Pub Date : 2017-12-07DOI: 10.4108/eai.7-12-2017.153395
Nicolas Van Balen, C. Ball, Haining Wang
Gender is one of the essential characteristics of personal identity that is often misused by online impostors for malicious purposes. This paper proposes a naturalistic approach for identity protection with a specific focus on using mouse biometrics to ensure accurate gender identification. Our underpinning rationale lies in the fact that men and women differ in their natural aiming movements of a hand held object in twodimensional space due to anthropometric, biomechanical, and perceptual-motor control differences between the genders. Although some research has been done on classifying user by gender using biometrics, to the best of our knowledge, no research has provided a comprehensive list of which metrics (features) of movements are actually relevant to gender classification, or method by which these metrics may be chosen. This can lead to researchers making unguided decisions on which metrics to extract from the data, doing so for convenience or personal preference. Making choices this way can lead to negatively affecting the accuracy of the model by the inclusion of metrics with little relevance to the problem, and excluding metrics of high relevance. In this paper, we outline a method for choosing metrics based on empirical evidence of natural differences in the genders, and make recommendations on the choice of metrics. The efficacy of our method is then tested through the use of a logistic regression model. Received on 29 November 2017; accepted on 02 December 2017; published on 07 December 2017
{"title":"Analysis of Targeted Mouse Movements for Gender Classification","authors":"Nicolas Van Balen, C. Ball, Haining Wang","doi":"10.4108/eai.7-12-2017.153395","DOIUrl":"https://doi.org/10.4108/eai.7-12-2017.153395","url":null,"abstract":"Gender is one of the essential characteristics of personal identity that is often misused by online impostors for malicious purposes. This paper proposes a naturalistic approach for identity protection with a specific focus on using mouse biometrics to ensure accurate gender identification. Our underpinning rationale lies in the fact that men and women differ in their natural aiming movements of a hand held object in twodimensional space due to anthropometric, biomechanical, and perceptual-motor control differences between the genders. Although some research has been done on classifying user by gender using biometrics, to the best of our knowledge, no research has provided a comprehensive list of which metrics (features) of movements are actually relevant to gender classification, or method by which these metrics may be chosen. This can lead to researchers making unguided decisions on which metrics to extract from the data, doing so for convenience or personal preference. Making choices this way can lead to negatively affecting the accuracy of the model by the inclusion of metrics with little relevance to the problem, and excluding metrics of high relevance. In this paper, we outline a method for choosing metrics based on empirical evidence of natural differences in the genders, and make recommendations on the choice of metrics. The efficacy of our method is then tested through the use of a logistic regression model. Received on 29 November 2017; accepted on 02 December 2017; published on 07 December 2017","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"333 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124697415","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-12-07DOI: 10.4108/EAI.7-12-2017.153397
Nicolae Paladi, C. Gehrmann
Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN, a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific preshared keys and propose a novel defense against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead. (Less)
{"title":"Bootstrapping trust in software defined networks","authors":"Nicolae Paladi, C. Gehrmann","doi":"10.4108/EAI.7-12-2017.153397","DOIUrl":"https://doi.org/10.4108/EAI.7-12-2017.153397","url":null,"abstract":"Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN, a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific preshared keys and propose a novel defense against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead. (Less)","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"101 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133633892","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-08DOI: 10.4108/eai.8-12-2016.151725
N. Rowe
For digital forensics, eliminating the uninteresting is often more critical than finding the interesting since there is so much more of it. Published software-file hash values like those of the National Software Reference Library (NSRL) have limited scope. We discuss methods based on analysis of file context using the metadata of a large corpus. Tests were done with an international corpus of 262.7 million files obtained from 4018 drives. For malware investigations, we identify clues to malware in context, and show that using a Bayesian ranking formula on metadata can increase recall by 5.1 while increasing precision by 1.7 times over inspecting executables alone. For more general investigations, we show that using together two of nine criteria for uninteresting files, with exceptions for some special interesting files, can exclude 77.4% of our corpus instead of the 23.8% that were excluded by NSRL. For a test set of 19,784 randomly selected files from our corpus that were manually inspected, false positives after file exclusion (interesting files identified as uninteresting) were 0.18% and false negatives (uninteresting files identified as interesting) were 29.31% using our methods. The generality of the methods was confirmed by separately testing two halves of our corpus. Few of our excluded files were matched in two commercial hash sets. This work provides both new uninteresting hash values and programs for finding more.
{"title":"Identifying forensically uninteresting files in a large corpus","authors":"N. Rowe","doi":"10.4108/eai.8-12-2016.151725","DOIUrl":"https://doi.org/10.4108/eai.8-12-2016.151725","url":null,"abstract":"For digital forensics, eliminating the uninteresting is often more critical than finding the interesting since there is so much more of it. Published software-file hash values like those of the National Software Reference Library (NSRL) have limited scope. We discuss methods based on analysis of file context using the metadata of a large corpus. Tests were done with an international corpus of 262.7 million files obtained from 4018 drives. For malware investigations, we identify clues to malware in context, and show that using a Bayesian ranking formula on metadata can increase recall by 5.1 while increasing precision by 1.7 times over inspecting executables alone. For more general investigations, we show that using together two of nine criteria for uninteresting files, with exceptions for some special interesting files, can exclude 77.4% of our corpus instead of the 23.8% that were excluded by NSRL. For a test set of 19,784 randomly selected files from our corpus that were manually inspected, false positives after file exclusion (interesting files identified as uninteresting) were 0.18% and false negatives (uninteresting files identified as interesting) were 29.31% using our methods. The generality of the methods was confirmed by separately testing two halves of our corpus. Few of our excluded files were matched in two commercial hash sets. This work provides both new uninteresting hash values and programs for finding more.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130305831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-08DOI: 10.4108/eai.8-12-2016.151727
Najlaa Almajed, L. Maglaras, F. Siewe, H. Janicke, P. B. Zadeh
{"title":"Prevention of crime in B2C E-Commerce: How E-Retailers/Banks protect themselves from Criminal Sctivities","authors":"Najlaa Almajed, L. Maglaras, F. Siewe, H. Janicke, P. B. Zadeh","doi":"10.4108/eai.8-12-2016.151727","DOIUrl":"https://doi.org/10.4108/eai.8-12-2016.151727","url":null,"abstract":"","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"197 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116268603","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-08DOI: 10.4108/eai.8-12-2016.151724
H. Janicke, Kevin I. Jones, L. Maglaras
The first issue of the third volume of the EAI transactions on Security and Safety provides an insight to methods and techniques that improve security, safety and privacy of benchmark systems. Actually, two main classes of research results are considered. The first one is on attack prevention and secure planning while the second one is focused on forensics analysis. In particular, in the area of attack preventions and secure planning the issue presents (i) a new model and an algorithm to estimate and generate a network path identified by flow performance indicators of a heterogeneous communication network, (ii) suitable procedures that e-commerce operators may apply to minimize the risk of criminal activities, and (iii) a novel pseudorandom number generator family, called filtering nonlinear feedback shift register for RFID tags. In the area of forensic research the issue presents new findings on new methods exploiting the metadata of a large corpus.
{"title":"Security, Privacy and Trust in Cyber Physical Systems","authors":"H. Janicke, Kevin I. Jones, L. Maglaras","doi":"10.4108/eai.8-12-2016.151724","DOIUrl":"https://doi.org/10.4108/eai.8-12-2016.151724","url":null,"abstract":"The first issue of the third volume of the EAI transactions on Security and Safety provides an insight to methods and techniques that improve security, safety and privacy of benchmark systems. Actually, two main classes of research results are considered. The first one is on attack prevention and secure planning while the second one is focused on forensics analysis. In particular, in the area of attack preventions and secure planning the issue presents (i) a new model and an algorithm to estimate and generate a network path identified by flow performance indicators of a heterogeneous communication network, (ii) suitable procedures that e-commerce operators may apply to minimize the risk of criminal activities, and (iii) a novel pseudorandom number generator family, called filtering nonlinear feedback shift register for RFID tags. In the area of forensic research the issue presents new findings on new methods exploiting the metadata of a large corpus.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116661895","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-08DOI: 10.4108/eai.8-12-2016.151726
K. Mandal, G. Gong
Pseudorandom number generators play an important role to provide security and privacy on radio frequency identification (RFID) tags. In particular, the EPC Class 1 Generation 2 (EPC C1 Gen2) standard uses a pseudorandom number generator in the tag identification protocol. In this paper, we first present a pseudorandom number generator, named the filtering nonlinear feedback shift register using Welch-Gong (WG) transformations (filtering WG-NLFSR) and the filtering WG7-NLFSR for EPC C1 Gen2 RFID tags. We then investigate the periodicity of a sequence generated by the filtering WG-NLFSR by considering the model, named nonlinear feedback shift registers using Welch-Gong (WG) transformations (WG-NLFSR). The periodicity of WG-NLFSR sequences is investigated in two ways. Firstly, we perform the cycle decomposition of WG-NLFSR recurrence relations over different finite fields by computer simulations where the nonlinear recurrence relation is composed of a characteristic polynomial and a WG transformation module. Secondly, we conduct an empirical study on the period distribution of the sequences generated by the WG-NLFSR. The empirical study states that a sequence with period bounded below by the square root of the maximum period can be generated by the WG-NLFSR with high probability for any initial state.
{"title":"Filtering Nonlinear Feedback Shift Registers using Welch-Gong Transformations for Securing RFID Applications","authors":"K. Mandal, G. Gong","doi":"10.4108/eai.8-12-2016.151726","DOIUrl":"https://doi.org/10.4108/eai.8-12-2016.151726","url":null,"abstract":"Pseudorandom number generators play an important role to provide security and privacy on radio frequency identification (RFID) tags. In particular, the EPC Class 1 Generation 2 (EPC C1 Gen2) standard uses a pseudorandom number generator in the tag identification protocol. In this paper, we first present a pseudorandom number generator, named the filtering nonlinear feedback shift register using Welch-Gong (WG) transformations (filtering WG-NLFSR) and the filtering WG7-NLFSR for EPC C1 Gen2 RFID tags. We then investigate the periodicity of a sequence generated by the filtering WG-NLFSR by considering the model, named nonlinear feedback shift registers using Welch-Gong (WG) transformations (WG-NLFSR). The periodicity of WG-NLFSR sequences is investigated in two ways. Firstly, we perform the cycle decomposition of WG-NLFSR recurrence relations over different finite fields by computer simulations where the nonlinear recurrence relation is composed of a characteristic polynomial and a WG transformation module. Secondly, we conduct an empirical study on the period distribution of the sequences generated by the WG-NLFSR. The empirical study states that a sequence with period bounded below by the square root of the maximum period can be generated by the WG-NLFSR with high probability for any initial state.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128056788","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-12-08DOI: 10.4108/eai.8-12-2016.151728
Apala Ray, J. Åkerberg, M. Björkman, M. Gidlund
In an industrial plant, there is usually a mix of devices with different levels of security features and computation capabilities. If a mix of devices with various degrees of security features and ...
{"title":"Assessing Security, Capacity and Reachability of a Heterogeneous Industrial Network during Planning Phase","authors":"Apala Ray, J. Åkerberg, M. Björkman, M. Gidlund","doi":"10.4108/eai.8-12-2016.151728","DOIUrl":"https://doi.org/10.4108/eai.8-12-2016.151728","url":null,"abstract":"In an industrial plant, there is usually a mix of devices with different levels of security features and computation capabilities. If a mix of devices with various degrees of security features and ...","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131590506","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2016-11-22DOI: 10.4108/eai.28-12-2017.153515
Quamar Niyaz, Weiqing Sun, A. Javaid
Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. We propose a deep learning based multi-vector DDoS detection system in a software-defined network (SDN) environment. SDN provides flexibility to program network devices for different objectives and eliminates the need for third-party vendor-specific hardware. We implement our system as a network application on top of an SDN controller. We use deep learning for feature reduction of a large set of features derived from network traffic headers. We evaluate our system based on different performance metrics by applying it on traffic traces collected from different scenarios. We observe high accuracy with a low false-positive for attack detection in our proposed system.
{"title":"A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)","authors":"Quamar Niyaz, Weiqing Sun, A. Javaid","doi":"10.4108/eai.28-12-2017.153515","DOIUrl":"https://doi.org/10.4108/eai.28-12-2017.153515","url":null,"abstract":"Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. We propose a deep learning based multi-vector DDoS detection system in a software-defined network (SDN) environment. SDN provides flexibility to program network devices for different objectives and eliminates the need for third-party vendor-specific hardware. We implement our system as a network application on top of an SDN controller. We use deep learning for feature reduction of a large set of features derived from network traffic headers. We evaluate our system based on different performance metrics by applying it on traffic traces collected from different scenarios. We observe high accuracy with a low false-positive for attack detection in our proposed system.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-11-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132425790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: