By Topic

2012 Seventh Asia Joint Conference on Information Security

9-10 Aug. 2012

Filter Results

Displaying Results 1 - 25 of 28
  • [Back cover]

    Publication Year: 2012, Page(s): C4
    Request permission for commercial reuse | PDF file iconPDF (621 KB)
    Freely Available from IEEE
  • [Title page i]

    Publication Year: 2012, Page(s): i
    Request permission for commercial reuse | PDF file iconPDF (38 KB)
    Freely Available from IEEE
  • [Title page iii]

    Publication Year: 2012, Page(s): iii
    Request permission for commercial reuse | PDF file iconPDF (83 KB)
    Freely Available from IEEE
  • [Copyright notice]

    Publication Year: 2012, Page(s): iv
    Request permission for commercial reuse | PDF file iconPDF (114 KB)
    Freely Available from IEEE
  • Table of contents

    Publication Year: 2012, Page(s):v - vi
    Request permission for commercial reuse | PDF file iconPDF (139 KB)
    Freely Available from IEEE
  • Preface

    Publication Year: 2012, Page(s): vii
    Request permission for commercial reuse | PDF file iconPDF (76 KB) | HTML iconHTML
    Freely Available from IEEE
  • Conference Committees and Reviewers

    Publication Year: 2012, Page(s):viii - ix
    Request permission for commercial reuse | PDF file iconPDF (79 KB)
    Freely Available from IEEE
  • Reversible Data Hiding for JPEG Based on EMD

    Publication Year: 2012, Page(s):1 - 5
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (247 KB) | HTML iconHTML

    To save communication bandwidth, data compression method usually is used when the stego-image transmits. To defend data security, the data hiding technology is used in the data communication. However, it seems that there is no relationship between data compression and data hiding. Actually, they are closely related. Until now, many data hiding schemes had been proposed in literatures. Unfortunatel... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Efficient Lossless Data Hiding Scheme on VQ Index Coding

    Publication Year: 2012, Page(s):6 - 9
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (173 KB) | HTML iconHTML

    Loss less data hiding can extract the embedded secret data and restore the cover media to its original status. Wang et al. in 2010 proposed a loss less data hiding method to embed secret message on VQ indices but their scheme has the encoded bit stream over-expanded. This paper improves their embedding approach by employing the index clusters with localization to enhance the similarity of adjacent... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Strong Tamper-Localization, Visual Secret Sharing Scheme Based on Exploiting Modification Direction

    Publication Year: 2012, Page(s):10 - 16
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (578 KB) | HTML iconHTML

    Recently, protecting information that is shared or transmitted over the Internet has become a critical issue. Several ways to transfer secret data have been proposed, including visual secret sharing (VSS), which is an efficient technique because the secret data are kept by a group of participants, rather than one person, so that they cannot be lost. In this paper, we proposed a new, visual, secret... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • SSL/TLS Status Survey in Japan - Transitioning against the Renegotiation Vulnerability and Short RSA Key Length Problem

    Publication Year: 2012, Page(s):17 - 24
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (275 KB) | HTML iconHTML

    In 2009, researchers released details of a vulnerability in the SSL and TLS protocols that could allow Man-in-the-Middle attacks to be carried out. SSL and TLS operate between the IP and application layers and ensure application data encryption and data integrity, authenticating the target of communications using X.509 public key certificates. As they are used together with application layer commu... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Proposal of a Secure WEP Operation against Existing Key Recovery Attacks and its Evaluation

    Publication Year: 2012, Page(s):25 - 30
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (206 KB) | HTML iconHTML

    WEP is a security protocol in a wireless LAN network. However its vulnerability has been pointed out, and many key recovery attacks against WEP were proposed by using it. Some attacks can retrieve a WEP key easily by observing about 20,000 packets. In order to avoid such attack, we have to update the WEP key whenever the number of communicated packets exceeds a certain threshold. For immunizing ag... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Analysis of Security Patch Lifecycle Using Google Trend Tool

    Publication Year: 2012, Page(s):31 - 34
    Cited by:  Papers (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (245 KB) | HTML iconHTML

    Information security audit has become more and more important nowadays. Among the audited items, the status of security patch could be the most important part. In this paper, we proposed a security patch lifecycle to assess the information security risk with the help of vulnerability databases. A case study using the Google Trend is also given to demonstrate that the proposed security patch lifecy... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Synthesis of Secure Passwords

    Publication Year: 2012, Page(s):35 - 37
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (135 KB) | HTML iconHTML

    This paper studies a synthesis of password to be easily identified and hardly forgot. A new synthesis method is proposed to construct a good passwords that satisfy both requirements. Our method focuses on the change of frequency of combined words. Each of two words has a high term frequency but the combination is not quite common and then the frequency of the combined words can give strong impress... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Mobile Friendly and Highly Efficient Remote User Authenticated Key Agreement Protocol Featuring Untraceability

    Publication Year: 2012, Page(s):38 - 43
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (218 KB) | HTML iconHTML

    Authentication and key agreement protocols are the essential guardians of the distributed applications. They help the servers and users establish mutual trust and create secure communication channels. In this paper, we propose an authentication and key agreement scheme that is secure and has low communication and computation costs. Besides its efficiency, the most significant feature of the scheme... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • PDAF: Proactive Distributed Authentication Framework for Regional Network

    Publication Year: 2012, Page(s):44 - 50
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (283 KB) | HTML iconHTML

    We are designing a regional network for New Generation Network (NWGN), which is a future network vision. Regional network needs strong security protections to enable it to be robust under various attacks, such as impersonation attack, replay attack, and illegal modification. To disable these attacks, we identify the design requirements and then propose a proactive and distributed authentication fr... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Fast-Refreshing Tree-Based Group Key Agreement for Mobile Ad Hoc Networks

    Publication Year: 2012, Page(s):51 - 58
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (222 KB) | HTML iconHTML

    With the proliferation of group-oriented applications in mobile ad hoc networks (MANETs), users need suitable group key agreements to secure communication between group members. Because of users' mobility, group members join their group or leave frequently in MANETs. Due to each MANET has a unique, specific purpose, there typically is no central management mechanism. The utilization of resource, s... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Analysis of an eHealth Care System with Smart Card Based Authentication

    Publication Year: 2012, Page(s):59 - 61
    Cited by:  Papers (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (125 KB) | HTML iconHTML

    In recent years, smart card based authentication has been massively adopted in the electronic health care and medical treatment services in which the user and administrator can agree a robust session key based on human-memorable passwords with the hospital server. In this paper, we investigate the robustness of an eHealth care system with smart card based authentication mechanisms. This research i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • DroidMat: Android Malware Detection through Manifest and API Calls Tracing

    Publication Year: 2012, Page(s):62 - 69
    Cited by:  Papers (63)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (263 KB) | HTML iconHTML

    Recently, the threat of Android malware is spreading rapidly, especially those repackaged Android malware. Although understanding Android malware using dynamic analysis can provide a comprehensive view, it is still subjected to high cost in environment deployment and manual efforts in investigation. In this study, we propose a static feature-based mechanism to provide a static analyst paradigm for... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A Study on Method to Analyze Application on Bada Using GUI without Source Code

    Publication Year: 2012, Page(s):70 - 73
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (1409 KB) | HTML iconHTML

    Analyzing vulnerability or flaw on smart phone is important issue because it has sensitive information such as financial or private. Previous researches concern about major smart phone OSs such as Apple's iPhone and Google's Android. However, they did not concern about Samsung's bada. To improve analyzing efficiency, in this paper, we study a method to analyze application on bada using GUI without... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Geographical Visualization of Malware Download for Anomaly Detection

    Publication Year: 2012, Page(s):74 - 78
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (290 KB) | HTML iconHTML

    We study a linkage between attacks in cyberspace and incidents in our real world. For example, the Internet had been closed down in Egypt for preventing protests against President Hosni Mubarak. Meanwhile, for more than two weeks we have observed that no port-scan packet were sent from Egypt to Japan. This motivates us for this study to find any incident between botnet attacks which were involved ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Multipurpose Network Monitoring Platform Using Dynamic Address Assignment

    Publication Year: 2012, Page(s):79 - 84
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (793 KB) | HTML iconHTML

    There have been a number of network monitoring projects launched to cope with cyber threats in the Internet. In those projects, several types of sensors such as black hole sensor, low and high interaction honey pot, and web crawlers are deployed to analyze characteristics of attackers from various perspectives. However, there are some problems of deployment and operation of network monitoring syst... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Survey on Cloud Data Integrity Proof Techniques

    Publication Year: 2012, Page(s):85 - 91
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (222 KB) | HTML iconHTML

    Proof of Retrievability (POR) and Provable Data Possession (PDP) systems these days are the most active area of research for data integrity check, which is outsourced to cloud service providers. In this work we surveyed data integrity proving schemes by reviewing different schemes in the area along with their efficiency and security considerations. The objective of this survey is to offer a state-... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Data Integrity on Remote Storage for On-line Co-working

    Publication Year: 2012, Page(s):92 - 99
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (271 KB) | HTML iconHTML

    Nowadays, the cloud computing have engulfed not only the IT industry but also the general publics all around the world. Our daily life is now full of various cloud services such as Gmail or Google Document. Although the cloud services can provide on-line platforms for co-working between a group of collaborators, trust is always a hesitation for a user to adopt cloud services. In this paper, we aim... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Attack Sequence Detection in Cloud Using Hidden Markov Model

    Publication Year: 2012, Page(s):100 - 103
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (210 KB) | HTML iconHTML

    Cloud computing provides business new working paradigm with the benefit of cost reduce and resource sharing. Tasks from different users may be performed on the same machine. Therefore, one primary security concern is whether user data is secure in cloud. On the other hand, hacker may facilitate cloud computing to launch larger range of attack, such as a request of port scan in cloud with multiple ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.