidence theory. On the way to these results, we also resolve a problem of Pawlowski and Winter about pairwise independent Information Causality, which, beside being interesting on its own, gives as an application a short proof of our upper bound for the entangled value of CHSH_q.
Keywords: bell inequalities and tsirelson bounds., point-line incidences, the chsh game, two player refereed games (ID#: 15-5046)
URL: http://doi.acm.org/10.1145/2688073.2688112

 

Mark Braverman, Jieming Mao;  Simulating Noisy Channel Interaction; ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 21-30. Doi: 10.1145/2688073.2688087 We show that T rounds of interaction over the binary symmetric channel BSC1/2--ε with feedback can be simulated with O(ε2 T) rounds of interaction over a noiseless channel. We also introduce a more general "energy cost" model of interaction over a noisy channel. We show energy cost to be equivalent to external information complexity, which implies that our simulation results are unlikely to carry over to energy complexity. Our main technical innovation is a self-reduction from simulating a noisy channel to simulating a slightly-less-noisy channel, which may have other applications in the area of interactive compression.
Keywords: communication complexity, information complexity, noisy channel (ID#: 15-5047)
URL:  http://doi.acm.org/10.1145/2688073.2688087

 

Avrim Blum, Jamie Morgenstern, Ankit Sharma, Adam Smith; Privacy-Preserving Public Information for Sequential Games; ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 173-180. Doi: 10.1145/2688073.2688100 In settings with incomplete information, players can find it difficult to coordinate to find states with good social welfare. For instance, one of the main reasons behind the recent financial crisis was found to be the lack of market transparency, which made it difficult for financial firms to accurately measure the risks and returns of their investments. Although regulators may have access to firms' investment decisions, directly reporting all firms' actions raises confidentiality concerns for both individuals and institutions. The natural question, therefore, is whether it is possible for the regulatory agencies to publish some information that, on one hand, helps the financial firms understand the risks of their investments better, and, at the same time, preserves the privacy of their investment decisions. More generally, when can the publication of privacy-preserving information about the state of the game improve overall outcomes such as social welfare? In this paper, we explore this question in a sequential resource-sharing game where the value gained by a player on choosing a resource depends on the number of other players who have chosen that resource in the past. Without any knowledge of the actions of the past players, the social welfare attained in this game can be arbitrarily bad. We show, however, that it is possible for the players to achieve good social welfare with the help of privacy-preserving, publicly-announced information. We model the behavior of players in this imperfect information setting in two ways -- greedy and undominated strategic behaviours, and we prove guarantees about the social welfare that certain kinds of privacy-preserving information can help attain. To achieve the social welfare guarantees, we design a counter with improved privacy guarantees under continual observation. In addition to the resource-sharing game, we study the main question for other games including sequential versions of the cut, machine-scheduling and cost-sharing games, and games where the value attained by a player on a particular action is not only a function of the actions of the past players but also of the actions of the future players.
Keywords: game theory, privacy (ID#: 15-5048)
URL: http://doi.acm.org/10.1145/2688073.2688100

 

Rachel Cummings, Katrina Ligett, Aaron Roth, Zhiwei Steven Wu, Juba Ziani;  Accuracy for Sale: Aggregating Data with a Variance Constraint; ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 317-324. Doi: 10.1145/2688073.2688106 We consider the problem of a data analyst who may purchase an unbiased estimate of some statistic from multiple data providers. From each provider i, the analyst has a choice: she may purchase an estimate from that provider that has variance chosen from a finite menu of options. Each level of variance has a cost associated with it, reported (possibly strategically) by the data provider. The analyst wants to choose the minimum cost set of variance levels, one from each provider, that will let her combine her purchased estimators into an aggregate estimator that has variance at most some fixed desired level. Moreover, she wants to do so in such a way that incentivizes the data providers to truthfully report their costs to the mechanism. We give a dominant strategy truthful solution to this problem that yields an estimator that has optimal expected cost, and violates the variance constraint by at most an additive term that tends to zero as the number of data providers grows large.
Keywords: buying data, mechanism design, vcg mechanism (ID#: 15-5049)
URL: http://doi.acm.org/10.1145/2688073.2688106

 

Clement Louis Canonne, Venkatesan Guruswami, Raghu Meka, Madhu Sudan; Communication with Imperfectly Shared Randomness; ITCS '15 Proceedings of the 2015 Conference on Innovations in Theoretical Computer Science, January 2015, Pages 257-262. Doi: 10.1145/2688073.2688099 The communication complexity of many fundamental problems reduces greatly when the communicating parties share randomness that is independent of the inputs to the communication task. Natural communication processes (say between humans) however often involve large amounts of shared correlations among the communicating players, but rarely allow for perfect sharing of randomness. Can the communication complexity benefit from shared correlations as well as it does from shared randomness? This question was considered mainly in the context of simultaneous communication by Bavarian et al. [1]. In this work we study this problem in the standard interactive setting and give some general results. In particular, we show that every problem with communication complexity of k bits with perfectly shared randomness has a protocol using imperfectly shared randomness with complexity 2^Ω(k) bits. We also show that this is best possible by exhibiting a promise problem with complexity k bits with perfectly shared randomness which requires 2^Ω(k) bits when the randomness is imperfectly shared. Along the way we also highlight some other basic problems such as compression, and agreement distillation, where shared randomness plays a central role and analyze the complexity of these problems in the imperfectly shared randomness model.  The technical highlight of this work is the lower bound that goes into the result showing the tightness of our general connection. This result builds on the intuition that communication with imperfectly shared randomness needs to be less sensitive to its random inputs than communication with perfectly shared randomness. The formal proof invokes results about the small-set expansion of the noisy hypercube and an invariance principle to convert this intuition to a proof, thus giving a new application domain for these fundamental results.
Keywords: communication complexity, invariance principle, randomness (ID#: 15-5050)
URL: http://doi.acm.org/10.1145/2688073.2688099

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

International Conferences: Signal Processing and Integrated Networks (SPIN), 2015

 

	International Conferences: Signal Processing and Integrated Networks (SPIN), 2015

 

The 2nd International Conference on Signal Processing and Integrated Networks (SPIN), 2015 was held on 19-20 February 2015 at by the Department of Electronics and Communication Engineering at Amity School of Engineering and Technology, Amity University, Noida, India.  The conference focused on advancements in Signal Processing and Integrated Networks. Researchers from India and abroad gathered to introduce their recent advances in the field and promote the exchange of new ideas, results and techniques and to promote research work, sharing views and getting innovative ideas in this field.  The articles and presentations cited here relate directly to security issues. 

---

 

Sharma, Lavanya; Yadav, Dileep Kumar; Bharti, Sunil Kumar, "An Improved Method For Visual Surveillance Using Background Subtraction Technique," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 421, 426, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095253
Abstract: Moving object detection is an important research area in computer vision. It deals with detecting instances of moving objects of various classes (such as humans, animals, buildings, or vehicles) in digital images and frame sequences for increasing needs of security and surveillance in public or private areas. In this work, proposed improvement enhances the existing model by using some image processing techniques in order to improve detection quality and compared against existing model using metrics like error analysis, precision, recall, f-measure and accuracy. In the existing work, robust estimators were used in order to model an efficient background and then a fast test was used to classify foreground pixel. There were problem of noisy pixels (false detection) due to environmental changes like waving tree leaves, rippling water and lighting effects. The, proposed improvement overcomes the problem of false detection and enhances the detection quality.
Keywords: Background Modeling; Background Subtraction; Hole filling; Morphological Operator; Moving Object Detection (ID#: 15-5129)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095253&isnumber=7095159

 

Islam, Md.Faruqul; Maheshwari, Saurabh; Kumar, Yogesh, "Energy Efficient Railway Track Security Using Vibration Sensing Network," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 973, 978, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095254
Abstract: Accidents occurring in railway transportation systems cost a large number of lives. Many people die and several others get physical and mentally injured. There is certain need of advanced and robust techniques that can not only prevent these accidents but also eradicate all possibilities of their occurrence. We are proposing a sensor network which continuously monitors the railway track through the acoustic sensors and detect any discontinuity in the track. The sensor nodes are equipped with the acoustic sensors that can sense the vibration in the railway track due a coming train. They also estimate the theoretical value of vibration knowing their distance from the train. They compare sensed and estimated vibration intensities. If there is a major difference between these intensities then the track is suspected to be broken. The geographical positioning sensors are placed on the trains as well as on sensors. This complete process is real time in nature and should meet the timing deadlines. The nodes placed on the track and the forwarding poles are expected to work regularly for a long period of time without human intervention. These are generally battery operated so should be following some energy efficiency algorithm also. This paper is an attempt to optimize the energy used by the sensor nodes by using proposed intelligent sensor and lazy pole strategy. Very few approaches have been implemented concerning the track breakage detection. The sensors follow the proposed intelligent sensing technique whereas the poles follow the lazy poles strategy to make the approach energy efficient.
Keywords: WSN; multilevel routing; railway track; security; track breakage; vibration sensors (ID#: 15-5130)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095254&isnumber=7095159

 

Dora, Durga Prasada; Kumar, Sushil; Kaiwartya, Omprakash, "Efficient Dynamic Caching For Geocast Routing In Vanets," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 979, 983, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095262
Abstract: Virtual warning system which is an integral component of Intelligent Transportation System (ITS) can be realized through geocasting in vehicular ad-hoc networks (VANETs). It enhances road safety and security by targeting a group of vehicles within a specified geospatial region, called Zone of Interest (ZOI) rather than an individual vehicle. Velocity of the node and dynamic topology are major concerns in vehicular traffic environment which differentiates VANETs from mobile ad-hoc networks (MANETs). This paper purposes neighbor selection scheme based on overlapping area threshold and efficient caching based on threshold time beaconing system to incorporate caching for geospatial packet dissemination which enhances data packet delivery ratio significantly. Due to this the messages that could not be forwarded because of local maximum problem in greedy forwarding are stored in cache which enhances geocast message delivery success ratio. Simulation results show that the purposed approach not only enhances the caching methodology but also minimizes packet loss as compared to greedy forwarding and greedy perimeter stateless routing (GPSR).
Keywords: caching; geocast routing; overlapping area threshold based caching; vehicular ad-hoc networks (ID#: 15-5131)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095262&isnumber=7095159

 

Bhattacharjee, Suchismita; Rajkumari, Roshni; Marchang, Ningrinla, "Effect Of Colluding Attack In Collaborative Spectrum Sensing," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 223, 227, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095266
Abstract: Collaborative spectrum sensing (CSS) is an approach that enhances the spectrum sensing performance where multiple secondary users (SUs) cooperate to make the final sensing decision in a cognitive radio network (CRN). In CSS, the SUs are generally assumed to report correct local sensing result to the fusion center (FC). But, some SUs may be compromised and start reporting false local sensing decision to the FC to disrupt the network. CSS can also be severely affected by compromised nodes working together. Such a type of attack is termed as colluding attack and nodes that launch colluding attacks are known as colluding nodes. In this paper, we study the effect of colluding nodes in collaborative spectrum sensing. We also show that the presence of colluding attack results in higher as network performance degradation compared to independent attack especially when the presence of attackers is high. Hence, colluding attacks are of much security concern.
Keywords: Cognitive radio; Infrastructure-based CR; Spectrum sensing data falsification; colluding nodes (ID#: 15-5132)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095266&isnumber=7095159

 

Dwivedi, Rudresh; Dey, Somnath, "Cancelable Iris Template Generation Using Look-Up Table Mapping," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 785, 790, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095296
Abstract: One of the potential passiveness in a biometric system is the invasion of stored biometric template, which may lead to serious security and privacy thefts. The emerging need of biometric approaches is evolved from privacy invasion and irrevocable issues of identity thefts as passwords and tokens can be easily compromised. To address these issues, the notion of cancelable biometrics is introduced to signify biometric templates that can be canceled and replaced with the inclusion of another independent authentication factor. Cancelable biometric generation technique based on randomized look-up table mapping has been proposed in this paper. The technique uses a decimal vector, which is evaluated from a row vector. Row vector is generated by applying 1-D Log Gabor filter on the raw iris template. The decimal vector is then mapped to look-up table based on the position of bits. The proposed approach enables an operation of cancelable iris biometric systems at a high security level. Experiments which are carried out on the CASIA V3 Interval iris database confirm the effectiveness of the proposed approach. Although, the accuracy of the proposed approach is confirmed as 94.26% but the approach is efficient if we consider the security and non-revocable perspectives.
Keywords: Look-up table; biometric; cancelable; iris biometric (ID#: 15-5133)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095296&isnumber=7095159

 

Kashyap, Katyayani; Sarma, Manash P.; Sarma, Kandarpa K.; Mastorakis, Nikos, "Generation Of Orthogonal Logistic Map Sequences For Faded Channels In Spread Spectrum Modulation," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 253, 258, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095304
Abstract: Spread spectrum system are techniques by which signals are spreaded in the frequency domain and plays a very important role in wireless communication system. For secure communication, chaotic spreading sequence is advantageous but most of them are non-orthogonal. This paper presents the design of an orthogonal chaotic spreading sequence for application in Direct Sequence Spread Spectrum (DS SS) system for faded wireless channels. Enhancing the quality of service (QOS) and security of data transmission are prime issues which can better be addressed with chaotic sequences. In this paper, generation and application of orthogonal chaotic sequence is done and a comparison with non orthogonal chaotic sequence is presented. Also the generated orthogonal spreading sequence is applied for DS SS system using different channels and the results are compared. The comparison factors are bit error rate (BER), mutual information, signal power and computational time, which finally states the efficiency of generated code. Again a multiplier-less chaotic sequence generator is proposed for lower power requirement than the existing one.
Keywords: Chaotic code; DS SS; Logistic map; Orthogonal chaotic code; Rayleigh fading; Rician fading (ID#: 15-5134)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095304&isnumber=7095159

 

Mishra, Manoj K.; Sengar, Sandeep Singh; Mukhopadhyay, Susanta, "Algorithm For Secure Visual Communication," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 831, 836, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095310
Abstract: The enormous size of video data of natural scene and objects is a practical threat to storage, transmission. The efficient handling of video data essentially requires compression for economic utilization of storage space, access time and the available network bandwidth of the public channel. In addition, the protection of important video is of utmost importance so as to save it from malicious intervention, attack or alteration by unauthorized users. Therefore, security and privacy has become an important issue. Since from past few years, number of researchers concentrate on how to develop efficient video encryption for secure video transmission, a large number of multimedia encryption schemes have been proposed in the literature like selective encryption, complete encryption and entropy coding based encryption. Among above three kinds of algorithms, they all remain some kind of shortcomings. In this paper, we have proposed a lightweight selective encryption algorithm for video conference which is based on efficient XOR operation and symmetric hierarchical encryption, successfully overcoming the weakness of complete encryption while offering a better security. The proposed algorithm guarantees security, fastness and error tolerance without increasing the video size.
Keywords: GDH.3; H.264/AVC; RC4; video encryption (ID#: 15-5135)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095310&isnumber=7095159

 

Kamila, Sabyasachi; Roy, Ratnakirti; Changder, Suvamoy, "A DWT Based Steganography Scheme With Image Block Partitioning," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 471, 476, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095311
Abstract: Steganography is a branch of information hiding. It hides the existence of a secret message by embedding it in a cover media. In this paper, a new method for color image steganography is proposed in frequency domain where Discrete Wavelet Transform (DWT) of the cover image is used to differentiate high frequency and low frequency information of each pixel of the image. Proposed method hides secret bits in three higher frequency components making sure that the embedding impact on the cover image is minimum and not centralized in sensitivity domain. Experimental results reveal a good visual quality of the stego image with desirable steganalysis resisting characteristics.
Keywords: 2D-DWT; Dynamic Blocking; PairingFunction; Security; Steganography (ID#: 15-5136)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095311&isnumber=7095159

 

Kashyap, Katyayani; Sarma, Manash P.; Sarma, Kandarpa K.; Mastorakis, Nikos, "Logistic Map Based Spread Spectrum Modulation In Faded Wireless Channel," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 270, 274, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095325
Abstract: Spread spectrum modulation finds a very important place in wireless communication due to many striking features like robustness to noise and interference, application of Code Division Multiple Access (CDMA) and so on. But generation of an efficient spreading code is always challenging and crucial too. This paper presents a design of chaotic spreading sequence for application in a Direct Sequence Spread Spectrum (DS SS) based system with the considerations of a faded wireless channel. Enhancing the security of data transmission is a main issue and can better be addressed with a chaotic sequence. Generation and application of chaotic sequence is done and a comparison with Gold sequence is presented which clearly indicates achieving better performance with simplicity of design. Performance evaluation is done in terms of BER, computational time and mutual information for faded channel taking into considerations of different modulation schemes, which finally dictates the efficiency of the generated code in high data rate modulation schemes.
Keywords: BPSK; DPSK; DS SS; Gold code; Logistic map code; QPSK (ID#: 15-5137)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095325&isnumber=7095159

 

Ankur; Divyanjali; Bhardwaj, Trishansh, "A Dissection of Pseudorandom Number Generators," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 318, 323, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095369
Abstract: Security over the network has become the most challenging issue with the day by day increase in use of internet and other such services provided by network. The secure transmission, storage and access of data or information are the key issues for security. To understand and implement security one needs to first know in deep the concept of pseudorandom numbers because they play a major role in internet security. Pseudo-random number generators are used to generate these numbers which can be then used as keys or in any other form. In this paper we have presented various pseudorandom number generators that are used for security purpose to generate the encryption keys, SSL connection, database security etc. There is a need to understand how and for what purpose these pseudorandom number generators can be used. We also elaborate some of the limitations of the same.
Keywords: Inversive Congruential Generator; Lagged Fibonacci Generator; Linear Congruential Generator; Pseudorandom generators; Random numbers (ID#: 15-5138)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095369&isnumber=7095159

 

Roy, Aniket; Maiti, Arpan Kumar; Ghosh, Kuntal, "A Perception Based Color Image Adaptive Watermarking Scheme in YCbCr Space," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 537, 543, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095399
Abstract: Copyright protection has now become a challenging domain in real life scenario. Digital watermarking scheme is an important tool for copyright protection technique. A good quality watermarking scheme should have high perceptual transparency, and should also be robust enough against possible attacks. A well-known (Lewis-Barni) Human Visual System (HVS) based watermarking model is fairly successful with respect to the first mentioned criterion, though its effectiveness in color images has not been claimed. Furthermore, it is true that although several watermarking schemes are available in literature for grayscale images, relatively few works have been done in color image watermarking, and the little that have been done, have mostly been tested in RGB, YUV, YIQ color spaces. Thus the question remains that, which is the optimal color space for color image watermarking and whether this HVS model is applicable for that color space. There are two main contributions of the present work with respect to the above. First, it claims that for color image watermarking, the YCbCr space can be used as the perceptually optimum color space, the Cb component being the optimal color channel here. Second, it also tests the effectiveness of the above-mentioned HVS model in that color space. These have been achieved by using the HVS model to propose a new non-blind (original image and the watermark logo image both are needed for extraction) image adaptive Discrete Wavelet transform and Singular Value Decomposition (DWT-SVD) based color image watermarking scheme in YCbCr color space. The multi-resolution property of DWT and stability of SVD additionally makes the scheme robust against attacks, while the Arnold scrambling, of the watermark, enhances the security in our method. The experimental results support the superiority of our scheme over the existing methods.
Keywords: DWT; SVD; YCbCr color space; color image watermarking; perceptual transparency; robustness (ID#: 15-5139)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095399&isnumber=7095159

 

Cabrera, Josue; Alonso, Jesus B.; Travieso, Carlos M.; Ferrer, Miguel A.; Hernriquez, Patricia; Dutta, Malay Kishore; Singh, Anushikha, "Emotional States Discrimination In Voice In Secure Environments," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 843, 847, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095414
Abstract: In this paper we present the use of emotions in security. The access control security systems by speech recognition can be complemented by means of an emotions discrimination system from the speech. An emotions recognition system has the advantage of increasing the security allowing identifying if an authorized user in the system is being coerced while he executes speech identification, reflecting his speech some nervousness. In this study we use four emotional states. We use three emotional states that would produce alarm in a security system: anxiety, hot anger and panic. and a fourth emotional state that corresponds to emotions set without interest for the security, like happiness, shame, sadness, boredom or the absence of emotion (neutral), and that we have called rest. In our simulations, the proposed emotions discrimination system has obtained an average accuracy about 79%.
Keywords: Emotion recognition; feature extraction; speech (ID#: 15-5140)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095414&isnumber=7095159

 

Goswami, Sudhir; Goswami, Jyoti; Kumar, Nagresh, "Unusual Event Detection In Low Resolution Video For Enhancing ATM Security," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 848, 853, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095435
Abstract: In real world applications, tracking target in low resolution video is a challenging task because there is loss of discriminative detail in the visual appearance of moving object. The existing methods are mostly based on the enhancement of LR (low resolution) video by super resolution techniques. But these methods require high computational cost. This cost further increases if we are dealing with events detection. In this paper we present an algorithm which is able to detect unusual events without such type of conversion and well suited for enhancement of security of ATMs where conventional low resolution cameras are generally used due to their low cost. Proposed algorithm only uses close morphological operation with disk like structuring element in the preprocessing steps to cope up with low resolution video. It further uses rolling average background subtraction technique to detect foreground object from dynamic background in a scene. Our proposed algorithm is able to recognize the occurrence of uncommon events such as overcrowding or fight in the low resolution video simply by using statistical property, standard deviation of moving objects. It is fast enough because it process low resolution frames and could be helpful in surveillance system for enhancing the security of ATMs where conventional camera of low resolution are still used. It does not use any classifier and avoids the requirement of training the system initially.
Keywords: ATM security; Object Tracking; Unusual event detection; background subtraction; video surveillance (ID#: 15-5141)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095435&isnumber=7095159

 

Mehta, Rajesh; Vishwakarma, Virendra P.; Rajpal, Navin, "Lagrangian Support Vector Regression Based Image Watermarking In Wavelet Domain," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 854, 859, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095436
Abstract: To enhance the imperceptibility and robustness against image processing operations, the advantage of artificial neural network (ANN) and machine learning algorithms such as support vector regression (SVR), extreme learning machine (ELM) etc. are employed into watermarking applications. In this paper, Lagrangian support vector regression (LSVR) based blind image watermarking scheme in wavelet domain is proposed. The good learning capability, high generalization property against noisy datasets and less computational cost of LSVR compared to traditional SVR and ANN based algorithms makes the proposed scheme more imperceptible and robustness. Firstly, four sub images of host image are obtained using sub sampling. Each sub image is decomposed using discrete wavelet transform (DWT) to obtain the low frequency subband. Low frequency coefficients of each sub image are used to form the dataset act as input to LSVR. The output obtained by trained LSVR is used to embed the binary watermark. The security of the watermark is enhanced by applying Arnold transformation. Experimental results show the imperceptibility and robustness of the proposed scheme against several image processing attacks. The visual quality of watermarked image is quantified by the peak-signal-to noise ratio (PSNR) and the similarity between the original and extracted watermark is evaluated using bit error rate (BER). Performance of the proposed scheme is verified by comparing with the state-of-art techniques.
Keywords: Bit error rate; Lagrangian support vector regression; Peak signal to noise ratio; Wavelet transform (ID#: 15-5142)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095436&isnumber=7095159

 

Ali, Sadaf Syed; Prakash, Surya, "Enhanced Fingerprint Shell," Signal Processing and Integrated Networks (SPIN), 2015 2nd International Conference on, pp. 801, 805, 19-20 Feb. 2015. doi: 10.1109/SPIN.2015.7095438
Abstract: Most of the fingerprint based biometric systems directly store fingerprint information in the form of minutiae template. A fingerprint is permanently associated with a user and cannot be changed unlike passwords in case of token-based systems. If the fingerprint of a user is compromised, it is lost forever. Hence ensuring security of fingerprint data is essential. In this paper, a key based technique, called Enhanced fingerprint Shell, has been presented for securing fingerprint template. This technique is an enhanced version of the key based technique named as Fingerprint Shell proposed by Moujahdi et al. The proposed technique transforms a fingerprint template by using a pair of keys defined uniquely for every individual. If the transformed template is compromised, user has an option to generate a new template using a new pair of keys. The proposed technique has been evaluated on IIT Kanpur fingerprint database. Experimental results have been found encouraging and demonstrate the effectiveness of the proposed technique.
Keywords: Biometric security; Diversity; Fingerprint; Minutiae; Revocability (ID#: 15-5143)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7095438&isnumber=7095159

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

International Conferences: Signal Processing, Informatics, Communication & Energy Systems (SPICES), India, 2015

 

	International Conferences: Signal Processing, Informatics, Communication and Energy Systems (SPICES), India, 2015

 

The 2015 IEEE International Conference on Signal Processing, Informatics, Communication and Energy Systems (SPICES) was held on 19-21 Feb. 2015 at in Kozhikode, Kerala, India. It was a forum for technical exchange amongst researchers from academia, research laboratories, and industries in various emerging fields of Signal Processing, Communication, Computer Science, Power Systems, and Control spanning across six tracks. The technical program includes keynote lectures, plenary lectures, regular technical sessions, and special sessions.  Conference web page is at: http://www.ieeespices.org/   

---

 

Sadio, Ousmane; Ngom, Ibrahima; Lishou, Claude; Saliah-Hassane, Hamadou, "Improving Security And Mobility For Remote Access: A Wireless Sensor Network Case," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091369
Abstract: Ubiquitous Computing is a new Internet revolution that will allow, among other uninterrupted access to the network actors machines and some mobile devices. In this paper, the example of mobile laboratory is composed a Wireless Sensor Network (WSN) whose the data collection is done through a special node called master. HIP (Host Identity Protocol) is used as communication protocol. The HIP architecture uses the identity/locator split. In the proposed architecture, mobility is managed by three entities including mobile node (master), locator manager or fLRVS (firewall and Local Rendezvous Server), access link manager or S-RVS (Subnet Rendezvous Server). The new introduced network entity is fLRVS, it is responsible for the node accessibility in the domain and filtering based on the HI (Host Identifier). The node identifier named HI, is the public key of an asymmetric key-pair. The HIP Registration and HIP Rendezvous Extension have been modified to achieve this authentication system. A proposed mobility scheme, named HIPdisass, is based on a proactive handover mechanism which reduce latency and packet loss. At outside, remote hosts can connect to the mobile laboratory safely regardless of the type of access network.
Keywords: Authentication; Decision support systems; Hip; Protocols; Servers; Wireless sensor networks; host identity protocol; macro-mobility; micro-mobility; remote access; security; wireless sensor network (ID#: 15-5090)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091369&isnumber=7091354

 

Lata, B T; Sumukha, T V; Suhas, H; Tejaswi, V; Shaila, K; Venugopal, K R; Anvekar, Dinesh; Patnaik, L M, "SALR: Secure Adaptive Load-Balancing Routing In Service Oriented Wireless Sensor Networks," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091379
Abstract: Congestion control and secure data transfer are the major factors that enhance the efficiency of Service Oriented Wireless Sensor Networks. It is desirable to modify the routing and security schemes adaptively in order to respond effectively to the rapidly changing Network State. Adding more complexities to the routing and security schemes increases the end-to-end delay which is not acceptable in Service Oriented WSNs which are mostly in real time. We propose an algorithm Secure Adaptive Load-Balancing Routing (SALR) protocol, in which the routing decision is taken at every hop considering the unforeseen changes in the network. Multipath selection based on Node Strength is done at every hop to decide the most secure and least congested route. The system predicts the best route rather than running the congestion detection and security schemes repeatedly. Simulation results show that security and latency performance is better than reported protocols.
Keywords: Delays; Mathematical model; Routing; Routing protocols; Security; Wireless sensor networks; Wireless Sensor Networks; hop-by-hop routing; load-balancing; machine learning; multipath; network security; secure adaptive routing (ID#: 15-5091)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091379&isnumber=7091354

 

Sarvabhatla, Mrudula; Narayana, Kodavali Lakshmi; Vorugunti, Chandra Sekhar, "An Improved Secure Remote User Authentication Scheme Using Smart Cards With Check Digits," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091415
Abstract: The advancement of communication technology resulted in increasing number of security threats over public Internet on remote servers. In 2014, Shipra et al. proposed an improved remote user authentication scheme using smart cards with check digits. Shipra et al. claimed that their scheme is secure and efficient against all major cryptographic attacks. Unfortunately, their scheme is vulnerable to some of the cryptographic attacks, particularly “online password guess attack” as discussed in this manuscript. As a part of our contribution, we propose a robust and extra secure authentication scheme for remote users based on smart cards with check digits, with slight increase in the cost. Security is the fundamental compared to complexity, since complexity can be easily manage with improved technology.
Keywords: Authentication; Law; Resists; Servers; Smart cards; Authentication; Check digits; Security; Smart Card; Cryptography (ID#: 15-5092)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091415&isnumber=7091354

 

Yassin, Mohamad; Rachid, Elias, "A Survey Of Positioning Techniques And Location Based Services In Wireless Networks," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091420
Abstract: Positioning techniques are known in a wide variety of wireless radio access technologies. Traditionally, Global Positioning System (GPS) is the most popular outdoor positioning system. Localization also exists in mobile networks such as Global System for Mobile communications (GSM). Recently, Wireless Local Area Networks (WLAN) become widely deployed, and they are also used for localizing wireless-enabled clients. Many techniques are used to estimate client position in a wireless network. They are based on the characteristics of the received wireless signals: power, time or angle of arrival. In addition, hybrid positioning techniques make use of the collaboration between different wireless radio access technologies existing in the same geographical area. Client positioning allows the introduction of numerous services like real-time tracking, security alerts, informational services and entertainment applications. Such services are known as Location Based Services (LBS), and they are useful in both commerce and security sectors. In this paper, we explain the principles behind positioning techniques used in satellite networks, mobile networks and Wireless Local Area Networks. We also describe hybrid localization methods that exploit the coexistence of several radio access technologies in the same region, and we classify the location based services into several categories. When localization accuracy is improved, position-dependant services become more robust and efficient, and user satisfaction increases.
Keywords: Accuracy; Global Positioning System; IEEE 802.11 Standards; Mobile communication; Mobile computing; Position measurement; Satellites; GPS; GSM; Location Based Services; Positioning techniques; Wi-Fi; hybrid positioning systems (ID#: 15-5093)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091420&isnumber=7091354

 

Meera, G; Geethakumari, G, "A Provenance Auditing Framework For Cloud Computing Systems," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp.1,5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091427
Abstract: Cloud computing is a service oriented paradigm that aims at sharing resources among a massive number of tenants and users. This sharing facility that it provides coupled with the sheer number of users make cloud environments susceptible to major security risks. Hence, security and auditing of cloud systems is of great relevance. Provenance is a meta-data history of objects which aid in verifiability, accountability and lineage tracking. Incorporating provenance to cloud systems can help in fault detection. This paper proposes a framework which aims at performing secure provenance audit of clouds across applications and multiple guest operating systems. For integrity preservation and verification, we use established cryptographic techniques. We look at it from the cloud service providers' perspective as improving cloud security can result in better trust relations with customers.
Keywords: Cloud computing; Cryptography; Digital forensics; Monitoring; Virtual machining; Auditing; Cloud computing; Provenance (ID#: 15-5094)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091427&isnumber=7091354

 

Mohan, Arun K; Saranya, M R; Anusudha, K, "Improved Reversible Data Hiding Using Histogram Shifting Method," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091459
Abstract: A reversible data hiding (RDH) algorithm with improved security, which can reacquire the cover in separable manner from the marked stego-image is presented in this paper. In the content owner side cover image is encrypted by deploying user-defined security key derived-chaotic based transposition algorithm. Then the data hider conceals secret data into the encrypted image by perturbing its histogram, by utilizing another user defined data hiding key. At the receiver side, the recuperation of the cover can be implemented directly or indirectly which depends on shared key. Lower bound of Peak Signal to Noise Ratio (PSNR) for direct recuperation method is set to 48.13dB. This technique has improved security & achieved higher data hiding capacity than the existing methods.
Keywords: Data mining; Encryption; Histograms; PSNR; Receivers; Chaotic sequence; Histogram shifting; Image encryption; Key generation; Logistic Map Function; PSNR; Reversible data hiding (ID#: 15-5095)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091459&isnumber=7091354

 

Kakarla, Jagadeesh; Majhi, Banshidhar; Babu, B Ramesh, "A Trust Based Secured Coordination Mechanism For WSAN," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091460
Abstract: Wireless sensor-actor networks (WSAN) consist of a vast number of sensors and few actors. Generally, these networks are deployed in an unprotected environment to sense the physical world, and perform reliable actions on it. Hence, these networks are always susceptible to various kinds of passive and active attacks by malicious nodes. The back hole and gray hole attacks are part of active attacks. These attacks degrade the network efficiency and performance. In this paper, an efficient trust based secured coordination mechanism is proposed to counter the black hole and gray hole attacks on the delay and energy efficient routing protocol in sensor-actor networks. In the proposed mechanism, each sensor analyzes the trust level of its 1 — hop sensors based on the experience, recommendation, and knowledge. The analyzed trust value is transferred to the actor. The actor analyzes these values to identify the malicious nodes in its cluster region. The proposed trust based secured coordination mechanism (TBSC) is simulated using NS2. The performance is analyzed with respect to packet delivery ratio, average energy dissipation in the network, and average end-to-end delay. The simulation results reveal that TBSC mechanism performs well for the delay and energy efficient routing protocol compared to the existing security mechanisms.
Keywords: Ad hoc networks; Delays; Energy dissipation; Monitoring; Sensors; Wireless communication; Wireless sensor networks; Black hole; Energy; Gray hole; Sensor; Trust (ID#: 15-5096)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091460&isnumber=7091354

 

Saranya, M R; Mohan, Arun K; Anusudha, K, "Algorithm For Enhanced Image Security Using DNA And Genetic Algorithm," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091462
Abstract: An efficient image encryption algorithm with improved image security has been developed by using chaotic function, deoxyribonucleic acid (DNA) sequencing and genetic algorithm (GA). A chaotic sequence of desired length is generated by using the logistic map function whose initial value is calculated using the secret key. A number of DNA masks are generated and these masks along with the chaotic sequences are used to encrypt the digital image. Finally genetic algorithm is employed to get the best mask for encryption. The proposed method can resist various types of attacks and produce high entropy and very low correlation between pixels.
Keywords: DNA; Decision support systems; Encoding; Encryption; Entropy; Genetic algorithms; Logistics; Deoxyribonucleic acid (DNA); Entropy; Genetic algorithm (GA);Image encryption; Logistic map (ID#: 15-5097)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091462&isnumber=7091354

 

Sarojkumar, K; Krishna, S, "Comparison Of Numerical Methods For Online Dynamic Security Assessment Using Energy Function," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091485
Abstract: Online dynamic security assessment involves analyzing the effect of a large number of contingencies in a short time. This is a computationally demanding task, and use of energy function method reduces the computational burden. Energy function method involves determination of a quantity called critical energy which requires system simulation for a short duration. In spite of the use of energy function method, there is a significant computational requirement since a large number of contingencies have to be analyzed. In this paper, a comparison of the performance, in terms of accuracy and speed, of different numerical methods in the determination of critical energy, is presented.
Keywords: Accuracy; Computational modeling; Generators; Numerical models; Potential energy; Power transmission lines; Rotors; Online dynamic security assessment; energy function; numerical solution (ID#: 15-5098)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091485&isnumber=7091354

 

Ramaiah, N.Pattabhi; Ijjina, Earnest Paul; Mohan, C.Krishna, "Illumination Invariant Face Recognition Using Convolutional Neural Networks," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 4, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091490
Abstract: Face is one of the most widely used biometric in security systems. Despite its wide usage, face recognition is not a fully solved problem due to the challenges associated with varying illumination conditions and pose. In this paper, we address the problem of face recognition under non-uniform illumination using deep convolutional neural networks (CNN). The ability of a CNN to learn local patterns from data is used for facial recognition. The symmetry of facial information is exploited to improve the performance of the system by considering the horizontal reflections of the facial images. Experiments conducted on Yale facial image dataset demonstrate the efficacy of the proposed approach.
Keywords: Face; Face recognition; Lighting; Neural networks; Pattern analysis;Training; biometrics; convolutional neural networks; facial recognition; non-uniform illumination (ID#: 15-5099)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091490&isnumber=7091354

 

Chandrasekaran, Jeyamala; Jayaraman, Thiruvengadam S, "A Fast And Secure Image Encryption Algorithm Using Number Theoretic Transforms And Discrete Logarithms," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091491
Abstract: Many of the Internet applications such as video conferencing, military image databases, personal online photograph albums and cable television require a fast and efficient way of encrypting images for storage and transmission. In this paper, discrete logarithms are used for generation of random keys and Number Theoretic Transform (NTT) is used as a transformation technique prior to encryption. The implementation of NTT is simple as it uses arithmetic for real sequences. Encryption and decryption involves the simple and reversible XOR operation of image pixels with the random keys based on discrete logarithms generated independently at the transmitter and receiver. Experimental results with the standard bench mark test images proposed in the USC-SIPI data base confirm the enhanced key sensitivity and strong resistivity of the algorithm against brute force attack and statistical crypt analysis. The computational complexity of the algorithm in terms of number of operations and number of rounds is very small in comparison with the other image encryption algorithms. The randomness of the keys generated has been tested and is found in accordance with the statistical test suite for security requirements of cryptographic modules as recommended by National Institute of Standards and Technology (NIST).
Keywords: Chaotic communication; Ciphers; Correlation; Encryption; Transforms; Discrete Logarithms; Image Encryption; Number Theoretic Transforms (ID#: 15-5100)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091491&isnumber=7091354

 

Janani, V.S.; Manikandan, M.S.K., "CRT-KM: Chinese Remainder Theorem Based Key Management Scheme For Securing Ad-Hoc Networks," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091501
Abstract: Providing security for Dynamic Cluster based Mobile Ad-hoc networks (MANET) is a vital task to improve network security with less compromising mobility and with reduced dedicated Data occupancy. Key generation, distribution and authentication are major tasks of a key management system. A flexible and strong model is required to handle key management since dynamic ad-hoc networks are more prone to many kinds of hacking activity. In this paper a new procedure is implemented using Chinese remainder Theorem based Key-management (CRT-KM) and it is compared with one existing ID-Based Multiple Key Management system (IMKM). The performances are compared in terms of parameters like mobility, Overhead message; security and power consumption.
Keywords: Mobile ad hoc networks; Mobile communication; Mobile computing; Public key; Chinese Remainder Theorem; ID based multiple key management system; key management; mobile ad hoc network (ID#: 15-5101)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091501&isnumber=7091354

 

Jilna, P.; Deepthi, P.P.; Sameer, S.M.; Sathidevi, P.S.; Vijitha, A.P., "FPGA Implementation Of An Elliptic Curve Based Integrated System For Encryption And Authentication," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp.1,6, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091513
Abstract: The resource constrained applications in the present day communication networks demand the use of new cryptographic protocols and hardware with reduced computational and structural complexity. The use of standard, standalone cryptographic primitives are not suitable for such applications. This paper proposes the implementation of a new integrated system for both encryption and authentication based on elliptic curves. An algorithm for pseudo random sequence generation based on cryptographic one way function of elliptic curve point multiplication is developed. This is combined with an elliptic curve based message authentication code to form the integrated system. EC point multiplication operation is preferred as cryptographic one way function for use in this system due to its high security per bit of the key. The hardware is implemented on a Virtex 5 FPGA using Xilinx ISE. In the proposed hardware implementation a single point multiplication unit is time shared between the operations of pseudo random sequence generation and authentication to reduce the overall hardware complexity. A comparison of the resource requirement of the proposed implementation with existing standalone methods is also done.
Keywords: Authentication; Complexity theory; Elliptic curves; Encryption; Hardware; Random sequences; Elliptic Curve Cryptography; MAC; Pseudo random sequence (ID#: 15-5102)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091513&isnumber=7091354

 

Kodali, Ravi Kishore; Gundabathula, Satya Kesav; Boppana, Lakshmi, "Implementation of Toeplitz Hash based RC-4 in WSN," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091535
Abstract: Certain Wireless sensor network (WSN) applications such as military and e- health care require the inter-node communication to be secure. The tiny WSN nodes have limited computational power, memory and finite energy source. These constraints restrict the implementation of highly secure models on the devices as they demand more memory and involve compute intensive operations. Several protocols have been designed for providing different security levels with varying strengths at the expense of the amount of hardware and computational power of the processor in the WSN node. In wireless equivalent privacy (WEP) model static keys are generated for the XOR operation with the plain text in the encryption process. This work proposes a new security model that provides dynamic keys to the encryption/decryption stages. A model for the proposed scheme has been developed using nesC and the same has been implemented on a IRIS WSN node. The WSN implementation of the proposed security model has been compared with those of WEP, WiFi Protected access (WPA) based on memory usage and execution time.
Keywords: Ciphers; Computational modeling; Encryption; Heuristic algorithms; Random access memory; Wireless sensor networks; IRIS mote; Security; Toeplitz Hash; WEP; WPA; WSN (ID#: 15-5103)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091535&isnumber=7091354

 

Dickson, Anne; Thomas, Ciza, "Optimizing False Alerts Using Multi-Objective Particle Swarm Optimization Method," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091547
Abstract: Security attacks through Internet have proliferated in recent years. An Intrusion Detection System in the general framework of a network catches the perpetrators before they do real damage to the resources. The performance of Intrusion Detection Systems usually depends on the false alarm rate and the detection rate, since true positive and false positive trade-off is always a major challenge in the choice of systems. In this paper, a multi-objective optimization approach using Particle Swarm Optimization method is used in the context of tradeoffs inherent in the performance evaluators of Intrusion Detection Systems.
Keywords: Classification algorithms; Conferences; Intrusion detection; Optimization; Particle swarm optimization; Search problems; Gbest; Intrusion Detection Systems; Particle Swarm Optimization; Pbest; Swarm Intelligence (ID#: 15-5104)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091547&isnumber=7091354

 

Tanuja, R; Arudi, Souparnika P; Manjula, S H; Venugopal, K R; Patnaik, L M, "TKP: Three Level Key Pre-Distribution With Mobile Sinks For Wireless Sensor Networks," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091557
Abstract: Wireless Sensor Networks are by its nature prone to various forms of security attacks. Authentication and secure communication have become the need of the day. Due to single point failure of a sink node or base station, mobile sinks are better in many wireless sensor networks applications for efficient data collection or aggregation, localized sensor reprogramming and for revoking compromised sensors. The existing sytems that make use of key predistribution schemes for pairwise key establishment between sensor nodes and mobile sinks, deploying mobile sinks for data collection has drawbacks. Here, an attacker can easily obtain many keys by capturing a few nodes and can gain control of the network by deploying a node preloaded with some compromised keys that will be the replica of compromised mobile sink. We propose an efficient three level key predistribution framework that uses any pairwise key predistribution in different levels. The new framework has two set of key pools one set of keys for the mobile sink nodes to access the sensor network and other set of keys for secure communication among the sensor nodes. It reduces the damage caused by mobile sink replication attack and stationary access node replication attack. To further reduce the communication time it uses a shortest distance to make pair between the nodes for comunication. Through results, we show that our security framework has a higher network resilience to a mobile sink replication attack as compared to the polynomial pool-based scheme with less communication time.
Keywords: Authentication; Base stations; Mobile communication; Mobile computing; Polynomials; Wireless sensor networks; Key predistribution; Security; Wireless Sensor Networks (ID#: 15-5105)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091557&isnumber=7091354

 

Stuart, Celine Mary; Deepthi, P.P., "Hardware Efficient Scheme For Generating Error Vector To Enhance The Performance Of Secure Channel Code," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1, 5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091564
Abstract: Security, reliability and hardware complexity are the main issues to be addressed in resource constrained devices such as wireless sensor networks (WSNs). Secure channel coding schemes have been developed in literature to reduce the overall processing cost while providing security and reliability. The security of a channel coding scheme against various attacks is mainly decided by the nature of intentional error vectors added to the encoded data. The methods available in literature to generate random error vectors increase the encoding complexity for each message block. Also the error vectors generated are not able to provide much security. A novel method is proposed in this paper to generate intentional error vector with sufficient weight, so that the security of the secure channel code is increased by a large margin without causing any additional encoding complexity. Results show that the proposed model is effective in incorporating security in resource constrained sensor networks.
Keywords: Complexity theory; Cryptography; Hamming weight; Hardware; Polynomials; Quantum cascade lasers; Cryptosystem; MV attack; QCLDPC; RN attack; ST attack (ID#: 15-5106)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091564&isnumber=7091354

 

Jose, Binesh; Kumar, S D Madhu, "Telecom Grade Cloud Computing: Challenges And Opportunities," Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, pp. 1 ,5, 19-21 Feb. 2015. doi: 10.1109/SPICES.2015.7091565
Abstract: Cloud computing and virtualization are two key technology priorities for telecom service providers. Besides total cost reduction, there are many strategic objectives while adopting cloud technology into the telecom sector. Telecom service providers core assets and strength lies in their communication networks, but these alone are not enough to maintain the industry in the higher level that it once enjoyed. Combining cloud computing technology and networks, telecom service providers can become a significant force in the cloud providers domain and more importantly to return to the growth path. This work evaluates the new challenges and opportunities that are offered by the adoption of cloud and virtualization technologies in telecom sector and its impact on industry value chain and the operational model. Results indicate that even though there are many technical and non-technical challenges still existing, security is still considered as the primary concern that forces cloud into back foot. This study also brings out the fact that, like all other technologies involving in business, cloud technology also brings in many new advantages as well as few disadvantages. Whilst several studies and research works have been done on cloud computing for IT sector, limited research work has been found on cloud computing for telecommunication. Also, majority of the research done in this area is based on industrial research perspective. The significance of our work comes in this context.
Keywords: Cloud computing; Computational modeling; Resource management; Security; Telecommunication services; cloud computing; network function virtualisation; software defined networking; telecom grade cloud (ID#: 15-5107)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091565&isnumber=7091354

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

Security Conference Publications, Early 2015

 

	Security Conference Publications, Early 2015

 

The publications cited here are an olio of conference publications from early in 2015.

---

 

Ismail, Ziad; Leneutre, Jean; Bateman, David; Chen, Lin, "A Game-Theoretical Model for Security Risk Management of Interdependent ICT and Electrical Infrastructures," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.101,109, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.24 The communication infrastructure is a key element for management and control of the power system in the smart grid. The communication infrastructure, which can include equipment using off-the-shelf vulnerable operating systems, has the potential to increase the attack surface of the power system. The interdependency between the communication and the power system renders the management of the overall security risk a challenging task. In this paper, we address this issue by presenting a mathematical model for identifying and hardening the most critical communication equipment used in the power system. Using non-cooperative game theory, we model interactions between an attacker and a defender. We derive the minimum defense resources required and the optimal strategy of the defender that minimizes the risk on the power system. Finally, we evaluate the correctness and the efficiency of our model via a case study.
Keywords: Communication equipment; Games; Nash equilibrium; Power grids; Security; Substations; Cyber-physical System; Non-cooperative Game Theory; SCADA Security (ID#: 15-4787)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027420&isnumber=7027398

 

Lee, Chen-Yu; Kavi, Krishna M.; Paul, Raymond A.; Gomathisankaran, Mahadevan, "Ontology of Secure Service Level Agreement," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.166, 172, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.33 Maintaining security and privacy in the Cloud is a complex task. The task is made even more challenging as the number of vulnerabilities associated with the cloud infrastructure and applications are increasing very rapidly. Understanding the security service level agreements (SSLAs) and privacy policies offered by service and infrastructure providers is critical for consumers to assess the risks of the Cloud before they consider migrating their IT operations to the Cloud. To address these concerns relative to the assessment of security and privacy risks of the Cloud, we have developed ontologies for representing security SLAs (SSLA) in this paper. Our ontologies for SSLAs can be used to understand the security agreements of a provider, to negotiate desired security levels, and to audit the compliance of a provider with respect to federal regulations (such as HIPAA).
Keywords: Business; Cloud computing; Facebook; Monitoring; Ontologies; Privacy; Security; SLA; SSLA; cloud computing; security; service level agreement (ID#: 15-4788)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027428&isnumber=7027398

 

Aghaei-Foroushani, Vahid; Zincir-Heywood, A.Nur, "A Proxy Identifier Based on Patterns in Traffic Flows," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.118, 125, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.26 Proxies are used commonly on today's Internet. On one hand, end users can choose to use proxies for hiding their identities for privacy reasons. On the other hand, ubiquitous systems can use it for intercepting the traffic for purposes such as caching. In addition, attackers can use such technologies to anonymize their malicious behaviours and hide their identities. Identification of such behaviours is important for defense applications since it can facilitate the assessment of security threats. The objective of this paper is to identify proxy traffic as seen in a traffic log file without any access to the proxy server or the clients behind it. To achieve this: (i) we employ a mixture of log files to represent real-life proxy behavior, and (ii) we design and develop a data driven machine learning based approach to provide recommendations for the automatic identification of such behaviours. Our results show that we are able to achieve our objective with a promising performance even though the problem is very challenging.
Keywords: Cryptography; Delays; IP networks; Probes; Web servers; Behavior Analysis; Network Security; Proxy; Traffic Flow (ID#: 15-4789)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027422&isnumber=7027398

 

Emami-Taba, Mahsa; Amoui, Mehdi; Tahvildari, Ladan, "Strategy-Aware Mitigation Using Markov Games for Dynamic Application-Layer Attacks," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.134,141, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.28 Targeted and destructive nature of strategies used by attackers to break down the system require mitigation approaches with dynamic awareness. In the domain of adaptive software security, the adaptation manager of a self-protecting software is responsible for selecting countermeasures to prevent or mitigate attacks immediately. Making a right decision in each and every situation is one of the most challenging aspects of engineering self-protecting software systems. Inspired by the game theory, in this research work, we model the interactions between the attacker and the adaptation manager as a two-player zero-sum Markov game. Using this game-theoretic approach, the adaptation manager can refine its strategies in dynamic attack scenarios by utilizing what has learned from the system's and adversary's actions. We also present how this approach can be fitted to the well-known MAPE-K architecture model. As a proof of concept, this research conducts a study on a case of dynamic application-layer denial of service attacks. The simulation results demonstrate how our approach performs while encountering different attack strategies.
Keywords: Adaptation models; Computer crime; Game theory; Games; Markov processes; Adaptive Security; Dynamic Application-Layer Attacks; Game Theory; Markov Games (ID#: 15-4790)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027424&isnumber=7027398

 

Ceccarelli, Andrea; Mori, Marco; Lollini, Paolo; Bondavalli, Andrea, "Introducing Meta-Requirements for Describing System of Systems," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.150, 157, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.31 Complex, evolutionary systems operating in an open world can be seen as a composition of components which interact each other in order to fulfill their requirements. Following this vision, Systems of Systems (SoSs) literature aims at supporting the life of such complex systems taking into account key viewpoints such as emergence, time, mobility, evolution, dynamicity. Although different attempts can be found in the literature to address mostly specific viewpoints separately, it is still missing a unifying approach to analyze the whole set of viewpoints and their relationships, based on the identification of meta-requirements that can be exploited to describe any System of Systems (SoS). To this end, we developed a unifying meta-requirements model to describe SoSs viewpoints and relate them. The model is meant to be used to support the derivation of the requirements for any SoS. This paper introduces the problem, and presents the main notions of the meta-requirements model with the support of a domain-specific scenario.
Keywords: Cascading style sheets; Measurement; Rail transportation; Security; Semantics; Standards; Systems engineering and theory; AMADEOS; RUMI; System of Systems; dynamicity; emergence; evolution; requirement model (ID#: 15-4791)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027426&isnumber=7027398

 

Xie, Mengjun; Li, Yanyan; Yoshigoe, Kenji; Seker, Remzi; Bian, Jiang, "CamAuth: Securing Web Authentication with Camera," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.232,239, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.41 Frequent outbreak of password database leaks and server breaches in recent years manifests the aggravated security problems of web authentication using only password. Two-factor authentication, despite being more secure and strongly promoted, has not been widely applied to web authentication. Leveraging the unprecedented popularity of both personal mobile devices (e.g., Smartphones) and barcode scans through camera, we explore a new horizon in the design space of two-factor authentication. In this paper, we present Cam Auth, a web authentication scheme that exploits pervasive mobile devices and digital cameras to counter various password attacks including man-in-the-middle and phishing attacks. In Cam Auth, a mobile device is used as the second authentication factor to vouch for the identity of a use who is performing a web login from a PC. The device communicates directly with the PC through the secure visible light communication channels, which incurs no cellular cost and is immune to radio frequency attacks. Cam Auth employs public-key cryptography to ensure the security of authentication process. We implemented a prototype system of Cam Auth that consists of an Android application, a Chrome browser extension, and a Java-based web server. Our evaluation results indicate that Cam Auth is a viable scheme for enhancing the security of web authentication.
Keywords: Authentication; Browsers; DH-HEMTs; Servers; Smart phones (ID#: 15-4792)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027436&isnumber=7027398

 

Relan, Neha G.; Patil, Dharmaraj R., "Implementation of Network Intrusion Detection System Using Variant Of Decision Tree Algorithm," Nascent Technologies in the Engineering Field (ICNTE), 2015 International Conference on, pp.1, 5, 9-10 Jan. 2015. doi: 10.1109/ICNTE.2015.7029925 As the need of internet is increasing day by day, the significance of security is also increasing. The enormous usage of internet has greatly affected the security of the system. Hackers do monitor the system minutely or keenly, therefore the security of the network is under observation. A conventional intrusion detection technology indicates more limitation like low detection rate, high false alarm rate and so on. Performance of the classifier is an essential concern in terms of its effectiveness; also number of feature to be examined by the IDS should be improved. In our work, we have proposed two techniques, C4.5 Decision tree algorithm and C4.5 Decision tree with Pruning, using feature selection. In C4.5 Decision tree with pruning we have considered only discrete value attributes for classification. We have used KDDCup'99 and NSL_KDD dataset to train and test the classifier. The Experimental Result shows that, C4.5 decision tree with pruning approach is giving better results with all most 98% of accuracy.
Keywords: Accuracy; Classification algorithms; Data mining; Decision trees; Intrusion detection; Testing; Training; Accuracy etc.; Classification Algorithms; False Negative (FN); False Positive (FP); IDS; KDD; NSL_KDD; Pruning; True Negative(TN);True positive (TP) (ID#: 15-4793)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7029925&isnumber=7029899

 

Pandurang, Rathod Mahesh; Karia, Deepak C., "Performance Measurement of WEP and WPA2 on WLAN Using OpenVPN," Nascent Technologies in the Engineering Field (ICNTE), 2015 International Conference on, pp.1,4, 9-10 Jan. 2015. doi: 10.1109/ICNTE.2015.7029939 With the advancement of wireless networking many serious security issues have been raised. Because of broadcast nature in wireless networks, various attacks such as eavesdropping, Denial of Service, Session hijacking is very much possible. To encounter these attacks various encryption standards such as Wired Equivalent Privacy (WEP) and 802.11i (WPA2) have been deployed along with it Virtual Private Networks (VPNs) have also provided an important solution to security threats that surrounds the use of public networks for private communications. In this paper performance measurement of WEP and WPA2 on wireless local area networks (WLANs) using OpenVPN based on various performance metrics such as throughput, latency and frame loss rate will be done.
Keywords: Encryption; Loss measurement; Standards; Throughput; Wireless LAN; IEEE 802.11i standard (WPA2); OpenVPN; Wired Equivalent Privacy (WEP); frame loss rate; throughput (ID#: 15-4794)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7029939&isnumber=7029899

 

Hawkins, Richard; Habli, Ibrahim; Kolovos, Dimitris; Paige, Richard; Kelly, Tim, "Weaving an Assurance Case from Design: A Model-Based Approach," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.110, 117, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.25 Assurance cases are used to demonstrate confidence in properties of interest for a system, e.g. For safety or security. A model-based assurance case seeks to bring the benefits of model-driven engineering, such as automation, transformation and validation, to what is currently a lengthy and informal process. In this paper we develop a model-based assurance approach, based on a weaving model, which allows integration between assurance case, design and process models and meta-models. In our approach, the assurance case itself is treated as a structured model, with the aim that all entities in the assurance case become linked explicitly to the models that represent them. We show how it is possible to exploit the weaving model for automated generation of assurance cases. Building upon these results, we discuss how a seamless model-driven approach to assurance cases can be achieved and examine the utility of increased formality and automation.
Keywords: Analytical models; Automation; Control systems; Cryptography; Weaving; arguments; assurance cases; model-driven engineering; safety cases; weaving (ID#: 15-4795)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027421&isnumber=7027398

 

Li, Xiaohua; Yang, Thomas, "Signal Processing Oriented Approach for Big Data Privacy," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.275, 276, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.23 This paper addresses the challenge of big data security by exploiting signal processing theories. We propose a new big data privacy protocol that scrambles data via artificial noise and secret transform matrices. The utility of the scrambled data is maintained, as demonstrated by a cyber-physical system application. We further outline the proof of the proposed protocol's privacy by considering the limitations of blind source separation and compressive sensing.
Keywords: Big data; Data privacy; Noise; Power demand; Protocols; Vectors; big data; cyber-physical systems; privacy; signal processing
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027443&isnumber=7027398

 

Yan, Haixing; Fang, Huixing; Kuka, Christian; Zhu, Huibiao, "Verification for OAuth Using ASLan++," High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, pp.76, 84, 8-10 Jan. 2015. doi: 10.1109/HASE.2015.20 Over the past few years, OAuth has become an open authorization standard that is being adopted by a growing number of sites such as Twitter, Facebook and Google. It allows users to grant a third-party application access to restricted resources without providing their credentials. However, ensuring the correctness of implementations of OAuth in applications brings multiple concerns. Therefore, it is crucial to verify OAuth with an exhaustive examination by utilizing formal methods. In this paper, we first formalize OAuth with ASLan++ on the AVANTSSAR platform and propose several fundamental security properties on it which are specified using extended Linear Temporal Logic (LTL) formulas. In a second step, we use a SAT-based Model-Checker (SATMC) to verify whether OAuth violates these properties. As a result, we reveal three attacks which steal and falsify users' critical information.
Keywords: Authentication; Authorization; Browsers; Facebook; Protocols; Servers; ASLan++; Modeling; Oauth; SATMC; Verification (ID#: 15-4796)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027417&isnumber=7027398

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.