International Conferences: Conference on Information Science and Control Engineering (ICISCE) Shanghai, China |
The 2nd International Conference on Information Science and Control Engineering (ICISCE) was held in Shanghai, China on 24-26 April 2015. While the conference covered a wide range of topics in computing and control systems, the works cited here focused specifically on security topics likely to be of interest to the Science of Security community.
Zheng-Qi Kang; Ke-Wei Lv, "New Results on the Hardness of ElGamal and RSA Bits Based on Binary Expansions," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp.336,340, 24-26 April 2015. doi:10.1109/ICISCE.2015.81
Abstract: González Vasco et al. extend the area of application of algorithms for the hidden number problem in 2004. Using this extension and relations among the bits in and binary fraction expansion of x mod p/p, we present a probabilistic algorithm for some trapdoor functions to recover a hidden message when an imperfect oracle is given of predicting most significant bits in hidden message. We show that computing the most significant bit in message encrypted by ElGmal encryption function is as hard as computing the entire plaintext, and so is RSA.
Keywords: public key cryptography; ElGamal bits; ElGamal encryption function; RSA bits; binary expansions; imperfect oracle; probabilistic algorithm; trapdoor functions; Monte Carlo methods; Polynomials; Prediction algorithms; Probabilistic logic; Public key; ElGamal; Hidden Number Problem; Most Significant Bit; RSA (ID#: 15-6277)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120621&isnumber=7120439
Kai Guo; Pengyan Shen; Mingzhong Xiao; Quanqing Xu, "UBackup-II: A QoS-Aware Anonymous Multi-cloud Storage System," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 522, 527, 24-26 April 2015. doi:10.1109/ICISCE.2015.122
Abstract: We present UBackup-II, an anonymous storage overlay network based on personal multi-cloud storages, with flexible QoS awareness. We reform the original Tor protocol by extending the command set and adding a tail part to the Tor cell, which makes it possible for coordination among proxy servers and still keeps the anonymity. Thus, users can upload and download files secretly under the cover of several proxy servers. Moreover, users can develop a personalized QoS policy leading different hidden access patterns according to their own QoS requirement. We presented the design of UBackup-II in detail, analyzed the security policy and showed how different QoS policies works by conducting a simulating experiment.
Keywords: cloud computing; file servers; protocols; quality of service; security of data; storage management; QoS-aware anonymous multicloud storage system; Tor cell; Tor protocol; UBackup-II; anonymous storage overlay network; hidden access patterns; personal multicloud storage; personalized QoS policy; proxy servers; security policy; Cloud computing; Cryptography; Protocols; Quality of service; Servers; Writing; Personal Cloud Storage; Privacy Preserving; QoS (ID#: 15-6278)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120662&isnumber=7120439
Xiaoqi Ma, "Managing Identities in Cloud Computing Environments," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 290, 292, 24-26 April 2015. doi:10.1109/ICISCE.2015.71
Abstract: As cloud computing becomes a hot spot of research, the security issues of clouds raise concerns and attention from academic research community. A key area of cloud security is managing users' identities, which is fundamental and important to other aspects of cloud computing. A number of identity management frameworks and systems are introduced and analysed. Issues remaining in them are discussed and potential solutions and countermeasures are proposed.
Keywords: cloud computing; security of data; academic research community; cloud computing environments; cloud security; Authentication; Cloud computing; Computational modeling; Computer architecture; Identity management systems; Servers; Cloud computing; identity management; security (ID#: 15-6279)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120611&isnumber=7120439
Yuangang Yao; Jin Yi; Yanzhao Liu; Xianghui Zhao; Chenghao Sun, "Query Processing Based on Associated Semantic Context Inference," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 395, 399, 24-26 April 2015. doi:10.1109/ICISCE.2015.93
Abstract: Context-based query processing methods are used to capture user intents behind query inputs. General context models are not flexible or explicable enough for inference, because they are either static or implicit. This paper improves current context model and proposes a novel query processing approach based on associated semantic context inference. In our approach, the formal defined context is explicit, which is convenient to explore potential information during query processing. Furthermore, the context is dynamically constructed and further modified according to specific query tasks, which ensures the precision of context inference. For given query inputs, the approach builds concrete context models and refines queries based on semantic context inference. Finally, queries are translated into SPARQL for query engine. The experiment shows that the proposed approach can further improve query intents understanding to guarantee precision and recall in retrieval.
Keywords: SQL; inference mechanisms; query processing; SPARQL; context-based query processing methods; dynamically constructed context; explicit formal defined context; information retrieval; precision value; query engine; query inputs; query intent improvement; query refining; query tasks; recall value; semantic context inference; user intent capture; Biological system modeling; Context; Context modeling; Knowledge engineering; Query processing; Semantic Web; Semantics; Context inference; Query processing; Semantic context (ID#: 15-6280)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120633&isnumber=7120439
Guifen Zhao; Ying Li; Liping Du; Xin Zhao, "Asynchronous Challenge-Response Authentication Solution Based on Smart Card in Cloud Environment," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 156, 159, 24-26 April 2015. doi:10.1109/ICISCE.2015.42
Abstract: In order to achieve secure authentication, an asynchronous challenge-response authentication solution is proposed. SD key, encryption cards or encryption machine provide encryption service. Hash function, symmetric algorithm and combined secret key method are adopted while authenticating. The authentication security is guaranteed due to the properties of hash function, combined secret key method and one-time authentication token generation method. Generate random numbers, one-time combined secret key and one-time token on the basis of smart card, encryption cards and cryptographic technique, which can avoid guessing attack. Moreover, the replay attack is avoided because of the time factor. The authentication solution is applicable for cloud application systems to realize multi-factor authentication and enhance the security of authentication.
Keywords: cloud computing; message authentication; private key cryptography; smart cards; SD key; asynchronous challenge-response authentication solution; authentication security; cloud application systems; combined secret key method; cryptographic technique; encryption cards; encryption machine; encryption service; hash function; multifactor authentication; one-time authentication token generation method; one-time combined secret key; random number generation; replay attack; smart card; symmetric algorithm; time factor; Authentication; Encryption; Servers; Smart cards; Time factors; One-time password; asynchronous challenge-response authentication; multi-factor authentication; smart card (ID#: 15-6281)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120582&isnumber=7120439
Jinglong Zuo; Delong Cui; Yunfeng Gong; Mei Liu, "A Novel Image Encryption Algorithm Based on Lifting-Based Wavelet Transform," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp.33,36, 24-26 April 2015. doi:10.1109/ICISCE.2015.16
Abstract: In order to trade-off between computational effects and computational cost of present image encryption algorithm, a novel image encryption algorithm based on lifting-based wavelet transform is proposed in this paper. The image encryption process includes three steps: first the original image was divided into blocks, which were transformed by lifting based wavelet, secondly the wavelet domain coefficients were encryption by random mask which generated by user key, and finally employing Arnold scrambling to encrypt the coefficients. The security of proposed scheme is depended on the levels of wavelet transform, user key, and the times of Arnold scrambling. Theoretical analysis and experimental results demonstrate that the algorithm is favourable.
Keywords: cryptography; image processing; random processes; wavelet transforms; Arnold scrambling; computational cost; computational effects; image encryption algorithm; lifting-based wavelet transform; random mask; user key; wavelet domain coefficients; Correlation; Encryption; Entropy; Filter banks; Wavelet transforms; block-based transformation; fractional Fourier transform; image encryption; information security; random phase mask (ID#: 15-6282)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120556&isnumber=7120439
Min Yu; Chao Liu; Xinliang Qiu; Shuang Zhao; Kunying Liu; Bo Hu, "Modeling and Analysis of Information Theft Trojan Based on Stochastic Game Nets," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 318, 322, 24-26 April 2015. doi:10.1109/ICISCE.2015.77
Abstract: In the paper, we modelling for information theft Trojan based on Stochastic Game Nets (SGN), a novel modelling method which good at multirole game problem described, and has been applied in many fields of networks with interactive behaviors. Combination the SGN and practical problem, we present an algorithm for solving the equilibrium strategy to computer the model of SGN. Finally we analyse our research paper with some indicators, such as the probability of a successful theft and the average time of a successful theft. The results of the paper can also offer some consultations for user.
Keywords: invasive software; probability; stochastic games; SGN; information theft Trojan analysis; information theft Trojan modeling; interactive behaviors; multirole game problem; stochastic game nets; Analytical models; Games; Monitoring; Ports (Computers); Stochastic processes; Trojan horses; Information Theft Trojan; Nash Equilibrium; Security Analysis; Stochastic Game Nets (ID#: 15-6283)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120617&isnumber=7120439
Liu Yong-lei, "Defense of WPA/WPA2-PSK Brute Forcer," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 185, 188, 24-26 April 2015. doi:10.1109/ICISCE.2015.48
Abstract: With the appearance of high speed WPA/WPA-PSK brute forcer, the security of WLAN faces serious threats. The attackers can acquire PSK easily so as to decrypt all the traffics. To solve this problem, a series of defence schemes are proposed, including defence schemes for passive and active brute forcers. The schemes adopt active jammer and wireless packet injection. And then the theoretical analysis is processed and the implementation methods are given. In the last past, the conclusions are reached.
Keywords: computer network security; jamming; phase shift keying; telecommunication traffic; wireless LAN; WLAN security; WPA-WPA2-PSK brute forcer defense; active jammer; traffic decryption; wireless packet injection; Jamming; Microwave integrated circuits; Monitoring; Phase shift keying; Protocols; Wireless LAN; Wireless communication; PSK; WLAN; WPA; brute forcer (ID#: 15-6285)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120588&isnumber=7120439
Yangqing Zhu; Jun Zuo, "Research on Data Security Access Model of Cloud Computing Platform," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 424, 428, 24-26 April 2015. doi:10.1109/ICISCE.2015.99
Abstract: Cloud computing is a new Internet application mode, has very large scale, virtualization, high reliability, versatility and low cost characteristics. Cloud computing technologies can dynamically manage millions of the computer resources, and on demand assign to a global user. It appears to completely change the old Internet application mode. Since the data was stored in the remote cloud computing platform, thus brought new challenges to information security, for example, disclosure of data, hacker attacks, Trojans and viruses seriously threat user data security. A strict information security scheme must be established, then users can use cloud computing technologies. From based on USB key user authentication, based on attributes access control and data detection, the data security access of cloud computing platform was studied, to provide a secure solution for the user.
Keywords: authorisation; cloud computing; computer viruses; public key cryptography; virtualisation; Internet application mode; Trojans; USB key user authentication; access control; computer viruses; data detection; data disclosure; data security access model; data storage; dynamic computer resource management; hacker attacks; information security; remote cloud computing platform; strict-information security scheme; virtualization; Authentication; Certification; Cloud computing; Public key; Servers; Universal Serial Bus; Authentication; Cloud Computing; Model; Public Key Infrastructure; USB Key (ID#: 15-6286)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120639&isnumber=7120439
Ji-Li Luo; Meng-Jun Li; Jiang Jiang; Han-Lin You; Yin-Ye Li; Fang-Zhou Chen, "Combat Capability Assessment Approach of Strategic Missile Systems Based on Evidential Reasoning," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 665, 669, 24-26 April 2015. doi:10.1109/ICISCE.2015.153
Abstract: Combat capability assessment of strategic missiles systems is an important component of national security strategic decision-making. In view of the drawbacks existing in current system modelling methods, assessment indicators and assessment approaches, a model of combat system based on the operation loops is constructed. According to the system model and weapon properties, this paper proposes the system assessment indicators, calculates the weight value and devises the assignments of the indicators based on evidential reasoning and the assessment algorithm of systematic combat capability. The approach is proved to be effective by the examples of the typical equipment systems in the US Strategic Missile Force and in Russia's Strategic Missile Force.
Keywords: decision making; inference mechanisms; military aircraft; military computing; missiles; national security; Russia Strategic Missile Force; US Strategic Missile Force; combat capability assessment approach; evidential reasoning; national security strategic decision-making; operation loops; strategic missile systems; system assessment indicators; systematic combat capability; Cognition; Force; Missiles; Modeling; Peer-to-peer computing; Reliability; Strategic Missile Systems; combat capability assessment; evidential reasoning; operation loops (ID#: 15-6287)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120693&isnumber=7120439
Shi-Wei Zhao; Ze-Wen Cao; Wen-Sen Liu, "OSIA: Open Source Intelligence Analysis System Based on Cloud Computing and Domestic Platform," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 371, 375, 24-26 April 2015. doi:10.1109/ICISCE.2015.89
Abstract: Information safety is significant for state security, especially for intelligence service. OSIA (open source intelligence analyzing) system based on cloud computing and domestic platform is designed and implemented in this paper. For the sake of the security and utility of OSIA, all of the middleware and involved OS are compatible with domestic software. OSIA system concentrates on analyzing open source text intelligence and adopts self-designed distributed crawler system so that a closed circle is formed from intelligence acquisition to analysis process and push service. This paper also illustrates some typical applications of anti-terrorist, such as the "organizational member discovery" based on Stanford parser and cluster algorithm, the "member relation exhibition" based on paralleled PageRank algorithm and the like. The results of experiences show that the OSIA system is suitable for large scale textual intelligence analysis.
Keywords: cloud computing; data mining; grammars; middleware; parallel algorithms; public domain software; security of data; text analysis; OS; OSIA system; Stanford parser; antiterrorist; cloud computing; cluster algorithm; domestic platform; domestic software; information safety; intelligence acquisition; intelligence service; large scale textual intelligence analysis; member relation exhibition; middleware; open source intelligence analysis system; open source text intelligence; organizational member discovery; paralleled PageRank algorithm; push service; self-designed distributed crawler system; Algorithm design and analysis; Artificial intelligence; Crawlers; Operating systems; Security; Servers; Text mining; cloud computing; domestic platform; intelligence analysis system; text mining (ID#: 15-6288)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120629&isnumber=7120439
Lei-fei Xuan; Pei-fei Wu, "The Optimization and Implementation of Iptables Rules Set on Linux," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 988, 991, 24-26 April 2015. doi:10.1109/ICISCE.2015.223
Abstract: Firewall, as a mechanism of compulsory access control between the network or system, is an important means to ensure the network security. Firewall can be a very simple filter, but also it can be a carefully targeted gateway. But the principle is the same, which is monitoring and filtering all the information exchanged in internal and external networks. Linux as an open source operating system, is famous for it's stability and security.netfilter/iptables is a firewall system based on Linux which has a great function. This thesis first analysed the working principle of pintables, then introduced pintables rule set, and last proposed an effective algorithm to optimize the rules set which is implemented based on Linux system. In the part of implementation, some key code of the algorithm are given.
Keywords: Linux; authorisation; firewalls; public domain software; Linux system; compulsory access control mechanism; external networks; firewall system; information exchange; internal networks; iptables rules set implementation; iptables rules set optimization; key code; netfilter; network security; open source operating system; Control engineering; Information science; firewall; iptables; linux; optimization; rules set (ID#: 15-6289)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120763&isnumber=7120439
Rong-Tsu Wang; Chin-Tsu Chen, "Framework Building and Application of the Performance Evaluation in Marine Logistics Information Platform in Taiwan," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 245, 249, 24-26 April 2015. doi:10.1109/ICISCE.2015.61
Abstract: This paper has conducted a trial in establishing a systematic instrument for evaluating the performance of the marine information systems. Analytic Network Process (ANP) was introduced for determining the relative importance of a set of interdependent criteria concerned by the stakeholders (shipper/consignee, customer broker, forwarder, and container yard). Three major information platforms (MTNet, TradeVan, and Nice Shipping) in Taiwan were evaluated according to the criteria derived from ANP. Results show that the performance of marine information system can be divided into three constructs, namely: Safety and Technology (3 items), Service (3 items), and Charge (3 items). The Safety and Technology is the most important construct of marine information system evaluation, whereas Charger is the least important construct. This study give insights to improve the performance of the existing marine information systems and serve as the useful reference for the future freight information platform.
Keywords: analytic hierarchy process; containerisation; information systems; logistics data processing; marine engineering; ANP; MTNet; NiceShipping; Taiwan; TradeVan; analytic network process; charge construct; consignee; container yard; customer broker; forwarder; freight information platform; interdependent criteria;marine information systems; marine logistics information platform; performance evaluation; safety-and-technology construct; service construct; shipper; systematic instrument; Decision making; Information systems; Performance evaluation; Safety; Security; Supply chains; Transportation; Analytic Network Process; Logistics Information Platform; Marine; Performance (ID#: 15-6290)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120601&isnumber=7120439
Min Chen; Jie Xue, "Optimized Context Quantization for I-Ary Source," Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 367, 370, 24-26 April 2015. doi:10.1109/ICISCE.2015.88
Abstract: In this paper, the optimal Context quantization for the source is present. By considering correlations among values of source symbols, these conditional probability distributions are sorted by values of conditions firstly. Then the dynamic programming is used to implement the Context quantization. The description length of the Context model is used as the judgment parameter. Based on the criterion that the neighbourhood conditional probability distributions could be merged, our algorithm finds the optimal structure with minimum description length and the optimal Context quantization results could be achieved. The experiment results indicate that the proposed algorithm could achieve the similar result with other adaptive Context quantization algorithms with reasonable computational complexity.
Keywords: computational complexity; data compression; dynamic programming; image coding; probability; I-ary source; computational complexity; dynamic programming; neighbourhood conditional probability distribution; optimized context quantization; source symbol; Context; Context modeling; Dynamic programming; Heuristic algorithms; Image coding; Probability distribution; Quantization (signal); Context Quantization; Description Length; Dynamic Programming (ID#: 15-6291)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7120628&isnumber=7120439
Patel, Subhash Chandra; Singh, Ravi Shankar; Jaiswal, Sumit, "Secure and Privacy Enhanced Authentication Framework for Cloud Computing," Electronics and Communication Systems (ICECS), 2015 2nd International Conference on, pp. 1631, 1634, 26-27 Feb. 2015. doi:10.1109/ECS.2015.7124863
Abstract: Cloud computing is a revolution in information technology. The cloud consumer outsources their sensitive data and personal information to cloud provider's servers which is not within the same trusted domain of data-owner so most challenging issues arises in cloud are data security users privacy and access control. In this paper we also have proposed a method to achieve fine grained security with combined approach of PGP and Kerberos in cloud computing. The proposed method provides authentication, confidentiality, integrity, and privacy features to Cloud Service Providers and Cloud Users.
Keywords: Access control; Authentication; Cloud computing; Cryptography; Privacy; Servers; Cloud computing; Kerberos; Pretty Good Privacy; access control; authentication; privacy; security (ID#: 15-6292)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7124863&isnumber=7124722
Kulkarni, S.A.; Patil, S.B., "A Robust Encryption Method for Speech Data Hiding in Digital Images for Optimized Security, " Pervasive Computing (ICPC), 2015 International Conference on, pp. 1, 5, 8-10 Jan. 2015. doi:10.1109/PERVASIVE.2015.7087134
Abstract: Steganography is a art of hiding information in a host signal. It is very important to hide the secret data efficiently, as many attacks made on the data communication. The host signal can be a still image, speech or video and the message signal that is hidden in the host signal can be a text, image or an audio signal. The cryptography concept is used for locking the secret message in the cover file. The cryptography makes the secret message not understood unless the decryption key is available. It is related with constructing and analyzing various methods that overcome the influence of third parties. Modern cryptography works on the disciplines like mathematics, computer science and electrical engineering. In this paper a symmetric key is developed which consists of reshuffling and secret arrangement of secret signal data bits in cover signal data bits. In this paper the authors have performed the encryption process on secret speech signal data bits-level to achieve greater strength of encryption which is hidden inside the cover image. The encryption algorithm applied with embedding method is the robust secure method for data hiding.
Keywords: cryptography; image coding; speech coding; steganography; cover image; cryptography concept; data communication; decryption key; digital images; embedding method; host signal; optimized security; robust encryption method; secret signal data bit reshuffling; secret signal data bit secret arrangement; speech data hiding; steganography; symmetric key; Encryption; Noise; Receivers; Robustness; Speech; Transmitters; Cover signal; Cryptography; Encryption; Secret key; Secret signal (ID#: 15-6293)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7087134&isnumber=7086957
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.