The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Packing is among the most popular obfuscation techniques to impede anti-virus scanners from successfully detecting malware. Efficient and automatic packer identification is an essential step to perform attack on ever increasing malware databases. In this paper we present a p-spectrum induced linear Support Vector Machine to implement an automated packer identification with good accuracy and scalability...
First, we prove that a homomorphic encryption with a function of detecting zero, detecting equality, comparing the value or detecting overflow on cipher texts is not secure if there is no restriction to limit the times of operating these functions. Then we analyze that a homomorphic encryption scheme can still detect zero with some restrictions. If we allow all the people to detect zero on cipher...
Secure authentication of low cost Radio Frequency Identification (RFID) with low computing capacity is a big challenge, as low-cost RFIDs own very-limited resources. Recently, Doss et al. proposed eye-catching RFID authentications, using minimum disclosure approach. These schemes were claimed to own several excellent security properties while required only very low computational complexities on tags...
In USENIX 2001, Boneh et al. introduced a new way of obtaining fast revocation for RSA keys with the help of a security mediator. In 2003, Boneh et al. also showed how to convert the security-mediated RSA encryption scheme into an identity-based mediated RSA encryption scheme. This new technique addressed the shortcoming of identity-based cryptography where revocation required appending the valid...
In this paper, we propose a secure certificate less signature scheme supporting batch verification, which makes it possible for a verifier to verify a set of signatures more efficiently than verifying them one by one. In our proposed scheme, it is impossible for PKG to produce a signature which is indistinguishable from any signature produced by a user. Compared with existing signature schemes with...
Drive-by Download Attack (DBD) is one of the major threats on the web infrastructure. DBD attacks are triggered by user access to a malicious website and force users to download malware by exploiting the vulnerabilities of web browsers or plugins. Malicious websites are ephemeral. Therefore, it is necessary to gather fresh information related to malicious activities to detect and prevent such attacks...
Typically instant messaging software has to install inside the computer. By this way, the evidence could be therefore probed from the relative paths after operating it by the forensic procedures. Accompanying the appearance of the Web version of the instant messaging, this situation is changed accordingly. It has become a new challenge about the Information-volatile attributes and the data generated...
Cross Site Scripting (XSS) makes victims execute an arbitrary script and leaks out personal information from victims' computers. An adversary can easily get victim's cookies by the XSS attack. If the adversary cannot use the stolen cookies to impersonate the victim, stealing cookie has no meaning. Therefore, we propose a method to prohibit the abuse of stolen cookies in order to make it ineffective...
In this paper, we report our work on a scripting language for automating the development of complex protocols for a commodity-based approach to SMC. Our scripting language models the participating parties in a peer-to-peer symmetric manner that each party holds their private data as well as any intermediate results jointly. We propose a three-level security attributes, namely public, private, and...
Use of formal methods is considered as a useful and efficient technique for the validation of security properties of the protocols. In this paper, we analyze the protocols of ISO/IEC 9798-2 entity authentication standard using a state-of-the-art tool for automated analysis named AVISPA. Our analysis of the standard using AVISPA's OFMC and CL-AtSe back-ends shows that the two party protocols are secure...
The current malicious URLs detecting techniques based on whole URL information are hard to detect the obfuscated malicious URLs. The most precise way to identify a malicious URL is verifying the corresponding web page contents. However, it costs very much in time, traffic and computing resource. Therefore, a filtering process that detecting more suspicious URLs which should be further verified is...
With the growth of applications on mobile devices, developers can easy distribute their applications by the various software marketplaces. Generally, the applications need some code to execute license management functionality, and so developers must learn how to add such license management code for each software marketplace. This has resulted in increasing complexity and development time of applications...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.