International Security Related Conferences
 |
International Security Related Conferences |
The following pages provide highlights on Science of Security related research presented at the following International Conferences.
(ID#: 15-7300)
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.
International Conferences: CYBCONF 2015, Poland
|
International Conferences: CYBCONF 2015 Poland |
The 2015 IEEE 2nd International Conference on Cybernetics (CYBCONF) was held 24-26 June 2015 in Gdynia, Poland. The conference had several main tracks and special sessions, including Control Systems and Robotics, Artificial Intelligence, Knowledge-Based Systems, Machine Learning, Machine Vision, Computational Intelligence, Swarm Intelligence, Cognitive Systems, Neural Networks, Medical and Health Informatics, and Smart Applications.
Sparrow, R.D.; Adekunle, A.A.; Berry, R.J.; Farnish, R.J., “Balancing Throughput and Latency for an Aerial Robot over a Wireless Secure Communication Link,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 184-189, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175929
Abstract: With the requirement for remote control of unmanned aerial vehicles (UAV) becoming more frequent in scenarios where the environment is inaccessible or hazardous to human beings (e.g. disaster recovery); remote functionality of a UAV is generally implemented over wireless networked control systems (WNCS). The nature of the wireless broadcast allows attackers to exploit security vulnerabilities through passive and active attacks; consequently, cryptography is often selected as a countermeasure to the aforementioned attacks. This paper analyses simulation undertaken and proposes a model to balance the relationship between throughput and latency for a secure multi-hop communication link. Results obtained indicate that throughput is more influential up to two hops from the initial transmitting device; conversely, latency is the determining factor after two hops.
Keywords: autonomous aerial vehicles; control engineering computing; cryptography; mobile communication; networked control systems; UAV; WNCS; active attacks; aerial robot; latency balancing; passive attacks; remote control; remote functionality; secure multihop communication link; security vulnerabilities; throughput balancing; unmanned aerial vehicles; wireless broadcast; wireless networked control systems; wireless secure communication link; Communication system security; Correlation; Mathematical model; Predictive models; Security; Throughput; Wireless communication; Latency; Security; Throughput; Unmanned Aerial Vehicles; Wireless (ID#: 15-6457)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175929&isnumber=7175890
Abraham, S.; Nair, S., “Exploitability Analysis Using Predictive Cybersecurity Framework,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 317-323, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175953
Abstract: Managing Security is a complex process and existing research in the field of cybersecurity metrics provide limited insight into understanding the impact attacks have on the overall security goals of an enterprise. We need a new generation of metrics that can enable enterprises to react even faster in order to properly protect mission-critical systems in the midst of both undiscovered and disclosed vulnerabilities. In this paper, we propose a practical and predictive security model for exploitability analysis in a networking environment using stochastic modeling. Our model is built upon the trusted CVSS Exploitability framework and we analyze how the atomic attributes namely Access Complexity, Access Vector and Authentication that make up the exploitability score evolve over a specific time period. We formally define a nonhomogeneous Markov model which incorporates time dependent covariates, namely the vulnerability age and the vulnerability discovery rate. The daily transition-probability matrices in our study are estimated using a combination of Frei's model & Alhazmi Malaiya's Logistic model. An exploitability analysis is conducted to show the feasibility and effectiveness of our proposed approach. Our approach enables enterprises to apply analytics using a predictive cyber security model to improve decision making and reduce risk.
Keywords: Markov processes; authorisation; decision making; risk management; access complexity; access vector; authentication; daily transition-probability matrices; decision making; exploitability analysis; nonhomogeneous Markov model; predictive cybersecurity framework; risk reduction; trusted CVSS exploitability framework; vulnerability age; vulnerability discovery rate; Analytical models; Computer security; Markov processes; Measurement; Predictive models; Attack Graph; CVSS; Markov Model; Security Metrics; Vulnerability Discovery Model; Vulnerability Lifecyle Model (ID#: 15-6458)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175953&isnumber=7175890
Szpyrka, M.; Szczur, A.; Bazan, J.G.; Dydo, L., “Extracting of Temporal Patterns from Data for Hierarchical Classifiers Construction," in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 330-335, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175955
Abstract: A method of automatic extracting of temporal patterns from learning data for constructing hierarchical behavioral patterns based classifiers is considered in the paper. The presented approach can be used to complete the knowledge provided by experts or to discover the knowledge automatically if no expert knowledge is accessible. Formal description of temporal patterns is provided and an algorithm for automatic patterns extraction and evaluation is described. A system for packet-based network traffic anomaly detection is used to illustrate the considered ideas.
Keywords: computer network security; data mining; learning (artificial intelligence); pattern classification; temporal logic; automatic pattern extraction; data temporal pattern extraction; hierarchical behavioral pattern; hierarchical classifier construction; knowledge discovery; learning data; packet-based network traffic anomaly detection; Clustering algorithms; Data mining; Decision trees; Entropy; Petri nets; Ports (Computers); Servers; LTL logic; feature extraction; hierarchical classifiers; network anomaly detection; temporal patterns (ID#: 15-6459)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175955&isnumber=7175890
Hermanowski, D., “Open Source Security Information Management System Supporting IT Security Audit,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 336-341, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175956
Abstract: Nowadays, assuring security of computer systems becomes difficult due to the rapid development of IT technologies, even in household appliances. This article shows exemplary model of the IT security monitoring and management system. Proposed solution is aimed to collect security events, analyse them, assess the risk they bring and inform the administrator about them in order to take appropriate decision to mitigate potential security incident. This system is based on open source code toolset. This toolset was studied, tested and examined in the context of the whole system. These tools were configured and an additional code was developed in order to achieve synergy effect from adopting various techniques aimed at network monitoring and system security.
Keywords: auditing; information management; public domain software; security of data; IT security audit; IT security management system; IT security monitoring; IT technologies; computer systems; household appliances; network monitoring; open source code toolset; open source security information management system; security events; security incident; synergy effect; system security; Correlation; Databases; Malware; Monitoring; Ports (Computers); Servers; IT audit; OSSIM; SIEM; computer security; monitoring; open source (ID#: 15-6460)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175956&isnumber=7175890
Goswami, S.; Chakrabarti, A.; Chakraborty, B., “Analysis of Correlation Structure of Data Set for Efficient Pattern Classification,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 24-29, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175901
Abstract: Pattern classification or clustering plays important role in a wide variety of applications in different areas like psychology and other social sciences, biology and medical sciences, pattern recognition and data mining. A lot of algorithms for supervised or unsupervised classification have been developed so far in order to achieve high classification accuracy with lower computational cost. However, some methods or algorithms work well for some of the data sets and perform poorly on others. For any particular data set, it is difficult to find out the most suitable algorithm without some random trial and error process. It seems that the characteristics of the data set might have some influence on the algorithm for classification. In this work, the data set characteristics is studied in terms of intra attribute relationship and a measure MVS (multivariate score) has been proposed to quantify and group different data sets on the basis of the correlation structure into strong independent, weak independent, weak correlated and strong correlated data set. The performance of different feature selection algorithms on different groups of data are studied by simulation experiments with 63 publicly available bench mark data sets. It has been verified that univariate methods lead to significant performance gain for strong independent data set compared to multivariate methods while multivariate methods have better performance for strong correlated data sets.
Keywords: data analysis; feature selection; pattern classification; pattern clustering; MVS; correlation structure analysis; data set characteristics; feature selection algorithms; intra attribute relationship; multivariate methods; multivariate score; pattern classification; pattern clustering; strong correlated data set; strong independent data set; univariate methods; weak correlated data set; weak independent data set; Accuracy; Classification algorithms; Clustering algorithms; Correlation; Data models; Histograms; Iris; Pattern classification algorithm; correlation structure. (ID#: 15-6461)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175901&isnumber=7175890
Qiangfu Zhao, “Aware System, Aware Unit and Aware Logic,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 42-47, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175904
Abstract: In recent years, various aware systems have been developed in the context of ubiquitous computing to improve the quality of services (QoS). The ultimate goal of awareness computing (AC) is to establish a win-win relation between producers and consumers. On the other hand, the main purpose of computational awareness (CA) is to understand the mechanism of awareness in human or animal brains, so that awareness, consciousness, and even intelligence can be realized step-by-step in computing machines. In this paper, we first provide a formal definition of aware systems, and then consider a way to build interpretable aware systems based on 3-valued logic. Some primary experiments show that it is possible to realize interpretable aware systems via discretizing multilayer feedforward neural network.
Keywords: formal logic; multilayer perceptrons; quality of service; ubiquitous computing; 3-valued logic; QoS; animal brain; aware logic; aware unit; awareness computing; computational awareness; computing machine; formal definition; human brain; interpretable aware system; multilayer feedforward neural network; quality of services; ubiquitous computing; win-win relation; Context; Context modeling; Gold; Inductors; Neurons; Sensors; Training; Computational awareness; aware logic; aware system; (ID#: 15-6462)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175904&isnumber=7175890
Tzung-Pei Hong; Ling-I Huang; Wen-Yang Lin; Yu-Yang Liu; Chakraborty, G., “Dynamic Migration in Multiple Ant Colonies,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, pp. 146-150, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175922
Abstract: Multi-population-based bio-inspired computation may use migration among groups to increase the search diversity. Through good solutions exchanged among sub-populations, better solutions may be found with a high probability. In this paper, we propose two algorithms to dynamically adjust the two primary parameters, migration interval and migration rate, for flexibly reflect solution situation for effective migration. The first algorithm only dynamically changes the migration interval, and the second considers both interval and rate. We will examine how the dynamic migration strategies affect the quality of solutions in the experiments.
Keywords: ant colony optimisation; search problems; dynamic migration strategies; migration interval; migration rate; multiple ant colonies; multipopulation-based bioinspired computation; search diversity; solution situation; Ant colony optimization; Computer science; Genetic algorithms; Heuristic algorithms; Particle swarm optimization; Sociology; Statistics; Ant Colony System; Bio-Inspired Computation; Dynamic Migration; Multiple Population (ID#: 15-6463)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175922&isnumber=7175890
Anh Duc Dang; Horn, J., “Formation Control of Autonomous Robots Following Desired Formation During Tracking a Moving Target,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 160-165, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175925
Abstract: In this paper, we propose a novel method for control the formation of the autonomous robots following to the desired formations during tracking a moving target under the influence of the dynamic environment. The V-shape formation is used to track a moving target when the distance from this formation to the target is longer than the target approaching radius. Furthermore, when the leader moves in the target approaching range, the circling shape formation is used to encircle the target. The motion of the robots to the optimal positions in the desired formations are controlled by the artificial force fields, which consist of local and global potential fields around the virtual nodes in the desired formations. Using the global attractive force field around the target, the formation of robots is always driven towards the target position. Moreover, using the repulsive/rotational vector fields in the obstacle avoiding controller, robots can easily escape the obstacle without collisions. The success of the proposed method is verified in simulations.
Keywords: collision avoidance; mobile robots; motion control; multi-robot systems; optimal control; target tracking; V-shape formation; artificial force fields; autonomous robots; circling shape formation; dynamic environment; formation control; global attractive force field; global potential fields; local potential fields;moving target tracking; obstacle avoiding controller; optimal positions; repulsive vector fields; robots motion; rotational vector fields; swarm intelligence; virtual nodes; Collision avoidance; Dynamics; Force; Robot kinematics; Target tracking; Formation control; artificial vector fields; collision avoidance; swarm intelligence (ID#: 15-6464)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175925&isnumber=7175890
Kempa, W.M., “Study on Time-Dependent Departure Process in a Finite-Buffer Queueing Model with BMAP-Type Input Stream,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 245-250, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175940
Abstract: Transient departure process of outgoing packets in a finite-buffer queueing model with the BMAP-type input stream and generally distributed processing times is investigated. Applying the paradigm of embedded Markov chain and the total probability law, a system of integral equations for the distribution function of the number of packets successfully processed up to fixed time t; conditioned by the initial level of buffer saturation and the state of the underlying Markov chain, is obtained. The solution of the corresponding system written for the mixed double transforms is found in a compact form by utilizing the approach based on linear and matrix algebra. Remarks on numerical treatment of analytical results and computational example are attached as well.
Keywords: Markov processes; matrix algebra; probability; queueing theory; BMAP-type input stream; buffer saturation; distributed processing times; distribution function; embedded Markov chain; finite-buffer queueing model; linear algebra; matrix algebra; time-dependent departure process; total probability law; Integral equations; Markov processes; Mathematical model; Matrices; Probability distribution; Transforms; Transient analysis; BMAP-type arrival stream; departure process; finite buffer; queueing system; transient analysis (ID#: 15-6465)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175940&isnumber=7175890
Hadorn, B.; Courant, M.; Hirsbrunner, B., “Holistic Integration of Enactive Entities into Cyber Physical Systems,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 281-286, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175947
Abstract: Cyber physical systems (CPSs) are built of physical components that are integrated into the cyber (virtual) world of computing. Whereas there are many open questions and challenges, such as time modeling, interaction between cyber and physical components, our research focuses on how humans can be holistically integrated. Our vision is to link human intelligence with CPS in order to get a smart partner for daily human activities. This will bring new system characteristics enabling to cope with self-awareness, cognition and creativity as well as the co-evolution of human-machine-symbiosis. In this sense, we state that drawing borders between virtual and physical or between users and technical artifacts is misleading. In contrast to that, we aim to treat the system as a whole. To achieve this, the paper presents a generic coordination model based on third-order cybernetics. In particular, the holistic integration of humans and other living systems into CPSs is presented, which leads toward human-centered CPSs.
Keywords: human computer interaction; cyber physical systems; enactive entities; generic coordination model; holistic integration; human-centered CPS; living systems; third-order cybernetics; Collaboration; Complexity theory; Cybernetics; Electronic mail; Informatics; Joining processes; Organizations; Coordination model; cybernetics; enactive entities; holistic integration; human-centered cyber physical system (ID#: 15-6466)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175947&isnumber=7175890
Suchacka, G.; Sobkow, M., “Detection of Internet Robots Using a Bayesian Approach,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp.365-370, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175961
Abstract: A large part of Web traffic on e-commerce sites is generated not by human users but by Internet robots: search engine crawlers, shopping bots, hacking bots, etc. In practice, not all robots, especially the malicious ones, disclose their identities to a Web server and thus there is a need to develop methods for their detection and identification. This paper proposes the application of a Bayesian approach to robot detection based on characteristics of user sessions. The method is applied to the Web traffic from a real e-commerce site. Results show that the classification model based on the cluster analysis with the Ward's method and the weighted Euclidean metric is very effective in robot detection, even obtaining accuracy of above 90%.
Keywords: Bayes methods; Internet; Web sites; electronic commerce; invasive software; pattern classification; pattern clustering; telecommunication traffic; Bayesian approach; Internet robots detection; Internet robots identification; Ward method; Web server; Web traffic; classification model; cluster analysis; e-commerce sites; hacking bots; malicious robots; search engine crawlers; shopping bots; user sessions characteristics; weighted Euclidean metric; Bayes methods; Correlation; Euclidean distance; Internet; Robots; Testing; Bayesian approach; Bayesian statistics; Internet robot; Matlab; Web bot; Web mining; Web robot detection; Web server; Web traffic; cluster analysis; correlation analysis; data mining; e-commerce; log file analysis (ID#: 15-6467)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175961&isnumber=7175890
Jianjia Pan; Xianwei Zheng; Lina Yang; Yulong Wang; Haoliang Yuan; Yuan Yan Tang, “A Forecasting Method Based on Extrema Mean Empirical Mode Decomposition and Wavelet Neural Network,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 377-381, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175963
Abstract: Time series forecasting is a widely and important research area in signal processing and machine learning. With the development of the artificial intelligence (AI), more and more AI technologies are used in time series forecasting. Multi-layer network structure has been widely used for forecasting problems. In this paper, based on a data-driven and adaptive method, extrema mean empirical mode decomposition, we proposed a decomposition-forecasting-ensemble approach to time series forecasting. Experimental result shows the prediction result by proposed models are better than original signal and EMD based models.
Keywords: forecasting theory; learning (artificial intelligence); signal processing; time series; wavelet neural nets; AI technology; EMD based model; adaptive method; artificial intelligence; data-driven; decomposition-forecasting-ensemble approach; extrema mean empirical mode decomposition; forecasting method; forecasting problem; machine learning; multilayer network structure; signal processing; time series forecasting; wavelet neural network; Empirical mode decomposition; Forecasting; Indexes; Market research; Neural networks; Predictive models; Time series analysis; empirical mode decomposition; forecasting; wavelet neural network (ID#: 15-6468)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175963&isnumber=7175890
Czarnul, P.; Rosciszewski, P.; Matuszek, M.; Szymanski, J., “Simulation of Parallel Similarity Measure Computations for Large Data Sets,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp. 472-477, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175980
Abstract: The paper presents our approach to implementation of similarity measure for big data analysis in a parallel environment. We describe the algorithm for parallelisation of the computations. We provide results from a real MPI application for computations of similarity measures as well as results achieved with our simulation software. The simulation environment allows us to model parallel systems of various sizes with various components such as CPUs, GPUs, network interconnects, and model parallel applications in a meta language. The simulations allow us to determine in details how computations will be performed on a particular hardware. They also allow to predict the shapes of time curves beyond the area where empirical results can be obtained due to limited computational resources such as memory capacity.
Keywords: Big Data; data analysis; digital simulation; message passing; parallel processing; Big Data analysis; MPI application; parallel similarity measure; parallelisation algorithm; simulation software; Algorithm design and analysis; Big data; Clustering algorithms; Computational modeling; Data models; Hardware; big data analysis; distance based categorisation; simulation of parallelization. (ID#: 15-6469)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175980&isnumber=7175890
Kasprzak, W.; Stefanczyk, M.; Wilkowski, A., “Printed Steganography Applied for the Authentication of Identity Photos in Face Verification,” in Cybernetics (CYBCONF), 2015 IEEE 2nd International Conference on, vol., no., pp.512-517, 24-26 June 2015. doi:10.1109/CYBConf.2015.7175987
Abstract: Steganography methods are proposed for the authentication of the holder's photo in an ICAO-consistent (travel) document. The embedded message is heavily influenced by the print-scan process, as the electronic image is first printed to be included into the document (or identity card) and is scanned next to constitute the reference template in an automatic face verification procedure. Two sufficiently robust steganography methods are designed, modifications of the “Fujitsu method” and the “triangle net” method. A third method, a commercial Digimarc tool is also applied. The methods are tested w.r.t. to face image authentication ability in a face verification procedure, using two commercial biometric SDK-s. Test results demonstrate the feasibility in biometric verification and high authentication quality of proposed approach.
Keywords: biometrics (access control); face recognition; steganography; Digimarc tool; Fujitsu method; ICAO-consistent travel document; biometric SDK-s; biometric verification; electronic image; face image authentication; face verification; identity photo authentication; print-scan process; printed steganography; triangle net method; Authentication; Biomedical imaging; Correlation; Distortion; Face; Testing; Watermarking; face biometrics; image authentication; printed steganography. (ID#: 15-6470)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7175987&isnumber=7175890
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.
International Conferences: Chinese Control and Decision Conference (CCDC), Qingdao, China, 2015
|
International Conferences: Chinese Control and Decision Conference (CCDC) Qingdao, China, 2015 |
The 27th Chinese Control and Decision Conference (CCDC) was held in Qingdao, China on 23-25 May 2015. This is a very large conference focused on trends in control, decision, automation, robotics, and emerging technologies. More than 1200 papers were selected for presentation. The ones cited here are relevant to the Science of Security. They have implications for cyber-physical systems, resilience, and compositionality.
Lin Pan; Voos, H.; Yumei Li; Darouach, M.; Shujun Hu, “Uncertainty Quantification of Exponential Synchronization for a Novel Class of Complex Dynamical Networks with Hybrid TVD Using PIPC,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 125-130, 23-25 May 2015. doi:10.1109/CCDC.2015.7161678
Abstract: This paper investigates the Uncertainty Quantification (UQ) of Exponential Synchronization (ES) problems for a new class of Complex Dynamical Networks (CDNs) with hybrid Time-Varying Delay (TVD) and Non-Time-Varying Delay (NTVD) nodes by using coupling Periodically Intermittent Pinning Control (PIPC) which has three switched intervals in every period. Based on Kronecker product rules, Lyapunov Stability Theory (LST), Cumulative Distribution Function (CDF), and PIPC method, the robustness of the control algorithm with respect to the value of the final time is studied. Moreover, we assume a normal distribution for the time and used the Stochastic Collocation (SC) method [1] with different values of nodes and collocation points to quantify the sensitivity. For different numbers of nodes, the results show that the ES errors converge to zero with a high probability. Finally, to verify the effectiveness of our theoretical results, Nearest-Neighbor Network (NNN) and Barabási-Albert Network (BAN) consisting of coupled non-delayed and delay Chen oscillators are studied and to demonstrate that the accuracies of the ES and PIPC are robust to variations of time.
Keywords: Lyapunov methods; complex networks; convergence; delays; large-scale systems; normal distribution; periodic control; robust control; stochastic processes; switching systems (control); synchronisation; BAN; Barabási-Albert Network; CDF; CDN; Kronecker product rule; LST; Lyapunov stability theory; NNN; NTVD node; PIPC method; collocation points; complex dynamical network; control algorithm robustness; cumulative distribution function; delay Chen oscillator; error convergence; exponential synchronization problem; hybrid TVD; hybrid time-varying delay; nearest-neighbor network; nondelayed Chen oscillator; nontime-varying delay; normal distribution; periodically intermittent pinning control; probability; sensitivity quantification; stochastic collocation method; switched interval; time variation; uncertainty quantification; Artificial neural networks; Chaos; Couplings; Delays; Switches; Synchronization; Complex Dynamical Networks (CDNs); Exponential Synchronization (ES); Periodically Intermittent Pinning Control (PIPC);Time-varying Delay (TVD) (ID#: 15-7148)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7161678&isnumber=7161655
Bin Liu; Feng Liu; Shengwei Mei, “Modeling and Analysis of Stochastic AC-OPF Based on SDP Relaxation Technique,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 5471-5475, 23-25 May 2015. doi:10.1109/CCDC.2015.7161772
Abstract: Optimal power flow (OPF) is the foundation for many power system optimization problems, of which the modeling and solution methodology has always been a hot topic in this research area. Recently, convex relaxation technique to solve AC constrained OPF (AC-OPF) has attracted wide attention as its ability to find global optima and polynomial-time computation complexity. However, existing models in this research area are mostly formulated as deterministic problem without considering wind power generation uncertainty which has brought great challenges to power systems' operation, especially scheduling. Based on the semidefinite (SDP) relaxation technique to solve AC-OPF problem, we built a stochastic AC-OPF model and proposed its solution methodology to cope with wind power generation uncertainty in this paper. The case study based on the modified IEEE 14 bus system showed the proposed method's rationality and effectiveness to improve the system's security, reliability and capability to integrate wind power generation.
Keywords: IEEE standards; computational complexity; convex programming; load flow; power generation reliability; power generation scheduling; power system security; stochastic programming; wind power; AC constrained OPF; IEEE 14 bus system security improvement; SDP relaxation technique; convex relaxation technique; optimal power flow; polynomial-time computation complexity; power generation scheduling; power generation uncertainty; power system optimization problem; power system reliability; semidefinite relaxation technique; stochastic AC-OPF analysis; wind power generation uncertainty; Generators; Load flow; Reactive power; Stochastic processes; Uncertainty; Wind power generation; AC constrained; OPF; SDP optimization; stochastic optimization; uncertainty (ID#: 15-7149)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7161772&isnumber=7161655
Yumei Li; Voos, H.; Lin Pan; Darouach, M.; Changchun Hua, “Stochastic Cyber-Attacks Estimation for Nonlinear Control Systems Based on Robust H∞ Filtering Technique,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 5590-5595, 23-25 May 2015. doi:10.1109/CCDC.2015.7161795
Abstract: Based on robust H∞ filtering technique, this paper presents the cyber-attacks estimation problem for nonlinear control systems under stochastic cyber-attacks and disturbances. A nonlinear H∞ filter that maximize the sensitivity of the cyber-attacks and minimize the effect of the disturbances is designed. The nonlinear filter is required to be robust to the disturbances and the residual need to remain the sensitivity of the attacks as much as possible. Applying linear matrix inequality (LMI), the sufficient conditions guaranteeing the H∞ filtering performance are obtained. Simulation results demonstrate that the designed nonlinear filter efficiently solve the robust estimation problem of the stochastic cyber-attacks.
Keywords: H∞ filters; estimation theory; linear matrix inequalities; nonlinear control systems; nonlinear filters; robust control; security of data; stochastic processes; LMI; linear matrix inequality; nonlinear control system; nonlinear filter design; robust H∞ filtering technique; stochastic cyber-attack estimation; Actuators; Estimation; Noise; Robustness; Sensitivity; Stochastic processes; H∞ filter; stochastic cyber-attacks; stochastic nonlinear system (ID#: 15-7150)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7161795&isnumber=7161655
Guibin Lei; Shuqing Wang; Wenfang Wang; Canping Li, “Robot Monitoring System of Ocean Remote Sensing Satellite Receiving Station,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 5757-5761, 23-25 May 2015. doi:10.1109/CCDC.2015.7161832
Abstract: Security is a basic need of system and it is one of core technology of remote controlled system. Robot monitoring system of ocean remote sensing satellite receiving station includes robot, cloud computing system and remote terminals. Robot acquires real-time image of controlled system and operates it; cloud computing system build visual decision subsystem to identify the target using wavelet transform algorithm, neural network algorithm and knowledge database of features video of specific environmental; using remote terminal administrator observes the controlled system through its scene simulator and control robot to operate it remotely. Using technology of the pseudo-random number password, technology of mutual authentication to prevent cloning site, technology of conversion between the image of controlled system and its status code and technology of conversion between operation codes and operation instructions, the security strength of the robot monitoring system is improved greatly.
Keywords: cloud computing; computerised monitoring; control engineering computing; geophysical image processing; neural nets; oceanographic techniques; remote sensing; robot vision; security of data; telerobotics; wavelet transforms; cloud computing system; knowledge database; mutual authentication; neural network algorithm; ocean remote sensing satellite receiving station; pseudorandom number password; real-time image; remote controlled system; robot monitoring system; security; visual decision subsystem; wavelet transform algorithm; Control systems; Feature extraction; Monitoring; Remote sensing; Robot sensing systems; Satellites; monitoring system; robot; security strength; visual decision subsystem (ID#: 15-7151)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7161832&isnumber=7161655
Shao-Ting Ge; Zhimin Liu; Aiying Mao; Lijuan Kang; Chunhua He, “Mathematical Model of Discrete Logic Bomb with Time-Delay in the Computer Networks,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 705-710, 23-25 May 2015. doi:10.1109/CCDC.2015.7162011
Abstract: In order to describe the dynamic characteristic of logic bomb virus in computer networks, the mathematical model of discrete logic bomb viruses is established. Firstly the disease-free equilibrium and the disease equilibrium are derived from the mathematical model. Then the asymptotic stability of the disease-free equilibrium is proved. And then the asymptotically stable conditions of the disease equilibrium is given by using the disc theorem. And the stable conditions are effective.
Keywords: computer network security; computer viruses; delays; asymptotically stable conditions; computer networks; disc theorem; discrete logic bomb viruses; disease equilibrium; disease-free equilibrium; mathematical model; time-delay; Analytical models; Asymptotic stability; Computational modeling; Computers; Diseases; Mathematical model; Weapons; discrete systems; logic bomb virus; stability (ID#: 15-7152)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162011&isnumber=7161655
Jianzhi Liu; Cailian Chen; Shichao Mi; Xinping Guan, “Secure Distributed Estimation of Radio Environment Map in Hierarchical Wireless Cognitive Radio Networks,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 1476-1481, 23-25 May 2015. doi:10.1109/CCDC.2015.7162152
Abstract: Radio Environment Map (REM) is a map which indicates the radio signal strength (RSS) over a geographical region. With the help of REM, Cognitive Radio (CR) users can opportunistically access the licensed spectrum. Distributed cooperative REM estimation is vulnerable to malicious sensors that submits false sensing reports. In this paper, we develop a secure distributed scheme to estimate the REM in hierarchical wireless CR networks. We formulate the estimation process as a LS problem with two ii-norm constraints using the basis pursuit approach. Reputation factors are introduced to further improve the estimation accuracy. Our scheme enables joint valid estimation result and malicious sensor identification. The performance of the proposed scheme is confirmed by extensive simulation studies.
Keywords: cognitive radio; signal processing; telecommunication security; CR users; REM; RSS; distributed cooperative REM estimation; estimation accuracy; geographical region; hierarchical wireless CR networks; hierarchical wireless cognitive radio networks; joint valid estimation; licensed spectrum; malicious sensor identification; malicious sensors; radio environment map; radio signal strength; reputation factors; secure distributed estimation; Conferences; Basis pursuit; Cognitive radio; Secure distributed estimation (ID#: 15-7153)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162152&isnumber=7161655
Linbo Tao; Jianjing Shen; Peng Hu; Zhenyu Zhou, “Researches on Process Algebra Based Rootkits-Immune Mechanism,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 2730-2735, 23-25 May 2015. doi:10.1109/CCDC.2015.7162393
Abstract: We present a novel mechanism for detecting unknown rootkits and immunizing known rootkit for the purposes of protecting the computer from being infected by rootkits. Inspired by the immune system of human beings, our mechanism adopts the humoral immunity mechanism to detect and defense tough rootkits. First, the features of the processes are analyzed, the known rootkit features are extracted, and the process algebra are applied to formally represent object such as the self-antigens, pathogene, antibody, etc. Then, the known rootkit are used to train to generate relevant antibody which can recognize antigens of non-self. Meanwhile, the rejection reaction of humoral immunity is used to detect unknown rootkit and generate specific antibody. Last, both known and unknown rootkits can be killed once detected. Based on this mechanism, a prototype system is implemented. And experimental results indicate that this mechanism possesses higher detection ratio and lower false ratio.
Keywords: computer viruses; feature extraction; process algebra; antibody; detection ratio; human being; humoral immunity mechanism; lower false ratio; pathogene; process algebra based rootkits-immune mechanism; prototype system; rejection reaction; rootkit feature extraction; self-antigens; tough rootkit; Algebra; Feature extraction; Generators; Immune system; Monitoring; Real-time systems; Viruses (medical); Kernel Security; Process Algebra; Rootkit-immune; Rootkits (ID#: 15-7154)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162393&isnumber=7161655
Yi Lu; Qiang Yang; Wenyuan Xu; Zhiyun Lin; Wenjun Yan, “Cyber Security Assessment in PMU-Based State Estimation of Smart Electric Transmission Networks,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 3302-3307, 23-25 May 2015. doi:10.1109/CCDC.2015.7162490
Abstract: The adoption of a massive number of synchronized phasor measurement units (PMUs) supporting the wide-area measurement system (WAMS) in current electric transmission networks brings direct benefit in provision of accurate and timely network measurements, but also exposes a set of outstanding technical challenges in security aspect. This paper looks into the security problem of state estimation in WAMS in the context of cyber-physical system (CPS) which often exhibits complex structural characteristics and dynamic operational phenomenon. Typical attacks on PMUs and adverse impact on network state estimation are explored and studied through carrying out a set of simulation experiments using the IEEE 14-bus transmission network model. The preliminary numerical result quantifies the impact of PMU measurement data tampering on the state estimation accuracy and confirms that the PMU-based state estimation potentially can be significantly affected by various forms of cyber attacks.
Keywords: phasor measurement; power system security; power system state estimation; power transmission; CPS; IEEE 14-bus transmission network; PMU-based state estimation; WAMS; cyber security assessment; cyber-physical system; network state estimation; security problem; smart electric transmission networks; synchronized phasor measurement units; wide area measurement system; Current measurement; Monitoring; Phasor measurement units; State estimation; Transmission line measurements; Voltage measurement; PMU; Smart transmission network; State Estimation; WAMS (ID#: 15-7155)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162490&isnumber=7161655
Fangyuan Hou; Zhonghua Pang; Yuguo Zhou; Dehui Sun, “False Data Injection Attacks for a Class of Output Tracking Control Systems,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp.3319-3323, 23-25 May 2015. doi:10.1109/CCDC.2015.7162493
Abstract: With the development of cyber-physical systems (CPSs), the security becomes an important and challenging problem. Attackers can launch various attacks to destroy the control system performance. In this paper, a class of linear discrete-time time-invariant control systems is considered, which is open-loop critically stable and only has one critical eigenvalue. By including the output tracking error as an additional state, a Kalman filter-based augmented state feedback control strategy is designed to solve its output tracking problem. Then a stealthy false data attack is injected into the measurement output, which can completely destroy the output tracking control systems without being detected. Simulation results on a numerical example show that the proposed false data injection attack is effective.
Keywords: discrete time systems; linear systems; open loop systems; stability; state feedback; CPS development; Kalman filter-based augmented state feedback control strategy; control system performance; cyber-physical systems; eigenvalue; false data injection attacks; linear discrete-time time-invariant control system; open-loop stability; output tracking control systems; Computer security; Detectors; Kalman filters; Simulation; State feedback; Wireless sensor networks; Critically Stable; False Data Injection Attacks; Output Tracking Control (ID#: 15-7156)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162493&isnumber=7161655
Xuan Li; Qiaozhu Zhai; Wei Yuan; Jiebing Liu, “Improved Method of Quantitative Steady-State Security Assessment Based on Fast Elimination of Redundant Transmission Capacity Constraints,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 4242-4246, 23-25 May 2015. doi:10.1109/CCDC.2015.7162675
Abstract: Steady-state security analysis is of great importance to power systems. Steady-state security region (SSR) is a region-wise method that could improve the efficiency of steady-state security analysis. Based on SSR, steady-state security distance (SSD) was proposed in literature and SSD provides a quantitative tool for security assessment on a current operation point (OP) or operational state. However, a large scale optimization problem with many constraints must be solved when calculating SSD. In this paper, an improved method for calculating SSD is presented based on fast elimination of redundant transmission capacity constraints. The main idea is to use an analytic method instead of solving an optimization problem to get an over estimation on the maximal power flow on each transmission line, and then compare the result with the line capacity to identify whether the constraint is redundant. By using this method, the problem for calculating SSD is greatly simplified. Numerical tests are performed and the results are satisfactory.
Keywords: linear programming; power system security; fast elimination; maximal power flow; quantitative steady-state security assessment; redundant transmission capacity constraints; steady-state security distance; Generators; Load flow; Optimization; Power transmission lines; Security; Steady-state; Linear Programming; Redundant Constraints; Steady-State Security Distance; Steady-State Security Region (ID#: 15-7157)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162675&isnumber=7161655
Xiaoxia Wang; Naxin Cui; Hai Huang; Chenghui Zhang, “Vehicle Active Security Based on Driver Modeling,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 4984-4987, 23-25 May 2015. doi:10.1109/CCDC.2015.7162816
Abstract: The vehicle passive safety technology can only solve the problems caused by traffic accidents. The active safety technology, which can prevent and reduce accidents, would suffice for more far-reaching applications. In this paper Elman neural network is adopted to predict driver's behavior ahead of time. The “people oriented” driver-vehicle-road closed loop model is set up. The system would record the habits of the driver and warn in time when the behaviors of the driver deviate from the forecasted trajectory to a certain extent. Real time simulation is carried out, which is based on 3D urban road that acquired by GPS equipment. The results indicate that Elman algorithm can be used to establish the warning system of driver's improper operation and provide the reliable and valuable information for safe driving.
Keywords: Global Positioning System; alarm systems; computer graphics; driver information systems; neural nets; road accidents; road safety; road vehicles; trajectory control; 3D urban road; Elman algorithm; Elman neural network; GPS equipment; driver behavior prediction; driver modeling; far-reaching applications; forecasted trajectory; people oriented driver-vehicle-road closed loop model; real time simulation; traffic accidents; vehicle active safety technology; vehicle passive safety technology; Accidents; Real-time systems; Roads; Safety; Security; Three-dimensional displays; Vehicles; 3D Urban Road; Elman Network; Vehicle Active Security (ID#: 15-7158)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162816&isnumber=7161655
Wang Junwei; Fang Xiaoyi, “Improved TEEN Based Trust Routing Algorithm in WSNs,” in Control and Decision Conference (CCDC), 2015 27th Chinese, vol., no., pp. 4379-4382, 23-25 May 2015. doi:10.1109/CCDC.2015.7162699
Abstract: Deployed in harsh environment of wireless sensor network node is physically captured or damage easily, and its wireless communication pattern may lead network vulnerable by all kinds of interference and attacks. Therefore, the routing security is particularly important. Based on the in-depth analysis of wireless sensor networks protocol - TEEN protocol, combined with the trustworthy evaluation mechanism, an improved TEEN based trust routing algorithm in wireless sensor networks is put forward. A dynamic trust management mode is designed to ensure the credibility of node. The cluster head selection strategy and routing strategy of TEEN are improved to ensure the energy efficiency of the network, and the periodic data collection mechanism is introduced to determine the survival state of node. The simulation and performance evaluation show that the proposed algorithm has better performance.
Keywords: radiofrequency interference; routing protocols; telecommunication network management; telecommunication security; wireless sensor networks; TEEN protocol; WSN; attacks; dynamic trust management mode; harsh environment; head selection strategy; improved TEEN; interference; routing security; routing strategy; trust routing algorithm; trustworthy evaluation mechanism; wireless communication pattern; wireless sensor network node; wireless sensor networks protocol; Algorithm design and analysis; Clustering algorithms; Heuristic algorithms; Routing; Routing protocols; Wireless sensor networks; TEEN protocol; dynamic trust management; energy efficiency; trustworthy routing (ID#: 15-7159)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7162699&isnumber=7161655
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.
International Conferences: CyberSA 2015, London
|
International Conferences: CyberSA 2015 London |
The 2015 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) was held in London on 8-9 June 2015. Papers presented at the conference focused on the principles, methods, and applications of situational awareness on Cyber Systems, Business Information Systems (BIS), Computer Network Defence (CND), Computer Physical Systems (CPS) and Internet of Things (IoTs).
Hall, M.J.; Hansen, D.D.; Jones, K., “Cross-Domain Situational Awareness and Collaborative Working for Cyber Security,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-8, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166110
Abstract: Enhancing situational awareness is a major goal for organisations spanning many sectors, working across many domains. An increased awareness of the state of environments enables improved decision-making. Endsley's model of situational awareness has improved the understanding for the design of decision-support systems. This paper presents and discusses a theoretical model to extend this to cross-domain working to influence the design of future collaborative systems. A use-case is discussed within a military context of the use of this model for cross-domain working between an operational-domain and cyber security-domain.
Keywords: decision making; decision support systems; groupware; security of data; collaborative working; cross-domain situational awareness; cyber security-domain; future collaborative systems; improved decision-making; operational-domain; Aerodynamics; Collaboration; Context; Decision making; Feeds; Malware; Collaboration; Cross Domain; Cyber Security; Situational Awareness (ID#: 15-6471)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166110&isnumber=7166109
Neogy, S., “Security Management in Wireless Sensor Networks,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-4, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166112
Abstract: This paper aims to describe the characteristics of Wireless Sensor Networks (WSNs), challenges in designing a resource-constrained and vulnerable network and address security management as the main issue. The work begins with discussion on the attacks on WSNs. As part of protection against the attacks faced by WSNs, key management, the primary requirement of any security practice, is detailed out. This paper also deals with the existing security schemes covering various routing protocols. The paper also touches security issues concerning heterogeneous networks.
Keywords: routing protocols; telecommunication security; wireless sensor networks; WSN; heterogeneous networks; security management schemes; Cryptography; Receivers; Routing; Routing protocols; Wireless sensor networks; attack; cryptography; key management; protocol; routing; security; wireless sensor network (ID#: 15-6472)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166112&isnumber=7166109
Rickus, A.; Pfluegel, E.; Atkins, N., “Chaos-Based Image Encryption Using an AONT Mode of Operation,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-5, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166113
Abstract: Chaos-based cryptography is a promising and emerging field that offers a large variety of techniques particularly suitable for applications such as image encryption. The fundamental characteristics of chaotic systems are closely related to the properties of a strong cryptosystem. Most research on chaos-based encryption does not concentrate on the aspect of encryption modes of operation. This paper introduces a new chaos-based image encryption scheme using an all-or-nothing transform (AONT) mode of operation. This results in a novel non-separable chaos-based mode which we have implemented and evaluated. Our results show that the AONT mode achieves a security gain with little overhead on the overall efficiency of the encryption.
Keywords: chaos; cryptography; image processing; transforms; AONT mode of operation; all-or-nothing transform mode of operation; chaos-based cryptography; chaos-based image encryption; nonseparable chaos-based mode; Chaotic communication; Ciphers; Encryption; Logistics; AONT encryption mode of operation; Baker map; Chaos-based cryptography; Logistic map
(ID#: 15-6473)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166113&isnumber=7166109
Enache, A.-C.; Ionita, M.; Sgarciu, V., “An Immune Intelligent Approach for Security Assurance,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-5, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166116
Abstract: Information Security Assurance implies ensuring the integrity, confidentiality and availability of critical assets for an organization. The large amount of events to monitor in a fluid system in terms of topology and variety of new hardware or software, overwhelms monitoring controls. Furthermore, the multi-facets of cyber threats today makes it difficult even for security experts to handle and keep up-to-date. Hence, automatic “intelligent” tools are needed to address these issues. In this paper, we describe a ‘work in progress’ contribution on intelligent based approach to mitigating security threats. The main contribution of this work is an anomaly based IDS model with active response that combines artificial immune systems and swarm intelligence with the SVM classifier. Test results for the NSL-KDD dataset prove the proposed approach can outperform the standard classifier in terms of attack detection rate and false alarm rate, while reducing the number of features in the dataset.
Keywords: artificial immune systems; pattern classification; security of data; support vector machines; NSL-KDD dataset; SVM classifier; anomaly based IDS model; artificial immune system; asset availability; asset confidentiality; asset integrity; attack detection rate; cyber threats; false alarm rate; immune intelligent approach; information security assurance; intrusion detection system; security threats mitigation; support vector machines; swarm intelligence; Feature extraction; Immune system; Intrusion detection; Particle swarm optimization; Silicon; Support vector machines; Binary Bat Algorithm; Dendritic Cell Algorithm; IDS; SVM (ID#: 15-6474)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166116&isnumber=7166109
Wurzenberger, M.; Skopik, F.; Settanni, G.; Fiedler, R., “Beyond Gut Instincts: Understanding, Rating and Comparing Self-Learning IDSs,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-1, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166117
Abstract: Today ICT networks are the economy's vital backbone. While their complexity continuously evolves, sophisticated and targeted cyber attacks such as Advanced Persistent Threats (APTs) become increasingly fatal for organizations. Numerous highly developed Intrusion Detection Systems (IDSs) promise to detect certain characteristics of APTs, but no mechanism which allows to rate, compare and evaluate them with respect to specific customer infrastructures is currently available. In this paper, we present BAESE, a system which enables vendor independent and objective rating and comparison of IDSs based on small sets of customer network data.
Keywords: security of data; APT; BAESE system; ICT networks; advanced persistent threats; customer infrastructures; customer network data; cyber attacks; economy vital backbone; intrusion detection systems; self-learning IDS; Analytical models; Complexity theory; Data models; Intrusion detection; Organizations; Safety (ID#: 15-6475)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166117&isnumber=7166109
Bode, M.A.; Alese, B.K.; Oluwadare, S.A.; Thompson, A.F.-B., “Risk Analysis in Cyber Situation Awareness Using Bayesian Approach,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-12, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166119
Abstract: The unpredictable cyber attackers and threats have to be detected in order to determine the outcome of risk in a network environment. This work develops a Bayesian network classifier to analyse the network traffic in a cyber situation. It is a tool that aids reasoning under uncertainty to determine certainty. It further analyze the level of risk using a modified risk matrix criteria. The classifier developed was experimented with various records extracted from the KDD Cup'99 dataset with 490,021 records. The evaluations showed that the Bayesian Network classifier is a suitable model which resulted in same performance level for classifying the Denial of Service (DoS) attacks with Association Rule Mining while as well as Genetic Algorithm, the Bayesian Network classifier performed better in classifying probe and User to Root (U2R) attacks and classified DoS equally. The result of the classification showed that Bayesian network classifier is a classification model that thrives well in network security. Also, the level of risk analysed from the adapted risk matrix showed that DoS attack has the most frequent occurrence and falls in the generally unacceptable risk zone.
Keywords: Bayes methods; belief networks; computer network security; data mining; inference mechanisms; pattern classification; risk analysis; Bayesian approach; Bayesian network classifier; DoS attacks; KDD Cup 99 dataset;U2R attacks; association rule mining; classified DoS equally; cyber attackers; cyber situation; cyber situation awareness; cyber threats; denial of service attacks; genetic algorithm; modified risk matrix criteria; network environment; network security; network traffic analysis; risk analysis; user to root attacks; Bayes methods; Intrusion detection; Risk management; Telecommunication traffic; Uncertainty; Bayesian approach; Cyber Situation Awareness; KDD Cup'99; Risk matrix (ID#: 15-6476)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166119&isnumber=7166109
Timonen, J., “Improving Situational Awareness of Cyber Physical Systems Based on Operator's Goals,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-6, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166121
Abstract: This paper focuses on discovering the key areas of Situational Awareness (SA) and Common Operational Picture (COP) in two different environments: the monitoring room and dismounted forces operations in urban areas. The research is based on scientific publications and on two implemented environments. In urban area warfare, the Mobile Urban Area Situational Awareness System is used to evaluate the requirements and usage of dismounted troops. The monitoring room is studied using the Situational Awareness of Critical Infrastructure and Networks System. These empirical environments were implemented during research projects at the Finnish National Defence University. The paper presents a model combining the joint model of laboratories, Endsley's model of SA and the results of goal-driven task analysis for creating a service-based architecture for defining and sharing COP. The main SA model used is Endsley's level model. It has been supplemented with cyber-related perspectives and fits the selected environments well, allowing techniques that can be used to measure the SA level and define the actor's most important goals.
Keywords: military computing; COP; Endsley's level model; SA; common operational picture; critical infrastructure; cyber physical systems; cyber-related perspectives; dismounted forces operations; dismounted troops; goal-driven task analysis; mobile urban area situational awareness system; monitoring room; networks system; requirement evaluation; scientific publications; service-based architecture; urban area warfare; Analytical models; Command and control systems; Computational modeling; Decision making; Monitoring; Stress; Urban areas; Common Operational Picture; Cyber Physical Systems; Situational Awareness; dismounted; operator (ID#: 15-6477)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166121&isnumber=7166109
Onwubiko, C., “Cyber Security Operations Centre: Security Monitoring for Protecting Business and Supporting Cyber Defense Strategy,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-10, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166125
Abstract: Cyber security operations centre (CSOC) is an essential business control aimed to protect ICT systems and support an organisation's Cyber Defense Strategy. Its overarching purpose is to ensure that incidents are identified and managed to resolution swiftly, and to maintain safe & secure business operations and services for the organisation. A CSOC framework is proposed comprising Log Collection, Analysis, Incident Response, Reporting, Personnel and Continuous Monitoring. Further, a Cyber Defense Strategy, supported by the CSOC framework, is discussed. Overlaid atop the strategy is the well-known Her Majesty's Government (HMG) Protective Monitoring Controls (PMCs). Finally, the difficulty and benefits of operating a CSOC are explained.
Keywords: government data processing; security of data; CSOC framework; HMG protective monitoring controls; Her Majestys Government; ICT systems; business control; business protection; cyber defense strategy support; cyber security operations centre; information and communications technology; security monitoring; Business; Computer crime; Monitoring; System-on-chip; Timing; Analysis; CSOC; CSOC Benefits & Challenges; CSOC Strategy; Correlation; Cyber Incident Response; Cyber Security Operations Centre; Cyber Situational Awareness; CyberSA; Log Source; Risk Management; SOC (ID#: 15-6478)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166125&isnumber=7166109
Skopik, F.; Wurzenberger, M.; Settanni, G.; Fiedler, R., “Establishing National Cyber Situational Awareness Through Incident Information Clustering,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-8, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166126
Abstract: The number and type of threats to modern information and communication networks has increased massively in the recent years. Furthermore, the system complexity and interconnectedness has reached a level which makes it impossible to adequately protect networked systems with standard security solutions. There are simply too many unknown vulnerabilities, potential configuration mistakes and therefore enlarged attack surfaces and channels. A promising approach to better secure today's networked systems is information sharing about threats, vulnerabilities and indicators of compromise across organizations; and, in case something went wrong, to report incidents to national cyber security centers. These measures enable early warning systems, support risk management processes, and increase the overall situational awareness of organizations. Several cyber security directives around the world, such as the EU Network and Information Security Directive and the equivalent NIST Framework, demand specifically national cyber security centers and policies for organizations to report on incidents. However, effective tools to support the operation of such centers are rare. Typically, existing tools have been developed with the single organization as customer in mind. These tools are often not appropriate either for the large amounts of data or for the application use case at all. In this paper, we therefore introduce a novel incident clustering model and a system architecture along with a prototype implementation to establish situational awareness about the security of participating organizations. This is a vital prerequisite to plan further actions towards securing national infrastructure assets.
Keywords: business data processing; national security; organisational aspects; pattern clustering; security of data; software architecture; EU Network and Information Security Directive; NIST framework; attack channels; attack surfaces; cyber security directives; early warning systems; incident information clustering; information and communication networks; information sharing; national cyber security centers; national cyber situational awareness; national infrastructure assets; networked systems protection; organizations; risk management processes; standard security solutions; system architecture; system complexity; system interconnectedness; threats; Clustering algorithms; Computer security; Information management; Market research; Organizations; Standards organizations (ID#: 15-6479)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166126&isnumber=7166109
Aggarwal, P.; Grover, A.; Singh, S.; Maqbool, Z.; Pammi, V.S.C.; Dutt, V., “Cyber Security: A Game-Theoretic Analysis of Defender and Attacker Strategies in Defacing-Website Games,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-8, 8-9 June 2015.doi:10.1109/CyberSA.2015.7166127
Abstract: The rate at which cyber-attacks are increasing globally portrays a terrifying picture upfront. The main dynamics of such attacks could be studied in terms of the actions of attackers and defenders in a cyber-security game. However currently little research has taken place to study such interactions. In this paper we use behavioral game theory and try to investigate the role of certain actions taken by attackers and defenders in a simulated cyber-attack scenario of defacing a website. We choose a Reinforcement Learning (RL) model to represent a simulated attacker and a defender in a 2×4 cyber-security game where each of the 2 players could take up to 4 actions. A pair of model participants were computationally simulated across 1000 simulations where each pair played at most 30 rounds in the game. The goal of the attacker was to deface the website and the goal of the defender was to prevent the attacker from doing so. Our results show that the actions taken by both the attackers and defenders are a function of attention paid by these roles to their recently obtained outcomes. It was observed that if attacker pays more attention to recent outcomes then he is more likely to perform attack actions. We discuss the implication of our results on the evolution of dynamics between attackers and defenders in cyber-security games.
Keywords: Web sites; computer crime; computer games; game theory; learning (artificial intelligence);RL model; attacker strategies; attacks dynamics; behavioral game theory; cyber-attacks; cyber-security game; defacing Website games; defender strategies; game-theoretic analysis; reinforcement learning; Cognitive science; Computational modeling; Computer security; Cost function; Games; Probabilistic logic; attacker; cognitive modeling; cyber security; cyber-attacks; defender; reinforcement-learning model (ID#: 15-6480)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166127&isnumber=7166109
Bjerkestrand, T.; Tsaptsinos, D.; Pfluegel, E., “An Evaluation of Feature Selection and Reduction Algorithms for Network IDS Data,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-2, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166129
Abstract: Intrusion detection is concerned with monitoring and analysing events occurring in a computer system in order to discover potential malicious activity. Data mining, which is part of the procedure of knowledge discovery in databases, is the process of analysing the collected data to find patterns or correlations. As the amount of data collected, store and processed only increases, so does the significance and importance of intrusion detection and data mining. A dataset that has been particularly exposed to research is the dataset used for the Third International Knowledge Discovery and Data Mining Tools competition, KDD99. The KDD99 dataset has been used to identify what data mining techniques relate to certain attack and employed to demonstrate that decision trees are more efficient than the Naïve Bayes model when it comes to detecting new attacks. When it comes to detecting network intrusions, the C4.5 algorithm performs better than SVM. The aim of our research is to evaluate and compare the usage of various feature selection and reduction algorithms against publicly available datasets. In this contribution, the focus is on feature selection and reduction algorithms. Three feature selection algorithms, consisting of an attribute evaluator and a test method, have been used. Initial results indicate that the performance of the classifier is unaffected by reducing the number of attributes.
Keywords: Bayes methods; data mining; decision trees; feature selection; security of data; C4.5 algorithm; KDD99 dataset; SVM; computer system; data mining technique; decision tree; feature selection; intrusion detection; naive Bayes model; network IDS data; network intrusion; potential malicious activity; reduction algorithm; third international knowledge discovery and data mining tools competition; Algorithm design and analysis; Classification algorithms; Data mining; Databases; Intrusion detection; Knowledge discovery; Training; KDD dataset; feature selection and reduction; intrusion detection; knowledge discovery (ID#: 15-6481)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166129&isnumber=7166109
Evangelopoulou, M.; Johnson, C.W., “Empirical Framework for Situation Awareness Measurement Techniques in Network Defense,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-4, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166132
Abstract: This paper presents an empirical framework for implementing Situation Awareness Measurement Techniques in a Network Defense environment. Bearing in mind the rise of Cyber-crime and the importance of Cyber security, the role of the security analyst (or as this paper will refer to them, defenders) is critical. In this paper the role of Situation Awareness Measurement Techniques will be presented and explained briefly. Input from previous studies will be given and an empirical framework of how to measure Situation Awareness in a computing network environment will be offered in two main parts. The first one will include the networking infrastructure of the system. The second part will be focused on specifying which Situation Awareness Techniques are going to be used and which Situation Awareness critical questions need to be asked to improve future decision making in cyber-security. Finally, a discussion will take place concerning the proposed approach, the chosen methodology and further validation.
Keywords: computer crime; computer network security; decision making; computing network environment; cyber-crime; cybersecurity; decision making; network defense environment; situation awareness measurement techniques; Computer security; Decision making; Human factors; Measurement techniques; Monitoring; Unsolicited electronic mail; Cyber Security; CyberSA; Decision Making; Intrusion Detection; Network Defense; Situation Awareness; Situation Awareness Measurement Techniques
(ID#: 15-6482)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166132&isnumber=7166109
Shovgenya, Y.; Skopik, F.; Theuerkauf, K., “On Demand for Situational Awareness for Preventing Attacks on the Smart Grid,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-4, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166133
Abstract: Renewable energy sources and widespread small-scale power generators change the structure of the power grid, where actual power consumers also temporarily become suppliers. Smart grids require continuous management of complex operations through utility providers, which leads to increasing interconnections and usage of ICT-enabled industrial control systems. Yet, often insufficiently implemented security mechanisms and the lack of appropriate monitoring solutions will make the smart grid vulnerable to malicious manipulations that may possibly result in severe power outages. Having a thorough understanding about the operational characteristics of smart grids, supported by clearly defined policies and processes, will be essential to establishing situational awareness, and thus, the first step for ensuring security and safety of the power supply.
Keywords: electric generators; electricity supply industry; industrial control; power consumption; power generation control; power generation reliability; power system interconnection; power system management; power system security; renewable energy sources; smart power grids; ICT-enabled industrial control system; actual power consumer; implemented security mechanism; power supply safety; power supply security; renewable energy source; situational awareness; small-scale power generator; smart power grid; Europe; Generators; Power generation; Renewable energy sources; Security; Smart grids; Smart meters; industrial control systems; situational awareness; smart generator; smart grid (ID#: 15-6483)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166133&isnumber=7166109
Adenusi, D.; Alese, B.K; Kuboye, B.M.; Thompson, A.F.-B., “Development of Cyber Situation Awareness Model,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-11, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166135
Abstract: This study designed and simulated cyber situation awareness model for gaining experience of cyberspace condition. This was with a view to timely detecting anomalous activities and taking proactive decision safeguard the cyberspace. The situation awareness model was modelled using Artificial Intelligence (AI) technique. The cyber situation perception sub-model of the situation awareness model was modelled using Artificial Neural Networks (ANN). The comprehension and projection submodels of the situation awareness model were modelled using Rule-Based Reasoning (RBR) techniques. The cyber situation perception sub-model was simulated in MATLAB 7.0 using standard intrusion dataset of KDD'99. The cyber situation perception sub-model was evaluated for threats detection accuracy using precision, recall and overall accuracy metrics. The simulation result obtained for the performance metrics showed that the cyber-situation sub-model of the cybersituation model better with increase in number of training data records. The cyber situation model designed was able to meet its overall goal of assisting network administrators to gain experience of cyberspace condition. The model was capable of sensing the cyberspace condition, perform analysis based on the sensed condition and predicting the near future condition of the cyberspace.
Keywords: artificial intelligence; inference mechanisms; knowledge based systems; mathematics computing; neural nets; security of data; AI technique; ANN; Matlab 7.0; RBR techniques; anomalous activities detection; artificial neural networks; cyber situation awareness model; cyberspace condition; proactive decision safeguard; rule-based reasoning; training data records; Artificial neural networks; Computational modeling; Computer security; Cyberspace; Data models; Intrusion detection; Mathematical model; Artificial Intelligence; Awareness; cyber-situation; cybersecurity; cyberspace (ID#: 15-6484)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166135&isnumber=7166109
Laing, C.; Vickers, P., “Context Informed Intelligent Information Infrastructures for Better Situational Awareness,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-7, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166136
Abstract: In this multi-disciplinary project, we intend to explore the advantages of an information fusion system in which the infrastructure finds new ways to reflect upon its own state and new ways to express this state that provides a good fit to human communication and cognition processes. This interplay should then generate a better and more responsive humancomputer symbiosis. The outcomes of this project will help to develop context and content aware networks that are better able to extract meaning and understanding from network data and behaviour.
Keywords: cognition; human computer interaction; information networks; knowledge based systems; sensor fusion; ubiquitous computing; cognition process; context informed intelligent information infrastructures; human communication; human-computer symbiosis; information fusion system; multidisciplinary project; situational awareness; Computers; Context; Monitoring; Real-time systems; Sonification; System-on-chip; Telecommunication traffic; context informed; information infrastructures; situational awareness (ID#: 15-6485)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166136&isnumber=7166109
Nasir, M.A.; Nefti-Meziani, S.; Sultan, S.; Manzoor, U., “Potential Cyber-Attacks Against Global Oil Supply Chain,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp. 1-7, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166137
Abstract: The energy sector has been actively looking into cyber risk assessment at a global level, as it has a ripple effect; risk taken at one step in supply chain has an impact on all the other nodes. Cyber-attacks not only hinder functional operations in an organization but also waves damaging effects to the reputation and confidence among shareholders resulting in financial losses. Organizations that are open to the idea of protecting their assets and information flow and are equipped; enough to respond quickly to any cyber incident are the ones who prevail longer in global market. As a contribution we put forward a modular plan to mitigate or reduce cyber risks in global supply chain by identifying potential cyber threats at each step and identifying their immediate countermeasures.
Keywords: globalisation; organisational aspects; petroleum industry; risk management; security of data; supply chain management; cyber incident; cyber risk assessment; cyber-attack; damaging effect; energy sector; financial losses; global market; global oil supply chain; global supply chain; information flow; organization; ripple effect; Companies; Computer hacking; Information management; Supply chains; Temperature sensors; cyber-attacks; cyber-attacks countermeasures; oil supply chain; threats to energy sector (ID#: 15-6486)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166137&isnumber=7166109
Dahri, K.; Rajput, S.; Memon, S.; Das Dhomeja, L., “Smart Activities Monitoring System (SAMS) for Security Applications,” in Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, vol., no., pp.1-5, 8-9 June 2015. doi:10.1109/CyberSA.2015.7166138
Abstract: In this paper, an android based SAMS (Smart Activities Monitoring System) application for smart phone is proposed. This application is developed with the aim of increasing the national security in Pakistan. In last decade, various incidents including militant attacks and ransom-demands have been reported in which cell phones played a central role in communication between the culprits. The tracking of these criminals is very important and the government needs to adopt technologies to track mobile phones if they are being used for dangerous activities. In this paper, an android based application is presented which is designed and tested to track a suspect without his/her attention. This application tracks a smartphone by obtaining its current location and monitors a suspect remotely by retrieving information such as call logs, message logs etc. It also detects the face of the suspect and covertly captures the picture using cell phone camera and then sends it via multiple messages. Moreover, the monitoring user can also make calls to the phone which the culprit is using in stealth mode to hear the conversation happening in surroundings of the user without the knowledge of suspect.
Keywords: law administration; mobile computing; police data processing; security; smart phones; Android based application; SAMS; criminal activity; law enforcement agency; security application; smart activities monitoring system; smart phone; Cellular phones; Global Positioning System; Mobile communication; Monitoring; Servers; Smart phones; GPS location; security apps; smartphones; tracking (ID#: 15-6487)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166138&isnumber=7166109
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.
International Conferences: IBCAST 2015, Islamabad
|
International Conferences: IBCAST 2015 Islamabad |
The Twelfth International Bhurban Conference on Applied Sciences & Technology (IBCAST) was held at the National Centre for Physics, Islamabad Pakistan on January 13-18, 2015. It was organized by the Centres of Excellence in Science & Applied Technologies (CESAT), Islamabad, in collaboration with Beihang University of Aeronautics & Astronautics, Beijing Institute of Technology, Nanjing University of Aeronautics & Astronautics and Northwestern Polytechnical University, Xian, China. Topics included Advanced Materials, Biomedical Sciences, Control & Signal Processing, Cyber Security, Fluid Dynamics, Underwater Technologies and Wireless Communication & Radar. The cybersecurity papers are cited here and were recovered on September 3, 2015.
Saghar, K.; Kendall, D.; Bouridane, A., “RAEED: A Solution for Hello Flood Attack,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 248-253, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058512
Abstract: Hello flood attack has long been a problem in ad-hoc and wireless networks during data routing. Although numerous solutions have been proposed, they all have drawbacks. The main reason is that formal modeling techniques have not been employed to confirm whether the solutions are immune from DoS attacks. We have earlier shown how formal modeling can be utilized efficiently to detect the vulnerabilities of existing routing protocols against DoS attacks. In this paper we propose a new protocol, RAEED (Robust formally Analysed protocol for wirEless sEnsor networks Deployment), which is able to address the problem of Hello flood attacks. Using formal modeling we prove that RAEED avoids these types of attack. Finally computer simulations were carried out to support our findings. RAEED employs an improved bidirectional verification and the key exchange characteristics of the INSENS and the LEAP. RAEED preserves the security and reduces traffic. The improvements in RAEED were the less number of messages exchanged, less percentage of messages lost and reduction in time to complete key setup phase.
Keywords: computer network security; formal verification; mobile computing; routing protocols; telecommunication traffic; wireless sensor networks; DoS attacks; INSENS; LEAP; RAEED protocol; ad-hoc networks; bidirectional verification; computer simulations; data routing; formal modeling techniques; hello flood attack; key exchange characteristics; message exchange; messages lost; robust formally analysed protocol for wireless sensor networks deployment; security; traffic reduction; Amplitude shift keying; Computational modeling; Computer crime; Noise; Routing protocols; Wireless sensor networks; Formal Modeling; Routing Protocol; Security Attacks; Wireless Sensor Networks (WSN) (ID#: 15-6488)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058512&isnumber=7058466
Fatima, T.; Saghar, K.; Ihsan, A., “Evaluation of Model Checkers SPIN and UPPAAL for Testing Wireless Sensor Network Routing Protocols,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 263-267, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058514
Abstract: Formal modeling and verification has been under considerable attraction of researchers these days. Using formal methods one can find bugs and hidden errors in different systems, codes and protocols. As formal models can detect worst case scenarios which are not possible in computer simulations and other testing techniques, they are often employed by researchers to detect flaws in security protocols. A lot of hidden errors have been detected in encryption techniques and secure routing protocols by analyzing them using formal modeling and verification. Although many tools have been developed to perform formal verification; but SPIN and UPPAAL are most frequently used by researchers to demonstrate some previously unreported weaknesses. This paper analyzes these two model checkers in terms of learning time, ease of use and their features of modeling and verification. We later annotate our findings by applying these tools against a wire-less sensor network routing protocol. We claim that our paper can help future researchers to decide which formal modeling tool is best in a particular scenario thus saving a lot of time in decision making.
Keywords: cryptography; decision making; formal verification; routing protocols; telecommunication network reliability; telecommunication security; wireless sensor networks; SPIN; UPPAAL; decision making; encryption techniques; formal methods; formal modeling; formal verification; model checkers; secure routing protocols; security protocols; testing techniques; wireless sensor network routing protocols; Analytical models; Automata; Computational modeling; Model checking; Routing protocols; Wireless sensor networks; Formal Verification; Routing Protocols; Sensor Networks; Software Testing (ID#: 15-6489)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058514&isnumber=7058466
Kashif, U.A.; Memon, Z.A.; Balouch, A.R.; Chandio, J.A., “Distributed Trust Protocol for IaaS Cloud Computing,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 275-279, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058516
Abstract: Due to economic benefits of cloud computing, consumers have rushed to adopt Cloud Computing. Apart from rushing into cloud, security concerns are also raised. These security concerns cause trust issue in adopting cloud computing. Enterprises adopting cloud, will have no more control over data, application and other computing resources that are outsourced from cloud computing provider. In this paper we propose a novel technique that will not leave consumer alone in cloud environment. Firstly we present theoretical analysis of selected state of the art technique and identified issues in IaaS cloud computing. Secondly we propose Distributed Trust Protocol for IaaS Cloud Computing in order to mitigate trust issue between cloud consumer and provider. Our protocol is distributed in nature that lets the consumer to check the integrity of cloud computing platform that is in the premises of provider's environment. We follow the rule of security duty separation between the premises of consumer and provider and let the consumer be the actual owner of the platform. In our protocol, user VM hosted at IaaS Cloud Computing uses Trusted Boot process by following specification of Trusted Computing Group (TCG) and by utilizing Trusted Platform Module (TPM) Chip of the consumer. The protocol is for the Infrastructure as a Service IaaS i.e. lowest service delivery model of cloud computing.
Keywords: cloud computing; formal specification; security of data; trusted computing; virtual machines; IaaS cloud computing; Infrastructure as a Service; TCG specification; TPM chip; Trusted Computing Group; cloud computing platform integrity checking; cloud consumer; cloud environment; cloud provider; computing resources; distributed trust protocol; economic benefit; security concern; security duty separation; service delivery model; trust issue mitigation; trusted boot process; trusted platform module chip; user VM; Hardware; Information systems; Security; Virtual machine monitors; Trusted cloud computing; cloud security and trust; trusted computing; virtualization (ID#: 15-6490)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058516&isnumber=7058466
Jalalzai, M.H.; Shahid, W.B.; Iqbal, M.M.W., “DNS Security Challenges and Best Practices to Deploy Secure DNS with Digital Signatures,” Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 280-285, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058517
Abstract: This paper is meant to discuss the DNS security vulnerabilities and best practices to address DNS security challenges. The Domain Name System (DNS) is the foundation of internet which translates user friendly domains, named based Resource Records (RR) into corresponding IP addresses and vice-versa. Nowadays usage of DNS services are not merely for translating domain names, but it is also used to block spam, email authentication like DKIM and the latest DMARC, the TXT records found in DNS are mainly about improving the security of services. So, virtually almost every internet application is using DNS. If not works properly then whole internet communication will collapse. Therefore security of DNS infrastructures is one of the core requirements for any organization in current cyber security arena. DNS are favorite place for attackers due to huge loss of its outcome. So breach in DNS security will in resultant affects the trust worthiness of whole internet. Therefore security of DNS is paramount, in case DNS infrastructure is vulnerable and compromised, organizations lose their revenue, they face downtime, customer dissatisfaction, privacy loss, confront legal challenges and many more. As we know that DNS is now become the largest distributed database, but initially at the time of DNS design the only goal was to provide scalable and available name resolution service but its security perspectives were not focused and overlooked at that time. So there are number of security flaws exist and there is an urgent requirement to provide some additional mechanism for addressing known vulnerabilities. From these security challenges, most important one is DNS data integrity and availability. For this purpose we introduced cryptographic framework that is configured on open source platform by incorporating DNSSEC with Bind DNS software which addresses integrity and availability issues of DNS by establishing DNS chain of trust using digitally signed DNS data.
Keywords: Internet; computer network security; cryptography; data integrity; data privacy; digital signatures; distributed databases; public domain software; Bind DNS software; DKIM; DMARC; DNS availability issues; DNS chain; DNS data integrity; DNS design; DNS infrastructures; DNS security; DNS security vulnerabilities; DNS services; DNSSEC; IP addresses; Internet application; Internet communication; Internet trustworthiness; cryptographic framework; customer dissatisfaction; cyber security arena; digital signatures; digitally signed DNS data; distributed database; domain name system; email authentication; index TXT services; named based resource records; open source platform; privacy loss; secure DNS; security flaws; user friendly domains; Best practices; Computer crime; Cryptography; Internet; Servers; Software; DNS Security; DNS Vulnerabilities; DNSSEC; Digital Signatures; Network and Computer Security; PKI (ID#: 15-6491)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058517&isnumber=7058466
Islam, S.; Haq, I.U.; Saeed, A., “Secure End-to-End SMS Communication over GSM Networks,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 286-292, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058518
Abstract: In today's GSM networks, security mechanisms provided by network operators are limited to the wireless links only, leaving the information traveling over the wired links insecure to a large extent. Moreover, the encryption algorithms used over the wireless links provide weak notion of security. Thus end-to-end security for SMS communication is not achieved in current GSM networks. An adversary is able to capture the traffic over the wireless link and decrypt it using specialized hardware. Short Message Service (SMS) is used widely all over the world which may contain sensitive and confidential information like financial transactions. SMS spoofing applications are widely available through which any sender ID can be set. The objectives of this research includes end-to-end confidentiality, authentication, message integrity and non-repudiation of SMS. The proposed scheme uses symmetric key and identity based techniques for encryption and key management. The overhead incurred due to addition of control information may increase the message length but the computational delay due to cryptographic operations is negligible on mobile devices with 1GHz+ processors. The proposed solution ensures end-to-end security even if the transmission is tapped, leaked or sniffed on either the wired or wireless links.
Keywords: cellular radio; cryptography; electronic messaging; message authentication; mobile computing; telecommunication security; GSM networks; SMS nonrepudiation; SMS spoofing applications; authentication; computational delay; confidential information; cryptographic operations; encryption algorithms; end-to-end confidentiality; end-to-end security; financial transactions; identity based techniques; key management; message integrity; message length; mobile devices; network operators; secure end-to-end SMS communication; security mechanisms; sender ID; sensitive information; short message service; symmetric key; wired links; wireless links; Encryption; Program processors; Receivers (ID#: 15-6492)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058518&isnumber=7058466
Siddiqui, R.A.; Grosvenor, R.I.; Prickett, P.W., “dsPIC-Based Advanced Data Acquisition System for Monitoring, Control and Security Applications,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 293-298, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058519
Abstract: This paper reports on design and implementation of data acquisition system based on dsPIC Microcontroller for Monitoring, Control and Security Application. Data acquisition is fundamental stage in any DSP, monitoring and digital control and security system. The efficiency and effectiveness of the system is defined by the quality of acquired data, which in turn depends on the characteristics of data acquisition system. There are two types of data acquisition; (a) digital (b) analog data acquisition, having different characteristics and system requirements. Microchip's dsPIC provides various on-chip integrated modules which enable efficient data acquisition such as 10/12-bit Analog to Digital Convertor (ADC) with up to 1Msps (Million samples per second) sampling rate, simultaneous sampling and various trigger mechanisms, Timers, Input Capture (IC), External (hardware) and Internal (software) Interrupt and processing capability up to 30 MIPS (Million Instructions Per Second). A system is developed for data acquisition of 16 analog signals with 10/12-bit resolution, simultaneous sampling of 4 signals, fixed and variable sampling rate, on chip storage and real-time signal processing capabilities. The system also supports for data acquisition of digital signals with time resolution of up to 33.33nsec and signal parameters like frequency, time period, pulse width, duty cycle, and delay & time difference between two signals. It can be customized according to the system requirements and provides advanced data acquisition capabilities to the low cost monitoring, control or security system.
Keywords: analogue-digital conversion; data acquisition; digital control; digital signal processing chips; microcontrollers;10-12-bit analog-digital convertor;10-12-bit resolution; 16 analog signals; 30 MIPS; ADC; DSP; advanced data acquisition capabilities; analog data acquisition; chip storage; control-security system; delay time difference; digital control-security system; digital data acquisition; dsPIC microcontroller; dsPIC-based advanced data acquisition system; duty cycle; efficient data acquisition; external hardware; internal software; low cost monitoring; microchip dsPIC; on-chip integrated modules; pulse width; real-time signal processing; timers; variable sampling rate; Security; ADC; DSP; Data Acquisition; MIPS; Microchip; Monitoring; Security; dsPIC (ID#: 15-6493)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058519&isnumber=7058466
Arifeen, F.U.; Siddiqui, R.A.; Ashraf, S.; Waheed, S., “Inter-Cloud Authentication Through X.509 for Defense Organization,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 299-306, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058520
Abstract: Over the recent years of research in cloud computing, different approaches are adopted for Inter-Cloud Authentication. These approaches give successful results in identifying the authentic request. Defense organization communicate with each other's through legitimate requests. For establishing a security and privacy, a PKI based authentication model is needed. This paper signifies a new approach in implementing cloud based PKI authentication inside the existing infrastructure of defense organization. As security is the prime concern for any organization and its implementation requirement varies from organization to organization, each and every organization embrace their own policies to implement it. The problem of understanding each other's security policies is a huge barrier and challenge for existing IT infrastructure for implementation purposes. Requirement to establish Inter-Cloud Authentication is made possible through this PKI based model which ensures all five security services i.e. confidentiality, integrity, authentication, digital signature and non-repudiation. This PKI model is a multi-domain atmosphere between various defense organization and their Data Centers (DC) for the facilitation and resource provisioning inside the cloud platform. This model utilizes the existing network infrastructure composed of high intercommunication traffic between various Data Centers of defense organization. In this model, a nationwide Certification Authority (CA) is implemented in the Inter-Cloud infrastructure and all other Data Centers are inter-communicated through this mechanism having different authentication approaches for legitimate access through the X.509 Certificates.
Keywords: cloud computing; computer centres; computer network security; data integrity; data privacy; digital signatures; organisational aspects; public key cryptography; telecommunication traffic; IT infrastructure; PKI based authentication model; X.509; certification authority; cloud based PKI authentication; cloud platform; data center; data confidentiality; defense organization; digital signature; intercloud authentication; intercloud infrastructure; intercommunication traffic; multidomain atmosphere; network infrastructure; non-repudiation; resource provisioning; security policies; security services; Hardware; Organizations; Public key cryptography; Software; Virtual private networks; Certification Authority (CA); Data Centers; Inter-Cloud; Master CA; Public Key Infrastructure (PKI); VPN; X.509 Certificate Services (ID#: 15-6494)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058520&isnumber=7058466
Ishfaq, H.; Iqbal, W.; Bin Shahid, W., “Attaining Accessibility and Personalization with Socio-Captcha (SCAP),” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 307-311, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058521
Abstract: Many websites have made use of motions, videos, flash, gif animations and static images to implement Captcha in order to ensure that the entity trying to connect to their website(s) or system is not a Bot, but a human being. A wide variety of Captcha types and solution methods are available and few are described in section II. All of these Captcha systems possess the functionality of distinguishing humans and Bots but lack in providing personalization attribute(s) whilst browsing the internet or using any networking application. This paper has suggested a novel scheme for generation of Captcha by attaining accessibility and personalization through user's social media profile attributes Socio-Captcha (SCAP). This Socio-Captcha Scheme relies on Socio-Captcha application which is discussed in this paper.
Keywords: security of data; social networking (online); Internet; SCAP; Web sites; personalization attribute; social media profile; socio-captcha scheme; CAPTCHAs; Clothing; Electronic publishing; Facebook; Frequency modulation; Information services; Lead; accessibility; bot; captcha; human; personalization; social media; web (ID#: 15-6495)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058521&isnumber=7058466
Amin, M.; Afzal, M., “On the Vulnerability of EC DRBG,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 318-322, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058523
Abstract: Random Number Generation is an important element of any cryptographic function. National Institute of Standards and Technology (NIST) has also developed few Random Number Generators, Dual Elliptic Curve Deterministic Random Bit Generator(Dual EC DRBG) is one of them. Over a period of time, various sources highlighted that Dual EC DRBG has vulnerability, that its next output can be predicted with the help of previous output. However very limited material is available to provide an insight to understand the vulnerability. This paper has provided a proof of concept on the vulnerability in Dual EC DRBG with explaining the working of DRBG and related flaw. The paper has also proposed the solution to overcome the said flaw in Dual EC DRBG.
Keywords: public key cryptography; random number generation; Dual EC DRBG vulnerability; NIST; National Institute of Standards and Technology; cryptographic function; dual elliptic curve deterministic random bit generator; Elliptic curves; Entropy; Generators; Random number generation; Elliptic Curves; Random Numbers (ID#: 15-6496)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058523&isnumber=7058466
Tanveer, A.; Ali, A.; Paracha, M.A.; Raja, F.R., “Performance Analysis of AES-finalists Along with SHS in IPSEC VPN over 1Gbps Link,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp.323-332, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058524
Abstract: IPSEC is suit of protocols designed to provide secure communication over Network Layer (Layer-3) of TCP/IP model. Participating IPSEC gateways may have different algorithms installed in them but RFC-4835 mentions mandatory algorithms that a gateway must have so that participating gateways always have at least one algorithmic combination to agree upon. Off the shelve IPSEC implementations only implement these mandatory algorithms. In this paper, the enhancements involve the selection of hashing and encryption algorithms that yield better performance for the given system. All AES finalists and SHS algorithms have been embedded after some modifications in 64 bit RHEL 6.2 Linux kernel (2.6.32) and Openswan 2.6.38 (A user space agent which helps gateways to negotiate security associations between them) and performance analysis of these algorithms having throughput as the main parameter over 1 Gbps link in an IPSEC VPN has been done. For this purpose, all the combinations of block ciphers with different key lengths along with hashing algorithms are tested and analyzed under same operating conditions. Comparative results are shown with respect to every combination of AES finalists with every hashing algorithm of SHS and MD5. Furthermore, All the AES finalists have also been tested without hashing algorithms.
Keywords: Linux; computer network security; cryptographic protocols; internetworking; operating system kernels; transport protocols; virtual private networks; AES finalist performance analysis; IPSEC VPN network layer; IPSEC gateway; Openswan 2.6.38; RHEL 6.2 Linux kernel; SHS algorithm; TCP-IP protocol model; advanced encryption standard; bit rate 1 Gbit/s; cipher blocking; encryption algorithm; hashing algorithm; off the shelve IPSEC implementation; secure communication; secure hash standard; user space agent; Authentication; Encryption; IP networks; Logic gates; Payloads (ID#: 15-6497)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058524&isnumber=7058466
Javed, A.; Akhlaq, M., “Patterns in Malware Designed for Data Espionage and Backdoor Creation,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 338-342, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058526
Abstract: In the recent past, malware have become a serious cyber security threat which has not only targeted individuals and organizations but has also threatened the cyber space of countries around the world. Amongst malware variants, trojans designed for data espionage and backdoor creation dominates the threat landscape. This necessitates an in depth study of these malware with the scope of extracting static features like APIs, strings, IP Addresses, URLs, email addresses etc. by and large found in such malicious codes. Hence in this research paper, an endeavor has been made to establish a set of patterns, tagged as APIs and Malicious Strings persistently existent in these malware by articulating an analysis framework.
Keywords: application program interfaces; feature extraction; invasive software; APIs; backdoor creation; cyber security threat; data espionage; malicious codes; malicious strings; malware; static feature extraction; trojans; Accuracy; Feature extraction; Lead; Malware; Sensitivity (ID#: 15-6498)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058526&isnumber=7058466
Saboor, A.; Aslam, B., “Analyses of Flow Based Techniques to Detect Distributed Denial of Service Attacks,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 354-362, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058529
Abstract: Distributed Denial of Service (DDoS) attacks comprise of sending huge network traffic to a victim system using multiple systems. Detecting such attacks has gained much attention in current literature. Studies have shown that flow-based anomaly detection mechanisms give promising results as compared to typical signature based attack detection mechanisms which have not been able to detect such attacks effectively. For this purpose, a variety of flow-based DDoS detection algorithms have been put forward. We have divided the flow-based DDoS attack detection techniques broadly into two categories namely, packet header based and mathematical formulation based. Analyses has been done for two techniques one belonging to each category. The paper has analyzed and evaluated these with respect to their detection accuracy and capability. Finally, we have suggested improvements that can be helpful to give results better than both the previously proposed algorithms. Furthermore, our findings can be applied to DDoS detection systems for refining their detection capability.
Keywords: computer network security; mathematical analysis; telecommunication traffic; flow-based anomaly detection mechanisms; flow-based distributed denial of service attack detection techniques; mathematical formulation; multiple systems; network traffic; packet header; signature based attack detection mechanisms; victim system; Correlation; Correlation coefficient; IP networks; Distributed Denial of Service Attack; Exploitation Tools; Flow-based attack detection; Intrusion Detection; cyber security (ID#: 15-6499)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058529&isnumber=7058466
Raza, F.; Bashir, S.; Tauseef, K.; Shah, S.I., “Optimizing Nodes Proportion for Intrusion Detection in Uniform and Gaussian Distributed Heterogeneous WSN,” in Applied Sciences and Technology (IBCAST), 2015 12th International Bhurban Conference on, vol., no., pp. 623-628, 13-17 Jan. 2015. doi:10.1109/IBCAST.2015.7058571
Abstract: In wireless sensor networks (WSN), intrusion detection applications have gained significant importance because of diverse implementations including tracking malicious intruder in the battlefield. Network parameters such as allowable distance, sensing range, transmission range, and node density plays important role in designing a model according to specific applications. Numerous models have been proposed to efficiently deploy WSNs for these applications. However, deviated requirements of different applications make it difficult to develop a generic model. Another important factor with significant contribution towards the performance of a WSN is the strategy adopted for distribution of the sensor nodes in the area of interest. The most common method is to deploy the sensors is either through uniform or gaussian distribution. Several performance comparisons have been reported to evaluate the detection probability and analyze its dependency on various network parameters. Another aspect fundamental to the performance of a sensor network is heterogeneity. Practically, for economic or logistic reasons, it may not be possible to ensure availability of nodes with identical features e.g. sensing range, transmission/detection capability etc. It is, therefore, important to assess the detection performance of the network when the nodes do not possess same sensing range. In this paper we analyze the impact of various node densities in calculating detection probability in a Uniform and Gaussian distributed heterogeneous network under K-sensing model. Experimental results provide optimal values of node densities for efficient deployment in heterogeneous WSN environment.
Keywords: Gaussian distribution; object detection; optimisation; safety systems; wireless sensor networks; K-sensing model; allowable distance; battlefield; detection probability evaluation; economic reasons; generic model; intrusion detection application performance; logistic reasons; malicious intruder tracking; node density; node proportion optimization; sensing range; sensor node distribution; transmission range; uniform-Gaussian distributed heterogeneous WSN; wireless sensor network parameter; Ad hoc networks; Communication system security; Intrusion detection; Sensors; Wireless communication; Wireless sensor networks (ID#: 15-6500)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7058571&isnumber=7058466
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.
International Conferences: INFOCOM 2015, Kowloon, Hong Kong, China
|
International Conferences: INFOCOM 2015 Kowloon, Hong Kong, China |
The 2015 IEEE Conference on Computer Communications (INFOCOM) was held on April 26–May 1, 2015 in Kowloon, Hong Kong, China. Over 300 papers were presented at the conference on a variety of computer networking topics. The work cited here specifically relates to the Science of Security.
He, Xiaofan; Dai, Huaiyu; Ning, Peng, “Improving Learning and Adaptation in Security Games by Exploiting Information Asymmetry,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 1787–1795, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218560
Abstract: With the advancement of modern technologies, the security battle between a legitimate system (LS) and an adversary is becoming increasingly sophisticated, involving complex interactions in unknown dynamic environments. Stochastic game (SG), together with multi-agent reinforcement learning (MARL), offers a systematic framework for the study of information warfare in current and emerging cyber-physical systems. In practical security games, each player usually has only incomplete information about the opponent, which induces information asymmetry. This work exploits information asymmetry from a new angle, considering how to exploit local information unknown to the opponent to the player's advantage. Two new MARL algorithms, termed minimax-PDS and WoLF-PDS, are proposed, which enable the LS to learn and adapt faster in dynamic environments by exploiting its private local information. The proposed algorithms are provably convergent and rational, respectively. Also, numerical results are presented to show their effectiveness through two concrete anti-jamming examples.
Keywords: Computers; Conferences; Games; Heuristic algorithms; Jamming; Security; Sensors (ID#: 15-6719)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218560&isnumber=7218353
Hu, Pengfei; Li, Hongxing; Fu, Hao; Cansever, Derya; Mohapatra, Prasant, “Dynamic Defense Strategy Against Advanced Persistent Threat with Insiders,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 747–755, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218444
Abstract: The landscape of cyber security has been reformed dramatically by the recently emerging Advanced Persistent Threat (APT). It is uniquely featured by the stealthy, continuous, sophisticated and well-funded attack process for long-term malicious gain, which render the current defense mechanisms inapplicable. A novel design of defense strategy, continuously combating APT in a long time-span with imperfect/incomplete information on attacker's actions, is urgently needed. The challenge is even more escalated when APT is coupled with the insider threat (a major threat in cyber-security), where insiders could trade valuable information to APT attacker for monetary gains. The interplay among the defender, APT attacker and insiders should be judiciously studied to shed insights on a more secure defense system. In this paper, we consider the joint threats from APT attacker and the insiders, and characterize the fore-mentioned interplay as a two-layer game model, i.e., a defense/attack game between defender and APT attacker and an information-trading game among insiders. Through rigorous analysis, we identify the best response strategies for each player and prove the existence of Nash Equilibrium for both games. Extensive numerical study further verifies our analytic results and examines the impact of different system configurations on the achievable security level.
Keywords: Computer security; Computers; Cost function; Games; Joints; Nash equilibrium (ID#: 15-6720)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218444&isnumber=7218353
Hao, Zijiang; Tang, Yutao; Zhang, Yifan; Novak, Ed; Carter, Nancy; Li, Qun, “SMOC: A Secure Mobile Cloud Computing Platform,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 2668–2676, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218658
Abstract: Mobile devices are now ubiquitous in the modern world. In this paper, we propose a novel and practical mobile-cloud platform for smart mobile devices. Our platform allows users to run the entire mobile device operating system and arbitrary applications on a cloud-based virtual machine. It has two design fundamentals. First, applications can freely migrate between the user's mobile device and a backend cloud server. We design a file system extension to enable this feature, so users can freely choose to run their applications either in the cloud (for high security guarantees), or on their local mobile device (for better user experience). Second, in order to protect user data on the smart mobile device, we leverage hardware virtualization technology, which isolates the data from the local mobile device operating system. We have implemented a prototype of our platform using off-the-shelf hardware, and performed an extensive evaluation of it. We show that our platform is efficient, practical, and secure.
Keywords: Hardware; Keyboards; Mobile communication; Mobile handsets; Security; Virtual machine monitors; Virtualization
(ID#: 15-6721)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218658&isnumber=7218353
Chen, Fei; Xiang, Tao; Yang, Yuanyuan; Wang, Cong; Zhang, Shengyu, “Secure Cloud Storage Hits Distributed String Equality Checking: More Efficient, Conceptually Simpler, and Provably Secure,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 2389–2397, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218627
Abstract: Cloud storage has gained a remarkable success in recent years with an increasing number of consumers and enterprises outsourcing their data to the cloud. To assure the availability and integrity of the outsourced data, several protocols have been proposed to audit cloud storage. Despite the formally guaranteed security, the constructions employed heavy cryptographic operations as well as advanced concepts (e.g., bilinear maps over elliptic curves and digital signatures), and thus are inefficient to admit wide applicability in practice. In this paper, we design a novel secure cloud storage protocol, which is conceptually and technically simpler and significantly more efficient than previous constructions. Inspired by a classic string equality checking protocol in distributed computing, our protocol uses only basic integer arithmetic (without advanced techniques and concepts). As simple as the protocol is, it supports both randomized and deterministic auditing to fit different applications. We further extend the proposed protocol to support data dynamics, i.e., adding, deleting and modifying data, using a novel technique. As a further contribution, we find a systematic way to design secure cloud storage protocols based on verifiable computation protocols. Theoretical and experimental analyses validate the efficacy of our protocol.
Keywords: Cloud computing; Computational modeling; Computers; Conferences; Protocols; Secure storage; Security
(ID#: 15-6722)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218627&isnumber=7218353
Sun, Wenhai; Liu, Xuefeng; Lou, Wenjing; Hou, Y.Thomas; Li, Hui, “Catch You if You Lie to Me: Efficient Verifiable Conjunctive Keyword Search over Large Dynamic Encrypted Cloud Data,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 2110–2118, April 26 2015-May 1 2015. doi:10.1109/INFOCOM.2015.7218596
Abstract: Encrypted data search allows cloud to offer fundamental information retrieval service to its users in a privacy-preserving way. In most existing schemes, search result is returned by a semi-trusted server and usually considered authentic. However, in practice, the server may malfunction or even be malicious itself. Therefore, users need a result verification mechanism to detect the potential misbehavior in this computation outsourcing model and rebuild their confidence in the whole search process. On the other hand, cloud typically hosts large outsourced data of users in its storage. The verification cost should be efficient enough for practical use, i.e., it only depends on the corresponding search operation, regardless of the file collection size. In this paper, we are among the first to investigate the efficient search result verification problem and propose an encrypted data search scheme that enables users to conduct secure conjunctive keyword search, update the outsourced file collection and verify the authenticity of the search result efficiently. The proposed verification mechanism is efficient and flexible, which can be either delegated to a public trusted authority (TA) or be executed privately by data users. We formally prove the universally composable (UC) security of our scheme. Experimental result shows its practical efficiency even with a large dataset.
Keywords: Conferences; Cryptography; Indexes; Keyword search; Polynomials; Servers (ID#: 15-6723)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218596&isnumber=7218353
Chen, Zhili; Huang, Liusheng; Chen, Lin, “ITSEC: An Information-Theoretically Secure Framework for Truthful Spectrum Auctions,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 2065–2073, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218591
Abstract: Truthful auctions make bidders reveal their true valuations for goods to maximize their utilities. Currently, almost all spectrum auction designs are required to be truthful. However, disclosure of one's true value causes numerous security vulnerabilities. Secure spectrum auctions are thus called for to address such information leakage. Previous secure auctions either did not achieve enough security, or were very slow due to heavy computation and communication overhead. In this paper, inspired by the idea of secret sharing, we design an information-theoretically secure framework (ITSEC) for truthful spectrum auctions. As a distinguished feature, ITSEC not only achieves information-theoretic security for spectrum auction protocols in the sense of cryptography, but also greatly reduces both computation and communication overhead by ensuring security without using any encryption/description algorithm. To our knowledge, ITSEC is the first information-theoretically secure framework for truthful spectrum auctions in the presence of semi-honest adversaries. We also design and implement circuits for both single-sided and double spectrum auctions under the ITSEC framework. Extensive experimental results demonstrate that ITSEC achieves comparable performance in terms of computation with respect to spectrum auction mechanisms without any security measure, and incurs only limited communication overhead.
Keywords: Conferences; Cryptography; Logic gates; Privacy; Protocols; Random variables (ID#: 15-6724)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218591&isnumber=7218353
Ma, Jiefei; Le, Franck; Russo, Alessandra; Lobo, Jorge, “Detecting Distributed Signature-Based Intrusion: The Case of Multi-Path Routing Attacks,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 558–566, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218423
Abstract: Signature-based network intrusion detection systems (S-IDS) have become an important security tool in the protection of an organisation's infrastructure against external intruders. By analysing network traffic, S-IDS' detect network intrusions. An organisation may deploy one or multiple S-IDS', each working independently with the assumption that it can monitor all packets of a given flow to detect intrusion signatures. However, emerging technologies (e.g., Multi-Path TCP) violate this assumption, as traffic can be concurrently sent across different paths (e.g., WiFi, Cellular) to boost network performance. Attackers may exploit this capability and split malicious payloads across multiple paths to evade traditional signature-based network intrusion detection systems. Although multiple monitors may be deployed, none of them has the full coverage of the network traffic to detect the intrusion signature. In this paper, we formalise this distributed signature-based intrusion detection problem as an asynchronous online exact string matching problem, and propose an algorithm for it. To demonstrate its effectiveness we conducted comprehensive experiments. Our results show that the behaviour of our algorithm depends only on the packet arrival rate: delay in detecting the signature grows linearly with respect to the packet arrival rate and with small communication overhead.
Keywords: Automata; Computers; Conferences; Intrusion detection; Monitoring; Payloads; Synchronization (ID#: 15-6725)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218423&isnumber=7218353
Xu, Qiang; Liao, Yong; Miskovic, Stanislav; Mao, Z. Morley; Baldi, Mario; Nucci, Antonio; Andrews, Thomas, “Automatic Generation of Mobile App Signatures from Traffic Observations,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 1481–1489, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218526
Abstract: There are network management, traffic engineering, and security practices adopted in today's networking that rely on the knowledge about what applications' traffic is passing through the networks. These practices might fail with mobile apps whose identity remains hidden in generic HTTP traffic. The main reason is that unlike traditional applications, most mobile apps do not use specific protocols or IP ports with distinctive features. Many enterprises and service providers are in a great need of regaining control over their networks that increasingly carry mobile traffic. In this paper we propose FLOWR, a system that automatically identifies mobile apps by continually learning the apps' distinguishing features via traffic analysis. FLOWR focuses solely on key-value pairs in HTTP headers and intelligently identifies the pairs suitable for app signatures. Our system employs a custom supervised learning approach that leverages a very limited knowledge of app-signature seeds and autonomously grows its capacity for app identification. The approach is motivated by a simple but effective hypothesis that unknown app-identifying features should co-occur with the known signatures. Our experimental results show a significant growth in flow identification coverage provided by FLOWR. Specifically, we show that FLOWR can achieve identification of 86–95% of flows related to their generating apps.
Keywords: Computers; Conferences; FLOWR; IP networks; Mobile communication; Mobile computing; Protocols; Web services
(ID#: 15-6726)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218526&isnumber=7218353
Zhang, Chao; Niknami, Mehrdad; Chen, Kevin Zhijie; Song, Chengyu; Chen, Zhaofeng; Song, Dawn, “JITScope: Protecting Web Users from Control-Flow Hijacking Attacks,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 567–575, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218424
Abstract: Web browsers are one of the most important enduser applications to browse, retrieve, and present Internet resources. Malicious or compromised resources may endanger Web users by hijacking web browsers to execute arbitrary malicious code in the victims' systems. Unfortunately, the widely-adopted Just-In-Time compilation (JIT) optimization technique, which compiles source code to native code at runtime, significantly increases this risk. By exploiting JIT compiled code, attackers can bypass all currently deployed defenses. In this paper, we systematically investigate threats against JIT compiled code, and the challenges of protecting JIT compiled code. We propose a general defense solution, JITScope, to enforce Control-Flow Integrity (CFI) on both statically compiled and JIT compiled code. Our solution furthermore enforces the W⊕X policy on JIT compiled code, preventing the JIT compiled code from being overwritten by attackers. We show that our prototype implementation of JITScope on the popular Firefox web browser introduces a reasonably low performance overhead, while defeating existing real-world control flow hijacking attacks.
Keywords: Browsers; Engines; Instruments; JIT compiled code; JIT optimization technique; JITScope; Layout; Runtime; Safety; Security (ID#: 15-6727)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218424&isnumber=7218353
Lu, Zhuo; Sagduyu, Yalin E.; Li, Jason H., “Queuing the Trust: Secure Backpressure Algorithm Against Insider Threats
in Wireless Networks,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 253–261,
April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218389
Abstract: The backpressure algorithm is known to provide throughput optimality in routing and scheduling decisions for multi-hop networks with dynamic traffic. The essential assumption in the backpressure algorithm is that all nodes are benign and obey the algorithm rules governing the information exchange and underlying optimization needs. Nonetheless, such an assumption does not always hold in realistic scenarios, especially in the presence of security attacks with intent to disrupt network operations. In this paper, we propose a novel mechanism, called virtual trust queuing, to protect backpressure algorithm based routing and scheduling protocols from various insider threats. Our objective is not to design yet another trust-based routing to heuristically bargain security and performance, but to develop a generic solution with strong guarantees of attack resilience and throughput performance in the backpressure algorithm. To this end, we quantify a node's algorithm-compliance behavior over time and construct a virtual trust queue that maintains deviations from expected algorithm outcomes. We show that by jointly stabilizing the virtual trust queue and the real packet queue, the backpressure algorithm not only achieves resilience, but also sustains the throughput performance under an extensive set of security attacks.
Keywords: Algorithm design and analysis; Heuristic algorithms; Optimization; Queueing analysis; Routing; Scheduling; Throughput (ID#: 15-6728)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218389&isnumber=7218353
Cui, Helei; Yuan, Xingliang; Wang, Cong, “Harnessing Encrypted Data in Cloud for Secure and Efficient Image Sharing
from Mobile Devices,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 2659–2667,
April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218657
Abstract: In storage outsourcing, highly correlated datasets can occur commonly, where the rich information buried in correlated data can be useful for many cloud data generation/dissemination services. In light of this, we propose to enable a secure and efficient cloud-assisted image sharing architecture for mobile devices, by leveraging outsourced encrypted image datasets with privacy assurance. Different from traditional image sharing, the proposed design aims to save the transmission cost from mobile clients, by directly utilizing outsourced correlated images to reproduce the image of interest inside the cloud for immediate dissemination. While the benefits are obvious, how to leverage the encrypted image datasets makes the problem particular challenging. To tackle the problem, we first propose a secure and efficient index design that allows the mobile client to securely find from the encrypted image datasets the candidate selection pertaining to the image of interest for sharing. We then design two specialized encryption mechanisms that support the secure image reproduction inside the cloud directly from the encrypted candidate selection. We formally analyze the security strength of the design. Our experiments show that up to 90% of the transmission cost at the mobile client can be saved, while achieving all service requirements and security guarantees.
Keywords: Encryption; Feature extraction; Indexes; Mobile communication; Servers (ID#: 15-6729)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218657&isnumber=7218353
Zhang, Kuan; Liang, Xiaohui; Lu, Rongxing; Yang, Kan; Shen, Xuemin Sherman, “Exploiting Mobile Social Behaviors for Sybil Detection,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 271–279, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218391
Abstract: In this paper, we propose a Social-based Mobile Sybil Detection (SMSD) scheme to detect Sybil attackers from their abnormal contacts and pseudonym changing behaviors. Specifically, we first define four levels of Sybil attackers in mobile environments according to their attacking capabilities. We then exploit mobile users' contacts and their pseudonym changing behaviors to distinguish Sybil attackers from normal users. To alleviate the storage and computation burden of mobile users, the cloud server is introduced to store mobile user's contact information and to perform the Sybil detection. Furthermore, we utilize a ring structure associated with mobile user's contact signatures to resist the contact forgery by mobile users and cloud servers. In addition, investigating mobile user's contact distribution and social proximity, we propose a semi-supervised learning with Hidden Markov Model to detect the colluded mobile users. Security analysis demonstrates that the SMSD can resist the Sybil attackers from the defined four levels, and the extensive trace-driven simulation shows that the SMSD can detect these Sybil attackers with high accuracy.
Keywords: Aggregates; Computers; Hidden Markov models; Mobile communication; Mobile computing; Resists; Servers
(ID#: 15-6730)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218391&isnumber=7218353
Wang, Bing; Song, Wei; Lou, Wenjing; Hou, Y.Thomas, “Inverted Index Based Multi-Keyword Public-Key Searchable Encryption with Strong Privacy Guarantee,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no.,
pp. 2092–2100, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218594
Abstract: With the growing awareness of data privacy, more and more cloud users choose to encrypt their sensitive data before outsourcing them to the cloud. Search over encrypted data is therefore a critical function facilitating efficient cloud data access given the high data volume that each user has to handle nowadays. Inverted index is one of the most efficient searchable index structures and has been widely adopted in plaintext search. However, securing an inverted index and its associated search schemes is not a trivial task. A major challenge exposed from the existing efforts is the difficulty to protect user's query privacy. The challenge roots on two facts: 1) the existing solutions use a deterministic trapdoor generation function for queries; and 2) once a keyword is searched, the encrypted inverted list for this keyword is revealed to the cloud server. We denote this second property in the existing solutions as one-time-only search limitation. Additionally, conjunctive multi-keyword search, which is the most common form of query nowadays, is not supported in those works. In this paper, we propose a public-key searchable encryption scheme based on the inverted index. Our scheme preserves the high search efficiency inherited from the inverted index while lifting the one-time-only search limitation of the previous solutions. Our scheme features a probabilistic trapdoor generation algorithm and protects the search pattern. In addition, our scheme supports conjunctive multi-keyword search. Compared with the existing public key based schemes that heavily rely on expensive pairing operations, our scheme is more efficient by using only multiplications and exponentiations. To meet stronger security requirements, we strengthen our scheme with an efficient oblivious transfer protocol that hides the access pattern from the cloud. The simulation results demonstrate that our scheme is suitable for practical usage with moderate overhead.
Keywords: Encryption; Indexes; Polynomials; Privacy; Public key; Servers (ID#: 15-6731)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218594&isnumber=7218353
Salinas, Sergio; Luo, Changqing; Chen, Xuhui; Li, Pan, “Efficient Secure Outsourcing of Large-Scale Linear Systems of Equations,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 1035–1043, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218476
Abstract: Solving large-scale linear systems of equations (LSEs) is one of the most common and fundamental problems in big data. But such problems are often too expensive to solve for resource-limited users. Cloud computing has been proposed as a timely, efficient, and cost-effective way of solving such computing tasks. Nevertheless, one critical concern in cloud computing is data privacy. To be more prominent, in many cases, clients's LSEs contain private data that should remain hidden from the cloud for ethical, legal, or security reasons. Many previous works on secure outsourcing of LSEs have high computational complexity. More importantly, they share a common serious problem, i.e., a huge number of external memory I/O operations. This problem has been largely neglected in the past, but in fact is of particular importance and may eventually render those outsourcing schemes impractical. In this paper, we develop an efficient and practical secure outsourcing algorithm for solving large-scale LSEs, which has both low computational complexity and low memory I/O complexity and can protect clients' privacy well. We implement our algorithm on a real-world cloud server and a laptop. We find that the proposed algorithm offers significant time savings for the client (up to 65%) compared to previous algorithms.
Keywords: Computational complexity; Computers; Outsourcing; Privacy; Random access memory; Symmetric matrices
(ID#: 15-6732)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218476&isnumber=7218353
Yang, Lei; Peng, Pai; Dang, Fan; Wang, Cheng; Li, Xiang-Yang; Liu, Yunhao, “Anti-Counterfeiting via Federated RFID Tags' Fingerprints and Geometric Relationships,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp.1966–1974, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218580
Abstract: RFID has been widely adopted as an effective method for anti-counterfeiting. Legacy systems based on security protocol are either too heavy to be affordable by passive tags or suffering from various protocol-layer attacks, e.g. reverse engineering, cloning, side-channel. In this work, we present a novel anti-counterfeiting system, TagPrint, using COTS RFID tags and readers. Achieving a low-cost and offline genuineness validation utilizing passive tags has been a daunting task. Our system achieves these three goals by leveraging a few of federated tags' fingerprints and geometric relationships. In TagPrint, we exploit a new kind of fingerprint, called phase fingerprint, extracted from the phase value of the backscattered signal, provided by the COTS RFID readers. To further solve the separation challenge, we devise a geometric solution to validate the genuineness. We have implemented a prototype of TagPrint using COTS RFID devices. The system has been tested extensively over 6,000 tags. The results show that our new fingerprint exhibits a good fitness of uniform distribution and the system achieves a surprising Equal Error Rate of 0.1% for anti-counterfeiting.
Keywords: Antennas; Counterfeiting; Cryptography; Fingerprint recognition; Phase measurement; Radiofrequency identification; Anti-counterfeiting; Phase fingerprint; RFID; Tag-Print (ID#: 15-6733)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218580&isnumber=7218353
Niu, Jianwei; Gu, Fei; Zhou, Ruogu; Xing, Guoliang; Xiang, Wei, “VINCE: Exploiting Visible Light Sensing for Smartphone-Based NFC Systems,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 2722–2730, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218664
Abstract: This paper presents VINCE — a novel visible light sensing design for smartphone-based Near Field Communication (NFC) systems. VINCE encodes information as different brightness levels of smartphone screens, while receivers capture the light signal via light sensors. In contrast to RF technologies, the direction and distance of such a Visible Light Communication (VLC) link can be easily controlled, preserving communication privacy and security. As a result, VINCE can be used in a wide range of NFC applications such as contactless payments and device pairing. We experimentally profile the impact of screen brightness levels and refresh rates of smartphones, and then use the results to guide the design of light intensity encoding scheme of VINCE. We adopt several signal processing techniques and empirically derive a model to deal with the significant variation of received light intensity caused by noises and low screen refresh rates. To improve the communication reliability, VINCE adopts a feedback-based retransmission scheme, and dynamically adjusts the number of encoding brightness levels based on the current light channel condition. We also derive an analytical model that characterizes the relation among the distance, SNR (Signal to Noise Ratio), and BER (Bit Error Rate) of VINCE. Our design and theoretical model are validated via extensive evaluations using a hardware implementation of VINCE on Android smartphones and the Arduino platform.
Keywords: Brightness; Decoding; Encoding; Receivers; Sensors; Signal to noise ratio; (ID#: 15-6734)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218664&isnumber=7218353
Zhang, Shuo; He, Fei; Gu, Ming, “VeRV: A Temporal and Data-Concerned Verification Framework for the Vehicle Bus Systems,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 1167–1175, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218491
Abstract: As a part of the international standard IEC 61375, the multifunction vehicle bus (MVB) has been used in most of the modern train control systems. It is highly desirable to check the temporal properties of the data transmitted on the bus. However, we are not aware of any published work on this problem. We proposed VeRV, the first temporal and data-concerned verification framework for the vehicle bus systems. A domain-specific language, called VeSpec, is proposed to specify the packet formats and the desired properties. The language is expressive, modular and easy to use. Given a VeSpec script, the VeRV allows automatic generation of runtime analyzer. We have applied our technique to a real tube train system and succeeded in diagnosing a real failure in this system. The industry application illustrates the effectiveness and efficiency of our technique.
Keywords: Automata; History; Java; Monitoring; Temperature measurement; Temperature sensors; Vehicles; Vehicle bus systems; domain-specific language; online monitoring; runtime verification (ID#: 15-6735)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218491&isnumber=7218353
Niu, Ben; Li, Qinghua; Zhu, Xiaoyan; Cao, Guohong; Li, Hui, “Enhancing Privacy Through Caching in Location-Based Services,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 1017–1025, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218474
Abstract: Privacy protection is critical for Location-Based Services (LBSs). In most previous solutions, users query service data from the untrusted LBS server when needed, and discard the data immediately after use. However, the data can be cached and reused to answer future queries. This prevents some queries from being sent to the LBS server and thus improves privacy. Although a few previous works recognize the usefulness of caching for better privacy, they use caching in a pretty straightforward way, and do not show the quantitative relation between caching and privacy. In this paper, we propose a caching-based solution to protect location privacy in LBSs, and rigorously explore how much caching can be used to improve privacy. Specifically, we propose an entropy-based privacy metric which for the first time incorporates the effect of caching on privacy. Then we design two novel caching-aware dummy selection algorithms which enhance location privacy through maximizing both the privacy of the current query and the dummies' contribution to cache. Evaluations show that our algorithms provide much better privacy than previous caching-oblivious and caching-aware solutions.
Keywords: Algorithm design and analysis; Computers; Entropy; Measurement; Mobile communication; Privacy; Servers
(ID#: 15-6736)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218474&isnumber=7218353
Roos, Stefanie; Strufe, Thorsten, “On the Impossibility of Efficient Self-Stabilization in Virtual Overlays with Churn,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 298–306, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218394
Abstract: Virtual overlays generate topologies for greedy routing, like rings or hypercubes, on connectivity restricted networks. They have been proposed to achieve efficient content discovery in the Darknet mode of Freenet, for instance, which provides a private and secure communication platform for dissidents and whistle-blowers. Virtual overlays create tunnels between nodes with neighboring addresses in the topology. The routing performance hence is directly related to the length of the tunnels, which have to be set up and maintained at the cost of communication overhead in the absence of an underlying routing protocol. In this paper, we show the impossibility to efficiently maintain sufficiently short tunnels. Specifically, we prove that in a dynamic network either the maintenance or the routing eventually exceeds polylog cost in the number of participants. Our simulations additionally show that the length of the tunnels increases fast if standard maintenance protocols are applied. Thus, we show that virtual overlays can only offer efficient routing at the price of high maintenance costs.
Keywords: Maintenance engineering; Network topology; Random processes; Random variables; Routing; Topology; Zinc
(ID#: 15-6737)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7218394&isnumber=7218353
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.
International Conferences: Incident Management and Forensics (IMF), Germany, 2015
|
International Conferences: Incident Management and Forensics (IMF) Germany, 2015 |
The 2015 Ninth International Conference on IT Security Incident Management & IT Forensics (IMF) was held 18-20 May 2015 at Magdeburg, Germany. Papers were presented on forensics, recent trends, memory and file system analysis, database aspects, detection of encrypted content, and response challenges in automated incident handling, mobile payment frauds, and evidence modeling.
Lösche, Ulf; Morgenstern, Maik; Pilz, Hendrik, “Platform Independent Malware Analysis Framework,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 109-113, 18-20 May 2015. doi:10.1109/IMF.2015.21
Abstract: Over the past years malicious software has evolved to a persistent threat on all major computer platforms. Due to the high number of new threats which are released every day security researchers have developed automatic systems to analyze and classify unknown pieces of software. While these techniques are technically mature on the Windows platform they still have to be improved on many other platforms such as Linux and Mac OS X. As the process of malware analysis is very similar on all platforms we have developed a platform independent framework to easily implement malware analysis on a new platform. This paper will cover our experience with malware analysis and we will show our generic approach, which can be applied on any platform.
Keywords: Androids; Humanoid robots; Linux; Malware; Monitoring; Operating systems; Virtual machine monitors; Android; Dynamic analysis; Forensic; Linux; Mac OS X; Malware analysis; Platform independent; Sandbox; Virtualization; Windows
(ID#: 15-6738)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195811&isnumber=7195793
Thurner, Simon; Grun, Marcel; Schmitt, Sven; Baier, Harald, “Improving the Detection of Encrypted Data on Storage Devices,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 26-39, 18-20 May 2015. doi:10.1109/IMF.2015.12
Abstract: The detection of persistently stored encrypted data plays an increasingly important role in digital forensics. This is especially true during live analysis of IT systems, when the encrypted data structures are temporarily decrypted in main memory and thus can be accessed as plaintext. One method commonly used to detect the presence of encrypted data on a storage device is the calculation of entropy. However, this method has a significant drawback: both random and compressed data have a very similar entropy compared to encrypted data, which yields a high false positive rate. That is why entropy is not very suitable to differentiate between these types of data. In this work we suggest both a workflow for detection of encrypted data structures on a storage device and an improved classification algorithm. The classification part of the workflow is based on statistical tests. For convenience of the investigator an important goal is to minimize the number of falsely classified unencrypted data structures (e.g. compressed data is classified as encrypted data). Our approach to achieve this goal is to combine different statistical tests. As a practical proof of concept we provide and evaluate a tool for automated analysis of storage devices that implements a multitude of statistical tests for improved detection of encrypted data, compared to both the application of only one such test and the calculation of entropy. More precisely our tool is able to reliably distinguish high-entropy file formats (i.e. DOCX, JPG, PDF, ZIP) from encrypted files (i.e. a truecrypt container).
Keywords: Ciphers; Data structures; Encryption; Entropy; Generators; Reliability; digital forensics; encryption detection; entropy; statistical tests (ID#: 15-6739)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195804&isnumber=7195793
Schiefer, Michael, “Smart Home Definition and Security Threats,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 114-118, 18-20 May 2015. doi:10.1109/IMF.2015.17
Abstract: The home of the future should be a smart one, to support us in our daily life. Up to now only a few security incidents in that area are known. Depending on different security analyses, this fact is rather a result of the low spread of Smart Home products than the success of such systems security. Given that Smart Homes become more and more popular, we will consider current incidents and analyses to estimate potential security threats in the future. The definitions of a Smart Home drift widely apart. Thus we first need to define Smart Home for ourselves and additionally provide a way to categorize the big mass of products into smaller groups.
Keywords: Cameras; Heating; Internet; Monitoring; Security; Smart homes; Web pages; internet of things; security threats; smart home (ID#: 15-6740)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195812&isnumber=7195793
Ossenbühl, Sven; Steinberger, Jessica; Baier, Harald, “Towards Automated Incident Handling: How to Select an Appropriate Response against a Network-Based Attack?,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 51-67, 18-20 May 2015. doi:10.1109/IMF.2015.13
Abstract: The increasing amount of network-based attacks evolved to one of the top concerns responsible for network infrastructure and service outages. In order to counteract these threats, computer networks are monitored to detect malicious traffic and initiate suitable reactions. However, initiating a suitable reaction is a process of selecting an appropriate response related to the identified network-based attack. The process of selecting a response requires taking into account the economics of an reaction e.g., risks and benefits. The literature describes several response selection models, but they are not widely adopted. In addition, these models and their evaluation are often not reproducible due to closed testing data. In this paper, we introduce a new response selection model, called REASSESS, that allows to mitigate network-based attacks by incorporating an intuitive response selection process that evaluates negative and positive impacts associated with each countermeasure. We compare REASSESS with the response selection models of IE-IRS, ADEPTS, CS-IRS, and TVA and show that REASSESS is able to select the most appropriate response to an attack in consideration of the positive and negative impacts and thus reduces the effects caused by an network-based attack. Further, we show that REASSESS is aligned to the NIST incident life cycle. We expect REASSESS to help organizations to select the most appropriate response measure against a detected network-based attack, and hence contribute to mitigate them.
Keywords: Adaptation models; Biological system modeling; Delays; Internet; NIST; Network topology; Security; automatic mitigation; cyber security; intrusion response systems; network security (ID#: 15-6741)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195806&isnumber=7195793
Kier, Christof; Madlmayr, Gerald; Nawratil, Alexander; Schafferer, Michael; Schanes, Christian; Grechenig, Thomas, “Mobile Payment Fraud: A Practical View on the Technical Architecture and Starting Points for Forensic Analysis of New Attack Scenarios,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 68-76, 18-20 May 2015. doi:10.1109/IMF.2015.14
Abstract: As payment cards and mobile devices are equipped with Near Field Communication (NFC) technology, electronic payment transactions at physical Point of Sale (POS) environments are changing. Payment transactions do not require the customer to insert their card into a slot of the payment terminal. The customer is able to simply swipe the payment card or mobile phone in front of a dedicated zone of the terminal to initiate a payment transaction. Secure Elements (SEs) in mobile phones and payment cards with NFC should keep sensitive application data in a safe place to protect it from abuse by attackers. Although hardware and the operating system of such a chip has to go through an intensive process of security testing, the current integration of such a chip in mobile phones easily allows attackers to access the information stored. In the following paper we present the implementation of two different proof-of-concept attacks. Out of the analysis of the attack scenarios, we propose various starting points for the forensic analysis in order to detect such fraudulent transactions. The presented concept should lead to fewer fraudulent transactions as well as protected evidence in case of fraud.
Keywords: Credit cards; Google; ISO Standards; Relays; Security; Smart phones; EMV Payment; Mobile Payment; NFC Transaction; Payment Fraud (ID#: 15-6742)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195807&isnumber=7195793
Bellin, Knut; Creutzburg, Reiner, “Conception of a Master Course for IT and Media Forensics Part II: Android Forensics,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 96-105, 18-20 May 2015. doi:10.1109/IMF.2015.19
Abstract: The growth of Android in the mobile sector and the interest to investigate these devices from a forensic point of view has rapidly increased. Many companies have security problems with mobile devices in their own IT infrastructure. To respond to these incidents, it is important to have professional trained staff. Furthermore, it is necessary to further train their existing employees in the practical applications of mobile forensics owing to the fact that a lot of companies are trusted with very sensitive data. Inspired by these facts, this paper addresses training approaches and practical exercises to investigate Android mobile devices.
Keywords: Androids; Forensics; Humanoid robots; Mobile communication; Oxygen; Smart phones; mobile forensics training education Android small scale digital device (ID#: 15-6743)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195810&isnumber=7195793
Kiltz, Stefan; Dittmann, Jana; Vielhauer, Claus, “Supporting Forensic Design — A Course Profile to Teach Forensics,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 85-95, 18-20 May 2015. doi:10.1109/IMF.2015.16
Abstract: There is a growing demand for experts with a dedicated knowledge of forensics, especially in the domain of digital and digitised forensics, besides a general shortage of teaching of digital forensics. Further, there is prominent lack of standardisation in designing a curriculum [18]. We address this by offering the profile ForensikDesign@Informatik [23] to the bachelor's degree at university level. By teaching digital and digitised forensics, we propose a model-based approach combining the practitioners and the computer scientist's view [19], also to address the standardisation issue. We identify three main application areas: teaching conventional digital forensic examinations using existing tools and methods following the model-based approach, the design of new forensic tools and methods and the system design to achieve a desired degree of forensic readiness in the conflict field of a degree of anonymity. The last two application areas, we believe, also justify teaching at university level. We set an international focus, and highlight the science part of forensic sciences. Selected law aspects are addressed both for motivational and comparative purposes. We implement different teaching strategies and provide dedicated resources (technical, organisational and personnel). Finally, we outline the two options for the profile ForensikDesign@Informatik, depending on the effort of commitment by the students.
Keywords: Computational modeling; Data models; Digital forensics; Documentation; Education; Security; Existing and planned teaching programs with goals and concepts; basic and emerging trends to provide education; from theory to practical approaches (ID#: 15-6744)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195809&isnumber=7195793
Ramisch, Felix; Rieger, Martin, “Recovery of SQLite Data Using Expired Indexes,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 19-25, 18-20 May 2015. doi:10.1109/IMF.2015.11
Abstract: SQLite databases have tremendous forensic potential. In addition to active data, expired data remain in the database file, if the option secure delete is not applied. Tests of available forensic tools show, that the indexes were not considered, although they may complete the recovery of the table structures. Algorithms for their recovery and combination with each other or with table data are worked out. A new tool, SQLite Index Recovery, was developed for this study. The use with test data and data of Apple Mail shows, that the recovery of indexes is possible and enriches the recovery of ordinary table data.
Keywords: File systems; Forensics; Indexes; Metadata; Oxygen; Postal services; Apple Mail; SQLite; database; expired data; forensic tool; free block; index recovery (ID#: 15-6745)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195803&isnumber=7195793
Gruhn, Michael, “Windows NT pagefile.sys Virtual Memory Analysis,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 3-18, 18-20 May 2015. doi:10.1109/IMF.2015.10
Abstract: As hard disk encryption, RAM disks, persistent data avoidance technology and memory resident malware become more widespread, memory analysis becomes more important. In order to provide more virtual memory than is actually physical present on a system, an operating system may transfer frames of memory to a page file on persistent storage. Current memory analysis software does not incorporate such page files and thus misses important information. We therefore present a detailed analysis of Windows NT paging. We use dynamic gray-box analysis, in which we place known data into virtual memory and examine where it is mapped to, in either the physical memory or the page file, and cross-reference these findings with the Windows NT Research Kernel source code. We demonstrate how to decode the non-present page table entries, and accurately reconstruct the complete virtual memory space, including non-present memory pages on Windows NT systems using 32-bit, PAE or IA32e paging. Our analysis approach can be used to analyze other operating systems as well.
Keywords: Forensics; Hardware; Kernel; Random access memory; Resource management; Digital Forensics; Pagefile Analysis; Virtual Memory Analysis; Windows NT Paging (ID#: 15-6746)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195802&isnumber=7195793
Dewald, Andreas, “Characteristic Evidence, Counter Evidence and Reconstruction Problems in Forensic Computing,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 77-82, 18-20 May 2015. doi:10.1109/IMF.2015.15
Abstract: Historically, forensic computing (as digital forensics) developed pragmatically, driven by specific technical needs. Indeed, in comparison with other forensic sciences the field still is rather immature and has many deficits, such as the unclear terminology used in court. In this paper, we introduce notions of (digital) evidence, characteristic evidence, and (characteristic) counter evidence, as well as the definitions of two fundamental forensic reconstruction problems. We show the relation of the observability of the different types of evidence to the solvability of those problems. By doing this, we wish to exemplify the usefulness of formalization in the establishment of a precise terminology. While this will not replace all terminological shortcomings, it (1) may provide the basis for a better understanding between experts, and (2) helps to understand the significance of different types of digital evidence to answer questions in an investigation.
Keywords: Computational modeling; Computers; Digital forensics; Electronic mail; Hard disks; Radiation detectors; characteristic evidence; counter evidence; digital forensics; evidence; reconstruction; terminology (ID#: 15-6747)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195808&isnumber=7195793
Freiling, Felix; Gruhn, Michael, “What is Essential Data in Digital Forensic Analysis?,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 40-48, 18-20 May 2015. doi:10.1109/IMF.2015.20
Abstract: In his seminal work on file system forensic analysis, Carrier defined the notion of essential data as "those that are needed to save and retrieve files." He argues that essential data is therefore more trustworthy since it has to be correct in order for the user to use the file system. In many practical settings, however, it is unclear whether a specific piece of data is essential because either file system specifications are ambiguous or the importance of a specific data field depends on the operating system that processes the file system data. We therefore revisit Carrier's definition and show that there are two types of essential data: strong and weak. While strongly essential corresponds to Carrier's definition, weakly essential refers to application specific interpretations. We empirically show the amount of strongly and weakly essential data in DOS/MBR and GPT partition systems, thereby complementing and extending Carrier's findings.
Keywords: Computers; Data structures; Digital forensics; Metadata; Operating systems; Standards; file system; forensic investigations; operating systems (ID#: 15-6748)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195805&isnumber=7195793
Merkel, Ronny, “Latent Fingerprint Aging from a Hyperspectral Perspective: First Qualitative Degradation Studies Using UV/VIS Spectroscopy,” in IT Security Incident Management & IT Forensics (IMF), 2015 Ninth International Conference on, vol., no., pp. 121-135, 18-20 May 2015. doi:10.1109/IMF.2015.18
Abstract: Latent print age estimation is an important topic in the emerging field of digitized crime scene forensics. While several capturing devices have recently been studied towards this goal, hyperspectral imaging in the UV/VIS (ultraviolet and visible light) range of the electromagnetic spectrum has not been investigated so far. Addressing this research gap, a first qualitative evaluation on the aging behavior of 30 latent print time series from 6 different donors is conducted, utilizing an optical reflection spectrometer. Results show more unpredictable aging tendencies in the ultraviolet spectral range, whereas a general logarithmic trend from prior work (using non-spectral capturing devices) is confirmed for the visible light band. Furthermore, a different behavior of eccrine and sebaceous print components is found, especially in the ultraviolet band, where sebaceous components seem to become reflective to the emitted radiation and might furthermore be utilized for studying longer aging periods in contrast to eccrine prints. Overall, the combined degradation information of the ultraviolet and the visible light band seem to provide the most reliable results for measuring a reproducible aging trend, serving as a potential opportunity to address the strong influence of different sweat compositions on the aging behavior of latent prints.
Keywords: Aging; Degradation; Estimation; Fingerprint recognition; Hyperspectral imaging; Lipidomics; Optical surface waves; UV/VIS spectroscopy; age estimation; digitized crime scene forensics; eccrine vs. sebaceous; hyperspectral imaging; latent fingerprints (ID#: 15-6749)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7195813&isnumber=7195793
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.
International Conferences: NSysS 2015, Bangladesh
|
International Conferences: NSysS 2015, Bangladesh |
The 2015 International Conference on Networking Systems and Security (NSysS) was held in Dhaka, Bangladesh on 5-7 January 2015. Research papers on computer networks, networking systems, and security were presented. The cited works are the ones most related to Science of Security.
Ahmed, Shamir; Rizvi, A.S.M.; Mansur, Rifat Sabbir; Amin, Md. Rafatul; Islam, A.B.M. Alim Al, “User Identification Through Usage Analysis of Electronic Devices,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp.1-6, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7043518
Abstract: Different aspects of usage of electronic devices significantly vary person to person, and therefore, rigorous usage analysis exhibits its prospect in identifying a user in road to secure the devices. Different state-of-the-art approaches have investigated different aspects of the usage, such as typing speed and dwelling time, in isolation for identifying a user. However, investigation of multiple aspects of the usage in combination is yet to be focused in the literature. Therefore, this paper, we investigate multiple aspects of usage in combination to identify a user. We perform the investigation over real users through letting them interact with an Android application, which we develop specifically for the investigation. Our investigation reveals a key finding considering multiple aspects of usage in combination provides improved performance in identifying a user. We get this improved performance up to a certain number of aspects of usage being considered in the identification task.
Keywords: Android (operating system); authorisation; graphical user interfaces; Android application; device security; dwelling time; electronic device usage analysis; performance improvement; typing speed; user identification task; Clustering algorithms; Measurement; Mobile handsets; Presses; Pressing; Security; Standards (ID#: 15-6501)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7043518&isnumber=7042935
Akter, M.; Rahman, M.O.; Islam, M.N.; Habib, M.A., “Incremental Clustering-Based Object Tracking in Wireless Sensor Networks,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp.1-6, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7043534
Abstract: Emerging significance of moving object tracking has been actively pursued in the Wireless Sensor Network (WSN) community for the past decade. As a consequence, a number of methods from different angle of assessment have been developed while relatively satisfying performance. Amongst those, clustering based object tracking has shown significant results, which in term provides the network to be scalable and energy efficient for large-scale WSNs. As of now, static cluster based object tracking is the most common approach for large-scale WSN. However, as static clusters are restricted to share information globally, tracking can be lost at the boundary region of static clusters. In this paper, an Incremental Clustering Algorithm is proposed in conjunction with Static Clustering Technique to track an object consistently throughout the network solving boundary problem. The proposed research follows a Gaussian Adaptive Resonance Theory (GART) based Incremental Clustering that creates and updates clusters incrementally to incorporate incessant motion pattern without defiling the previously learned clusters. The objective of this research is to continue tracking at the boundary region in an energy-efficient way as well as to ensure robust and consistent object tracking throughout the network. The network lifetime performance metric has shown significant improvements for Incremental Static Clustering at the boundary regions than that of existing clustering techniques.
Keywords: object tracking; wireless sensor networks; GART based incremental clustering; Gaussian adaptive resonance theory; WSN; clustering based object tracking; incremental clustering algorithm; incremental clustering-based object tracking; static clustering technique; wireless sensor networks; Algorithm design and analysis; Clustering algorithms; Energy efficiency; Heuristic algorithms; Object tracking; Wireless sensor networks; Adaptive Resonance Theory; Energy-efficiency; Incremental Clustering; Object Tracking; Wireless Sensor Networks (WSN) (ID#: 15-6502)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7043534&isnumber=7042935
Al Islam, A.B.M.A.; Hyder, C.S.; Zubaer, K.H., “Digging the Innate Reliability of Wireless Networked Systems,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-10, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7042946
Abstract: Network reliability of wireless networks exhibits a prominent impact in successful advancement of the networking paradigm. A complete understanding of the network reliability demands its in-depth analysis, which is yet to be attempted in the literature. Therefore, we present a comprehensive study on the network reliability in this paper. Our step-by-step stochastic study, from node-level to network-level reliability, reveals a novel finding: the network reliability of a wireless network follows the Gaussian distribution in general. We validate the finding through exhaustive numerical simulation and ns-2 simulation.
Keywords: Gaussian distribution; numerical analysis; radio networks; stochastic processes; telecommunication network reliability; Gaussian distribution; network reliability; ns-2 simulation; numerical simulation; stochastic study; wireless networked systems; wireless networks; Ad hoc networks; Batteries; Numerical simulation; Reliability; Shape; Weibull distribution; Wireless networks (ID#: 15-6503)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7042946&isnumber=7042935
Khan, F.H.; Ali, M.E.; Dev, H., “A Hierarchical Approach for Identifying User Activity Patterns from Mobile Phone Call Detail Records,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-6, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7043535
Abstract: With the increasing use of mobile devices, now it is possible to collect different data about the day-to-day activities of personal life of the user. Call Detail Record (CDR) is the available dataset at large-scale, as they are already constantly collected by the mobile operator mostly for billing purpose. By examining this data it is possible to analyze the activities of the people in urban areas and discover the human behavioral patterns of their daily life. These datasets can be used for many applications that vary from urban and transportation planning to predictive analytics of human behavior. In our research work, we have proposed a hierarchical analytical model where this CDR Dataset is used to find facts on the daily life activities of urban users in multiple layers. In our model, only the raw CDR data are used as the input in the initial layer and the outputs from each consecutive layer is used as new input combined with the original CDR data in the next layers to find more detailed facts, e.g., traffic density in different areas in working days and holidays. So, the output in each layer is dependent on the results of the previous layers. This model utilized the CDR Dataset of one month collected from the Dhaka city, which is one of the most densely populated cities of the world. So, our main focus of this research work is to explore the usability of these types of dataset for innovative applications, such as urban planning, traffic monitoring and prediction, in a fashion more appropriate for densely populated areas of developing countries.
Keywords: mobile handsets; telecommunication network planning; Dhaka city; mobile devices; mobile operator; mobile phone call detail records; traffic monitoring; transportation planning; urban planning; Analytical models; Cities and towns; Data models; Employment; Mobile handsets; Poles and towers; Transportation (ID#: 15-6504)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7043535&isnumber=7042935
Ferdous, S.M.; Rahman, M.S., “A Metaheuristic Approach for Application Partitioning in Mobile System,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-6, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7043520
Abstract: Mobile devices such as smartphones are extremely popular now. In spite of their huge popularity, the computational ability of mobile devices is still low. Computational offloading is a way to transfer some of the heavy computational tasks to server(cloud) so that the efficiency and usability of the system increases. In this paper, we have developed a metaheuristic approach for application partitioning to maximize throughput and performance. Preliminary experiment suggest that our approach is better than the traditional all cloud and all mobile approach.
Keywords: cloud computing; mobile computing; optimisation; smart phones; application partitioning; computational offloading; computational tasks transfer; metaheuristic approach; mobile devices; mobile system; performance maximization; smartphones; throughput maximization; Computers; Mobile communication; Mobile computing; Mobile handsets; Partitioning algorithms; Servers; Throughput (ID#: 15-6505)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7043520&isnumber=7042935
Zohra, F.T.; Rahman, A., “Mathematical Analysis of Self-Pruning and a New Dynamic Probabilistic Broadcast for MANETs,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp.1-9, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7042947
Abstract: Self-pruning broadcasting algorithm exploits neighbor knowledge to reduce redundant retransmissions in mobile ad hoc wireless networks (MANETs). Although in self-pruning, only a subset of nodes forward the message based on certain forwarding rule, it belongs to one of the reliable broadcasting algorithm category where a broadcast message is guaranteed (at least algorithmically) to reach all the nodes in the network. In this paper, we develop an analytical model to determine expected number of forwarding nodes required to complete a broadcast in self-pruning algorithm. The derived expression is a function of various network parameters (such as, network density and distance between nodes) and radio transceiver parameters (such as transmission range). Moreover, the developed mathematical expression provides us a better understanding of the highly complex packet forwarding pattern of self-pruning algorithm and valuable insight to design a new broadcasting heuristic. The proposed new heuristic is a dynamic probabilistic broadcast where rebroadcast probability of each node is dynamically determined from a developed mathematical expression. Extensive simulation experiments have been conducted to validate the accuracy of the analytical model, as well as, to evaluate the efficiency of the proposed heuristic. Performance analysis shows that the proposed heuristic outperforms the static probabilistic broadcasting algorithm and an existing solution proposed by Bahadili.
Keywords: electronic messaging; mobile ad hoc networks; probability; radio transceivers; redundancy; telecommunication network reliability; MANET; complex packet forwarding pattern; dynamic probabilistic broadcasting algorithm; mathematical expression analysis; message forwarding; mobile ad hoc wireless network; radio transceiver parameter; rebroadcast probability; self-pruning broadcasting algorithm reliability; static probabilistic broadcasting algorithm; Ad hoc networks; Broadcasting; Equations; Heuristic algorithms; Mathematical model; Probabilistic logic; Protocols (ID#: 15-6506)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7042947&isnumber=7042935
Ahmad, S.; Alam, K.M.R.; Rahman, H.; Tamura, S., “A Comparison Between Symmetric and Asymmetric Key Encryption Algorithm Based Decryption Mixnets,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-5, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7043532
Abstract: This paper presents a comparison between symmetric and asymmetric key encryption algorithm based decryption mixnets through simulation. Mix-servers involved in a decryption mixnet receive independently and repeatedly encrypted messages as their input, then successively decrypt and shuffle them to generate a new altered output from which finally the messages are regained. Thus mixnets confirm unlinkability and anonymity between senders and the receiver of messages. Both symmetric (e.g. onetime pad, AES) and asymmetric (e.g. RSA and ElGamal cryptosystems) key encryption algorithms can be exploited to accomplish decryption mixnets. This paper evaluates both symmetric (e.g. ESEBM: enhanced symmetric key encryption based mixnet) and asymmetric (e.g. RSA and ElGamal based) key encryption algorithm based decryption mixnets. Here they are evaluated based on several criteria such as: the number of messages traversing through the mixnet, the number of mix-servers involved in the mixnet and the key length of the underlying cryptosystem. Finally mixnets are compared on the basis of the computation time requirement for the above mentioned criteria while sending messages anonymously.
Keywords: electronic messaging; message authentication; public key cryptography; AES; ElGamal based decryption mixnet; RSA based decryption mixnet; asymmetric key encryption algorithm based decryption mixnet; message encryption; message sending; onetime pad; symmetric key encryption algorithm based decryption mixnet; Algorithm design and analysis; Encryption; Generators; Public key; Receivers; Servers; Anonymity; ElGamal; Mixnet; Privacy; Protocol; RSA; Symmetric key encryption algorithm (ID#: 15-6507)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7043532&isnumber=7042935
Sayeed, S.D.; Hasan, M.S.; Rahman, M.S., “Measuring Topological Robustness of Scale-Free Networks Using Biconnected Components,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-6, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7042945
Abstract: Models of complex networks are dependent on various properties of networks like connectivity, accessibility, efficiency, robustness, degree distribution etc. Network robustness is a parameter that reflects attack tolerance of a network in terms of connectivity. In this paper we have tried to measure the robustness of a network in such a way that gives a better idea of both stability and reliability of a network. In some previous works, the existence of a giant connected component is considered as an indicator of structural robustness of the entire system. In this paper we show that the size of a largest biconnected component can be a better parameter for measurement of robustness of a complex network. Our experimental study exhibits that scale-free networks are more vulnerable to sustained targeted attacks and more resilient to random failures.
Keywords: complex networks; network theory (graphs); random processes; reliability; stability; biconnected component; complex networks; giant connected component; network robustness measure; random failures; reliability; scale-free networks; stability; structural robustness; topological robustness measure; Artificial neural networks; Bridges; Complex networks; Graph theory; Robustness; Size measurement (ID#: 15-6508)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7042945&isnumber=7042935
Nur, F.N.; Sharmin, S.; Razzaque, M.A.; Islam, M.S., “A Duty Cycle Directional MAC Protocol for Wireless Sensor Networks,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-9, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7042950
Abstract: The directional transmission and reception of data packets in sensor networks minimize the interference and thereby increase the network throughput, and thus the Directional Sensor Networks (DSN) are getting popularity. However, the use of directional antenna has introduced new problems in designing the medium access control (MAC) protocol in DSNs including the synchonizaiton of antenna direction of a pair of sender-receiver. In this paper, we have developed a duty cycle MAC protocol for DSNs, namely DCD-MAC, that synchronizes each pair of parent-child nodes and schedules their transmissions in such a way that transmission from child nodes minimizes the collision and the nodes are awake only when they have transmission-reception activities. The proposed DCD-MAC is fully distributed and it exploits only localized information to ensure weighted share of the transmission slots among the child nodes. We perform extensive simulations to study the performances of DCD-MAC and the results show that our protocol outperforms a state-of-the-art directional MAC protocol in terms of throughput and network lifetime.
Keywords: access protocols; directive antennas; radiofrequency interference; wireless sensor networks; MAC protocol; directional antenna; directional sensor networks; directional transmission; interference; medium access control protocol; Data transfer; Directional antennas; Media Access Protocol; Resource management; Synchronization; Wireless sensor networks (ID#: 15-6509)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7042950&isnumber=7042935
Sadat, N.; Mohiuddin, M.T.; Uddin, Y.S., “On Bounded Message Replication in Delay Tolerant Networks,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-10, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7042952
Abstract: Delay tolerant networks (DTN), are wireless networks in which at any given time instance, the probability that there is an end-to-end path from a source to a destination is low. So, the conventional solutions do not generally work in DTNs because they assume that the network is stable most of the time and failures of links between nodes are infrequent. Therefore, store-carry-and-forward paradigm is used in routing of messages in DTNs. To deal with DTNs, researchers have suggested to use flooding-based routing schemes. While flooding-based schemes have a high probability of delivery, they waste a lot of energy and suffer from severe contention, which can significantly degrade their performance. For this reason, a family of multi-copy protocols called Spray routing, was proposed which can achieve both good delays and low transmissions. Spray routing algorithms generate only a small, carefully chosen number of copies to ensure that the total number of transmissions is small and controlled. Spray and Wait sprays a number of copies into the network, and then waits till one of these nodes meets the destination. In this paper, we propose a set of spraying heuristics that dictates how replicas are shared among nodes. These heuristics are based on delivery probabilities derived from contact histories.
Keywords: delay tolerant networks; electronic messaging; probability; radio links; radio networks; routing protocols; telecommunication network reliability; DTN spraying heuristics; bounded message replication; delay tolerant network link failure; flooding-based routing scheme; multicopy protocol; spray routing protocol; store carry and forward paradigm; wireless network probability; Binary trees; Delays; History; Probabilistic logic; Routing; Routing protocols; Spraying; Delay tolerant network; Spray and Wait; routing protocol (ID#: 15-6510)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7042952&isnumber=7042935
Zaman, M.; Siddiqui, T.; Amin, M.R.; Hossain, M.S., “Malware Detection in Android by Network Traffic Analysis,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-5, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7043530
Abstract: A common behavior of mobile malware is transferring sensitive information of the cell phone user to malicious remote servers. In this paper, we describe and demonstrate in full detail, a method for detecting malware based on this behavior. For this, we first create an App-URL table that logs all attempts made by all applications to communicate with remote servers. Each entry in this log preserves the application id and the URI that the application contacted. From this log, with the help of a reliable and comprehensive domain blacklist, we can detect rogue applications that communicate with malicious domains. We further propose a behavioral analysis method using syscall tracing. Our work can be integrated with be behavioral analysis to build an intelligent malware detection model.
Keywords: Android (operating system); invasive software; mobile computing; program diagnostics; telecommunication traffic; App-URL table; URI; behavioral analysis method; cell phone user; domain blacklist; intelligent malware detection model; malicious remote servers; mobile malware detection; sensitive information transfer; syscall tracing; Androids; Humanoid robots; Malware; Mobile communication; Ports (Computers); Servers; Uniform resource locators; ADB; Android; Busybox; malware detection; netstat; pcap (ID#: 15-6511)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7043530&isnumber=7042935
Tanjeem, F.; Uddin, M.Y.S.; Rahman, A.K.M.A., “Wireless Media Access Depending on Packet Size Distribution over Error-Prone Channels,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-7, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7043519
Abstract: Ad Hoc Network is a decentralized type of network where wireless devices are allowed to discover each other and communicate in peer to peer fashion without involving central access points. In most ad hoc networks, nodes compete for access to shared wireless medium, often resulting in collision (interference). IEEE 802.11, a well-known standard, uses medium access control (MAC) protocol to support delivery of radio data packets for both ad hoc networks and infrastructure based network. But designing a Medium Access Control (MAC) protocol for ad hoc wireless networks is challenging, particularly when the protocol needs to achieve optimal performance both in terms of throughput and efficiency to deliver a packet. Error-prone channel has a significant impact on unsuccessful transmission probability which is often ignored by previous researches. Standard DCF (Distributed Coordination Function) operation of IEEE 802.11 enacted by binary exponential back-off (BEB) algorithm cannot differentiate collision from corruption and therefore sets forth a (time) separation between multiple nodes accessing the channel by (appropriately) adjusting contention window (CW) upon a failure. This leads to increased delay in error-prone network when nodes are not contending at all. Since packet corruption depends on bit error rate (BER) and length of packets, packet size can have significant impact on the throughput in error-prone environment. In this paper, we analyze effect of packet size in determining optimal CW to improve throughput and efficiency for error-prone networks. We propose a dynamic learning based scheme to adaptively select CW sub-range instead of whole selection range for different packet distribution. To validate our scheme extensive simulations have been done and simulation results show significant improvement in E2E delay performance.
Keywords: access protocols; ad hoc networks; error statistics; peer-to-peer computing; telecommunication congestion control; wireless LAN; wireless channels; BEB algorithm; BER; CW; DCF operation; E2E delay performance; IEEE 802.11 standard; MAC protocol; ad hoc network collision; binary exponential back-off algorithm; bit error rate; contention window; distributed coordination function; dynamic learning; error-prone channel; medium access control protocol; packet size distribution; peer to peer communication; radio data packet delivery; unsuccessful transmission probability; wireless device; wireless media access; Ad hoc networks; Delays; IEEE 802.11 Standards; Network topology; Protocols; Throughput; Wireless communication (ID#: 15-6512)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7043519&isnumber=7042935
Yanhaona, M.N.; Prodhan, A.T.; Grimshaw, A.S., “An Agent-Based Distributed Monitoring Framework” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-10, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7043515
Abstract: In compute clusters, monitoring of infrastructure and application components is essential for performance assessment, failure detection, problem forecasting, better resource allocation, and several other reasons. Present day trends towards larger and more heterogeneous clusters, rise of virtual data-centers, and greater variability of usage suggest that we have to rethink how we do monitoring. We need solutions that will remain scalable in the face of unforeseen expansions, can work in a wide-range of environments, and be adaptable to changes of requirements. We have developed an agent-based framework for constructing such monitoring solutions. Our framework deals with all scalability and flexibility issues associated with monitoring and leaves only the use-case specific task of data generation to the specific solution. This separation of concerns provides a versatile design that enables a single monitoring solution to work in a range of environments; and, at the same time, enables a range of monitoring solutions exhibiting different behaviors to be constructed by varying the tunable parameters of the framework. This paper presents the design, implementation, and evaluation of our novel framework.
Keywords: computer centres; distributed processing; multi-agent systems; pattern clustering; system monitoring; agent-based distributed monitoring framework; application components; data generation; failure detection; heterogeneous clusters; infrastructure monitoring; performance assessment; problem forecasting; resource allocation; virtual data-centers; Fault tolerance; Heart beat; Monitoring; Quality of service; Receivers; Routing; Scalability; autonomous systems; cluster monitoring; distributed systems; flexibility; scalability (ID#: 15-6513)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7043515&isnumber=7042935
Kabir, K.S.; Ahmad, I.; Al Amin, A.; Zaber, M.; Choudhury, T.; Talukder, B.M.S.B.; Al Islam, A.B.M.A., “Q-Nerve: Propagating Signal of a Damaged Nerve Using Quantum Networking,” in Networking Systems and Security (NSysS), 2015 International Conference on, vol., no., pp. 1-10, 5-7 Jan. 2015. doi:10.1109/NSysS.2015.7042944
Abstract: Aiding paralyzed people through using technology to transmit signals from brain to paralized part of a body has been a matter of great interest in recent times. Classical approaches in this regard still experience several limitations and sometimes become hazardous to living bodies. Besides, existing literature points out that there are many nerve signals that are not amenable to the classical approaches, however, can be amenable to quantum approaches. By addressing these two points, we propose a new system to propagate signal of a damaged nerve using quantum networking. We name our proposed system Q-Nerve. Q-Nerve exploits quantum network based artificial connection between brain and other organs to bypass a damaged nerve. Subsequently, we propose a more sophisticated version of Q-Nerve that aims to exploiting a synergy between the ability of quantum computing to accumulate neural signal and the ability of quantum networking to pass the signal instantaneously. Further, we extend the proposed system for other brain and nerve related problems that require numerous logical computations.
Keywords: medical signal detection; medical signal processing; neurophysiology; quantum computing; artificial brain-organ connection; brain-related problems; damaged nerve signal propagation; instant signal transmission; nerve signals; nerve-related problems; neural signal accumulation; paralyzed people; quantum approaches; quantum computing ability; quantum network exploitation; quantum networking; sophisticated Q-Nerve version; Measurement by laser beam; Photonics; Quantum computing; Quantum entanglement; Receivers; Surface emitting lasers (ID#: 15-6514)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7042944&isnumber=7042935
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.