Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167793
V. Urias, W. Stout, Jean-Luc Watson, C. Grim, L. Liebrock, Monzy Merza
Computer network defense has traditionally been provided using reactionary tools such as signature-based detectors, white/blacklisting, intrusion detection/protection systems, etc. While event detection/correlation techniques may identify threats — those threats are then dealt with manually, often employing obstruction-based responses (e.g., blocking). As threat sophistication grows, we find these perimeter-planted security efforts ineffective in combating competent adversaries. In 2015 Gartner, Inc. examined the potential for organizations to use deception as a strategy for thwarting attackers and making it costlier for adversaries to engage in threat campaigns. In today's current research, there are a limited number of deception platforms (tools, etc.) that have successfully been shown to enable strategic deception in a computer network operations environment. Through a deception framework, we conjecture that deception platforms can aid and assist in deceiving the adversary by: obscuring the real target, devaluing information gathering, causing the adversary to waste time and resources, forcing the adversary to reveal advanced capabilities, exposing adversary intent, increasing the difficulty of attack planning, limiting the scope of the attack, and limiting the duration of a successful attack. The objective of this paper is to survey the technological trends in cyber deception research, identify gaps in the techniques, and provide research in the emergent environment. Current findings suggest that network deception tools are attracting the interest of researchers as a valuable security technique that can be implemented to learn more about the nature of cyber attacks; however, there are significant shortcomings in the current approaches and the ability to reason about the adversary.
{"title":"Technologies to enable cyber deception","authors":"V. Urias, W. Stout, Jean-Luc Watson, C. Grim, L. Liebrock, Monzy Merza","doi":"10.1109/CCST.2017.8167793","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167793","url":null,"abstract":"Computer network defense has traditionally been provided using reactionary tools such as signature-based detectors, white/blacklisting, intrusion detection/protection systems, etc. While event detection/correlation techniques may identify threats — those threats are then dealt with manually, often employing obstruction-based responses (e.g., blocking). As threat sophistication grows, we find these perimeter-planted security efforts ineffective in combating competent adversaries. In 2015 Gartner, Inc. examined the potential for organizations to use deception as a strategy for thwarting attackers and making it costlier for adversaries to engage in threat campaigns. In today's current research, there are a limited number of deception platforms (tools, etc.) that have successfully been shown to enable strategic deception in a computer network operations environment. Through a deception framework, we conjecture that deception platforms can aid and assist in deceiving the adversary by: obscuring the real target, devaluing information gathering, causing the adversary to waste time and resources, forcing the adversary to reveal advanced capabilities, exposing adversary intent, increasing the difficulty of attack planning, limiting the scope of the attack, and limiting the duration of a successful attack. The objective of this paper is to survey the technological trends in cyber deception research, identify gaps in the techniques, and provide research in the emergent environment. Current findings suggest that network deception tools are attracting the interest of researchers as a valuable security technique that can be implemented to learn more about the nature of cyber attacks; however, there are significant shortcomings in the current approaches and the ability to reason about the adversary.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123827976","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167795
Mauro Gambetti, F. Garzia, J. Vargas-Bonilla, David Ciarlariello, M. A. Ferrer-Ballester, Sergio Fusetti, M. Lombardi, S. Ramalingam, Mahalingam Ramasamy, S. Sacerdoti, Andrea Sdringola, Devi Thirupati, M. Faúndez-Zanuy
The Papal Basilica and the Sacred Convent of St. Francis in Assisi, Italy together represent a unique and specific cultural heritage site where the mortal remains of St. Francis have been housed since 1230 AD. Millions of pilgrims and visitors from all over the world visit this site each year. In 2000 AD, together with other Franciscan sites in the surrounding area, it achieved UNESCO World Heritage status. Unique and complex cultural heritage sites, such as this, require a significant effort to ensure visitor security and safety. Along with such needs are cultural heritage preservation and protection as well as accessibility for visitors, with particular reference to visitors with disabilities, and for personnel normally present for site management, including the Friar's community. These aims can be achieved using integrated systems and innovative technologies, such as Internet of Everything (IoE) which can connect people, things (mobile terminals, smart sensors, devices, actuators; wearable devices; etc.), data/information/knowledge and particular processes. The purpose of this paper is to illustrate the methodology and show the results obtained from the study and the design of a new communication network for Internet of Everything based security/safety/general management and visitors' services of the Papal Basilica and Sacred Convent of Saint Francis in Assisi.
{"title":"The new communication network for an internet of everything based security/safety/general management/visitor's services for the Papal Basilica and Sacred Convent of Saint Francis in Assisi, Italy","authors":"Mauro Gambetti, F. Garzia, J. Vargas-Bonilla, David Ciarlariello, M. A. Ferrer-Ballester, Sergio Fusetti, M. Lombardi, S. Ramalingam, Mahalingam Ramasamy, S. Sacerdoti, Andrea Sdringola, Devi Thirupati, M. Faúndez-Zanuy","doi":"10.1109/CCST.2017.8167795","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167795","url":null,"abstract":"The Papal Basilica and the Sacred Convent of St. Francis in Assisi, Italy together represent a unique and specific cultural heritage site where the mortal remains of St. Francis have been housed since 1230 AD. Millions of pilgrims and visitors from all over the world visit this site each year. In 2000 AD, together with other Franciscan sites in the surrounding area, it achieved UNESCO World Heritage status. Unique and complex cultural heritage sites, such as this, require a significant effort to ensure visitor security and safety. Along with such needs are cultural heritage preservation and protection as well as accessibility for visitors, with particular reference to visitors with disabilities, and for personnel normally present for site management, including the Friar's community. These aims can be achieved using integrated systems and innovative technologies, such as Internet of Everything (IoE) which can connect people, things (mobile terminals, smart sensors, devices, actuators; wearable devices; etc.), data/information/knowledge and particular processes. The purpose of this paper is to illustrate the methodology and show the results obtained from the study and the design of a new communication network for Internet of Everything based security/safety/general management and visitors' services of the Papal Basilica and Sacred Convent of Saint Francis in Assisi.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125779357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167834
Selvakumar Ramachandran, Andrea Dimitri, M. Galinium, Muhammad Tahir, Indirajith Viji Ananth, C. Schunck, M. Talamo
Whenever users install a new application on their smart devices with an Android KitKat or Lollipop operating system they are asked to grant the application (app) provider access to features of the device, ranging from data storage to device location and from device identity to the users personal contacts. The implications on users' privacy and security are significant and therefore the users' ability to give informed consent is highly important. Previous work has identified low rates of user attention and comprehension to permission warnings and concluded that these fail to inform the majority of users. Here we focus on how users consider, interpret and react to differences in app permission information which is provided at three different instances of the app installation cycle: 1. Before installation in the Google Play Store 2. During the installation process 3. After installation in the Application Manager. The information provided in these instances varies considerably in its granularity and detail. For this purpose, an online survey was developed in which users were asked questions regarding the installation of a mirror app whose main functionality is to use the user facing camera of the phone to mirror the users face (i.e. display an image of the face) on the phone's screen. The survey participants were shown screen shots of the app description as presented in the Google Play Store as well as of the various permission lists as they appear on the screen of the phone. The questions focused on the respondents' perceptions and their hypothetical choices with regard to the installation of this app. Results show that the various presentations of permission information in Android versions KitKat or Lollipop cause concern and irritate a majority (51.67%) of users, especially those with some basic IT expertise. We conclude that the contextualization of app features and functionalities with the corresponding permissions needs to be improved especially for users with little IT expertise. Further user permission information should be made available at different and consistent levels of granularity.
{"title":"Understanding and granting android permissions: A user survey","authors":"Selvakumar Ramachandran, Andrea Dimitri, M. Galinium, Muhammad Tahir, Indirajith Viji Ananth, C. Schunck, M. Talamo","doi":"10.1109/CCST.2017.8167834","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167834","url":null,"abstract":"Whenever users install a new application on their smart devices with an Android KitKat or Lollipop operating system they are asked to grant the application (app) provider access to features of the device, ranging from data storage to device location and from device identity to the users personal contacts. The implications on users' privacy and security are significant and therefore the users' ability to give informed consent is highly important. Previous work has identified low rates of user attention and comprehension to permission warnings and concluded that these fail to inform the majority of users. Here we focus on how users consider, interpret and react to differences in app permission information which is provided at three different instances of the app installation cycle: 1. Before installation in the Google Play Store 2. During the installation process 3. After installation in the Application Manager. The information provided in these instances varies considerably in its granularity and detail. For this purpose, an online survey was developed in which users were asked questions regarding the installation of a mirror app whose main functionality is to use the user facing camera of the phone to mirror the users face (i.e. display an image of the face) on the phone's screen. The survey participants were shown screen shots of the app description as presented in the Google Play Store as well as of the various permission lists as they appear on the screen of the phone. The questions focused on the respondents' perceptions and their hypothetical choices with regard to the installation of this app. Results show that the various presentations of permission information in Android versions KitKat or Lollipop cause concern and irritate a majority (51.67%) of users, especially those with some basic IT expertise. We conclude that the contextualization of app features and functionalities with the corresponding permissions needs to be improved especially for users with little IT expertise. Further user permission information should be made available at different and consistent levels of granularity.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125906807","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167830
Adrián Tomé, L. Salgado
In this paper we present a robust and simple method for the detection of anomalies in surveillance scenarios. We use a “bottom-up” approach that avoids any object tracking, making the system suitable for anomaly detection in crowds. A robust optical flow method is used for the extraction of accurate spatio-temporal motion information, which allows to get simple but discriminative descriptors that are employed to train a Gaussian mixture model. We evaluate our system in a publicly available dataset, concluding that our method outperforms similar anomaly detection approaches but with a simpler model and low-sized descriptors.
{"title":"Detection of anomalies in surveillance scenarios using mixture models","authors":"Adrián Tomé, L. Salgado","doi":"10.1109/CCST.2017.8167830","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167830","url":null,"abstract":"In this paper we present a robust and simple method for the detection of anomalies in surveillance scenarios. We use a “bottom-up” approach that avoids any object tracking, making the system suitable for anomaly detection in crowds. A robust optical flow method is used for the extraction of accurate spatio-temporal motion information, which allows to get simple but discriminative descriptors that are employed to train a Gaussian mixture model. We evaluate our system in a publicly available dataset, concluding that our method outperforms similar anomaly detection approaches but with a simpler model and low-sized descriptors.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131106762","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167823
Ada Pozo, Julian Fierrez, M. Martinez-Diaz, Javier Galbally, A. Morales
The great popularity of smartphones and the increase in their use in everyday applications has led to sensitive information being carried in them, such as our bank account details, passwords or emails. Motivated by the limited security of traditional systems (e.g. PIN codes, secret patterns), that can be easily broken, this work focuses on the analysis of users normal interaction with touchscreens as a means for active authentication. Given the frequency in which touch operations are performed, characteristic habits, like the strength, rhythm or angle used result in discriminative patterns that can be exploited to authenticate users. In the present work, we explore a statistical approach based on adapted Gaussian Mixture Models. The performance across different kinds of touch operations, reveals that some gestures hold more user-specific information and are more discriminative than others (in particular, horizontal swipes appear to be more discriminative than vertical ones). The experimental results show that touch biometrics have enough discriminability for person recognition and that they are a promising method for active authentication.
{"title":"Exploring a statistical method for touchscreen swipe biometrics","authors":"Ada Pozo, Julian Fierrez, M. Martinez-Diaz, Javier Galbally, A. Morales","doi":"10.1109/CCST.2017.8167823","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167823","url":null,"abstract":"The great popularity of smartphones and the increase in their use in everyday applications has led to sensitive information being carried in them, such as our bank account details, passwords or emails. Motivated by the limited security of traditional systems (e.g. PIN codes, secret patterns), that can be easily broken, this work focuses on the analysis of users normal interaction with touchscreens as a means for active authentication. Given the frequency in which touch operations are performed, characteristic habits, like the strength, rhythm or angle used result in discriminative patterns that can be exploited to authenticate users. In the present work, we explore a statistical approach based on adapted Gaussian Mixture Models. The performance across different kinds of touch operations, reveals that some gestures hold more user-specific information and are more discriminative than others (in particular, horizontal swipes appear to be more discriminative than vertical ones). The experimental results show that touch biometrics have enough discriminability for person recognition and that they are a promising method for active authentication.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129841958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167844
M. Pirro, M. Conti, R. Lazzeretti
Protecting data confidentiality and integrity has become increasingly important in modern software. Sometimes, access control mechanisms come short and solutions on the application-level are needed. An approach can rely on enforcing information security using some features provided by certain programming languages. Several different solutions addressing this problem have been presented in literature, and entire new languages or libraries have been built from scratch. Some of them use type systems to let the compiler check for vulnerable code. In this way we are able to rule out those implementations which do not meet a certain security requirement. In this paper we use Haskell's type system to enforce three key properties of information security: non-interference and flexible declassification policies, strict input validation, and secure computations on untainted and trusted values. We present a functional lightweight library for applications with data integrity and confidentiality issues. Our contribute relies on a compile time enforcing of the aforementioned properties. Our library is wholly generalized and might be adapted for satisfying almost every security requirement.
{"title":"Ensuring information security by using Haskell's advanced type system","authors":"M. Pirro, M. Conti, R. Lazzeretti","doi":"10.1109/CCST.2017.8167844","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167844","url":null,"abstract":"Protecting data confidentiality and integrity has become increasingly important in modern software. Sometimes, access control mechanisms come short and solutions on the application-level are needed. An approach can rely on enforcing information security using some features provided by certain programming languages. Several different solutions addressing this problem have been presented in literature, and entire new languages or libraries have been built from scratch. Some of them use type systems to let the compiler check for vulnerable code. In this way we are able to rule out those implementations which do not meet a certain security requirement. In this paper we use Haskell's type system to enforce three key properties of information security: non-interference and flexible declassification policies, strict input validation, and secure computations on untainted and trusted values. We present a functional lightweight library for applications with data integrity and confidentiality issues. Our contribute relies on a compile time enforcing of the aforementioned properties. Our library is wholly generalized and might be adapted for satisfying almost every security requirement.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"109 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122252107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167835
Pedro Moura, Paulo A. P. Fazendeiro, Pedro Marques, A. Ferreira
Within the necessary security requirements, access control measures are essential to provide adequate means to protect data from unauthorized accesses. However, current and traditional solutions are commonly based on predefined access policies and roles and are therefore inflexible by assuming uniform access control decisions through people's different type of devices, environments and situational conditions, and across enterprises, location and time. We live in an age of the mobile paradigm of anytime/anywhere access as the smartphone is the most ubiquitous device that people now hold. In this new age, access control models need to determine adaptable access decisions based on multiple factors aggregated at the moment of request and not just perform a predefined comparison of attributes. This paper presents a new access control model: SoTRAACE — Socio-Technical Risk-Adaptable Access Control Model. This model aggregates attributes from various domains to help performing a risk assessment that is balanced against the operational needs at the moment of each request, so to provide the most accurate and secure access decision. As a proof of concept, SoTRAACE is used to model and compare two different use case scenarios in the healthcare sector.
{"title":"SoTRAACE — Socio-technical risk-adaptable access control model","authors":"Pedro Moura, Paulo A. P. Fazendeiro, Pedro Marques, A. Ferreira","doi":"10.1109/CCST.2017.8167835","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167835","url":null,"abstract":"Within the necessary security requirements, access control measures are essential to provide adequate means to protect data from unauthorized accesses. However, current and traditional solutions are commonly based on predefined access policies and roles and are therefore inflexible by assuming uniform access control decisions through people's different type of devices, environments and situational conditions, and across enterprises, location and time. We live in an age of the mobile paradigm of anytime/anywhere access as the smartphone is the most ubiquitous device that people now hold. In this new age, access control models need to determine adaptable access decisions based on multiple factors aggregated at the moment of request and not just perform a predefined comparison of attributes. This paper presents a new access control model: SoTRAACE — Socio-Technical Risk-Adaptable Access Control Model. This model aggregates attributes from various domains to help performing a risk assessment that is balanced against the operational needs at the moment of each request, so to provide the most accurate and secure access decision. As a proof of concept, SoTRAACE is used to model and compare two different use case scenarios in the healthcare sector.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131724768","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167818
Rafael Martin Nieto, Jesus Molina Merchan, Álvaro García-Martín, J. Sanchez
There is a large demand in the area of video-surveillance, especially in people detection, which has caused a large increase in the number of researches and resources in this field. As training images and annotations are not always available, it is important to consider the cost involved in creating the detector models. For example, for elderly people detection, the detector must have into account different positions such as standing, sitting, in a wheelchair, etc. Therefore, this work has the main objective of reducing the amount of resources needed to generate the detection model, saving the cost of having to record new sequences and generate the associated annotations for a detector training. To achieve this, three synthetic image datasets have been created in order to train three different models, evaluating which model is optimal and finally analyzing its feasibility by comparing it with a people detector for wheelchair users trained with real images. Other people detection scenarios in which this technique could be applied are, for example, people riding horses or motorbikes, or people carrying supermarket carts. The synthetic datasets have been generated by combining images of standing people with wheelchair images, combining image patches, and segmenting sections of people (trunk, legs, etc.) to add them to the wheelchair image. As expected, the obtained results have a reduction of efficiency (between 21 and 25%) in exchange for the enormous saving in human annotation and resources to record real images.
{"title":"Generation and evaluation of synthetic models for training people detectors","authors":"Rafael Martin Nieto, Jesus Molina Merchan, Álvaro García-Martín, J. Sanchez","doi":"10.1109/CCST.2017.8167818","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167818","url":null,"abstract":"There is a large demand in the area of video-surveillance, especially in people detection, which has caused a large increase in the number of researches and resources in this field. As training images and annotations are not always available, it is important to consider the cost involved in creating the detector models. For example, for elderly people detection, the detector must have into account different positions such as standing, sitting, in a wheelchair, etc. Therefore, this work has the main objective of reducing the amount of resources needed to generate the detection model, saving the cost of having to record new sequences and generate the associated annotations for a detector training. To achieve this, three synthetic image datasets have been created in order to train three different models, evaluating which model is optimal and finally analyzing its feasibility by comparing it with a people detector for wheelchair users trained with real images. Other people detection scenarios in which this technique could be applied are, for example, people riding horses or motorbikes, or people carrying supermarket carts. The synthetic datasets have been generated by combining images of standing people with wheelchair images, combining image patches, and segmenting sections of people (trunk, legs, etc.) to add them to the wheelchair image. As expected, the obtained results have a reduction of efficiency (between 21 and 25%) in exchange for the enormous saving in human annotation and resources to record real images.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131897732","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167856
Luis Menezes, Roland Wismüller
With the increasingly amount of private information stored in mobile devices, the need for more secure ways to detect, control and avoid malicious behaviors has become higher. The too coarse-grained permission system implemented in the Android platform does not cover problems such as preventing an application to send a previously acquired information over SMS or Internet to another device or server. This problem arises because the permission systems implemented in the Android platform works only in the access control and does not handle how the acquired information is handled by the application. In order to enhance detection and awareness of such unwanted information flows, we propose a hybrid information-flow analysis, known as FlowSlicer, that mixes the benefits of static and dynamic analysis, using slicing on a system dependency graph and instrumenting statements found to be important. In order to analyse properly the obtained results, tests regarding overhead and also leak detection rate were performed in the applications present in the category AndroidSpecific from the DroidBench repository, since FlowSlicer intends to work mainly for applications designed for the Android platform. The results show that FlowSlicer is effective in detecting leaks, detects all leaks present in the evaluated applications, and only includes an imperceptible overhead to the instrumented application. The obtained results also show how both static and dynamic analysis work together and help each other in their disadvantages: static analysis helps dynamic analysis by reducing the set of statements to be analysed and dynamic analysis helps to prove false positives from static analysis not to be true.
{"title":"Detecting information leaks in Android applications using a hybrid approach with program slicing, instrumentation and tagging","authors":"Luis Menezes, Roland Wismüller","doi":"10.1109/CCST.2017.8167856","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167856","url":null,"abstract":"With the increasingly amount of private information stored in mobile devices, the need for more secure ways to detect, control and avoid malicious behaviors has become higher. The too coarse-grained permission system implemented in the Android platform does not cover problems such as preventing an application to send a previously acquired information over SMS or Internet to another device or server. This problem arises because the permission systems implemented in the Android platform works only in the access control and does not handle how the acquired information is handled by the application. In order to enhance detection and awareness of such unwanted information flows, we propose a hybrid information-flow analysis, known as FlowSlicer, that mixes the benefits of static and dynamic analysis, using slicing on a system dependency graph and instrumenting statements found to be important. In order to analyse properly the obtained results, tests regarding overhead and also leak detection rate were performed in the applications present in the category AndroidSpecific from the DroidBench repository, since FlowSlicer intends to work mainly for applications designed for the Android platform. The results show that FlowSlicer is effective in detecting leaks, detects all leaks present in the evaluated applications, and only includes an imperceptible overhead to the instrumented application. The obtained results also show how both static and dynamic analysis work together and help each other in their disadvantages: static analysis helps dynamic analysis by reducing the set of statements to be analysed and dynamic analysis helps to prove false positives from static analysis not to be true.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132990105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2017-10-01DOI: 10.1109/CCST.2017.8167811
T. Loveček, Anton Siser, L. Mariš
The article presents a use case evaluation of the robustness of a physical protection system for the Vodňany water tank, designated as a national critical infrastructure element. The evaluation will be performed based on three probable attack scenarios; the aim of these would be poisoning the drinking water source and intoxication of the population of the nearby city or destruction of the water tank and the resulting cutting off of residents from a source of drinking water. To check the robustness of the water tank itself and its physical protection system as a part of an overall robustness of the water tank area, a new software — SATANO (Security Assessment Of Terrorist Attack In A Network Of Objects) will be used. It allows for modelling physical protection system objects onto 2D maps and then simulate custom attack scenarios. This process of quantitative evaluation of a system's protection level may be accepted as part of the risk management process which is required by European Council as well as various national regulations from all operators of critical infrastructure elements.
{"title":"Use case of waterwork physical protection system robustness evaluation as a part of Slovak critical infrastructure","authors":"T. Loveček, Anton Siser, L. Mariš","doi":"10.1109/CCST.2017.8167811","DOIUrl":"https://doi.org/10.1109/CCST.2017.8167811","url":null,"abstract":"The article presents a use case evaluation of the robustness of a physical protection system for the Vodňany water tank, designated as a national critical infrastructure element. The evaluation will be performed based on three probable attack scenarios; the aim of these would be poisoning the drinking water source and intoxication of the population of the nearby city or destruction of the water tank and the resulting cutting off of residents from a source of drinking water. To check the robustness of the water tank itself and its physical protection system as a part of an overall robustness of the water tank area, a new software — SATANO (Security Assessment Of Terrorist Attack In A Network Of Objects) will be used. It allows for modelling physical protection system objects onto 2D maps and then simulate custom attack scenarios. This process of quantitative evaluation of a system's protection level may be accepted as part of the risk management process which is required by European Council as well as various national regulations from all operators of critical infrastructure elements.","PeriodicalId":371622,"journal":{"name":"2017 International Carnahan Conference on Security Technology (ICCST)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127881320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: