Software is a valuable form of data, representing significant intellectual property, and reverse engineering of software code by competitors may reveal important technological secrets. This problem becomes more serious when facing with the platform independent language - Java byte code. We introduce an inter-classes software obfuscation technique which extracts the codes of some methods in user-defined classes and embeds them into some other object's methods in the object pool. Since all objects in the object pool are upcast to their common base type, which object's method will really execute can only be ascertained at runtime. Thus, drastically obscured the program flow. Combined with some enhanced mechanisms, this technique can even resist to dynamic analysis to a certain extent. Experimental result shows that there is little influence to the execution efficiency.
{"title":"An Inter-Classes Obfuscation Method for Java Program","authors":"Xuesong Zhang, Fengling He, Wanli Zuo","doi":"10.1109/ISA.2008.49","DOIUrl":"https://doi.org/10.1109/ISA.2008.49","url":null,"abstract":"Software is a valuable form of data, representing significant intellectual property, and reverse engineering of software code by competitors may reveal important technological secrets. This problem becomes more serious when facing with the platform independent language - Java byte code. We introduce an inter-classes software obfuscation technique which extracts the codes of some methods in user-defined classes and embeds them into some other object's methods in the object pool. Since all objects in the object pool are upcast to their common base type, which object's method will really execute can only be ascertained at runtime. Thus, drastically obscured the program flow. Combined with some enhanced mechanisms, this technique can even resist to dynamic analysis to a certain extent. Experimental result shows that there is little influence to the execution efficiency.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133745800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Password authentication has been adopted as one of the most commonly used solutions in network environments to protect resources from unauthorized access. Recently, Khan et al. proposed an efficient fingerprint-based remote user authentication scheme with smart cards, in which a password/verification table is not required on the remote server, and users are allowed to choose and update their passwords freely. In this paper, we show that their scheme is vulnerable to the parallel session attack. Furthermore, their scheme is susceptible to the impersonation attack provided that the information stored in the smart card is disclosed by an adversary. We also propose an improved scheme which is immune to the presented attacks.
{"title":"Improvement of a Fingerprint-Based Remote User Authentication Scheme","authors":"Jing Xu, W. Zhu, Deng-guo Feng","doi":"10.1109/ISA.2008.62","DOIUrl":"https://doi.org/10.1109/ISA.2008.62","url":null,"abstract":"Password authentication has been adopted as one of the most commonly used solutions in network environments to protect resources from unauthorized access. Recently, Khan et al. proposed an efficient fingerprint-based remote user authentication scheme with smart cards, in which a password/verification table is not required on the remote server, and users are allowed to choose and update their passwords freely. In this paper, we show that their scheme is vulnerable to the parallel session attack. Furthermore, their scheme is susceptible to the impersonation attack provided that the information stored in the smart card is disclosed by an adversary. We also propose an improved scheme which is immune to the presented attacks.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124250475","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nowadays, technologies of information security have been attached more and more importance to and it's a critical problem to take measures to ensure the reliability of related trustworthy software such as secure operating systems (SOSs). Thereafter, it's always necessary for such systems to be taken complete and rigorous security test and evaluation among development team and/or by third-party security certification organization. However, such software testing is usually time consuming, cost consuming and boresome and thus technologies of software testing automation have alluring application foreground in that field. In this paper, methods and technologies about how to test a SOS automatically are discussed in breadth and in depth at first. Then least privilege is studied and the corresponding modules of security enhancement are added to Linux based on Linux Kernel Modules (LKM). Finally, a prototype of automatic security testing as to such least privilege mechanism is implemented and the results are analyzed.
{"title":"Implementation and Automatic Testing for Security Enhancement of Linux Based on Least Privilege","authors":"Gaoshou Zhai, Jie Zeng, Miaoxia Ma, L. Zhang","doi":"10.1109/ISA.2008.61","DOIUrl":"https://doi.org/10.1109/ISA.2008.61","url":null,"abstract":"Nowadays, technologies of information security have been attached more and more importance to and it's a critical problem to take measures to ensure the reliability of related trustworthy software such as secure operating systems (SOSs). Thereafter, it's always necessary for such systems to be taken complete and rigorous security test and evaluation among development team and/or by third-party security certification organization. However, such software testing is usually time consuming, cost consuming and boresome and thus technologies of software testing automation have alluring application foreground in that field. In this paper, methods and technologies about how to test a SOS automatically are discussed in breadth and in depth at first. Then least privilege is studied and the corresponding modules of security enhancement are added to Linux based on Linux Kernel Modules (LKM). Finally, a prototype of automatic security testing as to such least privilege mechanism is implemented and the results are analyzed.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":" 38","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120831063","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
OAEP is widely accepted because of its provable security and practicability. However, there was a twist in the security proof in the random oracle model. Shoup revealed a flaw in the original security proof by Bellare and Rogaway. In this paper, a revision of the security proof is presented to fix the flaw. Furthermore, compared with some existing improved prove methods, the revised proof is applicable for the underlying trapdoor permutation being a general case.
{"title":"Revision of Security Proof on f-OAEP","authors":"Jie Liu, Gongliang Chen, Jianhua Li","doi":"10.1109/ISA.2008.38","DOIUrl":"https://doi.org/10.1109/ISA.2008.38","url":null,"abstract":"OAEP is widely accepted because of its provable security and practicability. However, there was a twist in the security proof in the random oracle model. Shoup revealed a flaw in the original security proof by Bellare and Rogaway. In this paper, a revision of the security proof is presented to fix the flaw. Furthermore, compared with some existing improved prove methods, the revised proof is applicable for the underlying trapdoor permutation being a general case.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125997429","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Since the rapid development of the Internet, many advertisers would want to introduce their goods on Web sites. For achieving fair network advertisement payment, a payment system may need to evaluate the number of visited clients for particular Web pages. However, advertisers fear that Web servers inflate the number of metering. Also, Web servers fear to receive a forged witness from a client. If one of the above situations happened, the payment of network advertisement is unfair. In this paper, we propose a user-efficient and fair Web metering scheme for ubiquitous environments, where clients can use various intelligent devices to obtain their desired services at any time and any place.
{"title":"A Web Metering Scheme for Fair Advertisement Transactions","authors":"Ren-Chiun Wang, Wen-Shenq Juang, C. Lei","doi":"10.1109/ISA.2008.48","DOIUrl":"https://doi.org/10.1109/ISA.2008.48","url":null,"abstract":"Since the rapid development of the Internet, many advertisers would want to introduce their goods on Web sites. For achieving fair network advertisement payment, a payment system may need to evaluate the number of visited clients for particular Web pages. However, advertisers fear that Web servers inflate the number of metering. Also, Web servers fear to receive a forged witness from a client. If one of the above situations happened, the payment of network advertisement is unfair. In this paper, we propose a user-efficient and fair Web metering scheme for ubiquitous environments, where clients can use various intelligent devices to obtain their desired services at any time and any place.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129762963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the noise page elimination algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo simulation.
{"title":"Cyber Criminal Activity Analysis Models using Markov Chain for Digital Forensics","authors":"Do Do Kim, H. In","doi":"10.1109/ISA.2008.90","DOIUrl":"https://doi.org/10.1109/ISA.2008.90","url":null,"abstract":"Recognizing links between offender patterns is one of the most crucial skills of an investigator. Early recognition of similar patterns can lead to focusing resources, improving clearance rates, and ultimately saving lives in terms of digital forensics. In this paper we propose a forensics methodology using Markov chain during a given time interval for tracking and predicting the degree of criminal activity as it evolves over time. In other words, we describe intrusion scenario, and classify profiling of user's behavior by prior probability based Markov chain. Also, we apply the noise page elimination algorithm (NPEA) to reduce an error of probability prediction. Finally, we have experiment our model on dataset and have analysis their accuracy by Monte Carlo simulation.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"24 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127095458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In Internet environment, software needs to be tested sufficiently before it is considered dependable. The operational profile based testing is an efficient way for both the reliability testing and the security testing. In practice, the two kinds of testing are often carried out separately to validate the dependability of the software, but it is resources consuming to develop the operational profile and security intrusion profile. In this paper, the feasibilities and the benefits of the idea of taking the dependability testing are given. Since the testing profile is often different from the operational profile with the influence of the security testing, a description method of the testing profile is needed. A brief analysis of the description of operational profile is made, and on the base of the extended operational profile, the method to describe the dependability testing profile is proposed.
{"title":"Research on Software Dependability Testing Profile in Internet Environment","authors":"Changjie Ma, J. Zhao, Guochang Gu, X. Ma","doi":"10.1109/ISA.2008.20","DOIUrl":"https://doi.org/10.1109/ISA.2008.20","url":null,"abstract":"In Internet environment, software needs to be tested sufficiently before it is considered dependable. The operational profile based testing is an efficient way for both the reliability testing and the security testing. In practice, the two kinds of testing are often carried out separately to validate the dependability of the software, but it is resources consuming to develop the operational profile and security intrusion profile. In this paper, the feasibilities and the benefits of the idea of taking the dependability testing are given. Since the testing profile is often different from the operational profile with the influence of the security testing, a description method of the testing profile is needed. A brief analysis of the description of operational profile is made, and on the base of the extended operational profile, the method to describe the dependability testing profile is proposed.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130257209","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Denial of Service attacks are one of the major type of problems in the computer network security. Because they include many other type of attacks they are one of the most frequently used attack methods.. In general, DoS attacks are used to block access to the computer networks or personal computers. SYN flooding attack is the most widespread of the DoS attacks. In these attacks normal SYN packets can not be distinguished from the SYN attack packets. In this paper, we propose a fuzzy logic based system for detecting SYN flooding attacks. Performance of the proposed system has been compared with Cumulative Sum (CUSUM) algorithm. The simulation results show that the proposed system has better performance for low and high intensity attacks than the CUSUM algorithm.
{"title":"Detection SYN Flooding Attacks Using Fuzzy Logic","authors":"T. Tuncer, Y. Tatar","doi":"10.1109/ISA.2008.50","DOIUrl":"https://doi.org/10.1109/ISA.2008.50","url":null,"abstract":"Denial of Service attacks are one of the major type of problems in the computer network security. Because they include many other type of attacks they are one of the most frequently used attack methods.. In general, DoS attacks are used to block access to the computer networks or personal computers. SYN flooding attack is the most widespread of the DoS attacks. In these attacks normal SYN packets can not be distinguished from the SYN attack packets. In this paper, we propose a fuzzy logic based system for detecting SYN flooding attacks. Performance of the proposed system has been compared with Cumulative Sum (CUSUM) algorithm. The simulation results show that the proposed system has better performance for low and high intensity attacks than the CUSUM algorithm.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122320361","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The paper gives an overview of the security issue on WiMAX, which is a new and hot research point for telecommunication and computer scientist. In the IEEE 802.11 technology, security was added later while IEEE 802.16 considered the security issues during the design of the protocol. However, security mechanism of the IEEE 802.16 still remains a question. WiMAX is relatively a new technology and does not deployed widely to justify the evidence of threats, risk and vulnerability in real situations. We also discuss how to apply neural cryptography at WiMAX application in the end.
{"title":"Security Research on WiMAX with Neural Cryptography","authors":"Dong Hu, Yuyan Wang","doi":"10.1109/ISA.2008.17","DOIUrl":"https://doi.org/10.1109/ISA.2008.17","url":null,"abstract":"The paper gives an overview of the security issue on WiMAX, which is a new and hot research point for telecommunication and computer scientist. In the IEEE 802.11 technology, security was added later while IEEE 802.16 considered the security issues during the design of the protocol. However, security mechanism of the IEEE 802.16 still remains a question. WiMAX is relatively a new technology and does not deployed widely to justify the evidence of threats, risk and vulnerability in real situations. We also discuss how to apply neural cryptography at WiMAX application in the end.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126684408","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Now computer and electronic device technology has been monopolized by binary system, not only unable to break through the existing technology bottleneck, but bring a lot of potential safety problems. Aiming at this question, a new electronic communication technology is presented in this paper. The technology quantifies the time axis and the voltage axis synchronously, uses the quantified time dot as the address of the communication, and realizes the transmission of the multi-system [1] data via transmitting the multi-steps voltage quantification. The technology solves the bottleneck problem of the speed, circuit and electromagnetism in the electronic communication, changes the binary system coding mode and communication connection form of the electronic device, reduces the transmission quantity of the redundant information, advances the security of electronic system and network, debases the complexity of the devices connection, enhances the rate of the processing and the transmission, simplifies the transformation between the difference protocols. The experimental results approve the validity and the robustness of the technology.
{"title":"A New Electronic Communication Technology - VT Position Code Communication Technology and Its Implementation","authors":"S.Y. Zhou, G.H. Qin, Y. Jin","doi":"10.1109/ISA.2008.43","DOIUrl":"https://doi.org/10.1109/ISA.2008.43","url":null,"abstract":"Now computer and electronic device technology has been monopolized by binary system, not only unable to break through the existing technology bottleneck, but bring a lot of potential safety problems. Aiming at this question, a new electronic communication technology is presented in this paper. The technology quantifies the time axis and the voltage axis synchronously, uses the quantified time dot as the address of the communication, and realizes the transmission of the multi-system [1] data via transmitting the multi-steps voltage quantification. The technology solves the bottleneck problem of the speed, circuit and electromagnetism in the electronic communication, changes the binary system coding mode and communication connection form of the electronic device, reduces the transmission quantity of the redundant information, advances the security of electronic system and network, debases the complexity of the devices connection, enhances the rate of the processing and the transmission, simplifies the transformation between the difference protocols. The experimental results approve the validity and the robustness of the technology.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114176734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: