Pub Date : 2019-09-05DOI: 10.1186/s13635-019-0091-5
Kubilay Ahmet Küçük, D. Grawrock, Andrew C. Martin
{"title":"Managing confidentiality leaks through private algorithms on Software Guard eXtensions (SGX) enclaves","authors":"Kubilay Ahmet Küçük, D. Grawrock, Andrew C. Martin","doi":"10.1186/s13635-019-0091-5","DOIUrl":"https://doi.org/10.1186/s13635-019-0091-5","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"42 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2019-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-019-0091-5","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"65683882","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-08-28DOI: 10.1186/s13635-019-0097-z
Wenjun Yang, Jiaying Zhang, Chundong Wang, Xiuliang Mo
The Internet of Things (IoT) is a new technology rapidly developed in various fields in recent years. With the continuous application of the IoT technology in production and life, the network security problem of IoT is increasingly prominent. In order to meet the challenges brought by the development of IoT technology, this paper focuses on network security situational awareness. The network security situation awareness is basic of IoT network security. Situation prediction of network security is a kind of time series forecasting problem in essence. So it is necessary to construct a modification function that is suitable for time series data to revise the kernel function of traditional support vector machine (SVM). An improved network security situation awareness model for IoT is proposed in this paper. The sequence kernel support vector machine is obtained and the particle swarm optimization (PSO) method is used to optimize related parameters. It proves that the method is feasible by collecting the boundary data of a university campus IoT network. Finally, a comparison with the PSO-SVM is made to prove the effectiveness of this method in improving the accuracy of network security situation prediction of IoT. The experimental results show that PSO-time series kernel support vector machine is better than the PSO-Gauss kernel support vector machine in network security situation prediction. The application of the Hadoop platform also enhances the efficiency of data processing.
物联网(Internet of Things, IoT)是近年来在各个领域迅速发展起来的一项新技术。随着物联网技术在生产和生活中的不断应用,物联网的网络安全问题日益突出。为了应对物联网技术发展带来的挑战,本文重点研究网络安全态势感知。网络安全态势感知是物联网网络安全的基础。网络安全态势预测本质上是一种时间序列预测问题。因此,有必要构造适合于时间序列数据的修正函数来修正传统支持向量机(SVM)的核函数。提出了一种改进的物联网网络安全态势感知模型。得到序列核支持向量机,并采用粒子群优化方法对相关参数进行优化。通过对某高校校园物联网边界数据的采集,验证了该方法的可行性。最后,通过与PSO-SVM的比较,证明了该方法在提高物联网网络安全态势预测精度方面的有效性。实验结果表明,pso -时间序列核支持向量机在网络安全态势预测方面优于pso -高斯核支持向量机。Hadoop平台的应用也提高了数据处理的效率。
{"title":"Situation prediction of large-scale Internet of Things network security","authors":"Wenjun Yang, Jiaying Zhang, Chundong Wang, Xiuliang Mo","doi":"10.1186/s13635-019-0097-z","DOIUrl":"https://doi.org/10.1186/s13635-019-0097-z","url":null,"abstract":"The Internet of Things (IoT) is a new technology rapidly developed in various fields in recent years. With the continuous application of the IoT technology in production and life, the network security problem of IoT is increasingly prominent. In order to meet the challenges brought by the development of IoT technology, this paper focuses on network security situational awareness. The network security situation awareness is basic of IoT network security. Situation prediction of network security is a kind of time series forecasting problem in essence. So it is necessary to construct a modification function that is suitable for time series data to revise the kernel function of traditional support vector machine (SVM). An improved network security situation awareness model for IoT is proposed in this paper. The sequence kernel support vector machine is obtained and the particle swarm optimization (PSO) method is used to optimize related parameters. It proves that the method is feasible by collecting the boundary data of a university campus IoT network. Finally, a comparison with the PSO-SVM is made to prove the effectiveness of this method in improving the accuracy of network security situation prediction of IoT. The experimental results show that PSO-time series kernel support vector machine is better than the PSO-Gauss kernel support vector machine in network security situation prediction. The application of the Hadoop platform also enhances the efficiency of data processing.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"182 ","pages":"1-9"},"PeriodicalIF":3.6,"publicationDate":"2019-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506684","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-07-22DOI: 10.1186/s13635-019-0095-1
Riwa Mouawi, I. Elhajj, A. Chehab, A. Kayssi
{"title":"Crowdsourcing for click fraud detection","authors":"Riwa Mouawi, I. Elhajj, A. Chehab, A. Kayssi","doi":"10.1186/s13635-019-0095-1","DOIUrl":"https://doi.org/10.1186/s13635-019-0095-1","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"2019 1","pages":""},"PeriodicalIF":3.6,"publicationDate":"2019-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-019-0095-1","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"65683897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-07-12DOI: 10.1186/s13635-019-0094-2
S. Rizzo, Flavio Bertini, D. Montesi
{"title":"Fine-grain watermarking for intellectual property protection","authors":"S. Rizzo, Flavio Bertini, D. Montesi","doi":"10.1186/s13635-019-0094-2","DOIUrl":"https://doi.org/10.1186/s13635-019-0094-2","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"2019 1","pages":"1-20"},"PeriodicalIF":3.6,"publicationDate":"2019-07-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-019-0094-2","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"45201463","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-06-13DOI: 10.1186/s13635-019-0092-4
Fitzroy D. Nembhard, Marco M. Carvalho, Thomas C. Eskridge
Secure coding is crucial for the design of secure and efficient software and computing systems. However, many programmers avoid secure coding practices for a variety of reasons. Some of these reasons are lack of knowledge of secure coding standards, negligence, and poor performance of and usability issues with existing code analysis tools. Therefore, it is essential to create tools that address these issues and concerns. This article features the proposal, development, and evaluation of a recommender system that uses text mining techniques, coupled with IntelliSense technology, to recommend fixes for potential vulnerabilities in program code. The resulting system mines a large code base of over 1.6 million Java files using the MapReduce methodology, creating a knowledge base for a recommender system that provides fixes for taint-style vulnerabilities. Formative testing and a usability study determined that surveyed participants strongly believed that a recommender system would help programmers write more secure code.
{"title":"Towards the application of recommender systems to secure coding","authors":"Fitzroy D. Nembhard, Marco M. Carvalho, Thomas C. Eskridge","doi":"10.1186/s13635-019-0092-4","DOIUrl":"https://doi.org/10.1186/s13635-019-0092-4","url":null,"abstract":"Secure coding is crucial for the design of secure and efficient software and computing systems. However, many programmers avoid secure coding practices for a variety of reasons. Some of these reasons are lack of knowledge of secure coding standards, negligence, and poor performance of and usability issues with existing code analysis tools. Therefore, it is essential to create tools that address these issues and concerns. This article features the proposal, development, and evaluation of a recommender system that uses text mining techniques, coupled with IntelliSense technology, to recommend fixes for potential vulnerabilities in program code. The resulting system mines a large code base of over 1.6 million Java files using the MapReduce methodology, creating a knowledge base for a recommender system that provides fixes for taint-style vulnerabilities. Formative testing and a usability study determined that surveyed participants strongly believed that a recommender system would help programmers write more secure code.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"211 1","pages":"1-24"},"PeriodicalIF":3.6,"publicationDate":"2019-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper first gives a regularity theorem and its corollary. Then, a new construction of generating hard random lattices with short bases is obtained by using this corollary. This construction is from a new perspective and uses a random matrix whose entries obeyed Gaussian sampling which ensures that the corresponding schemes have a wider application future in cryptography area. Moreover, this construction is more specific than the previous constructions, which makes it can be implemented easier in practical applications.
{"title":"A new method of generating hard random lattices with short bases","authors":"Chengli Zhang, Wenping Ma, Hefeng Chen, Feifei Zhao","doi":"10.1186/s13635-019-0088-0","DOIUrl":"https://doi.org/10.1186/s13635-019-0088-0","url":null,"abstract":"This paper first gives a regularity theorem and its corollary. Then, a new construction of generating hard random lattices with short bases is obtained by using this corollary. This construction is from a new perspective and uses a random matrix whose entries obeyed Gaussian sampling which ensures that the corresponding schemes have a wider application future in cryptography area. Moreover, this construction is more specific than the previous constructions, which makes it can be implemented easier in practical applications.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"198 1","pages":"1-8"},"PeriodicalIF":3.6,"publicationDate":"2019-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-06-06DOI: 10.1186/s13635-019-0093-3
Christian Gehrmann, Marcus Rodan, Niklas Jönsson
While biometric authentication for commercial use so far mainly has been used for local device unlock use cases, there are great opportunities for using it also for central authentication such as for remote login. However, many current biometric sensors like for instance mobile fingerprint sensors have too large false acceptance rate (FAR) not allowing them, for security reasons, to be used in larger user group for central identification purposes. A straightforward way to avoid this FAR problem is to either request a user unique identifier such as a device identifier or require the user to enter a unique user ID prior to making the biometric matching. Usage of a device identifier does not work when a user desires to authenticate on a previously unused device of a generic type. Furthermore, requiring the user at each login occasion to enter a unique user ID, is not at all user-friendly. To avoid this problem, we in this paper investigate an alternative, most user-friendly approach, for identification in combination with biometric-based authentication using metadata filtering. An evaluation of the adopted approach is carried out using realistic simulations of the Swedish population to assess the feasibility of the proposed system. The results show that metadata filtering in combination with traditional biometric-based matching is indeed a powerful tool for providing reliable, and user-friendly, central authentication services for large user groups.
{"title":"Metadata filtering for user-friendly centralized biometric authentication","authors":"Christian Gehrmann, Marcus Rodan, Niklas Jönsson","doi":"10.1186/s13635-019-0093-3","DOIUrl":"https://doi.org/10.1186/s13635-019-0093-3","url":null,"abstract":"While biometric authentication for commercial use so far mainly has been used for local device unlock use cases, there are great opportunities for using it also for central authentication such as for remote login. However, many current biometric sensors like for instance mobile fingerprint sensors have too large false acceptance rate (FAR) not allowing them, for security reasons, to be used in larger user group for central identification purposes. A straightforward way to avoid this FAR problem is to either request a user unique identifier such as a device identifier or require the user to enter a unique user ID prior to making the biometric matching. Usage of a device identifier does not work when a user desires to authenticate on a previously unused device of a generic type. Furthermore, requiring the user at each login occasion to enter a unique user ID, is not at all user-friendly. To avoid this problem, we in this paper investigate an alternative, most user-friendly approach, for identification in combination with biometric-based authentication using metadata filtering. An evaluation of the adopted approach is carried out using realistic simulations of the Swedish population to assess the feasibility of the proposed system. The results show that metadata filtering in combination with traditional biometric-based matching is indeed a powerful tool for providing reliable, and user-friendly, central authentication services for large user groups.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"179 1","pages":"1-17"},"PeriodicalIF":3.6,"publicationDate":"2019-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506685","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-28DOI: 10.1186/s13635-019-0089-z
Pallavi Deshpande, P. Mukherji, A. Tavildar
{"title":"Accuracy enhancement of biometric recognition using iterative weights optimization algorithm","authors":"Pallavi Deshpande, P. Mukherji, A. Tavildar","doi":"10.1186/s13635-019-0089-z","DOIUrl":"https://doi.org/10.1186/s13635-019-0089-z","url":null,"abstract":"","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":" ","pages":""},"PeriodicalIF":3.6,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1186/s13635-019-0089-z","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41821182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-05-22DOI: 10.1186/s13635-019-0090-6
Xing Fang, Maochao Xu, Shouhuai Xu, Peng Zhao
Like how useful weather forecasting is, the capability of forecasting or predicting cyber threats can never be overestimated. Previous investigations show that cyber attack data exhibits interesting phenomena, such as long-range dependence and high nonlinearity, which impose a particular challenge on modeling and predicting cyber attack rates. Deviating from the statistical approach that is utilized in the literature, in this paper we develop a deep learning framework by utilizing the bi-directional recurrent neural networks with long short-term memory, dubbed BRNN-LSTM. Empirical study shows that BRNN-LSTM achieves a significantly higher prediction accuracy when compared with the statistical approach.
{"title":"A deep learning framework for predicting cyber attacks rates","authors":"Xing Fang, Maochao Xu, Shouhuai Xu, Peng Zhao","doi":"10.1186/s13635-019-0090-6","DOIUrl":"https://doi.org/10.1186/s13635-019-0090-6","url":null,"abstract":"Like how useful weather forecasting is, the capability of forecasting or predicting cyber threats can never be overestimated. Previous investigations show that cyber attack data exhibits interesting phenomena, such as long-range dependence and high nonlinearity, which impose a particular challenge on modeling and predicting cyber attack rates. Deviating from the statistical approach that is utilized in the literature, in this paper we develop a deep learning framework by utilizing the bi-directional recurrent neural networks with long short-term memory, dubbed BRNN-LSTM. Empirical study shows that BRNN-LSTM achieves a significantly higher prediction accuracy when compared with the statistical approach.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"202 1","pages":"1-11"},"PeriodicalIF":3.6,"publicationDate":"2019-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-04-29DOI: 10.1186/s13635-019-0087-1
Suleiman Y. Yerima, Mohammed K. Alzaylaee, Sakir Sezer
This paper investigates the impact of code coverage on machine learning-based dynamic analysis of Android malware. In order to maximize the code coverage, dynamic analysis on Android typically requires the generation of events to trigger the user interface and maximize the discovery of the run-time behavioral features. The commonly used event generation approach in most existing Android dynamic analysis systems is the random-based approach implemented with the Monkey tool that comes with the Android SDK. Monkey is utilized in popular dynamic analysis platforms like AASandbox, vetDroid, MobileSandbox, TraceDroid, Andrubis, ANANAS, DynaLog, and HADM. In this paper, we propose and investigate approaches based on stateful event generation and compare their code coverage capabilities with the state-of-the-practice random-based Monkey approach. The two proposed approaches are the state-based method (implemented with DroidBot) and a hybrid approach that combines the state-based and random-based methods. We compare the three different input generation methods on real devices, in terms of their ability to log dynamic behavior features and the impact on various machine learning algorithms that utilize the behavioral features for malware detection. Experiments performed using 17,444 applications show that overall, the proposed methods provide much better code coverage which in turn leads to more accurate machine learning-based malware detection compared to the state-of- the- art approach.
{"title":"Machine learning-based dynamic analysis of Android apps with improved code coverage","authors":"Suleiman Y. Yerima, Mohammed K. Alzaylaee, Sakir Sezer","doi":"10.1186/s13635-019-0087-1","DOIUrl":"https://doi.org/10.1186/s13635-019-0087-1","url":null,"abstract":"This paper investigates the impact of code coverage on machine learning-based dynamic analysis of Android malware. In order to maximize the code coverage, dynamic analysis on Android typically requires the generation of events to trigger the user interface and maximize the discovery of the run-time behavioral features. The commonly used event generation approach in most existing Android dynamic analysis systems is the random-based approach implemented with the Monkey tool that comes with the Android SDK. Monkey is utilized in popular dynamic analysis platforms like AASandbox, vetDroid, MobileSandbox, TraceDroid, Andrubis, ANANAS, DynaLog, and HADM. In this paper, we propose and investigate approaches based on stateful event generation and compare their code coverage capabilities with the state-of-the-practice random-based Monkey approach. The two proposed approaches are the state-based method (implemented with DroidBot) and a hybrid approach that combines the state-based and random-based methods. We compare the three different input generation methods on real devices, in terms of their ability to log dynamic behavior features and the impact on various machine learning algorithms that utilize the behavioral features for malware detection. Experiments performed using 17,444 applications show that overall, the proposed methods provide much better code coverage which in turn leads to more accurate machine learning-based malware detection compared to the state-of- the- art approach.","PeriodicalId":46070,"journal":{"name":"EURASIP Journal on Information Security","volume":"218 1","pages":"1-24"},"PeriodicalIF":3.6,"publicationDate":"2019-04-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138506688","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: