Frederik Armknecht, Z. Benenson, Philipp Morgner, Christian Müller, Christian Riess
{"title":"Privacy implications of room climate data","authors":"Frederik Armknecht, Z. Benenson, Philipp Morgner, Christian Müller, Christian Riess","doi":"10.3233/JCS-181133","DOIUrl":"https://doi.org/10.3233/JCS-181133","url":null,"abstract":"","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-01-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116769651","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The administrators of a mission critical network usually have to worry about non-traditional threats, e.g., how to live with known, but unpatchable vulnerabilities, and how to improve the network’s resilience against potentially unknown vulnerabilities. To this end, network hardening is a well-known preventive security solution that aims to improve network security by taking proactive actions, namely, hardening options. However, most existing network hardening approaches rely on a single hardening option, such as disabling unnecessary services, which becomes less effective when it comes to dealing with unknown and unpatchable vulnerabilities. There lacks a heterogeneous approach that can combine different hardening options in an optimal way to deal with both unknown and unpatchable vulnerabilities. In this paper, we propose such an approach by unifying multiple hardening options, such as service diversification, firewall rule modification, adding, removing, and relocating network resources, and access control, all under the same model. We then apply security metrics designed for evaluating network resilience against unknown and unpatchable vulnerabilities, and consequently derive optimal solutions to maximize security under given cost constraints. Finally, we study the effectiveness of our solution against unpatchable vulnerabilities through simulations.
{"title":"Surviving unpatchable vulnerabilities through heterogeneous network hardening options","authors":"D. Borbor, Lingyu Wang, S. Jajodia, A. Singhal","doi":"10.3233/JCS-171106","DOIUrl":"https://doi.org/10.3233/JCS-171106","url":null,"abstract":"The administrators of a mission critical network usually have to worry about non-traditional threats, e.g., how to live with known, but unpatchable vulnerabilities, and how to improve the network’s resilience against potentially unknown vulnerabilities. To this end, network hardening is a well-known preventive security solution that aims to improve network security by taking proactive actions, namely, hardening options. However, most existing network hardening approaches rely on a single hardening option, such as disabling unnecessary services, which becomes less effective when it comes to dealing with unknown and unpatchable vulnerabilities. There lacks a heterogeneous approach that can combine different hardening options in an optimal way to deal with both unknown and unpatchable vulnerabilities. In this paper, we propose such an approach by unifying multiple hardening options, such as service diversification, firewall rule modification, adding, removing, and relocating network resources, and access control, all under the same model. We then apply security metrics designed for evaluating network resilience against unknown and unpatchable vulnerabilities, and consequently derive optimal solutions to maximize security under given cost constraints. Finally, we study the effectiveness of our solution against unpatchable vulnerabilities through simulations.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122771242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Privacy-preserving verifiable elastic net among multiple institutions in the cloud","authors":"Jun Zhang, Meiqi He, Gongxian Zeng, S. Yiu","doi":"10.3233/JCS-171107","DOIUrl":"https://doi.org/10.3233/JCS-171107","url":null,"abstract":"","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"82 23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126220795","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Benny Fuhry, Raad Bahmani, Ferdinand Brasser, Florian Hahn, F. Kerschbaum, A. Sadeghi
{"title":"HardIDX: Practical and secure index with SGX in a malicious environment","authors":"Benny Fuhry, Raad Bahmani, Ferdinand Brasser, Florian Hahn, F. Kerschbaum, A. Sadeghi","doi":"10.3233/JCS-171103","DOIUrl":"https://doi.org/10.3233/JCS-171103","url":null,"abstract":"","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133719452","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Tanmoy Chakraborty, S. Jajodia, Noseong Park, Andrea Pugliese, Edoardo Serra, V. S. Subrahmanian
Most past work on honeypots has made two assumptions: (i) they assume that the only defensive measure used is a honeypot mechanism, and (ii) they do not consider both rational and subrational adversaries and do not reason with an adversary model when placing honeypots. However, real-world system security officers use a mix of instruments such as traditional defenses (e.g. firewalls, intrusion detection systems), and honeypots form only one portion of the strategy. Moreover, the placement of traditional defenses and honeypots cannot be done independently. In this paper, we consider a Stackelbergstyle game situation where the defender models the attacker and uses that model to identify the best placement of traditional defenses and honeypots. We provide a formal definition of undamaged asset value (i.e. the value that is not compromised by the attacker) under a given defensive strategy and show that the problem of finding the best placement so as to maximize undamaged asset value is NP-hard. We propose a greedy algorithm and show via experiments, both on real enterprise networks and on ones generated by the well-known network simulation tool NS-2, that our algorithm quickly computes near optimal placements. As such, our method is both practical and effective.
{"title":"Hybrid adversarial defense: Merging honeypots and traditional security methods","authors":"Tanmoy Chakraborty, S. Jajodia, Noseong Park, Andrea Pugliese, Edoardo Serra, V. S. Subrahmanian","doi":"10.3233/JCS-171094","DOIUrl":"https://doi.org/10.3233/JCS-171094","url":null,"abstract":"Most past work on honeypots has made two assumptions: (i) they assume that the only defensive measure used is a honeypot mechanism, and (ii) they do not consider both rational and subrational adversaries and do not reason with an adversary model when placing honeypots. However, real-world system security officers use a mix of instruments such as traditional defenses (e.g. firewalls, intrusion detection systems), and honeypots form only one portion of the strategy. Moreover, the placement of traditional defenses and honeypots cannot be done independently. In this paper, we consider a Stackelbergstyle game situation where the defender models the attacker and uses that model to identify the best placement of traditional defenses and honeypots. We provide a formal definition of undamaged asset value (i.e. the value that is not compromised by the attacker) under a given defensive strategy and show that the problem of finding the best placement so as to maximize undamaged asset value is NP-hard. We propose a greedy algorithm and show via experiments, both on real enterprise networks and on ones generated by the well-known network simulation tool NS-2, that our algorithm quickly computes near optimal placements. As such, our method is both practical and effective.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121096046","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Patrick Luckett, J. McDonald, W. Glisson, Ryan G. Benton, Joel A. Dawson, Blair A. Doyle
This is a post-print version of this article to see the final version go to the following citation �Patrick Luckett, J. Todd McDonald, William B. Glisson, Ryan Benton, Joel Dawson, Blair A. Doyle, "Identifying stealth malware using CPU power consumption and learning algorithms". Journal of Computer Security 26(2018) 589-613. DOI 10.3233/JCS-171060
这是本文的打印后版本,查看最终版本请参见以下引用Patrick Luckett, J. Todd McDonald, William B. Glisson, Ryan Benton, Joel Dawson, Blair a . Doyle,“使用CPU功耗和学习算法识别隐形恶意软件”。计算机安全26(2018):589-613。DOI 10.3233 / jcs - 171060
{"title":"Identifying stealth malware using CPU power consumption and learning algorithms","authors":"Patrick Luckett, J. McDonald, W. Glisson, Ryan G. Benton, Joel A. Dawson, Blair A. Doyle","doi":"10.3233/JCS-171060","DOIUrl":"https://doi.org/10.3233/JCS-171060","url":null,"abstract":"This is a post-print version of this article to see the final version go to the following citation \u0000Patrick Luckett, J. Todd McDonald, William B. Glisson, Ryan Benton, Joel Dawson, Blair A. Doyle, \"Identifying stealth malware using CPU power consumption and learning algorithms\". Journal of Computer Security 26(2018) 589-613. DOI 10.3233/JCS-171060","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124881386","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Temporal role-based access control models support the specification and enforcement of several temporal constraints on role enabling, role activation, and temporal role hierarchies among others. In this paper, we define three mappings that preserve the solutions to a class of policy problems: they map security analysis problems in presence of static temporal role hierarchies to problems without them. We show how our mappings can be used to extend the capabilities of a tool for the analysis of administrative temporal role-based access control policies to reason in presence of temporal role hierarchies. We carried out an experimental evaluation with a prototype implementation, which highlighted that one of the proposed mappings behaves better than the other two. To the best of our knowledge, ours is the first tool capable of reasoning with (static) temporal role hierarchies.
{"title":"Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies","authors":"Silvio Ranise, A. Truong, L. Viganò","doi":"10.3233/JCS-15756","DOIUrl":"https://doi.org/10.3233/JCS-15756","url":null,"abstract":"Temporal role-based access control models support the specification and enforcement of several temporal constraints on role enabling, role activation, and temporal role hierarchies among others. In this paper, we define three mappings that preserve the solutions to a class of policy problems: they map security analysis problems in presence of static temporal role hierarchies to problems without them. We show how our mappings can be used to extend the capabilities of a tool for the analysis of administrative temporal role-based access control policies to reason in presence of temporal role hierarchies. We carried out an experimental evaluation with a prototype implementation, which highlighted that one of the proposed mappings behaves better than the other two. To the best of our knowledge, ours is the first tool capable of reasoning with (static) temporal role hierarchies.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"99 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126710810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Per A. Hallgren, R. Kishore, Martín Ochoa, A. Sabelfeld
{"title":"Assuring BetterTimes","authors":"Per A. Hallgren, R. Kishore, Martín Ochoa, A. Sabelfeld","doi":"10.3233/JCS-171085","DOIUrl":"https://doi.org/10.3233/JCS-171085","url":null,"abstract":"","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123853806","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
K. Balagani, Paolo Gasti, Aaron Elliott, Azriel Richardson, M. O'Neal
In this paper, we show that keystroke latencies used in continuous user authentication systems disclose application context, i.e., in which application user is entering text. Using keystroke data collected from 62 subjects, we show that an adversary can infer application context from keystroke latencies with 95.15% accuracy. To prevent leakage from keystroke latencies, and prevent exposure of application context, we develop privacy-preserving authentication protocols in the outsourced authentication model. Our protocols implement two popular matching algorithms designed for keystroke authentication, called Absolute (“A”) and Relative (“R”). With our protocols, the client reveals no information to the server during authentication, besides the authentication result. Our experiments show that these protocols are fast in practice: with 100 keystroke features, authentication was completed in about one second with the “A” protocol, and in 595 ms with the “R” protocol. Further, because the asymptotic cost of our protocols is linear, they can scale to a large number of features. On the other hand, by leveraging application context we were able to reduce HTER from 14.7% with application-agnostic templates, to as low as 5.8% with application-specific templates.
{"title":"The impact of application context on privacy and performance of keystroke authentication systems","authors":"K. Balagani, Paolo Gasti, Aaron Elliott, Azriel Richardson, M. O'Neal","doi":"10.3233/JCS-171017","DOIUrl":"https://doi.org/10.3233/JCS-171017","url":null,"abstract":"In this paper, we show that keystroke latencies used in continuous user authentication systems disclose application context, i.e., in which application user is entering text. Using keystroke data collected from 62 subjects, we show that an adversary can infer application context from keystroke latencies with 95.15% accuracy. To prevent leakage from keystroke latencies, and prevent exposure of application context, we develop privacy-preserving authentication protocols in the outsourced authentication model. Our protocols implement two popular matching algorithms designed for keystroke authentication, called Absolute (“A”) and Relative (“R”). With our protocols, the client reveals no information to the server during authentication, besides the authentication result. Our experiments show that these protocols are fast in practice: with 100 keystroke features, authentication was completed in about one second with the “A” protocol, and in 595 ms with the “R” protocol. Further, because the asymptotic cost of our protocols is linear, they can scale to a large number of features. On the other hand, by leveraging application context we were able to reduce HTER from 14.7% with application-agnostic templates, to as low as 5.8% with application-specific templates.","PeriodicalId":142580,"journal":{"name":"J. Comput. Secur.","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114425248","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: