By Topic

Communications and Mobile Computing (CMC), 2011 Third International Conference on

Date 18-20 April 2011

Filter Results

Displaying Results 1 - 25 of 137
  • [Front cover]

    Publication Year: 2011 , Page(s): C1
    Save to Project icon | Request Permissions | PDF file iconPDF (335 KB)  
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2011 , Page(s): i
    Save to Project icon | Request Permissions | PDF file iconPDF (84 KB)  
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2011 , Page(s): iii
    Save to Project icon | Request Permissions | PDF file iconPDF (152 KB)  
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2011 , Page(s): iv
    Save to Project icon | Request Permissions | PDF file iconPDF (109 KB)  
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2011 , Page(s): v - xiv
    Save to Project icon | Request Permissions | PDF file iconPDF (154 KB)  
    Freely Available from IEEE
  • Preface

    Publication Year: 2011 , Page(s): xv
    Save to Project icon | Request Permissions | PDF file iconPDF (149 KB) |  | HTML iconHTML  
    Freely Available from IEEE
  • Organizing Committee

    Publication Year: 2011 , Page(s): xvi - xvii
    Save to Project icon | Request Permissions | PDF file iconPDF (78 KB)  
    Freely Available from IEEE
  • Technical Program Committee

    Publication Year: 2011 , Page(s): xviii - xxiii
    Save to Project icon | Request Permissions | PDF file iconPDF (105 KB)  
    Freely Available from IEEE
  • Reviewers

    Publication Year: 2011 , Page(s): xxiv
    Save to Project icon | Request Permissions | PDF file iconPDF (57 KB)  
    Freely Available from IEEE
  • Keynote and Plenary Speakers

    Publication Year: 2011 , Page(s): xxv - xxviii
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (132 KB) |  | HTML iconHTML  

    Provides an abstract for each of the keynote presentations and a brief professional biography of each presenter. The complete presentations were not made available for publication as part of the conference proceedings. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Security Policy of WLAN Data Transmission Based on Logistic Chaotic Modulation

    Publication Year: 2011 , Page(s): 3 - 6
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (344 KB) |  | HTML iconHTML  

    Analyzing on WEP (Wired Equivalent Privacy) indicates many defects existing in security. A security policy of WLAN data transmission based on logistic chaotic modulation is presented. The improved Logistic mapping can carry information in the WLAN data frame through the change of single parameter μ, which can lead to morphological changes of chaotic attractors. The receiver decision device is used to restore the original signals at the recieving end. The results of simulation show that the proposed policy can secure the data transmission effectively. In addition, throughput, time delay and other properties meet customers' needs basically. And the effectiveness and availability of this policy are also proved. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • B-IRP: An Improving Integrity Report Protocol for Remote Attestation

    Publication Year: 2011 , Page(s): 7 - 10
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (497 KB) |  | HTML iconHTML  

    Trusted platform module (TPM) has little computation capability, and it is the performance bottleneck of remote attestation. In the scenario where the server is the attestation-busy entity which answers attestation requirement frequently, the massive delay is inevitable. Without the modification to TPM, we propose Batch Integrity Report Protocol (BIRP) to overcome the performance bottleneck. B-IRP bundles these requirements in interval as a batch requirement, and creates the response messages for these requirements with one expensive TPM operation. Discussion shows that B-IRP has improved the performance without loss of security. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficient Taint Analysis with Taint Behavior Summary

    Publication Year: 2011 , Page(s): 11 - 14
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (210 KB) |  | HTML iconHTML  

    Software security has drawn much attention recently. As an effective approach to detect software vulnerabilities and improve software security, dynamic taint analysis has been frequently researched in the last few years. In this paper, we implement a dynamic taint tracking system LTTS. In order to address the efficiency problem which exists in many of the current taint tracking systems, we also propose a taint behavior summary mechanism to optimize the system. According to our experiments, LTTS has achieved relative high efficiency compared to the existing techniques. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • High-Speed Architecture Design and Implementation for SMS4-GCM

    Publication Year: 2011 , Page(s): 15 - 18
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (343 KB) |  | HTML iconHTML  

    A new and high-efficiency encryption and authentication algorithm, SMS4-GCM, based on cryptographic algorithm SMS4 and block cipher operating mode GCM is proposed. Design using full pipeline architecture and implementation on FPGA are presented in detail, and the results show that the maximal processing rate of SMS4-GCM can reach up to 22.248 Gbps which can meet the demands of high-speed network's applications. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Observation and Analysis on Spam Sending Behavior

    Publication Year: 2011 , Page(s): 19 - 22
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (414 KB) |  | HTML iconHTML  

    Due to Internet, people prefer using emails instead of traditional post mails, because of its simple and easy to use. Meanwhile unsolicited emails (spam) become a serious problem, as sending bulk emails are almost cost free in terms of time and money. Spam not only reduces system performance of mail servers but also annoys mail receivers. Nowadays attacks from Internet usually have strong links with embedding malicious codes/links in spam mails. In this research study, we collected a large number of spam to observe and analyze spam sending behavior. For each spam, we gathered source IPs, the URLs in the spam, and web pages of the URL. Basing on the collected spam, we studied the spam sending behavior. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Temporal Ordered Image Encryption

    Publication Year: 2011 , Page(s): 23 - 28
    Cited by:  Papers (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (424 KB) |  | HTML iconHTML  

    The existing image encryption algorithms encrypt images independently, which means the probability of an eavesdropper working out one image stays the same under the same circumstances (same bits of keys and the same algorithm, for example). However, in real-life applications such as communication systems, on one hand, sequences of images may need to be sent with various security demands, and on the other hand, the temporal order of sequences of images may be changed. This paper proposes a novel idea to integrate the notion of temporal order with cryptosystems. Experimental results show that satisfactory security performance is achieved when the order for the sequence of images is changed. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Power of Refresh: A Novel Mechanism for Securing Low Entropy PII

    Publication Year: 2011 , Page(s): 29 - 36
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (248 KB) |  | HTML iconHTML  

    Deterministic encryption for low entropy personally identifiable information(PII) is vulnerable to dictionary attack. It is particularly so because of an expedient method to enumerate possible PII'splain text instead of all possible keys. Deterministic encryption, however, is indispensable in the generation of hash or index of PII. This paper presents a novel mechanism to frustrate dictionary attacks by refreshing the encryption in an external "blackbox". The "blackbox" has a private key inside and even the person who designed and manufactured it could not track or reveal its input and output without knowing the private key. The major part of this paper is about the analysis of this novel mechanism. The use of conditional entropy in this paper both measures the power to defend the attack and proves the value and feasibility of this novel mechanism. A lower bound for conditional entropy against a computationally-unbounded adversary is guaranteed. The essential meaning of the lower bound is also given based on min-entropy. By the proof, this mechanism can provide very reliable security for PII in online social networks (OSN) and keep efficiency and functionality at the same time. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Practicality Analysis of the Self-Healing Group Key Distribution Schemes for Resource-Constricted Wireless Sensor Networks

    Publication Year: 2011 , Page(s): 37 - 40
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (251 KB) |  | HTML iconHTML  

    A number of self-healing group key distribution schemes have been proposed recently, however, though practicality analysis and simulation of the commonly used self-healing group key distribution schemes, we show that almost none of the existing schemes are suitable for large-scale and resource-constricted wireless sensor networks in real-world applications, and it is still an urgent requirement to develop an efficient self-healing group key distribution scheme with robust security, tolerant communication and storage overhead simultaneously for resource-constricted wireless sensor networks. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • The Analysis and Optimization on M-commerce Secure Payment Model

    Publication Year: 2011 , Page(s): 41 - 44
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (353 KB) |  | HTML iconHTML  

    The M-Commerce has incomparable superiorities compared with traditional e-commerce. And at the same time, it has brought forward higher request of the security. The thesis analyzes the business model of M-Commerce secure payment, the SeMoPS model, and puts forward optimizing the business process of SeMoPS model combining the consideration of the security threats that M-Commerce has faced . In this way, customers can enjoy more convenient mobile payment service without worrying about the escaping of private information and transaction data. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Collaborative Network Security Management System in Metropolitan Area Network

    Publication Year: 2011 , Page(s): 45 - 50
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (503 KB) |  | HTML iconHTML  

    Network Security Appliances are deployed at the vantage point of the Internet to detect security events and prevent attacks. However, these appliances are not so effective when it comes to distributed attacks such as DDoS. This paper presents a design and implementation of collaborative network security management system (CNSMS), which organize the NetSecu nodes into a hybrid P2P and hierarchy architecture to share the security knowledge. NetSecu nodes are organized into a hierarchy architecture so they could realize different management or security functions. In each level, nodes formed a P2P networks for higher efficiency. To guarantee identity trustworthy and information exchange secure, PKI infrastructure is deployed in CNSMS. Finally experiments are conducted to test the computing and communication cost. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A New Intrusion Detection System Using Class and Sample Weighted C-support Vector Machine

    Publication Year: 2011 , Page(s): 51 - 54
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (258 KB) |  | HTML iconHTML  

    Whenever an intrusion occurs, the security of a computer system is compromised. Presently there are a lot of algorithms applied in intrusion detection systems. The SVM is one of the most successful ones in the data mining area, but its biasing behavior with uneven datasets limits its use. Shu-Xin Du proposed an improved approach named weighted SVM to solve this problem. However, Weighted SVM considers different penalty parameters about class only and ignores importance among different samples. In this paper, we introduced class and sample weighted factors respectively and propose a new method, namely, Class and Sample Weighted C-Support Vector Machine (CSWC-SVM) to solve the problem. Furthermore we construct a decision model. Experimental simulations with KDD Cup 1999 Data proved our approach works well and outperforms other approaches such as the standard C-SVM and Weighted SVM in terms of accuracy, false positive rate, and false negative rate. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Formal Analysis of Trusted Computing: One Case Study

    Publication Year: 2011 , Page(s): 55 - 58
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (295 KB) |  | HTML iconHTML  

    LS2 is the logic to reason about the property of trusted computing. However, it lacks the capability of modeling the isolation provided by virtualization which is often involved in previous trusted computing system. With the support of changed LS2, we model three types of isolation. Moreover, we formally analyze the integrity measurement property of TrustVisor proposed recently which provides the isolated execution environment for security-sensitive code. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • NetSecu: A Collaborative Network Security Platform for In-network Security

    Publication Year: 2011 , Page(s): 59 - 64
    Cited by:  Papers (4)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (982 KB) |  | HTML iconHTML  

    Malicious attacks are frequently launched to make specified network service unavailable, compromising end hosts for political or business purpose. Though network security appliances are widely deployed to resist these attacks, there is a lack of dynamic and collaborative platform to flexibly configure and manage all the security elements. In this paper, we present NetSecu, a platform based on Java and Click Router, which can dynamically enable, disable and configure security elements such as firewall, IPS and AV. Furthermore, a collaborate module is implemented to integrate individual NetSecu platform into a Secure Overlay Network, providing collaborative traffic control against DDoS attack. Equipped with collaborate module, NetSecu platforms are organized in a tree hierarchy where each level node is registered to its father node. A Central Management Site acts as the root node for large scale deployment. The policy is distributed from higher level to lower level NetSecu nodes, while security events are aggregated from lower level to higher level. Performance evaluation shows that our NetSecu system can achieve line rate with and without security function. Finally we deploy the NetSecu platform in multiple sites, where our design is fully demonstrated and tested. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • On Mutual Support of Modern and Traditional Access Control Models with UCON and BLP as Case Study

    Publication Year: 2011 , Page(s): 65 - 70
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (342 KB) |  | HTML iconHTML  

    Access control is essential to computer security, especially in an open, distributed, networked communication environment. Modern access control model such as UCON aims at accommodating general requirements. Traditional one such as BLP focuses on specific properties, e.g. confidentiality. Both of these two realms have their limitations. Taking UCON and BLP as case study, this paper explores mutual support of modern and traditional access control models. It investigates BLP's adaptable characteristic in the UCON perspective. First, it constructs properties in the UCON language to manifest the BLP adaptability, which shows that the BLP adaptability can be ensured to function correctly by the UCON framework. Further, it proposes a formal specification for the BLP adaptability under the UCON framework with the Temporal Logic of Actions, which demonstrates that the BLP adaptability is in good consistency with the UCON model. The significance of the paper is twofold. On the one hand, it exhibits that adaptable quality of the traditional BLP model may be ensured theoretically by the philosophy of modern access control. On the other hand, it enriches the real sense of modern access control models by strengthening the power of traditional access control models. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • TasteBuddy-based Version Selection Strategy for BitTorrent Users against Content Pollution

    Publication Year: 2011 , Page(s): 71 - 76
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (616 KB) |  | HTML iconHTML  

    Content pollution problem has attracted broad attention due to its impacts on P2P networks' efficiency and availability. Especially for Bit Torrent users, unmanageable versions of BT torrents and chunk-based file sharing mode make it more difficult to avoid pollution dissemination. In our paper, we propose a smart version selection strategy based on taste buddies to help users select high-quality versions and keep away from polluted ones. Performance evaluation based on real data shows that our approach effectively lowers the probability of selecting polluted versions compared with other strategies. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.