By Topic

2010 Fourth International Conference on Emerging Security Information, Systems and Technologies

Date 18-25 July 2010

Filter Results

Displaying Results 1 - 25 of 55
  • [Front cover]

    Publication Year: 2010, Page(s): C1
    Request permission for commercial reuse | PDF file iconPDF (836 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2010, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (11 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2010, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (58 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2010, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (109 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2010, Page(s):v - viii
    Request permission for commercial reuse | PDF file iconPDF (172 KB)
    Freely Available from IEEE
  • Preface

    Publication Year: 2010, Page(s):ix - x
    Request permission for commercial reuse | PDF file iconPDF (79 KB) | HTML iconHTML
    Freely Available from IEEE
  • Organizing Committee

    Publication Year: 2010, Page(s):xi - xiii
    Request permission for commercial reuse | PDF file iconPDF (80 KB)
    Freely Available from IEEE
  • Reviewers

    Publication Year: 2010, Page(s):xiv - xv
    Request permission for commercial reuse | PDF file iconPDF (69 KB) | HTML iconHTML
    Freely Available from IEEE
  • Vulnerabilities and Improvements of Du-Xiao-Chen-Wu's Secure Cell Relay Routing Protocol for Sensor Networks

    Publication Year: 2010, Page(s):1 - 4
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (341 KB) | HTML iconHTML

    In 2006, Du, Xiao, Chen, and Wu proposed a routing protocol for sensor networks using cell relay. They claimed their protocol was secure since they used pairwise key establishment. However, an adversary can implement attacks without keys or with only one newly deployed compromised node. Therefore, in this paper, we point out the vulnerabilities of this protocol and propose an improved protocol. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Protecting Kernel Data through Virtualization Technology

    Publication Year: 2010, Page(s):5 - 10
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (388 KB) | HTML iconHTML

    Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Information Flow Approach for Preventing Race Conditions: Dynamic Protection of the Linux OS

    Publication Year: 2010, Page(s):11 - 16
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (389 KB) | HTML iconHTML

    In the literature, the notion of Race Condition deals with the interference between two processes A and B carrying out three interactions involving a shared object. The second interaction of the concurrent process B interleaves with the first and the third interactions of process A. Preventing Race Conditions attacks between concurrent processes is still an open problem. Many limitations remain su... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards Sybil Resistant Authentication in Mobile Ad Hoc Networks

    Publication Year: 2010, Page(s):17 - 24
    Cited by:  Papers (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (392 KB) | HTML iconHTML

    In Sybil attack, an attacker acquires multiple identities and uses them simultaneously or one by one to attack network operations. Such attacks pose a serious threat to the security of self-organized networks like Mobile Ad hoc Networks (MANETs) that require unique and unchangeable identity per node for detecting routing misbehavior and reliable computation of node's reputation. Current authentica... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security-Measurability-Enhancing Mechanisms for a Distributed Adaptive Security Monitoring System

    Publication Year: 2010, Page(s):25 - 34
    Cited by:  Papers (9)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1390 KB) | HTML iconHTML

    Adaptive security management enables resilience, self-protection and self-healing functionality in business-critical applications, their platforms and networks. Sufficient and credible security evidence gathered from the system and its use forms the basis for adaptive security decision-making. This study proposes practical and systematic security-measurability-enhancing mechanisms that support ada... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Improving the Efficiency of a Highly-Used Access Control Scheme

    Publication Year: 2010, Page(s):35 - 39
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (256 KB) | HTML iconHTML

    A flexible access control scheme, which was proposed by Chick et al. in CRYPTO89, has been applied to several essential cryptographic techniques (broadcast encryptions etc.) because of its high expandability. However, their scheme and all of its applications requires a lot of primes whose generation is costly. In this paper, we show how to replace the primes with a particular kind of hash values t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Forthcoming Aggregating Intrusion Detection System Alerts Framework

    Publication Year: 2010, Page(s):40 - 44
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (322 KB) | HTML iconHTML

    Intrusion Detection Systems (IDS) are one of the powerful systems used to secure the computer environments. These systems trigger thousands of alerts per day and become a headache issue to the analyst, because they need to analyze the severity of the alerts and other fields, such as the IP addresses. This paper Investigates the most popular aggregation methods, which deals with IDS alerts. In addi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Strategies for Managed Software Integrity Protection

    Publication Year: 2010, Page(s):45 - 50
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (342 KB) | HTML iconHTML

    This paper gives an insight into ongoing research work, focusing on software integrity protection (SWIP) to securely manage trusted SW products in a mobile network. Concepts are discussed to meet the identified needs, aiming at harmonized approaches for a number of different use cases. Particular account is taken of keeping infrastructure efforts as small as possible, both in operator network as w... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security Analysis of Firewall Rule Sets in Computer Networks

    Publication Year: 2010, Page(s):51 - 56
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (641 KB) | HTML iconHTML

    Firewalls are the screening gates for the internet/intranet traffic in computer networks. However, deploying a firewall is simply not enough since it needs to be configured by the system administrator according to the needs of the organization. There are many reasons due to which it is hard for the administrator to configure the firewall properly. Specifying firewall rule set is complicated and er... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SOA-Based Security Governance Middleware

    Publication Year: 2010, Page(s):57 - 62
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (272 KB) | HTML iconHTML

    Business requirements for rapid operational efficiency, customer responsiveness as well as rapid adaptability are actively driving the need for ever increasing communication and integration capabilities of software assets. In this context, security, although acknowledged as being a necessity, is often perceived as a hindrance. Indeed, dynamic environments require flexible and understandable securi... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Security Adaptation Reference Monitor (SARM) for Highly Dynamic Wireless Environments

    Publication Year: 2010, Page(s):63 - 68
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (724 KB) | HTML iconHTML

    Since Wireless and mobile networks have become increasingly heterogeneous and particularly dynamic, multiple security requirements must be addressed in a flexible and dynamic manner to cope with runtime changing context. Therefore, a generic security adaptation reference monitor must be developed to deal with extremely dynamic security conditions and also performances. In this paper, we present ou... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Prospect of Fine Grain Dynamic Memory Access Control with Profiling

    Publication Year: 2010, Page(s):69 - 74
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (347 KB) | HTML iconHTML

    Attacks often exploit vulnerabilities in memory to compromise a system or get classified information. In spite of extensive research, attackers are still able to find security holes. In order to address the attacks exploiting vulnerabilities in memory, we propose fine grain dynamic memory access control with profiling. This technique builds profile data for memory accesses with training, and this ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Identity Management without Revocation

    Publication Year: 2010, Page(s):75 - 81
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (252 KB) | HTML iconHTML

    Key revocation in mobile and tactical network environments remains a hard problem due to the required amount of connectivity and network bandwidth. Still, authenticity and integrity of messages are primary requirements in a tactical operation, so identity management must be offered in some form. Besides, tactical operations are organized as coalitions, where autonomous domains manage their service... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Heuristic Search in Encrypted Graphs

    Publication Year: 2010, Page(s):82 - 87
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (334 KB) | HTML iconHTML

    In this paper, we consider a scenario in which two parties are interested to find, in secure multiparty computation, the shortest path in a public graph. In particular, we consider the case in which, Alice knows the weights on the edges of the graph, Bob knows an heuristic to find the best path and together they want to discover the walk between two given nodes in privacy preserving way. We presen... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Performance Evaluation of SNR Estimation Methods in Forensic Speaker Recognition

    Publication Year: 2010, Page(s):88 - 92
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1340 KB)

    Speech signal quality is of fundamental importance for accurate speaker identification. The reliability of a speech biometry system, in fact, is known to depend on the amount of material available, in particular on the number of vowels present in the sequence being analysed and on the quality of the signal. This paper highlights the performance of two Signal-to-Noise Ratio (SNR) estimation methods... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Statistical Approach to Biometric Identity Verification Based on Heart Sounds

    Publication Year: 2010, Page(s):93 - 96
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (269 KB) | HTML iconHTML

    One of the most recent innovations in the field of biometric recognition is the usage of heart sounds as physiological traits for identity verification. In this paper, we propose a statistical approach, supported by Gaussian Mixture Models, to the the problem of biometric identity verification based on heart sounds. The system is validated on a database of heart sounds acquired from 147 people, an... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Industrial Sensor Network Security Architecture

    Publication Year: 2010, Page(s):97 - 102
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (453 KB) | HTML iconHTML

    Wireless sensor-actuator networks have a big usage potential in numerous industrial use cases. They allow easy and flexible deployment of nodes for monitoring and controlling various industrial applications as for example the supervision of critical infrastructures or monitoring and control in factory and process automation. However, missing or weak security of wireless communications would restra... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.