ICT Systems Security and Privacy Protection
32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29-31, 2017, Proceedings
Published on 17. May 2017
XVI, 586 pages
978-3-319-58469-0 (ISBN)
Description
This book constitutes the refereed proceedings of the 32nd IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection, SEC 2017, held in Rome, Italy, in May 2017.
The 38 revised full papers presented were carefully reviewed and selected from 199 submissions. The papers are organized in the following topical sections: network security and cyber attacks; security and privacy in social applications and cyber attacks defense; private queries and aggregations; operating systems and firmware security; user authentication and policies; applied cryptography and voting schemes; software security and privacy; privacy; and digital signature, risk management, and code reuse attacks.
The 38 revised full papers presented were carefully reviewed and selected from 199 submissions. The papers are organized in the following topical sections: network security and cyber attacks; security and privacy in social applications and cyber attacks defense; private queries and aggregations; operating systems and firmware security; user authentication and policies; applied cryptography and voting schemes; software security and privacy; privacy; and digital signature, risk management, and code reuse attacks.
More details
Series
Edition
1st ed. 2017
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Product notice
Reflowable
Illustrations
XVI, 586 p. 159 illus.
File size
46,48 MB
ISBN-13
978-3-319-58469-0 (9783319584690)
DOI
10.1007/978-3-319-58469-0
Schweitzer Classification
Other editions
Additional editions
Sabrina de Capitani Di Vimercati | Fabio Martinelli
ICT Systems Security and Privacy Protection
32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29-31, 2017, Proceedings
Book
05/2017
Springer
€106.99
Shipment within 10-15 days
Content
- Intro
- Preface
- Organization
- Contents
- Network Security and Cyber Attacks
- Turning Active TLS Scanning to Eleven
- 1 Introduction
- 2 Background
- 2.1 Related Work
- 3 Methodology
- 3.1 Introducing New Approaches
- 3.2 Implemented Approaches
- 4 Results
- 4.1 Experimental Results
- 4.2 Cipher Suite Results of Top-10k Domains
- 5 Discussion
- 6 Conclusion
- References
- Slow TCAM Exhaustion DDoS Attack
- 1 Introduction
- 1.1 Slow TCAM Exhaustion Attacks
- 2 Slow TCAM Exhaustion Attack (Slow-TCAM)
- 2.1 Attacking SDN
- 2.2 Slow-TCAM
- 3 Slow-TCAM Experimental Analysis
- 4 Mitigating Slow-TCAM
- 4.1 SIFT
- 4.2 Experimental Results with SIFT
- 5 Related and Future Work
- References
- Evasive Malware Detection Using Groups of Processes
- 1 Introduction
- 2 Related Work
- 3 Proposed Solution
- 3.1 The Management of Groups
- 3.2 Heuristics
- 3.3 Remediation
- 4 Technical Results
- 4.1 Detection Tests
- 4.2 Limitations of the Solution
- 5 Conclusions
- References
- A Malware-Tolerant, Self-Healing Industrial Control System Framework
- 1 Introduction
- 2 Overview
- 2.1 Traditional Industrial Control System Architecture
- 2.2 Assumptions
- 2.3 Proposed Architecture
- 3 Security Analysis and Results
- 3.1 ProVerif Proofs
- 3.2 Evaluation of Self-healing FreeRTOS
- 3.3 Performance Analysis of TrustZone
- 4 Discussion
- 4.1 Attacks
- 4.2 Diversity of PLCs
- 4.3 Implications
- 5 Related Work and Comparison
- 6 Conclusion
- References
- Process Discovery for Industrial Control System Cyber Attack Detection
- 1 Introduction
- 2 Background
- 3 ICS Modeling Requirements
- 4 Experiment
- 4.1 Experimental Setup
- 4.2 Experimental Methodology
- 5 Results and Analysis
- 6 Conclusion
- References
- Security and Privacy in Social Applications and Cyber Attacks Defense
- Secure Photo Sharing in Social Networks
- 1 Introduction
- 2 Preliminaries
- 2.1 Access Structure
- 2.2 Linear Secret Sharing Scheme
- 2.3 Multi-authority Attributes
- 2.4 Bilinear Pairings
- 2.5 Security Assumptions
- 2.6 MA-ABE Algorithms
- 3 System Design
- 3.1 Diaspora's Architecture and Assumptions
- 3.2 MA-ABE in Diaspora
- 4 Evaluation
- 5 Related Work
- 6 Conclusions
- References
- Context-Dependent Privacy-Aware Photo Sharing Based on Machine Learning
- 1 Introduction
- 2 Related Work
- 3 A Model for Context-/Privacy-Aware Photo Sharing
- 3.1 Security Assumption and Operating Principle
- 3.2 Feature Definition
- 3.3 Photo Sharing Decisions
- 4 User Study and Data Collection
- 5 Evaluation and Analysis
- 5.1 Methodology
- 5.2 Within-Subject Analysis
- 5.3 One-Size-Fits-All Model
- 5.4 Influences of Features on Decision Making
- 6 Discussions
- 7 Conclusion
- References
- 3LP: Three Layers of Protection for Individual Privacy in Facebook
- 1 Introduction
- 2 The Importance of Friendship Links
- 2.1 Data Sets
- 2.2 Empirical Demonstration
- 3 Our Technique
- 4 Experimental Results and Discussion
- 5 Conclusion
- References
- A Framework for Moving Target Defense Quantification
- 1 Introduction
- 2 Related Work
- 3 Threat Model and Assumptions
- 4 Quantification Framework
- 4.1 Mathematical Model
- 4.2 Computing MTD Effectiveness
- 5 Experimental Evaluation
- 6 Applications
- 6.1 Comparing MTDs
- 6.2 Selecting Optimal Defenses
- 6.3 Extending the Framework
- 7 Conclusions and Future Work
- References
- Private Queries and Aggregations
- Query Privacy in Sensing-as-a-Service Platforms
- 1 Introduction
- 2 Related Work
- 3 Problem Definition
- 3.1 System Model
- 3.2 Adversarial Model
- 4 Query Privacy for Sensing Platforms Protocol
- 4.1 Overview
- 4.2 Preliminaries
- 4.3 Initialization Phase
- 4.4 Query Phase
- 4.5 Response Phase
- 5 Security Analysis
- 5.1 Query Confidentiality
- 5.2 Query Privacy
- 6 Experimental Evaluation
- 7 Conclusions
- A Appendix
- A.1 Key Validation Procedure
- References
- Secure and Efficient k-NN Queries
- 1 Introduction
- 2 Problem Statement
- 3 Proposed Approach
- 3.1 DS-kNN Query Protocol
- 3.2 Extensions
- 4 Complexity Analysis
- 5 Security Analysis
- 6 Experimental Evaluation
- 7 Related Work
- 8 Conclusion and Future Work
- References
- Secure and Trustable Distributed Aggregation Based on Kademlia
- 1 Introduction
- 2 Aggregation Protocol
- 3 Basic Aggregation
- 4 Recursive Aggregation over the Kademlia Binary Tree
- 5 Robust Aggregation
- 6 Protocol Properties
- 7 Experimental Confidentiality Analysis
- 8 Conclusion
- References
- Operating System and Firmware Security
- HyBIS: Advanced Introspection for Effective Windows Guest Protection
- 1 Introduction
- 1.1 Motivation
- 1.2 Contribution
- 2 Related Work
- 3 HyBIS - Approach and Functionalities
- 3.1 HyBIS Functionalities
- 4 HyBIS - Design, Architecture and Implementation
- 4.1 Architecture
- 4.2 Technology Info
- 4.3 Implementation Details
- 4.4 Further Details
- 5 Evaluation
- 6 Conclusion and Future Work
- References
- Detection of Side Channel Attacks Based on Data Tainting in Android Systems
- 1 Introduction
- 2 Background
- 2.1 Dynamic Taint Analysis
- 2.2 TaintDroid
- 3 Target Threat Model
- 4 Side Channels Attacks
- 4.1 Timing Attack
- 4.2 Cache Memory Attack
- 4.3 Meta Data Attacks
- 4.4 Graphics Processing Unit Attacks
- 5 Detection of Side Channel Attacks
- 5.1 Timing Side Channel Propagation Rule
- 5.2 Memory Cache Side Channel Propagation Rules
- 5.3 Meta Data Propagation Rule
- 5.4 GPU Propagation Rule
- 6 Implementation
- 6.1 Timing Attack Detection
- 6.2 Cache Memory Attack Detection
- 6.3 Meta Data Attacks Detection
- 6.4 Graphics Processing Unit Attacks Detection
- 7 Evaluation
- 7.1 Effectiveness
- 7.2 False Positives
- 7.3 Performance
- 8 Discussion
- 9 Related Work
- 9.1 Software Side Channels Attacks
- 9.2 Side Channels Countermeasures
- 10 Conclusion
- References
- The Fuzzing Awakens: File Format-Aware Mutational Fuzzing on Smartphone Media Server Daemons
- 1 Introduction
- 2 Background
- 2.1 Attack Vectors: Media Server Daemons and Multimedia Files
- 2.2 Seed File Format
- 3 File Format-Aware Mutational Fuzzing
- 3.1 Overview
- 3.2 Challenges
- 3.3 Main Phases
- 4 Evaluation
- 4.1 General Results
- 4.2 Comparisons
- 5 Limitations and Future Work
- 6 Related Work
- 7 Conclusion
- References
- Towards Automated Classification of Firmware Images and Identification of Embedded Devices
- 1 Introduction
- 2 Firmware Classification and Identification
- 2.1 Discussion on ``Naive'' Attempts
- 2.2 Dataset
- 2.3 Features Selection
- 2.4 Evaluation
- 3 Device Fingerprinting and Identification
- 3.1 Discussion on ``Naive'' Attempts
- 3.2 Dataset
- 3.3 Features for Web Interface Fingerprinting
- 3.4 Scoring Systems for Features
- 3.5 Evaluation
- 4 Usage Scenarios
- 4.1 Firmware Classification
- 4.2 Device Fingerprinting and Identification
- 4.3 Automated End-to-End Scenario
- 5 Related Work
- 6 Conclusion
- References
- Runtime Firmware Product Lines Using TPM2.0
- 1 Introduction
- 2 General Idea
- 3 Related Work
- 3.1 Secure Runtime Product Lines
- 3.2 Overlay Filesystems
- 3.3 TPM 2.0
- 4 Concept
- 4.1 Device Production
- 4.2 Firmware Creation
- 4.3 Booting a Model-Specific Firmware
- 5 Discussion
- 5.1 Security
- 5.2 Extensions
- 6 Implementation
- 7 Conclusion and Future Work
- References
- User Authentication and Policies
- On the Use of Emojis in Mobile Authentication
- 1 Introduction
- 2 Related Work
- 3 EmojiAuth: Emoji-Based Authentication Scheme
- 4 Lab Study
- 4.1 Methodology and Procedure
- 4.2 Results
- 5 Field Study
- 5.1 Methodology and Procedure
- 5.2 Shoulder-Surfing Experiment
- 5.3 Results
- 6 Discussion and Conclusion
- References
- EmojiTCHA: Using Emotion Recognition to Tell Computers and Humans Apart
- 1 Introduction
- 2 Preliminaries
- 2.1 Microsoft Project Oxford
- 2.2 Emoji Character Set
- 3 Related Work
- 4 Methodology
- 5 CAPTCHA Challenge Generation
- 6 EmojiTCHA Usability Study
- 7 Design Limitations and Security Analysis
- 8 Conclusions and Future Work
- References
- Assisted Authoring, Analysis and Enforcement of Access Control Policies in the Cloud
- 1 Introduction
- 2 A Running Example
- 3 An Abstract Access Control Model for the Cloud
- 4 From Abstract to Enforceable Policies in the Cloud
- 4.1 Reconstruction of the Amazon and OpenStack AC Model
- 4.2 Policy Support in Amazon and OpenStack
- 5 SecurePG
- 5.1 Policy Generator Engine
- 5.2 Abstract Policy Analysis Engine
- 6 Discussion
- References
- Capturing Policies for BYOD
- 1 Introduction
- 1.1 Related Work
- 2 Capturing BYOD Policies
- 3 Instantiating SecPAL
- 4 BYOD Policies
- 5 Authorization Example
- 6 BYOD Idioms
- 7 Conclusions
- References
- Applied Cryptography and Voting Schemes
- Improving Blind Steganalysis in Spatial Domain Using a Criterion to Choose the Appropriate Steganalyzer Between CNN and SRM+EC
- 1 Introduction
- 2 Related Works
- 2.1 Steganography
- 2.2 CNN-Based Steganalysis
- 3 Convolutional Neural Networks for Image Steganalysis
- 3.1 The CNN Architecture Proposed by Xu et al. [23]
- 3.2 Detection Performance Evaluation of the CNN
- 3.3 Characterizing the Mis-CNN-Classified Images
- 4 Taking the Best from CNN and SRM+EC Predictions
- 4.1 Choosing the Best Method for a Given Input Image
- 4.2 Detection Performance Evaluation of the Proposal
- 5 Conclusion and Future Work
- References
- BinSign: Fingerprinting Binary Functions to Support Automated Analysis of Code Executables
- 1 Introduction
- 1.1 Reverse Engineering and Function Fingerprinting
- 1.2 Approach
- 1.3 Contributions
- 1.4 Paper Organization
- 2 BinSign Methodology
- 2.1 Threat Model
- 2.2 Feature Extraction
- 2.3 Fingerprint Generation
- 2.4 Fingerprint Matching
- 3 Experimental Results
- 3.1 Dataset Description
- 3.2 Comparison with Existing Tools
- 3.3 Function Reuse Detection
- 3.4 Scalability Evaluation
- 3.5 Resilience to Different Compiler Optimization Levels
- 3.6 Malware Similarity Analysis
- 3.7 Obfuscation Resilience
- 4 Related Work
- 4.1 Exact and Inexact Fingerprint Matching
- 4.2 Graph-Based Binary Fingerprinting
- 4.3 Source and Binary Clone Detection
- 5 Conclusion
- References
- Decoy Password Vaults: At Least as Hard as Steganography?
- 1 Introduction
- 2 Merging Two Streams of Related Work
- 3 Password Vault Model
- 3.1 Defining Password Vaults
- 3.2 Mimicking Vault Distribution
- 4 Security of CRPV Systems
- 4.1 Perfect Security
- 4.2 Computational Bounds for the Estimation of Preal
- 4.3 -security
- 5 Differences Between Steganography and CRPVs
- 6 Conclusion
- References
- Election-Dependent Security Evaluation of Internet Voting Schemes
- 1 Introduction
- 2 Requirements for the Security Evaluation Framework
- 3 Construction of the Security Evaluation Framework
- 3.1 Definitions
- 3.2 Determination of Satisfaction Degrees in Election Settings
- 4 Evaluation of the Security Evaluation Framework
- 5 Conclusion
- References
- Software Security and Privacy
- Combating Control Flow Linearization
- 1 Introduction
- 2 Background
- 2.1 Control Flow Linearization
- 2.2 CFL on the x86 Platform
- 2.3 Instruction Substitution
- 2.4 Formalizing the MOVFUSCATOR
- 3 Deobfuscation---Control Flow Recovery
- 4 Evaluation
- 5 Related Work
- 6 Conclusion
- References
- Ghost Patches: Fake Patches for Fake Vulnerabilities
- 1 Introduction
- 2 Background
- 3 Approach
- 3.1 Threat Model
- 3.2 Properties of Ghost Patches
- 3.3 Implementation Properties
- 3.4 Post Testing
- 3.5 LLVM Workflow
- 3.6 Implementation
- 4 Evaluation
- 4.1 Simple Example
- 5 Results
- 5.1 Runtime Analysis
- 5.2 Program Analysis
- 6 Discussion
- 7 Conclusion
- References
- SIMBER: Eliminating Redundant Memory Bound Checks via Statistical Inference
- 1 Introduction
- 2 Background
- 3 Overview of System Design
- 3.1 Dependency Graph Construction
- 3.2 Statistical-Guided Inference
- 3.3 Knowledge Base
- 3.4 Redundant Checks Identification
- 3.5 Check-HotSpot Identification
- 3.6 SIMBER-Optimized Softbound Code
- 4 Evaluation
- 4.1 Redundant Checks
- 4.2 Memory Overhead and Code Increase
- 4.3 Case Studies
- 5 Related Work
- 6 Conclusions and Future Work
- References
- Towards Systematic Privacy and Operability (PRIOP) Studies
- 1 Introduction
- 2 Background
- 3 Privacy and Operability Studies
- 4 Related Work
- 5 Conclusions
- References
- Data Minimisation: A Language-Based Approach
- 1 Introduction
- 2 Attacker Model
- 3 Data Minimisers
- 3.1 Monolithic Case
- 3.2 Distributed Case
- 4 Best Minimisers
- 4.1 Monolithic Case
- 4.2 Distributed Case
- 5 Building Minimisers
- 5.1 Symbolic Execution
- 5.2 Static Generation of Minimisers
- 5.3 DataMin Implementation
- 6 Final Discussion
- References
- Privacy
- Differentially Private Neighborhood-Based Recommender Systems
- 1 Introduction
- 1.1 Our Contribution
- 2 Preliminary
- 2.1 Review Probabilistic NBM
- 2.2 Differential Privacy
- 3 Differentially Private SGD
- 4 Differentially Private Posterior Sampling
- 4.1 Stochastic Gradient Langevin Dynamics
- 4.2 Unbiased Estimator of The Gradient
- 4.3 Differential Privacy via Posterior Sampling
- 5 Experiments and Evaluation
- 5.1 Experiments Setup
- 5.2 Comparison Results
- 5.3 Summary
- 6 Related Work
- 7 Conclusion
- References
- Privacy-Enhanced Profile-Based Authentication Using Sparse Random Projection
- 1 Introduction
- 2 Preliminaries
- 3 Privacy-Preserving Profile-Based Authentication Systems
- 3.1 Correctness and Security
- 3.2 Privacy Model
- 3.3 Privacy Transform
- 3.4 Privacy Analysis
- 4 Experiments
- 4.1 Correctness Experiments
- 4.2 Privacy Evaluation
- 4.3 Changeability Evaluation
- 5 Related Works
- 6 Concluding Remarks
- A Proof of Proposition 1
- References
- Supporting Privacy by Design Using Privacy Process Patterns
- 1 Introduction
- 2 Related Work
- 3 Privacy Process Patterns
- 3.1 Anonymity
- 3.2 Pseudonymity
- 3.3 Unlinkability
- 3.4 Undetectability
- 3.5 Unobservability
- 4 Privacy Process Patterns Implementation
- 4.1 PriS Methodology
- 4.2 Expression of PriS with JSON Format
- 5 Illustration of the Privacy Process Patterns
- 6 Conclusions
- References
- Evaluating the Privacy Implications of Frequent Itemset Disclosure
- 1 Introduction and Related Work
- 2 Problem Statement
- 2.1 K-distant-IFM-solutions Problem
- 2.2 k-distant-IFM-solutions
- 3 Proposed Approach
- 3.1 Maximum Distant Dataset
- 3.2 Heuristic Solver
- 4 Experimental Evaluation
- 5 Conclusion
- References
- Digital Signature, Risk Management, and Code Reuse Attacks
- Forward-Secure Digital Signature Schemes with Optimal Computation and Storage of Signers
- 1 Introduction
- 2 Background
- 2.1 Forward Secure Signature Schemes
- 3 Fast Forward Secure Digital Signature Schemes
- 3.1 Overview of the AR Scheme
- 3.2 Fast-AR
- 4 Security Analysis
- 5 Experiment
- 6 Related Work
- 7 Conclusion
- References
- RiskInDroid: Machine Learning-Based Risk Analysis on Android
- 1 Introduction
- 2 Android in a Nutshell
- 3 Related Work
- 4 Reliability of Probabilistic Risk Indexes
- 4.1 Statistical Analysis on APs
- 4.2 Dynamic Impacts
- 4.3 Evaluating Probabilistic Methods
- 5 RiskInDroid: A Machine Learning-Based Risk Index
- 5.1 Methodology
- 5.2 Selection of Classifiers
- 6 Experimental Results
- 7 Conclusion and Future Work
- References
- Using Fraud Patterns for Fraud Risk Assessment of E-services
- 1 Introduction
- 2 Background
- 2.1 Fraud Risk in E-services
- 2.2 Fraud Risk Assessment
- 2.3 Fraud Patterns
- 3 Methodology
- 4 Fraud Risk Assessment Domain Model
- 5 Modelling the Telecom E-services Domain
- 5.1 Fraud Scenarios
- 5.2 Fraud Pattern Development
- 6 Fraud Risk Patterns (FRPs)
- 7 Application of FRPs to Telecom Services
- 7.1 Case Study Description
- 7.2 Risk Assessment
- 8 Discussion
- 9 Conclusion and Future Work
- References
- Gadget Weighted Tagging: A Flexible Framework to Protect Against Code Reuse Attacks
- 1 Introduction
- 2 Background and Related Work
- 2.1 Code Reuse Attacks (CRAs)
- 2.2 Control Flow Integrity (CFI)
- 2.3 Legal Gadgets
- 3 Threat Model
- 4 Gadget Weighted Tagging
- 4.1 Finding Gadgets
- 4.2 Weighted Tagging
- 4.3 Monitoring Gadget Tags
- 4.4 Hardware Implementation
- 5 GWT Combining with CFI
- 5.1 Motivation of GWT+CFI
- 5.2 Finding Legal Gadgets
- 6 Security Analysis
- 6.1 Gadget Discovery
- 6.2 Practical Attacks
- 7 Performance Analysis
- 8 Conclusions and Future Work
- References
- Author Index
