Visible to the public Biblio

Found 597 results

Filters: First Letter Of Title is I  [Clear All Filters]
A B C D E F G H [I] J K L M N O P Q R S T U V W X Y Z   [Show ALL]
Weidman, Jake, Grossklags, Jens.  2017.  I Like It, but I Hate It: Employee Perceptions Towards an Institutional Transition to BYOD Second-Factor Authentication. Proceedings of the 33rd Annual Computer Security Applications Conference. :212–224.

The continued acceptance of enhanced security technologies in the private sector, such as two-factor authentication, has prompted significant changes of organizational security practices. While past work has focused on understanding how users in consumer settings react to enhanced security measures for banking, email, and more, little work has been done to explore how these technological transitions and applications occur within organizational settings. Moreover, while many corporations have invested significantly to secure their networks for the sake of protecting valuable intellectual property, academic institutions, which also create troves of intellectual property, have fallen behind in this endeavor. In this paper, we detail a transition from a token-based, two-factor authentication system within an academic institution to an entirely digital system utilizing employee-owned mobile devices. To accomplish this, we first conducted discussions with staff from the Information Security Office to understand the administrative perspective of the transition. Second, our key contribution is the analysis of an in-depth survey to explore the perceived benefits and usability of the novel technological requirements from the employee perspective. In particular, we investigate the implications of the new authentication system based on employee acceptance or opposition to the mandated technological transition, with a specific focus on the utilization of personal devices for workplace authentication.

Tesfay, Welderufael B., Hofmann, Peter, Nakamura, Toru, Kiyomoto, Shinsaku, Serna, Jetzabel.  2018.  I Read but Don'T Agree: Privacy Policy Benchmarking Using Machine Learning and the EU GDPR. Companion Proceedings of the The Web Conference 2018. :163–166.
With the continuing growth of the Internet landscape, users share large amount of personal, sometimes, privacy sensitive data. When doing so, often, users have little or no clear knowledge about what service providers do with the trails of personal data they leave on the Internet. While regulations impose rather strict requirements that service providers should abide by, the defacto approach seems to be communicating data processing practices through privacy policies. However, privacy policies are long and complex for users to read and understand, thus failing their mere objective of informing users about the promised data processing behaviors of service providers. To address this pertinent issue, we propose a machine learning based approach to summarize the rather long privacy policy into short and condensed notes following a risk-based approach and using the European Union (EU) General Data Protection Regulation (GDPR) aspects as assessment criteria. The results are promising and indicate that our tool can summarize lengthy privacy policies in a short period of time, thus supporting users to take informed decisions regarding their information disclosure behaviors.
Leu, Patrick, Puddu, Ivan, Ranganathan, Aanjhan, Capkun, Srdjan.  2018.  I Send, Therefore I Leak: Information Leakage in Low-Power Wide Area Networks. Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks. :23–33.
Low-power wide area networks (LPWANs), such as LoRa, are fast emerging as the preferred networking technology for large-scale Internet of Things deployments (e.g., smart cities). Due to long communication range and ultra low power consumption, LPWAN-enabled sensors are today being deployed in a variety of application scenarios where sensitive information is wirelessly transmitted. In this work, we study the privacy guarantees of LPWANs, in particular LoRa. We show that, although the event-based duty cycling of radio communication, i.e., transmission of radio signals only when an event occurs, saves power, it inherently leaks information. This information leakage is independent of the implemented crypto primitives. We identify two types of information leakage and show that it is hard to completely prevent leakage without incurring significant additional communication and computation costs.
Elissa M. Redmiles, Amelia R. Malone, Michelle L. Mazurek.  2016.  I Think They're Trying to Tell Me Something: Advice Sources and Selection for Digital Security. IEEE Symposium on Security and Privacy.

Users receive a multitude of digital- and physical- security advice every day. Indeed, if we implemented all the security advice we received, we would never leave our houses or use the Internet. Instead, users selectively choose some advice to accept and some (most) to reject; however, it is unclear whether they are effectively prioritizing what is most important or most useful. If we can understand from where and why users take security advice, we can develop more effective security interventions.

As a first step, we conducted 25 semi-structured interviews of a demographically broad pool of users. These interviews resulted in several interesting findings: (1) participants evaluated digital-security advice based on the trustworthiness of the advice source, but evaluated physical-security advice based on their intuitive assessment of the advice content; (2) negative-security events portrayed in well-crafted fictional narratives with relatable characters (such as those shown in TV or movies) may be effective teaching tools for both digital- and physical-security behaviors; and (3) participants rejected advice for many reasons, including finding that the advice contains too much marketing material or threatens their privacy.

Grewe, D., Wagner, M., Frey, H..  2017.  ICN-based open, distributed data market place for connected vehicles: Challenges and research directions. 2017 IEEE International Conference on Communications Workshops (ICC Workshops). :265–270.

Currently, the networking of everyday objects, socalled Internet of Things (IoT), such as vehicles and home automation environments is progressing rapidly. Formerly deployed as domain-specific solutions, the development is continuing to link different domains together to form a large heterogeneous IoT ecosystem. This development raises challenges in different fields such as scalability of billions of devices, interoperability across different IoT domains and the need of mobility support. The Information-Centric Networking (ICN) paradigm is a promising candidate to form a unified platform to connect different IoT domains together including infrastructure, wireless, and ad-hoc environments. This paper describes a vision of a harmonized architectural design providing dynamic access of data and services based on an ICN. Within the context of connected vehicles, the paper introduces requirements and challenges of the vision and contributes in open research directions in Information-Centric Networking.

Al Ghazo, Alaa T., Kumar, Ratnesh.  2019.  ICS/SCADA Device Recognition: A Hybrid Communication-Patterns and Passive-Fingerprinting Approach. 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM). :19–24.
The Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) systems are the backbones for monitoring and supervising factories, power grids, water distribution systems, nuclear plants, and other critical infrastructures. These systems are installed by third party contractors, maintained by site engineers, and operate for a long time. This makes tracing the documentation of the systems' changes and updates challenging since some of their components' information (type, manufacturer, model, etc.) may not be up-to-date, leading to possibly unaccounted security vulnerabilities in the systems. Device recognition is useful first step in vulnerability identification and defense augmentation, but due to the lack of full traceability in case of legacy ICS/SCADA systems, the typical device recognition based on document inspection is not applicable. In this paper, we propose a hybrid approach involving the mix of communication-patterns and passive-fingerprinting to identify the unknown devices' types, manufacturers, and models. The algorithm uses the ICS/SCADA devices's communication-patterns to recognize the control hierarchy levels of the devices. In conjunction, certain distinguishable features in the communication-packets are used to recognize the device manufacturer, and model. We have implemented this hybrid approach in Python, and tested on traffic data from a water treatment SCADA testbed in Singapore (iTrust).
Chekole, Eyasu Getahun, Huaqun, Guo.  2019.  ICS-SEA: Formally Modeling the Conflicting Design Constraints in ICS. Proceedings of the Fifth Annual Industrial Control System Security (ICSS) Workshop. :60–69.

Industrial control systems (ICS) have been widely adopted in mission-critical infrastructures. However, the increasing prevalence of cyberattacks targeting them has been a critical security concern. On the other hand, the high real-time and availability requirements of ICS limits the applicability of certain available security solutions due to the performance overhead they introduce and the system unavailability they cause. Moreover, scientific metrics (mathematical models) are not available to evaluate the efficiency and resilience of security solutions in the ICS context. Hence, in this paper, we propose ICS-SEA to address the ICS design constraints of Security, Efficiency, and Availability (SEA). Our ICS-SEA formally models the real-time constraints and physical-state resiliency quantitatively based on a typical ICS. We then design two real-world ICS testbeds and evaluate the efficiency and resilience of a few selected security solutions using our defined models. The results show that our ICS-SEA is effective to evaluate security solutions against the SEA conflicting design constraints in ICS.

Puri, Gurjeet Singh, Gupta, Himanshu.  2016.  ID Based Encryption in Modern Cryptography. Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies. :15:1–15:5.

Now a days, ATM is used for money transaction for the convenience of the user by providing round the clock 24*7 services in financial transaction. Bank provides the Debit or Credit card to its user along with particular PIN number (which is only known by the Bank and User). Sometimes, user's card may be stolen by someone and this person can access all confidential information as Credit card number, Card holder name, Expiry date and CVV number through which he/she can complete fake transaction. In this paper, we introduced the biometric encryption of "EYE RETINA" to enhance the security over the wireless and unreliable network as internet. In this method user can authorizeasthird person his/her behalf to make the transaction using Debit or Credit card. In proposed method, third person can also perform financial transaction by providing his/her eye retina for the authorization & identification purpose.

H. S. Jeon, H. Jung, W. Chun.  2015.  "ID Based Web Browser with P2P Property". 2015 9th International Conference on Future Generation Communication and Networking (FGCN). :41-44.

The main usage pattern of internet is shifting from traditional host-to-host central model to content dissemination model. It leads to the pretty prompt growth in Internet content. CDN and P2P are two mainstream techmologies to provide streaming content services in the current Internet. In recent years, some researchers have begun to focus on CDN-P2P-hybrid architecture and ISP-friendly P2P content delivery technology. Web applications have become one of the fundamental internet services. How to effectively support the popular browser-based web application is one of keys to success for future internet projects. This paper proposes ID based browser with caching in IDNet. IDNet consists of id/locator separation scheme and domain-insulated autonomous network architecture (DIANA) which redesign the future internet in the clean slate basis. Experiment shows that ID web browser with caching function can support how to disseminate content and how to find the closet network in IDNet having identical contents.

Cordero, C. G., Vasilomanolakis, E., Milanov, N., Koch, C., Hausheer, D., Mühlhäuser, M..  2015.  ID2T: A DIY dataset creation toolkit for Intrusion Detection Systems. 2015 IEEE Conference on Communications and Network Security (CNS). :739–740.

Intrusion Detection Systems (IDSs) are an important defense tool against the sophisticated and ever-growing network attacks. These systems need to be evaluated against high quality datasets for correctly assessing their usefulness and comparing their performance. We present an Intrusion Detection Dataset Toolkit (ID2T) for the creation of labeled datasets containing user defined synthetic attacks. The architecture of the toolkit is provided for examination and the example of an injected attack, in real network traffic, is visualized and analyzed. We further discuss the ability of the toolkit of creating realistic synthetic attacks of high quality and low bias.

Caifen, W., Burong, K..  2016.  ID-Based Signcryption Scheme Using Extended Chaotic Maps. 2016 International Symposium on Computer, Consumer and Control (IS3C). :776–779.

Recently, the chaotic public-key cryptography attracts much attention of researchers, due to the great characters of chaotic maps. With the security superiorities and computation efficiencies of chaotic map over other cryptosystems, in this paper, a novel Identity-based signcryption scheme is proposed using extended chaotic maps. The difficulty of chaos-based discrete logarithm (CDL) problem lies the foundation of the security of proposed ECM-IBSC scheme.

Beheshti-Atashgah, Mohammad, Aref, Mohammd Reza, Bayat, Majid, Barari, Morteza.  2019.  ID-based Strong Designated Verifier Signature Scheme and its Applications in Internet of Things. 2019 27th Iranian Conference on Electrical Engineering (ICEE). :1486–1491.
Strong designated verifier signature scheme is a concept in which a user (signer) can issue a digital signature for a special receiver; i.e. signature is produced in such way that only intended verifier can check the validity of produced signature. Of course, this type of signature scheme should be such that no third party is able to validate the signature. In other words, the related designated verifier cannot assign the issued signature to another third party. This article proposes a new ID-based strong designated verifier signature scheme which has provable security in the ROM (Random Oracle Model) and BDH assumption. The proposed scheme satisfies the all security requirements of an ID-based strong designated verifier signature scheme. In addition, we propose some usage scenarios for the proposed schemes in different applications in the Internet of Things and Cloud Computing era.
Jen Ho Yang, Pei Yu Lin.  2014.  An ID-Based User Authentication Scheme for Cloud Computing. Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), 2014 Tenth International Conference on. :98-101.

In cloud computing environments, the user authentication scheme is an important security tool because it provides the authentication, authorization, and accounting for cloud users. Therefore, many user authentication schemes for cloud computing have been proposed in recent years. However, we find that most of the previous authentication schemes have some security problems. Besides, it cannot be implemented in cloud computing. To solve the above problems, we propose a new ID-based user authentication scheme for cloud computing in this paper. Compared with the related works, the proposed scheme has higher security levels and lower computation costs. In addition, it can be easily applied to cloud computing environments. Therefore, the proposed scheme is more efficient and practical than the related works.

Garcia, R., Modesti, P..  2017.  An IDE for the Design, Verification and Implementation of Security Protocols. 2017 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW). :157–163.

Security protocols are critical components for the construction of secure and dependable distributed applications, but their implementation is challenging and error prone. Therefore, tools for formal modelling and analysis of security protocols can be potentially very useful to support software engineers. However, despite such tools have been available for a long time, their adoption outside the research community has been very limited. In fact, most practitioners find such applications too complex and hardly usable for their daily work. In this paper, we present an Integrated Development Environment for the design, verification and implementation of security protocols, aimed at lowering the adoption barrier of formal methods tools for security. In the spirit of Model Driven Development, the environment supports the user in the specification of the model using the simple and intuitive language AnB (and its extension AnBx). Moreover, it provides a push-button solution for the formal verification of the abstract and concrete models, and for the automatic generation of Java implementation. This Eclipse-based IDE leverages on existing languages and tools for modelling and verification of security protocols, such as the AnBx Compiler and Code Generator, the model checker OFMC and the protocol verifier ProVerif.

Gaikwad, V. S., Gandle, K. S..  2017.  Ideal complexity cryptosystem with high privacy data service for cloud databases. 2017 1st International Conference on Intelligent Systems and Information Management (ICISIM). :267–270.

Data storage in cloud should come along with high safety and confidentiality. It is accountability of cloud service provider to guarantee the availability and security of client data. There exist various alternatives for storage services but confidentiality and complexity solutions for database as a service are still not satisfactory. Proposed system gives alternative solution for database as a service that integrates benefits of different services along with advance encryption techniques. It yields possibility of applying concurrency on encrypted data. This alternative provides supporting facility to connect dispersed clients with elimination of intermediate proxy by which simplicity can acquired. Performance of proposed system evaluated on basis of theoretical analyses.

Park, Sang-Hyun, Kang, Min-Suk, Yoon, So-Hye, Park, Seog.  2017.  Identical User Tracking with Behavior Pattern Analysis in Online Community. Proceedings of the Symposium on Applied Computing. :1086–1089.
The proliferation of mobile technology promotes social activities without time and space limitation. Users share information about their interests and preferences through a social network service, blog, or community. However, sensitive personal information may be exposed with the use of social activities. For example, a specific person can be identified according to exposure of personal information on the web. In this paper, we shows that a nickname that is used in an online community can be tracked by analysis of a user's behavior even though the nickname is changed to avoid identification. Unlike existing studies about user identification in a social network service, we focus on online community, which has not been extensively studied. We analyze characteristics of the online community and propose a method to track a user's nickname change to identify the user. We validate the proposed method using data collected from the online community. Results show that the proposed method can track the user's nickname change and link the old nickname with the new one.
Kong, L., Huang, G., Wu, K..  2017.  Identification of Abnormal Network Traffic Using Support Vector Machine. 2017 18th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT). :288–292.

Network traffic identification has been a hot topic in network security area. The identification of abnormal traffic can detect attack traffic and helps network manager enforce corresponding security policies to prevent attacks. Support Vector Machines (SVMs) are one of the most promising supervised machine learning (ML) algorithms that can be applied to the identification of traffic in IP networks as well as detection of abnormal traffic. SVM shows better performance because it can avoid local optimization problems existed in many supervised learning algorithms. However, as a binary classification approach, SVM needs more research in multiclass classification. In this paper, we proposed an abnormal traffic identification system(ATIS) that can classify and identify multiple attack traffic applications. Each component of ATIS is introduced in detail and experiments are carried out based on ATIS. Through the test of KDD CUP dataset, SVM shows good performance. Furthermore, the comparison of experiments reveals that scaling and parameters has a vital impact on SVM training results.

Iqbal, A., Mahmood, F., Shalaginov, A., Ekstedt, M..  2018.  Identification of Attack-based Digital Forensic Evidences for WAMPAC Systems. 2018 IEEE International Conference on Big Data (Big Data). :3079–3087.
Power systems domain has generally been very conservative in terms of conducting digital forensic investigations, especially so since the advent of smart grids. This lack of research due to a multitude of challenges has resulted in absence of knowledge base and resources to facilitate such an investigation. Digitalization in the form of smart grids is upon us but in case of cyber-attacks, attribution to such attacks is challenging and difficult if not impossible. In this research, we have identified digital forensic artifacts resulting from a cyber-attack on Wide Area Monitoring, Protection and Control (WAMPAC) systems, which will help an investigator attribute an attack using the identified evidences. The research also shows the usage of sandboxing for digital forensics along with hardware-in-the-loop (HIL) setup. This is first of its kind effort to identify and acquire all the digital forensic evidences for WAMPAC systems which will ultimately help in building a body of knowledge and taxonomy for power system forensics.
Jain, D., Khemani, S., Prasad, G..  2018.  Identification of Distributed Malware. 2018 IEEE 3rd International Conference on Communication and Information Systems (ICCIS). :242-246.

Smartphones have evolved over the years from simple devices to communicate with each other to fully functional portable computers although with comparatively less computational power but inholding multiple applications within. With the smartphone revolution, the value of personal data has increased. As technological complexities increase, so do the vulnerabilities in the system. Smartphones are the latest target for attacks. Android being an open source platform and also the most widely used smartphone OS draws the attention of many malware writers to exploit the vulnerabilities of it. Attackers try to take advantage of these vulnerabilities and fool the user and misuse their data. Malwares have come a long way from simple worms to sophisticated DDOS using Botnets, the latest trends in computer malware tend to go in the distributed direction, to evade the multiple anti-virus apps developed to counter generic viruses and Trojans. However, the recent trend in android system is to have a combination of applications which acts as malware. The applications are benign individually but when grouped, these may result into a malicious activity. This paper proposes a new category of distributed malware in android system, how it can be used to evade the current security, and how it can be detected with the help of graph matching algorithm.

Amosov, O. S., Amosova, S. G., Muller, N. V..  2018.  Identification of Potential Risks to System Security Using Wavelet Analysis, the Time-and-Frequency Distribution Indicator of the Time Series and the Correlation Analysis of Wavelet-Spectra. 2018 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon). :1-6.

To identify potential risks to the system security presented by time series it is offered to use wavelet analysis, the indicator of time-and-frequency distribution, the correlation analysis of wavelet-spectra for receiving rather complete range of data about the process studied. The indicator of time-and-frequency localization of time series was proposed allowing to estimate the speed of non-stationary changing. The complex approach is proposed to use the wavelet analysis, the time-and-frequency distribution of time series and the wavelet spectra correlation analysis; this approach contributes to obtaining complete information on the studied phenomenon both in numerical terms, and in the form of visualization for identifying and predicting potential system security threats.

Lesisa, T. G., Marnewick, A., Nel, H..  2018.  The Identification of Supplier Selection Criteria Within a Risk Management Framework Towards Consistent Supplier Selection. 2018 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM). :913–917.
The aim of the study is to evaluate the consistency of supplier risk assessment performed during the supplier selection process. Existing literature indicates that current supplier selection processes yield inconsistent results. Consistent supplier selection cannot be accomplished without stable risk assessment performed during the process. A case study was conducted in a train manufacturer in South Africa, and document analysis, interviews and questionnaires were employed to source information and data. Triangulation and pattern matching enabled a comparative study between literature and practice from which findings were derived. The study suggests selection criteria that may be considered when performing supplier risk assessment during the selection process. The findings indicate that structured supplier risk assessment with predefined supplier selection criteria may eliminate inconsistencies in supplier assessment and selection.
Ben Othmane, Lotfi, Jamil, Ameerah-Muhsina, Abdelkhalek, Moataz.  2019.  Identification of the Impacts of Code Changes on the Security of Software. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:569–574.
Companies develop their software in versions and iterations. Ensuring the security of each additional version using code review is costly and time consuming. This paper investigates automated tracing of the impacts of code changes on the security of a given software. To this end, we use call graphs to model the software code, and security assurance cases to model the security requirements of the software. Then we relate assurance case elements to code through the entry point methods of the software, creating a map of monitored security functions. This mapping allows to evaluate the security requirements that are affected by code changes. The approach is implemented in a set of tools and evaluated using three open-source ERP/E-commerce software applications. The limited evaluation showed that the approach is effective in identifying the impacts of code changes on the security of the software. The approach promises to considerably reduce the security assessment time of the subsequent releases and iterations of software, keeping the initial security state throughout the software lifetime.
Tsao, Chia-Chin, Chen, Yan-Ying, Hou, Yu-Lin, Hsu, Winston H..  2015.  Identify Visual Human Signature in community via wearable camera. 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :2229–2233.

With the increasing popularity of wearable devices, information becomes much easily available. However, personal information sharing still poses great challenges because of privacy issues. We propose an idea of Visual Human Signature (VHS) which can represent each person uniquely even captured in different views/poses by wearable cameras. We evaluate the performance of multiple effective modalities for recognizing an identity, including facial appearance, visual patches, facial attributes and clothing attributes. We propose to emphasize significant dimensions and do weighted voting fusion for incorporating the modalities to improve the VHS recognition. By jointly considering multiple modalities, the VHS recognition rate can reach by 51% in frontal images and 48% in the more challenging environment and our approach can surpass the baseline with average fusion by 25% and 16%. We also introduce Multiview Celebrity Identity Dataset (MCID), a new dataset containing hundreds of identities with different view and clothing for comprehensive evaluation.

Song, Yang, Venkataramani, Arun, Gao, Lixin.  2016.  Identifying and Addressing Reachability and Policy Attacks in “Secure” BGP. IEEE/ACM Trans. Netw.. 24:2969–2982.

BGP is known to have many security vulnerabilities due to the very nature of its underlying assumptions of trust among independently operated networks. Most prior efforts have focused on attacks that can be addressed using traditional cryptographic techniques to ensure authentication or integrity, e.g., BGPSec and related works. Although augmenting BGP with authentication and integrity mechanisms is critical, they are, by design, far from sufficient to prevent attacks based on manipulating the complex BGP protocol itself. In this paper, we identify two serious attacks on two of the most fundamental goals of BGP—to ensure reachability and to enable ASes to pick routes available to them according to their routing policies—even in the presence of BGPSec-like mechanisms. Our key contributions are to 1 formalize a series of critical security properties, 2 experimentally validate using commodity router implementations that BGP fails to achieve those properties, 3 quantify the extent of these vulnerabilities in the Internet's AS topology, and 4 propose simple modifications to provably ensure that those properties are satisfied. Our experiments show that, using our attacks, a single malicious AS can cause thousands of other ASes to become disconnected from thousands of other ASes for arbitrarily long, while our suggested modifications almost completely eliminate such attacks.