Guo, T., Zhou, R., Tian, C..
2020.
On the Information Leakage in Private Information Retrieval Systems. IEEE Transactions on Information Forensics and Security. 15:2999—3012.
We consider information leakage to the user in private information retrieval (PIR) systems. Information leakage can be measured in terms of individual message leakage or total leakage. Individual message leakage, or simply individual leakage, is defined as the amount of information that the user can obtain on any individual message that is not being requested, and the total leakage is defined as the amount of information that the user can obtain about all the other messages except the one being requested. In this work, we characterize the tradeoff between the minimum download cost and the individual leakage, and that for the total leakage, respectively. Coding schemes are proposed to achieve these optimal tradeoffs, which are also shown to be optimal in terms of the message size. We further characterize the optimal tradeoff between the minimum amount of common randomness and the total leakage. Moreover, we show that under individual leakage, common randomness is in fact unnecessary when there are more than two messages.
Yaseen, Q., Panda, B..
2012.
Tackling Insider Threat in Cloud Relational Databases. 2012 IEEE Fifth International Conference on Utility and Cloud Computing. :215—218.
Cloud security is one of the major issues that worry individuals and organizations about cloud computing. Therefore, defending cloud systems against attacks such asinsiders' attacks has become a key demand. This paper investigates insider threat in cloud relational database systems(cloud RDMS). It discusses some vulnerabilities in cloud computing structures that may enable insiders to launch attacks, and shows how load balancing across multiple availability zones may facilitate insider threat. To prevent such a threat, the paper suggests three models, which are Peer-to-Peer model, Centralized model and Mobile-Knowledgebase model, and addresses the conditions under which they work well.
Zhang, T., Zhao, P..
2010.
Insider Threat Identification System Model Based on Rough Set Dimensionality Reduction. 2010 Second World Congress on Software Engineering. 2:111—114.
Insider threat makes great damage to the security of information system, traditional security methods are extremely difficult to work. Insider attack identification plays an important role in insider threat detection. Monitoring user's abnormal behavior is an effective method to detect impersonation, this method is applied to insider threat identification, to built user's behavior attribute information database based on weights changeable feedback tree augmented Bayes network, but data is massive, using the dimensionality reduction based on rough set, to establish the process information model of user's behavior attribute. Using the minimum risk Bayes decision can effectively identify the real identity of the user when user's behavior departs from the characteristic model.
Roy, P., Mazumdar, C..
2018.
Modeling of Insider Threat using Enterprise Automaton. 2018 Fifth International Conference on Emerging Applications of Information Technology (EAIT). :1—4.
Substantial portions of attacks on the security of enterprises are perpetrated by Insiders having authorized privileges. Thus insider threat and attack detection is an important aspect of Security management. In the published literature, efforts are on to model the insider threats based on the behavioral traits of employees. The psycho-social behaviors are hard to encode in the software systems. Also, in some cases, there are privacy issues involved. In this paper, the human and non-human agents in a system are described in a novel unified model. The enterprise is described as an automaton and its states are classified secure, safe, unsafe and compromised. The insider agents and threats are modeled on the basis of the automaton and the model is validated using a case study.
Spooner, D., Silowash, G., Costa, D., Albrethsen, M..
2018.
Navigating the Insider Threat Tool Landscape: Low Cost Technical Solutions to Jump Start an Insider Threat Program. 2018 IEEE Security and Privacy Workshops (SPW). :247—257.
This paper explores low cost technical solutions that can help organizations prevent, detect, and respond to insider incidents. Features and functionality associated with insider risk mitigation are presented. A taxonomy for high-level categories of insider threat tools is presented. A discussion of the relationship between the types of tools points out the nuances of insider threat control deployment, and considerations for selecting, implementing, and operating insider threat tools are provided.
Mundie, D. A., Perl, S., Huth, C. L..
2013.
Toward an Ontology for Insider Threat Research: Varieties of Insider Threat Definitions. 2013 Third Workshop on Socio-Technical Aspects in Security and Trust. :26—36.
The lack of standardization of the terms insider and insider threat has been a noted problem for researchers in the insider threat field. This paper describes the investigation of 42 different definitions of the terms insider and insider threat, with the goal of better understanding the current conceptual model of insider threat and facilitating communication in the research community.
Claycomb, W. R., Huth, C. L., Phillips, B., Flynn, L., McIntire, D..
2013.
Identifying indicators of insider threats: Insider IT sabotage. 2013 47th International Carnahan Conference on Security Technology (ICCST). :1—5.
This paper describes results of a study seeking to identify observable events related to insider sabotage. We collected information from actual insider threat cases, created chronological timelines of the incidents, identified key points in each timeline such as when attack planning began, measured the time between key events, and looked for specific observable events or patterns that insiders held in common that may indicate insider sabotage is imminent or likely. Such indicators could be used by security experts to potentially identify malicious activity at or before the time of attack. Our process included critical steps such as identifying the point of damage to the organization as well as any malicious events prior to zero hour that enabled the attack but did not immediately cause harm. We found that nearly 71% of the cases we studied had either no observable malicious action prior to attack, or had one that occurred less than one day prior to attack. Most of the events observed prior to attack were behavioral, not technical, especially those occurring earlier in the case timelines. Of the observed technical events prior to attack, nearly one third involved installation of software onto the victim organizations IT systems.
Tyagi, H., Vardy, A..
2015.
Universal Hashing for Information-Theoretic Security. Proceedings of the IEEE. 103:1781–1795.
The information-theoretic approach to security entails harnessing the correlated randomness available in nature to establish security. It uses tools from information theory and coding and yields provable security, even against an adversary with unbounded computational power. However, the feasibility of this approach in practice depends on the development of efficiently implementable schemes. In this paper, we review a special class of practical schemes for information-theoretic security that are based on 2-universal hash families. Specific cases of secret key agreement and wiretap coding are considered, and general themes are identified. The scheme presented for wiretap coding is modular and can be implemented easily by including an extra preprocessing layer over the existing transmission codes.
Venkitasubramaniam, P., Yao, J., Pradhan, P..
2015.
Information-Theoretic Security in Stochastic Control Systems. Proceedings of the IEEE. 103:1914–1931.
Infrastructural systems such as the electricity grid, healthcare, and transportation networks today rely increasingly on the joint functioning of networked information systems and physical components, in short, on cyber-physical architectures. Despite tremendous advances in cryptography, physical-layer security and authentication, information attacks, both passive such as eavesdropping, and active such as unauthorized data injection, continue to thwart the reliable functioning of networked systems. In systems with joint cyber-physical functionality, the ability of an adversary to monitor transmitted information or introduce false information can lead to sensitive user data being leaked or result in critical damages to the underlying physical system. This paper investigates two broad challenges in information security in cyber-physical systems (CPSs): preventing retrieval of internal physical system information through monitored external cyber flows, and limiting the modification of physical system functioning through compromised cyber flows. A rigorous analytical framework grounded on information-theoretic security is developed to study these challenges in a general stochastic control system abstraction-a theoretical building block for CPSs-with the objectives of quantifying the fundamental tradeoffs between information security and physical system performance, and through the process, designing provably secure controller policies. Recent results are presented that establish the theoretical basis for the framework, in addition to practical applications in timing analysis of anonymous systems, and demand response systems in a smart electricity grid.
Cao, Z., Deng, H., Lu, L., Duan, X..
2014.
An information-theoretic security metric for future wireless communication systems. 2014 XXXIth URSI General Assembly and Scientific Symposium (URSI GASS). :1–4.
Quantitative analysis of security properties in wireless communication systems is an important issue; it helps us get a comprehensive view of security and can be used to compare the security performance of different systems. This paper analyzes the security of future wireless communication system from an information-theoretic point of view and proposes an overall security metric. We demonstrate that the proposed metric is more reasonable than some existing metrics and it is highly sensitive to some basic parameters and helpful to do fine-grained tuning of security performance.
Chrysikos, T., Dagiuklas, T., Kotsopoulos, S..
2010.
Wireless Information-Theoretic Security for moving users in autonomic networks. 2010 IFIP Wireless Days. :1–5.
This paper studies Wireless Information-Theoretic Security for low-speed mobility in autonomic networks. More specifically, the impact of user movement on the Probability of Non-Zero Secrecy Capacity and Outage Secrecy Capacity for different channel conditions has been investigated. This is accomplished by establishing a link between different user locations and the boundaries of information-theoretic secure communication. Human mobility scenarios are considered, and its impact on physical layer security is examined, considering quasi-static Rayleigh channels for the fading phenomena. Simulation results have shown that the Secrecy Capacity depends on the relative distance of legitimate and illegitimate (eavesdropper) users in reference to the given transmitter.
Westland, T., Niu, N., Jha, R., Kapp, D., Kebede, T..
2020.
Relating the Empirical Foundations of Attack Generation and Vulnerability Discovery. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :37–44.
Automatically generating exploits for attacks receives much attention in security testing and auditing. However, little is known about the continuous effect of automatic attack generation and detection. In this paper, we develop an analytic model to understand the cost-benefit tradeoffs in light of the process of vulnerability discovery. We develop a three-phased model, suggesting that the cumulative malware detection has a productive period before the rate of gain flattens. As the detection mechanisms co-evolve, the gain will likely increase. We evaluate our analytic model by using an anti-virus tool to detect the thousands of Trojans automatically created. The anti-virus scanning results over five months show the validity of the model and point out future research directions.
Walia, K. S., Shenoy, S., Cheng, Y..
2020.
An Empirical Analysis on the Usability and Security of Passwords. 2020 IEEE 21st International Conference on Information Reuse and Integration for Data Science (IRI). :1–8.
Security and usability are two essential aspects of a system, but they usually move in opposite directions. Sometimes, to achieve security, usability has to be compromised, and vice versa. Password-based authentication systems require both security and usability. However, to increase password security, absurd rules are introduced, which often drive users to compromise the usability of their passwords. Users tend to forget complex passwords and use techniques such as writing them down, reusing them, and storing them in vulnerable ways. Enhancing the strength while maintaining the usability of a password has become one of the biggest challenges for users and security experts. In this paper, we define the pronounceability of a password as a means to measure how easy it is to memorize - an aspect we associate with usability. We examine a dataset of more than 7 million passwords to determine whether the usergenerated passwords are secure. Moreover, we convert the usergenerated passwords into phonemes and measure the pronounceability of the phoneme-based representations. We then establish a relationship between the two and suggest how password creation strategies can be adapted to better align with both security and usability.
Ekşim, A., Demirci, T..
2020.
Ultimate Secrecy in Cooperative and Multi-hop Wireless Communications. 2020 XXXIIIrd General Assembly and Scientific Symposium of the International Union of Radio Science. :1–4.
In this work, communication secrecy in cooperative and multi-hop wireless communications for various radio frequencies are examined. Attenuation lines and ranges of both detection and ultimate secrecy regions were calculated for cooperative communication channel and multi-hop channel with various number of hops. From results, frequency ranges with the highest potential to apply bandwidth saving method known as frequency reuse were determined and compared to point-to-point channel. Frequencies with the highest attenuation were derived and their ranges of both detection and ultimate secrecy are calculated. Point-to-point, cooperative and multi-hop channels were compared in terms of ultimate secrecy ranges. Multi-hop channel measurements were made with different number of hops and the relation between the number of hops and communication security is examined. Ultimate secrecy ranges were calculated up to 1 Terahertz and found to be less than 13 meters between 550-565 GHz frequency range. Therefore, for short-range wireless communication systems such as indoor and in-device communication systems (board-to-board or chip-to-chip communications), it is shown that various bands in the Terahertz band can be used to reuse the same frequency in different locations to obtain high security and high bandwidth.
Feng, X., Wang, D., Lin, Z., Kuang, X., Zhao, G..
2020.
Enhancing Randomization Entropy of x86-64 Code while Preserving Semantic Consistency. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1–12.
Code randomization is considered as the basis of mitigation against code reuse attacks, fundamentally supporting some recent proposals such as execute-only memory (XOM) that aims at dynamic return-oriented programming (ROP) attacks. However, existing code randomization methods are hard to achieve a good balance between high-randomization entropy and semantic consistency. In particular, they always ignore code semantic consistency, incurring performance loss and incompatibility with current security schemes, e.g., control flow integrity (CFI). In this paper, we present an enhanced code randomization method termed as HCRESC, which can improve the randomization entropy significantly, meanwhile ensure the semantic consistency between variants and the original code. HCRESC reschedules instructions within the range of functions rather than basic blocks, thus producing more variants of the original code and preserving the code's semantic. We implement HCRESC on Linux platform of x86-64 architecture and demonstrate that HCRESC can increase the randomization entropy of x86-64 code over than 120% compared with existing methods while ensuring control flow and size of the code unaltered.
Nguyen, Q. N., Lopez, J., Tsuda, T., Sato, T., Nguyen, K., Ariffuzzaman, M., Safitri, C., Thanh, N. H..
2020.
Adaptive Caching for Beneficial Content Distribution in Information-Centric Networking. 2020 International Conference on Information Networking (ICOIN). :535–540.
Currently, little attention has been carried out to address the feasibility of in-network caching in Information-Centric Networking (ICN) for the design and real-world deployment of future networks. Towards this line, in this paper, we propose a beneficial caching scheme in ICN by storing no more than a specific number of replicas for each content. Particularly, to realize an optimal content distribution for deploying caches in ICN, a content can be cached either partially or as a full-object corresponding to its request arrival rate and data traffic. Also, we employ a utility-based replacement in each content node to keep the most recent and popular content items in the ICN interconnections. The evaluation results show that the proposal improves the cache hit rate and cache diversity considerably, and acts as a beneficial caching approach for network and service providers in ICN. Specifically, the proposed caching mechanism is easy to deploy, robust, and relevant for the content-based providers by enabling them to offer users high Quality of Service (QoS) and gain benefits at the same time.
Nasir, N. A., Jeong, S.-H..
2020.
Testbed-based Performance Evaluation of the Information-Centric Network. 2020 International Conference on Information and Communication Technology Convergence (ICTC). :166–169.
Proliferation of the Internet usage is rapidly increasing, and it is necessary to support the performance requirements for multimedia applications, including lower latency, improved security, faster content retrieval, and adjustability to the traffic load. Nevertheless, because the current Internet architecture is a host-oriented one, it often fails to support the necessary demands such as fast content delivery. A promising networking paradigm called Information-Centric Networking (ICN) focuses on the name of the content itself rather than the location of that content. A distinguished alternative to this ICN concept is Content-Centric Networking (CCN) that exploits more of the performance requirements by using in-network caching and outperforms the current Internet in terms of content transfer time, traffic load control, mobility support, and efficient network management. In this paper, instead of using the saturated method of validating a theory by simulation, we present a testbed-based performance evaluation of the ICN network. We used several new functions of the proposed testbed to improve the performance of the basic CCN. In this paper, we also show that the proposed testbed architecture performs better in terms of content delivery time compared to the basic CCN architecture through graphical results.