The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Data collection by social networking applications offers many opportunities for mining information, which provides a better understanding of social structures and their dynamic structures. Anonymization of social networks before they are published or shared is particularly important, since social network data usually contain much sensitive information on individuals. In this paper, we address the...
Android malware scanning services (e.g., VirusTotal) are websites that users submit suspicious Android programs and get an array of malware detection results. With the growing popularity of such websites, we suspect that, these services are not only used by innocent users, but also, malware writers for testing the evasion capability of their malware samples. May this hypothesis be true, it not only...
Taint analysis has been widely applied in ex post facto security applications, such as attack provenance investigation, computer forensic analysis, and reverse engineering. Unfortunately, the high runtime overhead imposed by dynamic taint analysis makes it impractical in many scenarios. The key obstacle is the strict coupling of program execution and taint tracking logic code. To alleviate this performance...
Zero-day attacks continue to challenge the enterprise network security defense. A zero-day attack path is formed when a multi-step attack contains one or more zero-day exploits. Detecting zero-day attack paths in time could enable early disclosure of zero-day threats. In this paper, we propose a probabilistic approach to identify zero-day attack paths and implement a prototype system named ZePro....
We present a high accuracy, high reliability, high security, low power consumption micro blasting system for smart blasting network. The system consists of a MEMS semiconductor bridge (SCB) as electro-pyrotechnic initiator to ignite the explosive materials, a MEMS switch group as security device to increase the security, a micro application-specific integrated circuit (ASIC) as controller to control...
Modern software engineering practice allows us tobuild more complex software than ever before. However, onthe other hand, it causes some negative consequences such asbloatware and feature creep which have been observed in manysoftware evolution and iteration lifecycle. In this paper, we proposean approach to customizing Java bytecode by applying staticdataflow analysis and enhanced programming slicing...
For decades buffer overflows have been one of the most prevalent and dangerous software vulnerabilities. Although many techniques have been proposed to address the problem, they mostly introduce a very high overhead while others assume the availability of a separate system to pinpoint attacks or provide detailed traces for defense generation, which is very slow in itself and requires considerable...
Private Browsing Mode (PBM) is widely supported by all major commodity web browsers. However, browser extensions can greatly undermine PBM. In this paper, we propose an approach to comprehensively identify and stop privacy breaches under PBM caused by browser extensions. Our approach is primarily based on run-time behavior tracking. We combine dynamic analysis and symbolic execution to represent extensions'...
Cyberspace is a complicated system of computer, network and other information environments. To evaluate its security defence ability, the offensive and defensive features in cyberspace were discussed in this paper, firstly. Then index system and evaluation model were proposed. Based on analytic hierarchy process method, cyberspace security defence system was decomposed from its ability aspect. Fuzzy...
Object storage system provides ocean space to hold a very large amount of data objects reliably and guarantee the clients to efficiently obtain their big data. In this paper, we propose a secure provable data possession scheme for object storage system, so as to enhance the security and efficiency through interactive verification and hierarchical structure optimizing. In particular, a new secure protection...
Although multi-interface multi-channel (MIMC) wireless networks have drawn much attention, they are susceptible to various attacks. This paper describes three new types of attacks against a variety of channel assignment protocols: utilization-based conflict attack, link break attack, and denial-of-data attack. These attacks exploit the vulnerabilities arising from the inherent properties of channel...
Operating system security (OS) is the basis for trust computing. As the kernel rootkits become popular and lots of kernel vulnerabilities are exposed, the OS kernel suffers a large number of attacks. It is difficult to protect the kernel by its own module because the kernel rootkits has the same ability to cripple the security module within the same kernel space. Recently, with the virtualization...
Survivability modeling and evaluation have gained increasing importance. Most existing models assume that the distributions for transitions between states are exponential. However, this assumption does not hold in many real cases. To address this problem, we propose a novel semi-Markov survivability evaluation model, which allows the transitions between states to follow nonexponential distributions...
Virtual machine based services are becoming predominant in data centers or cloud computing since virtual machines can provide strong isolation and better monitoring for security purposes. While there are many promising security techniques based on virtual machines, it is not clear how significant the difference between various system architectures can be in term of survivability. In this paper, we...
In this paper, the cost - quality -time - security model is lead into the projects innovatively; we describe the basic principle of the particle swarm optimization method, and introduce the integer programming as well as the structure of multi-attribute utility function. The discussion on the cost optimization in the construction phase of a substation have confirmed that the PSO method can determine...
Although multi-channel wireless protocols are becoming predominant, security mechanisms of channel assignment are far from sufficient to protect the channel usage. In this paper, we discuss radio jamming attacks, ripple effect attacks and false information injection attacks in multi-interface and multi-channel wireless networks. We propose a security mechanism to secure channel management in multi-channel...
Mobile ad hoc network (MANET) is a promising network paradigm for the future networking. To secure a MANET, we focus on trust management framework, which is intended to cope with misbehavior problem of nodes and stimulate nodes to cooperate with each other. However, there are still many intrinsic problems with the existing trust management frameworks, which remain unsolved, such as frangibility under...
Distributed systems could be more secured with a distributed trust model based on either PKI or Kerberos. However, it becomes difficult to establish trust relationship across heterogeneous domains due to different actual trust mechanism and security policy as well as the intrinsic flaw of each trust model. This paper is to propose a new high-compatible model, capable of working under the condition...
As a classical security policy, DTE (domain and type enforcement) is usually used to protect the integrity of information and implemented in many famous security operating systems. But there are three main questions for most systems that have implemented DTE security policy as follows: 1) security policy enforcing module is easy to be tampered and bypass before loaded; 2) The content of security policy...
A major security vulnerability in the mobile telecommunication network is that wireline signaling messages are cleartext. The latest protocol for wireline signaling message security is mobile application part security (MAPSec), which protects MAP (a signaling message protocol) messages on the link between nodes. MAPSec is a limited solution because it still leaves MAP signaling messages unsecured...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.