ICISSP 2015 Abstracts


Area 1 - Data and Software Security

Full Papers
Paper Nr: 11
Title:

Understanding Information Technology Security Standards Diffusion - An Institutional Perspective

Authors:

Sylvestre Uwizeyemungu and Placide Poba-Nzaou

Abstract: Organizations' dependency on information technology (IT) resources raises concerns over IT confidentiality, integrity, and availability. IT security standards (ITSS) which play a key role in IT security governance, are meant to address those concerns. It is then important for researchers, managers, and policy-makers to understand the reasons for the low levels of ITSS diffusion in organizations. Building on institutional perspective, this study shows that none of the ITSS has yet reached the stage of legitimation that would prompt a widespread diffusion across organizations. Of particular focus is the benchmarking of ISO/IEC 27000 against other more diffused ISO generic standards. Three methodological approaches were used: structured documentation analysis, public secondary data analysis, and informal interviews of experts. This study sensitizes managers and policy-makers to the key role of institutional mechanisms in shaping ITSS diffusion.

Paper Nr: 12
Title:

Malfinder: Accelerated Malware Classification System through Filtering on Manycore System

Authors:

Taegyu Kim, Woomin Hwang, Chulmin Kim, Dong-Jae Shin, Ki-Woong Park and Kyu Ho Park

Abstract: Control flow matching methods have been utilized to detect malware variants. However, as the number of malware variants has soared, it has become harder and harder to detect all malware variants while maintaining high accuracy. Even though many researchers have proposed control flow matching methods, there is still a trade-off between accuracy and performance. To solve this trade-off, we designed Malfinder, a method based on approximate matching, which is accurate but slow. To overcome its low performance, we resolve its performance bottleneck and non-parallelism on three fronts: I-Filter for identical string matching, table division to exclude unnecessary comparisons with some malware and dynamic resource allocation for efficient parallelism. Our performance evaluation shows that the total performance improvement is 280.9 times.

Paper Nr: 37
Title:

A Structural and Content-based Approach for a Precise and Robust Detection of Malicious PDF Files

Authors:

Davide Maiorca, Davide Ariu, Igino Corona and Giorgio Giacinto

Abstract: During the past years, malicious PDF files have become a serious threat for the security of modern computer systems. They are characterized by a complex structure and their variety is considerably high. Several solutions have been academically developed to mitigate such attacks. However, they leveraged on information that were extracted from either only the structure or the content of the PDF file. This creates problems when trying to detect non-Javascript or targeted attacks. In this paper, we present a novel machine learning system for the automatic detection of malicious PDF documents. It extracts information from both the structure and the content of the PDF file, and it features an advanced parsing mechanism. In this way, it is possible to detect a wide variety of attacks, including non-Javascript and parsing-based ones. Moreover, with a careful choice of the learning algorithm, our approach provides a significantly higher accuracy compared to other static analysis techniques, especially in the presence of adversarial malware manipulation.

Short Papers
Paper Nr: 10
Title:

Evaluation of the Anonymous I2P Network's Design Choices Against Performance and Security

Authors:

Juan Pablo Timpanaro, Thibault Cholez, Isabelle Chrisment and Olivier Festor

Abstract: .

Paper Nr: 14
Title:

Assessing Information Security Risks of AMI - What Makes it so Difficult?

Authors:

Inger Anne Tøndel, Maria B. Line and Gorm Johansen

Abstract: A rich selection of methods for information security risk assessments exist, but few studies evaluate how such methods are used, their perceived ease-of-use, and whether additional support is needed. Distribution system operators (DSOs) find it difficult to perform information security risk assessments of Advanced Metering Infrastructure (AMI). We have performed a case study in order to identify these difficulties and the reasons for them. Our findings indicate that the risk assessment method in itself is not the main challenge. The difficulties regard competence; more specifically, insight in possible information security threats and vulnerabilities, being able to foresee consequences, and making educated guesses about probability. Improved guidelines can be a valuable aid, but including information security experts as participants in the process is even more important.

Paper Nr: 18
Title:

Analyzing Quality Criteria in Role-based Identity and Access Management

Authors:

Michael Kunz, Ludwig Fuchs, Michael Netter and Günther Pernul

Abstract: Roles have turned into the de facto standard for access control in enterprise identity management systems. However, as roles evolve over time, companies struggle to develop and maintain a consistent role model. Up to now, the core challenge of measuring the current quality of a role model and selecting criteria for its optimization remains unsolved. In this paper, we conduct a survey of existing role mining techniques and identify quality criteria inherently used by these approaches. This guides organizations during the selection of a role mining technique that matches their company-specific quality preferences. Moreover, our analysis aims to stimulate the research community to integrate quality metrics in future role mining approaches.

Paper Nr: 25
Title:

A Novel Model of Security Policies and Requirements

Authors:

Preetam Mukherjee and Chandan Mazumdar

Abstract: The responsibility of controlling, monitoring, analyzing or enforcing security of a system becomes complex due to the interplay among different security policies and requirements. Many of the security requirements have overlap among themselves and they are not exhaustive in nature. For that reason, maintaining security requirements and designing optimal security controls are difficult, and involve wastage of valuable resources. Finding out a set of mutually exclusive and exhaustive security requirements and canonical policies will indeed ease the security management job. From this motivation, in this paper we try to find out a set of mutually exclusive and exhaustive security requirements. To do this, a small set of low-level security policy descriptions are proposed using Process Algebraic notions, by which all kinds of high level security policies can be represented. Non-compliance to this new set of security policies gives rise to a set of security violations. These security violations are mutually exclusive and exhaustive, so all the other security violations can be described by this basic set of security violations. From these security violations, a set of security requirements is determined. To preserve the security for any system it is necessary and sufficient to maintain these requirements.

Paper Nr: 29
Title:

Vulnerability Analysis using Network Timestamps in Full Virtualization Virtual Machine

Authors:

M. Noorafiza, H. Maeda, R. Uda, T. Kinoshita and M. Shiratori

Abstract: Virtualization is the main underlying technology for cloud computing. The popularity of cloud computing had expanded rapidly over the past few years. As any new technology advancement, cloud computing also has vulnerability possibilities and potential security risks. Therefore it is important to study and understand the underlying technologies in cloud computing and test any possible loophole that may give advantages for malware and attackers. Virtual machine (VM) is one of the basic component in cloud computing. VM itself is a program that executes multiple operating systems on one physical machine. Due to the complexity of the VM, together with the complex setting of the network environment and physical machine technology during the implementation of VM environment, vulnerability in the environment may occur. For example, the ability of malware to detect either the environment that they are attacking is on VM or not. Through this detection, the malware or attackers may hide its malicious program since VM are commonly used as defensive system for malware detection, such as honeypots. In this paper, we present a remote detection technique for VM that uses IP timestamp option in full virtualization that could be used to detect VM environment and contributing to VM vulnerability. Evaluation of this technique was done by examining and analysing the characteristic of IP packet timestamps replies from VM and real machine. This research finding could serve as new knowledge for further studies on how to provide comprehensive protection from VM vulnerability. This research also could formulate more effective security improvement that could lead to better security policy towards VM technology.

Paper Nr: 34
Title:

On Detection of Bitcoin Mining Redirection Attacks

Authors:

Nicolas T. Courtois, Pinar Emirdag and Zhouyixing Wang

Abstract: In this paper we study the question of centralisation in bitcoin digital currency. In theory bitcoin has been designed to be a totally decentralized distributed system. Satoshi Nakamoto has very clearly postulated that each node should be collecting recent transactions and trying to create new blocks [Satoshi08]. In bitcoin transactions are aggregated in block in order to authenticate them and form an official ledger and history of bitcoin transactions. In practice as soon as expensive ASIC bitcoin miners have replaced general-purpose hardware, production of bitcoins and the validation of transactions has concentrated in the hands of a smaller group of people. Then at some moment in early 2012 an important decision was taken: the Stratum protocol was designed [Palatinus12] which took a deliberate decision to move the power of selecting which transactions are included in blocks from miners to pool managers. The growing difficulty of mining and large standard deviation in this process [Rosenfeld13, CourtoisBahack14] made that majority of miners naturally shifted to pooled mining. At this moment bitcoin ceased being a decentralized democratic system. In this paper we survey the question of a 51% attacks and show that there is a large variety of plausible attack scenarios. In particular we study one particularly subversive attack scenario which depends on non-trivial internal details of the bitcoin hashing process. How does it compare with the current mining practices? We have study the Stratum protocol in four popular real-life mining con figurations. Our analysis shows that pools could very easily cheat the majority of people. However the most subversive versions of the attack are NOT facilitated and could potentially be detected.

Paper Nr: 36
Title:

Implementation and Analysis of Dutch-style Sealed-bid Auctions - Computational vs Unconditional Security

Authors:

Sriram Krishnamachari, Mehrdad Nojoumian and Kemal Akkaya

Abstract: Designing a sealed-bid auction protocol is a challenging problem in the field of applied cryptography. In the last couple of decades, numerous protocols have been proposed in the literature where each one has its own property in terms of the security model, communication and computation complexities. To the best of our knowledge, there has been no study to implement and compare a similar class of sealed-bid auction protocols. This paper therefore implements and evaluates five different Dutch-style sealed-bid auction protocols, of which three protocols are computationally secure and two protocols are unconditionally secure. It mainly focuses on the computational cost of the initialization and verification phases of these privacy-preserving protocols.

Paper Nr: 57
Title:

Modelling of Enterprise Insider Threats

Authors:

Puloma Roy and Chandan Mazumdar

Abstract: In this paper, a position has been taken to include the non-human active agents as insiders of an enterprise, as opposed to only human insiders as found in the literature. This eliminates the necessity of including the psycho-social and criminological behavioural traits to be incorporated in the management of insider threats. A framework of an Enterprise has been developed and it is shown that within the framework, both the human and non-human agents can be modelled as insider threats in a uniform manner. An example case has been analysed as supporting evidences for the point of view.

Paper Nr: 58
Title:

ICS/SCADA Security - Analysis of a Beckhoff CX5020 PLC

Authors:

Gregor Bonney, Hans Hoefken, Benedikt Paffen and Marko Schuba

Abstract: A secure and reliable critical infrastructure is a concern of industry and governments. SCADA systems (Supervisory Control and Data Acquisition) are a subgroup of ICS (Industrial Control Systems) and known to be well interconnected with other networks. It is not uncommon to use public networks as transport route but a rising number of incidents of industrial control systems shows the danger of excessive crosslinking. Beckhoff Automation GmbH is a German automation manufacturer that did not have bad press so far. The Beckhoff CX5020 is a typical PLC (Programmable Logic Controller) that is used in today’s SCADA systems. It is cross-linked through Ethernet and running a customized Windows CE 6.0, therefore the CX5020 is a good representative for modern PLCs which have emerged within the last years that use de facto standard operation systems and open standard communication protocols. This paper presents vulnerabilities of Beckhoff’s CX5020 PLC and shows ways to achieve rights to control the PLC program and the operation system itself. These vulnerabilities do not need in-depth knowledge of penetration testing, they demonstrate that switching to standard platforms brings hidden features and encapsulating SCADA protocols into TCP/IP might not always be a good idea – underlining that securing ICS systems is still a challenging topic.

Posters
Paper Nr: 2
Title:

Optimizing Cryptographically based Security in Wireless Networks

Authors:

Stuart Jacobs

Abstract: Within wireless networks, an unauthorized or malicious wireless device can receive broadcasted messages or broadcast its own messages at any time provided it is within signal range of other wireless network nodes. Wireless networks have a higher rate of bit errors (BER) when compared to wired networks. The frequency of attacks on networks has grown in parallel with development of wireless networking. Many attacks against network traffic can be defeated by the use of cryptographic mechanisms. Given how wired network links experience statistically low BER, the likelihood of a message being rejected by cryptographic protection mechanism use, due to bit errors, is also low. Wireless networks have a significantly higher BER that will result in higher message rejection rates when cryptographic protection mechanisms are used. When messages are rejected, retransmission will be required thereby increasing bandwidth utilization of wireless links. Since wireless networks use many protocols secured via cryptographic functions, the ability to reduce message rejection rates due to bit errors will positively affect wireless link utilization rates. Research is needed that focuses on determining how to optimize the use of cryptographic security mechanisms in high BER environments while minimizing network device and transmission link resources.

Paper Nr: 33
Title:

Clustering Spam Emails into Campaigns

Authors:

Mina Sheikh Alishahi, Mohamed Mejri and Nadia Tawbi

Abstract: Spam emails constitute a fast growing and costly problems associated with the Internet today. To fight effectively against spammers, it is not enough to block spam messages. Instead, it is necessary to analyze the behavior of spammer. This analysis is extremely difficult if the huge amount of spam messages is considered as a whole. Clustering spam emails into smaller groups according to their inherent similarity, facilitates discovering spam campaigns sent by a spammer, in order to analyze the spammer behavior. This paper proposes a methodology to group large sets of spam emails into spam campaigns, on the base of categorical attributes of spam messages. A new informative clustering algorithm, named Categorical Clustering Tree (CCTree), is introduced to cluster and characterize spam campaigns. The complexity of the algorithm is also analyzed and its efficiency has been proven.

Paper Nr: 39
Title:

Defeating DDoS using Productive Puzzles

Authors:

Mehmud Abliz and Taieb F. Znati

Abstract: In this paper, we present Productive Puzzles, a novel puzzle mechanism for defending against Distributed Denial of Service (DDoS) attacks. Productive puzzles aim to use tasks from real applications and services—as opposed to repetitive cryptographic computations that only serve the security purpose—as the work to be completed by the client, therefore making meaningful use of the client resources that would be wasted otherwise. We prove that tight bounds on the probability of successful cheating can be achieved by using only a small number of tasks in a productive puzzle. Hardness of productive puzzles is dynamically adjusted based on the server load and the cost of processing the client’s request, consequently making it harder for adversaries to leverage expensive requests in their attacks. Furthermore, a novel cache algorithm is introduced to prevent the puzzle solution replay attack that is a common threat to all puzzle based DDoS defense mechanisms. We evaluate the effectiveness of the productive puzzle scheme in a realistic experimental environment, and show that it provides nearly optimal puzzle based defense against DDoS attacks.

Paper Nr: 45
Title:

HIDE: Hybrid Symmetric Key Algorithm for Integrity Check, Dynamic Key Generation and Encryption

Authors:

Jayagopal Narayanaswamy, Raghav V. Sampangi and Srinivas Sampalli

Abstract: This paper proposes a hybrid encryption technique that generates a key dynamically, along with integrity check parameters. Our approach generates the key stream using a chained approach, beginning with an initial pre-shared key. Subsequent keys are derived using logical operations on intermediate cipher texts and intermediate keys generated in each stage. This is an improvement over chaining techniques, which use a cipher text to derive successive keys. We validate our algorithm by proof-of-concept implementation and security analysis.

Area 2 - Trust

Short Papers
Paper Nr: 56
Title:

A Policy-based Communications Architecture for Vehicles

Authors:

Vassilis Prevelakis and Mohammad Hamad

Abstract: Despite the fact that numerous studies have indicated that vehicular networks are vulnerable to external and internal attacks, very little effort has been expended in safeguarding communications both between elements within the vehicle and between the vehicle and the outside world. In this paper we present a mechanism that allows communications policy (essentially who can talk with whom and the security parameters of the channel) to be defined during the design of the software component and then adapted as the component undergoes integration first within subsystems and so on all the way to the final integration in the operational vehicle. We provide a mechanism that can maintain the integrity of the policy throughout the development effort and, finally, enforce the policy during the operation of the component in the production vehicle.

Paper Nr: 60
Title:

Research Ethics and Public Trust, Preconditions for Continued Growth of Internet Mediated Research - Public Confidence in Internet Mediate Research

Authors:

Ansgar Koene, Elvira Perez, Christopher J. Carter, Ramona Statache, Svenja Adolphs, Claire O'Malley, Tom Rodden and Derek McAuley

Abstract: In this paper we argue for the position that responsible safeguards for privacy and ethical treatment of human data are of vital importance to retain the public confidence and trust that is necessary for the development and future success of internet mediated research (IMR). We support our position based on the high level of popular and media attention that is currently directed at IMR, which in combination with the relative uncertainties that still exist around the ethics of various IMR methods, raises the risk that IMR might succumb to a public backlash of similar proportions to the controversy that hit genetically modified (GM) crops in Europe. Based on the lessons that came out of the GM crops controversy we discuss the ethics requirements and challenges that must be met in order to retain the public trust in IMR. We end our argument by briefly reviewing a couple of examples of “privacy protecting architectures” that are being developed for IMR.

Posters
Paper Nr: 49
Title:

Filtering Unfair Users - A Hidden Markov Model Approach

Authors:

Bushra Anjum, Manish Rajangam, Harry Perros and Wenjuan Fan

Abstract: We propose a method based on Hidden Markov Models (HMM) for filtering out users who submit unfair ratings to an online reputation system. We assume that users are fair, positively biased, and negatively biased, and each user submits a number of ratings. A different HMM (A, B, π) is used to describe each of the three types of user, with the only difference in these HMMs being matrix B. For each user, we train an HMM based on the user's ratings, and subsequently the B matrices of the trained HMMs are clustered together into two groups: fair and unfair (both positively and negatively biased), which permits us to identify the group of fair users. The A matrices of the filtered fair users are then aggregated in order to estimate the A matrix of the quality of the service under study. Also, using the HMMs of the fair users, we obtain the most probable current state of the quality of the service.

Area 3 - Privacy and Confidentiality

Full Papers
Paper Nr: 15
Title:

Model-driven Privacy Assessment in the Smart Grid

Authors:

Fabian Knirsch, Dominik Engel, Christian Neureiter, Marc Frincu and Viktor Prasanna

Abstract: In a smart grid, data and information are transported, transmitted, stored, and processed with various stakeholders having to cooperate effectively. Furthermore, personal data is the key to many smart grid applications and therefore privacy impacts have to be taken into account. For an effective smart grid, well integrated solutions are crucial and for achieving a high degree of customer acceptance, privacy should already be considered at design time of the system. To assist system engineers in early design phase, frameworks for the automated privacy evaluation of use cases are important. For evaluation, use cases for services and software architectures need to be formally captured in a standardized and commonly understood manner. In order to ensure this common understanding for all kinds of stakeholders, reference models have recently been developed. In this paper we present a model-driven approach for the automated assessment of such services and software architectures in the smart grid that builds on the standardized reference models. The focus of qualitative and quantitative evaluation is on privacy. For evaluation, the framework draws on use cases from the University of Southern California microgrid.

Paper Nr: 27
Title:

A Scratch-based Graphical Policy Editor for XACML

Authors:

Henrik Nergaard, Nils Ulltveit-Moe and Terje Gjøsæter

Abstract: This paper proposes a policy-maker -friendly editor for the eXtensible Access Control Markup Language (XACML) based on the programming language Scratch. Scratch is a blocks-based programming language designed for teaching children programming, which allows users to build programs like a puzzle. We take this concept one step further with an XACML policy editor based on the graphic programming elements of Scratch implemented in Smalltalk. This allows for aiding the user on how to build policies by grouping blocks and operators that fit together and also indicating which blocks that will stick together. It simplifies building the XACML policies while still having an XACML "feel" of the graphic policies.

Paper Nr: 47
Title:

Adaptive Buffer Resizing for Efficient Anonymization of Streaming Data with Minimal Information Loss

Authors:

Aderonke Busayo Sakpere and Anne V. D. M. Kayem

Abstract: Mobile crime reporting systems have emerged as an effective and efficient approach to crime data collection in developing countries. The collection of this data has raised the need to analyse or mine the data to deduce patterns that are helpful in addressing crime. Since data analytic expertises are limited in developing nations, outsourcing the data to a third-party service provider is a cost effective management strategy. However, crime data is inherently privacy sensitive and must be protected from ``honest-but-curious" service providers. In order to speed up real time analysis of the data, streaming data can be used instead of static data. Streaming data anonymity schemes based on k-anonymity offer fast privacy preservation and query processing but are reliant on buffering schemes that incur high information loss rates on intermittent data streams. In this paper, we propose a scheme for adjusting the size of the buffer based on data arrival rates and use k-anonymity to enforce data privacy. Furthermore, in order to handle buffered records that are unanonymizable, we use a heuristic that works by either delaying the unanonymized record(s) to the next buffering cycle or incorporating the record(s) into a cluster of anonymized records with similar privacy constraints. The advantage of this approach to streaming-data anonymization is two-fold. First, we ensure privacy of the data through k-anonymization, and second, we ensure minimal information loss from the unanonymized records thereby, offering the opportunity for high query result accuracy on the anonymized data. Results from our prototype implementation demonstrate that our proposed scheme enhances privacy for data analytics. With varied data privacy requirement levels, we incur an average information loss in delay of 1.95\% compared to other solutions that average a loss of 12.7\%.

Short Papers
Paper Nr: 8
Title:

Private Web Search with Constant Round Efficiency

Authors:

Bolam Kang, Sung Cheol Goh and Myungsun Kim

Abstract: Web searches are increasingly becoming essential activites because they are often the most effective and convenient way of finding information. However, a web search can be a threat to the privacy of users because their queries may reveal sensitive information. Private web search (PWS) solutions allow users to find information on the Internet while preserving their privacy. According to their underlying technology, existing PWS solutions can be divided into three types: Proxy-based solutions, Obfuscation-based solutions, and Cryptography-based solutions. Among them, cryptography-based PWS (CB-PWS) systems are particularly interesting because they provide strong privacy guarantees. In this paper, we present a constant-round CB-PWS protocol that preserves computational efficiency compared to known CB-PWS systems. To prove these arguments, we first analyze the efficiency of our protocol. According to our analysis, our protocol simply requires 3n modular exponentiations for n users. In particular, our protocol is a 5-round protocol that requires O(n) communication complexity. In addition, evaluating the security of our protocol shows that our construction is comparable to similar solutions in terms of user privacy.

Paper Nr: 17
Title:

Performance-optimized Indexes for Inequality Searches on Encrypted Data in Practice

Authors:

Jan Lehnhardt, Tobias Rho, Adrian Spalka and Armin B. Cremers

Abstract: For information systems in which the server must operate on encrypted data (which may be necessary because the service provider cannot be trusted) solutions need to be found that enable fast searches on that data. In this paper we present an approach for encrypted database indexes that enable fast inequality, i.e., range searches, such that also prefix searches on lexicographically ordered but encrypted data are possible. Unlike common techniques that address this issue as well, like hardware-based solutions or order-preserving encryption schemes, our indexes do not require specialized, expensive hardware and use only well-accredited software components; they also do not reveal any information about the encrypted data besides their order. Moreover, when implementing the indexing approach in a commercial software product, multiple application-centric optimization opportunities of the index’s performance did emerge, which are also presented in this paper. They include basic performance-increasing measures, pipelined index scans and updates and caching strategies. We further present performance test results proving that our indexing approach shows good performance on substantial amounts of data.

Posters
Paper Nr: 13
Title:

Expansions of CHAP - Modificationless on Its Structures of Packet and Data Exchange

Authors:

Masaki Inamura

Abstract: I propose new authentication protocols using/unmodifying the structures of packet and data exchange on CHAP (Challenge Handshake Authentication Protocol). CHAP is one of the most popular authentication protocols because of very simple scheme and no vulnerability of its structures of packet and data exchange. Therefore, this protocol is used a lot of services over the Internet as de facto standard. However, unlawful access often happens caused by users’ mistakes of password setting, e.g. password-list-attacks, and proposing/ implementation of other authentication methods without using password are urgent. To solve the problem, I propose new scheme which can send many type of authentication codes using intact CHAP. By using my proposal, other authentication method using password authentication together can be realized with a minimum cost burden.

Paper Nr: 21
Title:

Malware Classification Method Based on Sequence of Traffic Flow

Authors:

Hyoyoung Lim, Yukiko Yamaguchi, Hajime Shimada and Hiroki Takakura

Abstract: Network-based malware classification plays an important role in improving system security than system-based malware classification. The vast majority of malware needs a network activity in order to accomplish its purpose (e.g., downloading malware, connecting to a C&C server, etc.). Many malware classification approaches based on network behavior have thus been proposed. Nevertheless, they merely rely on either a request URL or payload for signature matching. To classify the network activity of malware, the patterns of network behavior must be understood and the changes in behavior observed. Therefore, the sequence of flows and their correlation caused by the malware should be analysed. In this paper, we present a novel malware classification method based on clustering of flow features and sequence alignment algorithms for computing sequence similarity, which represents network behavior of malware. We focus on analysing the sequence similarity between the sequence patterns of malware traffic flow generated by executing malware on the dynamic analysing system. We also performed an evaluation by using malware traffic collected from a real environment. On the basis of our experimental results, we identified the most appropriate method for classifying malware by similarity of network activity.

Paper Nr: 42
Title:

Bilinear Pairing-based Hybrid Mixnet with Anonymity Revocation

Authors:

Andrea Huszti and Zita Kovacs

Abstract: A hybrid mix is presented providing anonymity and eligibility verification of senders, the possibility of anonymous reply and anonymity revocation, that are usually required in practice. Furthermore the proposed mix is capable of processing messages with arbitrarily length. In the process of design we applied bilinear pairings due to their good properties. We compared the time and space complexity of Zhong’s mix (Zhong, 2009) to our one, we achieved better efficiency. In the security evaluation we prove, that our mix is correct, provides anonymity and eligibility verification for senders.

Paper Nr: 50
Title:

Privacy and Security Concern of Online Social Networks from User Perspective

Authors:

Al Amin Hossain and Weining Zhang

Abstract: Personal data sharing has emerged as a popular activity on online social networks such as Facebook, Google+, Twitter. As a result, privacy issues have received significant attention in both the research literature and the mainstream media. In this study, we designed a set of questions aimed to learn about user views of online privacy, user knowledge about OSNs privacy settings, and user awareness of privacy disclosure. Our goal is to find out from the users whether and how well users are knowledgable of, satisfied with, and able to effectively use available privacy settings. The information obtained from this study can be used to help OSNs adjust their privacy settings to better match user expectations, and help privacy advocates design better ways to help users control the disclosure of their online information. We collected answers to the questions from a group of 377 users, selected via several methods, who have experiences with multiple OSNs, including Facebook, Google+, and LinkedIn. We analyzed the data with respect to user demographics. Our study shows that 44% of the users lack the knowledge about privacy policies and mechanisms of their OSNs; 34% and 41% of the users, respectively, are seriously and somewhat concern about their privacy protection; and 80% of the users do not think their OSNs have provided sufficient privacy control or default privacy settings that match their expectations. Based on our analysis, we propose several options for OSNs and OSN users to improve the user privacy.

Area 4 - Biometric Authentication

Full Papers
Paper Nr: 24
Title:

The Palm Vein Graph - Feature Extraction and Matching

Authors:

Arathi Arakala, Hao Hao, Stephen Davis and K. J. Horadam

Abstract: We present a graphical representation for palm vein patterns for use as biometric identifiers. The palm vein image captured from an infra red camera is converted into a spatial graph. After image enhancement and binarisation, the palm vein features are extracted from the skeleton using a novel two stage spur removal technique. The location of the features and the connections between them are used to define a Palm Vein Graph. Palm vein graphs are compared using the Biometric Graph Matching (BGM) Algorithm. We propose a graph registration algorithm that improves over existing state of the art algorithms for graph registration. We introduce 10 graph topology-based measures for comparing palm vein graphs. Experiments are conducted on a public palm vein database. One of the introduced measures, an edge-based similarity, gave a definite improvement in matching accuracies over other published results on the same database, especially for samples with only a small common overlap area due to displacement. In addition, when the edge-based measure was combined with one of three other topological features, we demonstrate a further improvement in matching accuracy.

Paper Nr: 28
Title:

Balancing is the Key - Performing Finger Vein Template Protection using Fuzzy Commitment

Authors:

Mélanie Favre, Sylvaine Picard, Julien Bringer and Hervé Chabanne

Abstract: We propose a novel vein extraction technique adapted to template protection and use it to apply a fuzzy commitment scheme. We construct dedicated error correcting codes that enable us to maintain a good accuracy after template protection. In a second application, we offer to overcome the alignment issues when comparing two vein templates by performing this step outside of the protection scheme. Different implementations are proposed to explore trade-offs between False Rejection Rate, False Acceptance Rate, comparison time and security. All approaches are tested on the recent database of University of Twente from ICB 2013. Our biometric performances are close to state of the art approaches whilst bringing security with the template protection scheme.

Short Papers
Paper Nr: 22
Title:

Quality Assessment of Fingerprints with Minutiae Delaunay Triangulation

Authors:

Z. Yao, J. Le Bars, C. Charrier and C. Rosenberger

Abstract: This article proposes a new quality assessment method of fingerprint, represented by only a set of minutiae points. The proposed quality metric is modeled with the convex-hull and Delaunay triangulation of the minutiae points. The validity of this quality metric is verified on several Fingerprint Verification Competition (FVC) databases by referring to an image-based metric from the state of the art (considered as the reference). The experiments of the utility-based evaluation approach demonstrate that the proposed quality metric is able to generate a desired result. We reveal the possibility of assessing fingerprint quality when only the minutiae template is available.

Paper Nr: 30
Title:

The Smartphone as a Gait Recognition Device - Impact of Selected Parameters on Gait Recognition

Authors:

Josselyn Le Moing and Ingo Stengel

Abstract: This paper aims to identify the impacts of a couple of parameters on gait recognition when a build-in smartphone accelerometer is used. The use of different types of shoes impacts significantly gait recognition while the matching rate on a different surface e.g. grass has only a minor impact. A correlation between accelerometer’s data and the phone position was identified. For this, data originating from the Z-axis as well as from the X-Y-Z –axis was used together with Dynamic Time Warping (DTW) for template generation and matching tests.

Paper Nr: 32
Title:

EvaBio Platform for the Evaluation Biometric System - Application to the Optimization of the Enrollment Process for Fingerprints Devices

Authors:

B. Vibert, Z. Yao, S. Vernois, J-M. Le Bars, C. Charrier and C. Rosenberger

Abstract: Nowadays, when someone wants to make a payment with a smartcard, the user has to enter a pin code to be identified. Only biometrics is able to authenticate a user; yet biometric information is sensitive. To ensure the security and privacy of biometric data, OCC (On-Card-Comparison) has been proposed. This approach consists in storing biometric data in a secure zone on a smartcard and computing the verification decision in a Secure Element (SE). The purpose of this paper is to propose an evaluation platform for testing biometric systems such as the analysis of performance and security on biometric OCC. Based on two examples, we illustrate its different uses in an operationnal context. The first example focus on the ”Quality module” which allows to choose the enrollment by considering the fingerprint quality with one proposed metric. The second one addresses the minutiae reduction of the fingerprint template when the number of minutiae is higher than expected by the OCC.

Posters
Paper Nr: 38
Title:

Fingerprint Quality Assessment Combining Blind Image Quality, Texture and Minutiae Features

Authors:

Z. Yao, J. Le Bars, C. Charrier and C. Rosenberger

Abstract: Biometric sample quality assessment approaches are generally designed in terms of utility property due to the potential difference between human perception of quality and the biometric quality requirements for a recognition system. This study proposes a utility based quality assessment method of fingerprints by considering several complementary aspects: 1) Image quality assessment without any reference which is consistent with human conception of inspecting quality, 2) Textural features related to the fingerprint image and 3) minutiae features which correspond to the most used information for matching. The proposed quality metric is obtained by a linear combination of these features and is validated with a reference metric using different approaches. Experiments performed on several trial databases show the benefit of the proposed fingerprint quality metric.

Area 5 - Mobile Systems Security

Full Papers
Paper Nr: 23
Title:

A Novel Anonymous Authenticated Key Agreement Protocol for Vehicular Ad Hoc Networks

Authors:

Carsten Büttner and Sorin A. Huss

Abstract: Privacy in Vehicular Ad-hoc NETworks (VANETs) is one of the most important issues to attract users to this new technology. In this paper we propose a novel protocol that allows vehicles using the same application in a VANET to agree on an encryption key to exchange confidential data while preserving the privacy. We do this by combining the Elliptic Curve Integrated Encryption Scheme (ECIES) with ring signatures and we evaluate the protocol with respect to the privacy of the vehicle. These results clearly demonstrate that the privacy of vehicles can be preserved while reducing considerably the number of necessary pseudonyms in comparison to exploiting ECIES only.

Paper Nr: 26
Title:

Multi-sensor Authentication to Improve Smartphone Security

Authors:

Wei-Han Lee and Ruby B. Lee

Abstract: The widespread use of smartphones gives rise to new security and privacy concerns. Smartphone thefts account for the largest percentage of thefts in recent crime statistics. Using a victim's smartphone, the attacker can launch impersonation attacks, which threaten the security of the victim and other users in the network. Our threat model includes the attacker taking over the phone after the user has logged on with his password or pin. Our goal is to design a mechanism for smartphones to better authenticate the current user, continuously and implicitly, and raise alerts when necessary. In this paper, we propose a multi-sensors-based system to achieve continuous and implicit authentication for smartphone users. The system continuously learns the owner's behavior patterns and environment characteristics, and then authenticates the current user without interrupting user-smartphone interactions. Our method can adaptively update a user's model considering the temporal change of user's patterns. Experimental results show that our method is efficient, requiring less than 10 seconds to train the model and 20 seconds to detect the abnormal user, while achieving high accuracy (more than 90%). Also the combination of more sensors provide better accuracy. Furthermore, our method enables adjusting the security level by changing the sampling rate.

Short Papers
Paper Nr: 44
Title:

On the Power Consumption of Cryptographic Processors in Civil Microdrones

Authors:

Abdulhadi Shoufan, Hassan Alnoon and Joonsang Baek

Abstract: In this paper we analyze the security requirements of civil microdrones and propose a hardware architecture to meet these requirements. While hardware solutions are usually used to accelerate cryptographic operations and reduce their power consumption, we show that the latter aspect needs to be reviewed in the context of civil drones. Specifcally, adding cryptgraphic hardware to a flying device increases its weight and, thus, the power needed to fly this device. Depending on the relative weight of the added cryptographic processor, the computational power advantage of the hardware solution may be undone by the additional hadrware weight. This aspect is analyzed for the proposed hardware solution.