By Topic

18th Annual Computer Security Applications Conference, 2002. Proceedings.

9-13 Dec. 2002

Filter Results

Displaying Results 1 - 25 of 44
  • Proceedings 18th Annual Computer Security Applications Conference

    Publication Year: 2002
    Request permission for commercial reuse | PDF file iconPDF (322 KB)
    Freely Available from IEEE
  • Author index

    Publication Year: 2002, Page(s): 4332
    Request permission for commercial reuse | PDF file iconPDF (185 KB)
    Freely Available from IEEE
  • A secure directory service based on exclusive encryption

    Publication Year: 2002, Page(s):172 - 182
    Cited by:  Papers (1)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (430 KB) | HTML iconHTML

    We describe the design of a Windows file-system directory service that ensures the persistence, integrity, privacy, syntactic legality, and case-insensitive uniqueness of the names it indexes. Byzantine state replication provides persistence and integrity, and encryption imparts privacy. To enforce Windows' baroque name syntax - including restrictions on allowable characters, on the terminal chara... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A context-aware security architecture for emerging applications

    Publication Year: 2002, Page(s):249 - 258
    Cited by:  Papers (59)  |  Patents (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (331 KB) | HTML iconHTML

    We describe an approach to building security services for context-aware environments. Specifically, we focus on the design of security services that incorporate the use of security-relevant "context" to provide flexible access control and policy enforcement. We previously presented a generalized access control model that makes significant use of contextual information in policy definition. This do... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Malicious code detection for open firmware

    Publication Year: 2002, Page(s):403 - 412
    Cited by:  Papers (3)  |  Patents (5)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (305 KB) | HTML iconHTML

    Malicious boot firmware is a largely unrecognized but significant security risk to our global information infrastructure. Since boot firmware executes before the operating system is loaded, it can easily circumvent any operating system-based security mechanism. Boot firmware programs are typically written by third-party device manufacturers and may come from various suppliers of unknown origin. We... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A security architecture for object-based distributed systems

    Publication Year: 2002, Page(s):161 - 171
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (335 KB) | HTML iconHTML

    Large-scale distributed systems present numerous security problems not present in local systems. We present a general security architecture for a large-scale object-based distributed system. Its main features include ways for servers to authenticate clients, clients to authenticate servers, new secure servers to be instantiated without manual intervention, and ways to restrict which client can per... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Architectures for intrusion tolerant database systems

    Publication Year: 2002, Page(s):311 - 320
    Cited by:  Papers (6)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (386 KB) | HTML iconHTML

    In this paper we propose four architectures for intrusion-tolerant database systems. While traditional secure database systems rely on prevention controls, an intrusion-tolerant database system can operate through attacks in such a way that the system can continue delivering essential services in the face of attacks. With a focus on attacks by malicious transactions, Architecture I can detect intr... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Reusable components for developing security-aware applications

    Publication Year: 2002, Page(s):239 - 248
    Cited by:  Papers (2)  |  Patents (3)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (2786 KB) | HTML iconHTML

    Today, security is considered to be an important aspect of multi-tier application development. Thoroughly researched concepts for access control exist and have been proven in mainframe computing. However, they are often not used in today's development of multi-tier applications. One reason may be the lack of appropriate reusable components that support application developers that frequently have t... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security architecture of the Austrian citizen card concept

    Publication Year: 2002, Page(s):391 - 400
    Cited by:  Papers (26)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (321 KB) | HTML iconHTML

    When admitting electronic media as a means for citizens to approach public authorities (e-government), security is an indispensable precondition for concerns of legal certainty and for achieving acceptance by the citizens. While the security-enabling technologies such as smartcards, digital signatures, and PKI are mature, questions of scalability, technology-neutrality, and forward-compatibility a... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Networking in the Solar Trust Model: determining optimal trust paths in a decentralized trust network

    Publication Year: 2002, Page(s):271 - 281
    Cited by:  Papers (5)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (399 KB) | HTML iconHTML

    The Solar Trust Model provides a method by which the sender of a message can be authenticated, and the level of trust that can be placed in the sender of the message or the message itself can be computed The model works even if there is no prior relationship between the sender and receiver of the message. The Solar Trust Model overcomes a variety of limitations inherent in the design of other trus... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A toolkit for detecting and analyzing malicious software

    Publication Year: 2002, Page(s):423 - 431
    Cited by:  Papers (6)  |  Patents (23)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (507 KB) | HTML iconHTML

    We present PEAT: the Portable Executable Analysis Toolkit. It is a software prototype designed to provide a selection of tools that an analyst may use in order to examine structural aspects of a Windows Portable Executable (PE) file, with the goal of determining whether malicious code has been inserted into an application after compilation. These tools rely on structural features of executables th... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Enforcing resource bound safety for mobile SNMP agents

    Publication Year: 2002, Page(s):69 - 77
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (326 KB) | HTML iconHTML

    The integration of mobile agents with SNMP creates significant advantages for the management of complex networks. Nevertheless, the security concerns of mobile agent technology limit its acceptance in practice. A key issue is to safeguard resource usage abuse by malicious or buggy mobile agents on the hosting system. This paper describes how the TINMAN architecture, a framework and a suite of tool... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Controlled physical random functions

    Publication Year: 2002, Page(s):149 - 160
    Cited by:  Papers (106)  |  Patents (68)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (338 KB) | HTML iconHTML

    A physical random function (PUF) is a random function that can only be evaluated with the help of a complex physical system. We introduce controlled physical random functions (CPUFs) which are PUFs that can only be accessed via an algorithm that is physically bound to the PUF in an inseparable way. CPUFs can be used to establish a shared secret between a physical device and a remote user. We prese... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Evaluating the impact of automated intrusion response mechanisms

    Publication Year: 2002, Page(s):301 - 310
    Cited by:  Papers (40)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (322 KB) | HTML iconHTML

    Intrusion detection systems (IDSs) have reached a high level of sophistication and are able to detect intrusions with a variety of methods. Unfortunately, system administrators neither can keep up with the pace that an IDS is delivering alerts, nor can they react upon these within adequate time limits. Automatic response systems have to take over that task. In case of an identified intrusion, thes... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A practical approach to identifying storage and timing channels: twenty years later

    Publication Year: 2002, Page(s):109 - 118
    Cited by:  Papers (15)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (303 KB) | HTML iconHTML

    Secure computer systems use both mandatory and discretionary access controls to restrict the flow of information through legitimate communication channels such as files, shared memory and process signals. Unfortunately, in practice one finds that computer systems are built such that users are not limited to communicating only through the intended communication channels. As a result, a well-founded... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A framework for organisational control principles

    Publication Year: 2002, Page(s):229 - 238
    Cited by:  Papers (5)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (380 KB) | HTML iconHTML

    Organisational control principles, such as those expressed in the separation of duties, supervision, review and delegation, support the main business goals and activities of an organisation. Some of these principles have previously been described and analysed within the context of role- and policy-based distributed systems, but little has been done with respect to the more general context they are... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Protecting Web usage of credit cards using One-Time Pad cookie encryption

    Publication Year: 2002, Page(s):51 - 58
    Cited by:  Papers (2)  |  Patents (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (246 KB) | HTML iconHTML

    The blooming e-commerce is demanding better methods to protect online users' privacy, especially the credit card information that is widely used in online shopping. Holding all these data in a central database of the Web sites would attract hackers' attacks, impose unnecessary liability on the merchant Web sites, and raise the customers' privacy concerns. We introduce and discuss in detail the sec... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • GOSSIB vs. IP traceback rumors

    Publication Year: 2002, Page(s):5 - 13
    Cited by:  Papers (17)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (452 KB) | HTML iconHTML

    To identify sources of distributed denial-of-service attacks, path traceback mechanisms have been proposed. Traceback mechanisms relying on probabilistic packet marking (PPM) have received most attention, as they are easy to implement and deploy incrementally. We introduce a new concept, namely Groups Of Strongly SImilar Birthdays (GOSSIB), that can be used by to obtain effects similar to a succes... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A financial institution's legacy mainframe access control system in light of the proposed NIST RBAC standard

    Publication Year: 2002, Page(s):382 - 390
    Cited by:  Papers (1)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (496 KB) | HTML iconHTML

    In this paper we describe a mainframe access control system (DENT) and its associated delegated administration tool (DSAS) that were used in a financial institution for over 20 years to control access to banking transaction products. The first part of this paper describes the design and operation of DENT/DSAS as an example of a long-lived access control system in a financial institution. A standar... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Penetration testing: a duet

    Publication Year: 2002, Page(s):185 - 195
    Cited by:  Papers (14)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (3059 KB) | HTML iconHTML

    Penetration testing is the art of finding an open door. It is not a science as science depends on falsifiable hypotheses. The most penetration testing can hope for is to be the science of insecurity - not the science of security nasmuch as penetration testing can at most prove insecurity by falsifying the hypothesis that any system, network, or application is secure. To be a science of security wo... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Voice over IPsec: analysis and solutions

    Publication Year: 2002, Page(s):261 - 270
    Cited by:  Papers (29)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (807 KB) | HTML iconHTML

    In this paper we present the results of the experimental analysis of the transmission of voice over secure communication links implementing IPsec. Critical parameters characterizing the real-time transmission of voice over an IPsec-ured Internet connection, as well as techniques that could be adopted to overcome some of the limitations of VoIPsec (Voice over IPsec), are presented Our results show ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Beyond the perimeter: the need for early detection of denial of service attacks

    Publication Year: 2002, Page(s):413 - 422
    Cited by:  Papers (4)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (300 KB) | HTML iconHTML

    The threat to organisations from network attacks is very real. Current countermeasures to denial of service (DoS) attacks rely on the perimeter model of network security. However, as the case study and analysis in this paper make apparent, the perimeter model, which relies on firewalls and intrusion detection systems, is unable to provide an effective defence against DoS attacks. Therefore, there ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Detecting and defending against Web-server fingerprinting

    Publication Year: 2002, Page(s):321 - 330
    Cited by:  Papers (6)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (298 KB) | HTML iconHTML

    Cyber attacks continue to increase in sophistication. Advanced attackers often gather information about a target system before launching a precise attack to exploit a discovered vulnerability. This paper discusses techniques for remote identification of web servers and suggests possible defenses to the probing activity. General concepts of finger-printing and their application to the identificatio... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Gender-preferential text mining of e-mail discourse

    Publication Year: 2002, Page(s):282 - 289
    Cited by:  Papers (20)  |  Patents (2)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (295 KB) | HTML iconHTML

    This paper describes an investigation of authorship gender attribution mining from e-mail text documents. We used an extended set of predominantly topic content-free e-mail document features such as style markers, structural characteristics and gender-preferential language features together with a support vector machine learning algorithm. Experiments using a corpus of e-mail documents generated b... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Security of Internet location management

    Publication Year: 2002, Page(s):78 - 87
    Cited by:  Papers (9)  |  Patents (7)
    Request permission for commercial reuse | Click to expandAbstract | PDF file iconPDF (321 KB) | HTML iconHTML

    In the Mobile IPv6 protocol, the mobile node sends binding updates to its correspondents to inform them about its current location. It is well-known that the origin of this location information must be authenticated. This paper discusses several threats created by location management that go beyond unauthentic location data. In particular, the attacker can redirect data to bomb third parties and i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.