Serwis Infona wykorzystuje pliki cookies (ciasteczka). Są to wartości tekstowe, zapamiętywane przez przeglądarkę na urządzeniu użytkownika. Nasz serwis ma dostęp do tych wartości oraz wykorzystuje je do zapamiętania danych dotyczących użytkownika, takich jak np. ustawienia (typu widok ekranu, wybór języka interfejsu), zapamiętanie zalogowania. Korzystanie z serwisu Infona oznacza zgodę na zapis informacji i ich wykorzystanie dla celów korzytania z serwisu. Więcej informacji można znaleźć w Polityce prywatności oraz Regulaminie serwisu. Zamknięcie tego okienka potwierdza zapoznanie się z informacją o plikach cookies, akceptację polityki prywatności i regulaminu oraz sposobu wykorzystywania plików cookies w serwisie. Możesz zmienić ustawienia obsługi cookies w swojej przeglądarce.
According to the requirements of effective, credible and controllable for Attack Resistant Test, a standard structure of overflow attacks, and a new method to realize the overflow attacks were built in the paper. By analyzing the characteristics of the process to realize overflow attacks, we extract the attack elements of overflow attacks. Based on the general description of the overflow attack process,...
With increasing network security threats, the network vulnerability must consider exploits in the context of multistage, multi-host attack scenarios. The general approach to this problem is to construct an attack graph for a given network configuration. An attack graph consists of a number of attack paths which are essentially series of exploits which an attacker employs to reach the destination....
Audit logs are very important part of any secure system and should be highly considered. The content of them which is past events is so sensitive and poses a threat to privacy and information security, so should be protected against any illegal reading and modification. The best way to do this is encryption. Important challenges in an encrypted audit log are speed of log and search process, correctness...
The LRIC-voltage network charging pricing principle is intended to reflect the investment cost of a network to maintain the quality of supply, i.e. ensuring that nodal voltages are within required statutory limits. This charging principle is based on spare nodal voltage capacity or headroom of an existing network (distribution and transmission systems) to provide the time to invest in reactive power...
Optimized hash tree based approach is proposed here to provide disk integrity protection with fine performance and consistency. By constructing a hash tree on the protected space and creating hash tree leaf nodes from disk sectors directly, it can provide integrity with characteristics like online checking, any data protection, unified low-level mechanism and resistance against any attacks. To make...
Sophisticated and evolving CAPTCHA breaking algorithms as mentioned in [(K. Chellapilla et al., 2004), (G. Mori et al., 2003), (J. Yan et al., 2008)] have successfully broken currently employed CAPTCHAs. This has resulted in a continuous requirement for more robust CAPTCHAs. In light of this, STC generation scheme was introduced in (A. Gupta et al., 2009) to stay secure for a long time. In this paper,...
This paper introduces a new method for the least significant bit (LSB) steganography in spatial domain. The new method, called one-third LSB embedding, reduces the probability of change per pixel to one-third without sacrificing the embedding capacity, as compared to previous LSB steganography techniques. This improvement results in a better imperceptibility and higher robustness against well known...
This paper investigates the viability of using leakage power consumption as a source of side channel information. The side channel effect is characterized in leakage power. It is shown that the increasing trend of leakage power is highly correlated with security vulnerability of cryptosystems. Addressing the severity of the side channel threat in nanoscale Cryptosystem-on-Chip (CoC), we examine the...
9-round impossible differentials of SNAKE-2 are found due to the simple linear transformation in its round function, and 10 to 12-round SNAKE-2 are attacked by using these impossible differentials.
Since Hopper and Blum suggested the HB protocol which is based on the conjectured hardness of the LPN (Learning Parity in the Presence of Noise) problem in 2001, a family of light-weight authentication protocols has been developed for RFID (Radio Frequency Identification) system by many engineers. It was found that each algorithm had own weakness against new attacks so that more advanced protocols...
In this paper, we propose a new and efficient cryptographic hash function based on random Latin squares and non-linear transformations. The developed scheme satisfies basic as well as desirable properties of an ideal hash function. Use of repeated lookup on Latin squares, non-linear transformations and complex shift operations further increase the strength of our cryptographic hash function at a low...
In this paper we present an improvement to the preimage attacks on very smooth hash (VSH) function. VSH was proposed as a collision resistant hash function by Contini et al., but it has been found lacking in preimage resistance by Saarinen. With our method, we show how to find preimages of multiple passwords secured by VSH. We also demonstrate that our method is faster in finding preimages of multiple...
Textual-based password authentication scheme tend to more vulnerable to attacks such as shoulder-surfing and hidden camera. To overcome the vulnerabilities of traditional methods, visual or graphical password schemes have been developed as possible alternative solutions to text-based scheme. Because simply adopting graphical password authentication also has some drawbacks, some hybrid schemes based...
Abstract This paper describes the study of cryptographic hash functions, one of the most important classes of primitives used in recent techniques in cryptography. The main aim is the development of recent crypt analysis hash function. We present different approaches to defining security properties more formally and present basic attack on hash function. We recall Merkle-Damgard security properties...
Recently, Chien proposed a time-bound hierarchical key assignment scheme based on tamper-resistant devices. Chien's scheme greatly reduces computation load and implementation cost. However, it has a security weakness against X. Yi's three-party collusion attack. In this paper, we improved Chien's scheme without public key cryptography and our scheme is resistant to X. Yi's three-party collusion attack...
Radio frequency identification (RFID) is a technology that allows automatic identification and data capture by using radio frequencies. In 2006, Osaka et al. proposed a RFID security method based on a hash function and a symmetric key cryptosystem. Osaka et al. claimed that their proposed RFID security method achieves the following security requirements such as (1) indistinguishability, (2) forward...
The 3 most important issues for anomaly detection based intrusion detection systems by using data mining methods are: feature selection, data value normalization, and the choice of data mining algorithms. In this paper, we study primarily the feature selection of network traffic and its impact on the detection rates. We use KDD CUP 1999 dataset as the sample for the study. We group the features of...
Ensuring public security is an important issue for every government, and effective public security depends on the efficiency of criminal justice processes and procedures. The procedures of the criminal justice may be viewed as the upper-, middle-, and down-stream sections of a supply chain. Like their business counterparts, most law enforcement agencies have to deal with logistics, information flow,...
Signature-based anti-viruses are very accurate, but are limited in detecting new malicious code. Dozens of new malicious codes are created every day, and the rate is expected to increase in coming years. To extend the generalization to detect unknown malicious code, heuristic methods are used; however, these are not successful enough. Recently, classification algorithms were used successfully for...
Several vulnerability analysis techniques in web-based applications detect and report on different types of vulnerabilities. However, no single technique provides a generic technology-independent handling of Web-based vulnerabilities. In this paper we present our experience with and experimental exemplification of using the application vulnerability description language (AVDL) to realize a unified...
Podaj zakres dat dla filtrowania wyświetlonych wyników. Możesz podać datę początkową, końcową lub obie daty. Daty możesz wpisać ręcznie lub wybrać za pomocą kalendarza.