Medium 9781601322593

Security and Management: The 2013 WorldComp International Conference Proceedings

Views: 3471
Ratings: (0)

New research by international contributors on Security and Management

List price: $59.95

Your Price: $47.96

You Save: 20%

Remix
Remove
 

91 Chapters

Format Buy Remix

Session - Security Management, Security Education, and Hardware Security I

PDF

 

Most Successful Vulnerability Discoverers: Motivation and Methods

PDF

Int'l Conf. Security and Management | SAM'13 |

3

Most Successful Vulnerability Discoverers:

Motivation and Methods

Abdullah M. Algarni, and Yashwant K. Malaiya

Computer Science Department, Colorado State University, Fort Collins, CO 80523, USA

{Algarni, Malaiya}@cs.colostate.edu

Abstract— In this paper, we investigate the factors that motivate and enable successful vulnerability discovery and the role of vulnerability markets. This is done by studying the career, motivation and methods of the most successful vulnerability discoverers.

Vulnerability discovery takes considerable expertise. Some vulnerabilities, if exploited, can cause enormous damage to an organization, a segment of the economy, or even national security. Software developers, security organizations and government agencies are continuously engaged in efforts to prevent improper disclosure of vulnerabilities that can lead to zero-day exploitations. We observe that a major percentage of vulnerabilities are discovered by individuals external to software development organizations. We identify the top vulnerability discoverers throughout the past 12 years, and examine their motivation and methods. We observe that financial reward is a major motivation, especially to discoverers in Eastern Europe.. The paper studies the actual vulnerability market, rather than the hypothetical markets often studied in recent literature.

 

Using Client-Side JavaScript to Mitigate Drive-by-Downloads

PDF

10

Int'l Conf. Security and Management | SAM'13 |

Using Client-Side JavaScript to Mitigate

Drive-by-Downloads

Abner Mendoza, and Narasimha Shashidhar

Department of Computer Science, Sam Houston State University, Huntsville, TX, USA

Abstract - The prevalence of web-based malware distribution has exploded in recent years, with malicious enterprises continuously devising new ways of exploiting vulnerabilities.

Security professionals have found themselves in an arms race in an attempt to contain the spread of malware. Drive-bydownloads, as coined by Google in 2007, is a particularly insidious form of malware distribution that uses browser exploits to automatically install malware on unsuspecting enduser machines. To gain maximum exposure, developers of drive-by-download malware have continuously infiltrated unsuspecting websites that are trusted by many users, and have recruited these websites into their malware distribution network without the consent or knowledge of the website owners. Websites that have been hacked in this manner often go unnoticed for long periods of time by their owners who are oblivious to the malware that their websites are serving.

 

Secure NAND Flash Architecture Resilient to Strong Fault-Injection Attacks Using Algebraic Manipulation Detection Code

PDF

Int'l Conf. Security and Management | SAM'13 |

17

Secure NAND Flash Architecture Resilient to

Strong Fault-Injection Attacks Using Algebraic

Manipulation Detection Code

Pei Luo

Reliable Computing Lab

Electrical and Computer Engineering

Boston University

Email: luopei@bu.edu

Zhen Wang

Mediatek Wireless, Inc

Email: wang.zhen.mtk@gmail.com

Abstract—Multi-level cell (MLC) NAND flash memories are widely used because of their high data transfer rate, large storage density and long mechanical durability. Linear error correcting codes (ECC) such as Reed-Solomon (RS) codes and

Bose-Chaudhuri-Hocquenghem (BCH) codes are often used for error correction. Although linear codes can efficiently detect and correct random errors, they are not sufficient for protecting

NAND flash memories used in cryptographic devices against malicious fault injection attacks. In this paper, we will present an architecture based on the combination of RS codes and Algebraic

Manipulation Detection (AMD) codes which can correct any four byte errors and detect any malicious injected errors with a high probability under the strong attack model. This proposed architecture can significantly improve the security level of the

 

Session - Biometric and Forensics

PDF

 

Fingerprinting Malware using Bioinformatics Tools Building a Classifier for the Zeus Virus

PDF

Int'l Conf. Security and Management | SAM'13 |

27

Fingerprinting Malware using Bioinformatics Tools

Building a Classifier for the Zeus Virus

(Computer Security track, Virus Detection)

Jay Pedersen, Dhundy Bastola, Ken Dick, Robin Gandhi, William Mahoney

School of Interdisciplinary Informatics

College of Information Science and Technology

University of Nebraska at Omaha

Omaha, Nebraska

{jaypedersen, dkbastola, kdick, rgandhi, wmahoney} @unomaha.edu

Abstract— This paper describes an exploratory research project which creates a classifier to distinguish artifacts containing content specific to a known computer virus, given a training set of samples of variants of that virus and using local alignments between the artifacts as its information source. A bioinformatics tool, BLAST, finds the local alignments between a digital artifact and a repository of representatives of the virus. The classification is driven by a comparison of the local alignments to determined alignment fingerprints of the virus representatives.

 

Combination of Fingerprint and Password system

PDF

34

Int'l Conf. Security and Management | SAM'13 |

Combination of Fingerprint and Password system

KyoungYul Bae and Hyun Byun jbae@smu.ac.kr

Sangmyung University

20, Hongjimun2gil, Jongno-gu, Seoul, 110-743, Korea

Abstract- Growing remote access by mobile device and smartphone makes security importance to increase but these days password or pattern security system is too simple to be abused by unauthorized person. Cause of fake and falsify using biometrics canğt provide perfect solution. In this thesis to solve this kind of problem we research how to improve security by consolidating finger recognization and password system

I. INTRODUCTION

Thereby using smartphone and mobile device be more popular the more people utilize mobile device in many area such as education, news, financial. In January, 2007 Apple release i-phone it touch off rapid increasing in user of smartphone and it create new market and these broaden its utilization area. Smartphone use WiFi or 3G mobile radio communication network and it has a feature that can access to internet whenever and anywhere. Also using smartphone application people can search arrival time of public transportation in real time and application is used in mobile banking and stock trading[1].

 

A Biometric Authentication System That Automatically Generates Feature Points

PDF

38

Int'l Conf. Security and Management | SAM'13 |

A Biometric Authentication System That Automatically Generates

Feature Points

2

Hiroshi Dozono1 , Youki Inaba1 , Masanori Nakakuni2

1 Faculty of Science and Engineering, Saga University, 1-Honjyo Saga, 840-8502 JAPAN

Information Technology Center, Fukuoka University, 8-19-1, Nanakuma, Jonan-ku, Fukuoka 814-0180 JAPAN

Abstract— Recently, personal information in the mobile devices have been threatened as the popularization of mobile devices because of the lack attention to the information.

The purpose of our research is to develop the reliable and convenient authentication system for mobile devices. In this paper, the development of the biometric authentication system, which generates feature points from freehand pattern and uses the points as the anchors for drawing pattern and points for detecting pen speed, is introduced using the experimental results.

Keywords: Biometrics, Authentication, Touch panel, Mobile device, Tracing Authentication

1. Introduction

 

A Biometric Security Model with Identities Detection and Local Feature-level Fusion

PDF

Int'l Conf. Security and Management | SAM'13 |

43

A Biometric Security Model with Identities Detection and Local Feature-level Fusion

S. Soviany1, C. Soviany2

T.C.T. Department, National Communication Research Institute (I.N.S.C.C), Bucharest, Romania

1

2

IDES Technologies, Bruxelles, Belgium

Abstract - The paper presents an innovative solution for biometric security systems design in order to enhance the identification applications performance and also to reduce their complexity. The proposed model is relying on a special kind of classifiers called detectors and it is suitable especially for various security requirements applications. The model also includes a local feature-level fusion for each of the integrated biometrics. The designed system is useful especially for medical database remote access control in which different users have different authorization levels, and their precise identification need more optimized solution (either from the execution time and recognition accuracy points of view).

 

Framework for Next Generation Digital Forensics Models

PDF

50

Int'l Conf. Security and Management | SAM'13 |

Framework for Next Generation Digital Forensics Models

Mohsen M. Doroodchi1, Amjad Ali1

1

Center for Security Studies, University of Maryland University College, Adelphi, Maryland, USA

Abstract - Digital Forensics is a fairly new discipline, which due to the heavy overlap with the computer science and information technology is now categorized within the computer science field. On the other hand, the legal side of digital forensics is mainly coming from the traditional forensics procedures and the law. Therefore, the current models are modeling the process of digital investigation to be compliant with law and traditional investigations. In this work, we attempt to examine the forensics as a scientific discipline, in addition to the traditional view, and analyze the past and future trends of its models. Furthermore, key characteristics of a framework for next generation uniform models that are adaptable to computer science discipline are identified.

 

Session - Computer Security I

PDF

 

Distributed Snort Network Intrusion Detection System with Load Balancing Approach

PDF

Int'l Conf. Security and Management | SAM'13 |

57

Distributed Snort Network Intrusion Detection System with Load Balancing

Approach

Wu Yuan, Jeff Tan, Phu Dung Le

Faculty of Information Technology

Monash University

Melbourne, Australia

{Tennyson.Yuan, Jeff.Tan, Phu.Dung.Le}@monash.edu

Abstract—As we enjoy the conveniences that the Internet or computer networks have brought to us, the problems are getting larger, especially network security problems. A

Network Intrusion Detection System (NIDS) is one of the critical components in a network nowadays. It can monitor and analyze activities of network users, and then uses knowledge of attack patterns to identify and prevent such attacks. It can minimize damages that will be caused by attacks. This paper uses Snort, which is one of the most commonly used NIDS in industry. The paper presents an approach of Distributed Snort NIDS, which can coordinate multiple sensors across the Local Area Network to optimize usage of computational resources. The approach implements a

 

An Integrated Approach to Defence Against Degrading Application-Layer DDoS Attacks

PDF

Int'l Conf. Security and Management | SAM'13 |

65

An Integrated Approach to Defence Against

Degrading Application-Layer DDoS Attacks

Dusan Stevanovic and Natalija Vlajic

Department of Computer Science and Engineering

York University

Toronto, Canada dusan@cse.yorku.ca, vlajic@cse.yorku.ca

Abstract—Application layer Distributed Denial of Service

(DDoS) attacks are recognized as one of the most damaging attacks on the Internet security today. In our recent work [1], we have shown that unsupervised machine learning can be effectively utilized in the process of distinguishing between regular (human) and automated (web/botnet crawler) visitors to a web site. We have also shown that with a slightly higher level of sophistication in the design of some web/botnet crawlers, their detection could become particularly challenging, requiring additional vigilance and investigation on the part of the site’s defense team. In this paper, we demonstrate an application of time series analysis in order to perform a further fine-tuned detection of suspicious visitors to a web site. Additionally, we propose a novel application-layer DDoS detection system that integrates the use of our combined unsupervised learning and time-domain webvisitor classifier with the use of standardized challenge-response tests. The system is aimed to ensure reliable detection of malicious (web/botnet crawler) visitors to a web site while being minimally intrusive towards regular (human) visitors.

 

QR Code Steganography

PDF

72

Int'l Conf. Security and Management | SAM'13 |

QR Code Steganography

Donny Jacob Ohana, and Narasimha Shashidhar

Department of Computer Science, Sam Houston State University, Huntsville, TX, USA

Abstract - QR codes, also known as matrix codes, are basically two dimensional barcodes embedded with data that can be decoded quickly for information. In this work, we present a novel use of QR codes. We show that QR codes can be used for covert communication using steganography. We also show in complete detail how to build QR code symbols with a hidden payload and how to extract this hidden information in two ways: with and without a shared secret key. An interesting feature of our research is that we present a technique to convert innocuous QR codes into carriers for malicious messages and malware using simple, everyday tools and software. Communicating secret messages in plain sight creates a credible threat to our national security. We hope that our work brings this issue to light and enhances counterterrorism education.

 

Dynamic Analysis of Malicious Code and Response System

PDF

78

Int'l Conf. Security and Management | SAM'13 |

Dynamic Analysis of Malicious Code and Response

System

Ajay Katangur1, Vinay Chaitankar1, Dulal Kar1, and Somasheker Akkaladevi2

School of Engineering and Computing Sciences, Texas A&M University-Corpus Christi, Corpus Christi,

Texas, USA

2

Department of Computer Information Systems, Virginia State University, Petersburg, Virginia, USA

1

ABSTRACT - Malicious code detection and removal is critical to the security of a computer system. Virus scanners rely on a database of known signatures for viruses and malware for detection. This research paper presents novel methodologies and tools to detect any malicious code present on windows based machine dynamically, and can be used as a preventive measure to protect the system from being infected. Malicious code analysis can be static and dynamic. Dynamic code analysis has a greater edge over static code analysis as the instructions are analyzed at runtime. Thus polymorphic malware can also be detected.

The work presented in this paper uses a newly designed dynamic code technique in conjunction with a developed minifilter driver for malware detection. It runs in a virtual environment to perform the analysis, thus making it impossible for malwares to detect the presence of the developed tool. The minifilter driver is used to monitor the windows API calls, registry changes and used to generate reports which are used to analyze a program as malware or normal. These reports can be analyzed to categorize a program as normal or malware. The developed tool is tested using Symantec malware database and compared with other pre-existing tools to evaluate its effectiveness.

 

Security Standards and Best Practices for Quantum Key Distribution

PDF

Int'l Conf. Security and Management | SAM'13 |

85

Security Standards and Best Practices for

Quantum Key Distribution

Carole Harper

Michael R. Grimaila

Gerald Baumgartner

Center for Cyberspace Research

Air Force Institute of Technology

Wright-Patterson AFB, OH 45433

001-937-255-3636 x4800

Carole.Harper@afit.edu

Center for Cyberspace Research

Air Force Institute of Technology

Wright-Patterson AFB, OH 45433

001-937-255-3636 x4800

Michael.Grimaila@afit.edu

Laboratory for Telecommunications

Sciences

College Park, MD 20740 gbbaumg@gmail.com

ABSTRACT

Quantum Key Distribution (QKD) systems combine cryptographic primitives with quantum information theory to produce a theoretic unconditionally secure cryptographic key. However, real-world implementations of QKD systems are far from ideal and significantly differ from the theoretic model.

Because of this, real-world QKD systems require additional practical considerations when implemented to achieve secure operations. In this paper, a content analysis of the published literature is conducted to determine if established security and cryptographic standards and practices are addressed in real world, practical QKD implementations. The research reveals that the published, real world QKD implementations examined do not take advantage of established security and cryptographic standards and best practices. Based upon an analysis of existing industry security and cryptographic standards and best practices, systems architecture guidelines are used to make recommendations for how these standards can and should be applied to establish a practical, secure,

 

Detecting the Insider Threat: Going beyond the Network Layer

PDF

92

Int'l Conf. Security and Management | SAM'13 |

Detecting the Insider Threat: Going beyond the Network Layer

Rita M. Barrios, PhD.

Computer Information Systems – Cyber Security

University of Detroit Mercy

Detroit, MI, USA barriorm@udmercy.edu

Abstract

Intrusion detection is difficult to accomplish when utilizing the current detection methodologies when considering the database and authorized insiders.

It is a common understanding that current methodologies focus on the network architecture, which is not an adequate solution when considering the insider threat. Recent findings suggest that many have attempted to address this concern with the utilization of various detection methodologies in the areas of database authorization, security policy management and behavior analysis yet have not been able to find an adequate solution to achieve the level of detection that is required.

While each of these methodologies has been addressed on an individual basis, there has been limited work focused on the collaboration of methodologies.

 

Session - Information Assurance

PDF

 

Load more


Details

Print Book
E-Books
Chapters

Format name
PDF
Encrypted
No
Sku
B000000030933
Isbn
9781601322593
File size
21 MB
Printing
Allowed
Copying
Allowed
Read aloud
Allowed
Format name
PDF
Encrypted
No
Printing
Allowed
Copying
Allowed
Read aloud
Allowed
Sku
In metadata
Isbn
In metadata
File size
In metadata