Pub Date : 2014-09-01DOI: 10.1109/AsiaJCIS.2014.12
Zengguang Liu, Xiaochun Yin, Hoonjae Lee
With the fast emergence of Software-Defined Networking (SDN) and Cloud SIP Fire Wall (SFW), new solution is possible to defend SIP DoS attacks in IMS core network, which is impossible in traditional telecomm network through traditional SFW. In this paper, we first analyze the security threats of SIP DoS attacks in the telecomm network. And then based on the analysis, we construct the SIP DoS attack and defense models using queue theory. Further to this, based on the models, we propose an efficient SIP DoS attack defense scheme which is using priority queue and bandwidth control method. At last, simulation was taken to analyze and verify how our defense scheme improves the performance of cloud SFW and saves bandwidth during SIP DoS attack.
{"title":"An Efficient Defense Scheme against SIP DoS Attack in SDN Using Cloud SFW","authors":"Zengguang Liu, Xiaochun Yin, Hoonjae Lee","doi":"10.1109/AsiaJCIS.2014.12","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.12","url":null,"abstract":"With the fast emergence of Software-Defined Networking (SDN) and Cloud SIP Fire Wall (SFW), new solution is possible to defend SIP DoS attacks in IMS core network, which is impossible in traditional telecomm network through traditional SFW. In this paper, we first analyze the security threats of SIP DoS attacks in the telecomm network. And then based on the analysis, we construct the SIP DoS attack and defense models using queue theory. Further to this, based on the models, we propose an efficient SIP DoS attack defense scheme which is using priority queue and bandwidth control method. At last, simulation was taken to analyze and verify how our defense scheme improves the performance of cloud SFW and saves bandwidth during SIP DoS attack.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122477671","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In 1993, Smith and Lennon described a new public key cryptosystem based on a Lucas sequences, called Lucas cryptosystem (LUC). Its construction is similar to RSA, but its computing faster and using smaller key size than RSA with the same security strength. In this paper, we presented a new hardcore predicate of LUC and proved its security by the list decoding method developed by Akavia et al.
{"title":"Bit Security for Lucas-Based One-Way Function","authors":"Si-Wei Ren, Ke Lu","doi":"10.1109/AsiaJCIS.2014.9","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.9","url":null,"abstract":"In 1993, Smith and Lennon described a new public key cryptosystem based on a Lucas sequences, called Lucas cryptosystem (LUC). Its construction is similar to RSA, but its computing faster and using smaller key size than RSA with the same security strength. In this paper, we presented a new hardcore predicate of LUC and proved its security by the list decoding method developed by Akavia et al.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128625733","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-09-01DOI: 10.1109/AsiaJCIS.2014.15
Juanjuan Li, Zhenhua Liu, Longhui Zu
This paper presents a novel cipher text-policy attribute-based multi-use unidirectional proxy re-encryption scheme. In the proposed scheme, the tree access policy can be used to handle and (¡Ä), or (¡Å) and threshold (of) operators. We first formalize the security definition against chosen cipher text attack for cipher text-policy attribute-based multi-use unidirectional proxy re-encryption schemes, and then prove the proposed scheme to be secure under ADBDH assumption in the standard model. Furthermore, compared with other cipher text policy attribute-based proxy re-encryption schemes, our scheme is more efficient and allows the encryptor to control whether the cipher text need to be re-encrypted.
{"title":"Chosen-Ciphertext Secure Multi-use Unidirectional Attribute-Based Proxy Re-Encryptions","authors":"Juanjuan Li, Zhenhua Liu, Longhui Zu","doi":"10.1109/AsiaJCIS.2014.15","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.15","url":null,"abstract":"This paper presents a novel cipher text-policy attribute-based multi-use unidirectional proxy re-encryption scheme. In the proposed scheme, the tree access policy can be used to handle and (¡Ä), or (¡Å) and threshold (of) operators. We first formalize the security definition against chosen cipher text attack for cipher text-policy attribute-based multi-use unidirectional proxy re-encryption schemes, and then prove the proposed scheme to be secure under ADBDH assumption in the standard model. Furthermore, compared with other cipher text policy attribute-based proxy re-encryption schemes, our scheme is more efficient and allows the encryptor to control whether the cipher text need to be re-encrypted.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127038293","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-01-26DOI: 10.1109/AsiaJCIS.2014.29
Canyong Wang, Yaokai Feng, Junpei Kawamoto, Y. Hori, K. Sakurai
The frequency and the extent of damages caused by network attacks have been actually increasing greatly in recent years, although many approaches to avoiding and detecting attacks have been proposed in the community of network security. Thus, how to fast detect actual or potential attacks has become an urgent issue. Among the detection strategies, behavior-based ones, which use normal access patterns learned from reference data (e.g., History traffic) to detect new attacks, have attracted attention from many researchers. In each of all such strategies, a learning algorithm is necessary and plays a key role. Obviously, whether the learning algorithm can extract the normal behavior modes properly or not directly influence the detection result. However, some parameters have to determine in advance in the existing learning algorithms, which is not easy, even not feasible, in many actual applications. For example, even in the newest learning algorithm, which called FHST learning algorithm in this study, two parameters are used and they are difficult to be determined in advance. In this study, we propose a parameter less learning algorithm for the first time, in which no parameters are used. The efficiency of our proposal is verified by experiment. Although the proposed learning algorithm in this study is designed for detecting port scans, it is obviously able to be used to other behavior-based detections.
{"title":"A Parameterless Learning Algorithm for Behavior-Based Detection","authors":"Canyong Wang, Yaokai Feng, Junpei Kawamoto, Y. Hori, K. Sakurai","doi":"10.1109/AsiaJCIS.2014.29","DOIUrl":"https://doi.org/10.1109/AsiaJCIS.2014.29","url":null,"abstract":"The frequency and the extent of damages caused by network attacks have been actually increasing greatly in recent years, although many approaches to avoiding and detecting attacks have been proposed in the community of network security. Thus, how to fast detect actual or potential attacks has become an urgent issue. Among the detection strategies, behavior-based ones, which use normal access patterns learned from reference data (e.g., History traffic) to detect new attacks, have attracted attention from many researchers. In each of all such strategies, a learning algorithm is necessary and plays a key role. Obviously, whether the learning algorithm can extract the normal behavior modes properly or not directly influence the detection result. However, some parameters have to determine in advance in the existing learning algorithms, which is not easy, even not feasible, in many actual applications. For example, even in the newest learning algorithm, which called FHST learning algorithm in this study, two parameters are used and they are difficult to be determined in advance. In this study, we propose a parameter less learning algorithm for the first time, in which no parameters are used. The efficiency of our proposal is verified by experiment. Although the proposed learning algorithm in this study is designed for detecting port scans, it is obviously able to be used to other behavior-based detections.","PeriodicalId":354543,"journal":{"name":"2014 Ninth Asia Joint Conference on Information Security","volume":"449 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-01-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115610617","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: