Security and Privacy in Communication Networks
11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers
Published on 23. January 2016
XIII, 741 pages
978-3-319-28865-9 (ISBN)
Description
This volume constitutes the thoroughly refereed post-conference proceedings of the 11th International Conference on Security and Privacy in Communication Networks, SecureComm 2015, held in Dallas, TX, USA, in October 2015.
The 29 regular and 10 poster papers presented were carefully reviewed and selected from 107 submissions. It also presents 9 papers accepted of the workshop on Applications and Techniques in Cyber Security, ATCS 2015.
The papers are grouped in the following topics: mobile, system, and software security; cloud security; privacy and side channels; Web and network security; crypto, protocol, and model.
More details
Series
Edition
1st ed. 2015
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Illustrations
XIII, 741 p. 240 illus. in color.
File size
38,92 MB
ISBN-13
978-3-319-28865-9 (9783319288659)
DOI
10.1007/978-3-319-28865-9
Schweitzer Classification
Other editions
Additional editions
Bhavani Thuraisingham | Xiaofeng Wang | Vinod Yegneswaran
Security and Privacy in Communication Networks
11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers
Book
01/2016
Springer
€53.49
Shipment within 10-15 days
Persons
Content
- Intro
- Preface
- Organization
- Contents
- Mobile, System and Software Security
- FineDroid: Enforcing Permissions with System-Wide Application Execution Context
- 1 Introduction
- 2 Threat Model
- 3 Approach Overview
- 4 Application Context Tracking
- 4.1 Intra-application Context Builder
- 4.2 Inter-application Context Builder
- 4.3 Context Propagating
- 5 Context-Sensitive Permission System
- 5.1 Permission Manager
- 5.2 Policy Framework
- 6 Security Extensions
- 6.1 For Administrator: Fixing Permission Leak Vulnerability
- 6.2 For Developer: Fine-Grained Permission Specification
- 7 Prototype and Evaluation
- 7.1 Fixing Permission Leak Vulnerability
- 7.2 Fine-Grained Permission Specification
- 7.3 Performance Overhead
- 8 Discussion
- 9 Related Work
- 10 Conclusion
- References
- Detection, Classification and Characterization of Android Malware Using API Data Dependency
- 1 Introduction
- 2 Motivation and System Goals
- 2.1 Motivation
- 2.2 Goals and Assumption
- 3 System Design
- 4 Implementation
- 4.1 Extension of FlowDroid
- 4.2 Modality Generation
- 4.3 Feature Vector Construction
- 4.4 Malware Detection, Classification and Characterization
- 5 Evaluation
- 5.1 Dataset and Experiment Setup
- 5.2 Summary of Modality Generation
- 5.3 Malware Detection Result
- 5.4 Malware Classification Result
- 5.5 Malware Characterization Result
- 5.6 Runtime Performance
- 6 Discussion
- 7 Related Work
- 8 Conclusion
- References
- KeyPocket - Improving Security and Usability for Provider Independent Login Architectures with Mobile Devices
- 1 Introduction
- 2 Related Work
- 2.1 Secure Data Encryption and Transmission
- 2.2 Smartphone-Based Login Architectures
- 3 Requirements of a Mobile-Based Login Architecture
- 4 KeyPocket - An Architecture for Secure and Usable Web Service Access
- 4.1 Architectural Concept
- 4.2 Main Components
- 4.3 Third-Party Independence and Privacy Enhancement
- 4.4 Processing a Login
- 4.5 On-Device Identity Management
- 4.6 Implementation
- 5 Discussion
- 5.1 Threat Robustness
- 5.2 Qualitative Requirements
- 5.3 General Notes
- 6 Conclusion and Future Work
- References
- Using Provenance Patterns to Vet Sensitive Behaviors in Android Apps
- 1 Introduction
- 2 Background And System Goals
- 2.1 System Goals
- 3 System Design
- 3.1 Design Overview
- 3.2 Exemplar Sensitive Provenance Patterns
- 4 System Evaluation
- 4.1 Effectiveness Case Study on Representative Malware Families
- 4.2 Measuring Effectiveness Using a Large App Corpus
- 4.3 Measuring System Performance Overhead
- 5 Related Work
- 6 Limitations and Future Work
- 7 Conclusion
- References
- SplitDroid: Isolated Execution of Sensitive Components for Mobile Applications
- 1 Introduction
- 2 Preliminaries
- 2.1 A Running Example
- 2.2 Goals
- 2.3 Assumptions
- 2.4 Adversary Model
- 3 SplitDroid Design
- 3.1 Overview of SplitDroid
- 3.2 The Isolated Execution Environment
- 3.3 Split-Execution of Android Apps
- 3.4 Usage Scenarios
- 4 Case Study
- 4.1 Goal
- 4.2 Implementation
- 4.3 Evaluation
- 5 Discussions
- 5.1 Limitations
- 5.2 Future Work
- 6 Related Work
- 6.1 Privacy Protection on Smartphones
- 6.2 Isolated Execution Based Privacy Protection
- 6.3 Split Execution of Mobile Apps
- 7 Conclusion
- References
- Intrinsic Code Attestation by Instruction Chaining for Embedded Devices
- 1 Introduction
- 2 Intrinsic Code Attestation
- 2.1 Instruction Chaining
- 2.2 Instruction Key Expanding
- 2.3 Instruction Size Fitting
- 3 Security Analysis
- 3.1 Remaining Risk
- 4 System Integration
- 4.1 Secured MSP430
- 4.2 Secured tinyVLIW8
- 4.3 Secure Key Storage
- 4.4 Design Size and Speed Estimation
- 4.5 Compiler Tool Chain Extension
- 5 Related Work
- 6 Future Work
- 7 Conclusion
- References
- Defeating Kernel Driver Purifier
- 1 Introduction
- 2 Background
- 3 Attack Model
- 3.1 Self-Checksum Based Rootkit
- 3.2 Kernel API Call Less Rootkit
- 4 Implementation
- 4.1 Self-Checksum Based Rootkit
- 4.2 Kernel API Call Less Rootkit
- 5 Experimental Evaluation
- 5.1 Effectiveness
- 5.2 Functionality
- 5.3 Performance Overhead
- 5.4 Automation
- 6 Defense Mechanisms
- 6.1 Comparison between Our Two Methods
- 6.2 Defense Mechanism
- 7 Related Work
- 7.1 Kernel Protection from Buggy or Malicious Drivers
- 7.2 Self-checksumming
- 8 Conclusion
- References
- Kernel Data Attack Is a Realistic Security Threat
- 1 Introduction
- 2 Background
- 2.1 Attack Space
- 3 Kernel Data Attacks
- 3.1 Bypass Linux Auditing and AppArmor
- 3.2 Bypass NULL Pointer Dereference Mitigation
- 4 Keylogger Design and Implementation
- 5 Defense
- 5.1 Defense Mechanism
- 5.2 Defense Evaluation
- 6 Discussion
- 7 Related Work
- 8 Conclusion
- References
- Cloud Security
- RScam: Cloud-Based Anti-Malware via Reversible Sketch
- 1 Introduction
- 2 Related Work
- 3 Design
- 3.1 System Architecture
- 3.2 Signature Initialization
- 3.3 Reversible Sketch Structure
- 3.4 Matching Mechanism
- 4 Discussion
- 4.1 Fasle Negative
- 4.2 Hashing False Positive
- 4.3 Fragment False Positive
- 5 Evaluation
- 5.1 Memory Analysis
- 5.2 Time Analysis
- 5.3 Traffic Analysis
- 5.4 Practical Accuracy
- 6 Conclusion
- References
- TADOOP: Mining Network Traffic Anomalies with Hadoop
- 1 Introduction
- 2 Related Work
- 3 DTE-FP
- 3.1 Tsallis Entropy Characteristics for Anomaly Detection
- 3.2 DTE-FP
- 3.3 Detection for Common Attacks
- 4 Implementation of TADOOP
- 4.1 Traffic Collector
- 4.2 Entropy Calculation Module
- 4.3 Semi-automatic Training Module
- 4.4 Detection Module
- 5 Experiments
- 5.1 Experiment Environment
- 5.2 Data
- 5.3 Detection in Tsinghua University Campus Network
- 6 Discussion
- 7 Conclusion and Future Work
- References
- SuperCall: A Secure Interface for Isolated Execution Environment to Dynamically Use External Services
- 1 Introduction
- 2 The Problem Definition and Design Overall
- 2.1 Piece of Application Logic (PAL)
- 2.2 Desired Security Properties
- 2.3 Design Goals
- 2.4 Assumptions
- 2.5 Overview of SuperCall
- 3 Typical Control Flow of SuperCall
- 3.1 Out Gate
- 3.2 SuperEnter
- 3.3 SuperExit
- 3.4 Back Gate
- 4 Typical Scenarios
- 4.1 Resource Update
- 4.2 Data Exchange with Outside
- 5 Evaluation
- 5.1 Case Study: PwdChecker
- 5.2 PwdChecker without SuperCall
- 5.3 PwdChecker with SuperCall
- 5.4 Performance Evaluation
- 6 Related Work
- 7 Conclusion
- References
- Authenticating Top-k Results of Secure Multi-keyword Search in Cloud Computing
- 1 Introduction
- 2 Related Work
- 2.1 Traditional Searchable Encryption
- 2.2 Secure Keyword Search in Cloud Computing
- 2.3 Authenticating the Search Results
- 3 Problem Formulation
- 3.1 System Model
- 3.2 Threat Model
- 3.3 Design Goals
- 3.4 Notations
- 4 Privacy-Preserving and User-Specified Ranked Multi-keyword Search
- 5 Dynamic Top-k Results Authentication
- 5.1 Privacy Preserving Function
- 5.2 Multi-Attribute Authentication Tree
- 5.3 Authenticating Integrity of the Dynamic Top-k Search Results
- 6 MAAT Optimization
- 6.1 Optimizing Method
- 6.2 Trade-off Between Privacy and Communication Cost
- 7 Security Analysis
- 7.1 Privacy Preserving and User Specified Ranked Multi-keyword Search
- 7.2 Authenticating Dynamic Top-k Results
- 8 Performance Evaluation
- 8.1 Experiment Settings
- 8.2 Experiment Results
- 9 Conclusion
- References
- Privacy and Side Channels
- Resource Efficient Privacy Preservation of Online Social Media Conversations
- 1 Introduction
- 2 Related Work
- 3 Goals and Threat Model
- 4 Hermes Architecture
- 5 Hiding Users' Sharing Patterns
- 5.1 Hiding the Membership Information within Each Private Conversation
- 5.2 Hiding Users' Conversation Patterns by Handling Intersection Attacks
- 6 Quantifying Cost, Anonymity, and Timeliness Trade-offs
- 7 Prototype Implementation and Evaluations
- 8 Conclusions
- References
- A Propagating Updates via ufiles
- Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android
- 1 Introduction
- 2 Background and Problem Statement
- 2.1 Android Background
- 2.2 Problem Statement
- 3 Uranine Design
- 3.1 Taint Storage and Propagation
- 4 Implementation
- 5 Evaluation
- 5.1 Accuracy
- 5.2 Performance
- 6 Discussion
- 6.1 Static Analysis and Optimizations
- 6.2 Limitations
- 7 Related Work
- 8 Conclusion
- References
- Practicality of Using Side-Channel Analysis for Software Integrity Checking of Embedded Systems
- 1 Introduction
- 2 Related Work and Pitfalls
- 3 A Systematic Approach for Instruction-level Side-channel Analysis
- 3.1 Recognizing Operations Versus Recognizing Execution Instances
- 3.2 Separability
- 4 Data Effects
- 5 Side-channel Programming
- 6 Conclusion and Future Work
- References
- Remote Activation of Hardware Trojans via a Covert Temperature Channel
- 1 Introduction
- 2 Threat Model
- 3 Hardware Trojan Trigger Design
- 3.1 Temperature Sensor
- 3.2 Switching Circuitry
- 4 A Process Invariant Design
- 4.1 Self-tuning Inverter Comparator Circuit
- 4.2 Parallel Gate Inverter Circuit
- 5 Simulation
- 6 Detectability of Design
- 7 Related Work
- 8 Conclusion
- References
- Web and Network Security
- Route Leaks Identification by Detecting Routing Loops
- 1 Introduction
- 2 Route Leaks
- 3 Routing Loops and Route Leak Detection
- 3.1 Routing Loops Caused by Route Leaks
- 3.2 Route Leak Identification
- 3.3 Leaking AS Identification
- 3.4 Detection Mechanism
- 4 Detection Results
- 4.1 T1-T1 Routes Caused by Complex Relationships of Sibling and Mutual Transit
- 4.2 Analysis of Leaked Routes
- 5 Discussion
- 5.1 Loop Routes Received from a Provider
- 5.2 Complex Routing Policies
- 5.3 Limitations
- 6 Related Work
- 7 Conclusions and Future Works
- PULSAR: Stateful Black-Box Fuzzing of Proprietary Network Protocols
- 1 Introduction
- 2 Methodology
- 2.1 Model Inference
- 2.2 Test Case Generation
- 2.3 Model Coverage
- 3 Case Studies
- 3.1 Core FTP Client
- 3.2 Pidgin ICQ/AIM
- 4 Limitations
- 5 Related Work
- 6 Conclusion
- References
- You Are How You Query: Deriving Behavioral Fingerprints from DNS Traffic
- 1 Introduction
- 2 Related Work
- 3 System
- 3.1 Problem Formulation
- 3.2 Patterns
- 3.3 System Implementation
- 4 Experiments
- 4.1 Data and Experiment Setup
- 4.2 Fingerprint Extraction
- 4.3 Fingerprint Matching
- 4.4 Evaluating the Impact of Parameter Values
- 5 Discussion
- 6 Conclusion
- References
- Enhancing Traffic Analysis Resistance for Tor Hidden Services with Multipath Routing
- 1 Introduction
- 2 Background
- 2.1 Tor
- 2.2 Tor Hidden Services
- 2.3 Traffic Analysis Attack against Hidden Services
- 3 Overview of the Problem and the Threats
- 4 Multipath Tor Hidden Services (mTorHS)
- 4.1 Connection Initialization at Client Side
- 4.2 Multipath Tunnel Construction on Hidden Server Side
- 4.3 Data Transmission between Client and HS
- 4.4 Discussions
- 5 Experiment Evaluation
- 5.1 Implementing ICBW Watermarking Scheme
- 5.2 Implementing mTorHS
- 5.3 Results
- 6 Related Work
- 7 Conclusion and Future Work
- An Improved Method for Anomaly-Based Network Scan Detection
- 1 Introduction
- 2 Background
- 2.1 Scanning
- 2.2 Anomaly Detection Systems in Scan Detection and Machine Learning
- 2.3 Previous Work
- 3 Contributions
- 4 Method
- 4.1 Network Flow Data a Collection
- 4.2 Network Flow Data Labeling
- 4.3 Attribute Calculation
- 4.4 Lower Bounding
- 4.5 Attribute Discretization
- 4.6 Attribute Set Selection
- 4.7 Machine Learning Model Creation
- 4.8 Model Evaluation
- 5 Results and Discussion
- 5.1 The Role of Lower Bound on Metric Performance
- 5.2 The Role of Attribute Sets on Metric Performance
- 5.3 The Role of Machine Learning Classifiers on Metric Performance
- 6 Conclusions
- Appendix A: Calculated Network Flow Attributes
- References
- Why Web Servers Should Fear Their Clients
- 1 Introduction
- 2 Attack Details
- 3 Attack Prerequisites and Synergies
- 3.1 Cross Origin Resource Sharing
- 3.2 Lack of Backward Protocol Compatibility
- 3.3 Browser Vulnerabilities
- 4 Testing and Analysis
- 4.1 Set up
- 4.2 Measurements
- 4.3 Discussion
- 5 Related Work
- 6 Conclusion and Future Work
- References
- An Attribute-Based Signcryption Scheme to Secure Attribute-Defined Multicast Communications
- 1 Introduction
- 2 Motivations, System Model, and Related Work
- 2.1 Push-Based Multicast Communications
- 2.2 Pull-Based Multicast Communication
- 2.3 System Model
- 2.4 Related Work
- 3 CP_ABSC: A Ciphertext-Policy Attribute Based Signcryption Scheme
- 3.1 Preliminary Knowledge for CP_ABSC
- 3.2 Access Control Policy -- The Access Tree
- 3.3 CP_ABSC: Ciphertext-Policy Attribute Based Signcryption
- 3.4 CP_ABSC v.s. CP_ABE
- 3.5 Application of CP_ABSC in Smart Grids
- 4 Correctness and Performance Analysis
- 4.1 The Correctness of CP_ABSC
- 4.2 Security Strength
- 4.3 Efficiency and Cost Analysis
- 5 Conclusion and Future Work
- References
- Generation of Transmission Control Rules Compliant with Existing Access Control Policies
- 1 Introduction
- 2 Related Works
- 2.1 Access Control Models (AC)
- 2.2 Data Loss/Leak Prevention (DLP)
- 2.3 Unifying AC and TC
- 3 Context and Vocabulary
- 3.1 Scope of the Study
- 3.2 Generic Access Control Model
- 4 Contribution
- 4.1 Transmission Control List
- 4.2 Representation
- 4.3 Generation Mechanisms
- 4.4 Inference Mechanisms to Enhance Existing AC Policies (M1)
- 4.5 Inference Mechanisms to Help Integration and Enhance Security Knowledge (M2)
- 5 Evaluations
- 5.1 Implementation
- 5.2 Generation Tests
- 5.3 Inferences Tests
- 6 Conclusion
- References
- Crypto, Protocol and Model
- A Markov Random Field Approach to Automated Protocol Signature Inference
- 1 Introduction
- 2 Related Work
- 2.1 Reverse Engineering-Based Methods
- 2.2 Network Trace-Based Methods
- 3 ProParser
- 3.1 n-Gram Extraction
- 3.2 Keyword Inference
- Basic of Markov Field Aspect Model.
- Approximate Inference.
- Perplexity.
- 3.3 Message Clustering
- 3.4 Signature Generation
- 4 Experimental Results
- 4.1 Datasets
- 4.2 Evaluation Methodology and Metrics
- 4.3 Experimental Results
- 5 Conclusion
- References
- How to Prevent to Delegate Authentication
- 1 Introduction
- 1.1 Our Work
- 1.2 Related Works
- 2 Non-delegatable Authentication
- 2.1 HtD Authentication Systems
- 3 Authentication Games
- 3.1 An Authentication System Using Games
- 3.2 Deploying Authentication Games
- 4 A Proof of Concept HtE Game
- 4.1 The Game Design
- 4.2 Verification Function
- 5 Experiments
- 5.1 Considerations in Using Amazon Mechanical Turk
- 5.2 Experiment 1: Correctness and Security
- 5.3 Experiment 2: HtE Property
- 6 Deploying Authentication Games
- 7 Concluding Remarks
- References
- Ciphertext-Policy Attribute-Based Encryption with User and Authority Accountability
- 1 Introduction
- 1.1 Related Work
- 1.2 Our Contributions
- 1.3 Our Main Ideas
- 1.4 Organization
- 2 Background
- 2.1 Access Structures and Linear Secret Sharing Schemes
- 2.2 Bilinear Maps
- 2.3 Assumptions
- 2.4 Miscellaneous Primitives
- 3 CP-ABE with User and Authority Accountability
- 3.1 Definition
- 3.2 Selective Security Model for UaAA-CP-ABE
- 3.3 Accountability Model for UaAA-CP-ABE
- 4 Our Construction
- 5 Analysis of Our Proposed Scheme
- 5.1 Selective Security Proof
- 5.2 Accountability Proof
- 5.3 Performance Analysis
- 6 Conclusion
- References
- A Decentralized Access Control Model for Dynamic Collaboration of Autonomous Peers
- 1 Introduction
- 2 Modeling Coordination with the Peer Model
- 3 Security for the Peer Model
- 3.1 Identity Representation with Delegation Support
- 3.2 Rule-Based Authorization
- 3.3 Secure Runtime Architecture
- 4 Secure Coordination Patterns
- 4.1 Request-Response with Cloud Service
- 4.2 Data Exchange via Shared Memory
- 5 Discussion and Related Work
- 6 Conclusion
- Using a 3D Geometrical Model to Improve Accuracy in the Evaluation and Selection of Countermeasures Against Complex Cyber Attacks
- 1 Introduction
- 2 Return on Response Investment
- 3 3D Geometrical Model
- 3.1 Coordinate System
- 3.2 Volume Calculation
- 3.2.1 System Volume
- 3.2.2 Attack Volume
- 3.2.3 Countermeasure Volume
- 4 Countermeasure Evaluation
- 5 Impact Calculation
- 5.1 Attack Impact
- 5.2 Countermeasure Impact
- 6 Implementation and Results
- 6.1 Tool Description
- 6.1.1 Input Data Processor :
- 6.1.2 RORI & Geometrical Calculation:
- 6.1.3 Graphical Representation:
- 6.2 Use Case: Olympic Games
- 6.3 Attack Scenario
- 6.4 Countermeasure Analysis
- 7 Conclusion and Future Work
- References
- Poster Session
- POSTER: API-Level Multi-policy Access Control Enforcement for Android Middleware
- 1 Introduction
- 2 MpDroid Architecture
- 3 Experiment
- 4 Conclusions
- References
- POSTER: Reliable and Efficient Protection of Consumer Privacy in Advanced Metering Infrastructure
- 1 Introduction
- 2 Approach
- 3 Protocol Phases
- 4 Conclusion and Future Work
- References
- POSTER: A Security Adaptive Steganography System Applied on Digital Audio
- 1 Introduction
- 2 Proposed Method
- 3 Experimental Setup
- 4 Conclusion
- References
- POSTER: Semantics-Aware Rule Recommendation and Enforcement for Event Paths
- 1 Motivation
- 2 Our Approach
- 3 Evaluation of Effectiveness
- References
- POSTER: An Approach to Assess Security, Capacity and Reachability for Heterogeneous Industrial Networks
- 1 Introduction
- 2 Proposed Idea
- 3 Results
- 4 Conclusions
- References
- POSTER: An Online Prefix-PreservingIP Address Anonymization Algorithmfor Passive Measurement Systems
- 1 Introduction
- 2 Crypto-PAn
- 3 The Proposed Algorithm
- 3.1 DS-PAn Algorithm
- 4 Performance Evaluation
- 5 Conclusion
- References
- POSTER: Ciphertext-Policy Attribute-Based Encryption Method with Secure Decryption Key Generation and Outsourcing Decryption of ABE Ciphertexts
- 1 Introduction
- 2 Our Construction
- 3 Performance
- 4 Conclusion
- References
- POSTER: Context-Adaptive User-Centric Privacy Scheme for VANET
- 1 Introduction
- 2 Methodology
- 3 Context-Adaptive Privacy Scheme (CADS)
- 4 Conclusion
- References
- POSTER: A Collaborative Approach on Behavior-Based Android Malware Detection
- 1 Introduction
- 2 System Architecture
- Host Domain Reputation Analysis Engine.
- Critical API Call Pattern Analysis Engine.
- Android Permission Use Analysis Engine.
- Correlation Engine.
- 3 Evaluation
- Collection of Malware/Benign Apps.
- The Precision of Single Engine.
- Final Decision.
- Performance.
- References
- POSTER: Using Improved Singular Value Decomposition to Enhance Correlation Power Analysis
- 1 Introduction
- 2 Background Knowledge
- 2.1 SVD
- 2.2 ISVD
- 3 Using ISVD in CPA
- 4 Experiments
- 4.1 Unprotected Implementation
- 4.2 Protected Implementation
- 5 Conclusions
- References
- ATIS 2015: 6th International Workshop on Applications and Techniques in Information Security
- Securing Application with Software Partitioning: A Case Study Using SGX
- 1 Introduction
- 2 Background
- 2.1 Isolation Mechanisms
- 2.1.1 Software-Enforced Isolation
- 2.1.2 Hardware-Enforced Isolation
- 2.2 Software Guard Extensions (SGX)
- 2.2.1 SGX Enclave Instructions and Protection Rings
- 2.2.2 Enclave Life Cycle
- 2.2.3 Asynchronous Exit and Resuming Execution
- 3 Objectives and Adversary Model
- 3.1 Security Objectives
- 3.2 Adversary Model
- 4 Application Software Partitioning
- 4.1 Partitioning Schemes
- 4.1.1 Scheme 1 - Whole Application
- 4.1.2 Scheme 2 - All Secrets
- 4.1.3 Scheme 3 - Separate Secret
- 4.1.4 Scheme 4 - Hybrid
- 4.2 Partitioning Using SGX
- 5 Security and Efficiency Evaluation
- 5.1 Case Study
- 5.2 First Scheme - Whole Application as One Partition
- 5.3 Second Scheme - All Secrets
- 5.4 Third Scheme - Separate Secrets
- 5.5 Fourth Scheme - Hybrid Software Partitioning
- 6 Related Work
- 7 Conclusions and Future Work
- References
- Image Spam Classification Using Neural Network
- 1 Introduction
- 2 Related Works
- 3 Proposed Architecture of Image Spam Detection Technique
- 3.1 Features Extraction and Selection
- 3.2 The BPNN Classifi er Model
- 4 Experimental Evaluation
- 5 Conclusion
- References
- An Effective t-way Test Data Generation Strategy
- 1 Introduction
- 2 Literature Review
- 2.1 Analysis of Test Data Generation Strategies
- 3 Design of MTTG
- 3.1 Step 1: Development of N-Tuples:
- 3.2 Step 2: Identification of 'Missing Parameter'
- 3.3 Step 3: Updating the Missing Parameter
- 4 MTTG Flowchart
- 5 Results and Discussions
- 6 Conclusion
- References
- A Secure Cross-Domain SIP Solution for Mobile Ad Hoc Network Using Dynamic Clustering
- 1 Introduction
- 2 Background and Related Work
- 2.1 Background
- 2.2 Related Work
- 3 Our Proposed Solution
- 3.1 Proposed Server Functionality
- 3.2 Proposed New Clustering Mechanism
- 3.3 Server's AoR Entities
- 3.4 Reputation-Based Election
- 4 Implementation
- 4.1 Service Initiation and In-domain Clustering
- 4.2 Cross-Domain Communication
- 5 Discussion
- 6 Concluding Remarks
- References
- Community-Based Collaborative Intrusion Detection
- 1 Introduction
- 2 Related Work
- 2.1 Anomaly Network Intrusion Detection
- 2.2 Distributed CIDSs
- 3 Community-Based Collaborative Intrusion Detection
- 3.1 Basic Concept
- 3.2 Formal Model
- 3.3 Parameters for Building Communities
- Number of Sensors per Community (nc).
- Number of Communities (nt).
- Sensor Repetitions in Multiple Communities (ns).
- 3.4 Community Formation
- Coupling Criteria.
- Community Construction Algorithms.
- 3.5 Community-Based Intrusion Detection
- 4 Evaluation
- 4.1 The DARPA Dataset
- Modifications to the DARPA Dataset.
- 4.2 The LERAD Integration
- 4.3 Experimental Setup
- 4.4 Results
- 5 Conclusion
- References
- A Novel Clustering Algorithm for Database Anomaly Detection
- 1 Introduction
- 2 Preliminaries
- 2.1 Definitions of Objects
- 2.2 Definition of Measurements
- 3 Anomaly Detection with DBCAPSIC
- 3.1 Basic Idea of DBCAPSIC
- 3.2 Inferior-Centroid to Avoid "Clustering Failure"
- 3.3 Description of DBCAPSIC Algorithm
- 3.4 Analysis of DBCAPSIC
- 3.5 Anomaly Detection
- 4 Experiment and Analysis
- 4.1 Evaluation Setting
- 4.2 Result and Analysis
- 5 Conclusion
- References
- Secrecy Rate Based User Selection Algorithms for Massive MIMO Wireless Networks
- 1 Introduction
- 2 Multiple Input Multiple Output (MIMO) Systems
- 2.1 Conventional MIMO
- 2.2 Conventional MIMO Security Model
- 2.3 Massive MIMO
- 3 System and Transmission Model
- 3.1 Feedback Model
- 4 User Selection Algorithms
- 4.1 Exhaustive Selection (ES)
- 4.2 Frobenius Norm Based Selection (FNS)
- 4.3 Round Robin Selection (RRS)
- 4.4 Secrecy Rate Based Selection (SRS)
- 5 Numerical Results and Discussions
- 6 Conclusion
- References
- Human Surveillance System for Security Application
- 1 Introduction
- 2 Related Works
- 3 Proposed System Architecture
- 3.1 Preprocessing of the Stereo Images
- 3.2 Face Detection
- 3.3 Stereo Correspond ence Matching
- 3.4 Depth Extraction and Location Estimation
- 4 Experimental Evaluation
- 5 Conclusion
- References
- Security Considerations for Wireless Carrier Agonistic Bio-Monitoring Systems
- 1 Introduction
- 2 Background and Related Work
- 3 Security Concerns for Bio-monitoring Data
- 3.1 Communications Protocol
- 3.2 Obfuscation
- 3.3 Encryption of Data
- 3.4 Appropriate Encryption
- 4 Identifying and Trusting Sender and Receiver
- 5 Conclusion
- References
- Author Index
