Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335550
W. Claycomb, Dongwan Shin
Directory services are corporate computing objects responsible for providing information about user accounts, computer accounts, contacts, etc. Virtual directories are powerful tools for consolidating this data, modifying it if necessary, and presenting it to the end user in a highly customized manner. While attacks against directory services have been identified, attacks and vulnerabilities of virtual directories remain largely unstudied. In this paper, we present an analysis of four types of attacks on virtual directory services. In doing so, we describe how each is performed, and discuss how to detect and prevent each type of attack. This first step towards protecting virtual directory services is critical to protecting the information contained in the source directories - information which could potentially contain sensitive data and be used for authentication and/or access control decisions.
{"title":"Threat modeling for virtual directory services","authors":"W. Claycomb, Dongwan Shin","doi":"10.1109/CCST.2009.5335550","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335550","url":null,"abstract":"Directory services are corporate computing objects responsible for providing information about user accounts, computer accounts, contacts, etc. Virtual directories are powerful tools for consolidating this data, modifying it if necessary, and presenting it to the end user in a highly customized manner. While attacks against directory services have been identified, attacks and vulnerabilities of virtual directories remain largely unstudied. In this paper, we present an analysis of four types of attacks on virtual directory services. In doing so, we describe how each is performed, and discuss how to detect and prevent each type of attack. This first step towards protecting virtual directory services is critical to protecting the information contained in the source directories - information which could potentially contain sensitive data and be used for authentication and/or access control decisions.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"239 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126044727","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335525
R. Volner, V. Smrž, P. Bores
The term security network intelligence is widely used in the field of communication security network. A number of new and potentially concepts and products based on the concept of security network intelligence have been introduced, including smart flows, intelligent routing, and intelligent web switching. Many intelligent systems focus on a specific security service, function, or device, and do not provide true end-to-end service network intelligence. True security network intelligence requires more than a set of disconnected elements, it requires an interconnecting and functionally coupled architecture that enables the various functional levels to interact and communicate with each other.
{"title":"Home system and personal health information management","authors":"R. Volner, V. Smrž, P. Bores","doi":"10.1109/CCST.2009.5335525","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335525","url":null,"abstract":"The term security network intelligence is widely used in the field of communication security network. A number of new and potentially concepts and products based on the concept of security network intelligence have been introduced, including smart flows, intelligent routing, and intelligent web switching. Many intelligent systems focus on a specific security service, function, or device, and do not provide true end-to-end service network intelligence. True security network intelligence requires more than a set of disconnected elements, it requires an interconnecting and functionally coupled architecture that enables the various functional levels to interact and communicate with each other.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129634570","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335547
Miguel A. Ferrer, A. Morales, C. Travieso, J. B. Alonso
The fusion of hand biometric traits has been a very active research topic since 2003. The first part of this paper presents a short summary of the technology on combining hand biometric traits. As the summary show a clear tendency on adding new hand based traits in order to increase the performance of the hand based biometric scheme, an experiment that combine hand geometry, palm print, finger texture and vein pattern of hand dorsum is presented.
{"title":"Combining hand biometric traits for personal identification","authors":"Miguel A. Ferrer, A. Morales, C. Travieso, J. B. Alonso","doi":"10.1109/CCST.2009.5335547","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335547","url":null,"abstract":"The fusion of hand biometric traits has been a very active research topic since 2003. The first part of this paper presents a short summary of the technology on combining hand biometric traits. As the summary show a clear tendency on adding new hand based traits in order to increase the performance of the hand based biometric scheme, an experiment that combine hand geometry, palm print, finger texture and vein pattern of hand dorsum is presented.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114796733","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335546
Andrew H. Ryan, J. F. Cohn, S. Lucey, Jason M. Saragih, P. Lucey, F. de la Torre, Adam Rossi
Heightened concerns about the treatment of individuals during interviews and interrogations have stimulated efforts to develop “non-intrusive” technologies for rapidly assessing the credibility of statements by individuals in a variety of sensitive environments. Methods or processes that have the potential to precisely focus investigative resources will advance operational excellence and improve investigative capabilities. Facial expressions have the ability to communicate emotion and regulate interpersonal behavior. Over the past 30 years, scientists have developed human-observer based methods that can be used to classify and correlate facial expressions with human emotion. However, these methods have proven to be labor intensive, qualitative, and difficult to standardize. The Facial Action Coding System (FACS) developed by Paul Ekman and Wallace V. Friesen is the most widely used and validated method for measuring and describing facial behaviors. The Automated Facial Expression Recognition System (AFERS) automates the manual practice of FACS, leveraging the research and technology behind the CMU/PITT Automated Facial Image Analysis System (AFA) system developed by Dr. Jeffery Cohn and his colleagues at the Robotics Institute of Carnegie Mellon University. This portable, near real-time system will detect the seven universal expressions of emotion (figure 1), providing investigators with indicators of the presence of deception during the interview process. In addition, the system will include features such as full video support, snapshot generation, and case management utilities, enabling users to re-evaluate interviews in detail at a later date.
对个人在面谈和审讯期间所受待遇的高度关注,促使人们努力发展“非侵入性”技术,以便在各种敏感环境中迅速评估个人陈述的可信度。有可能精确集中调查资源的方法或流程将推进卓越的行动并提高调查能力。面部表情具有交流情绪和调节人际行为的能力。在过去的30年里,科学家们开发了基于人类观察者的方法,可以用来对面部表情与人类情绪进行分类和关联。然而,这些方法已被证明是劳动密集型的,定性的,难以标准化。由Paul Ekman和Wallace V. Friesen开发的面部动作编码系统(FACS)是测量和描述面部行为的最广泛使用和验证的方法。自动面部表情识别系统(AFERS)利用卡内基梅隆大学机器人研究所Jeffery Cohn博士及其同事开发的CMU/PITT自动面部图像分析系统(AFA)系统背后的研究和技术,使FACS的手动操作自动化。这种便携式、接近实时的系统将检测七种普遍的情绪表达(图1),为调查人员提供在采访过程中是否存在欺骗的指标。此外,该系统还将包括完整视频支持、快照生成和案例管理实用程序等功能,使用户能够在以后详细地重新评估面试。
{"title":"Automated Facial Expression Recognition System","authors":"Andrew H. Ryan, J. F. Cohn, S. Lucey, Jason M. Saragih, P. Lucey, F. de la Torre, Adam Rossi","doi":"10.1109/CCST.2009.5335546","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335546","url":null,"abstract":"Heightened concerns about the treatment of individuals during interviews and interrogations have stimulated efforts to develop “non-intrusive” technologies for rapidly assessing the credibility of statements by individuals in a variety of sensitive environments. Methods or processes that have the potential to precisely focus investigative resources will advance operational excellence and improve investigative capabilities. Facial expressions have the ability to communicate emotion and regulate interpersonal behavior. Over the past 30 years, scientists have developed human-observer based methods that can be used to classify and correlate facial expressions with human emotion. However, these methods have proven to be labor intensive, qualitative, and difficult to standardize. The Facial Action Coding System (FACS) developed by Paul Ekman and Wallace V. Friesen is the most widely used and validated method for measuring and describing facial behaviors. The Automated Facial Expression Recognition System (AFERS) automates the manual practice of FACS, leveraging the research and technology behind the CMU/PITT Automated Facial Image Analysis System (AFA) system developed by Dr. Jeffery Cohn and his colleagues at the Robotics Institute of Carnegie Mellon University. This portable, near real-time system will detect the seven universal expressions of emotion (figure 1), providing investigators with indicators of the presence of deception during the interview process. In addition, the system will include features such as full video support, snapshot generation, and case management utilities, enabling users to re-evaluate interviews in detail at a later date.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126557803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335522
Wu Wei
The airport security information management system (ASIMS) has been playing very important role i preventing aircrafts from hijacking, terrorism attacks and other acts of unlawful interference. The system is designed to integrate a variety of security information of an airport into an organic body by analyzing and mining data collected form the security checkpoints and stored in central server database in order to supply proper information to the airport. With the development of aviation security technology, many advance security device are emerged and increase the security level significantly. But at the same time, mass data is poured into the existing ASIMS. The system raise higher requirement to data transmission and data-mining technologies. Based on the investigation and research on the existing ASIMS, the paper concludes the functions and configuration of the system used in airport and presents some problems of the system for further modifying when system is constructed and related standards are established. All the efforts are to make the system serve for the aviation security more efficient, safe and effective.
{"title":"The application research of airport security information management system on the field of civil aviation security","authors":"Wu Wei","doi":"10.1109/CCST.2009.5335522","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335522","url":null,"abstract":"The airport security information management system (ASIMS) has been playing very important role i preventing aircrafts from hijacking, terrorism attacks and other acts of unlawful interference. The system is designed to integrate a variety of security information of an airport into an organic body by analyzing and mining data collected form the security checkpoints and stored in central server database in order to supply proper information to the airport. With the development of aviation security technology, many advance security device are emerged and increase the security level significantly. But at the same time, mass data is poured into the existing ASIMS. The system raise higher requirement to data transmission and data-mining technologies. Based on the investigation and research on the existing ASIMS, the paper concludes the functions and configuration of the system used in airport and presents some problems of the system for further modifying when system is constructed and related standards are established. All the efforts are to make the system serve for the aviation security more efficient, safe and effective.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133660530","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335562
W. Claycomb, Dongwan Shin
Secure device pairing between mobile devices is a challenging task. The lack of a trusted authority and low computational power make it difficult for mobile devices to establish secure communication channels in ubiquitous computing environments. Solutions have been proposed using locationlimited channels to transmit secure pairing information that can be verified as originating from the intended device, enabling users to establish secure channels over insecure mediums. Of particular interest is using audio as a location-limited channel, due to the widespread deployment of audio capabilities on mobile devices. We describe a solution for secure device pairing using audio, called UbiSound, which only requires a single audio transmission to authenticate both devices. We describe our communication protocol, implementation details and results, and discuss how our solution is resistant to a number of attacks. Additionally, we emphasize how our solution is usable for visually impaired users.
{"title":"Secure device pairing using audio","authors":"W. Claycomb, Dongwan Shin","doi":"10.1109/CCST.2009.5335562","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335562","url":null,"abstract":"Secure device pairing between mobile devices is a challenging task. The lack of a trusted authority and low computational power make it difficult for mobile devices to establish secure communication channels in ubiquitous computing environments. Solutions have been proposed using locationlimited channels to transmit secure pairing information that can be verified as originating from the intended device, enabling users to establish secure channels over insecure mediums. Of particular interest is using audio as a location-limited channel, due to the widespread deployment of audio capabilities on mobile devices. We describe a solution for secure device pairing using audio, called UbiSound, which only requires a single audio transmission to authenticate both devices. We describe our communication protocol, implementation details and results, and discuss how our solution is resistant to a number of attacks. Additionally, we emphasize how our solution is usable for visually impaired users.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133400107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335535
J. Thompson, Craig Devine, Carinna Brown, S. Tarr
The UK Home Office Scientific Development Branch, in partnership with the Centre for the Protection of National Infrastructure, has been developing a suite of standards for the testing of barrier-mounted, ground-based, free-standing and rapidly deployable Perimeter Intruder Detection Systems (PIDS). These standards allow different technologies to be compared on a performance basis. Progress on development of these standards and subsequent evaluations is discussed. Particular emphasis is given to the new standard for rapidly deployable PIDS and the current ongoing trial of several free-standing PIDS, using a purpose-built evaluation area. The evaluation area is comprised of 100m long, 7m wide tarmac and gravel strips, which run parallel to each other and allow a comparison of the performance of the same PIDS technology types over different surfaces. This will be the first free-standing PIDS evaluation conducted against the newly developed evaluation standard. It is expected to yield results on the effects that different surfaces may have on the performance of free-standing PIDS.
{"title":"Standardised procedures for evaluating PIDS — An update","authors":"J. Thompson, Craig Devine, Carinna Brown, S. Tarr","doi":"10.1109/CCST.2009.5335535","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335535","url":null,"abstract":"The UK Home Office Scientific Development Branch, in partnership with the Centre for the Protection of National Infrastructure, has been developing a suite of standards for the testing of barrier-mounted, ground-based, free-standing and rapidly deployable Perimeter Intruder Detection Systems (PIDS). These standards allow different technologies to be compared on a performance basis. Progress on development of these standards and subsequent evaluations is discussed. Particular emphasis is given to the new standard for rapidly deployable PIDS and the current ongoing trial of several free-standing PIDS, using a purpose-built evaluation area. The evaluation area is comprised of 100m long, 7m wide tarmac and gravel strips, which run parallel to each other and allow a comparison of the performance of the same PIDS technology types over different surfaces. This will be the first free-standing PIDS evaluation conducted against the newly developed evaluation standard. It is expected to yield results on the effects that different surfaces may have on the performance of free-standing PIDS.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127664277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335571
A. Bolfing, A. Schwaninger
This document concentrates on how aviation security can be largely improved by selecting the right people for the x-ray screening task. X-ray images dispose of a different colour range, single objects superimpose each other independently of whether they are in front or behind of each other, and the single objects look very different from what they look like under natural light. Therefore, individual visual abilities such as mental rotation, figure-ground segregation, or visual search of specific patterns are very important for the correct interpretation of x-ray images. In this paper we briefly discuss job and task analysis, as well as cognitive task analysis in x-ray screening. We then discuss tests used in pre-employment assessment, including a more detailed presentation of the X-Ray Object Recognition Test (X-Ray ORT). Finally, a new project is presented in which a cognitive test battery is developed to measure important visual abilities needed in x-ray screening and related tasks.
{"title":"Selection and pre-employment assessment in aviation security x-ray screening","authors":"A. Bolfing, A. Schwaninger","doi":"10.1109/CCST.2009.5335571","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335571","url":null,"abstract":"This document concentrates on how aviation security can be largely improved by selecting the right people for the x-ray screening task. X-ray images dispose of a different colour range, single objects superimpose each other independently of whether they are in front or behind of each other, and the single objects look very different from what they look like under natural light. Therefore, individual visual abilities such as mental rotation, figure-ground segregation, or visual search of specific patterns are very important for the correct interpretation of x-ray images. In this paper we briefly discuss job and task analysis, as well as cognitive task analysis in x-ray screening. We then discuss tests used in pre-employment assessment, including a more detailed presentation of the X-Ray Object Recognition Test (X-Ray ORT). Finally, a new project is presented in which a cognitive test battery is developed to measure important visual abilities needed in x-ray screening and related tasks.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123296899","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2009-11-13DOI: 10.1109/CCST.2009.5335552
M. A. El-Iskandarani, S. Darwish, A. Abubahia
For digital image watermarking scheme, to be an effective tool for intellectual property protection, it must satisfy the requirements of image quality, watermark robustness and capacity, embedding security and extraction flexibility. Towards these requirements, this paper introduces a high-capacity second generation based blind watermarking scheme for protection of intellectual property, which takes the consideration of good image quality. In the proposed scheme, the host image is normalized by fast technique to resist geometric attacks and reduce the computational time. The normalized image is then transformed using parametric bi-orthogonal integer lifting wavelet transform (LWT) to increase security. The high-capacity watermark is embedded carefully into the salient features by utilizing least significant bits (LSBs) method to maximize the robustness and quality. Experimental results show the reliability of the proposed scheme against variety kinds of attacks including image processing attacks and geometric attacks.
{"title":"Capacity and quality improvement in blind second generation watermarking","authors":"M. A. El-Iskandarani, S. Darwish, A. Abubahia","doi":"10.1109/CCST.2009.5335552","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335552","url":null,"abstract":"For digital image watermarking scheme, to be an effective tool for intellectual property protection, it must satisfy the requirements of image quality, watermark robustness and capacity, embedding security and extraction flexibility. Towards these requirements, this paper introduces a high-capacity second generation based blind watermarking scheme for protection of intellectual property, which takes the consideration of good image quality. In the proposed scheme, the host image is normalized by fast technique to resist geometric attacks and reduce the computational time. The normalized image is then transformed using parametric bi-orthogonal integer lifting wavelet transform (LWT) to increase security. The high-capacity watermark is embedded carefully into the salient features by utilizing least significant bits (LSBs) method to maximize the robustness and quality. Experimental results show the reliability of the proposed scheme against variety kinds of attacks including image processing attacks and geometric attacks.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125233010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Security Operations Center (SOC) is a unit inside or outside an organization that monitors and deals with information security incidents, on a technical level. In this paper, a trusted security incident information sharing mechanism among SOCs is proposed. The information needed to share among SOCs to prevent incident dispersions usually were just the time of occurrence, origin of attack, consequence, severity and path of attack. In the proposed mechanism, we aim to share the minimum information required. Secure data transferred paths can be used. We hope the adopting of the mechanism may increase the willing of sharing security information among SOCs.
{"title":"A trusted security information sharing mechanism","authors":"Dwen-Ren Tsai, Wen-Chi Chen, Yin-Chia Lu, Chi-Wen Wu","doi":"10.1109/CCST.2009.5335529","DOIUrl":"https://doi.org/10.1109/CCST.2009.5335529","url":null,"abstract":"Security Operations Center (SOC) is a unit inside or outside an organization that monitors and deals with information security incidents, on a technical level. In this paper, a trusted security incident information sharing mechanism among SOCs is proposed. The information needed to share among SOCs to prevent incident dispersions usually were just the time of occurrence, origin of attack, consequence, severity and path of attack. In the proposed mechanism, we aim to share the minimum information required. Secure data transferred paths can be used. We hope the adopting of the mechanism may increase the willing of sharing security information among SOCs.","PeriodicalId":117285,"journal":{"name":"43rd Annual 2009 International Carnahan Conference on Security Technology","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2009-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117289964","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: