 |
International Conferences: Computer Science and Information Systems (2014) Poland |
The 2014 Federated Conference on Computer Science and Information Systems (FedCSIS) was held 7-10 September 2014 in Warsaw, Poland. More than 200 papers were presented. This bibliography is a sampling of papers related to the Science of Security.
Yamamoto, D.; Takenaka, M.; Sakiyama, K.; Torii, N., "Security Evaluation of Bistable Ring PUFs on FPGAs Using Differential and Linear Analysis," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp. 911, 918, 7-10 Sept. 2014. doi: 10.15439/2014F122 Physically Unclonable Function (PUF) is expected to be an innovation for anti-counterfeiting devices for secure ID generation, authentication, etc. In this paper, we propose novel methods of evaluating the difficulty of predicting PUF responses (i.e. PUF outputs), inspired by well-known differential and linear cryptanalysis. According to the proposed methods, we perform a first third-party evaluation for Bistable Ring PUF (BR-PUF), proposed in 2011. The BR-PUFs have been claimed that they have a resistance against the response predictions. Through our experiments using FPGAs, we demonstrate, however, that BR-PUFs have two types of correlations between challenges and responses, which may cause the easy prediction of PUF responses. First, the same responses are frequently generated for two challenges (i.e. PUF inputs) with small Hamming distance. A number of randomly-generated challenges and their variants with Hamming distance of one generate the same responses with the probability of 0.88, much larger than 0.5 in ideal PUFs. Second, particular bits of challenges in BR-PUFs have a great impact on the responses. The value of responses becomes `1' with the high probability of 0.71 (> 0.5) when just particular 5 bits of 64-bit random challenges are forced to be zero or one. In conclusion, the proposed evaluation methods reveal that BR-PUFs on FPGAs have some correlations of challenge-response pairs, which helps an attacker to predict the responses.
Keywords: cryptography; field programmable gate arrays; BR-PUF; FPGA; Hamming distance; bistable ring PUF security evaluation; challenge-response pairs; differential cryptanalysis; linear cryptanalysis; physically unclonable function; randomly-generated challenges; Cryptography ;Education; Field programmable gate arrays; Ink; Logic gates; Wires (ID#: 15-3484)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933112&isnumber=6932982
Naumiuk, R.; Legierski, J., "Anonymization of Data Sets From Service Delivery Platforms," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.955,960, 7-10 Sept. 2014. doi: 10.15439/2014F177 The paper presents an anonymization of telecommunication data sets collected through Service Delivery Platforms (SDP), and describes an example tool SDPAnonymizer to make such operation. Information from SDP are processed in form of log files, consisting data sets, which show activity of users of APIs (Application Programming Interfaces). Data sets which should be anonymized contain sensitive data, for example: Names, MSISDN numbers (Mobile Station International Subscriber Directory Numbers) or IP addresses processed by Service Delivery Platforms..
Keywords: Internet; computer network security; telecommunication services; SDPAnonymizer tool; application programming interfaces; log files; service delivery platforms; telecommunication data set anonymization; users API activity; Algorithm design and analysis; Computer science; Data privacy; IP networks; Information systems; Mobile communication (ID#: 15-3485)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933119&isnumber=6932982
Wangen, G.; Snekkenes, E.A., "A Comparison Between Business Process Management And Information Security Management," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.901, 910, 7-10 Sept. 2014. doi: 10.15439/2014F77 Information Security Standards such as NIST SP 800-39 and ISO/IEC 27005:2011 are turning their scope towards business process security. And rightly so, as introducing an information security control into a business-processing environment is likely to affect business process flow, while redesigning a business process will most certainly have security implications. Hence, in this paper, we investigate the similarities and differences between Business Process Management (BPM) and Information Security Management (ISM), and explore the obstacles and opportunities for integrating the two concepts. We compare three levels of abstraction common for both approaches; top-level implementation strategies, organizational risk views & associated tasks, and domains. With some minor differences, the comparisons shows that there is a strong similarity in the implementation strategies, organizational views and tasks of both methods. The domain comparison shows that ISM maps to the BPM domains; however, some of the BPM domains have only limited support in ISM.
Keywords: ISO standards; business data processing; security of data; BPM; ISM; ISO/IEC 27005:2011 standard; NIST SP 800-39 standard; business process flow; business process management; business process redesign; business process security; business processing environment ;information security control ;information security management; information security standards; IEC standards; ISO standards; Information security; Organizations; Standards organizations; BPM Methodology Framework; Business Process Management; ISO/IEC 27001;ISO/IEC 27002;ISO/IEC 27005;Information Security; Information Security Risk Management; NIST SP 800-39 (ID#: 15-3486)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933111&isnumber=6932982
Krendelev, S.F.; Yakovlev, M.; Usoltseva, M., "Order-preserving Encryption Schemes Based On Arithmetic Coding And Matrices," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.891, 899, 7-10 Sept. 2014. doi: 10.15439/2014F186 In this article we describe two alternative order-preserving encryption schemes. First scheme is based on arithmetic coding and the second scheme uses sequence of matrices for data encrypting. In the beginning of this paper we briefly describe previous related work published in recent time. Then we propose alternative variants of OPE and consider them in details. We examine drawbacks of these schemes and suggest possible ways of their improvement. Finally we present statistical results of implemented prototypes and discuss further work.
Keywords: arithmetic codes; cryptography; OPE; arithmetic coding; data encryption; order-preserving encryption; Educational institutions; Encoding; Encryption; Generators; Linear approximation; Polynomials (ID#: 15-3487)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933110&isnumber=6932982
Shatilov, K.; Boiko, V.; Krendelev, S.; Anisutina, D.; Sumaneev, A., "Solution for Secure Private Data Storage In A Cloud," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.885,889, 7-10 Sept. 2014. doi: 10.15439/2014F43 Cloud computing and, more particularly, cloud databases, is a great technology for remote centralized data managing. However, there are some drawbacks including privacy issues, insider threats and potential database thefts. Full encryption of remote database does solve the problem, but disables many operations that can be held on DBMS side; therefore problem requires much more complex solution and specific encryptions. In this paper, we propose a solution for secure private data storage that protects confidentiality of user's data, stored in cloud. Solution uses order preserving and homomorphic proprietary developed encryptions. Proposed approach includes analysis of user's SQL queries, encryption of vulnerable data and decryption of data selection, returned from DBMS. We have validated our approach through the implementation of SQL queries and DBMS replies processor, which will be discussed in this paper. Secure cloud database architecture and used encryptions also will be covered.
Keywords: cloud computing; cryptography; data privacy; distributed databases; DBMS replies processor; SQL queries; cloud computing; cloud databases; data selection; database thefts; encryption; privacy issues; remote centralized data managing; remote database; secure cloud database architecture; secure private data storage; user data; vulnerable data; Encoding; Encryption; Query processing; Vectors (ID#: 15-3488)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933109&isnumber=6932982
Machida, T.; Yamamoto, D.; Iwamoto, M.; Sakiyama, K., "A New Mode Of Operation For Arbiter PUF To Improve Uniqueness on FPGA," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.871,878, 7-10 Sept. 2014. doi: 10.15439/2014F140 Arbiter-based Physically Unclonable Function (PUF) is one kind of the delay-based PUFs that use the time difference of two delay-line signals. One of the previous work suggests that Arbiter PUFs implemented on Xilinx Virtex-5 FPGAs generate responses with almost no difference, i.e. with low uniqueness. In order to overcome this problem, Double Arbiter PUF was proposed, which is based on a novel technique for generating responses with high uniqueness from duplicated Arbiter PUFs on FPGAs. It needs the same costs as 2-XOR Arbiter PUF that XORs outputs of two Arbiter PUFs. Double Arbiter PUF is different from 2-XOR Arbiter PUF in terms of mode of operation for Arbiter PUF: the wire assignment between an arbiter and output signals from the final selectors located just before the arbiter. In this paper, we evaluate these PUFs as for uniqueness, randomness, and steadiness. We consider finding a new mode of operation for Arbiter PUF that can be realized on FPGA. In order to improve the uniqueness of responses, we propose 3-1 Double Arbiter PUF that has another duplicated Arbiter PUF, i.e. having 3 Arbiter PUFs and output 1-bit response. We compare 3-1 Double Arbiter PUF to 3-XOR Arbiter PUF according to the uniqueness, randomness, and steadiness, and show the difference between these PUFs by considering the mode of operation for Arbiter PUF. From our experimental results, the uniqueness of responses from 3-1 Double Arbiter PUF is approximately 50%, which is better than that from 3-XOR Arbiter PUF. We show that we can improve the uniqueness by using a new mode of operation for Arbiter PUF.
Keywords: asynchronous circuits; field programmable gate arrays;2-XOR arbiter PUF;3-1 double arbiter PUF; FPGA; XORs; arbiter-based physically unclonable function; delay-based PUFs; delay-line signals; double Arbiter PUF; time difference; wire assignment; Delays; Electronic mail; Field programmable gate arrays; Hamming weight; Organizations; Wires (ID#: 15-3489)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933107&isnumber=6932982
Chmielecki, T.; Cholda, P.; Pacyna, P.; Potrawka, P.; Rapacz, N.; Stankiewicz, R.; Wydrych, P., "Enterprise-oriented Cybersecurity Management," Computer Science and Information Systems (FedCSIS), 2014. Federated Conference on, pp.863,870, 7-10 Sept. 2014. doi: 10.15439/2014F38 Information technology is widely used in processes vital to enterprises. Therefore, IT systems must meet at least the same level of security as required from the business processes supported by these systems. In this paper, we present a view on cybersecurity management as an enterprise-centered process, and we advocate the use of enterprise architecture in security management. Activities such as risk assessment, selection of security controls, as well as their deployment and monitoring should be carried out as a part of enterprise architecture activity. A set of useful frameworks and tools is presented and discussed.
Keywords: risk management; security of data; business process; enterprise architecture; enterprise-centered process; enterprise-oriented cybersecurity management; information technology; risk assessment; security control selection; security deployment; security monitoring; Computer architecture; Computer security; Monitoring; Risk management; Unified modeling language (ID#: 15-3490)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933106&isnumber=6932982
Ustimenko, V., "On Multivariate Cryptosystems Based On Maps With Logarithmically Invertible Decomposition Corresponding To Walk On Graph," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.631,637, 7-10 Sept. 2014.doi: 10.15439/2014F269 The paper illustrates the concept of the map with logarithmically invertible decomposition. We introduce families of multivariate cryptosystems such that there security level is connected with discrete logarithm problem in Cremona group. The private key of such cryptosystem is a modification of graph based stream ciphers which use stable multivariate maps. Modified version corresponds to a stable map with single disturbance. If the disturbance (or initial condition) allows fast computation then modified version is almost as robust as original one. Methods of modification improve the resistance of such stream ciphers implemented on numerical level to straightforward linearisation attacks.
Keywords: graph theory; private key cryptography; Cremona group; discrete logarithm problem; graph walk; linearisation attacks; logarithmically invertible decomposition; multivariate cryptosystems; multivariate maps; private key cryptosystem; security level; stream cipher; Ciphers; Encryption; Modules (abstract algebra);Polynomials; Resistance (ID#: 15-3491)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933073&isnumber=6932982
Tataru, R.-L., "Image Hashing Secured With Chaotic Sequences," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.735,740, 7-10 Sept. 2014. doi: 10.15439/2014F250 This paper presents an image hashing algorithm using robust features from jointed frequency domains. Extracted features are enciphered using a secure chaotic system. The proposed hashing scheme is robust to JPEG compression with low quality factors. This scheme also withstands several image processing attacks such us filtering, noise addition and some geometric transforms. All attacks were conducted using Checkmark benchmark. A detailed analysis was conducted on a set of 3000 color and gray images from three different image databases. The security of the method is assured by the robustness of the chaotic PRNG and the secrecy of the cryptographic key.
Keywords: cryptography; feature extraction; image coding; image colour analysis; Checkmark benchmark; JPEG compression; chaotic PRNG; chaotic sequences; color image; cryptographic key; feature extraction; frequency domain; gray image; image hashing; image processing attack; robust features; secure chaotic system; Chaos; Databases; Discrete cosine transforms; Feature extraction; Image coding; Robustness (ID#: 15-3492)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933086&isnumber=6932982
Stojmenovic, I.; Sheng Wen, "The Fog Computing Paradigm: Scenarios and Security Issues," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.1, 8, 7-10 Sept. 2014. doi: 10.15439/2014F503 : Fog Computing is a paradigm that extends Cloud computing and services to the edge of the network. Similar to Cloud, Fog provides data, compute, storage, and application services to end-users. In this article, we elaborate the motivation and advantages of Fog computing, and analyse its applications in a series of real scenarios, such as Smart Grid, smart traffic lights in vehicular networks and software defined networks. We discuss the state-of-the-art of Fog computing and similar work under the same umbrella. Security and privacy issues are further disclosed according to current Fog computing paradigm. As an example, we study a typical attack, man-in-the-middle attack, for the discussion of security in Fog computing. We investigate the stealthy features of this attack by examining its CPU and memory consumption on Fog device.
Keywords: cloud computing; data privacy; trusted computing; CPU consumption; Fog device; cloud computing; cloud services; fog computing paradigm; man-in-the-middle attack; memory consumption; privacy issue; security issue; smart grid; smart traffic lights; software defined networks; vehicular networks; Cloud computing; Companies; Intelligent sensors; Logic gates; Security; Wireless sensor networks; Cloud Computing; Fog Computing; Internet of Things; Software Defined Networks (ID#: 15-3493)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6932989&isnumber=6932982
Aref, A.; Tran, T., "Using Fuzzy Logic And Q-Learning For Trust Modeling In Multi-Agent Systems," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.59,66, 7-10 Sept. 2014. doi: 10.15439/2014F482 Often in multi-agent systems, agents interact with other agents to fulfill their own goals. Trust is, therefore, considered essential to make such interactions effective. This work describes a trust model that augments fuzzy logic with Q-learning to help trust evaluating agents select beneficial trustees for interaction in uncertain, open, dynamic, and untrusted multi-agent systems. The performance of the proposed model is evaluated using simulation. The simulation results indicate that the proper augmentation of fuzzy subsystem to Q-learning can be useful for trust evaluating agents, and the resulting model can respond to dynamic changes in the environment.
Keywords: fuzzy logic; fuzzy systems; learning (artificial intelligence);multi-agent systems; trusted computing; Q-learning; beneficial trustees; fuzzy logic; fuzzy subsystem; multiagent systems; trust evaluating agents; trust modeling; Analytical models; Engines; Estimation; Fuzzy logic; Mathematical model; Multi-agent systems; Suspensions (ID#: 15-3494)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6932997&isnumber=6932982
Jasiul, B.; Sliwa, J.; Gleba, K.; Szpyrka, M., "Identification of Malware Activities with Rules," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp. 101, 110, 7-10 Sept. 2014. doi: 10.15439/2014F265 The article describes the method of malware activities identification using ontology and rules. The method supports detection of malware at host level by observing its behavior. It sifts through hundred thousands of regular events and allows to identify suspicious ones. They are then passed on to the second building block responsible for malware tracking and matching stored models with observed malicious actions. The presented method was implemented and verified in the infected computer environment. As opposed to signature-based antivirus mechanisms it allows to detect malware the code of which has been obfuscated.
Keywords: data mining; invasive software; infected computer environment; malware activities identification; malware detection; malware tracking; ontology; signature-based antivirus mechanisms; Computers; Engines; Knowledge based systems; Malware; Monitoring; Ontologies (ID#: 15-3495)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933002&isnumber=6932982
Kalisch, M.; Przystalka, P.; Timofiejczuk, A., "Application of Selected Classification Schemes For Fault Diagnosis Of Actuator Systems," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.1381, 1390, 7-10 Sept. 2014. doi: 10.15439/2014F158 The paper presents the application of various classification schemes for actuator fault diagnosis in industrial systems. The main objective of this study is to compare either single or meta-classification strategies that can be successfully used as reasoning means in off-line as well as on-line diagnostic expert systems. The applied research was conducted on the assumption that only classic and well-practised classification methods would be adopted. The comparison study was carried out within the DAMADICS benchmark problem which provides a popular framework for confronting different approaches in the development of fault diagnosis systems.
Keywords: actuators; control engineering computing; diagnostic expert systems; fault diagnosis; manufacturing systems; pattern classification; production engineering computing; DAMADICS benchmark problem; actuator fault diagnosis systems; classification schemes; industrial systems; meta-classification strategies; off-line diagnostic expert systems; on-line diagnostic expert systems; reasoning means; Actuators; Benchmark testing; Computational modeling; Decision trees; Fault detection; Fault diagnosis; Valves (ID#: 15-3496)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933179&isnumber=6932982
Nai-Wei Lo; Yohan, A., "Danger Theory-Based Privacy Protection Model For Social Networks," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.1397, 1406, 7-10 Sept. 2014. doi: 10.15439/2014F129 Privacy protection issues in Social Networking Sites (SNS) usually raise from insufficient user privacy control mechanisms offered by service providers, unauthorized usage of user's data by SNS, and lack of appropriate privacy protection schemes for user's data at the SNS servers. In this paper, we propose a privacy protection model based on danger theory concept to provide automatic detection and blocking of sensitive user information revealed in social communications. By utilizing the dynamic adaptability feature of danger theory, we show how a privacy protection model for SNS users can be built with system effectiveness and reasonable computing cost. A prototype based on the proposed model is constructed and evaluated. Our experiment results show that the proposed model achieves 88.9% detection and blocking rate in average for user-sensitive data revealed by the services of SNS.
Keywords: data privacy; social networking (online); SNS; danger theory; dynamic adaptability feature; privacy protection; social communication; social networking sites; user privacy control mechanism; Adaptation models; Cryptography; Data privacy; Databases; Immune system; Privacy; Social network services (ID#: 15-3497)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933181&isnumber=6932982
Zedadra, O.; Seridi, H.; Jouandeau, N.; Fortino, G., "S-MASA: A Stigmergy Based Algorithm For Multi-Target Search," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.1477,1485, 7-10 Sept. 2014. doi: 10.15439/2014F395 We explore the on-line problem of coverage where multiple agents have to find a target whose position is unknown, and without a prior global information about the environment. In this paper a novel algorithm for multi-target search is described, it is inspired from water vortex dynamics and based on the principle of pheromone-based communication. According to this algorithm, called S-MASA (Stigmergic Multi Ant Search Area), the agents search nearby their base incrementally using turns around their center and around each other, until the target is found, with only a group of simple distributed cooperative Ant like agents, which communicate indirectly via depositing/detecting markers. This work improves the search performance in comparison with random walk and S-random walk (stigmergic random walk) strategies, we show the obtained results using computer simulations.
Keywords: multi-agent systems; search problems; S-MASA; S-random walk strategies; computer simulations; distributed cooperative ant like agents; multiple agents; multitarget search; pheromone-based communication; random walk strategies; stigmergic multiant search area; stigmergic random walk strategies; stigmergy based algorithm; water vortex dynamics; Base stations; Heuristic algorithms; Robot kinematics; Robustness; Search problems; Sensors (ID#: 15-3498)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933192&isnumber=6932982
Chakraborty, M.; Chaki, N.; Cortesi, A., "A New Intrusion Prevention System For Protecting Smart Grids From Icmpv6 Vulnerabilities," Computer Science and Information Systems (FedCSIS), 2014 Federated Conference on, pp.1539, 1547, 7-10 Sept. 2014. doi: 10.15439/2014F287 Smart Grid is an integrated power grid with a reliable, communication network running in parallel towards providing two way communications in the grid. It's trivial to mention that a network like this would connect a huge number of IP-enabled devices. IPv6 that offers 18-bit address space becomes an obvious choice in this context. In a smart grid, functionalities like neighborhood discovery, autonomic address configuration of a node or its router identification may often be invoked whenever newer equipments are introduced for capacity enhancement at some level of hierarchy. In IPv6, these basic functionalities like neighborhood discovery, autonomic address configuration of networking require to use Internet Control Message Protocol version 6 (ICMPv6). Such usage may lead to security breaches in the grid as a result of possible abuses of ICMPv6 protocol. In this paper, some potential newer attacks on Smart Grid have been discussed. Subsequently, intrusion prevention mechanisms for these attacks are proposed to plugin the threats.
Keywords: {P networks; computer network security; power engineering computing; power system protection; smart power grids; transport protocols;ICMPv6 vulnerabilities; IP-enabled devices; Internet control message protocol version 6;intrusion prevention mechanisms; intrusion prevention system; neighborhood discovery; node autonomic address configuration; router identification; smart grid protection; Registers; Routing protocols; Security; Smart grids; Smart meters; Unicast (ID#: 15-3499)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6933200&isnumber=6932982
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.