Many proposals have been made to solve the privacy implications of RFID systems: The main idea to ensure location privacy is to change the identifiers of RFID tags regularly. For building inter-organizational RFID systems, pseudonyms can be used to provide a link to the respective owner of a tag without affecting location privacy. Based on these considerations, in this paper a pseudonymization infrastructure is presented that is based on one-way hash functions and thus is a better fit for the specific demands of resource scarce tags than approaches based on public key cryptography
{"title":"A hash-based pseudonymization infrastructure for RFID systems","authors":"Dirk Henrici, Joachim Götze, P. Müller","doi":"10.1109/SECPERU.2006.2","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.2","url":null,"abstract":"Many proposals have been made to solve the privacy implications of RFID systems: The main idea to ensure location privacy is to change the identifiers of RFID tags regularly. For building inter-organizational RFID systems, pseudonyms can be used to provide a link to the respective owner of a tag without affecting location privacy. Based on these considerations, in this paper a pseudonymization infrastructure is presented that is based on one-way hash functions and thus is a better fit for the specific demands of resource scarce tags than approaches based on public key cryptography","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115989333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ad hoc routing protocols have been designed to efficiently reroute traffic when confronted with network congestion, faulty nodes, and dynamically changing topologies. The common design goal of reactive, proactive, and hybrid ad hoc routing protocols is to faithfully route packets from a source node to a destination node while maintaining a satisfactory level of service in a resource-constrained environment. Detecting malicious nodes in an open ad hoc network in which participating nodes have no previous security associations presents a number of challenges not faced by traditional wired networks. Traffic monitoring in wired networks is usually performed at switches, routers and gateways, but an ad hoc network does not have these types of network elements where the intrusion detection system (IDS) can collect and analyze audit data for the entire network. A number of neighbor-monitoring, trust-building, and cluster-based voting schemes have been proposed in the research to enable the detection and reporting of malicious activity in ad hoc networks. The resources consumed by ad hoc network member nodes to monitor, detect, report, and diagnose malicious activity, however, may be greater than simply rerouting packets through a different available path. This paper presents a method for determining conditions under which critical nodes should be monitored, describes the details of a critical node test implementation, presents experimental results, and offers a new approach for conserving the limited resources of an ad hoc network IDS
{"title":"Detecting critical nodes for MANET intrusion detection systems","authors":"A. Karygiannis, E. Antonakakis, A. Apostolopoulos","doi":"10.1109/SECPERU.2006.8","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.8","url":null,"abstract":"Ad hoc routing protocols have been designed to efficiently reroute traffic when confronted with network congestion, faulty nodes, and dynamically changing topologies. The common design goal of reactive, proactive, and hybrid ad hoc routing protocols is to faithfully route packets from a source node to a destination node while maintaining a satisfactory level of service in a resource-constrained environment. Detecting malicious nodes in an open ad hoc network in which participating nodes have no previous security associations presents a number of challenges not faced by traditional wired networks. Traffic monitoring in wired networks is usually performed at switches, routers and gateways, but an ad hoc network does not have these types of network elements where the intrusion detection system (IDS) can collect and analyze audit data for the entire network. A number of neighbor-monitoring, trust-building, and cluster-based voting schemes have been proposed in the research to enable the detection and reporting of malicious activity in ad hoc networks. The resources consumed by ad hoc network member nodes to monitor, detect, report, and diagnose malicious activity, however, may be greater than simply rerouting packets through a different available path. This paper presents a method for determining conditions under which critical nodes should be monitored, describes the details of a critical node test implementation, presents experimental results, and offers a new approach for conserving the limited resources of an ad hoc network IDS","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125739869","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
At Crypto'05, Juels and Weis introduce HB+, an enhancement of the Hopper and Blum (HB) authentication protocol. This protocol HB+ is proven secure against active attacks, though preserving HB's advantages: mainly, requiring so few resources to run that it can be implemented on an RFID tag. However, in a wider adversarial model, Gilbert, Robshaw and Sibert exhibit a very effective attack against H+. We here show how a modification of the HB + protocol thwarts Gilbert et al's attack. The resulting protocol, HB++, remains a good choice for RFID authentication
在Crypto'05上,Juels和Weis介绍了HB+,这是Hopper and Blum (HB)认证协议的增强版。虽然保留了HB的优点,但该协议HB+已被证明可以安全抵御主动攻击:主要是需要很少的资源来运行,因此可以在RFID标签上实现。然而,在更广泛的对抗模型中,Gilbert, Robshaw和Sibert对H+的攻击非常有效。我们在这里展示了HB +协议的修改如何阻止Gilbert等人的攻击。由此产生的协议hb++仍然是RFID身份验证的好选择
{"title":"HB^+^+: a Lightweight Authentication Protocol Secure against Some Attacks","authors":"J. Bringer, H. Chabanne, Emmanuelle Dottax","doi":"10.1109/SECPERU.2006.10","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.10","url":null,"abstract":"At Crypto'05, Juels and Weis introduce HB+, an enhancement of the Hopper and Blum (HB) authentication protocol. This protocol HB+ is proven secure against active attacks, though preserving HB's advantages: mainly, requiring so few resources to run that it can be implemented on an RFID tag. However, in a wider adversarial model, Gilbert, Robshaw and Sibert exhibit a very effective attack against H+. We here show how a modification of the HB + protocol thwarts Gilbert et al's attack. The resulting protocol, HB++, remains a good choice for RFID authentication","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115323287","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Network-based intrusion detection systems (IDSs) are designed to monitor potential attacks in network infrastructures. IDSs trigger alerts of potential attacks in network security. These alerts are examined by security analysts to see if they are benign or attacks. However these alerts consist of high volumes of false positives, which are triggered by suspicious but normal, benign connections. These high volumes of false positives make manual analysis of the alerts difficult and inefficient in real-time detection and response. In this paper, we discuss briefly the significance of false positives and their impact on intrusion detection and response. Then we propose a novel approach for an efficient intelligent detection and response through the reduction of false positives. The intelligent strategy consists of technique with multiple zones for isolation and interaction with the hosts from which the packets were sent in real-time. We propose multiple feedback methods to the IDS monitor and database to indicate the status of the alerts. These innovative approaches, using NQC and feedback mechanisms enhance the capability of the IDS to detect threats and benign attacks. This is accomplished by applying adaptive rules to the alert filters and policies of the IDS network sensors
{"title":"An intelligent detection and response strategy to false positives and network attacks: operation of network quarantine channels and feedback methods to IDS","authors":"E. Hooper","doi":"10.1109/SECPERU.2006.5","DOIUrl":"https://doi.org/10.1109/SECPERU.2006.5","url":null,"abstract":"Network-based intrusion detection systems (IDSs) are designed to monitor potential attacks in network infrastructures. IDSs trigger alerts of potential attacks in network security. These alerts are examined by security analysts to see if they are benign or attacks. However these alerts consist of high volumes of false positives, which are triggered by suspicious but normal, benign connections. These high volumes of false positives make manual analysis of the alerts difficult and inefficient in real-time detection and response. In this paper, we discuss briefly the significance of false positives and their impact on intrusion detection and response. Then we propose a novel approach for an efficient intelligent detection and response through the reduction of false positives. The intelligent strategy consists of technique with multiple zones for isolation and interaction with the hosts from which the packets were sent in real-time. We propose multiple feedback methods to the IDS monitor and database to indicate the status of the alerts. These innovative approaches, using NQC and feedback mechanisms enhance the capability of the IDS to detect threats and benign attacks. This is accomplished by applying adaptive rules to the alert filters and policies of the IDS network sensors","PeriodicalId":174651,"journal":{"name":"Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115085029","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: