Visible to the public Biblio

Filters: Keyword is Plugs  [Clear All Filters]
2020-07-20
Urien, Pascal.  2019.  Designing Attacks Against Automotive Control Area Network Bus and Electronic Control Units. 2019 16th IEEE Annual Consumer Communications Networking Conference (CCNC). :1–4.
Security is a critical issue for new car generation targeting intelligent transportation systems (ITS), involving autonomous and connected vehicles. In this work we designed a low cost CAN probe and defined analysis tools in order to build attack scenarios. We reuse some threats identified by a previous work. Future researches will address new security protocols.
2018-04-02
Baldimtsi, F., Camenisch, J., Dubovitskaya, M., Lysyanskaya, A., Reyzin, L., Samelin, K., Yakoubov, S..  2017.  Accumulators with Applications to Anonymity-Preserving Revocation. 2017 IEEE European Symposium on Security and Privacy (EuroS P). :301–315.

Membership revocation is essential for cryptographic applications, from traditional PKIs to group signatures and anonymous credentials. Of the various solutions for the revocation problem that have been explored, dynamic accumulators are one of the most promising. We propose Braavos, a new, RSA-based, dynamic accumulator. It has optimal communication complexity and, when combined with efficient zero-knowledge proofs, provides an ideal solution for anonymous revocation. For the construction of Braavos we use a modular approach: we show how to build an accumulator with better functionality and security from accumulators with fewer features and weaker security guarantees. We then describe an anonymous revocation component (ARC) that can be instantiated using any dynamic accumulator. ARC can be added to any anonymous system, such as anonymous credentials or group signatures, in order to equip it with a revocation functionality. Finally, we implement ARC with Braavos and plug it into Idemix, the leading implementation of anonymous credentials. This work resolves, for the first time, the problem of practical revocation for anonymous credential systems.

2017-03-07
Kao, D. Y..  2015.  Performing an APT Investigation: Using People-Process-Technology-Strategy Model in Digital Triage Forensics. 2015 IEEE 39th Annual Computer Software and Applications Conference. 3:47–52.

Taiwan has become the frontline in an emerging cyberspace battle. Cyberattacks from different countries are constantly reported during past decades. The incident of Advanced Persistent Threat (APT) is analyzed from the golden triangle components (people, process and technology) to ensure the application of digital forensics. This study presents a novel People-Process-Technology-Strategy (PPTS) model by implementing a triage investigative step to identify evidence dynamics in digital data and essential information in auditing logs. The result of this study is expected to improve APT investigation. The investigation scenario of this proposed methodology is illustrated by applying to some APT incidents in Taiwan.

2017-02-14
D. Y. Kao.  2015.  "Performing an APT Investigation: Using People-Process-Technology-Strategy Model in Digital Triage Forensics". 2015 IEEE 39th Annual Computer Software and Applications Conference. 3:47-52.

Taiwan has become the frontline in an emerging cyberspace battle. Cyberattacks from different countries are constantly reported during past decades. The incident of Advanced Persistent Threat (APT) is analyzed from the golden triangle components (people, process and technology) to ensure the application of digital forensics. This study presents a novel People-Process-Technology-Strategy (PPTS) model by implementing a triage investigative step to identify evidence dynamics in digital data and essential information in auditing logs. The result of this study is expected to improve APT investigation. The investigation scenario of this proposed methodology is illustrated by applying to some APT incidents in Taiwan.