LEADER 01302nam 2200373 n 450 001 9910375963403321 005 20230818161654.0 035 $a(CKB)4100000007597561 035 $a(NjHacI)994100000007597561 035 $a(Association for Computing Machinery)10.1145/3230519 035 $a(EXLCZ)994100000007597561 100 $a20230818d2018 uy 0 101 0 $aeng 135 $aur||||||||||| 181 $ctxt$2rdacontent 182 $cc$2rdamedia 183 $acr$2rdacarrier 200 10$aProceedings of the Joint Workshop on Multimedia for Cooking and Eating Activities and Multimedia Assisted Dietary Management /$fIchiro Ide 210 1$aNew York, New York :$cThe Association for Computing Machinery,$d2018. 215 $a1 online resource (88 pages) 225 1 $aACM Other conferences 311 $a1-4503-6537-X 410 0$aACM Other conferences 517 3 $aCEA/MADiMa '18 606 $aMultimedia systems$vCongresses 615 0$aMultimedia systems 676 $a006.7 700 $aIde$b Ichiro$0926143 801 0$bNjHacI 801 1$bNjHacl 906 $aBOOK 912 $a9910375963403321 996 $aProceedings of the Joint Workshop on Multimedia for Cooking and Eating Activities and Multimedia Assisted Dietary Management$92079445 997 $aUNINA LEADER 01678nam0 22003131i 450 001 UON00303474 005 20231205104018.729 100 $a20071106f1968 |0itac50 ba 101 $achi 102 $aTW 105 $a|||| 1|||| 200 1 $aLing xi gong du hui cun$fFang Junshi zhu 210 $a[Taibei$cWenhai chubanshe$d1968] 215 $a3 v.$d18 cm 311 $a1-3$9UON00301638 316 $aaltri inv. 122104-105 Già inventariato [forse SIN 961]$5IT-UONSI CINSERIE/005 (263,1-3) 316 $aGià inventariato [forse ex SIN 961]$5IT-UONSI CINSERIE/005 (263,2) 316 $aGià inventariato [forse ex SIN 961]$5IT-UONSI CINSERIE/005 (263,3) 410 0$1001UON00301638$12001 $aJindai Zhongguo shiliao congkan$v263 1-3 606 $aCina$xPolitica e Governo$xDinastia Qing (1644-1911)$3UONC017902$2FI 686 $aCIN IV$cCINA - STORIA$2A 700 0$aFANG Junshi$3UONV174306$0696243 801 $aIT$bSOL$c20250523$gRICA 912 $aUON00303474 950 $aSIBA - SISTEMA BIBLIOTECARIO DI ATENEO$dSI CIN SERIE 005 (263,1-3) $eSI SA 122103 7 005 (263,1-3) altri inv. 122104-105 Già inventariato [forse SIN 961] 950 $aSIBA - SISTEMA BIBLIOTECARIO DI ATENEO$dSI CIN SERIE 005 (263,2) $eSI SA 122104 7 005 (263,2) Già inventariato [forse ex SIN 961] 950 $aSIBA - SISTEMA BIBLIOTECARIO DI ATENEO$dSI CIN SERIE 005 (263,3) $eSI SA 122105 7 005 (263,3) Già inventariato [forse ex SIN 961] 996 $aLing xi gong du hui cun$91379691 997 $aUNIOR LEADER 11961nam 22007575 450 001 9910484264903321 005 20251226195334.0 010 $a3-319-20550-1 024 7 $a10.1007/978-3-319-20550-2 035 $a(CKB)3710000000436919 035 $a(SSID)ssj0001558492 035 $a(PQKBManifestationID)16183013 035 $a(PQKBTitleCode)TC0001558492 035 $a(PQKBWorkID)14818851 035 $a(PQKB)10444505 035 $a(DE-He213)978-3-319-20550-2 035 $a(MiAaPQ)EBC6302197 035 $a(MiAaPQ)EBC5587594 035 $a(Au-PeEL)EBL5587594 035 $a(OCoLC)911630948 035 $a(PPN)186399685 035 $a(EXLCZ)993710000000436919 100 $a20150622d2015 u| 0 101 0 $aeng 135 $aurnn|008mamaa 181 $ctxt 182 $cc 183 $acr 200 10$aDetection of Intrusions and Malware, and Vulnerability Assessment $e12th International Conference, DIMVA 2015, Milan, Italy, July 9-10, 2015, Proceedings /$fedited by Magnus Almgren, Vincenzo Gulisano, Federico Maggi 205 $a1st ed. 2015. 210 1$aCham :$cSpringer International Publishing :$cImprint: Springer,$d2015. 215 $a1 online resource (XII, 351 p. 98 illus.) 225 1 $aSecurity and Cryptology,$x2946-1863 ;$v9148 300 $aBibliographic Level Mode of Issuance: Monograph 311 08$a3-319-20549-8 320 $aIncludes bibliographical references and index. 327 $aIntro -- Preface -- Organization -- Contents -- Attacks -- Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks -- 1 Introduction -- 2 Ransomware Data Set -- 2.1 Experimental Setup -- 3 Characterization and Evolution -- 3.1 File System Activity -- 3.2 Mitigation Strategies -- 4 Financial Incentives -- 4.1 Bitcoin as a Charging Method -- 5 Related Work -- 6 Conclusion -- References -- ``Nice Boots!'' - A Large-Scale Analysis of Bootkits and New Ways to Stop Them -- 1 Introduction -- 2 How Bootkits Interfere with the Boot Process -- 3 A Large Scale Analysis of Bootkit Technology -- 3.1 Large-Scale Bootkit Analysis Results -- 3.2 Historic Perspective on the Evolution of Bootkit Technology -- 4 Detecting and Preventing Bootkit Infections -- 4.1 Detecting Bootkit Attacks -- 4.2 Preventing Bootkit Infections -- 5 Bootcamp -- 6 Bootcamp Evaluation -- 6.1 Bootkit Detection Results -- 6.2 Bootkit Prevention Results -- 7 Discussion and Limitations -- 8 Related Work -- 9 Conclusion -- References -- C5: Cross-Cores Cache Covert Channel -- 1 Introduction -- 2 Background -- 2.1 Cache Fundamentals -- 2.2 Playing with Caches for Fun and Profit -- 2.3 The Problem of Addressing Uncertainty -- 3 C5 Covert Channel -- 3.1 Sender -- 3.2 Receiver -- 4 Experiments -- 4.1 Testbed -- 4.2 Native Environment -- 4.3 Virtualized Environment -- 4.4 Complex Addressing Matters -- 5 Discussion -- 5.1 Performance -- 5.2 Mitigation -- 6 Related Work -- 7 Conclusion -- References -- Attack Detection -- Intrusion Detection for Airborne Communication Using PHY-Layer Information -- 1 Introduction -- 2 Overview of ADS-B Security Concerns -- 3 Modeling False-Data Injection Attackers -- 4 Intrusion Detection -- 5 Experimental Design -- 6 Results -- 7 Conclusion and Future Work -- References -- That Ain't You: Blocking Spearphishing Through Behavioral Modelling. 327 $a1 Introduction -- 2 Behavioral Profiles -- 2.1 Features Characterizing an Email -- 2.2 Building Behavioral Profiles -- 3 Detecting Anomalous Emails -- 4 Evaluation -- 4.1 Evaluation Datasets -- 4.2 Analysis of the Classifier -- 4.3 Detecting Attack Emails -- 4.4 Performance of IdentityMailer -- 5 Discussion and Limitations -- 6 Related Work -- 7 Conclusions -- References -- Robust and Effective Malware Detection Through Quantitative Data Flow Graph Metrics -- 1 Introduction -- 2 Preliminaries -- 2.1 Quantitative Data Flow Model -- 2.2 Windows Instantiation -- 3 Approach -- 3.1 Features -- 3.2 Training and Model Building Phase -- 3.3 Detection Phase -- 4 Evaluation -- 4.1 Prototype -- 4.2 Effectiveness -- 4.3 Efficiency -- 4.4 Summary and Threats to Validity -- 5 Related Work -- 6 Discussion and Conclusion -- References -- Binary Analysis and Mobile Malware Protection -- Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries -- 1 Introduction -- 2 Binary Analysis and Reverse Engineering -- 3 System Details -- 3.1 Step 1: Data Collection -- 3.2 Step 2: Clustering of Data-Flow Information -- 3.3 Step 3: Behavior Extraction -- 3.4 Step 4: Semantic Tagging -- 4 Experimental Evaluation -- 4.1 Dataset and Ground Truth -- 4.2 Parameter Estimation -- 4.3 Clustering Validation (Step 2) -- 4.4 Behavior Evaluation (Step 3) -- 5 Limitations and Future Work. -- 6 Related Work -- 7 Conclusions -- References -- Fine-Grained Control-Flow Integrity Through Binary Hardening -- 1 Introduction -- 2 Attack Model -- 3 Background and Related Work -- 3.1 Control-Flow Integrity -- 3.2 Dynamic Binary Translation -- 4 Lockdown Design -- 4.1 Rules for Control Transfers -- 4.2 Control Transfer Guards -- 4.3 Handling Stripped Binaries -- 5 Prototype Implementation -- 5.1 Runtime Optimizations -- 5.2 Control-Flow Particularities. 327 $a5.3 Implementation Heuristics -- 5.4 Binary Compatibility -- 6 Evaluation -- 6.1 Performance -- 6.2 Apache Case Study -- 6.3 Security and CFI Effectiveness Case-Study -- 6.4 Security Guarantees -- 7 Conclusion -- References -- Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software -- 1 Introduction -- 2 Energy Measurements -- 3 Experimental Setup and Datasets -- 4 Experimental Results -- 4.1 Energy Consumption vs. Scan Duration -- 4.2 Energy Consumption vs. Detection Outcome -- 4.3 Upon Installation vs. on Demand Detection -- 4.4 Size Does Matter -- 4.5 Display vs. CPU Energy Consumption -- 4.6 Internet Connectivity (WiFi) -- 5 Efficiency Guidelines -- 5.1 Detection Heuristics and Behavior -- 5.2 Visual Design -- 6 Limitations and Future Work -- 7 Related Work -- 8 Conclusion -- References -- Social Networks and Large-Scale Attacks -- The Role of Cloud Services in Malicious Software: Trends and Insights -- 1 Introduction -- 2 Approach -- 2.1 Platform Description -- 3 Experiments -- 3.1 Role of Public Cloud Services in Malware Infrastructures -- 3.2 Dedicated Domains Lifetime Estimation -- 4 Discussion -- 5 Related Work -- 6 Conclusion -- References -- Capturing DDoS Attack Dynamics Behind the Scenes -- 1 Introduction -- 2 Dataset Collection -- 3 Attack Dynamics -- 3.1 Bots Shift Pattern Analysis -- 3.2 Mathematical Representation of Shift Patterns -- 4 Related Work -- 5 Conclusion -- References -- Quit Playing Games with My Heart: Understanding Online Dating Scams -- 1 Introduction -- 2 Background and Problem Study -- 2.1 Online Dating Sites -- 2.2 Case Study: Jiayuan -- 2.3 Threat Model: Online Dating Scams -- 3 Methodology -- 3.1 Behavioral-Based Detection System -- 3.2 IP Address-Based Detection System -- 3.3 Photograph-Based Detection System -- 3.4 Text-Based Detection System -- 4 Description of the Scam Account Dataset. 327 $a5 A Taxonomy of Online Dating Scammers -- 6 Analysis of the Scam Account Dataset -- 6.1 Demographics of Different Scam Account Types -- 6.2 Strategies Used by Different Scam Account Types -- 7 Discussion -- 7.1 Scammers Are Perseverant -- 7.2 Future Work -- 8 Related Work -- 9 Conclusions -- References -- Web and Mobile Security -- More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations -- 1 Introduction -- 2 Background -- 2.1 Authorization Code Flow -- 2.2 Cross Site Request Forgery -- 3 Attack -- 3.1 CSRF in OAuth -- 3.2 Developer Implementation Problems -- 3.3 Mitigation -- 4 CSRF in the Wild -- 4.1 Web Crawler Design and Implementation -- 4.2 Data Collection Setup -- 4.3 Results -- 5 Case Studies -- 5.1 Missing Documentation -- 5.2 Incorrect Code Samples -- 5.3 Inconsistent Requirements -- 5.4 Lack of Enforcement -- 5.5 Recommended Approaches to Mitigation -- 6 Discussion -- 6.1 Comparison to HTTPS Use -- 6.2 OAuth 1.0 -- 7 Related Work -- 8 Conclusion -- References -- May I? - Content Security Policy Endorsement for Browser Extensions -- 1 Introduction -- 2 Empirical Study -- 2.1 Extension Analysis -- 3 Extension Framework Analysis -- 3.1 Resource Loading Through Content Scripts -- 3.2 Case Study: Rapportive -- 4 CSP Endorsement -- 4.1 Endorsement Workflow -- 4.2 Prototype Implementation -- 5 Evaluation -- 5.1 Experiment Set-Up -- 5.2 Results -- 6 Related Work -- 7 Conclusion -- References -- On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users -- 1 Introduction -- 2 Overview -- 3 System Details -- 3.1 Symbolic Executor -- 3.2 Policy Extractor -- 3.3 Application Rewriter -- 4 Practicality Evaluation -- 4.1 Results and Quality of Static Analysis -- 4.2 Quality of the Security Policies -- 4.3 Size of the Security Policies. 327 $a4.4 Discussion and Limitations -- 5 Viable Workflows -- 6 Security Implications and Benefits -- 7 Related Work -- 8 Conclusion and Future Work -- References -- Provenance and Data Sharing -- Identifying Intrusion Infections via Probabilistic Inference on Bayesian Network -- 1 Introduction -- 2 Related Work -- 3 Temporal Dependency Network -- 3.1 Dependency Relationships -- 3.2 Temporal Dependency Network -- 4 Proposed Method -- 4.1 Problem Description -- 4.2 Overview -- 4.3 Probabilistic Bayesian Network Model -- 4.4 Probabilistic Inference -- 5 Experimental Evaluation -- 5.1 Data Set -- 5.2 Methodology -- 5.3 Experiment Results -- 6 Conclusion -- References -- Controlled Data Sharing for Collaborative Predictive Blacklisting -- 1 Introduction -- 1.1 Problem Statement -- 1.2 Roadmap -- 2 Related Work -- 3 Preliminaries -- 3.1 System Model -- 3.2 Cryptographic Tools -- 3.3 Predictive Blacklisting -- 4 Collaborative Predictive Blacklisting via Controlled Data Sharing -- 4.1 Benefit Estimation -- 4.2 Establishing Partnerships -- 4.3 Data Sharing -- 5 The DShield Dataset -- 5.1 Original Dataset -- 5.2 Measurements and Observations -- 5.3 Final Dataset -- 6 Experimental Analysis -- 6.1 Experimental Setup -- 6.2 Different Benefit Estimation Metrics -- 6.3 Analysis -- 6.4 Different Sharing Strategies -- 6.5 Performance of Cryptographic Tools -- 6.6 Take-Aways -- 7 Conclusion -- References -- Author Index. 330 $aThis book constitutes the refereed proceedings of the 12th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2015, held in Milan, Italy, in July 2015. The 17 revised full papers presented were carefully reviewed and selected from 75 submissions. The papers are organized in topical sections on attacks, attack detection, binary analysis and mobile malware protection, social networks and large-scale attacks, Web and mobile security, and provenance and data sharing. 410 0$aSecurity and Cryptology,$x2946-1863 ;$v9148 606 $aData protection 606 $aElectronic commerce 606 $aElectronic data processing$xManagement 606 $aData and Information Security 606 $ae-Commerce and e-Business 606 $aIT Operations 615 0$aData protection. 615 0$aElectronic commerce. 615 0$aElectronic data processing$xManagement. 615 14$aData and Information Security. 615 24$ae-Commerce and e-Business. 615 24$aIT Operations. 676 $a005.8 702 $aAlmgren$b Magnus$4edt$4http://id.loc.gov/vocabulary/relators/edt 702 $aGulisano$b Vincenzo$4edt$4http://id.loc.gov/vocabulary/relators/edt 702 $aMaggi$b Federico$4edt$4http://id.loc.gov/vocabulary/relators/edt 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a9910484264903321 996 $aDetection of Intrusions and Malware, and Vulnerability Assessment$93395207 997 $aUNINA