Grammars are used to describe sentences structure, thanks to some sets of rules, which depends on the grammar type. A classification of grammars has been made by Noam Chomsky, which led to four well-known types. Yet, there are other types of grammars, which do not exactly fit in Chomsky's classification, such as the two-level grammars. As their name suggests it, the main idea behind these grammars is that they are composed of two grammars. Van Wijngaarden grammars, particularly, are such grammars. They are interesting by their power (expressiveness), which can be the same, under some hypotheses, as the most powerful grammars of Chomsky's classification, i.e. Type 0 grammars. Another point of interest is their relative conciseness and readability. Van Wijngaarden grammars can describe static and dynamic semantic of a language. So, by using them as a generative engine, it is possible to generate a possibly infinite set of words, while assuring us that they all have the same semantic.
{"title":"Van Wijngaarden Grammars and Metamorphism","authors":"Gueguen Geoffroy","doi":"10.1109/ARES.2011.72","DOIUrl":"https://doi.org/10.1109/ARES.2011.72","url":null,"abstract":"Grammars are used to describe sentences structure, thanks to some sets of rules, which depends on the grammar type. A classification of grammars has been made by Noam Chomsky, which led to four well-known types. Yet, there are other types of grammars, which do not exactly fit in Chomsky's classification, such as the two-level grammars. As their name suggests it, the main idea behind these grammars is that they are composed of two grammars. Van Wijngaarden grammars, particularly, are such grammars. They are interesting by their power (expressiveness), which can be the same, under some hypotheses, as the most powerful grammars of Chomsky's classification, i.e. Type 0 grammars. Another point of interest is their relative conciseness and readability. Van Wijngaarden grammars can describe static and dynamic semantic of a language. So, by using them as a generative engine, it is possible to generate a possibly infinite set of words, while assuring us that they all have the same semantic.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"196 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122972675","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Social engineering attack using real/fake organization's uniform is frequent everywhere in the world. If anyone can verify the uniformed person in front of him/her quickly, they can escape the damage from above fraud. So in this paper, we studied and proposed the uniformed person verification system. First, we developed the uniform-wearing detection system using IBC technology as a basis of our target system. Second, we made a prototype system which can notify verifier (genuine officer/employee) whether uniformed person in front of him/her is genuine officer/employee or not. High practicality, reliability, and safety of the prototype system were demonstrated by experimenting with actual uniform.
{"title":"A Study of Prevention for Social Engineering Attacks Using Real/Fake Organization's Uniforms: Application of Radio and Intra-Body Communication Technologies","authors":"M. Fujikawa, M. Nishigaki","doi":"10.1109/ARES.2011.123","DOIUrl":"https://doi.org/10.1109/ARES.2011.123","url":null,"abstract":"Social engineering attack using real/fake organization's uniform is frequent everywhere in the world. If anyone can verify the uniformed person in front of him/her quickly, they can escape the damage from above fraud. So in this paper, we studied and proposed the uniformed person verification system. First, we developed the uniform-wearing detection system using IBC technology as a basis of our target system. Second, we made a prototype system which can notify verifier (genuine officer/employee) whether uniformed person in front of him/her is genuine officer/employee or not. High practicality, reliability, and safety of the prototype system were demonstrated by experimenting with actual uniform.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116722307","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Infovis enables us to combine the language of the eyes with the language of the mind, empowering all manner of people to be data detectives. Formalised processes for the integration of infovis techniques within the digital forensics domain are few and far between. One such process, the Explore, Investigate and Correlate process has been developed and provides a series of phases and key principles on which to build systems that integrate infovis techniques within the digital forensics investigative workflow. This paper presents refinements to this process and a proof-of-concept implementation. How the implementation achieves the goals of the process, the techniques it uses and how it helps to reduce information overload within the digital forensics domain are examined.
{"title":"Digital Forensics Infovis: An Implementation of a Process for Visualisation of Digital Evidence","authors":"G. Osborne, J. Slay","doi":"10.1109/ARES.2011.36","DOIUrl":"https://doi.org/10.1109/ARES.2011.36","url":null,"abstract":"Infovis enables us to combine the language of the eyes with the language of the mind, empowering all manner of people to be data detectives. Formalised processes for the integration of infovis techniques within the digital forensics domain are few and far between. One such process, the Explore, Investigate and Correlate process has been developed and provides a series of phases and key principles on which to build systems that integrate infovis techniques within the digital forensics investigative workflow. This paper presents refinements to this process and a proof-of-concept implementation. How the implementation achieves the goals of the process, the techniques it uses and how it helps to reduce information overload within the digital forensics domain are examined.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"108 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134046861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Transparency is crucial to ensuring fair, honest elections. Transparency is achieved by making information (e.g. election result) public. In e-voting literature, this publication is often described in terms of a bulletin board. While privacy of voting systems has been actively studied in recent years, resulting in various analysis frameworks, to date there has not been an explicit modelling of bulletin board in any such framework. Privacy implications of bulletin boards are thus understudied. In this paper, we extend the semantics of the framework of Jonker, Mauw and Pang to model a bulletin board and capture coercion-resistance. The usage of the extended framework is illustrated by an application to the Pret a Voter voting system. Moreover, we present an information-theoretical measure of privacy loss in elections.
透明度对于确保公平、诚实的选举至关重要。透明度是通过公开信息(例如选举结果)来实现的。在电子投票文献中,这种出版物通常被描述为公告板。虽然近年来对投票系统的隐私进行了积极研究,产生了各种分析框架,但迄今为止,在任何此类框架中都没有明确的公告板建模。因此,电子公告板对隐私的影响尚未得到充分研究。在本文中,我们扩展了Jonker, Mauw和Pang框架的语义来模拟公告板并捕获矫顽性。通过Pret a Voter投票系统的一个应用程序说明了扩展框架的使用。此外,我们提出了选举中隐私损失的信息理论测量。
{"title":"Bulletin Boards in Voting Systems: Modelling and Measuring Privacy","authors":"H. Jonker, Jun Pang","doi":"10.1109/ARES.2011.50","DOIUrl":"https://doi.org/10.1109/ARES.2011.50","url":null,"abstract":"Transparency is crucial to ensuring fair, honest elections. Transparency is achieved by making information (e.g. election result) public. In e-voting literature, this publication is often described in terms of a bulletin board. While privacy of voting systems has been actively studied in recent years, resulting in various analysis frameworks, to date there has not been an explicit modelling of bulletin board in any such framework. Privacy implications of bulletin boards are thus understudied. In this paper, we extend the semantics of the framework of Jonker, Mauw and Pang to model a bulletin board and capture coercion-resistance. The usage of the extended framework is illustrated by an application to the Pret a Voter voting system. Moreover, we present an information-theoretical measure of privacy loss in elections.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130578883","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We use the cyber-physical systems (CPS) framework to infuse intelligent adaptation behaviors in complex network systems to achieve dependability. The CPS framework is anchored on "intelligent physical worlds" (IPW) around which complex adaptation behaviors are built. An IPW is an embodiment of control software functions wrapped around the raw physical processes (e.g., servers, links, sensors, actuators), performing the core system activities while adapting its behavior to the changing environment conditions and user inputs. The IPW exhibits an intelligent behavior over a limited operating region of the system (in contrast with traditional models where the physical world is dumb). To perform over wide operating regions, the IPW interacts with an intelligent computational world (ICW) to patch itself with control parameters and procedures relevant in those changed conditions. The modular decomposition of an application into IPW and ICW lowers the design complexity of dependable network systems, and simplifies the system verification/testing.
{"title":"Cyber-Physical Systems Based Modeling of Dependability of Complex Network Systems","authors":"K. Ravindran","doi":"10.1109/ARES.2011.90","DOIUrl":"https://doi.org/10.1109/ARES.2011.90","url":null,"abstract":"We use the cyber-physical systems (CPS) framework to infuse intelligent adaptation behaviors in complex network systems to achieve dependability. The CPS framework is anchored on \"intelligent physical worlds\" (IPW) around which complex adaptation behaviors are built. An IPW is an embodiment of control software functions wrapped around the raw physical processes (e.g., servers, links, sensors, actuators), performing the core system activities while adapting its behavior to the changing environment conditions and user inputs. The IPW exhibits an intelligent behavior over a limited operating region of the system (in contrast with traditional models where the physical world is dumb). To perform over wide operating regions, the IPW interacts with an intelligent computational world (ICW) to patch itself with control parameters and procedures relevant in those changed conditions. The modular decomposition of an application into IPW and ICW lowers the design complexity of dependable network systems, and simplifies the system verification/testing.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128537131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
M. Fujikawa, Junki Akimoto, F. Oda, K. Moriyasu, S. Fuchi, Y. Takeda
The authors have been engaged in the study of countermeasures to prevent the leak of onscreen movies using a digital video camera. One of the studies is the development of a transparent sheet that emits infrared (IR) light, which is applied to the screen and generates optical noise in the onscreen photographic images when recorded. Another study is the development of a method to detect the presence of the IR-cut filter near the display, which compromises the function of the IR emitting sheet as a countermeasure to prevent video recording using the IR-cut filter. This report is prepared as an advance report because it was confirmed that the feasibility of such countermeasures is enhanced.
{"title":"Study of Countermeasures for Content Leaks by Video Recording","authors":"M. Fujikawa, Junki Akimoto, F. Oda, K. Moriyasu, S. Fuchi, Y. Takeda","doi":"10.1109/ARES.2011.126","DOIUrl":"https://doi.org/10.1109/ARES.2011.126","url":null,"abstract":"The authors have been engaged in the study of countermeasures to prevent the leak of onscreen movies using a digital video camera. One of the studies is the development of a transparent sheet that emits infrared (IR) light, which is applied to the screen and generates optical noise in the onscreen photographic images when recorded. Another study is the development of a method to detect the presence of the IR-cut filter near the display, which compromises the function of the IR emitting sheet as a countermeasure to prevent video recording using the IR-cut filter. This report is prepared as an advance report because it was confirmed that the feasibility of such countermeasures is enhanced.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132083923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
S. Schrittwieser, Peter Kieseberg, I. Echizen, Sven Wohlgemuth, N. Sonehara
In the event of large natural and artificial disasters, it is of vital importance to provide all sorts of data to the relief organizations (fire department, red cross,...) to enhance their effectivity. Still, some of this data (e.g. regarding personal information on health status) may be considered private. k-anonymity can be utilized to mitigate the risks resulting from disclosure of such data, however, sometimes it is not possible to achieve a suitable size for k in order to completely anonymize the data without interfering with rescue operations. Still, this data will be sensitive after the disaster recovery is finished. Thus we aim at protecting the data by devising an intrinsic fingerprinting-scheme that allows to detect the source of eventually disclosed information afterwards. Our approach uses the properties directly derived from the anonymization process to generate unique fingerprints for every data set.
{"title":"Using Generalization Patterns for Fingerprinting Sets of Partially Anonymized Microdata in the Course of Disasters","authors":"S. Schrittwieser, Peter Kieseberg, I. Echizen, Sven Wohlgemuth, N. Sonehara","doi":"10.1109/ARES.2011.101","DOIUrl":"https://doi.org/10.1109/ARES.2011.101","url":null,"abstract":"In the event of large natural and artificial disasters, it is of vital importance to provide all sorts of data to the relief organizations (fire department, red cross,...) to enhance their effectivity. Still, some of this data (e.g. regarding personal information on health status) may be considered private. k-anonymity can be utilized to mitigate the risks resulting from disclosure of such data, however, sometimes it is not possible to achieve a suitable size for k in order to completely anonymize the data without interfering with rescue operations. Still, this data will be sensitive after the disaster recovery is finished. Thus we aim at protecting the data by devising an intrinsic fingerprinting-scheme that allows to detect the source of eventually disclosed information afterwards. Our approach uses the properties directly derived from the anonymization process to generate unique fingerprints for every data set.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"311 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122802790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The evolution of wireless network technologies and the recent advances in mobile computing hardware have made possible the introduction of various applications in mobile adhoc networks. Not only is the infrastructure of these networks inherently vulnerable but they have increased requirements regarding their security as well. As intrusion prevention mechanisms, such as encryption and authentication, are not sufficient regarding security, we need a second line of defence, Intrusion Detection. The focus of this paper is on distributed and intelligent intrusion detection. We propose a model for building a distributed and behavioural intrusion detection system by using a classification method.
{"title":"A Distributed Intrusion Detection Model Based on a Society of Intelligent Mobile Agents for Ad Hoc Network","authors":"Ghenima Bourkache, M. Mezghiche, K. Tamine","doi":"10.1109/ARES.2011.131","DOIUrl":"https://doi.org/10.1109/ARES.2011.131","url":null,"abstract":"The evolution of wireless network technologies and the recent advances in mobile computing hardware have made possible the introduction of various applications in mobile adhoc networks. Not only is the infrastructure of these networks inherently vulnerable but they have increased requirements regarding their security as well. As intrusion prevention mechanisms, such as encryption and authentication, are not sufficient regarding security, we need a second line of defence, Intrusion Detection. The focus of this paper is on distributed and intelligent intrusion detection. We propose a model for building a distributed and behavioural intrusion detection system by using a classification method.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129275809","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The determination of the reliability value for technical systems whose components are subjected to random failure possesses a wide range of applicability, e.g. in data communication networks, computer architectures and electrical power networks. The inherent redundancy structures can be described by reliability block diagrams (RBDs) and by solving those RBDs the reliability of the respective system can be computed. The problem of solving the RBD in order to compute the reliability is well-known as the terminal pair reliability problem. If it is assumed that system components fail independently, pure combinatorial methods can be applied to determine the required probability. However, as soon as there are some dependencies concerning the failure of components we cannot utilize pure combinatorial methods unless we do some suitable modifications which take the dependencies into account. For this purpose we present a hybrid method based on the idea of factoring in combination with series and parallel reductions for systems with dependent component failures. The method is hybrid in the sense that dependent probability terms arisen from our proposed algorithm can be obtained by the help of a stochastic solver. The algorithm comprises clauses for carrying out series and parallel reductions in parallel with factoring. In addition to that we propose how to deal with multiple occurring components.
{"title":"Considering Dependent Components in the Terminal Pair Reliability Problem","authors":"Minh Lê, M. Walter","doi":"10.1109/ARES.2011.91","DOIUrl":"https://doi.org/10.1109/ARES.2011.91","url":null,"abstract":"The determination of the reliability value for technical systems whose components are subjected to random failure possesses a wide range of applicability, e.g. in data communication networks, computer architectures and electrical power networks. The inherent redundancy structures can be described by reliability block diagrams (RBDs) and by solving those RBDs the reliability of the respective system can be computed. The problem of solving the RBD in order to compute the reliability is well-known as the terminal pair reliability problem. If it is assumed that system components fail independently, pure combinatorial methods can be applied to determine the required probability. However, as soon as there are some dependencies concerning the failure of components we cannot utilize pure combinatorial methods unless we do some suitable modifications which take the dependencies into account. For this purpose we present a hybrid method based on the idea of factoring in combination with series and parallel reductions for systems with dependent component failures. The method is hybrid in the sense that dependent probability terms arisen from our proposed algorithm can be obtained by the help of a stochastic solver. The algorithm comprises clauses for carrying out series and parallel reductions in parallel with factoring. In addition to that we propose how to deal with multiple occurring components.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125723400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A balanced approach is needed for developing information security policies in Critical National Infrastructure (CNI) contexts. Requirements Engineering methods can facilitate such an approach, but these tend to focus on either security at the expense of usability, or vice-versa, it is also uncertain whether existing techniques are useful when the time available for applying them is limited. In this paper, we describe a case study where Usability and Requirements Engineering techniques were used to derive missing requirements for an information security policy for a UK water company following reports of the Stuxnet worm. We motivate and describe the approach taken while carrying out this case study, and conclude with three lessons informing future efforts to integrate Security, Usability, and Requirements Engineering techniques for secure system design.
{"title":"User-Centered Information Security Policy Development in a Post-Stuxnet World","authors":"Shamal Faily, I. Flechais","doi":"10.1109/ARES.2011.111","DOIUrl":"https://doi.org/10.1109/ARES.2011.111","url":null,"abstract":"A balanced approach is needed for developing information security policies in Critical National Infrastructure (CNI) contexts. Requirements Engineering methods can facilitate such an approach, but these tend to focus on either security at the expense of usability, or vice-versa, it is also uncertain whether existing techniques are useful when the time available for applying them is limited. In this paper, we describe a case study where Usability and Requirements Engineering techniques were used to derive missing requirements for an information security policy for a UK water company following reports of the Stuxnet worm. We motivate and describe the approach taken while carrying out this case study, and conclude with three lessons informing future efforts to integrate Security, Usability, and Requirements Engineering techniques for secure system design.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123165617","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: