Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Computer security - ESORICS 2022 : 27th European symposium on research in computer security, Copenhagen, Denmark, September 26-30, 2022, proceedings, Part III / / edited by Vijayalakshmi Atluri [and three others]
| Computer security - ESORICS 2022 : 27th European symposium on research in computer security, Copenhagen, Denmark, September 26-30, 2022, proceedings, Part III / / edited by Vijayalakshmi Atluri [and three others] |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (798 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science Ser. |
| Soggetto topico |
Computer networks - Security measures
Computer security |
| ISBN | 3-031-17143-8 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part III -- Formal Analysis -- A Formal Analysis of the FIDO2 Protocols -- 1 Introduction -- 2 Overview of FIDO2 -- 2.1 Architecture of FIDO2 -- 2.2 The CTAP2 -- 2.3 The WebAuthn Protocol -- 3 Formal Verification of FIDO2 -- 3.1 Assumptions and Threat Model -- 3.2 Security Goals -- 4 Formal Models -- 4.1 ProVerif Models of FIDO2 -- 4.2 Verifying Leak Resilience Goals of FIDO2 -- 5 Security Analysis -- 5.1 Results -- 5.2 Attacks -- 5.3 Recommendations -- 6 Related Work -- 7 Conclusion -- References -- A Composable Security Treatment of ECVRF and Batch Verifications -- 1 Introduction -- 2 Preliminaries -- 3 UC Security of Verifiable Random Functions -- 4 The ECVRF Standard -- 5 ECVRFbc: Batch Verification for ECVRF -- 5.1 Making the Scheme Batch-Compatible -- 5.2 Batch-Verification -- 6 Security Analysis of ECVRFbc and Batch Verifications -- 6.1 Security Analysis of ECVRFbc -- 6.2 Security Analysis of ECVRFbc with Batch Verifications -- 7 Performance Evaluation -- A Brief Overview of Concepts Used in the Security Argument -- References -- Efficient Proofs of Knowledge for Threshold Relations -- 1 Introduction -- 1.1 Our Contribution -- 2 Technical Overview of ch3GGHK21 -- 3 Our Techniques -- 3.1 1-out-of-2 Equivocal Commitment Schemes -- 3.2 ord: A -Protocol to Prove Parameters Ordering -- 3.3 Efficient (k,)-PTR -- A -Protocols -- A.1 Stackable -protocols -- References -- A Tale of Two Models: Formal Verification of KEMTLS via Tamarin -- 1 Introduction -- 1.1 Related Work -- 1.2 Contributions -- 2 Background on Symbolic Analysis -- 3 Model #1: High-Resolution Protocol Specification -- 3.1 Cremers et al.'s Tamarin TLS 1.3 Model -- 3.2 Representing KEMTLS in the Model -- 3.3 Security Properties -- 3.4 Results -- 3.5 Limitations -- 4 Model #2: Multi-stage Key Exchange Model.
4.1 Reductionist Security Model for TLS 1.3 and KEMTLS -- 4.2 Formalizing the Reductionist Security Model in Tamarin -- 4.3 Comparison of Pen-and-Paper and Tamarin Models -- 4.4 Results -- 4.5 Limitations -- 5 Comparison of Models -- 6 Conclusion -- A Errors Identified in the Stated Properties of KEMTLS(-PDK) -- B Performance -- References -- Web Security -- Browser-Based CPU Fingerprinting -- 1 Introduction -- 2 Background -- 3 Methodology -- 3.1 Benchmarks -- 3.2 Data Set -- 3.3 Classification -- 3.4 Classification Evaluation -- 4 Evaluation -- 4.1 Classification -- 4.2 Efficiency -- 4.3 Noise Resilience -- 5 Discussion -- 5.1 Use for Microarchitectural Properties -- 5.2 Limitations -- 5.3 Mitigations -- 6 Conclusion -- References -- Polymorphic Protocols at the Example of Mitigating Web Bots -- 1 Introduction -- 2 Related Work -- 3 Polymorphic Protocols -- 3.1 Basic Approach -- 3.2 Formal Model -- 3.3 Transforming Protocols -- 3.4 Using Polymorphic Protocols -- 4 Evaluation -- 4.1 Implementation -- 4.2 Performance Evaluation -- 4.3 Security Discussion -- 4.4 Limitations -- 5 Conclusion -- A Generating a Custom Protocol -- References -- Unlinkable Delegation of WebAuthn Credentials -- 1 Introduction -- 1.1 WebAuthn Properties, Delegation Challenges, and Naïve approaches -- 1.2 Contribution and Organisation -- 2 Delegating WebAuthn Account Credentials -- 2.1 From Account Recovery to Delegation -- 2.2 Two Approaches for Delegation -- 2.3 Setup Phase (common for Remote and Direct Delegation) -- 2.4 Remote Delegation -- 2.5 Direct Delegation -- 3 Proxy Signature with Unlinkable Warrants -- 3.1 Modelling PSUW -- 3.2 Our Generic PSUW Construction -- 4 Achieving Delegation in WebAuthn -- 4.1 Cryptographic Implementation -- 4.2 Approach for Integration with WebAuthn and Our Code -- 5 Related Work -- 6 Conclusion -- References. Large Scale Analysis of DoH Deployment on the Internet -- 1 Introduction -- 2 Related Work -- 3 Background on DoH and Its Security Impact -- 4 Methodology -- 4.1 Creation of the Well-known DoH Resolvers Lists -- 4.2 Scan of Port 443/TCP on the Internet -- 4.3 DoH Service Discovery -- 4.4 DoH Resolver Verification -- 4.5 IP Address Enrichment -- 4.6 Verification of SNI Usage -- 4.7 Estimation of the Number of Organisations -- 4.8 Methodology Limitations -- 5 Results -- 5.1 Results of Creating Well-Known DoH Resolvers Lists -- 5.2 Results of DoH Scans -- 5.3 Comparison Between the Well-Known and DoH Scan Lists -- 5.4 Results of the SNI Verification -- 5.5 Capabilities of the DoH Resolvers Found -- 5.6 DNS Server Identification -- 5.7 Who Operates the DoH Resolvers -- 5.8 TLS Certificate Analysis -- 5.9 Threat Intelligence Results -- 6 Discussions on the Results -- 7 Conclusion -- 8 Appendix -- 8.1 Ethical Considerations -- 8.2 Nmap Configuration -- References -- Equivocal URLs: Understanding the Fragmented Space of URL Parser Implementations -- 1 Introduction -- 2 Related Work -- 2.1 Exploiting Human Misinterpretation of URLs -- 2.2 Exploiting Machines' Inconsistent URL Parsing -- 3 Methodology -- 3.1 ``Ground Truth'' Reference Parsers -- 3.2 Test Input Enumeration -- 4 Results -- 4.1 Disagreement with Reference Parsers -- 4.2 Disagreement Among All Parsers -- 5 A Taxonomy of URL Parsing Pitfalls -- 5.1 Seven Pitfalls of URL Parsing Causing Hostname Equivocation -- 6 Misdirection Attacks with Equivocal URLs -- 6.1 Responsible Disclosure -- 6.2 Equivocal URLs vs Google Safe Browsing -- 6.3 Misdirecting VirusTotal -- 7 Backwards Compatibility Constraints on Strict URL Parsing -- 8 Discussion -- 8.1 Mitigation -- 8.2 Limitations and Future Work -- 9 Conclusion -- Appendix A: Tested Parser Details -- References. Exploring the Characteristics and Security Risks of Emerging Emoji Domain Names -- 1 Introduction -- 2 Background -- 3 Data Sources of Emoji Domains -- 3.1 Collecting Large-Scale Datasets -- 3.2 Identifying Emoji Domains -- 4 Characteristics of Emoji Domain Ecosystem -- 4.1 Growing Trend of DNS Statistics -- 4.2 Registration Distribution and Usage Strategies -- 4.3 Infrastructure Analysis -- 5 Security Threats of Emoji Domain Applications -- 5.1 Visual Phishing Threat of Emoji Domains -- 5.2 Parsing Error of Emoji Domains -- 5.3 Trans-coding Issue of Emoji Domains -- 6 Discussion -- 7 Related Works -- 8 Conclusion -- References -- Hardware Security -- CPU Port Contention Without SMT -- 1 Introduction -- 2 Background -- 2.1 CPU Port Contention -- 2.2 WebAssembly -- 2.3 Browser Fingerprinting -- 3 Threat Model -- 4 Port Contention Without SMT -- 4.1 Main Idea -- 4.2 Native Environment -- 4.3 Web Browsers -- 5 Fingerprinting CPU Generations -- 5.1 Core Idea -- 5.2 Framework -- 5.3 Evaluation -- 6 Discussion -- 6.1 Practical Use of CPU-Generation Fingerprinting -- 6.2 Limitations -- 6.3 Virtualization and Emulation -- 6.4 Mitigation -- 7 Related Work -- 7.1 SMT Side-Channel Attacks -- 7.2 Side-Channel Attacks in Browsers -- 7.3 Browser Fingerprinting -- 8 Conclusion -- A Training Set -- References -- Protocols for a Two-Tiered Trusted Computing Base -- 1 Introduction -- 2 Background -- 3 Design of the TCB -- 3.1 Main Functionalities -- 3.2 Auxiliary Functionalities -- 3.3 Description of the Architecture -- 4 Adversarial Model -- 5 Protocols -- 5.1 Protocol 1: MTCB A/B Update -- 5.2 Protocol 2: Secure Boot -- 5.3 Protocol 3: Remote Attestation -- 5.4 Protocol 4: ETCB Recovery -- 6 Modelling and Verification of Security Properties -- 7 Conclusion -- A Security Properties -- References -- Using Memristor Arrays as Physical Unclonable Functions. 1 Introduction -- 1.1 Contributions -- 1.2 Related Work -- 2 Background -- 2.1 Self-directed Channel Memristors -- 2.2 Physical Unclonable Functions -- 3 Memristance-Based PUFs -- 3.1 Measurement Circuit Design -- 3.2 Classification of Memristor Cells Based on Their Frequency Distribution -- 3.3 Classification of Memristance-Based PUFs Using Convolutional Neural Networks -- 4 Applications of Memristance-Based PUFs -- 4.1 Authentication Protocol -- 4.2 Evaluation of the Proposed Protocol -- 5 Conclusion -- Appendix 1 Self-directed Channel Memristors -- Appendix 2 Measurement Circuit Design -- References -- Multiparty Computation -- SecureBiNN: 3-Party Secure Computation for Binarized Neural Network Inference -- 1 Introduction -- 2 Preliminaries -- 2.1 Security Model -- 2.2 Correlated Randomness -- 2.3 Two-party Secret Sharing -- 2.4 Three-party Secret Sharing -- 3 The SecureBiNN Framework -- 3.1 Highlights -- 3.2 Parameters Encoding -- 3.3 Fully Connected Layer and Convolutional Layer -- 3.4 Secure 3-Input and Gate -- 3.5 Three-party Oblivious Transfer -- 3.6 Secure Activation Function -- 3.7 Batch Normalization -- 3.8 Maxpooling -- 4 Experiment Results and Analysis -- 4.1 Experimental Evaluation on MNIST -- 4.2 Experimental Evaluation on CIFAR-10 -- 4.3 Experimental Evaluation on Real-World Medical Datasets -- 5 Conclusion and Future Work -- A Related Work -- References -- Mixed-Technique Multi-Party Computations Composed of Two-Party Computations -- 1 Introduction -- 2 Conversion Between 2PC and Homomorphic Encryption -- 2.1 Malicious Security -- 2.2 Solution Overview -- 3 Technical Details -- 3.1 ZK Protocols -- 3.2 Composition of ZK Protocols -- 3.3 Security Analysis -- 4 Application to Private Set Disjointness -- 4.1 PSD Protocol Overview -- 4.2 Malicious Security for PSD -- 4.3 Complexity Analysis -- 4.4 Implementation -- 5 Related Work. A Supporting Larger Plaintext Spaces. |
| Record Nr. | UNISA-996490355603316 |
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Computer security - ESORICS 2022 . Part II : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26-30, 2022, proceedings / / Vijayalakshmi Atluri [and three others]
| Computer security - ESORICS 2022 . Part II : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26-30, 2022, proceedings / / Vijayalakshmi Atluri [and three others] |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer, , [2022] |
| Descrizione fisica | 1 online resource (753 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Computer networks - Security measures
Computer security |
| ISBN | 3-031-17146-2 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents - Part II -- Anonymity -- A Machine Learning Approach to Detect Differential Treatment of Anonymous Users -- 1 Introduction -- 2 Related Work -- 3 Methodology -- 3.1 Collection and Labeling of Training Data -- 3.2 Feature Selection -- 3.3 Classifier Training and Tuning -- 4 Results: Differential Treatment of Tor Users -- 4.1 Data Collection -- 4.2 Block Rates by Visit Type -- 4.3 Block Rates by Characteristics of Tor Exit Nodes -- 4.4 Block Rates by Characteristics of Web Sites -- 4.5 CAPTCHA Rates -- 5 Limitations -- 6 Conclusion -- A Classifier Performance -- B Labeling -- C Block Rates for Subsites and Searches -- References -- Utility-Preserving Biometric Information Anonymization -- 1 Introduction -- 2 Basic Concepts and Problem Statement -- 2.1 Basic Concepts -- 2.2 Problem Statement -- 2.3 Attack Model -- 3 Rationale of Approach -- 4 Methodology -- 4.1 Dynamically Assembled Random Set -- 4.2 Selective Weighted Mean-Based Transformation -- 5 Experimental Evaluation -- 5.1 Experimental Setup -- 5.2 Results -- 6 Related Work -- 7 Conclusions -- References -- Anonymous Traceback for End-to-End Encryption -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Related Work -- 2 Definitions and Security Models -- 2.1 Anonymous Traceback Syntax -- 2.2 Security Model -- 3 Warm-Up: Anonymous Path Traceback -- 3.1 Construction Details -- 4 Anonymous Source Traceback -- 4.1 Construction Details -- 5 Implementation and Performance -- 6 Proof Sketches -- 6.1 Anonymous Path Traceback -- 6.2 Anonymous Source Traceback -- References -- Cloud Security -- Public Cloud Data Auditing Revisited: Removing the Tradeoff Between Proof Size and Storage Cost -- 1 Introduction -- 1.1 Motivation -- 1.2 Our Contributions -- 2 Related Work -- 3 Definitions of Public (Third-Party) Auditing -- 4 Our Constructions.
4.1 Basic Public Cloud Data Auditing Scheme -- 4.2 Public Cloud Data Auditing Scheme with Reduced Storage Cost -- 5 Proof of Security -- 6 Implementation Results -- 7 Conclusion -- References -- DEKS: A Secure Cloud-Based Searchable Service Can Make Attackers Pay -- 1 Introduction -- 1.1 Motivation -- 1.2 A High-Level Overview of Our Idea -- 1.3 Our Contributions -- 2 KGA Revisited -- 3 System Definition and Model -- 3.1 System Overview -- 3.2 Definition of DEKS -- 3.3 SS-CKA Security -- 4 A Concrete Construction for DEKS -- 4.1 Mathematical Tools -- 4.2 The Construction -- 4.3 Correctness and Security Proof -- 5 Evaluation -- 5.1 Complexity Analysis -- 5.2 Experimental Analysis -- 6 Conclusion -- References -- Lighter is Better: A Lighter Multi-client Verifiable Outsourced Computation with Hybrid Homomorphic Encryption -- 1 Introduction -- 2 Multi-client Verifiable Computation -- 2.1 Syntax -- 2.2 Security Definition -- 3 Building Blocks -- 3.1 Garbling Scheme -- 3.2 Fully Homomorphic Encryption -- 4 Multi-client Outsourced Garbled Circuits -- 4.1 Syntax of MOGC -- 4.2 Construction of MOGC -- 5 Construction -- 5.1 One-Time Multi-client Verifiable Computation (OT-MVC) -- 5.2 Construction of MVOC -- 5.3 From Semi-honest Clients to Malicious Clients -- 6 Evaluation -- 6.1 Efficiency Analysis -- 6.2 Implementation and Evaluation -- 7 Conclusion -- References -- Verifying the Quality of Outsourced Training on Clouds -- 1 Introduction -- 2 Background and Problem Statement -- 2.1 Background -- 2.2 Problem Statement -- 3 System Framework -- 4 Design Details -- 4.1 Extra Task Construction -- 4.2 Training Quality Verification -- 5 Evaluation -- 5.1 Experiment Setup -- 5.2 Results -- 5.3 Visualizing Training Examples -- 6 Related Work -- 7 Conclusion -- A Proof of Theorem 1 -- References -- SecQuant: Quantifying Container System Call Exposure. 1 Introduction -- 2 Secure Containers and Threat Model -- 3 Design of SecQuant -- 3.1 SCAR: System Call Assessment of Risk -- 3.2 SCED: System Call Exposure Discovery -- 3.3 Container Syscall Exposure Measure -- 4 System Call Analysis Results -- 4.1 Verification of CF-IDF Metric -- 4.2 System Call Risk Weights -- 4.3 Pass-Through System Calls Across Containers -- 5 Container Runtime Security Analysis -- 5.1 Container Syscall Exposure Measure Scores -- 5.2 Historical Trends Across Versions -- 6 Related Work -- 7 Considerations for Improvements -- 8 Conclusion -- A Complete Ranking of System Calls by Risk Weights -- B Break-down of Sample Risk Weights -- C Experiment Setup -- References -- Robust and Scalable Process Isolation Against Spectre in the Cloud -- 1 Introduction -- 2 Background and Related Work -- 3 Remote Spectre Attacks on Cloudflare Workers -- 3.1 Threat Model and Attack Overview -- 3.2 Building Blocks -- 3.3 Attack on Cloudflare Workers -- 4 DyPrIs -- 4.1 Detecting Spectre Attacks -- 4.2 Process Isolation -- 5 Evaluation -- 5.1 Normalized Performance Counters -- 5.2 DyPrIs -- 6 Discussion -- 7 Conclusion -- References -- III Access Control -- Administration of Machine Learning Based Access Control -- 1 Introduction -- 2 Related Work -- 2.1 ML for Administration of Policy-Based Access Control -- 2.2 MLBAC -- 3 MLBAC Administration -- 3.1 Requirements -- 3.2 Problem Statement and Approach -- 3.3 Terminologies -- 3.4 Methodology -- 4 MLBAC Administration Prototype -- 4.1 System for MLBAC Administration Experimentation -- 4.2 Symbolic and Non-symbolic ML Models -- 4.3 Administration Strategies in MLBAC -- 5 Evaluation -- 5.1 Evaluation Methodology -- 5.2 Results -- 6 Conclusion -- A Additional AAT Generation -- B Data Generation -- C Dataset Visualization -- D List of Simulated Task and Criteria -- References. Real-Time Policy Enforcement with Metric First-Order Temporal Logic -- 1 Introduction -- 2 Related Work -- 3 Policy Enforcement -- 4 Metric First-Order Temporal Logic -- 5 MFOTL Enforceability -- 6 MFOTL Enforcement in the Finite Case -- 6.1 Monitoring MFOTL Formulae -- 6.2 Enforcer -- 6.3 Correctness and Transparency -- 7 Implementation -- 8 Evaluation -- 9 Conclusion -- A Evaluation Data -- References -- A Tale of Four Gates -- 1 Introduction -- 1.1 Contributions -- 1.2 Responsible Disclosure -- 2 Background -- 3 Related Work -- 4 Analysis of App Components Across User Profiles -- 5 Analysis of Sensor Background Access -- 5.1 Stealthy Background Spyware -- 6 Evaluation -- 6.1 Four Gates Inspector -- 6.2 Real-World Tests -- 6.3 Evaluation and Results -- 6.4 Limitations -- 7 Discussion and Mitigation -- 8 Conclusion -- 9 Appendix -- References -- Authentication -- Sequential Digital Signatures for Cryptographic Software-Update Authentication -- 1 Introduction -- 2 Notation -- 3 Stateless Signatures -- 3.1 Digital Signatures: DS -- 3.2 Strictly One-Time Digital Signatures: SOT-DS -- 4 Sequential Digital Signatures: SDS -- 5 Constructions -- 5.1 Hash Function Based SOT-DS -- 5.2 SDS from SOT-DS -- 6 Implementation and Evaluation -- A Extractors -- References -- On Committing Authenticated-Encryption -- 1 Introduction -- 2 Preliminaries -- 3 Committing AE -- 4 The CTX Construction -- 5 Commitment Security of GCM and OCB -- 6 Other Committing AE Notions -- References -- Quantum-Resistant Password-Based Threshold Single-Sign-On Authentication with Updatable Server Private Key -- 1 Introduction -- 1.1 Motivation -- 1.2 Contributions -- 2 Preliminaries -- 2.1 Lattices, SIS, and DRLWE -- 2.2 Distributed Key Generation Protocol Over Lattices -- 2.3 Threshold Homomorphic Aggregate Signatures Over Lattices -- 2.4 Oblivious Pseudorandom Function Over Lattices. 3 Basic Scheme Architecture and Security Model -- 3.1 Password-Based Threshold SSO Authentication -- 3.2 Security Model -- 4 Quantum-Resistant Password-Based Threshold Single-Sign-On Authentication with Secret Update -- 5 Security Analysis -- 6 Efficiency Analysis and Protocol Comparison -- 7 Conclusion and Future Work -- A Security of TOPRF -- B Proof of Theorem 1 -- References -- The Revenge of Password Crackers: Automated Training of Password Cracking Tools -- 1 Introduction -- 2 Background and Related Work -- 3 Building a Reliable Password Dataset -- 3.1 Dataset Analysis -- 4 Dictionaries with Off-the-Shelf Rules -- 5 Training Masks -- 6 Training Rules -- 7 Conclusion -- References -- Fuzzy Authenticated Key Exchange with Tight Security -- 1 Introduction -- 2 Preliminary -- 3 Fuzzy Authenticated Key Exchange -- 3.1 Definition of Fuzzy Authenticated Key Exchange -- 3.2 Security Model of FAKE -- 4 Our FAKE Scheme -- 5 Security Proof of FAKE -- 6 Instantiation of Our FAKE Construction -- A Figure5: The Security Experiment ExpFAKE,,,A for FAKE -- B Figure6: The Security Games G0-G6 for FAKE -- References -- Continuous Authentication in Secure Messaging -- 1 Introduction -- 1.1 Contributions -- 1.2 Further Related Work -- 2 Continuous Authentication -- 2.1 Messaging Schemes -- 2.2 Security Game -- 3 Introducing Authentication Steps -- 3.1 Recording Ciphertexts -- 3.2 Authentication Steps -- 3.3 Detecting Compromised Long-Term Secrets -- 4 Security of the Authentication Steps Protocol -- 5 Implementation and Benchmarks -- 6 Observations on the Official Implementation -- 7 Conclusion -- A Security of the Authentication Steps Protocol -- A.1 Upper Bound for False Negatives -- A.2 Upper Bound for False Positives -- References -- Digital Signatures -- Half-Aggregation of Schnorr Signatures with Tight Reductions -- 1 Introduction -- 1.1 Contributions. 2 Preliminaries. |
| Record Nr. | UNISA-996490353803316 |
| Cham, Switzerland : , : Springer, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Computer security - ESORICS 2022 . Part I : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26-30, 2022, proceedings / / Vijayalakshmi Atluri [and three others]
| Computer security - ESORICS 2022 . Part I : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26-30, 2022, proceedings / / Vijayalakshmi Atluri [and three others] |
| Pubbl/distr/stampa | Cham, Switzerland : , : Springer International Publishing, , [2022] |
| Descrizione fisica | 1 online resource (749 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Computer networks - Security measures
Computer security |
| ISBN | 3-031-17140-3 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Keynotes -- Cyber Resilience: An Agenda for the Future of Cyberspace Security -- Lessons Learned from Building and Attacking Secure Computing Systems -- A Perspective on IoT Security -- Contents - Part I -- Contents - Part II -- Contents - Part III -- Blockchain Security -- A Blockchain-Based Long-Term Time-Stamping Scheme -- 1 Introduction -- 2 Related Works -- 3 Preliminaries -- 4 Definitions of a BLTTS Scheme -- 4.1 Scheme Definition -- 4.2 Security Model -- 5 The Proposed BLTTS Scheme -- 5.1 Proposed BLTTS Scheme with Three Solutions -- 5.2 Solutions Comparison -- 6 Security Analysis -- 7 Implementations -- 8 Conclusions -- A Implementations -- References -- Post-Quantum Verifiable Random Function from Symmetric Primitives in PoS Blockchain -- 1 Introduction -- 1.1 Verifiable Random Function (VRF) -- 1.2 VRFs in the Blockchain -- 1.3 Our Contributions -- 1.4 Our Approach -- 2 Verifiable Random Function (VRF) -- 3 SL-VRF: Stateless Verifiable Random Function from PRF and NIZK -- 3.1 SL-VRF from PRF+NIZK Construction -- 4 X-VRF: Verifiable Random Function from XMSS -- 4.1 X-VRF from XMSS Construction -- 4.2 X-VRF Security Analysis -- 5 Implementation and Evaluation -- 5.1 VRF Proof Sizes -- 5.2 Memory Requirements -- 5.3 VRF Computation Efficiency -- 6 Integration to Algorand -- 6.1 Performance Estimation -- 6.2 Dual Key Scheduling -- 6.3 X-VRF Instances -- 6.4 Comparison with Current State-of-the-art and Final Remarks -- A Appendix -- A.1 Proof of Lemma 1 -- A.2 Proof of Theorem 1 -- A.3 XMSS Signature Scheme -- References -- Opportunistic Algorithmic Double-Spending: -- 1 Introduction -- 1.1 Related Work -- 1.2 Paper Structure -- 2 What is Algorithmic Double-Spending? -- 3 System Model and Assumptions -- 4 Semantic Malleability of Bitcoin and Cardano -- 5 Semantic Malleability in Ethereum.
5.1 How to Construct an OpAl Fork Oracle in Ethereum -- 5.2 Proof of Concept OpAl Attack Contract -- 5.3 Cost Overhead of PoC Attack in Ethereum -- 6 Empirical Analysis of Ethereum Transaction Traces -- 7 Mitigation Strategies Against OpAl -- 7.1 Can Blockchains Be Characterized as State Machines? -- 8 Conclusion -- References -- Zero-History Confidential Chains with Zero-Knowledge Contracts: A New Normal for Decentralized Ledgers? -- 1 Introduction -- 2 Preliminaries -- 3 Zero-History Confidential Chains -- 4 Implementation and Experiments -- References -- Secure Hierarchical Deterministic Wallet Supporting Stealth Address -- 1 Introduction -- 1.1 Our Contribution -- 1.2 Related Work -- 1.3 Outline -- 2 Definitions of HDWSA -- 2.1 Notations of Hierarchy -- 2.2 Algorithm Definition -- 2.3 Security Models -- 3 Our Construction -- 3.1 Preliminaries -- 3.2 Construction -- 3.3 Security Analysis -- 4 Implementation -- References -- Zero-Knowledge Age Restriction for GNU Taler -- 1 Introduction -- 2 Age Restriction -- 2.1 Signatures -- 2.2 Achieving Unlinkability -- 2.3 Requirements Imposed on the Functions (1)-(5) -- 3 Instantiation with ECDSA -- 4 Proofs of the Security Properties -- 5 Background: GNU Taler -- 6 Integration into GNU Taler -- 7 Implementation and Benchmarks -- 8 Discussion -- 9 Related Work -- 10 Conclusion -- A Edx25519 -- References -- Privacy -- Privacy Leakage in Privacy-Preserving Neural Network Inference*-6pt -- 1 Introduction -- 1.1 Privacy Concerns in Machine Learning -- 1.2 MPC for PPML -- 1.3 SCSDF Framework for Neural Network Inference -- 2 The SCSDF Framework and Its Security Flaws -- 2.1 Overview -- 2.2 Concrete DReLU Protocol -- 2.3 Security Flaws in Formal Simulation -- 2.4 Privacy Leakage in Concrete Protocols -- 3 Experimental Evaluation on Privacy Leakage -- 3.1 Basic Setup -- 3.2 Probability Density Analysis. 3.3 Privacy Leakage in ReLU -- 3.4 Privacy Leakage in Sigmoid -- 4 Countermeasure -- 4.1 Add Permutation -- 4.2 Relax Mask Restrictions -- 4.3 Experimental Evaluation of Countermeasures -- 5 Conclusion -- A Preliminary -- A.1 Neural Network -- A.2 Fixed-Point Number -- A.3 Addictive Secret Sharing -- A.4 Threat Model -- References -- Enhancing User Privacy in Mobile Devices Through Prediction of Privacy Preferences -- 1 Introduction -- 2 Related Work -- 3 Permission Decisions in Context -- 3.1 The Dataset -- 3.2 Exploratory Analysis -- 4 Predicting Privacy Decisions -- 4.1 Global Prediction -- 4.2 Personalized Prediction -- 5 Limitations and Future Work -- 6 Conclusion -- A Grant Rate -- B Information Gain -- References -- One Vote Is Enough for Analysing Privacy -- 1 Introduction -- 2 Modelling Security Protocols -- 2.1 Messages -- 2.2 Processes -- 2.3 Equivalences -- 3 Modelling the General BPRIV Notion -- 3.1 Modelling E-Voting Protocols -- 3.2 A Symbolic Definition of BPRIV -- 3.3 Auxiliary Properties -- 4 Reduction -- 4.1 Reduction to One Honest Voter -- 4.2 Bounding the Number of Dishonest Voters -- 4.3 Main Result -- 5 Dealing with Revoting -- 6 Applications and Case Studies -- 7 Conclusion -- Appendix A Some Counting Functions -- A.1 Some 1-Bounded Counting Functions -- A.2 Single Transferable Vote -- References -- Local Differential Privacy for Federated Learning*-6pt -- 1 Introduction -- 2 Background -- 2.1 Federated Learning -- 2.2 Local Differential Privacy -- 2.3 Randomized Aggregatable Privacy-Preserving Ordinal Response (RAPPOR) -- 2.4 Optimized Unary Encoding -- 2.5 Postprocessing Invariance/Robustness and Composition -- 3 Our Approach -- 3.1 Generating a Fully Trained CNN Using the Local Private Data -- 3.2 Generating Flattened 1-D Vectors of Inputs and Randomizing Them to Enforce DP. 3.3 Conducting Federated Learning over Randomized Data -- 4 Results and Discussion -- 4.1 LDPFL Architectural Configurations and Datasets Used During the Experiments -- 4.2 Conducting Experiments on LDPFL -- 4.3 LDPFL Model Performance -- 5 Related Work -- 6 Conclusion -- References -- XSPIR: Efficient Symmetrically Private Information Retrieval from Ring-LWE -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Technical Overview -- 1.3 Related Work -- 2 Preliminaries and Background -- 2.1 (Symmetrically) Private Information Retrieval -- 2.2 Homomorphic Encryption -- 3 Main Construction -- 3.1 PIR from Homomorphic Encryption -- 3.2 XSPIR: Adding Data Privacy -- 3.3 Security -- 4 Implementation and Evaluation -- 4.1 Parameter Choices -- 4.2 Experimental Comparisons -- 4.3 Comparison to 1-out-of-n OT -- References -- Scaling up GAEN Pseudorandom Processes: Preparing for a More Extensive Pandemic -- 1 Introduction -- 1.1 Contributions -- 2 Background and Notations -- 3 Dice and Splice: Fast Elimination of Irrelevant Keys -- 3.1 For d=2 -- 3.2 For General d2 -- 3.3 Performance Analysis -- 3.4 Simulation Study -- 4 The Forest from the PRF-tree: Elastic Adaptation of TEK Period -- 4.1 The Elastic-key Protocol -- 4.2 Combining ``Forest from the PRF-Tree'' with ``Dice and Splice'' Techniques -- 4.3 The Cost-Privacy Trade-off of the Elastic Key GAEN -- 4.4 Simulation Study -- A Pseudo-Codes -- References -- Crypto -- Generic Construction of Trace-and-Revoke Inner Product Functional Encryption -- 1 Introduction -- 1.1 Our Results -- 1.2 Our Techniques -- 1.3 Related Work -- 1.4 Organization -- 2 Preliminaries -- 3 Trace-and-Revoke Inner-Product Functional Encryption -- 4 Generic Construction of Trace-and-Revoke IPFE -- 4.1 Adaptive Security -- 4.2 Public Black-box Traceability -- 5 Trace-and-Revoke IPFE from LWE, DDH and DCR. 5.1 Trace-and-Revoke IPFE from LWE and DCR -- 5.2 Trace-and-Revoke IPFE from DDH -- 6 Conclusion -- References -- Spatial Encryption Revisited: From Delegatable Multiple Inner Product Encryption and More -- 1 Introduction -- 1.1 Our Motivations -- 1.2 Contributions -- 1.3 Overview of Our Results -- 2 Preliminaries -- 2.1 Framework of Spatial Encryption -- 2.2 Lattices, Gaussians, Trapdoors, Lattice Evaluations for Inner Product Functions -- 3 Delegatable Multiple Inner Product Encryption -- 4 Generic SE Construction from DMIPE -- 5 Lattice-Based DMIPE Construction -- 5.1 Correctness and Security -- 6 Constructing DMIPE from SE -- 7 Allow-/Deny-List Encryption from Spatial Encryption -- 7.1 Framework of ADE -- 7.2 Transforming sADE and iADE to SE -- 8 Conclusions and Future Works -- References -- Public Key Authenticated Encryption with Keyword Search from LWE -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Technical Overview -- 2 Preliminaries -- 3 System and Security Models of PAEKS -- 3.1 System Model of PAEKS -- 3.2 Security Model of PAEKS -- 4 Analysis of Liu et al. ch15asiaccs2022 and Emura ch15cryptoeprint:2022:072 -- 5 Our First PAEKS Scheme -- 5.1 Correctness and Parameter Selection -- 5.2 Security Proof -- 6 Our Second PAEKS Scheme -- 6.1 Correctness and Parameter Selection -- 6.2 Security Proof -- 7 Comparison -- 8 Conclusion -- References -- An Efficient Query Recovery Attack Against a Graph Encryption Scheme -- 1 Introduction -- 1.1 Prior and Related Work -- 2 Preliminaries -- 2.1 Graph Isomorphisms -- 2.2 Canonical Names -- 2.3 Threat Model and Assumptions -- 3 The GKT Graph Encryption Scheme -- 3.1 GKT Scheme Overview -- 3.2 Leakage of the GKT Scheme -- 3.3 Implications of Leakage -- 4 Query Recovery -- 4.1 Formalising Query Recovery Attacks -- 4.2 Technical Results -- 4.3 Overview of the Query Recovery Attack. 4.4 Computing the Path Names. |
| Record Nr. | UNISA-996490355703316 |
| Cham, Switzerland : , : Springer International Publishing, , [2022] | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Computer Security – ESORICS 2022 : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III / / edited by Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng
| Computer Security – ESORICS 2022 : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part III / / edited by Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng |
| Edizione | [1st ed. 2022.] |
| Pubbl/distr/stampa | Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2022 |
| Descrizione fisica | 1 online resource (798 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Data protection
Application software Computer networks - Security measures Computers, Special purpose Computer systems Data and Information Security Computer and Information Systems Applications Mobile and Network Security Special Purpose and Application-Based Systems Computer System Implementation |
| ISBN | 3-031-17143-8 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Formal Analysis -- A Formal Analysis of the FIDO2 Protocols -- Composable Security Treatment of ECVRF and Batch Verifications -- Effcient Proofs of Knowledge for Threshold Relations -- A tale of two models: formal verification of KEMTLS via Tamarin -- Web Security -- Browser-based CPU Fingerprinting -- Polymorphic Protocols at the Example of Mitigating Web Bots -- Unlinkable Delegation of WebAuthn Credentials -- Large Scale Analysis of DoH Deployment on the Internet -- Equivocal URLs: Understanding the Fragmented Space of URL Parser Implementations -- Exploring the Characteristics and Security Risks of Emerging Emoji Domain Names -- Hardware Security -- CPU Port Contention Without SMT -- Protocols for a Two-Tiered Trusted Computing Base -- Using Memristor Arrays as Physical Unclonable Functions -- Multiparty Computation -- SecureBiNN: 3-Party Secure Computation for Binarized Neural Network Inference -- MixedTechnique Multi-Party Computations Composed of Two-Party Computations -- PEA: Practical Private Epistasis Analysis using MPC -- ML Techniques -- Hide and Seek: on the Stealthiness of Attacks against Deep Learning Systems -- Precise Extraction of Deep Learning Models via Side-Channel Attacks on Edge/Endpoint Devices -- Real-time Adversarial Perturbations against Deep Reinforcement Learning Policies: Attacks and Defenses -- FLMJR: Improving Robustness of Federated Learning via Model Stability -- MaleficNet: Hiding Malware into Deep Neural Networks using Spread-Spectrum Channel Coding -- Long-Short History of Gradients is All You Need: Detecting Malicious and Unreliable Clients in Federated Learning -- MLFM: Machine Learning Meets Formal Method for Faster Identification of Security Breaches in Network Functions Virtualization (NFV) -- Cyber-Physical Systems Security -- Perspectives from a Comprehensive Evaluation of Reconstruction-based Anomaly Detection in Industrial Control Systems -- A Novel High-performance Implementation of CRYSTALS-Kyber with AI Accelerator -- From Click To Sink: utilizing AIS for command and control in maritime cyber attacks -- Effcient Hash-Based Redactable Signature for Smart Grid Applications -- Can Industrial Intrusion Detection Be SIMPLE -- For your Voice Only: Exploiting Side Channels in Voice Messaging for Environment Detection -- Towards Effcient Auditing for Real-Time Systems -- Network and Software Security -- Towards a Systematic and Automatic Use of State Machine Inference to Uncover Security Flaws and Fingerprint TLS Stacks -- PanoptiCANs - Adversary-resilient Architectures for Controller Area Networks -- Detecting Cross-Language Memory Management Issues in Rust -- Reach Me if You Can: On Native Vulnerability Reachability in Android Apps -- Extensible Virtual Call Integrity -- Posters -- Is your password sexist? A gamification-based analysis of the cultural context of leaked passwords -- A Fast, Practical and Simple Shortest Path Protocol for Multiparty Computation -- Audio Spoofing Detection Using Constant-Q Spectral Sketches and Parallel-Attention SE-ResNet -- MixCT: Mixing Confidential Transactions from Homomorphic Commitment -- Multi-Freq-LDPy: Multiple Frequency Estimation Under Local Differential Privacy in Python -- The Devil is in the GAN: Backdoor Attacks and Defenses in Deep Generative Models. . |
| Record Nr. | UNINA-9910595027503321 |
| Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2022 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Computer Security – ESORICS 2022 : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part II / / edited by Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng
| Computer Security – ESORICS 2022 : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part II / / edited by Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng |
| Edizione | [1st ed. 2022.] |
| Pubbl/distr/stampa | Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2022 |
| Descrizione fisica | 1 online resource (753 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Data protection
Software engineering Application software Computers Computer networks - Security measures Data and Information Security Software Engineering Computer and Information Systems Applications Computing Milieux Mobile and Network Security Seguretat informàtica Xifratge (Informàtica) Xarxes d'ordinadors Enginyeria de programari Protecció de dades |
| Soggetto genere / forma |
Congressos
Llibres electrònics |
| ISBN |
9783031171468
3031171462 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Anonymity -- A Machine Learning Approach to Detect Differential Treatment of Anonymous Users -- Utility-Preserving Biometric Information Anonymization -- Anonymous Traceback for End-to-End Encryption -- Cloud Security -- Public Cloud Data Auditing Revisited: Removing the Tradeoff Between Proof Size and Storage Cost -- DEKS: a Secure Cloud-based Searchable Service can Make Attackers Pay -- Lighter Is Better: A Lighter Multi-Client Verifiable Outsourced Computation with Hybrid Homomorphic Encryption -- Verifying the Quality of Outsourced Training on Clouds -- SecQuant: Quantifying Container System Call Exposure -- Dynamic Process Isolation -- Access Control -- Administration of Machine Learning Based Access Control -- Real-time Policy Enforcement with Metric First-Order Temporal Logic -- A Tale of Four Gates — Privilege Escalation and Permission Bypasses on Android through App Components -- Authentication -- Sequential Digital Signatures for Cryptographic Software-Update Authentication -- On Committing Authenticated Encryption -- Quantum-Resistant Password Based Threshold Single-Sign-On Authentication with Updatable Server Private Key -- The Revenge of Password Crackers: Automated Training of Password Cracking Tools -- Fuzzy Authenticated Key Exchange with Tight Security -- Continuous Authentication in Secure Messaging -- Digital Signatures -- Half-Aggregation of Schnorr Signatures with Tight Reductions -- Ring Signatures with User-Controlled Linkability -- DualDory: Logarithmic-verifier linkable ring signatures through preprocessing -- Effcient Unique Ring Signatures From Lattices -- Kiyomoto Verifiable Timed Linkable Ring Signatures For Scalable Payments for Monero -- Deterministic Wallets for Adaptor Signatures -- Puncturable Signature: A Generic Construction and Instantiations -- IoT Security -- fASLR: Function-Based ASLR for Resource-Constrained IoT Systems -- An Infection-Identifying and Self-Evolving System for IoT Early Defense from Multi-Step Attacks -- IoTEnsemble: Detection of Botnet Attacks on Internet of Things -- IoTPrivComp: A Measurement Study of Privacy Compliance in IoT Apps -- No-Label User-Level Membership Inference for ASR Model Auditing -- Applications -- A toolbox for verifiable tally-hiding e-voting systems -- How to Verifiably Encrypt Many Bits for an Election -- A framework for constructing Single Secret Leader Election from MPC -- AppBastion: Protection from Untrusted Apps and OSes on ARM -- Collaborative anomaly detection system for charging stations. |
| Record Nr. | UNINA-9910595023803321 |
| Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2022 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Computer Security – ESORICS 2022 : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part I / / edited by Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng
| Computer Security – ESORICS 2022 : 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26–30, 2022, Proceedings, Part I / / edited by Vijayalakshmi Atluri, Roberto Di Pietro, Christian D. Jensen, Weizhi Meng |
| Edizione | [1st ed. 2022.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2022 |
| Descrizione fisica | 1 online resource (749 pages) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Data protection
Cryptography Data encryption (Computer science) Computer networks - Security measures Computer networks Computer systems Data and Information Security Cryptology Security Services Mobile and Network Security Computer Communication Networks Computer System Implementation Seguretat informàtica Xifratge (Informàtica) Xarxes d'ordinadors Protecció de dades |
| Soggetto genere / forma |
Congressos
Llibres electrònics |
| ISBN |
9783031171406
3031171403 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Blockchain Security -- A Blockchain-based Long-Term Time-Stamping Scheme -- Post-Quantum Verifiable Random Function from Symmetric Primitives in PoS Blockchain -- Opportunistic Algorithmic Double-Spending: How I learned to stop worrying and love the Fork -- Zero-History Confidential Chains with Zero-Knowledge Contracts: A New Normal for Decentralized Ledgers -- Secure Hierarchical Deterministic Wallet Supporting Stealth Address -- Zero-Knowledge Age Restriction for GNU Taler -- Privacy -- Privacy Leakage in Privacy-Preserving Neural Network Inference -- Enhancing User Privacy in Mobile Devices Through Prediction of Privacy Preferences -- One vote is enough for analysing privacy -- Local Differential Privacy for Federated Learning -- XSPIR: Effcient Symmetrically Private Information Retrieval from Ring-LWE -- Scaling Up GAEN Pseudorandom Processes: Preparing for a More Extensive Pandemic -- Crypto -- Generic Construction of Trace-and-Revoke Inner Product Functional Encryption -- Spatial Encryption Revisited: From Delegatable Multiple Inner Product Encryption and More -- Public Key Authenticated Encryption with Keyword Search from LWE -- An Effcient Query Recovery Attack Against a Graph Encryption Scheme -- New Unbounded Verifiable Data Streaming for Batch Query with Almost Optimal Overhead -- A Formal Model for Credential Hopping Attacks -- No-directional and Backward-leak Uni-directional Updatable Encryption are Equivalent -- Effcient Circuits for Permuting and Mapping Packed Values Across Leveled Homomorphic Ciphertexts -- Towards Practical Homomorphic Time-Lock Puzzles: Applicability and Verifiability -- Attacks -- Kallima: A Clean-label Framework for Textual Backdoor Attacks -- Two Types of Novel DoS Attacks against CDNs Based on HTTP/2 Flow Control Mechanism -- EVExchange: A Relay Attack on Electric Vehicle Charging System -- Turrin Smart RPKI Validation: Avoiding Errors and Preventing Hijacks -- Cyber Network Resilience against Self-Propagating Malware Attacks -- INC: In-Network Classification of Botnet Propagation at Line Rate -- GAME: Generative-Based Adaptive Model Extraction Attack -- AttacKG: Constructing Technique Knowledge Graph from Cyber Threat Intelligence Reports -- SeInspect: Defending Model Stealing via Heterogeneous Semantic Inspection -- Sidechannels We can hear your PIN drop: A new acoustic side channel attack to profile PIN pads keys -- VAL: Volume and Access Pattern Leakage-abuse Attack with Leaked Documents -- Light the Signal: Optimization of Signal Leakage Attacks against LWE-Based Key Exchange -- BLEWhisperer: Exploiting BLE Advertisements for Data Exfiltration. |
| Record Nr. | UNINA-9910595027703321 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2022 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Information Systems Security [[electronic resource] ] : Second International Conference, ICISS 2006, Kolkata, India, December 19-21, 2006, Proceedings / / edited by Aditya Bagchi, Vijayalakshmi Atluri
| Information Systems Security [[electronic resource] ] : Second International Conference, ICISS 2006, Kolkata, India, December 19-21, 2006, Proceedings / / edited by Aditya Bagchi, Vijayalakshmi Atluri |
| Edizione | [1st ed. 2006.] |
| Pubbl/distr/stampa | Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2006 |
| Descrizione fisica | 1 online resource (XVI, 384 p.) |
| Disciplina | 05.8 |
| Collana | Security and Cryptology |
| Soggetto topico |
Data encryption (Computer science)
Computer communication systems Computer security Computers and civilization Management information systems Computer science Information storage and retrieval Cryptology Computer Communication Networks Systems and Data Security Computers and Society Management of Computing and Information Systems Information Storage and Retrieval |
| ISBN | 3-540-68963-X |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Invited Papers -- Privacy in the Electronic Society -- A Data Sharing Agreement Framework -- Password Exhaustion: Predicting the End of Password Usefulness -- Network Monitoring for Security and Forensics -- Data and Application Security -- Fairness Strategy for Multilevel Secure Concurrency Control Protocol -- Optimistic Anonymous Participation in Inter-organizational Workflow Instances -- O2O: Virtual Private Organizations to Manage Security Policy Interoperability -- Privacy Preserving Web-Based Email -- Access Control -- Context-Aware Provisional Access Control -- LRBAC: A Location-Aware Role-Based Access Control Model -- Extending Context Descriptions in Semantics-Aware Access Control -- Specification and Realization of Access Control in SPKI/SDSI -- Key Management and Security in Wireless Networks -- Design of Key Establishment Protocol Using One-Way Functions to Avert insider-replay Attack -- An Efficient Key Assignment Scheme for Access Control in a Hierarchy -- Adaptation of IEEE 802.1X for Secure Session Establishment Between Ethernet Peers -- Secure Data Management in Reactive Sensor Networks -- Threat Analysis, Detection and Recovery -- Security Ontology: Simulating Threats to Corporate Assets -- Two-Stage Credit Card Fraud Detection Using Sequence Alignment -- New Malicious Code Detection Using Variable Length n-grams -- A Dead-Lock Free Self-healing Algorithm for Distributed Transactional Processes -- Cryptography and Encryption -- An Efficient Public Key Cryptosystem Secure Against Chosen Ciphertext Attack -- A Partial Image Encryption Method with Pseudo Random Sequences -- High Capacity Lossless Data Hiding -- An Implementation and Evaluation of Online Disk Encryption for Windows Systems -- Short Papers and Research Reports -- Disclosure Risk in Dynamic Two-Dimensional Contingency Tables (Extended Abstract) -- A Survey of Control-Flow Obfuscations -- Filtering Out Unfair Recommendations for Trust Model in Ubiquitous Environments -- Secure Itineraries Framework for Mobile Agent Systems -- Malafide Intension Based Detection of Privacy Violation in Information System -- Design and Development of Malafide Intension Based Privacy Violation Detection System (An Ongoing Research Report) -- Towards a Formal Specification Method for Enterprise Information System Security -- Recent Research on Privacy Preserving Data Mining. |
| Record Nr. | UNISA-996466141503316 |
| Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2006 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||