2552 Slices
Medium 9781601322401

Session - E-Commerce and Privacy + Education and Learning Methods + Knowledge-Based Systems

Hamid R. Arabnia, Azita Bahrami, Fernando G. Tinetti, Leonidas Deligiannidis, George Jandieri, and Ashu M. G. Solo CSREA Press PDF
Medium 9781601322623

Session - Communication Techniques in Reconfigurable Systems

Toomas P. Plaks CSREA Press PDF
Medium 9781601322593

Secure NAND Flash Architecture Resilient to Strong Fault-Injection Attacks Using Algebraic Manipulation Detection Code

Kevin Daimi, Hamid R. Arabnia, Michael R. Grimaila, Kathy Liszka, George Markowsky, and Ashu, M. G. Solo CSREA Press PDF

Int'l Conf. Security and Management | SAM'13 |

17

Secure NAND Flash Architecture Resilient to

Strong Fault-Injection Attacks Using Algebraic

Manipulation Detection Code

Pei Luo

Reliable Computing Lab

Electrical and Computer Engineering

Boston University

Email: luopei@bu.edu

Zhen Wang

Mediatek Wireless, Inc

Email: wang.zhen.mtk@gmail.com

Abstract—Multi-level cell (MLC) NAND flash memories are widely used because of their high data transfer rate, large storage density and long mechanical durability. Linear error correcting codes (ECC) such as Reed-Solomon (RS) codes and

Bose-Chaudhuri-Hocquenghem (BCH) codes are often used for error correction. Although linear codes can efficiently detect and correct random errors, they are not sufficient for protecting

NAND flash memories used in cryptographic devices against malicious fault injection attacks. In this paper, we will present an architecture based on the combination of RS codes and Algebraic

Manipulation Detection (AMD) codes which can correct any four byte errors and detect any malicious injected errors with a high probability under the strong attack model. This proposed architecture can significantly improve the security level of the

See All Chapters
Medium 9781601322593

A Biometric Security Model with Identities Detection and Local Feature-level Fusion

Kevin Daimi, Hamid R. Arabnia, Michael R. Grimaila, Kathy Liszka, George Markowsky, and Ashu, M. G. Solo CSREA Press PDF

Int'l Conf. Security and Management | SAM'13 |

43

A Biometric Security Model with Identities Detection and Local Feature-level Fusion

S. Soviany1, C. Soviany2

T.C.T. Department, National Communication Research Institute (I.N.S.C.C), Bucharest, Romania

1

2

IDES Technologies, Bruxelles, Belgium

Abstract - The paper presents an innovative solution for biometric security systems design in order to enhance the identification applications performance and also to reduce their complexity. The proposed model is relying on a special kind of classifiers called detectors and it is suitable especially for various security requirements applications. The model also includes a local feature-level fusion for each of the integrated biometrics. The designed system is useful especially for medical database remote access control in which different users have different authorization levels, and their precise identification need more optimized solution (either from the execution time and recognition accuracy points of view).

See All Chapters
Medium 9781601322593

Detecting Distributed SQL Injection Attacks in a Eucalyptus Cloud Environment

Kevin Daimi, Hamid R. Arabnia, Michael R. Grimaila, Kathy Liszka, George Markowsky, and Ashu, M. G. Solo CSREA Press PDF

Int'l Conf. Security and Management | SAM'13 |

359

Detecting Distributed SQL Injection Attacks in a

Eucalyptus Cloud Environment

Alan Kebert, Bikramjit Banerjee, Glover George,

Juan Solano

School of Computing

The University of Southern Mississippi

Hattiesburg, MS 39402, USA

Alan.Kebert@eagles.usm.edu

Abstract—Cloud computing environments offer malicious users the ability to spawn multiple instances of cloud nodes that are similar to virtual machines, except that they can have separate external IP addresses. In this paper we demonstrate how this ability can be exploited by an attacker to distribute his/her attack, in particular SQL injection attacks, in such a way that an intrusion detection system (IDS) could fail to identify this attack. To demonstrate this, we set up a small private cloud, established a vulnerable website in one instance, and placed an

IDS within the cloud to monitor the network traffic. We found that an attacker could quite easily defeat the IDS by periodically altering its IP address. To detect such an attacker, we propose to use multi-agent plan recognition, where the multiple source IPs are considered as different agents who are mounting a collaborative attack. We show that such a formulation of this problem yields a more sophisticated approach to detecting SQL injection attacks within a cloud computing environment.

See All Chapters

See All Slices