Coercion Resistance In Authentication Responsibility Shifting,
2012
Singapore Management University
Coercion Resistance In Authentication Responsibility Shifting, Payas Gupta, Xuhua Ding, Debin Gao
Research Collection School Of Computing and Information Systems
Responsibility shifting, a popular solution used in the event of failure of primary authentication where a human helper is involved in regaining access, is vulnerable to coercion attacks. In this work, we report our user study which investigates the helper’s emotional status when being coerced to assist in an attack. Results show that the coercion causes involuntary skin conductance fluctuation on the helper, which indicates that he/she is nervous and stressed. This response can be used to strengthen the security of the authentication system by providing coercion resistance.
Spalendar: Visualizing A Group's Calendar Events Over A Geographic Space On A Public Display,
2012
Singapore Management University
Spalendar: Visualizing A Group's Calendar Events Over A Geographic Space On A Public Display, Chen Xiang, Sebastian Boring, Sheelagh Carpendale, Anthony Tang, Saul Greenberg
Research Collection School Of Computing and Information Systems
Portable paper calendars (i.e., day planners and organizers) have greatly influenced the design of group electronic calendars. Both use time units (hours/days/weeks/etc.) to organize visuals, with useful information (e.g., event types, locations, attendees) usually presented as - perhaps abbreviated or even hidden - text fields within those time units. The problem is that, for a group, this visual sorting of individual events into time buckets conveys only limited information about the social network of people. For example, people’s whereabouts cannot be read ‘at a glance’ but require examining the text. Our goal is to explore an alternate visualization that can …
Recognizing Patterns In Transmitted Signals For Identification Purposes,
2012
University of Arkansas, Fayetteville
Recognizing Patterns In Transmitted Signals For Identification Purposes, Baha' A. Alsaify
Graduate Theses and Dissertations
The ability to identify and authenticate entities in cyberspace such as users, computers, cell phones, smart cards, and radio frequency identification (RFID) tags is usually accomplished by having the entity demonstrate knowledge of a secret key. When the entity is portable and physically accessible, like an RFID tag, it can be difficult to secure given the memory, processing, and economic constraints. This work proposes to use unique patterns in the transmitted signals caused by manufacturing differences to identify and authenticate a wireless device such as an RFID tag. Both manufacturer identification and tag identification are performed on a population of …
Hasbe: A Hierarchical Attribute-Based Solution For Flexible And Scalable Access Control In Cloud Computing,
2012
Tsinghua University
Hasbe: A Hierarchical Attribute-Based Solution For Flexible And Scalable Access Control In Cloud Computing, Zhiguo Wan, Jun'e Liu, Robert H. Deng
Research Collection School Of Computing and Information Systems
Cloud computing has emerged as one of the most influential paradigms in IT industry in recent years. Since this new computing technology requires users to entrust their valuable data to cloud providers, there have been increasing security and privacy concerns on outsourced data. Several schemes employing attribute-based encryption (ABE) have been proposed for access control of outsourced data in cloud computing; however, most of them suffer from inflexibility in implementing complex access control policies. In order to realize scalable, flexible, and fine-grained access control of outsourced data in cloud computing, in this paper we propose hierarchical attribute-set-based encryption (HASBE) by …
Evaluation Of Different Electronic Product Code Discovery Service Models,
2012
Singapore Management University
Evaluation Of Different Electronic Product Code Discovery Service Models, Su Mon Kywe, Jie Shi, Yingjiu Li, Raghuwanshi Kailash
Research Collection School Of Computing and Information Systems
Electronic Product Code Discovery Service (EPCDS) is an important concept in supply chain processes and in Internet of Things (IOT). It allows supply chain participants to search for their partners, communicate with them and share product information using standardized interfaces securely. Many researchers have been proposing different EPCDS models, considering different requirements. In this paper, we describe existing architecture designs of EPCDS systems, namely Directory Service Model, Query Relay Model and Aggregating Discovery Service Model (ADS). We also briefly mention Secure Discovery Service (SecDS) Model, which is an improved version of Directory Service Model with a secure attribute-based access control …
Front Matter,
2012
Embry-Riddle Aeronautical University
Table Of Contents,
2012
Embry-Riddle Aeronautical University
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Masthead,
2012
Embry-Riddle Aeronautical University
Detector Design Considerations In High-Dimensional Artificial Immune Systems,
2012
Air Force Institute of Technology
Detector Design Considerations In High-Dimensional Artificial Immune Systems, Jason M. Bindewald
Theses and Dissertations
This research lays the groundwork for a network intrusion detection system that can operate with only knowledge of normal network traffic, using a process known as anomaly detection. Real-valued negative selection (RNS) is a specific anomaly detection algorithm that can be used to perform two-class classification when only one class is available for training. Researchers have shown fundamental problems with the most common detector shape, hyperspheres, in high-dimensional space. The research contained herein shows that the second most common detector type, hypercubes, can also cause problems due to biasing certain features in high dimensions. To address these problems, a new …
Obfuscating Against Side-Channel Power Analysis Using Hiding Techniques For Aes,
2012
Air Force Institute of Technology
Obfuscating Against Side-Channel Power Analysis Using Hiding Techniques For Aes, Austin W. Fritzke
Theses and Dissertations
The transfer of information has always been an integral part of military and civilian operations, and remains so today. Because not all information we share is public, it is important to secure our data from unwanted parties. Message encryption serves to prevent all but the sender and recipient from viewing any encrypted information as long as the key stays hidden. The Advanced Encryption Standard (AES) is the current industry and military standard for symmetric-key encryption. While AES remains computationally infeasible to break the encrypted message stream, it is susceptible to side-channel attacks if an adversary has access to the appropriate …
Security Standards And Best Practice Considerations For Quantum Key Distribution (Qkd),
2012
Air Force Institute of Technology
Security Standards And Best Practice Considerations For Quantum Key Distribution (Qkd), Carole A. Harper
Theses and Dissertations
Quantum Key Distribution (QKD) systems combine cryptographic primitives with quantum information theory to produce a theoretic unconditionally secure cryptographic key. However, real-world implementations of QKD systems are far from ideal and differ significantly from the theoretic model. Because of this, real-world QKD systems require additional practical considerations when implemented to achieve secure operations. In this thesis, a content analysis of the published literature is conducted to determine if established security and cryptographic standards and best practices are addressed in real world, practical QKD implementations. The research reveals that most published, real world QKD implementations do not take advantage of established …
Empirical Analysis Of Optical Attenuator Performance In Quantum Key Distribution Systems Using A Particle Model,
2012
Air Force Institute of Technology
Empirical Analysis Of Optical Attenuator Performance In Quantum Key Distribution Systems Using A Particle Model, Thomas C. Adams
Theses and Dissertations
Quantum key distribution networks currently represent an active area of development and software modeling to address the security of future communications. One of the components used in quantum key distribution implementations is an optical attenuator. Its role in the system is necessary to reach the single photon per bit necessary to maintain theoretically perfect secrecy. How the photon pulse is modeled has a significant impact on the accuracy and performance of quantum channel components like the optical attenuator. Classical physics describe light using Maxwell's wave equations for electromagnetism. Quantum physics has demonstrated light also behaves as discrete particles referred to …
Binary Disassembly Block Coverage By Symbolic Execution Vs. Recursive Descent,
2012
Air Force Institute of Technology
Binary Disassembly Block Coverage By Symbolic Execution Vs. Recursive Descent, Jonathan D. Miller
Theses and Dissertations
This research determines how appropriate symbolic execution is (given its current implementation) for binary analysis by measuring how much of an executable symbolic execution allows an analyst to reason about. Using the S2E Selective Symbolic Execution Engine with a built-in constraint solver (KLEE), this research measures the effectiveness of S2E on a sample of 27 Debian Linux binaries as compared to a traditional static disassembly tool, IDA Pro. Disassembly code coverage and path exploration is used as a metric for determining success. This research also explores the effectiveness of symbolic execution on packed or obfuscated samples of the same binaries …
Improving Filtering Of Email Phishing Attacks By Using Three-Way Text Classifiers,
2012
Brigham Young University - Provo
Improving Filtering Of Email Phishing Attacks By Using Three-Way Text Classifiers, Alberto Trevino
Theses and Dissertations
The Internet has been plagued with endless spam for over 15 years. However, in the last five years spam has morphed from an annoying advertising tool to a social engineering attack vector. Much of today's unwanted email tries to deceive users into replying with passwords, bank account information, or to visit malicious sites which steal login credentials and spread malware. These email-based attacks are known as phishing attacks. Much has been published about these attacks which try to appear real not only to users and subsequently, spam filters. Several sources indicate traditional content filters have a hard time detecting phishing …
A Comparative Study Of Cyberattacks,
2012
Singapore Management University
A Comparative Study Of Cyberattacks, Seung Hyun Kim, Qiu-Hong Wang, Johannes B. Ullrich
Research Collection School Of Computing and Information Systems
Cyberattacks are computer-to-computer attacks undermining the confidentiality, integrity, and/or availability of computers and/or the information they hold. The importance of securing cyberspace is increasing, along with the sophistication and potential significance of the results of the attacks. Moreover, attacksb involve increasingly sophisticated coordination among multiple hackers across international boundaries, where the aim has shifted from fun and self-satisfaction to financial or military gain, with clear and self-reinforcing motivation; for example, the number of new malicious code threats worldwide increased more than 71% from 2008 to 2009.
Human: Creating Memorable Fingerprints Of Mobile Users,
2012
Singapore Management University
Human: Creating Memorable Fingerprints Of Mobile Users, Gupta Payas, Kiat Wee Tan, Narayanasamy Ramasubbu, David Lo, Debin Gao, Rajesh Krishna Balan
Research Collection School Of Computing and Information Systems
In this paper, we present a new way of generating behavioral (not biometric) fingerprints from the cellphone usage data. In particular, we explore if the generated behavioral fingerprints are memorable enough to be remembered by end users. We built a system, called HuMan, that generates fingerprints from cellphone data. To test HuMan, we conducted an extensive user study that involved collecting about one month of continuous usage data (including calls, SMSes, application usage patterns etc.) from 44 Symbian and Android smartphone users. We evaluated the memorable fingerprints generated from this rich multi-context data by asking each user to answer various …
Stochastic Analysis Of Horizontal Ip Scanning,
2012
Texas A & M University - College Station
Stochastic Analysis Of Horizontal Ip Scanning, Derek Leonard, Zhongmei Yao, Xiaoming Wang, Dmitri Loguinov
Computer Science Faculty Publications
Intrusion Detection Systems (IDS) have become ubiquitous in the defense against virus outbreaks, malicious exploits of OS vulnerabilities, and botnet proliferation. As attackers frequently rely on host scanning for reconnaissance leading to penetration, IDS is often tasked with detecting scans and preventing them. However, it is currently unknown how likely an IDS is to detect a given Internet-wide scan pattern and whether there exist sufficiently fast scan techniques that can remain virtually undetectable at large-scale. To address these questions, we propose a simple analytical model for the window-expiration rules of popular IDS tools (i.e., Snort and Bro) and utilize a …
Importance Of Verification And Validation Of Data Sources In Attaining Information Superiority,
2012
Edith Cowan University
Importance Of Verification And Validation Of Data Sources In Attaining Information Superiority, Gautham Kasinath, Leisa Armstrong
Leisa Armstrong
Information superiority has been defined as a state that is achieved when a competitive advantage is derived from the ability to exploit a superior information position. To achieve such a superior information position enterprises and nations, alike, must not only collect and record correct, accurate, timely and useful information but also ensure that information recorded is not lost to competitors due to lack of comprehensive security and leaks. Further, enterprises that aim to attain information superiority must also ensure mechanisms of validating and verifying information to reduce the chances of mis-information. Although, research has been carried out into ways to …
Secds: A Secure Epc Discovery Services System In Epcglobal Network,
2012
Singapore Management University
Secds: A Secure Epc Discovery Services System In Epcglobal Network, Jie Shi, Darren Sim, Yingjiu Li, Robert H. Deng
Research Collection School Of Computing and Information Systems
In recent years, the Internet of Things (IOT) has drawn considerable attention from the industrial and research communities. Due to the vast amount of data generated through IOT devices and users, there is an urgent need for an effective search engine to help us make sense of this massive amount of data. With this motivation, we begin our initial works on developing a secure and efficient search engine (SecDS) based on EPC Discovery Services (EPCDS) for EPCglobal network, an integral part of IOT. SecDS is designed to provide a bridge between different partners of supply chains to share information while …
Malware Target Recognition Via Static Heuristics,
2012
Air Force Institute of Technology
Malware Target Recognition Via Static Heuristics, Thomas E. Dube, Richard A. Raines, Gilbert L. Peterson, Kenneth W. Bauer, Michael R. Grimaila, Steven K. Rogers
Faculty Publications
Organizations increasingly rely on the confidentiality, integrity and availability of their information and communications technologies to conduct effective business operations while maintaining their competitive edge. Exploitation of these networks via the introduction of undetected malware ultimately degrades their competitive edge, while taking advantage of limited network visibility and the high cost of analyzing massive numbers of programs. This article introduces the novel Malware Target Recognition (MaTR) system which combines the decision tree machine learning algorithm with static heuristic features for malware detection. By focusing on contextually important static heuristic features, this research demonstrates superior detection results. Experimental results on large …
