Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167843
David Querencias-Uceta, Belén Ríos-Sánchez, C. S. Ávila
Biometrics is an active research field that is increasingly being integrated into current technology. As a result, more and more people are becoming familiar with biometric technics such as fingerprint or facial recognition. Nevertheless, there are innovative techniques such as ear-based biometrics which are not very well known yet because they are at initial stages of research. In this work, an ear geometry-based biometric verification system oriented to recognition through mobile phones is presented and evaluated. Feature extraction is carried out by means of Principal Component Analysis and feature matching is performed by a distance-based classifier including Euclidean and Eigen distances. The evaluation has been made according to the specifications included in the ISO/IDE 19795 norm following a zero-effort falsification scenario. To this end, a database including ear images of different users has been captured using the camera of a smartphone. The obtained Equal Error Rate matches 1.11% when Euclidean distance is applied for feature comparison and 5.56% in the case of Eigendistance.
{"title":"Principal component analysis for ear-based biometric verification","authors":"David Querencias-Uceta, Belén Ríos-Sánchez, C. S. Ávila","doi":"10.1109/CCST.2017.8167843","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167843","url":null,"abstract":"Biometrics is an active research field that is increasingly being integrated into current technology. As a result, more and more people are becoming familiar with biometric technics such as fingerprint or facial recognition. Nevertheless, there are innovative techniques such as ear-based biometrics which are not very well known yet because they are at initial stages of research. In this work, an ear geometry-based biometric verification system oriented to recognition through mobile phones is presented and evaluated. Feature extraction is carried out by means of Principal Component Analysis and feature matching is performed by a distance-based classifier including Euclidean and Eigen distances. The evaluation has been made according to the specifications included in the ISO/IDE 19795 norm following a zero-effort falsification scenario. To this end, a database including ear images of different users has been captured using the camera of a smartphone. The obtained Equal Error Rate matches 1.11% when Euclidean distance is applied for feature comparison and 5.56% in the case of Eigendistance.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115545503","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167793
V. Urias, W. Stout, Jean-Luc Watson, C. Grim, L. Liebrock, Monzy Merza
Computer network defense has traditionally been provided using reactionary tools such as signature-based detectors, white/blacklisting, intrusion detection/protection systems, etc. While event detection/correlation techniques may identify threats — those threats are then dealt with manually, often employing obstruction-based responses (e.g., blocking). As threat sophistication grows, we find these perimeter-planted security efforts ineffective in combating competent adversaries. In 2015 Gartner, Inc. examined the potential for organizations to use deception as a strategy for thwarting attackers and making it costlier for adversaries to engage in threat campaigns. In today's current research, there are a limited number of deception platforms (tools, etc.) that have successfully been shown to enable strategic deception in a computer network operations environment. Through a deception framework, we conjecture that deception platforms can aid and assist in deceiving the adversary by: obscuring the real target, devaluing information gathering, causing the adversary to waste time and resources, forcing the adversary to reveal advanced capabilities, exposing adversary intent, increasing the difficulty of attack planning, limiting the scope of the attack, and limiting the duration of a successful attack. The objective of this paper is to survey the technological trends in cyber deception research, identify gaps in the techniques, and provide research in the emergent environment. Current findings suggest that network deception tools are attracting the interest of researchers as a valuable security technique that can be implemented to learn more about the nature of cyber attacks; however, there are significant shortcomings in the current approaches and the ability to reason about the adversary.
{"title":"Technologies to enable cyber deception","authors":"V. Urias, W. Stout, Jean-Luc Watson, C. Grim, L. Liebrock, Monzy Merza","doi":"10.1109/CCST.2017.8167793","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167793","url":null,"abstract":"Computer network defense has traditionally been provided using reactionary tools such as signature-based detectors, white/blacklisting, intrusion detection/protection systems, etc. While event detection/correlation techniques may identify threats — those threats are then dealt with manually, often employing obstruction-based responses (e.g., blocking). As threat sophistication grows, we find these perimeter-planted security efforts ineffective in combating competent adversaries. In 2015 Gartner, Inc. examined the potential for organizations to use deception as a strategy for thwarting attackers and making it costlier for adversaries to engage in threat campaigns. In today's current research, there are a limited number of deception platforms (tools, etc.) that have successfully been shown to enable strategic deception in a computer network operations environment. Through a deception framework, we conjecture that deception platforms can aid and assist in deceiving the adversary by: obscuring the real target, devaluing information gathering, causing the adversary to waste time and resources, forcing the adversary to reveal advanced capabilities, exposing adversary intent, increasing the difficulty of attack planning, limiting the scope of the attack, and limiting the duration of a successful attack. The objective of this paper is to survey the technological trends in cyber deception research, identify gaps in the techniques, and provide research in the emergent environment. Current findings suggest that network deception tools are attracting the interest of researchers as a valuable security technique that can be implemented to learn more about the nature of cyber attacks; however, there are significant shortcomings in the current approaches and the ability to reason about the adversary.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123827976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167858
Chen-Ta Hsieh, Chin-Chuan Han, Chang-Hsing Lee, Kuo-Chin Fan
Personal authentication (PA) on smartphones plays the crucial role in mobile payment. Facial features are the most user-friendly biometric feature because of the build-in camera, when we use smartphones as the payment devices. In this study, a novel authenticated method is proposed for PA by integrating feature line embedding (FLE) transformation and biased discriminant analysis (BDA) by using facial features. Due to the few training samples, the discriminant power is limited for learning. In feature spaces, feature lines are regarded as the feature combination between two training samples and infinitely simulate the possible features of various conditions for training. In PA, only positive samples is used to calculate the within-class scatter, and the between class scatter is also calculated using negative samples by the BDA strategy. Compared with the traditional two-class classification and BDA problems, the FLE integrates with BDA to obtain a better dimension reduction transformation. A support vector machine (SVM) classifier is further trained to determine a query sample is a real or a forged sample.
{"title":"Person authentication using nearest feature line embedding transformation and biased discriminant analysis","authors":"Chen-Ta Hsieh, Chin-Chuan Han, Chang-Hsing Lee, Kuo-Chin Fan","doi":"10.1109/CCST.2017.8167858","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167858","url":null,"abstract":"Personal authentication (PA) on smartphones plays the crucial role in mobile payment. Facial features are the most user-friendly biometric feature because of the build-in camera, when we use smartphones as the payment devices. In this study, a novel authenticated method is proposed for PA by integrating feature line embedding (FLE) transformation and biased discriminant analysis (BDA) by using facial features. Due to the few training samples, the discriminant power is limited for learning. In feature spaces, feature lines are regarded as the feature combination between two training samples and infinitely simulate the possible features of various conditions for training. In PA, only positive samples is used to calculate the within-class scatter, and the between class scatter is also calculated using negative samples by the BDA strategy. Compared with the traditional two-class classification and BDA problems, the FLE integrates with BDA to obtain a better dimension reduction transformation. A support vector machine (SVM) classifier is further trained to determine a query sample is a real or a forged sample.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124746044","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167844
M. Pirro, M. Conti, R. Lazzeretti
Protecting data confidentiality and integrity has become increasingly important in modern software. Sometimes, access control mechanisms come short and solutions on the application-level are needed. An approach can rely on enforcing information security using some features provided by certain programming languages. Several different solutions addressing this problem have been presented in literature, and entire new languages or libraries have been built from scratch. Some of them use type systems to let the compiler check for vulnerable code. In this way we are able to rule out those implementations which do not meet a certain security requirement. In this paper we use Haskell's type system to enforce three key properties of information security: non-interference and flexible declassification policies, strict input validation, and secure computations on untainted and trusted values. We present a functional lightweight library for applications with data integrity and confidentiality issues. Our contribute relies on a compile time enforcing of the aforementioned properties. Our library is wholly generalized and might be adapted for satisfying almost every security requirement.
{"title":"Ensuring information security by using Haskell's advanced type system","authors":"M. Pirro, M. Conti, R. Lazzeretti","doi":"10.1109/CCST.2017.8167844","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167844","url":null,"abstract":"Protecting data confidentiality and integrity has become increasingly important in modern software. Sometimes, access control mechanisms come short and solutions on the application-level are needed. An approach can rely on enforcing information security using some features provided by certain programming languages. Several different solutions addressing this problem have been presented in literature, and entire new languages or libraries have been built from scratch. Some of them use type systems to let the compiler check for vulnerable code. In this way we are able to rule out those implementations which do not meet a certain security requirement. In this paper we use Haskell's type system to enforce three key properties of information security: non-interference and flexible declassification policies, strict input validation, and secure computations on untainted and trusted values. We present a functional lightweight library for applications with data integrity and confidentiality issues. Our contribute relies on a compile time enforcing of the aforementioned properties. Our library is wholly generalized and might be adapted for satisfying almost every security requirement.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"109 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122252107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167830
Adrián Tomé, L. Salgado
In this paper we present a robust and simple method for the detection of anomalies in surveillance scenarios. We use a “bottom-up” approach that avoids any object tracking, making the system suitable for anomaly detection in crowds. A robust optical flow method is used for the extraction of accurate spatio-temporal motion information, which allows to get simple but discriminative descriptors that are employed to train a Gaussian mixture model. We evaluate our system in a publicly available dataset, concluding that our method outperforms similar anomaly detection approaches but with a simpler model and low-sized descriptors.
{"title":"Detection of anomalies in surveillance scenarios using mixture models","authors":"Adrián Tomé, L. Salgado","doi":"10.1109/CCST.2017.8167830","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167830","url":null,"abstract":"In this paper we present a robust and simple method for the detection of anomalies in surveillance scenarios. We use a “bottom-up” approach that avoids any object tracking, making the system suitable for anomaly detection in crowds. A robust optical flow method is used for the extraction of accurate spatio-temporal motion information, which allows to get simple but discriminative descriptors that are employed to train a Gaussian mixture model. We evaluate our system in a publicly available dataset, concluding that our method outperforms similar anomaly detection approaches but with a simpler model and low-sized descriptors.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131106762","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167823
Ada Pozo, Julian Fierrez, M. Martinez-Diaz, Javier Galbally, A. Morales
The great popularity of smartphones and the increase in their use in everyday applications has led to sensitive information being carried in them, such as our bank account details, passwords or emails. Motivated by the limited security of traditional systems (e.g. PIN codes, secret patterns), that can be easily broken, this work focuses on the analysis of users normal interaction with touchscreens as a means for active authentication. Given the frequency in which touch operations are performed, characteristic habits, like the strength, rhythm or angle used result in discriminative patterns that can be exploited to authenticate users. In the present work, we explore a statistical approach based on adapted Gaussian Mixture Models. The performance across different kinds of touch operations, reveals that some gestures hold more user-specific information and are more discriminative than others (in particular, horizontal swipes appear to be more discriminative than vertical ones). The experimental results show that touch biometrics have enough discriminability for person recognition and that they are a promising method for active authentication.
{"title":"Exploring a statistical method for touchscreen swipe biometrics","authors":"Ada Pozo, Julian Fierrez, M. Martinez-Diaz, Javier Galbally, A. Morales","doi":"10.1109/CCST.2017.8167823","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167823","url":null,"abstract":"The great popularity of smartphones and the increase in their use in everyday applications has led to sensitive information being carried in them, such as our bank account details, passwords or emails. Motivated by the limited security of traditional systems (e.g. PIN codes, secret patterns), that can be easily broken, this work focuses on the analysis of users normal interaction with touchscreens as a means for active authentication. Given the frequency in which touch operations are performed, characteristic habits, like the strength, rhythm or angle used result in discriminative patterns that can be exploited to authenticate users. In the present work, we explore a statistical approach based on adapted Gaussian Mixture Models. The performance across different kinds of touch operations, reveals that some gestures hold more user-specific information and are more discriminative than others (in particular, horizontal swipes appear to be more discriminative than vertical ones). The experimental results show that touch biometrics have enough discriminability for person recognition and that they are a promising method for active authentication.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129841958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167795
Mauro Gambetti, F. Garzia, J. Vargas-Bonilla, David Ciarlariello, M. A. Ferrer-Ballester, Sergio Fusetti, M. Lombardi, S. Ramalingam, Mahalingam Ramasamy, S. Sacerdoti, Andrea Sdringola, Devi Thirupati, M. Faúndez-Zanuy
The Papal Basilica and the Sacred Convent of St. Francis in Assisi, Italy together represent a unique and specific cultural heritage site where the mortal remains of St. Francis have been housed since 1230 AD. Millions of pilgrims and visitors from all over the world visit this site each year. In 2000 AD, together with other Franciscan sites in the surrounding area, it achieved UNESCO World Heritage status. Unique and complex cultural heritage sites, such as this, require a significant effort to ensure visitor security and safety. Along with such needs are cultural heritage preservation and protection as well as accessibility for visitors, with particular reference to visitors with disabilities, and for personnel normally present for site management, including the Friar's community. These aims can be achieved using integrated systems and innovative technologies, such as Internet of Everything (IoE) which can connect people, things (mobile terminals, smart sensors, devices, actuators; wearable devices; etc.), data/information/knowledge and particular processes. The purpose of this paper is to illustrate the methodology and show the results obtained from the study and the design of a new communication network for Internet of Everything based security/safety/general management and visitors' services of the Papal Basilica and Sacred Convent of Saint Francis in Assisi.
{"title":"The new communication network for an internet of everything based security/safety/general management/visitor's services for the Papal Basilica and Sacred Convent of Saint Francis in Assisi, Italy","authors":"Mauro Gambetti, F. Garzia, J. Vargas-Bonilla, David Ciarlariello, M. A. Ferrer-Ballester, Sergio Fusetti, M. Lombardi, S. Ramalingam, Mahalingam Ramasamy, S. Sacerdoti, Andrea Sdringola, Devi Thirupati, M. Faúndez-Zanuy","doi":"10.1109/CCST.2017.8167795","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167795","url":null,"abstract":"The Papal Basilica and the Sacred Convent of St. Francis in Assisi, Italy together represent a unique and specific cultural heritage site where the mortal remains of St. Francis have been housed since 1230 AD. Millions of pilgrims and visitors from all over the world visit this site each year. In 2000 AD, together with other Franciscan sites in the surrounding area, it achieved UNESCO World Heritage status. Unique and complex cultural heritage sites, such as this, require a significant effort to ensure visitor security and safety. Along with such needs are cultural heritage preservation and protection as well as accessibility for visitors, with particular reference to visitors with disabilities, and for personnel normally present for site management, including the Friar's community. These aims can be achieved using integrated systems and innovative technologies, such as Internet of Everything (IoE) which can connect people, things (mobile terminals, smart sensors, devices, actuators; wearable devices; etc.), data/information/knowledge and particular processes. The purpose of this paper is to illustrate the methodology and show the results obtained from the study and the design of a new communication network for Internet of Everything based security/safety/general management and visitors' services of the Papal Basilica and Sacred Convent of Saint Francis in Assisi.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125779357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167834
Selvakumar Ramachandran, Andrea Dimitri, M. Galinium, Muhammad Tahir, Indirajith Viji Ananth, C. Schunck, M. Talamo
Whenever users install a new application on their smart devices with an Android KitKat or Lollipop operating system they are asked to grant the application (app) provider access to features of the device, ranging from data storage to device location and from device identity to the users personal contacts. The implications on users' privacy and security are significant and therefore the users' ability to give informed consent is highly important. Previous work has identified low rates of user attention and comprehension to permission warnings and concluded that these fail to inform the majority of users. Here we focus on how users consider, interpret and react to differences in app permission information which is provided at three different instances of the app installation cycle: 1. Before installation in the Google Play Store 2. During the installation process 3. After installation in the Application Manager. The information provided in these instances varies considerably in its granularity and detail. For this purpose, an online survey was developed in which users were asked questions regarding the installation of a mirror app whose main functionality is to use the user facing camera of the phone to mirror the users face (i.e. display an image of the face) on the phone's screen. The survey participants were shown screen shots of the app description as presented in the Google Play Store as well as of the various permission lists as they appear on the screen of the phone. The questions focused on the respondents' perceptions and their hypothetical choices with regard to the installation of this app. Results show that the various presentations of permission information in Android versions KitKat or Lollipop cause concern and irritate a majority (51.67%) of users, especially those with some basic IT expertise. We conclude that the contextualization of app features and functionalities with the corresponding permissions needs to be improved especially for users with little IT expertise. Further user permission information should be made available at different and consistent levels of granularity.
{"title":"Understanding and granting android permissions: A user survey","authors":"Selvakumar Ramachandran, Andrea Dimitri, M. Galinium, Muhammad Tahir, Indirajith Viji Ananth, C. Schunck, M. Talamo","doi":"10.1109/CCST.2017.8167834","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167834","url":null,"abstract":"Whenever users install a new application on their smart devices with an Android KitKat or Lollipop operating system they are asked to grant the application (app) provider access to features of the device, ranging from data storage to device location and from device identity to the users personal contacts. The implications on users' privacy and security are significant and therefore the users' ability to give informed consent is highly important. Previous work has identified low rates of user attention and comprehension to permission warnings and concluded that these fail to inform the majority of users. Here we focus on how users consider, interpret and react to differences in app permission information which is provided at three different instances of the app installation cycle: 1. Before installation in the Google Play Store 2. During the installation process 3. After installation in the Application Manager. The information provided in these instances varies considerably in its granularity and detail. For this purpose, an online survey was developed in which users were asked questions regarding the installation of a mirror app whose main functionality is to use the user facing camera of the phone to mirror the users face (i.e. display an image of the face) on the phone's screen. The survey participants were shown screen shots of the app description as presented in the Google Play Store as well as of the various permission lists as they appear on the screen of the phone. The questions focused on the respondents' perceptions and their hypothetical choices with regard to the installation of this app. Results show that the various presentations of permission information in Android versions KitKat or Lollipop cause concern and irritate a majority (51.67%) of users, especially those with some basic IT expertise. We conclude that the contextualization of app features and functionalities with the corresponding permissions needs to be improved especially for users with little IT expertise. Further user permission information should be made available at different and consistent levels of granularity.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125906807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167856
Luis Menezes, Roland Wismüller
With the increasingly amount of private information stored in mobile devices, the need for more secure ways to detect, control and avoid malicious behaviors has become higher. The too coarse-grained permission system implemented in the Android platform does not cover problems such as preventing an application to send a previously acquired information over SMS or Internet to another device or server. This problem arises because the permission systems implemented in the Android platform works only in the access control and does not handle how the acquired information is handled by the application. In order to enhance detection and awareness of such unwanted information flows, we propose a hybrid information-flow analysis, known as FlowSlicer, that mixes the benefits of static and dynamic analysis, using slicing on a system dependency graph and instrumenting statements found to be important. In order to analyse properly the obtained results, tests regarding overhead and also leak detection rate were performed in the applications present in the category AndroidSpecific from the DroidBench repository, since FlowSlicer intends to work mainly for applications designed for the Android platform. The results show that FlowSlicer is effective in detecting leaks, detects all leaks present in the evaluated applications, and only includes an imperceptible overhead to the instrumented application. The obtained results also show how both static and dynamic analysis work together and help each other in their disadvantages: static analysis helps dynamic analysis by reducing the set of statements to be analysed and dynamic analysis helps to prove false positives from static analysis not to be true.
{"title":"Detecting information leaks in Android applications using a hybrid approach with program slicing, instrumentation and tagging","authors":"Luis Menezes, Roland Wismüller","doi":"10.1109/CCST.2017.8167856","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167856","url":null,"abstract":"With the increasingly amount of private information stored in mobile devices, the need for more secure ways to detect, control and avoid malicious behaviors has become higher. The too coarse-grained permission system implemented in the Android platform does not cover problems such as preventing an application to send a previously acquired information over SMS or Internet to another device or server. This problem arises because the permission systems implemented in the Android platform works only in the access control and does not handle how the acquired information is handled by the application. In order to enhance detection and awareness of such unwanted information flows, we propose a hybrid information-flow analysis, known as FlowSlicer, that mixes the benefits of static and dynamic analysis, using slicing on a system dependency graph and instrumenting statements found to be important. In order to analyse properly the obtained results, tests regarding overhead and also leak detection rate were performed in the applications present in the category AndroidSpecific from the DroidBench repository, since FlowSlicer intends to work mainly for applications designed for the Android platform. The results show that FlowSlicer is effective in detecting leaks, detects all leaks present in the evaluated applications, and only includes an imperceptible overhead to the instrumented application. The obtained results also show how both static and dynamic analysis work together and help each other in their disadvantages: static analysis helps dynamic analysis by reducing the set of statements to be analysed and dynamic analysis helps to prove false positives from static analysis not to be true.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132990105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167811
T. Loveček, Anton Siser, L. Mariš
The article presents a use case evaluation of the robustness of a physical protection system for the Vodňany water tank, designated as a national critical infrastructure element. The evaluation will be performed based on three probable attack scenarios; the aim of these would be poisoning the drinking water source and intoxication of the population of the nearby city or destruction of the water tank and the resulting cutting off of residents from a source of drinking water. To check the robustness of the water tank itself and its physical protection system as a part of an overall robustness of the water tank area, a new software — SATANO (Security Assessment Of Terrorist Attack In A Network Of Objects) will be used. It allows for modelling physical protection system objects onto 2D maps and then simulate custom attack scenarios. This process of quantitative evaluation of a system's protection level may be accepted as part of the risk management process which is required by European Council as well as various national regulations from all operators of critical infrastructure elements.
{"title":"Use case of waterwork physical protection system robustness evaluation as a part of Slovak critical infrastructure","authors":"T. Loveček, Anton Siser, L. Mariš","doi":"10.1109/CCST.2017.8167811","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167811","url":null,"abstract":"The article presents a use case evaluation of the robustness of a physical protection system for the Vodňany water tank, designated as a national critical infrastructure element. The evaluation will be performed based on three probable attack scenarios; the aim of these would be poisoning the drinking water source and intoxication of the population of the nearby city or destruction of the water tank and the resulting cutting off of residents from a source of drinking water. To check the robustness of the water tank itself and its physical protection system as a part of an overall robustness of the water tank area, a new software — SATANO (Security Assessment Of Terrorist Attack In A Network Of Objects) will be used. It allows for modelling physical protection system objects onto 2D maps and then simulate custom attack scenarios. This process of quantitative evaluation of a system's protection level may be accepted as part of the risk management process which is required by European Council as well as various national regulations from all operators of critical infrastructure elements.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127881320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: