The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The International Conference on Network and System Security (NSS) is an annual conference on all theoretical and practical aspects related to information, network, and system security. The fifth International Conference on Network and System Security (NSS 2011) was held in Milan, Italy, September 6 to September 8, 2011.
Intrusion Detection Systems (IDS) aim to detect the actions that attempt to compromise the confidentiality, availability, and integrity of a resource by monitoring the events occurring in computer systems and/or networks. Stream data processing is a database technology applied to flows of data. Temporal Logic is a formalism for representing change over time. This paper proposes the development of...
Nowadays, wireless network security has a considerable attention. However, wireless communication faces several security threats. Consequently, several security efforts have been exerted to combat the wireless attacks, but unfortunately complete attack prevention is not realistically attainable. Thus, the emphasis on detecting intrusions through a second line of defense, in the form of Intrusion Detection...
To defend a network system from security risks, intrusion detection systems (IDSs) have been playing an important role in recent years. There are two types of detection algorithms of IDSs: misuse detection and anomaly detection. Because misuse detection is based on a signature which is created from the features of attack traffic by security experts, it can achieve accurate and stable detection. However,...
Anomaly detection has been attracting interests from researchers due to its advantage of being able to detect zero-day exploits. A gray-box anomaly detector first observes benign executions of a computer program and then extracts reliable rules that govern the normal execution of the program. However, such observations from benign executions are not necessarily true evidences supporting the rules...
With the deployment of “always-connected” broadband Internet access, personal networks are a privileged target for attackers and DNS-based corruption. Pharming attacks - an enhanced version of phishing attacks - aim to steal users' credentials by redirecting them to a fraudulent login website, using DNS-based techniques that make the attack imperceptible to the end-user. In this paper, we define an...
In this paper, we present a novel approach for the detection and signature extraction for a subclass of polymorphic computer viruses. Our detection scheme offers 0 false negative and a very low false positives detection rate. We use context-free grammars as viral signatures, and design a process able to extract this signature from a single sample of a virus. Signature extraction is achieved through...
There are the two common means for propagating worms: scanning vulnerable computers in the network and sending out malicious email attachments. Modeling the propagation of worms can help us understand how worms spread and devise effective defence strategies. Most traditional models simulate the overall scale of infected network in each time tick, making them invalid for examining deep inside the propagation...
A major vector of computer infection is through exploiting vulnerable software or design flaws in networked applications such as the browser. Malicious code can be fetched and executed on a victim's machine without the user's permission, as in drive-by download (DBD) attacks. In this paper, we describe a new tool called DeWare (standing for Detection of Malware) for detecting the onset of infection...
In this paper a fragile watermarking technique based on Karhunen-Loève transform (KLT) and genetic algorithms (GA) is proposed. To achieve high sensibility to content manipulations, the proposed algorithm slightly modifies the middle-frequency KLT coefficients while maintaining the visual imperceptibility of the watermark (i.e., the average peak signal-to-noise ratio reported was 52.49 dB). It uses...
In the last few years, a plethora of RFID authentication protocols have been proposed and several security analyses have been published creating the impression that designing such a protocol must be, more or less, a straightforward task. In this paper, we investigate the security of two recently proposed schemes, showing that designing a secure RFID authentication protocol is still a demanding process...
Secure and reliable authentication is an essential prerequisite for many online systems, yet achieving this in a way which is acceptable to customers remains a challenge. GrIDsure, a one-time PIN scheme using random grids and personal patterns, has been proposed as a way to overcome some of these challenges. We present an analytical study which demonstrates that GrIDsure in its current form is vulnerable...
Identity Management systems come with a promise of simpler, centralized, and more secure handling of user data, credentials and authorizations. Service providers can thus be separated from an identity provider (IdP), and users will benefit from single sign on mechanisms. However, identity providers become single points of failure, from a security and trust perspective. In particular, in this paper,...
We investigate non-interference (secure information flow) policies for web browsers, replacing or complementing the Same Origin Policy. First, we adapt a recently proposed dynamic information flow enforcement mechanism to support asynchronous I/O. We prove detailed security and precision results for this enforcement mechanism, and implement it for the Featherweight Firefox browser model. Second, we...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.