Security and Privacy in Communication Networks
12th International Conference, SecureComm 2016, Guangzhou, China, October 10-12, 2016, Proceedings
Published on 13. June 2017
XV, 781 pages
978-3-319-59608-2 (ISBN)
Description
This book constitutes the refereed conference proceedings of the 12
th
International Conference on Security and Privacy in Communications Networks, SecureComm 2016, held in Guangzhou, China, in October 2016.
The 32 revised full papers and 18 poster papers were carefully reviewed and selected from 137 submissions. The papers are organized thematically starting with mobile and network security, followed by applied cryptography, web security and privacy, system security, hardware security. The volume also includes papers from the ATCS workshop and the poster session.
More details
Series
Edition
1st ed. 2017
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Product notice
Reflowable
Illustrations
XV, 781 p. 256 illus.
File size
43,55 MB
ISBN-13
978-3-319-59608-2 (9783319596082)
DOI
10.1007/978-3-319-59608-2
Schweitzer Classification
Other editions
Additional editions
Robert Deng | Jian Weng | Kui Ren
Security and Privacy in Communication Networks
12th International Conference, SecureComm 2016, Guangzhou, China, October 10-12, 2016, Proceedings
Book
06/2017
Springer
€53.49
Shipment within 10-15 days
Persons
Content
- Intro
- Preface
- Organization
- Contents
- Mobile Security I
- AppShield: Enabling Multi-entity Access Control Cross Platforms for Mobile App Management
- 1 Introduction
- 2 Background and Threat Model
- 3 System Design
- 3.1 Problem Statement
- 3.2 Application Rewriting Framework
- 3.3 Proxy-Based Data Access Mechanism
- 3.4 Security Policy
- 4 Implementation
- 5 Evaluation
- 5.1 Security Policy Enforcement
- 5.2 Reliability
- 5.3 Impact of Application Rewriting
- 6 Discussion
- 7 Related Work
- 8 Conclusion
- References
- H-Binder: A Hardened Binder Framework on Android Systems
- 1 Introduction
- 2 Background
- 2.1 The Binder Framework
- 2.2 Hardware Virtualization on ARM Processor
- 3 Overview
- 3.1 The Problem Scope
- 3.2 Challenges
- 3.3 Our Contributions
- 4 H-Binder Building Blocks
- 4.1 Selective Interception for System Call Issuance
- 4.2 Thread-Level Interception for System Call Return
- 5 The H-Binder Workflow
- 5.1 The Approach
- 5.2 Details
- 5.3 Security Analysis
- 6 Implementation and Performance Evaluation
- 6.1 Component Cost of H-Binder
- 6.2 Application Level Performance Evaluation
- 6.3 Time Cost for Different Sizes of Transferred Data
- 7 Related Work
- 8 Conclusion
- References
- Exploiting Android System Services Through Bypassing Service Helpers
- 1 Introduction
- 2 Background
- 2.1 System Service vs. Service Helper
- 2.2 Security Mechanisms in Service Helpers
- 3 Identifying Vulnerabilities
- 3.1 Overview
- 3.2 Enumerating Service Helper Classes
- 3.3 Detecting Security Mechanisms
- 4 Vulnerability Results
- 4.1 Vulnerability Summary
- 4.2 Real-World Attacks
- 5 Discussion
- 5.1 Lessons Learned
- 5.2 Limitations
- 6 Related Work
- 7 Conclusion
- References
- Secure Keyboards Against Motion Based Keystroke Inference Attack
- 1 Introduction
- 2 MoBaKIA Attack Introduction
- 3 Countermeasure Based on Observation I
- 4 Countermeasures Based on Observation II
- 4.1 Completely Randomize the Layout
- 4.2 Randomly Resize the Keys
- 4.3 Heuristically Adjust the Layout
- 5 Experiment and Evaluation
- 5.1 Effectiveness
- 5.2 Usability
- 6 Related Work
- 7 Conclusion
- References
- Network Security
- Cloud-Based Privacy-Preserving Parking Navigation Through Vehicular Communications
- 1 Introduction
- 2 Problem Statement
- 2.1 System Model
- 2.2 Threat Models
- 2.3 Security Goals
- 3 The CPARN System
- 3.1 Preliminaries
- 3.2 The CPARN System
- 4 Security Discussion
- 5 Performance Evaluation
- 5.1 Computational Overhead
- 5.2 Communication Overhead
- 6 Related Work
- 7 Conclusions
- References
- TruSDN: Bootstrapping Trust in Cloud Network Infrastructure
- Abstract
- 1 Introduction
- 1.1 Contribution
- 1.2 Organization
- 2 System Model
- 2.1 Software Defined Networking
- 2.2 Deployment Layers
- 2.3 Trusted Execution Environments
- 3 Adversary Model
- 3.1 Network Infrastructure
- 3.2 Platform
- 4 Solution Description
- 4.1 TruSDN Overview
- 4.2 Cryptographic Primitives
- 4.3 SDN Trust Bootstrapping and Secure Communication
- 4.4 Preventing Cuckoo Attacks
- 5 Security Analysis
- 6 Implementation and Evaluation
- 6.1 TruSDN Implementation
- 6.2 TruSDN Evaluation
- 7 Related Work
- 8 Future Work
- 9 Conclusion
- Acknowledgements
- References
- Key Update at Train Stations: Two-Layer Dynamic Key Update Scheme for Secure Train Communications
- 1 Introduction
- 2 Related Work
- 3 Train System Model
- 3.1 The Application System
- 3.2 Train Model
- 3.3 Threat Model
- 4 KUTS Scheme
- 4.1 KUTS Contribution Scope
- 4.2 KUTS Update and Key Generation
- 4.3 Detection of Key Failure
- 5 Security Analyses
- 5.1 Security Properties
- 5.2 Security Strength Analyses
- 6 Implementation Analyses
- 6.1 Computational Overhead from Hashing
- 6.2 KUTS Cost Analysis Between Train and Attacker
- 7 Conclusion
- References
- Faulty Node Repair and Dynamically Spawned Black Hole Search
- Abstract
- 1 Introduction
- 2 Related Work
- 3 Premises
- 4 Algorithm and Solutions
- 4.1 General Description
- 4.2 Procedure New Node Exploration
- 4.3 Procedure Find the Meeting Node
- 4.4 Procedure "Double Check"
- 5 Theoretical Correctness and Complexity Analysis
- 6 Verifying Correctness and Complexity Using Simulation
- 7 Conclusion and Future Work
- Acknowledgment
- References
- Applied Cryptography
- Attribute-Based Encryption with Granular Revocation
- Abstract
- 1 Introduction
- 1.1 Our Contributions
- 1.2 Related Work
- 1.3 Organization
- 2 Preliminaries
- 2.1 Bilinear Pairings and Complexity Assumptions
- 2.2 Access Structures and Linear Secret Sharing
- 2.3 Terminologies on Binary Tree
- 3 System Architecture and Security Definition
- 3.1 Framework
- 3.2 Security Definition
- 4 Attribute-Based Encryption with Granular Revocation
- 4.1 Basic Construction
- 4.2 Construction with Improved Efficiency
- 4.3 System Analysis
- 5 Conclusions
- Acknowledgements
- References
- Tokenisation Blacklisting Using Linkable Group Signatures
- 1 Introduction
- 1.1 Problem Statement
- 1.2 Proposed Solution
- 1.3 Related Work
- 2 Transport Ticketing Systems
- 2.1 Open Ticketing Systems
- 2.2 Blacklisting in Transport Ticketing
- 2.3 EMV Payment Tokenisation
- 3 Linkable Group Digital Signatures
- 3.1 Intractability Solutions
- 3.2 Phases
- 4 Transport Ticketing Requirements and Adversary Model
- 4.1 Adversary Model
- 4.2 Functional Requirements
- 4.3 Security Requirements
- 5 Proposed Model
- 5.1 Assumptions
- 5.2 Entities
- 5.3 Phases
- 5.4 Proof of Concept
- 5.5 Lessons Learned/Considerations
- 5.6 Performance Analysis
- 5.7 Requirements Analysis
- 6 Conclusion and Future Work
- References
- Privacy-Preserving Multi-pattern Matching
- 1 Introduction
- 1.1 Related Work
- 1.2 Our Contribution
- 2 Preliminaries
- 2.1 Trie
- 2.2 Aho-Corasick String Matching Algorithm
- 2.3 Cryptographic Building Blocks
- 2.4 Queryable Encryption
- 3 Privacy-Preserving Multi-pattern Matching Solution
- 3.1 Modified AC-automaton
- 3.2 Our Proposed Construction
- 3.3 Complexity Analysis
- 3.4 Security
- 4 Conclusion
- References
- Parallel and Dynamic Structured Encryption
- 1 Introduction
- 2 Our Dynamic Abstract Data Type
- 2.1 Definition
- 2.2 Instantiating Our Abstract Data Type
- 3 Cryptography Background
- 3.1 Basic Notations
- 3.2 Pseudorandom Functions and Symmetric-Key Encryption
- 3.3 Dynamic Symmetric Structured Encryption
- 4 DSSE from Random Binary Tree
- 4.1 Intuition
- 4.2 High-Level Description
- 4.3 Concrete Construction
- 4.4 Security Analysis
- 5 Efficiency Evaluation
- 5.1 Complexities Analysis
- 5.2 Experiments on Implementations
- 6 Conclusion
- A Sub-routines in Our Construction
- B Security Proof
- References
- ATCS Workshop - Session 1
- Secure IoT Using Weighted Signed Graphs
- Abstract
- 1 Introduction
- 1.1 Motivation and Plan of Work
- 2 Basic Concepts and Definitions
- 3 Graphical Model and Its Representation
- 4 Design of Key Management Scheme
- 4.1 Keyrings and Degree Bound on Devices
- 4.2 Distribution of Local and Global Keys
- 4.3 Scalability: Addition of Nodes and/or CHs
- 5 Deployment of Nodes and Cluster Heads
- 6 Application to Low-Cost Networks
- 7 Resiliency of Combined Model: Theoretical Analysis
- 7.1 Simulation Results: Comparative Study
- 8 Conclusion and Future Work
- References
- A Multi-protocol Security Framework to Support Internet of Things
- Abstract
- 1 Introduction
- 2 Background
- 2.1 Literature Review
- 2.2 System Model
- 3 Proposed Framework and Techniques
- 3.1 The Framework
- 3.2 SCH to Support the SF
- 3.3 Working Process of SF
- 4 Conclusion
- References
- Tinder Me Softly - How Safe Are You Really on Tinder?
- Abstract
- 1 Introduction
- 2 Background and Related Work
- 2.1 Background
- 2.2 Previous Work
- 3 Experiment Design
- 3.1 Server Set-up
- 3.2 Client Set-up
- 4 Findings
- 4.1 API Testing
- 4.2 Validating Previous Attacks
- 4.3 New Attacks
- 5 Conclusion and Future Work
- References
- Biometric Authentication Using Facial Recognition
- Abstract
- 1 Introduction
- 2 Facial Recognition
- 3 Proposed System Architecture
- 3.1 Preprocessing of the Face Images
- 3.2 Face Detection
- 3.3 Facial Features Extraction
- 3.4 Facial Recognition with Neural Network
- 4 Experimental Evaluation
- 5 Conclusion
- References
- Platform as a Service (PaaS) in Public Cloud: Challenges and Mitigating Strategy
- Abstract
- 1 Introduction
- 2 Key Characteristics of PaaS
- 3 Challenges of PaaS
- 3.1 Proposed Mitigating Strategies
- 3.2 Broad Network Access and Measured Services Challenges
- 3.2.1 Proposed Mitigating Strategies
- 4 Privacy Awareness Challenges
- 5 Service Continuity and Fault-Tolerance Challenges
- 6 Conclusion
- References
- ATCS Workshop - Session 2
- Architecture Support for Controllable VMI on Untrusted Cloud
- 1 Introduction
- 2 Related Work
- 3 Trusted Model
- 4 Architecture
- 5 Implementation
- 5.1 Isolation of VM and VMM
- 5.2 VMI Control Mechanism
- 5.3 Secret Communication Channel
- 6 Security Analysis
- 7 Performance Evaluation
- 8 Conclusion
- 9 Future Work
- References
- IacCE: Extended Taint Path Guided Dynamic Analysis of Android Inter-App Data Leakage
- Abstract
- 1 Introduction
- 2 Background
- 3 Motivating Example
- 4 Analysis Method
- 4.1 App Combination
- 4.2 Static Model Extraction
- 4.3 Java Bytecode Instrumentation
- 4.4 Concolic Execution
- 4.5 Runtime Monitoring
- 5 Implementation Details
- 5.1 IC3 and AppCombiner
- 5.2 IccTA (Modified)
- 5.3 Instrumentor
- 5.4 Concolic Executor
- 5.5 Runtime Monitor
- 6 Experimental Evaluation
- 6.1 Case Study: The SWE App Set
- 6.2 Comparison with Existing Tools
- 6.3 Application to Real-World Apps
- 7 Discussion and Limitations
- 8 Related Work
- 9 Conclusion
- Acknowledgements
- References
- A Multi-layer Model to Detect Spam Email at Client Side
- Abstract
- 1 Introduction
- 2 Spambayes Performance Testing
- 2.1 SpamBayes
- 2.2 Performance Testing Experiments
- 2.3 Results and Discussion - Spam Bayes
- 3 Multi-layer Model - A Hybrid Classifier
- 3.1 Definitions
- 3.1.1 Text Features
- 3.1.2 Non-text Features
- 3.1.3 Machine Learning Techniques
- 3.2 Multi-layer-Model
- 3.3 SpamBayes Framework with Multi-layer Model
- 4 Experiments and Results - Multi Layer Model
- 5 Conclusion and Future Work
- References
- Cloud Security
- Access Control Management for Secure Cloud Storage
- 1 Introduction
- 2 Basic Concepts
- 3 Access Control Enforcement in Swift
- 3.1 Keys and User-Based Repositories
- 3.2 Policy-Based Encryption
- 4 Policy Updates
- 4.1 Enforcement of Policy Updates
- 4.2 Implementation of Over-Encryption
- 5 Experimental Results
- 5.1 Comparison Between Client Re-Encryption and Over-Encryption
- 5.2 Analysis of Over-Encryption Approaches
- 5.3 Streaming and Batch Encryption
- 5.4 Application of Two Encryption Layers
- 6 Related Work
- 7 Conclusions
- References
- Attribution of Economic Denial of Sustainability Attacks in Public Clouds
- Abstract
- 1 Introduction
- 2 Exploitation of the Utility-Based Pricing Model
- 3 Related Work
- 4 The Proposed Markov-Based Models for Detecting Sources Participating in an EDoS Attack
- 4.1 Markov Chain Model
- 4.2 Hidden Semi-Markov Model
- 5 Experimental Evaluation
- 5.1 Dataset Description
- 5.2 Attack Scenarios
- 5.3 Experimental Results
- 6 Discussion
- 7 Conclusion
- Acknowledgements
- References
- A Secure and Fast Dispersal Storage Scheme Based on the Learning with Errors Problem
- 1 Introduction
- 2 Technical Background
- 2.1 Dispersal Algorithms
- 2.2 The Learning with Errors (LWE) Problem
- 2.3 Related Work
- 3 Preliminaries
- 3.1 Notation
- 3.2 System Model and Design Goals
- 4 A New Dispersal Scheme: SWE
- 4.1 The Basic Scheme
- 4.2 Support for Dynamic Operations
- 5 Scheme Analysis
- 5.1 Confidentiality
- 5.2 Availability
- 5.3 Performance
- 6 Experiments and Evaluations
- 6.1 Performance Tuning
- 6.2 Comparison on Encoding and Decoding
- 7 Conclusion
- References
- ase-PoW: A Proof of Ownership Mechanism for Cloud Deduplication in Hierarchical Environments
- 1 Introduction
- 2 Revisiting the ce-PoW Scheme
- 3 Attribute Symmetric Encryption Proof of Ownership Scheme
- 3.1 System Overview
- 3.2 Entities
- 3.3 Threat Model
- 3.4 Goals
- 3.5 The Proposed Scheme
- 4 Security Analysis
- 4.1 Security
- 4.2 Complexity
- 5 Performance Evaluation
- 6 Related Work
- 7 Conclusion
- References
- Web Security and Privacy
- Website Forensic Investigation to Identify Evidence and Impact of Compromise
- 1 Introduction
- 2 Overview of Compromised Website Response
- 2.1 Web Compromise Technique
- 2.2 Anti-analysis Technique
- 2.3 Problems in Conventional Methods for Compromised Website Response
- 3 Proposed Method and System
- 3.1 Identifying Redirection Origin as Evidence of Compromise
- 3.2 Identifying Targeted Client Environment as Impact of Compromise
- 3.3 Implementation
- 4 Experiment and Evaluation
- 4.1 Experimental Environment
- 4.2 Evaluation of Redirection Call Graph and Redirection Origin
- 4.3 Evaluation of Targeted Client Environments
- 4.4 Performance Overhead
- 5 Case Studies
- 5.1 Redirection Call Graph with Semantic Gap
- 5.2 Client-Dependent Redirection with Browser Fingerprinting
- 6 Discussion
- 7 Related Work
- 8 Conclusion
- A Appendix: Difference Between Proposed Graph and Conventional Graph
- References
- SecWeb: Privacy-Preserving Web Browsing Monitoring with w-Event Differential Privacy
- 1 Introduction
- 2 Backgroud
- 2.1 Preliminaries and Problem Statement
- 2.2 Related Work
- 3 SecWeb: Real-Time Web Browsing Data Publishing with Privacy Preservation
- 3.1 Adaptive Sampling
- 3.2 Dynamic Grouping
- 3.3 Adaptive Budget Allocation
- 3.4 Group-Based Perturbation and Filtering
- 3.5 Pre-sampling to Reduce Sensitivity
- 3.6 Privacy Analysis
- 4 Performance Evaluation
- 5 Conclusions
- References
- A Behavioral Biometrics Based Approach to Online Gender Classification
- 1 Introduction
- 2 Background
- 2.1 Gender Difference in Anthropometrics
- 2.2 Behavioral Biometrics
- 3 Methodology
- 3.1 Data Collection
- 3.2 Movement Metrics
- 3.3 Data Filtering
- 4 Model Design
- 4.1 Mouse Signatures
- 4.2 Gender Prediction Model
- 5 Evaluation
- 5.1 Labeled Data Analysis
- 5.2 Unlabeled Data Analysis
- 6 Discussion
- 7 Future Work
- 8 Conclusion
- References
- Unique on the Road: Re-identification of Vehicular Location-Based Metadata
- 1 Introduction
- 2 Related Work
- 3 Main Results
- 4 Investigating Procedure
- 4.1 Dataset Pre-processing
- 4.2 Temporal Generalization
- 4.3 Spatial Generalization
- 4.4 Uniqueness Calculation
- 4.5 Datasets overview
- 5 Discussion
- 6 Conclusion and Future Work
- References
- System Security
- BINDNN: Resilient Function Matching Using Deep Learning
- 1 Introduction
- 2 Problem Definition
- 2.1 Previous Methods
- 3 Function Matching with Deep Learning
- 3.1 Binary to Feature Vector Translation
- 3.2 Sample Creation
- 3.3 Using the Neural Network
- 4 Evaluation and Discussion
- 4.1 Data Set
- 4.2 Classifying Function Comparisons
- 4.3 Resilience to Optimization Differences
- 4.4 Resilience to Architecture and Optimization Differences
- 4.5 Resilience to Compiler and Optimization Differences
- 4.6 Network Limitations
- 5 Conclusions
- A Network Architecture
- References
- TZ-SSAP: Security-Sensitive Application Protection on Hardware-Assisted Isolated Environment
- Abstract
- 1 Introduction
- 2 Background
- 2.1 Application Analysis
- 2.2 ARM TrustZone
- 3 Threat Model and Assumption
- 4 TZ-SSAP Design
- 4.1 SSApp Protection Module
- 4.2 Security Arrangement
- 4.3 Page Table Update Verification
- 4.4 Security Policies Mechanism
- 5 Implementation
- 5.1 Foundation Work of TZ-SSAP
- 5.2 Security Policies Implementation
- 5.3 Performance Enhancement
- 6 Evaluation
- 7 Related Work
- 7.1 Whole Application Protection
- 7.2 Split Application Protection
- 8 Conclusion
- Acknowledgments
- References
- SQLite Forensic Analysis Based on WAL
- 1 Introduction
- 2 Background
- 2.1 SQLite Database
- 2.2 Write-Ahead Log
- 2.3 Checkpoint Mechanism
- 3 Methodology
- 3.1 Reconstructing SQLite Database
- 3.2 Extracting WAL File
- 3.3 Reconstructing SQLite History Versions
- 4 Experiment and Evaluation
- 4.1 Collection of Data Image
- 4.2 Reconstruction of SQLite History Versions
- 4.3 Case Studies Using Reconstructed Files
- 5 Discussion
- 6 Related Work
- 7 Conclusion
- References
- Impact of Environment on Branch Transfer of Software
- 1 Introduction
- 2 Related Work
- 3 Impact of Environment on Branch Transfer
- 3.1 Impact of Time
- 3.2 Impact of Space
- 3.3 Mechanisms in Linux
- 4 Software Behavior Analysis
- 4.1 Environment and Branch Transfer
- 4.2 Representation of Differences
- 4.3 Getting Rid of Environment Impact
- 5 Experimental Result
- 5.1 Comparing the Number of Branches
- 5.2 Impact of Time
- 5.3 Impact of Space
- 5.4 Impact of Signal
- 5.5 Impact of Searching for Shared Libraries
- 6 Discussion and Conclusion
- References
- Mobile Security II
- DroidClassifier: Efficient Adaptive Mining of Application-Layer Header for Classifying Android Malware
- Abstract
- 1 Introduction
- 2 Motivation
- 3 Related Work
- 4 Introducing DroidClassifier
- 4.1 Model Training
- 4.2 Malware Clustering During Testing
- 4.3 Malware Classification
- 4.4 Malware Detection
- 5 Evaluation
- 5.1 Malware Classification Effectiveness Across Different Cluster Numbers
- 5.2 Detection Effectiveness Per Family
- 5.3 Comparing Detection Effectiveness of Clustering Versus Non-clustering
- 5.4 Comparing Performance with Other Mobile Malware Detectors
- 6 Limitations and Future Work
- 7 Conclusion
- Acknowledgment
- References
- GreatEatlon: Fast, Static Detection of Mobile Ransomware
- 1 Introduction
- 2 Motivation
- 2.1 Ransomware
- 2.2 State of the Art
- 2.3 Goals and Challenges
- 3 Approach
- 3.1 Encryption Detector
- 3.2 Device Administration APIs Misuse Detector
- 3.3 Reflection Heuristic
- 3.4 Text Detector
- 3.5 Lightweight Pre-filtering
- 4 Implementation Details
- 4.1 Encryption Detector
- 4.2 Device Administration APIs Misuse Detector
- 4.3 Reflection Heuristic
- 4.4 Lightweight Pre-filtering
- 5 Experimental Evaluation
- 5.1 Experiments
- 5.2 Dataset
- 5.3 Experiment 1: GreatEatlon vs. State of the Art (Benchmark)
- 5.4 Experiment 2: GreatEatlon vs. State of the Art
- 5.5 Experiment 3: False Positive Rate
- 5.6 Experiment 4: Image Scanner Quality
- 5.7 Experiment 5: Pre-filtering Precision
- 5.8 Experiment 6: Pre-filtering Speed
- 5.9 Experiment 7: Impact of the Pre-filter on Large Scale Analysis
- 6 Limitations
- 6.1 Native Code
- 6.2 Conditional Flows
- 6.3 Reflection Heuristic
- 6.4 Image Scanner
- 7 Related Work
- 8 Conclusions
- References
- Data Flow Analysis on Android Platform with Fragment Lifecycle Modeling
- 1 Introduction
- 2 Background and Motivation
- 2.1 Background
- 2.2 Motivation
- 2.3 Goals and Assumption
- 3 System Design
- 4 Implementation
- 4.1 Identify Fragments Which Attached to Activity
- 4.2 Deal with Data Flow Between Activity and Fragment
- 4.3 Create Dummy Main Method
- 4.4 Handle One Activity Carried with Multiple Fragments
- 5 Evaluation
- 5.1 Dataset and Experiment Setup
- 5.2 Summary of Fragment Usage in App
- 5.3 Data Leakage Results
- 5.4 Runtime Performance
- 6 Discussion
- 7 Related Work
- 8 Conclusion
- References
- Alde: Privacy Risk Analysis of Analytics Libraries in the Android Ecosystem
- 1 Introduction
- 2 Background
- 2.1 Analytics Libraries
- 2.2 What Information Is Presented to the Developers
- 3 System Design and Implementation
- 3.1 Documentation Analysis
- 3.2 Static Analysis
- 3.3 Dynamic Analysis
- 4 Dataset
- 4.1 Analytics Libraries
- 4.2 Apps
- 5 Experimental Results and Discussions
- 5.1 Experimental Results
- 5.2 Discussions
- 5.3 Limitations
- 6 Related Work
- 7 Conclusion
- References
- Hardware Security
- FROPUF: How to Extract More Entropy from Two Ring Oscillators in FPGA-Based PUFs
- 1 Introduction
- 2 Preliminaries
- 2.1 Evaluation Scheme of RO PUF
- 2.2 Systematic Variation
- 2.3 Programmable Delay Lines
- 3 Our Proposed Further ROPUF
- 3.1 Second Order Difference Calculation
- 3.2 Analysis of the Second Order Difference Calculation
- 3.3 Simulation of Second Order Difference Calculation
- 4 Evaluation
- 4.1 Reliability
- 4.2 Uniqueness
- 4.3 The Randomness Evaluation
- 4.4 The Evaluation Result on Other FPGAs
- 5 Further Discussion
- 6 Conclusion
- References
- Extracting More Entropy for TRNGs Based on Coherent Sampling
- 1 Introduction
- 2 Equivalent Stochastic Model
- 2.1 Principle of Traditional and Coherent Sampling Methods
- 2.2 Proposed Equivalent Model
- 2.3 Entropy Evaluation
- 3 Proposed Architecture
- 3.1 Improved Method for Extracting More Entropy
- 3.2 Circuit Architecture
- 4 Simulation and Implementation
- 4.1 Simulation Results in Matlab
- 4.2 Implementation Results in FPGA
- 5 Conclusion and Future Work
- References
- A Very Compact Masked S-Box for High-Performance Implementation of SM4 Based on Composite Field
- 1 Introduction
- 2 Algebraic Description for S-Box
- 3 Masking Strategy
- 3.1 Inversion Without Masking
- 3.2 Masking the Inversion
- 3.3 Reutilization of Masks
- 3.4 Mask Transformation
- 4 Implementation of Masked SM4
- 4.1 Iterative Architecture of Masked SM4
- 4.2 Pipelined Architecture of Masked SM4
- 5 Results
- 6 Conclusion
- References
- Security Analysis of Vendor Customized Code in Firmware of Embedded Device
- Abstract
- 1 Introduction
- 2 Issues of Firmware Analysis
- 2.1 Firmware Acquiring
- 2.2 Firmware Unpacking
- 2.3 Code Debugging
- 2.4 Code Emulation
- 3 Vendor Customized Code Analysis
- 3.1 Target
- 3.2 Searching Vendor Customized Code
- 3.3 Security Assessment of Vendor Customized Code
- 4 Experimental Evaluation
- 4.1 General Analysis
- 4.2 Firmware Analysis
- 4.3 Vendor Customized Code Searching
- 4.4 Security Assessment
- 5 Related Work
- 5.1 Static Binary Code Analysis
- 5.2 Dynamic Binary Code Analysis
- 5.3 Heavyweight Program Analysis
- 5.4 Automatic Firmware Analysis
- 6 Conclusion
- References
- Poster Session
- POSTER: Security Analysis of Personal Unmanned Aerial Vehicles
- 1 Introduction
- 2 Phantom 2
- 2.1 Vulnerabilities
- 2.2 Hijack Aircraft Communication
- 2.3 Attack on Video Module
- 2.4 Ground Station
- 3 Phantom 3 Professional
- 3.1 Insecure Server
- 3.2 Hijack Aircraft
- 4 Conclusion
- 5 Other Works and Responsible Disclosure
- References
- Modeling User Browsing Activity for Application Layer DDoS Attack Detection
- 1 Introduction
- 2 Detection Schemes
- 3 Experiments
- 4 Conclusion
- References
- POSTER: A Framework for IoT Reprogramming
- 1 Introduction
- 2 System Design Overview
- 3 Evaluation and Implementation
- 4 Conclusion
- References
- Privacy Preserving Data Classification Using Inner Product Encryption
- 1 Introduction
- 2 Privacy Preserving Classification
- 3 Performance
- 4 Classification Security
- 5 Conclusion and Future Work
- References
- POSTER: Location Privacy Using Homomorphic Encryption
- References
- SDNGuardian: Secure Your REST NBIs with API-Grained Permission Checking System
- Abstract
- 1 Introduction
- 2 System Design
- 2.1 Overview
- 2.2 Authorization Manager
- 2.3 Policy Manager
- References
- POSTER: A Novel Wavelet Denoising Method Based on Robust Principal Component Analysis in Side Channel Attacks
- 1 Introduction
- 2 Background
- 2.1 Robust Principal Component Analysis
- 3 Proposed Denoising Method
- 4 Experiment
- 5 Conclusion
- References
- Exploitation of NetEm Utility for Non-payload-based Obfuscation Techniques Improving Network Anomaly Detection
- 1 Introduction
- 2 Related Work
- 3 Obfuscation Tool
- 4 Data Mining Experiments
- 5 Summary of the Obfuscation Techniques
- References
- POSTER: Non-intrusive Face Spoofing Detection Based on Guided Filtering and Image Quality Analysis
- Abstract
- 1 Introduction
- 2 The Proposed Method
- 3 Experimental Results and Analysis
- 4 Conclusions
- Acknowledgements
- References
- Author Index
