Information security : 24th International Conference, ISC 2021, Virtual Event, November 10-12, 2021, proceedings / / Joseph K. Liu [and four others], editors
(Visualizza in formato marc)
(Visualizza in BIBFRAME)
| Titolo: |
Information security : 24th International Conference, ISC 2021, Virtual Event, November 10-12, 2021, proceedings / / Joseph K. Liu [and four others], editors
|
| Pubblicazione: | Cham, Switzerland : , : Springer, , [2021] |
| ©2021 | |
| Descrizione fisica: | 1 online resource (420 pages) |
| Disciplina: | 005.8 |
| Soggetto topico: | Computer security |
| Data encryption (Computer science) | |
| Persona (resp. second.): | LiuJoseph K. |
| Nota di bibliografia: | Includes bibliographical references and index. |
| Nota di contenuto: | Intro -- Preface -- Organization -- Contents -- Cryptology -- Integer LWE with Non-subgaussian Error and Related Attacks -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Organization of the Paper -- 2 Preliminaries -- 2.1 Notation -- 2.2 Gaussian and Subgaussian -- 2.3 The ILWE Problem -- 2.4 Lattice Based Fiat-Shamir Signatures -- 3 The Non-subgaussian ILWE Problem -- 4 Low-Bit's Randomness Leakage Attack -- 4.1 The Randomness Leakage Attack -- 4.2 Extend to Lower Bits -- 5 The Careless Implementation Attack -- 5.1 Gaussian Randomness -- 5.2 Uniform Randomness -- 6 Experimental Results -- 6.1 Lower-Bit Randomness Leakage Attack -- 6.2 Careless Implementation Attack with Uniform Randomness -- 6.3 Careless Implementation Attack with Gaussian Randomness -- 7 Conclusion -- A Proof of Proposition 1 -- References -- Layering Quantum-Resistance into Classical Digital Signature Algorithms -- 1 Introduction -- 2 Background -- 2.1 Digital Signature Basics -- 2.2 Zero-Knowledge Proof -- 3 Proposed Quantum-Resistant Digital Signatures -- 3.1 Quantum-Resistant Digital Signature Scheme -- 3.2 Realizing the Proposed Digital Signature Scheme -- 3.3 Performance Measurement -- 4 Real-Life Deployment -- 4.1 Deployment Summary -- 4.2 Exploring Migration -- 5 Related Work -- 6 Conclusion -- References -- Cryptanalysis of RSA Variants with Primes Sharing Most Significant Bits -- 1 Introduction -- 2 Preliminaries -- 2.1 A Useful Lemma -- 2.2 Continued Fractions -- 2.3 Lattice Reduction -- 3 The Attack Based on Continued Fraction Algorithm -- 4 The Attack Based on Coppersmith's Method -- 5 Comparison with Former Attacks -- 6 Conclusion -- References -- Cryptanalysis of Two White-Box Implementations of the SM4 Block Cipher -- 1 Introduction -- 2 Preliminaries -- 2.1 Notation -- 2.2 The SM4 Block Cipher. |
| 3 Collision-Based Attack on Yao and Chen's White-Box SM4 Implementation -- 3.1 Yao and Chen's White-Box SM4 Implementation -- 3.2 Attacking Yao and Chen's White-Box SM4 Implementation -- 4 Collision-Based Attack on Xiao and Lai's White-Box SM4 Implementation -- 5 Concluding Remarks -- References -- A Non-interactive Multi-user Protocol for Private Authorised Query Processing on Genomic Data -- 1 Introduction -- 1.1 Our Contributions -- 2 Preliminaries -- 2.1 Biology Background -- 2.2 Cryptographic Background -- 3 Proposed Solution -- 3.1 System Model Overview -- 3.2 Threat Model -- 4 NIMUPrivGenDB Construction -- 5 Security Definitions and Analysis -- 6 Implementation and Evaluation -- 7 Conclusion -- References -- Bigdata-Facilitated Two-Party Authenticated Key Exchange for IoT -- 1 Introduction -- 1.1 Related Work -- 1.2 Our Contribution -- 1.3 Paper Organisation -- 2 IoT-Oriented AKE Security Model -- 2.1 IoT-Oriented AKE Setting -- 2.2 Preliminary Notions -- 2.3 Game-Based Security Definitions -- 3 The Proposed AKE Protocol -- 3.1 Initialisation Phase -- 3.2 Description of the Proposed AKE Protocol -- 4 Security Analysis -- 4.1 CDH and SDH Assumptions -- 4.2 Security Proofs -- 5 Performance Evaluation and Enhancements -- 5.1 Parameter Selection and Implementation Results -- 5.2 Efficiency Enhancement for the IoT -- 5.3 Comparison with Existing Protocol(s) -- 6 Conclusion -- References -- Randomized Component Based Secure Secret Reconstruction in Insecure Networks -- 1 Introduction -- 1.1 Related Work -- 1.2 Our Contribution -- 1.3 Organization -- 2 Preliminaries -- 2.1 Asmuth-Bloom (t,n) SS Scheme -- 2.2 Harn (t,n) Secure Secret Reconstruction Scheme -- 2.3 Miao Randomized Component Based (t,n) SSR Scheme -- 3 Scheme Model and Security Goals -- 3.1 Scheme Model -- 3.2 Security Goals -- 4 Basic Proposed SSR Scheme -- 4.1 Scheme. | |
| 4.2 Correctness Analysis -- 4.3 Security Analysis -- 5 Improved Bivariate Polynomial Based SSR Scheme -- 5.1 Scheme -- 5.2 Correctness Analysis -- 5.3 Security Analysis -- 6 Properties and Comparisons -- 6.1 Properties -- 6.2 Comparisons -- 7 Conclusion -- References -- Transparency Order of (n,m)-Functions-Its Further Characterization and Applications -- 1 Introduction -- 2 Preliminaries -- 3 Differential Transparency Order-A Novel DPA Concept -- 3.1 Differential Transparency Order -- 3.2 CPA Efficiency Using RTO and DTO-A Comparison -- 4 Is DTO Affine Invariance? -- 5 Lower and Upper Bounds on DTO -- 6 Conclusions -- References -- Web and OS Security -- Browserprint: An Analysis of the Impact of Browser Features on Fingerprintability and Web Privacy -- 1 Introduction -- 2 Research Questions -- 3 Methodology -- 3.1 Feature Gathering -- 3.2 Browser Fingerprinting APIs -- 3.3 Browser Testing Platform -- 4 Analysis -- 4.1 Analysis of the Browser Features -- 4.2 Browser Fingerprintability -- 5 Related Work -- 6 Conclusion -- References -- TridentShell: A Covert and Scalable Backdoor Injection Attack on Web Applications -- 1 Introduction -- 2 Background and Related Work -- 2.1 Static Webshell Detection -- 2.2 Java Bytecode Instrumentation Technique -- 2.3 Webshell Backdoor -- 3 Our Proposed Attack: TridentShell -- 3.1 Attack Vector -- 3.2 Methodology -- 3.3 Implementation -- 4 Evaluation -- 4.1 Experimental Design and Settings -- 4.2 Effectiveness of Our Approach -- 4.3 Robustness of TridentShell -- 4.4 Limitations and Future Work -- 5 Conclusion -- References -- Andromeda: Enabling Secure Enclaves for the Android Ecosystem -- 1 Introduction -- 2 Background -- 2.1 Intel SGX -- 2.2 The Android OS -- 3 Threat Model and Assumptions -- 4 Andromeda Architecture -- 4.1 Trusted Execution and Storage -- 4.2 Andromeda Services -- 5 Implementation. | |
| 5.1 Setting up SGX for Android -- 5.2 Running an SGX Application -- 6 Andromeda Framework -- 6.1 Andromeda Keystore -- 6.2 Native Development -- 6.3 Andromeda Java API -- 7 Evaluation -- 7.1 Security Analysis -- 7.2 Performance Analysis -- 8 Discussion and Limitations -- 9 Related Work -- 10 Conclusion -- References -- Network Security -- FEX - A Feature Extractor for Real-Time IDS -- 1 Introduction -- 1.1 Background -- 1.2 Problem Statement and Contribution -- 1.3 Paper Structure -- 2 Related Work -- 2.1 Network Intrusion Detection Techniques -- 2.2 Machine Learning Based Network Intrusion Detection -- 2.3 CICFlowMeter -- 3 FEX - A Feature EXtractor for Machine Learning-Based IDS -- 3.1 Architecture -- 3.2 Design -- 3.3 Evaluation -- 4 Training a Model for Real-Time Intrusion Detection -- 4.1 Training Data and Labelling -- 4.2 Sampling -- 4.3 Library Selection -- 4.4 Model Selection -- 4.5 Evaluation -- 5 Towards a Machine Learning Based Real-Time IDS -- 6 Conclusion -- References -- Identifying Malicious DNS Tunnel Tools from DoH Traffic Using Hierarchical Machine Learning Classification -- 1 Introduction -- 2 Related Work -- 2.1 Network Traffic Classification -- 2.2 DNS Tunnel Detection -- 3 Design -- 3.1 System Overview -- 3.2 Capturing and Extracting the Features of Network Traffic -- 3.3 Model Decision and Training -- 3.4 Network Traffic Classification -- 4 Evaluation -- 4.1 Implementation -- 4.2 Dataset -- 4.3 Model Decision -- 4.4 Results of Malicious DNS Tunnel Tool Identification -- 4.5 Consideration of Important Features -- 4.6 Discussion -- 5 Conclusion -- References -- Detection of Malware, Attacks and Vulnerabilities -- Hybroid: Toward Android Malware Detection and Categorization with Program Code and Network Traffic -- 1 Introduction -- 2 System Design -- 2.1 Static Features Preparation -- 2.2 Dynamic Features Preparation. | |
| 2.3 Machine Learning Classification -- 3 Evaluation -- 3.1 Experimental Setup -- 3.2 Evaluation Metrics -- 3.3 Dataset -- 3.4 Power Law and Opcode Embedding -- 3.5 Performance of Classifiers -- 4 Limitation and Future Work -- 5 Related Work -- 6 Conclusion -- References -- A Novel Behavioural Screenlogger Detection System -- 1 Introduction -- 1.1 Context and Motivation -- 1.2 Contributions -- 1.3 Paper Outline -- 2 Literature Review -- 3 System Model -- 4 Threat Model -- 4.1 General Description -- 4.2 Operating Process -- 5 Experimental Setup -- 5.1 Malicious and Benign Datasets -- 5.2 Experimental Framework -- 6 Basic Detection Approach -- 6.1 Feature Extraction -- 6.2 Detection Algorithm -- 6.3 Model Training and Testing -- 6.4 Feature Selection -- 7 Optimised Detection Approach -- 7.1 Interaction with the User -- 7.2 Visibility of the Screenshot-Taking Process -- 7.3 Image Sending -- 7.4 Remote Command Triggering -- 7.5 Asymmetric Traffic -- 7.6 Captured Area -- 7.7 Screenshot Frequency -- 8 Results and Comparison -- 8.1 Performance Measurements -- 8.2 Basic Detection Approach -- 8.3 Optimised Detection Approach -- 9 Conclusion -- References -- DEVA: Decentralized, Verifiable Secure Aggregation for Privacy-Preserving Learning -- 1 Introduction -- 2 Preliminaries -- 3 Framework of a DECENTA Problem -- 4 A DECENTA Solution: DEVA -- 5 Evaluation -- 5.1 Implementation Analysis -- 5.2 Comparison -- 6 Conclusion -- References -- DVul-WLG: Graph Embedding Network Based on Code Similarity for Cross-Architecture Firmware Vulnerability Detection -- 1 Introduction -- 2 Relate Work -- 3 Embedded Network -- 3.1 Siamese Network -- 3.2 Embedding of Instruction Semantic Features -- 3.3 Embedding of Structural Features of ACFG -- 4 Evaluation -- 4.1 Implementation -- 4.2 Effectiveness of Instruction Embedding Projection -- 4.3 Evaluation of Graph Embedding. | |
| 4.4 Vulnerability Detection of Real Firmware. | |
| Titolo autorizzato: | Information Security |
| ISBN: | 3-030-91356-2 |
| Formato: | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione: | Inglese |
| Record Nr.: | 9910510543703321 |
| Lo trovi qui: | Univ. Federico II |
| Opac: | Controlla la disponibilità qui |
Serie:
LNCS sublibrary. : SL 4, . -Security and cryptology ; ; Volume 13118.