Scheduled System Maintenance:
Some services will be unavailable Sunday, March 29th through Monday, March 30th. We apologize for the inconvenience.
By Topic

Internet Technology and Secured Transactions (ICITST), 2010 International Conference for

Date 8-11 Nov. 2010

Filter Results

Displaying Results 1 - 25 of 106
  • Session 1: Artificial intelligence and expert systems

    Publication Year: 2010 , Page(s): 1
    Save to Project icon | Request Permissions | PDF file iconPDF (22 KB)  
    Freely Available from IEEE
  • Toward an agent based approach for decisional systems modeling

    Publication Year: 2010 , Page(s): 1 - 8
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (904 KB) |  | HTML iconHTML  

    Facing problems related to the information systems (IS) evolution and consequently decisional systems (DS), conceptual models must facilitate the organisational environment representing in which the (IS) may evolve and strategic objectives on which they must align so as to understand the imposed requirements for their development. Thus, changes have to accompany an alignment of (IS) and (DS) within optimising and strategic stakes of the company. As a solution, we suggest a multi-agent approach for the DS modelling. This approach is based on a referential framework to analyse the requirements of strategic alignment. The objective of this work is to give an overview of the DS concepts. In order to describe this central concept in the research on information systems, we will refer to all theoretical supports of these systems integrating the approach of situational decision and the question of the necessary architecture to implement these systems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Secure information extraction from clinical documents using SNOMED CT gazetteer and natural language processing

    Publication Year: 2010 , Page(s): 1 - 5
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (82 KB) |  | HTML iconHTML  

    Patient Data is critical in healthcare domain and it should be secure, consistent and coded for the secure transfer from one potential user to another. SNOMED CT (Systematized Nomenclature of Medicine - Clinical Terms) is a standardized reference terminology that consists of millions of SNOMED CT concepts with SNOMED CT codes. This paper describes the extraction of natural language concepts from free text discharge summary reports and mapping with SNOMED CT codes. For the evaluation of the medical concepts, we selected 300 discharge summaries corpus provided by University of Pittsburgh Medical Centre, and compared it with the SNOMED CT concept file which is preprocessed and cleaned file listing SNOMED CT concepts. In this paper we present the ongoing research on SNOMED CT concept extraction from discharge summaries using natural language processing and introducing SNOMED CT core concepts as a gazetteer list for concept extraction. Out of 390023 concepts, 21563 concepts were found in the test set of discharge summaries from SNOMED CT core concepts gazetteer list. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Genetic algorithm based rainbow network flow optimization for multiple description coding in lossy network

    Publication Year: 2010 , Page(s): 1 - 6
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (1044 KB) |  | HTML iconHTML  

    In this paper, multi-path optimization using genetic algorithm (GA) and rainbow network flow (RNF) for maximizing the received multiple description coding (MDCs) in a lossy network model is proposed. The network flow of multiple description codes (MDCs) is considered and the idea of routing as finding paths for a rainbow of colours (rainbow network flow or RNF) incorporated. The GA is used to find the optimum disjoint paths between source node and the destination node to optimize the amount of outgoing MDC packets. The MDCs are generated by applying the Discrete Wavelet Transform (DWT) and provide maximal performance of the bandwidth capacity of every single route for image transmission across the network. The GA based method finds the optimum solution and the effects of variations in GA parameters are investigated. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Remote to Local attack detection using supervised neural network

    Publication Year: 2010 , Page(s): 1 - 6
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (456 KB) |  | HTML iconHTML  

    In order to determine Remote to Local (R2L) attack, an intrusion detection technique based on artificial neural network is presented. This technique uses sampled dataset from Kddcup99 that is standard for benchmarking of attack detection tools. The backpropagation algorithm is used for training the feedforward neural network. The developed system is applied to R2L attacks. Moreover, experiment indicates this technique has comparatively low false positive rate and false negative rate, consequently it effectively resolves the deficiency of existing intrusion detection approaches. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Session 2: Data mining

    Publication Year: 2010 , Page(s): 1
    Save to Project icon | Request Permissions | PDF file iconPDF (20 KB)  
    Freely Available from IEEE
  • Mining uncertain data warehouse

    Publication Year: 2010 , Page(s): 1 - 7
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (1582 KB) |  | HTML iconHTML  

    Real data is pervaded with uncertainty. As a consequence, the development and adaptation of automatic knowledge acquisition techniques under uncertainty is entirely advisable. Among them fuzzy sets theory formulizes and analyses the situations in which the uncertainty is due to the vague (fuzzy) data. Any good decision is based on information. Data Warehousing and Knowledge Discovery technology is emerging as a key technology for enterprises that wish to improve their data analysis, decision support activities, and the automatic extraction of knowledge from data. In this paper, we introduce a novel decision support system for handling uncertain climate data using the data warehousing technology combined with fuzzy sets theory as a mathematical data mining technique in the presence of uncertainty. This novel approach is based on the membership function and multidimensional analysis. From our findings, we conclude that data warehousing and data mining are essentials for an effective decision support system. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A fuzzy recommender system for dynamic prediction of user's behavior

    Publication Year: 2010 , Page(s): 1 - 5
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (590 KB) |  | HTML iconHTML  

    Analyzing and predicting navigational behavior of Web users can lead to more user friendly and efficient websites which is an important issue in Electronic Commerce. Web personalization is a common way for adapting the content of a website to the needs of each specific user. In this work, a model for dynamic recommendation based on fuzzy clustering techniques, applicable to currently on-line users is proposed. The model concentrates on both aspects of web content mining and web usage mining. Applying fuzzy web mining techniques, the model infers the user's preferences from IIS web server's access logs. The fuzzy clustering approach, in this study, provides the possibility of capturing the uncertainty among Web user's behaviors. The model is implemented and tested as a recommender system for personalizing website of “Information and Communication Technology Center” of Isfahan municipality in Iran. The results shown are promising and proved that integrating fuzzy approach provide us with more interesting and useful patterns which consequently making the recommender system more functional and robust. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Distributed PCA-based anomaly detection in wireless sensor networks

    Publication Year: 2010 , Page(s): 1 - 8
    Cited by:  Papers (1)
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (679 KB) |  | HTML iconHTML  

    Detecting anomalies is an important challenge for intrusion detection and fault diagnosis in wireless sensor networks (WSNs). In this paper, we propose a distributed energy-efficient approach for detecting anomalies in sensed data in a WSN. The anomalies in sensed data can be caused due to compromised or malfunctioning nodes. In the proposed approach, we use distributed principal component analysis (DPCA) and fixed-width clustering (FWC) in order to establish a global normal profile and to detect anomalies. The process of establishing the global normal profile is distributed among all sensor nodes. We also use weighted coefficients and a forgetting curve to periodically update the established normal profile. We demonstrate that the proposed distributed approach achieves comparable accuracy compared to a centralized approach, while the communication overhead in the network and energy consumption is significantly reduced. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Comparative study of neural networks and k-means classification in web usage mining

    Publication Year: 2010 , Page(s): 1 - 7
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (1259 KB) |  | HTML iconHTML  

    There are many models in literature and practice that analyse user behaviour based on user navigation data and use clustering algorithms to characterize their access patterns. The navigation patterns identified are expected to capture the user's interests. In this paper, we model user behaviour as a vector of the time he spends at each URL, and further classify a new user access pattern. The clustering and classification methods of k-means with non-Euclidean similarity measure, artificial neural networks, and artificial neural networks with standardised inputs were implemented and compared. Apart from identifying user behaviour, the model can also be used as a prediction system where we can identify deviational behaviour. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Session 3: Internet security

    Publication Year: 2010 , Page(s): 1
    Save to Project icon | Request Permissions | PDF file iconPDF (20 KB)  
    Freely Available from IEEE
  • Secure single packet IP Traceback mechanism to identify the source

    Publication Year: 2010 , Page(s): 1 - 5
    Cited by:  Papers (2)
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (709 KB) |  | HTML iconHTML  

    Most of the attacks on networks are launched through spoofed IP addresses i.e. Denial of Service attack. Attacker spoofs IP address of legitimate client, sends many useless packets to the victim and acts as a legitimate user. Since the attacks are launched through spoofed IP addresses therefore it is very difficult to identify the source of the attack (Attacker). The researchers introduce a technique to identify the origin of the spoofed user. This technique is known as the IP Traceback. Many traceback techniques are introduced but all have few drawbacks. Some increases the network load and delay, few requires implantation on all the routers of the world, few compromise on privacy of the user. Many techniques do not guarantee single packet IP traceback. All the existing IP traceback techniques require an efficient marking technique. A new single packet IP traceback technique to identify the source of the packet is introduced in this paper. This technique reduces the network delay and does not require any marking technique. Private information of the users will remain intact. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Detection of botnet collusion by degree distribution of domains

    Publication Year: 2010 , Page(s): 1 - 8
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (679 KB) |  | HTML iconHTML  

    Malicious botnets threaten the Internet by DDoS-attacks, spam, information theft and other criminal activities. They are using increasingly sophisticated techniques to hide the Command and Control traffic. Many existing detection techniques can be defeated by encryption, tunneling in popular protocols, delays, and flow perturbation. We introduce a new DNS-based detection approach, that detects botnet collusion by anomalies in the degree distribution of visited domains, without any assumption about message content and statistical properties of the traffic. The proposed technique is difficult to evade, without major changes in the bot Command and Control Infrastructure or reduced utility. We evaluate evasion possibilities, derive a theoretical model of the detector performance and test the detector with a combination of captured Internet traffic and simulated botnet-traffic. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A robust and flexible test environment for VoIP security tests

    Publication Year: 2010 , Page(s): 1 - 6
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (287 KB) |  | HTML iconHTML  

    Voice over IP (VoIP) is in wide use today, replacing phone lines in many scenarios. However, often, security isn't considered well enough, even though many security attacks are already known. More research on VoIP security is needed to enhance the level of security of VoIP systems and to show the implications of failing to take appropriate security measures. This paper presents an architecture and implementation of a robust and flexible VoIP test environment for security related tests. Experiences using the implemented environment for different VoIP security tests are shown to demonstrate the suitability of the proposed test environment for research purposes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evasion technique and detection of malicious botnet

    Publication Year: 2010 , Page(s): 1 - 5
    Cited by:  Papers (2)
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (735 KB) |  | HTML iconHTML  

    Malicious botnet is the greatest threat of the internet security. Malicious botnet sent to very large number of malicious spam message a day and them using DDoS attack should not be used the internet service. For defend the threat, many researcher studied how to detect malicious botnet, but malicious botnet evade detection method through evolution. In this paper, we analyze how to evade detection method. Analysis of evasion technique expected to contribute to malicious botnet detection study. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Survey of SCADA security challenges and potential attack vectors

    Publication Year: 2010 , Page(s): 1 - 5
    Cited by:  Papers (2)
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (257 KB) |  | HTML iconHTML  

    SCADA systems run silently in the background of our power generation plants, manufacturing facilities, and many other critical infrastructure resources. Even though these SCADA systems are critical in nature, the IT community often poorly understands them. As a result, security of SCADA systems has been neglected, even though companies have improved their security posture to meet regulatory demands. This paper will explore some of the weaknesses in SCADA based system security and the effectiveness of current security techniques. In addition, new methods and tools will be proposed to augment SCADA system security strategies. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Session 4: Trust, privacy, and data security

    Publication Year: 2010 , Page(s): 1
    Save to Project icon | Request Permissions | PDF file iconPDF (22 KB)  
    Freely Available from IEEE
  • Inter-organizational trust and supply chain Flexibility: From a relational view of the firm

    Publication Year: 2010 , Page(s): 1 - 5
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (278 KB) |  | HTML iconHTML  

    Supply chain Flexibility is of paramount significance in present hypercompetitive market. Whereas the role of inter-organizational trust remains a major concern for organizations, few attentions have been given its effect on supply chain flexibility. Based on relational view of the firm, the study examines the mediated role of various relational assets, i.e., IT infrastructure integration, process modularity and knowledge sharing, between inter-organizational trust and supply chain flexibility, and hence an approach model of supply chain flexibility is established. (Supply chain; flexibility; IT; relation-specific assets). View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Trusted Computing enhanced OpenID

    Publication Year: 2010 , Page(s): 1 - 8
    Cited by:  Papers (1)  |  Patents (2)
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (858 KB) |  | HTML iconHTML  

    Trusted Computing, used as a security technology, can establish trust between multiple parties. One implementation of Trusted Computing Technology standardized by the Trusted Computing Group is the Trusted Platform Module (TPM). We build on the security provided by the TPM to create a trusted variant of Identity Management Systems based on the popular OpenID protocol. We show that it is feasible to bind OpenID identities to the trustworthiness of the device. Our concept and implementation builds on previous work which showed that Trusted Computing can be used to create tickets. In this work, we use such tickets as a building block to establish trust between the identity provider and the device. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Viability of multivariate cryptosystems for WSN

    Publication Year: 2010 , Page(s): 1 - 6
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (492 KB) |  | HTML iconHTML  

    In a Wireless Sensor Networks (WSN), nodes observe their environment and forward the sensed data to a sink. Security of the sensor nodes and the sensed data in transit is vital for such networks. Cryptographic techniques can be employed to achieve confidentiality, integrity and other security needs of the network. However, due to resource constraints existing cryptographic mechanisms that need large computation power, memory and communication bandwidth are impractical for sensor networks. To provide security, less resource intensive cryptographic systems need to be explored. In the present work, different Multivariate public key cryptosystems (MPKC) have been examined to Elliptic curve based cryptosystem (ECC). Results indicate that the small computation time & memory requirements make MPKC schemes attractive for WSN security. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Combating web plagiarism and improving internet safety by authenticating web content

    Publication Year: 2010 , Page(s): 1 - 6
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (282 KB) |  | HTML iconHTML  

    Web content plays an important role in the contemporary information economy. Even though web content is used to generate advertising revenues for authors, and serves as an important reference and knowledge discovery resource for readers, proving original authorship and preventing plagiarism are not easy on the Internet. This paper presents the design and analysis of an automatic cryptography based solution for detecting and correcting web plagiarism. Unforgeable cryptographic commitments for originally authored content are stored in a distributed hash table over-layed on enhanced web browsers. Since it is based on content authentication, this solution not only protects against web plagiarism, but also improves web safety by preventing phishing attacks based on web page copying, poisoned DNS caches, or hacked web sites. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Session 5: Internet security

    Publication Year: 2010 , Page(s): 1
    Save to Project icon | Request Permissions | PDF file iconPDF (22 KB)  
    Freely Available from IEEE
  • NFC loyal: A beneficial model to promote loyalty on smart cards of mobile devices

    Publication Year: 2010 , Page(s): 1 - 6
    Cited by:  Papers (1)
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (662 KB) |  | HTML iconHTML  

    Near Field Communication (NFC) as a new emerging technology currently tries to find a suitable ecosystem. Development of new standards such as secure element, secure channel, as well as Java Card enables creating new ecosystems using a concurrent multi application platform based on Global Platform. We proposed NFC Loyal, which maintains data interaction and data sharing among payment and loyalty applications through our proposed structure, called as Secure Common Domain Management System (SCDM). SCDM as a centralized database management system on the smart card stores valuable information provided by payment applications and shares them with loyalty applications. The direct outcome of using NFC Loyal is the increase in repeat purchases of customers; as well as a business plan among the payment firms, loyalty firms, and the smart card owner. We fully describe the technical including security architectures and background for the SCDM, and explain the details of the proposed model. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Chaos based fragile watermarking algorithm for JPEG images

    Publication Year: 2010 , Page(s): 1 - 7
    Cited by:  Papers (1)
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (1089 KB) |  | HTML iconHTML  

    In this paper we propose a new fragile watermarking algorithm that provides the means to verify the integrity of JPEG images. We begin by presenting the cryptanalysis of CWSA (Chaotic Watermarking Scheme for the Authentication of JPEG Images), an existing fragile watermarking algorithm. We analyse its weaknesses and we propose a new version that is resistant to those attacks, faster and less perceptible. The proposed algorithm uses the JPEG quantized DCT coefficients and embeds the watermark information in their LSB. It uses robust chaotic generators for the generation of dynamic keys and watermarking information. One of the applications of the proposed algorithm is verifying data integrity for images transferred over the Internet. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On security of multi-factor biometric authentication

    Publication Year: 2010 , Page(s): 1 - 6
    Cited by:  Papers (1)
    Save to Project icon | Click to expandQuick Abstract | PDF file iconPDF (1094 KB) |  | HTML iconHTML  

    This paper focuses on security and accuracy of multi-factor biometric authentication schemes that are based on applying User-Based Transformations (UBTs) on biometric features. Typically, UBTs employ transformation keys generated from passwords/PINs or retrieved from a token. In this paper, we argue that the effect of compromised transformation keys on authentication accuracy has not been tested rigorously, and that the widely reported claim in the literature that in the case of stolen keys, accuracy drops but remains close to the accuracy of biometric only system is based on false assumptions. We show that multi-factor authentication systems setup to operate at a zero or near zero EER can be undermined in the event of keys being compromised where the False Acceptance Rate reaches unacceptable levels. This research also demonstrates by experiments on iris, fingerprint, and face biometrics that probabilities of impostors with stolen keys being falsely accepted are 21%, 56%, and 66% respectively. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.