首页 > 最新文献

2014 IEEE Security and Privacy Workshops最新文献

英文 中文
Gringotts: Securing Data for Digital Evidence 古灵阁:保护数字证据的数据
Pub Date : 2014-05-17 DOI: 10.1109/SPW.2014.11
Catherine M. S. Redfield, Hiroyuki Date
As digital storage and cloud processing become more common in business infrastructure and security systems, maintaining the provable integrity of accumulated institutional data that may be required as legal evidence also increases in complexity. Since data owners may have an interest in a proposed lawsuit, it is essential that any digital evidence be guaranteed against both outside attacks and internal tampering. Since the timescale required for legal disputes is unrelated to computational and mathematical advances, evidential data integrity must be maintained even after the cryptography that originally protected it becomes obsolete. In this paper we propose Gringotts, a system where data is signed on the device that generates it, transmitted from multiple sources to a server using a novel signature scheme, and stored with its signature on a database running Evidence Record Syntax, a protocol for long-term archival systems that maintains the data integrity of the signature, even over the course of changing cryptographic practices. Our proof of concept for a small surveillance camera network had a processing (throughput) overhead of 7.5%, and a storage overhead of 6.2%.
随着数字存储和云处理在业务基础设施和安全系统中变得越来越普遍,维护可能需要作为法律证据的累积机构数据的可证明的完整性也变得越来越复杂。由于数据所有者可能对拟议的诉讼感兴趣,因此必须保证任何数字证据不受外部攻击和内部篡改。由于法律纠纷所需的时间尺度与计算和数学进步无关,因此即使在最初保护它的密码学过时之后,也必须保持证据数据的完整性。在本文中,我们提出了古灵阁(gringots),这是一个系统,数据在生成它的设备上签名,使用一种新颖的签名方案从多个来源传输到服务器,并将其签名存储在运行证据记录语法(Evidence Record Syntax)的数据库中,这是一种用于长期存档系统的协议,即使在改变加密实践的过程中也能保持签名的数据完整性。我们对一个小型监控摄像机网络的概念验证的处理(吞吐量)开销为7.5%,存储开销为6.2%。
{"title":"Gringotts: Securing Data for Digital Evidence","authors":"Catherine M. S. Redfield, Hiroyuki Date","doi":"10.1109/SPW.2014.11","DOIUrl":"https://doi.org/10.1109/SPW.2014.11","url":null,"abstract":"As digital storage and cloud processing become more common in business infrastructure and security systems, maintaining the provable integrity of accumulated institutional data that may be required as legal evidence also increases in complexity. Since data owners may have an interest in a proposed lawsuit, it is essential that any digital evidence be guaranteed against both outside attacks and internal tampering. Since the timescale required for legal disputes is unrelated to computational and mathematical advances, evidential data integrity must be maintained even after the cryptography that originally protected it becomes obsolete. In this paper we propose Gringotts, a system where data is signed on the device that generates it, transmitted from multiple sources to a server using a novel signature scheme, and stored with its signature on a database running Evidence Record Syntax, a protocol for long-term archival systems that maintains the data integrity of the signature, even over the course of changing cryptographic practices. Our proof of concept for a small surveillance camera network had a processing (throughput) overhead of 7.5%, and a storage overhead of 6.2%.","PeriodicalId":142224,"journal":{"name":"2014 IEEE Security and Privacy Workshops","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133464207","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Phantom Boundaries and Cross-Layer Illusions in 802.15.4 Digital Radio 802.15.4数字无线电中的幻影边界和跨层幻象
Pub Date : 2014-05-17 DOI: 10.1109/SPW.2014.33
T. Goodspeed
The classic design of protocol stacks, where each layer of the stack receives and unwraps the payload of the next layer, implies that each layer has a parser that accepts Protocol Data Units and extracts the intended Service Data Units from them. The PHY layer plays a special role, because it must create frames, i.e., original PDUs, from a stream of bits or symbols. An important property implicitly expected from these parsers is that SDUs are passed to the next layer only if the encapsulating PDUs from all previous layers were received exactly as transmitted by the sender and were syntactically correct. The Packet-in-packet attack (WOOT 2011) showed that this false assumption could be easily violated and exploited on IEEE 802.15.4 and similar PHY layers, however, it did not challenge the assumption that symbols and bytes recognized by the receiver were as transmitted by the sender. This work shows that even that assumption is wrong: in fact, a valid received frame may share no symbols with the sent one! This property is due to a particular choice of low-level chip encoding of 802.15.4, which enables the attacker to co-opt the receiver's error correction. This case study demonstrates that PHY layer logic is as susceptible to the input language manipulation attacks as other layers, or perhaps more so. Consequently, when designing protocol stacks, language-theoretic considerations must be taken into account from the very bottom of the PHY layer, no layer is too low to be considered "mere engineering".
协议栈的经典设计是,栈的每一层接收并打开下一层的有效负载,这意味着每一层都有一个解析器,它接受协议数据单元并从中提取预期的服务数据单元。物理层起着特殊的作用,因为它必须从位或符号流中创建帧,即原始pdu。这些解析器隐含的一个重要属性是,只有当来自所有前一层的封装pdu与发送方发送的完全相同并且语法正确时,才会将pdu传递到下一层。包中包攻击(WOOT 2011)表明,这种错误的假设很容易在IEEE 802.15.4和类似的物理层上被违反和利用,但是,它并没有挑战接收方识别的符号和字节由发送方传输的假设。这项工作表明,即使是这种假设也是错误的:事实上,一个有效的接收帧可能与发送帧没有共享符号!此属性是由于802.15.4的低级别芯片编码的特殊选择,这使得攻击者能够共同选择接收器的纠错。本案例研究表明,物理层逻辑与其他层一样容易受到输入语言操作攻击,甚至更容易受到攻击。因此,在设计协议栈时,必须从物理层的最底层考虑语言理论方面的考虑,任何层都不能太低而被认为是“纯粹的工程”。
{"title":"Phantom Boundaries and Cross-Layer Illusions in 802.15.4 Digital Radio","authors":"T. Goodspeed","doi":"10.1109/SPW.2014.33","DOIUrl":"https://doi.org/10.1109/SPW.2014.33","url":null,"abstract":"The classic design of protocol stacks, where each layer of the stack receives and unwraps the payload of the next layer, implies that each layer has a parser that accepts Protocol Data Units and extracts the intended Service Data Units from them. The PHY layer plays a special role, because it must create frames, i.e., original PDUs, from a stream of bits or symbols. An important property implicitly expected from these parsers is that SDUs are passed to the next layer only if the encapsulating PDUs from all previous layers were received exactly as transmitted by the sender and were syntactically correct. The Packet-in-packet attack (WOOT 2011) showed that this false assumption could be easily violated and exploited on IEEE 802.15.4 and similar PHY layers, however, it did not challenge the assumption that symbols and bytes recognized by the receiver were as transmitted by the sender. This work shows that even that assumption is wrong: in fact, a valid received frame may share no symbols with the sent one! This property is due to a particular choice of low-level chip encoding of 802.15.4, which enables the attacker to co-opt the receiver's error correction. This case study demonstrates that PHY layer logic is as susceptible to the input language manipulation attacks as other layers, or perhaps more so. Consequently, when designing protocol stacks, language-theoretic considerations must be taken into account from the very bottom of the PHY layer, no layer is too low to be considered \"mere engineering\".","PeriodicalId":142224,"journal":{"name":"2014 IEEE Security and Privacy Workshops","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124512155","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
PeerShark: Detecting Peer-to-Peer Botnets by Tracking Conversations PeerShark:通过跟踪对话检测点对点僵尸网络
Pub Date : 2014-05-17 DOI: 10.1109/SPW.2014.25
Pratik Narang, S. Ray, C. Hota, V. Venkatakrishnan
The decentralized nature of Peer-to-Peer (P2P) botnets makes them difficult to detect. Their distributed nature also exhibits resilience against take-down attempts. Moreover, smarter bots are stealthy in their communication patterns, and elude the standard discovery techniques which look for anomalous network or communication behavior. In this paper, we propose PeerShark, a novel methodology to detect P2P botnet traffic and differentiate it from benign P2P traffic in a network. Instead of the traditional 5-tuple 'flow-based' detection approach, we use a 2-tuple 'conversation-based' approach which is port-oblivious, protocol-oblivious and does not require Deep Packet Inspection. PeerShark could also classify different P2P applications with an accuracy of more than 95%.
点对点(P2P)僵尸网络的分散性使得它们很难被检测到。它们的分布式特性也显示出了抵御破坏企图的弹性。此外,智能机器人在其通信模式中是隐形的,并且避开了寻找异常网络或通信行为的标准发现技术。在本文中,我们提出了PeerShark,一种新的方法来检测P2P僵尸网络流量并将其与网络中的良性P2P流量区分开来。与传统的5元组“基于流”的检测方法不同,我们使用了2元组“基于会话”的方法,这种方法是端口无关的,协议无关的,不需要深度包检测。PeerShark还可以对不同的P2P应用程序进行分类,准确率超过95%。
{"title":"PeerShark: Detecting Peer-to-Peer Botnets by Tracking Conversations","authors":"Pratik Narang, S. Ray, C. Hota, V. Venkatakrishnan","doi":"10.1109/SPW.2014.25","DOIUrl":"https://doi.org/10.1109/SPW.2014.25","url":null,"abstract":"The decentralized nature of Peer-to-Peer (P2P) botnets makes them difficult to detect. Their distributed nature also exhibits resilience against take-down attempts. Moreover, smarter bots are stealthy in their communication patterns, and elude the standard discovery techniques which look for anomalous network or communication behavior. In this paper, we propose PeerShark, a novel methodology to detect P2P botnet traffic and differentiate it from benign P2P traffic in a network. Instead of the traditional 5-tuple 'flow-based' detection approach, we use a 2-tuple 'conversation-based' approach which is port-oblivious, protocol-oblivious and does not require Deep Packet Inspection. PeerShark could also classify different P2P applications with an accuracy of more than 95%.","PeriodicalId":142224,"journal":{"name":"2014 IEEE Security and Privacy Workshops","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129934425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 61
Hurdles for Genomic Data Usage Management 基因组数据使用管理的障碍
Pub Date : 2014-05-17 DOI: 10.1109/SPW.2014.44
Muhammad Naveed
Our genome determines our appearance, gender, diseases, reaction to drugs, and much more. It not only contains information about us but also about our relatives, past generations, and future generations. This creates many policy and technology challenges to protect privacy and manage usage of genomic data. In this paper, we identify various features of genomic data that make its usage management very challenging and different from other types of data. We also describe some ideas about potential solutions and propose some recommendations for the usage of genomic data.
我们的基因组决定了我们的外貌、性别、疾病、对药物的反应等等。它不仅包含了我们自己的信息,也包含了我们的亲戚、过去的几代人和未来的几代人的信息。这为保护隐私和管理基因组数据的使用带来了许多政策和技术挑战。在本文中,我们确定了基因组数据的各种特征,使其使用管理非常具有挑战性和不同于其他类型的数据。我们还描述了一些潜在的解决方案,并对基因组数据的使用提出了一些建议。
{"title":"Hurdles for Genomic Data Usage Management","authors":"Muhammad Naveed","doi":"10.1109/SPW.2014.44","DOIUrl":"https://doi.org/10.1109/SPW.2014.44","url":null,"abstract":"Our genome determines our appearance, gender, diseases, reaction to drugs, and much more. It not only contains information about us but also about our relatives, past generations, and future generations. This creates many policy and technology challenges to protect privacy and manage usage of genomic data. In this paper, we identify various features of genomic data that make its usage management very challenging and different from other types of data. We also describe some ideas about potential solutions and propose some recommendations for the usage of genomic data.","PeriodicalId":142224,"journal":{"name":"2014 IEEE Security and Privacy Workshops","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127845894","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
RAPPD: A Language and Prototype for Recipient-Accountable Private Personal Data RAPPD:接受者负责的私人个人数据的语言和原型
Pub Date : 2014-05-01 DOI: 10.1109/SPW.2014.16
Y. Kang, Allan M. Schiffman, Jeff Shrager
Often communicate private data in informal settings such as email, where we trust that the recipient shares our assumptions regarding the disposition of this data. Sometimes we informally express our desires in this regard, but there is no formal means in such settings to make our wishes explicit, nor to hold the recipient accountable. Here we describe a system and prototype implementation called Recipient-Accountable Private Personal Data, which lets the originator express his or her privacy desires regarding data transmitted in email, and provides some accountability. Our method only assumes that the recipient is reading the email online, and on an email reader that will execute HTML and JavaScript.
经常在非正式的环境中交流私人数据,如电子邮件,我们相信收件人分享我们对这些数据处理的假设。有时我们非正式地表达我们在这方面的愿望,但在这种情况下,没有正式的手段来明确我们的愿望,也没有让接受者负责。在这里,我们描述了一个系统和原型实现,称为收件人负责的私人个人数据,它允许发起者表达他或她对电子邮件中传输的数据的隐私愿望,并提供一些问责制。我们的方法只假设收件人正在在线阅读电子邮件,并且在一个将执行HTML和JavaScript的电子邮件阅读器上。
{"title":"RAPPD: A Language and Prototype for Recipient-Accountable Private Personal Data","authors":"Y. Kang, Allan M. Schiffman, Jeff Shrager","doi":"10.1109/SPW.2014.16","DOIUrl":"https://doi.org/10.1109/SPW.2014.16","url":null,"abstract":"Often communicate private data in informal settings such as email, where we trust that the recipient shares our assumptions regarding the disposition of this data. Sometimes we informally express our desires in this regard, but there is no formal means in such settings to make our wishes explicit, nor to hold the recipient accountable. Here we describe a system and prototype implementation called Recipient-Accountable Private Personal Data, which lets the originator express his or her privacy desires regarding data transmitted in email, and provides some accountability. Our method only assumes that the recipient is reading the email online, and on an email reader that will execute HTML and JavaScript.","PeriodicalId":142224,"journal":{"name":"2014 IEEE Security and Privacy Workshops","volume":"351 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115975242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Improving Hard Disk Contention-Based Covert Channel in Cloud Computing 云计算中基于硬盘争用的隐蔽通道改进
Pub Date : 2014-02-02 DOI: 10.1109/SPW.2014.24
B. Lipinski, W. Mazurczyk, K. Szczypiorski
Steganographic methods allow the covert exchange of secret data between parties aware of the procedure. The cloud computing environment is a new and emerging target for steganographers, but currently not many solutions have been proposed. This paper proposes CloudSteg, which is a steganographic method that creates a covert channel based on hard disk contention between the two cloud instances that reside on the same physical machine. Experimental results conducted using open-source cloud environment Open Stack show that CloudSteg is able to achieve a bandwidth of about 0.1 bps, which is 1000 times higher than is known from the state-of-the-art version.
隐写方法允许在了解该程序的各方之间秘密交换秘密数据。对于隐写者来说,云计算环境是一个新兴的目标,但目前还没有提出很多解决方案。本文提出了CloudSteg,这是一种隐写方法,它基于驻留在同一物理机器上的两个云实例之间的硬盘争用创建隐蔽通道。使用开源云环境Open Stack进行的实验结果表明,CloudSteg能够实现约0.1 bps的带宽,比目前已知的最先进版本高1000倍。
{"title":"Improving Hard Disk Contention-Based Covert Channel in Cloud Computing","authors":"B. Lipinski, W. Mazurczyk, K. Szczypiorski","doi":"10.1109/SPW.2014.24","DOIUrl":"https://doi.org/10.1109/SPW.2014.24","url":null,"abstract":"Steganographic methods allow the covert exchange of secret data between parties aware of the procedure. The cloud computing environment is a new and emerging target for steganographers, but currently not many solutions have been proposed. This paper proposes CloudSteg, which is a steganographic method that creates a covert channel based on hard disk contention between the two cloud instances that reside on the same physical machine. Experimental results conducted using open-source cloud environment Open Stack show that CloudSteg is able to achieve a bandwidth of about 0.1 bps, which is 1000 times higher than is known from the state-of-the-art version.","PeriodicalId":142224,"journal":{"name":"2014 IEEE Security and Privacy Workshops","volume":"76 11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-02-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129771835","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
期刊
2014 IEEE Security and Privacy Workshops
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1