ICISSP 2016 Abstracts


Full Papers
Paper Nr: 16
Title:

Injecting CSP for Fun and Security

Authors:

Christoph Kerschbaumer, Sid Stamm and Stefan Brunthaler

Abstract: Content Security Policy (CSP) defends against Cross Site Scripting (XSS) by restricting execution of JavaScript to a set of trusted sources listed in the CSP header. A high percentage (90%) of sites among the Alexa top 1,000 that deploy CSP use the keyword unsafe-inline, which permits all inline scripts to run—including attacker–injected scripts—making CSP ineffective against XSS attacks. We present a system that constructs a CSP policy for web sites by whitelisting only expected content scripts on a site. When deployed, this auto-generated CSP policy can effectively protect a site’s visitors from XSS attacks by blocking injected (non-whitelisted) scripts from being executed. While by no means perfect, our system can provide significantly improved resistance to XSS for sites not yet using CSP.

Paper Nr: 25
Title:

Anomaly-based Mobile Malware Detection: System Calls as Source for Features

Authors:

Dominik Teubert, Fred Grossmann and Ulrike Meyer

Abstract: Mobile malware nowadays poses a serious threat to end users of mobile devices. Machine learning techniques have a great potential to automate the detection of mobile malware. However, prior work in this area mostly focused on using classifiers that require training with data from both the benign as well as the malicious class. As a consequence, training these models requires feature extraction from large amounts of mobile malware, a task that becomes increasingly difficult considering the obfuscation and emulator detection capabilities of modern mobile malware. In this paper we propose the use of one-class classifiers. The advantage of using these models is that they are exclusively trained with data from the benign class. In particular, we compare generative as well as discriminative modeling approaches, namely Hidden Markov Models and one-class Support Vector Machines. We use system calls as source for our features and compare the discriminatory power of binary feature vectors, frequency vectors, as well as temporally ordered sequences of system calls.

Paper Nr: 28
Title:

Security and Privacy Practices in Healthcare Information Systems: A Cluster Analysis of European Hospitals

Authors:

Sylvestre Uwizeyemungu and Placide Poba-Nzaou

Abstract: In the past years, increasing efforts have been made toward the implementation of healthcare information technology with the aim of improving patient care and safety, while lowering healthcare systems’ costs. However, the transition from a paper-dominant system toward a fully electronically-based system brings with it major challenges in healthcare systems. It particularly exposes healthcare providers and users to more security and privacy risks which come with the digitization of health records. Drawing on data from 1723 European hospitals, we identified, through a cluster analysis, four distinct patterns of health information technology-related security and privacy practices. We found that most European hospitals fail to implement basic security measures consistent with the use of health information technology (HIT). This study contributes to raise awareness on HIT-related security and privacy issues that can negatively affect healthcare users’ trust and impede the effective delivery of healthcare services. An appropriate response to the HIT-related security and privacy concerns will increase the acceptability of the digitization of healthcare services.

Paper Nr: 32
Title:

Handwritten Signature Verification for Mobile Phones

Authors:

Nilakantha Paudel, Marco Querini and Giuseppe F. Italiano

Abstract: Handwritten Signature Verification (HSV) systems have been introduced to automatically verify the authenticity of a user signature. In offline systems, the handwritten signature (represented as an image) is taken from a scanned document, while in online systems, pen tablets are used to register signature dynamics (e.g., its position, pressure and velocity). The main contribution of this work is a new HSV algorithm specifically designed for running on low-end mobile devices. Towards this end, we report the results of an experimental evaluation of our system on different handwritten signature datasets.

Paper Nr: 33
Title:

Personalised Privacy by Default Preferences - Experiment and Analysis

Authors:

Toru Nakamura, Shinsaku Kiyomoto, Welderufael B. Tesfay and Jetzabel Serna

Abstract: In this paper, we present a novel mechanism that provides individuals with personalised privacy by default setting when they register into a new system or service. The proposed approach consists of an intelligent mechanism that learns users’ context and preferences to generate personalised default privacy settings. To achieve this, we used a machine learning approach that requires a minimal number of questions at the registration phase, and, based on users’ responses, sets up privacy settings associated to users’ privacy preferences for a particular service. This is the first attempt to predict general privacy preferences from a minimal number of questions. We propose two approaches. The first scheme is based on the sole use of SVM to predict users’ personalised settings. The second scheme implemented an additional layer that includes clustering. The accuracy of proposed approaches is evaluated by comparing the guessed answers against the answers from a questionnaire administered to 10,000 participants. Results show that, the SVM based scheme is able to guess the the full set of personalised privacy settings with an accuracy of 85%, by using a limited input of only 5 answers from the user.

Paper Nr: 36
Title:

Comparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare

Authors:

Ana Ferreira and Gabriele Lenzini

Abstract: In healthcare security, Role-based Access Control (RBAC) should be flexible and include capabilities such as Break-the-Glass and Delegation. The former is useful in emergencies to overcome otherwise a denial of access, the latter to transfer rights temporarily, for example, to substitute doctors. Current research studies these policies separately, but it is unclear whether they are different and independent capabilities. Motivated to look into this matter, we present a formal characterization of Break-the-Glass and Delegation in the RBAC model and we inquire on how these two policies relate. After giving arguments in favour of keeping them apart as different policies, we propose an RBAC model that includes them.

Paper Nr: 37
Title:

Differential Security Evaluation of Simeck with Dynamic Key-guessing Techniques

Authors:

Kexin Qiao, Lei Hu and Siwei Sun

Abstract: The Simeck family of lightweight block ciphers was proposed in CHES 2015 which combines the good design components from NSA designed ciphers SIMON and SPECK. Dynamic key-guessing techniques were proposed by Wang et al. to greatly reduce the key space guessed in differential cryptanalysis and work well on SIMON. In this paper, we implement the dynamic key-guessing techniques in a program to automatically give out the data in dynamic key-guessing procedure and thus simplify the security evaluation of SIMON and Simeck like block ciphers regarding differential attacks. We use the differentials from Kolbl ¨ et al.’s work and also a differential with lower Hamming weight we find using Mixed Integer Linear Programming method to attack Simeck. We improve the previous best results on all versions of Simeck by 2 rounds.

Paper Nr: 39
Title:

Efficient Authorization Authority Certificate Distribution in VANETs

Authors:

Sebastian Bittl and Karsten Roscher

Abstract: Car-to-X communication systems are about to enter the mass market in upcoming years. Security in these networks depends on digital signatures managed by a multi-level certificate hierarchy. Thereby, certificate distribution is critical in regard to channel utilization and data reception delay via security caused packet loss. These issues are even more significant in case not only pseudonym certificates but also authorization authority certificates have to be exchanged between nodes in the VANET. Prior work has not studied distribution of the elements of a multi-level certificate chain in detail. Hence, this work provides an analysis of the currently standardized mechanisms and identifies several drawbacks of the straight forward solution proposed so far. Thereby, we find a severe denial of service attack on that solution. Moreover, the distribution problem is found to be similar to the packet forwarding problem encountered in position-based routing. Thus, we study several strategies for efficient distribution of a certificate chain in regard to channel load, which are adapted from their counterparts in position-based routing. Thereby, we find that by combining pseudonym certificate buffering with requester based responder selection the requirement for certificate chain distribution in VANETs can be removed completely. Hence, the proposed design avoids the identified denial of service weakness and reduces the worst case size of the security envelope of VANET messages by more than a third.

Paper Nr: 42
Title:

Quantitative Evaluation of Security on Cryptographic ICs against Fault Injection Attacks

Authors:

C. Shao, H. Li and G. Xu

Abstract: Fault injection attacks have become a serious threat against cryptographic ICs. However, the traditional security evaluation often demands experienced engineers repeatedly scan the IC under test for a few hours to a few days, and take the workload statistics and experiences as qualitative indexes. This paper proposes a quantitative model to evaluate security based Design for Security Test (DFST), considering both the sensitive time during the algorithm operation and the sensitive area of the cryptographic IC against fault injection attacks. The case study on two RSA implementations demonstrates the feasibility of the quantitative evaluation of security model.

Paper Nr: 46
Title:

A Collaborative Analysis System for Cross-organization Cyber Incident Handling

Authors:

Giuseppe Settanni, Florian Skopik, Yegor Shovgenya and Roman Fiedler

Abstract: Information and Communication Technology (ICT) systems are predominant in today’s energy, finance, transportation and telecommunications infrastructures. Protecting such Critical Infrastructures (CIs) against modern cyber threats and respond to sophisticated attacks is becoming as complex as essential. A synergistic and coordinated effort between multiple organizations is required in order to tackle this kind of threats. Incidents occurring in interconnected critical infrastructures can be effectively handled only if a cooperation plan between different stakeholders is in place. Organizations need to cooperatively exchange security-relevant information in order to obtain a broader knowledge on the current cyber situation of their infrastructures and timely react if necessary. National cyber Security Operations Centers (SOCs), as proposed by the European NIS directive, are being established worldwide to achieve this goal. Critical infrastructure providers are asked to report to the national SOCs about security issues revealed in their networks. National SOCs correlate all the gathered data, analyze it and eventually provide support and mitigation strategies to the affiliated organizations. Although most of these tasks can be automated, human involvement is still necessary to enable SOCs to adequately take decisions on occurring incidents and quickly implement counteractions. In this paper we therefore introduce and evaluate a semi-automated analysis engine for cyber incident handling. The proposed approach, named CAESAIR (Collaborative Analysis Engine for Situational Awareness and Incident Response), aims at supporting SOC operators in collecting significant security-relevant data from various sources, investigating on reported incidents, correlating them and providing a possible interpretation of the security issues affecting concerned infrastructures.

Paper Nr: 47
Title:

On TLS 1.3 - Early Performance Analysis in the IoT Field

Authors:

Simone Bossi, Tea Anselmo and Guido Bertoni

Abstract: The TLS 1.3 specifications are subject to change before the final release, and there are still details to be clarified, but yet some directions have been stated. In the IoT scenario, where devices are constrained, it is important and critical that the added security benefits of the new TLS 1.3 does not increase complexity and power consumption significantly compared to TLS 1.2. This paper provides an overview of the novelties introduced in TLS 1.3 draft finalized to improve security and latency of the protocol: the reworked handshake flows and the newly adopted cryptographic algorithms are analyzed and compared in terms of security and latency to the current TLS in use. In particular, the analysis is focused on performance and memory requirements overhead introduced by the TLS 1.3 current specifications, and the final section reports simulation results of a commercial cryptographic library running on a low end device with an STM32 microcontroller.

Paper Nr: 48
Title:

An Approach to Personalized Privacy Policy Recommendations on Online Social Networks

Authors:

Ammar Abuelgasim and Anne Kayem

Abstract: Most Online Social Networks (OSNs) implement privacy policies that enable users to protect their sensitive information against privacy violations. However, observations indicate that users find these privacy policies cumbersome and difficult to configure. Consequently, various approaches have been proposed to assist users with privacy policy configuration. These approaches are however, limited to either protecting only profile attributes, or only protecting user-generated content. This is problematic, because both profile attributes and user-generated content can contain sensitive information. Therefore, protecting one without the other, can still result in privacy violations. A further drawback of existing approaches is that most require considerable user input which is time consuming and inefficient in terms of privacy policy configuration. In order to address these problems, we propose an automated privacy policy recommender system. The system relies on the expertise of existing OSN users, in addition to the target user's privacy policy history to provide him/her with personalized privacy policy suggestions for profile attributes, as well as user-generated content. Results from our prototype implementation indicate that the proposed recommender system provides accurate privacy policy suggestions, with minimum user input.

Paper Nr: 68
Title:

Retrospective Study of Third-party Web Tracking

Authors:

Tim Wambach and Katharina Bräunlich

Abstract: Web tracking has seen a remarkable usage increase during the last years. Unfortunately, an overview of how web tracking evolved within the last ˜15 years is missing. In this paper we present a retrospective analysis using archived data to quantify the usage and distribution of web tracking and how it changed throughout the last decade. We identify a more than five fold increase in external requests between 2005 and 2014. About half of the analyzed websites have a web tracking based inclusion today (2015). As web tracking is often associated with a risk of privacy loss, we also outline the security implications of monopolized ubiquitous tracking.

Paper Nr: 70
Title:

DDHCS: Distributed Denial-of-service Threat to YARN Clusters based on Health Check Service

Authors:

Wenting Li, Qingni Shen, Chuntao Dong, Yahui Yang and Zhonghai Wu

Abstract: Distributed denial-of-service (DDoS) attack continues to grow as a threat to organizations worldwide. This attack is used to consume the resources of the target machine and prevent the legitimate users from accessing them. This paper studies the vulnerabilities of Health Check Service in Hadoop/YARN and the threat of denial-of-service to a YARN cluster with multi-tenancy. We use theoretical analysis and numerical simulations to demonstrate the effectiveness of this DDoS attack based on health check service (DDHCS). Our experiments show that DDHCS is capable of causing significant impacts on the performance of a YARN cluster in terms of high attack broadness (averagely 85.6%), high attack strength (more than 80%) and obviously resource utilization degradation. In addition, some novel schemes are proposed to prevent DDHCS attack efficiently by improving the YARN security.

Paper Nr: 77
Title:

Performance Analysis of Real Time Implementations of Voice Encryption Algorithms using Blackfin Processors

Authors:

Cristina-Loredana Duta, Laura Gheorghe and Nicolae Tapus

Abstract: A large part of the latest research in speech coding and speech encryption algorithms is motivated by the need of obtaining secure military communications, to allow effective operation in a hostile environment. Since the bandwidth of the communication channel is a sensitive problem in military applications, low bitrate speech compression methods and high throughput encryption algorithms are mostly used. Several speech encryption methods are characterized by very strict requirements in power consumption, size, and voltage supply. These requirements are difficult to fulfill, given the complexity and number of functions to be implemented, together with the real time requirement and large dynamic range of the input signals. To meet these constraints, careful optimization should be done at all levels, ranging from algorithmic level, through system and circuit architecture, to layout and design of the cell library. The key points of this optimization are among others, the choice of the algorithms, the modification of the algorithms to reduce computational complexity, the choice of a fixed-point arithmetic unit, the minimization of the number of bits required at every node of the algorithm, and a careful match between algorithms and architecture. This paper describes the performance analysis on Digital Signal Processor (DSP) platform of some of the recently proposed voice encryption algorithms, as well as the performance of stream ciphers such as Grain v1, Trivium and Mickey 2.0 (which are suited for real time voice encryption). The algorithms were ported onto a fixed point DSP, Blackfin 537, and stage by stage optimization was performed to meet the real time requirements. Memory optimization techniques such as data placement and caching were also used to reduce the processing time. The goal was to determine which of the evaluated encryption algorithms is best suited for real time secure communications.

Paper Nr: 78
Title:

IEEE C37.118-2 Synchrophasor Communication Framework - Overview, Cyber Vulnerabilities Analysis and Performance Evaluation

Authors:

Rafiullah Khan, Kieran McLaughlin, David Laverty and Sakir Sezer

Abstract: Synchrophasors have become an important part of the modern power system and numerous applications have been developed covering wide-area monitoring, protection and control. Most applications demand continuous transmission of synchrophasor data across large geographical areas and require an efficient communication framework. IEEE C37.118-2 evolved as one of the most successful synchrophasor communication standards and is widely adopted. However, it lacks a predefined security mechanism and is highly vulnerable to cyber attacks. This paper analyzes different types of cyber attacks on IEEE C37.118-2 communication system and evaluates their possible impact on any developed synchrophasor application. Further, the paper also recommends an efficent security mechanism that can provide strong protection against cyber attacks. Although, IEEE C37.118-2 has been widely adopted, there is no clear understanding of the requirements and limitations. To this aim, the paper also presents detailed performance evaluation of IEEE C37.118-2 implementations which could help determine required resources and network characteristics before designing any synchrophasor application.

Paper Nr: 97
Title:

An Anonymous Geocast Scheme for ITS Applications

Authors:

Carsten Büttner and Sorin A. Huss

Abstract: We propose a novel anonymous geocast scheme for Intelligent Transportation System (ITS) applications. The main advantage of this scheme is that it allows an ITS Central Station (ICS) located in the Internet to send messages to all ITS Vehicle Stations (IVSs) subscribed to a specific ITS application and located in a certain geographic area. Thus, the messages are only distributed in the specified geographic area and not in a greater region. Furthermore, it preserves in comparison to the state of the art the privacy of the IVSs by minimizing the information about application subscriptions stored inside the network. When applying this scheme, no entity is able to exploit the ITS applications of an IVS. Moreover, no entity except the ICS provisioning the ITS application is able to exploit the IVSs subscribed to this service. We show how the proposed scheme can be integrated in mobile networks like Long Term Evolution (LTE) and networks consisting of ITS Roadside Stations (IRSs). Moreover, we compare it with the state of the art regarding the privacy of the IVSs, complexity of the scheme, scalability, supported networks, and whether the common requirements for ITS applications are fulfilled. In addition, a prototype applying the scheme for IRS networks is detailed. We demonstrate the feasibility of the proposed scheme by evaluating the implemented prototype in the context of real-world scenarios and hardware.

Short Papers
Paper Nr: 11
Title:

Improving Database Security in Web-based Environments

Authors:

Francesco Di Tria, Ezio Lefons and Filippo Tangorra

Abstract: In web applications, databases are generally used as data repositories, where a server-side program interacts with a Database Management System (DBMS), retrieves content, and dynamically generates web pages. This is known as a three-layer architecture, that is widely exposed to database threats. The attacks are usually performed through the injection of SQL code in the forms of the web applications, exploiting the dynamic construction of SQL statements. So, the database security relies on the quality of the code and the controls done by the web developer in the application level. In this paper, we present a solution for the improvement of security of databases accessed by web applications. The security is based on a user modelling approach that completely relies on the authorization mechanism of DBMSs.

Paper Nr: 12
Title:

Analysis of ISO 27001:2013 Controls Effectiveness for Cloud Computing

Authors:

Muhammad Imran Tariq and Vito Santarcangelo

Abstract: Cloud Computing provides a scalable, high availability and low cost services over the Internet. The advent of newer technologies introduces new risks and threats as well. Although the cloud has a very advanced structures and expansion of services, but security and privacy concerns have been creating obstacles for the enterprise to entirely shift to the cloud. Therefore, both service providers and clients should build an information security system and trust relationship with each other. In this research paper, we analysed most widely used international and industry standard (ISO/IEC 27001:2013) for information security to know its effectiveness for Cloud Organizations, each control importance factor for on-premises, IaaS, PaaS and SaaS, and identify the most suitable controls for the development of SLA based Information Security Metrics for each Cloud Service Model. We generically evaluated ibid standards control objectives without considering Cloud organization size, nature of work, enterprise size. To know effectiveness, relevance to Cloud Computing, factor of standard control objectives for the in-house or in a public cloud, we defined a quantitative metric. We come to the conclusion that ISO / IEC 27001:2013 compliance improves service providers and customer’s information security system and build a trust relationship but not fulfil all requirements and cover all relevant issues.

Paper Nr: 14
Title:

Mitigating Local Attacks Against a City Traffic Controller

Authors:

Nils Ulltveit-Moe, Steffen Pfrang, László Erdödi and Héctor Nebot

Abstract: This paper demonstrates how a local attack against a city traffic controller located in a public area can be detected and mitigated in a cost-effective way. This is done by applying a general security methodology, an architecture and a set of new and existing tools integrated by the PRECYSE EU-project. The traffic controller does not contain built-in security and is connected to an information panel which is used for displaying traffic messages. The proposed solution is integrated with the incident management system of the city traffic control centre. This allows for increasing the situation awareness about attacks, as well as supporting a workflow for restoring the attacked device to its normal state and ensuring attack investigation.

Paper Nr: 22
Title:

A Practical-time Attack on Reduced-round MISTY1

Authors:

Nobuyuki Sugio, Yasutaka Igarashi, Toshinobu Kaneko and Kenichi Higuchi

Abstract: MISTY1 is one of the symmetric key algorithms which have been standardized by ISO and that its modified version is used in GSM and 3G mobile network. MISTY1 is a 64-bit block cipher supporting key length of 128-bit. In this paper, we focused on evaluating the security of MISTY1 against higher order differential attack. We show 6-round MISTY1 with 4 FL layers is attackable with $2^{43}$ blocks of chosen plaintexts and $2^{43.31}$ times of data encryption.

Paper Nr: 23
Title:

The STRIDE Towards IPv6: A Comprehensive Threat Model for IPv6 Transition Technologies

Authors:

M. Georgescu, H. Hazeyama, T. Okuda, Y. Kadobayashi and S. Yamaguchi

Abstract: The IPv6 worldwide deployment rate is still a single figure. This is due to the many challenges introduced by the transition period through which both IPv4 and IPv6 will need to coexist. One of the biggest concerns related to the IPv6 transition is security, which is more difficult to ensure in a heterogeneous environment. To clarify the security threats introduced by IPv6 transition technologies, this article proposes a comprehensive threat model built around the established STRIDE approach. To verify the usefulness of the proposed model, a threat analysis of four generic categories of IPv6 transition technologies is performed. Existing and new threats are documented, classified and prioritized. To further validate some of the documented threats, preliminary penetration test data is presented.

Paper Nr: 24
Title:

Streamlining Extraction and Analysis of Android RAM Images

Authors:

Simon Broenner, Hans Höfken and Marko Schuba

Abstract: The Android operating system powers the majority of the world’s mobile devices and has been becoming increasingly important in day-to-day digital forensics. Therefore, technicians and analysts are in need of reliable methods for extracting and analyzing memory images from live Android systems. This paper takes different existing, extraction methods and derives a universal, reproducible, reliably documented method for both extraction and analysis. In addition the VOLIX II front-end for the Volatility Framework is extended with additional functionality to make the analysis of Android memory images easier for technically non-adept users.

Paper Nr: 40
Title:

Experimental Evaluation of Password Recovery in Encrypted Documents

Authors:

Radek Hranický, Petr Matoušek, Ondřej Ryšavý and Vladimír Veselý

Abstract: Many document formats and archiving tools (PDF, DOC, ZIP) support encryption to protect the privacy of sensitive contents of the documents. The encryption is based on standard cryptographic algorithms as AES, SHA, and RC4. For forensic purposes, investigators are often challenged to analyze these encrypted documents. The task of password recovery can be solved using exhaustive state space search using dictionaries or password generators augmented with heuristic rules to speed up recovery. In our experimental study, we focus on the password recovery of the common document and archiving formats using parallel computation on conventional hardware with multi-core CPUs or accelerated by GPU processors. We show how recovery time can be estimated based on the alphabet, maximal password length and the performance of a given hardware. Our results are demonstrated on Wrathion, a tool developed by our research team.

Paper Nr: 44
Title:

Trust-based Dynamic RBAC

Authors:

Tamir Lavi and Ehud Gudes

Abstract: A prominent feature of almost every computerized system is the presence of an access control module. The Role Based Access Control (RBAC) model is among the most popular in both academic research and in practice, within actual implementation of many applications and computer infrastructures. The RBAC model simplifies the way that a system administrator controls the assignment of permissions to individuals by assigning permissions to roles and roles to users. The growth in web applications which enable the access of world-wide and unknown users, expose these applications to various attacks. This led few researchers to suggest ways to incorporate trust within RBAC to achieve even better control over the assignment of users to roles, and permissions within roles, based on the user trust level. In this work, we present a new trust-based RBAC model which improves and refines the assignment of permissions to roles with awareness of the user trust and reputation. After describing the basic model, called TDRBAC for Trust-based Dynamic RBAC, we describe ways to deal with issues like privacy-preservation and delegation of roles with the consideration of user’s trust.

Paper Nr: 49
Title:

Truncated, Impossible, and Improbable Differential Analysis of ASCON

Authors:

Cihangir Tezcan

Abstract: Ascon is an authenticated encryption algorithm which is recently qualified for the second-round of the Competition for Authenticated Encryption: Security, Applicability, and Robustness. So far, successful differential, differential-linear, and cube-like attacks on the reduced-round Ascon are provided. In this work, we provide the inverse of Ascon's linear layer in terms of rotations which can be used for constructing impossible differentials. We show that Ascon's S-box contains 35 undisturbed bits and we use them to construct 4 and 5-round truncated, impossible, and improbable differential distinguishers. Our results include practical 4-round truncated, impossible, and improbable differential attacks on Ascon. Our best attacks using these techniques break 5 out of 12 rounds. These are the first successful truncated, impossible, and improbable differential attacks on the reduced-round Ascon.

Paper Nr: 59
Title:

An Expert System for Facilitating an Institutional Risk Profile Definition for Cyber Situational Awareness

Authors:

Roman Graf, Sergiu Gordea, Heather M. Ryan and Tibaut Houzanme

Abstract: Advances in cyber situational awareness technology lead to the creation of increasingly complex tools. Human analysts face challenges finding relevant information in large, complex data sets, when exploring data to discover patterns and insights. To be effective in identifying and defeating future cyber-attacks, cyber analysts require novel tools and models that can fill the gap between cyber data and situation comprehension. The research presented here is designed to develop a system that will warn a cyber analyst of file format endangerment that could impact cyber situational awareness. The expert system statistically determines an institutional risk profile based on collected expert knowledge in the form of risk profiles calculated by means of risk factors. The institutional risk profile indicates risks that could endanger digital content employed in analysis of cyber situational awareness. Based on the institutional risk profile, a cyber analyst can implement measures for stabilising and securing situational awareness. Each institution may have multiple risk profile definitions dependent on network, critical infrastructure, and the role of the cyber analyst. Another contribution relates to the provided support for visualisation and analysis of risk factors for individual dimensions. To facilitate decision-making, the aggregated information about the risk factors is presented as a multidimensional vector.

Paper Nr: 60
Title:

A Continuous LoA Compliant Trust Evaluation Method

Authors:

J. Hatin, E. Cherrier, J.-J. Schwartzmann, V. Frey and C. Rosenberger

Abstract: The trust provided by authentication systems is commonly expressed with a Level of Assurance (LoA see 3). If it can be considered as a first process to simplify the expression of trust during the authentication step, it does not handle all the aspects of the authentication mechanism and especially it fails to integrate continuous authentication systems. In this paper, we propose a model based on the Dempster Shafer theory to merge continuous authentication system with more traditional static authentication scheme and to assign a continuous trust level to the current LoA. In addition, this method is proved to be compliant with the LoA frameworks.

Paper Nr: 61
Title:

Linear(hull) Cryptanalysis of Round-reduced Versions of KATAN

Authors:

Danping Shi, Lei Hu, Siwei Sun and Ling Song

Abstract: KATAN is a family of block ciphers published at CHES 2009. Based on the Mixed-integer linear programming(MILP) technique, we propose the first third-party linear cryptanalysis on KATAN. Furthermore, we evaluate the security of KATAN against the linear attack without ignoring the dependence of the input bits of the 2 × 1 S-box(the AND operation). Note that in previous analysis, the dependence is not considered, and therefore the previous results are not accurate. Furthermore, the mounted 131/120-round attack on KATAN32/48 respectively by our 84/90-round linear hull is the best single-key known-plaintext attack. In addition, a best 94-round linear hull attack is mounted on KATAN64 by our 76-round linear hull.

Paper Nr: 63
Title:

Whispers in the Cloud - A Covert Channel using the Result of Creating a Virtual Machine

Authors:

Cong Li, Qingni Shen, Kang Chen, Yahui Yang and Zhonghai Wu

Abstract: With the widespread use of cloud computing, people pay more attention to the security of cloud platforms. For the case of some clouds, users are permitted to use the services, but they cannot communicate with each other in the same cloud. In this paper, we present a new kind of user-level covert channel which we called CCRCVM (Covert Channel using the Result of Creating a Virtual Machine). This covert channel exists in OpenStack, which we have confirmed. This covert channel takes advantage of the result of creating a virtual machine to make the users communicate. First of all, we describe the threat scenario of this covert channel. Then, we describe the theory and communication process of the covert channel. Afterwards, we implement the covert channel in our own OpenStack environment. We also measure the bandwidth and communication accuracy of this covert channel in many times. Finally, we discuss how to mitigate and eliminate this channel.

Paper Nr: 64
Title:

A Quantitative Methodology for Security Risk Assessment of Enterprise Business Processes

Authors:

Jaya Bhattacharjee, Anirban Sengupta and Chandan Mazumdar

Abstract: Business processes help to realize the business objectives of an enterprise. Security breach of business processes may lead to un-fulfillment of objectives, loss of revenue, and possible shutdown of the corresponding business venture. Hence, it is important to ensure that the security properties of critical business processes are protected from attacks and failures. Effective protection mechanisms can be designed only after identifying security risks to business processes. However, existing methodologies mostly focus on the detection of risks to individual hardware, software, network and information assets. They do not cater to risks that are specific to business processes. This paper attempts to address this gap in research by describing a technique for identifying the components of a business process and quantitatively assessing their security risks.

Paper Nr: 65
Title:

3-Out-of-n Cheating Prevention Visual Cryptographic Schemes

Authors:

Ching-Nung Yang, Stelvio Cimato, Jihi-Han Wu and Song-Ruei Cai

Abstract: In literature, (2, n) cheating prevention visual cryptographic schemes (CPVCSs) have been proposed, dealing with the case of dishonest participants, called cheaters, who can collude together to force honest participants to reconstruct a wrong secret. While (2, n)-CPVCSs resistant to deterministic cheating have been presented, the problem of defining (k, n)-CPVCS for any k has not been solved. In this paper, we discuss (3, n)-CPVCS, and propose three (3, n)-CPVCSs with different cheating prevention capabilities. To show the effectiveness of the presented (3, n)-CPVCS, some experimental results are discussed as well.

Paper Nr: 66
Title:

Characterization of Encrypted and VPN Traffic using Time-related Features

Authors:

Gerard Draper-Gil, Arash Habibi Lashkari, Mohammad Saiful Islam Mamun and Ali A. Ghorbani

Abstract: Traffic characterization is one of the major challenges in today’s security industry. The continuous evolution and generation of new applications and services, together with the expansion of encrypted communications makes it a difficult task. Virtual Private Networks (VPNs) are an example of encrypted communication service that is becoming popular, as method for bypassing censorship as well as accessing services that are geographically locked. In this paper, we study the effectiveness of flow-based time-related features to detect VPN traffic and to characterize encrypted traffic into different categories, according to the type of traffic e.g., browsing, streaming, etc. We use two different well-known machine learning techniques (C4.5 and KNN) to test the accuracy of our features. Our results show high accuracy and performance, confirming that time-related features are good classifiers for encrypted traffic characterization.

Paper Nr: 74
Title:

A New Approach for Electronic Signature

Authors:

Gianluca Lax, Francesco Buccafurri, Serena Nicolazzo, Antonino Nocera and Lidia Fotia

Abstract: There are many application contexts in which guaranteeing authenticity and integrity of documents is essential. In these cases, the typical solution relies on digital signature, which is based on the use of a PKI infrastructure and suitable devices (smart card or token USB). For several reasons, including certificate and device cost, many countries, such as the United States, the European Union, India, Brazil and Australia, have introduced the possibility to use simple generic electronic signature, which is less secure but reduces the drawbacks of digital signature. In this paper, we propose a new type of electronic signature that is based on the use of social networks. We formalize the proposal in a generic scenario and, then, show a possible implementation on Twitter. Our proposal is proved to be secure, cheap and simple to adopt.

Paper Nr: 80
Title:

Contextual Intrusion Alerts for Scada Networks - An Ontology based Approach for Intrusion Alerts Post Processing

Authors:

Abdullah Al Balushi, Kieran McLaughlin and Sakir Sezer

Abstract: The complexity of modern SCADA networks and their associated cyber-attacks requires an expressive but flexible manner for representing both domain knowledge and collected intrusion alerts with the ability to integrate them for enhanced analytical capabilities and better understanding of attacks. This paper proposes an ontology-based approach for contextualized intrusion alerts in SCADA networks. In this approach, three security ontologies were developed to represent and store information on intrusion alerts, Modbus communications, and Modbus attack descriptions. This information is correlated into enriched intrusion alerts using simple ontology logic rules written in Semantic Query-Enhanced Web Rules (SQWRL). The contextualized alerts give analysts the means to better understand evolving attacks and to uncover the semantic relationships between sequences of individual attack events. The proposed system is illustrated by two use case scenarios.

Paper Nr: 83
Title:

Characterizing SEAndroid Policies in the Wild

Authors:

Elena Reshetova, Filippo Bonazzi, Thomas Nyman, Ravishankar Borgaonkar and N. Asokan

Abstract: Starting from the 5.0 Lollipop release all Android processes must be run inside confined SEAndroid access control domains. As a result, Android device manufacturers were compelled to develop SEAndroid expertise in order to create policies for their device-specific components. In this paper we analyse SEAndroid policies from a number of 5.0 Lollipop devices on the market, and identify patterns of common problems we found. We also suggest some practical tools that can improve policy design and analysis. We implemented the first of such tools, SEAL.

Paper Nr: 90
Title:

Declassification of Information with Complex Filter Functions

Authors:

Kurt Stenzel, Kuzman Katkalov, Marian Borek and Wolfgang Reif

Abstract: Many applications that handle private or confidential data release part of this data in a controlled manner through filter functions. However, it can be difficult to reason formally about exactly what or how much information is declassified. Often, anonymity is measured by reasoning about the equivalence classes of all inputs to the filter that map to the same output. An observer or attacker that sees the output of the filter then only knows that the secret input belongs to one of these classes, but not the exact input. We propose a technique suitable for complex filter functions together with a proof method, that additionally can provide meaningful guarantees. We illustrate the technique with a DistanceTracker app in a leaky and a non-leaky version.

Paper Nr: 93
Title:

A Threat Analysis Model for Identity and Access Management

Authors:

Nadia Jemil Abdu and Ulrike Lechner

Abstract: Cyber attacks as a threat to business and national security have become concerns to organizations and governments. Potential impacts of attacks are financial loss, fraud, reputation damage, and legal costs. Identification of security threats is part of securing information systems as it involves identifying threats and challenges which need to be addressed by implementing appropriate countermeasures and realistic security requirements. Our study focuses on threat analysis and modeling for digital identities and identity management within and across complex and networked systems. Further, a preliminary version of a reference threat analysis model that supports threat analysis for identity management is proposed and discussed in this paper.

Paper Nr: 95
Title:

A Pragmatic System-failure Assessment and Response Model

Authors:

Jassim Happa, Graham Fairclough, Jason R. C. Nurse, Ioannis Agrafiotis, Michael Goldsmith and Sadie Creese

Abstract: Several attack models exist today that attempt to describe cyber-attacks to varying degrees of granularity. Fast and effective decision-making during cyber-attacks is often vital, especially during incidents in which reputation, finance and physical damage can have a crippling effect on people and organisations. Such attacks can render an organisation paralysed, and it may cease to function, we refer to such an incident as a “System Failure”. In this paper we propose a novel conceptual model to help analysts make pragmatic decisions during a System Failure. Our model distils the essence of attacks and provides an easy-to-remember framework intended to help analysts ask relevant questions at the right time, irrespective of what data is available to them. Using abstraction-based reasoning our model allows enterprises to achieve “some” situational awareness during a System Failure, but more importantly, enable them to act upon their understanding and to justify their decisions. Abstraction drives the reasoning process making the approach relevant today and in the future, unlike several existing models that become deprecated over time (as attacks evolve). In the future, it will be necessary to trial the model in exercises to assess its value.

Paper Nr: 96
Title:

Understanding the Impact of Cyber Security Risks on Safety

Authors:

Christine Izuakor

Abstract: To date, cyber security risk management has focused on preservation of information security through protection of confidentiality, integrity, and availability (CIA). The growing use of cyber technology in safety intensive organizations has posed a challenge for those trying to understand the impacts cyber security risks have on safety. This knowledge gap slows progress towards InfoSec maturity and puts organizations and stakeholders at greater risk. For example, e-enabled aircraft now rely heavily on cyber resources, yet cyber security analysis in aviation usually focuses on CIA of information to prevent economic loss. What happens when a malicious attacker successfully exploits cyber aircraft vulnerabilities? This can potentially downgrade critical functions and result in injury or loss of life. To better understand the impacts of cyber risk on safety, the CIA information security triad should expand beyond its current focus to also consider safety.

Paper Nr: 99
Title:

A Statistical Approach to the Detection of HTML Attribute Permutation Steganography

Authors:

Sedeeq Iman, Coenen Frans and Lisitsa Alexei

Abstract: A mechanism for monitoring WWW pages to identify the presence (or otherwise) of attribute permutation steganography is presented. The proposed mechanism is based on a statistical approach, more specifically an attribute position Standard Deviation (SD) measure is used to detect the modification of attribute locations within webpages. The monitoring of web pages involves usage of a SD threshold. The determination of this threshold involves a training process using seeded training data. Once a threshold has been learnt monitoring can be commenced. An evaluation of the process is presented indicating that the attribute position SD concept can be successfully used to monitor web pages for attribute permutation steganography.

Paper Nr: 100
Title:

A Cyberthreat Search Process and Service

Authors:

Yogesh Bhanu, Sebastian Dännart, Henning von Kielpinski, Alexander Laux, Ulrike Lechner, Tobias Lehmann, Andreas Rieb, Martin Riedl and Florian Wolf

Abstract: Searching for IT-Security related information should be a standardized and/or partially automated process. This position paper presents a literature review that depicts a reference process design and the design of a tool to support search and analysis of IT-security related information.

Paper Nr: 101
Title:

Collateral Damage of Online Social Network Applications

Authors:

Iraklis Symeonidis, Pagona Tsormpatzoudi and Bart Preneel

Abstract: Third party application providers in Online Social Networks can collect personal data of users through their friends without the user’s awareness. In some cases, one or more application providers may own several applications and thus the same provider may collect an excessive amount of personal data, which creates a serious privacy risk. Previous research has developed methods to quantify privacy risks in Online Social Networks. However, most of the existing work does not focus on the issues of personal data disclosure via the user’s friends applications and application providers. The aim of this paper is to investigate the need for solutions that can compute privacy risk related to applications and application providers. In this work we perform a legal and technical analysis of the privacy threats stemming from the collection of personal data by third parties when applications are installed by the user’s friends. Particularly, we examine the case of Facebook as it is the most popular Online Social Network nowadays.

Paper Nr: 102
Title:

Identification of Android Malware Families with Model Checking

Authors:

Pasquale Battista, Francesco Mercaldo, Vittoria Nardone, Antonella Santone and Corrado Aaron Visaggio

Abstract: Android malware is increasing more and more in complexity. Current signature based antimalware mechanisms are not able to detect zero-day attacks, also trivial code transformations may evade detection. Malware writers usually add functionality to existing malware or merge different pieces of malware code: this is the reason why Android malware is grouped into families, i.e., every family has in common the malicious behavior. In this paper we present a model checking based approach in detecting Android malware families by means of analysing and verifying the Java Bytecode that is produced when the source code is compiled. A preliminary investigation has been also conducted to assess the validity of the proposed approach.

Posters
Paper Nr: 18
Title:

Evaluation of the CORAL Approach for Risk-driven Security Testing based on an Industrial Case Study

Authors:

Gencer Erdogan, Ketil Stølen and Jan Øyvind Aagedal

Abstract: The CORAL approach is a model-based method to security testing employing risk assessment to help security testers select and design test cases based on the available risk picture. In this paper we present experiences from using CORAL in an industrial case. The results indicate that CORAL supports security testers in producing risk models that are valid and threat scenarios that are directly testable. This, in turn, helps testers to select and design test cases according to the most severe security risks posed on the system under test.

Paper Nr: 20
Title:

Risk Management for Dynamic Metadata Exchange via a Trusted Third Party

Authors:

Daniela Pöhn

Abstract: Inter-organizational access to IT services based on the predominant standard of Federated Identity Management (FIM), the Security Assertion Markup Language (SAML), suffers from scalability issues related to metadata exchange. In order to overcome these issues, an approach for automated metadata exchange between Identity Provider (IDP) and Service Provider (SP) via a Trusted Third Party (TTP) is presented in this article. Based on the architecture, risk management with threats and counter measures is applied by using a risk management template. Special emphasis is put on the secure design of the automated metadata exchange.

Paper Nr: 31
Title:

Interaction-based Reputation Model in Online Social Networks

Authors:

Izzat Alsmadi, Dianxiang Xu and Jin-Hee Cho

Abstract: Due to the proliferation of using various online social media, individual users put their privacy at risk by posting and exchanging enormous amounts of messages or activities with other users. This causes a serious concern about leaking private information out to malevolent entities without users’ consent. This work proposes a reputation model in order to achieve efficient and effective privacy preservation in which a user’s reputation score can be used to set the level of privacy and accordingly to determine the level of visibility for all messages or activities posted by the users. We derive a user’s reputation based on both individual and relational characteristics in online social network environments. We demonstrate how the proposed reputation model can be used for automatic privacy assessment and accordingly visibility setting for messages / activities created by a user.

Paper Nr: 34
Title:

Multi-factor Authentication Updating System Evaluation Dynamically for Service Continuity

Authors:

Hiroya Susuki, Rie Shigetomi Yamaguchi and Shizuo Sakamoto

Abstract: In response to changes in security environments, an authentication framework has an important role for service continuity, which can evaluate both of security and usability and handle authentication methods. If the service provider cannot respond to problems such as new attacks immediately, the service must be stopped. In this paper, we propose a multi-factor authentication framework using a probabilistic evaluation method considering service continuity. Our framework includes a formal theoretical model, based on Bayesian approach, to be dynamically updated to use appropriate combinations of authentication factors in response to changes in the security environment. The model is important because it forms the basis on which the real-world systems is able to be evaluated security immediately and responded to weak factor.

Paper Nr: 35
Title:

An Observe-and-Detect Methodology for the Security and Functional Testing of Smart Card Applications

Authors:

Germain Jolly, Sylvain Vernois and Christophe Rosenberger

Abstract: Smart cards are tamper resistant devices but vulnerabilities are sometimes discovered. We address in this paper the security and the functional testing of embedded applications in smart cards. We propose an original methodology for the evaluation of applications and we show its benefit by comparing it to a classical certification process. The proposed method is based on the observation of the APDU (Application Protocol Data Unit) communication with the smart card. Some specific properties are verified as a complementary method in the evaluation process and allows the on-the-fly detection of an anomaly and the reasons that triggered this anomaly during the test. Here are presented two uses of this method: a simple use to illustrate the use of properties to verify an implementation of an application and a more complex illustration by applying the fuzzing method to show what we can obtain with the proposed approach, i.e. an analysis of an anomaly.

Paper Nr: 38
Title:

Detecting Botnets using a Collaborative Situational-aware IDPS

Authors:

M. Lisa Mathews, Anupam Joshi and Tim Finin

Abstract: Botnet attacks turn susceptible victim computers into bots that perform various malicious activities while under the control of a botmaster. Some examples of the damage they cause include denial of service, click fraud, spamware, and phishing. These attacks can vary in the type of architecture and communication protocol used, which might be modified during the botnet lifespan. Intrusion detection and prevention systems are one way to safeguard the cyber-physical systems we use, but they have difficulty detecting new or modified attacks, including botnets. Only known attacks whose signatures have been identified and stored in some form can be discovered by most of these systems. Also, traditional IDPSs are point-based solutions incapable of utilizing information from multiple data sources and have difficulty discovering new or more complex attacks. To address these issues, we are developing a semantic approach to intrusion detection that uses a variety of sensors collaboratively. Leveraging information from these heterogeneous sources leads to a more robust, situational-aware IDPS that is better equipped to detect complicated attacks such as botnets.

Paper Nr: 43
Title:

Tracking Explicit and Control Flows in Java and Native Android Apps Code

Authors:

Mariem Graa, Nora Cuppens-Boulahia, Frédéric Cuppens and Jean-Louis Lanet

Abstract: The native app development is increased in Android systems to implement CPU-intensive applications such as game engines, signal processing, and physics simulation. However, native code analysis is very difficult and requires a lot of time which explains the limited number of systems that track information flow in native libraries. But, none of them detects the sensitive information leakage through control flows at native level. In this paper, we combine dynamic and static taint analysis to propagate taint along control dependencies. Our approach has proven to be effective in analyzing several malicious Android applications that invoke native librairies with reasonable performance overheads.

Paper Nr: 54
Title:

Review Analysis of Properties for an Ideal Secure Biometric Template Scheme

Authors:

Phiwa Mzila

Abstract: With new advances in technologies, biometrics is becoming emerging technology for verification and authentication of individuals. However, the storage of biometric templates still needs necessary attention since it poses major threats to user privacy and system security. To mitigate this problem, various biometric protection techniques have been proposed. Most of these schemes aim to satisfy diversity, revocability, security and performance properties, as requirements for ideal secured biometric template storage. Conventionally, priority is given to robustness of biometric system in terms of its accuracy, and high performance with regards to matching and recognition rate. Little attention is payed to user privacy and system security. In this paper, existing work in biometric template protection schemes are reviewed, analysed, and compared with reference to properties of an ideal biometric secured template system. The question of properties needed for a complete and ideal biometric secured template system is beyond the scope of this research.

Paper Nr: 56
Title:

A Brief Overview of Hybrid Schemes for Biometric Fingerprint Template Security

Authors:

Edwin T. L. Rampine and Cynthia H. Ngejane

Abstract: Biometric systems are vastly adopted and consolidated into various information and security systems. Hence, it is vital that these biometrics-based systems be immune to attacks. Fingerprint template protection is a critical part of fingerprint based biometric systems. A significant number of fingerprint template protection schemes have been published. However, none of the existing protection schemes can satisfy all security requirements for template protection. Hence more researchers are combining these single schemes to create more robust hybrid schemes. In this paper we present an overview of some of the various proposed hybrid schemes for fingerprint template security. We also present their general performance results. Our goal is to briefly report on this growing interest in creating a fully secure biometric hybrid scheme, and show some of the proposed solutions in the literature so far.

Paper Nr: 62
Title:

A Privacy Threat for Internet Users in Internet-censoring Countries

Authors:

Feno Heriniaina R.

Abstract: Online surveillance has been increasingly used by different governments to control the spread of information on the Internet. The magnitude of this activity differs widely and is based primarily on the areas that are deemed, by the state, to be critical. Aside from the use of keywords and the complete domain name filtering technologies, Internet censorship can sometimes even use the total blocking of IP addresses to censor content. Despite the advances, in terms of technology used for Internet censorship, there are also different types of circumvention tools that are available to the general public. In this paper, we report the results of our investigation on how migrants who previously had access to the open Internet behave toward Internet censorship when subjected to it. Four hundred and thirty-two (432) international students took part in the study that lasted two years. We identified the most common circumvention tools that are utilized by the foreign students in China. We investigated the usability of these tools and monitored the way in which they are used. We identified a behaviour-based privacy threat that puts the users of circumvention tools at risk while they live in an Internet-censoring country. We also recommend the use of a user-oriented filtering method, which should be considered as part of the censoring system, as it enhances the performance of the screening process and recognizes the real needs of its users.

Paper Nr: 69
Title:

High-Performance FPGA Implementation of Elliptic Curve Cryptography Processor over Binary Field GF(2^163)

Authors:

Md Selim Hossain, Ehsan Saeedi and Yinan Kong

Abstract: Elliptic curve cryptography (ECC) plays a vital role in pass secure information among different wireless devices. This paper presents a fast, high-performance hardware implementation of an ECC processor over binary field GF(2^m) using a polynomial basis. A high-performance elliptic curve point multiplier (ECPM) is designed using an efficient finitefield arithmetic unit in affine coordinates, where ECPM is the key operation of an ECC processor. It has been implemented using the National Institute of Standards and Technology (NIST) recommended curves over the field GF(2^163). The proposed design is synthesized in field-programmable gate array (FPGA) technology with the VHDL. The delay of ECPM in a modern Xilinx Kintex-7 (28-nm) technology is 1.06 ms at 306.48 MHz. The proposed ECC processor takes a small amount of resources on the FPGA and needs only 2253 slices without using any DSP slices. The proposed design provides nearly 50% better delay performance than recent implementations.

Paper Nr: 71
Title:

Sift - An Efficient Method for Co-residency Detection on Amazon EC2

Authors:

Kang Chen, Qingni Shen, Cong Li, Yang Luo, Yahui Yang and Zhonghai Wu

Abstract: Cloud computing, an emerging computing and service paradigm, where the computing and storage capabilities are outsourced on demand, offers the advanced capabilities of sharing and multi-tenancy. But security has been a major barrier for its adoption to enterprise, as being placed with other tenants on the same physical machine (i.e. co-residency or co-location) poses a particular risk. Former research has shown how side channels in shared hardware may enable attackers to exfiltrate sensitive data across virtual machines (VMs). In view of such risks, tenants need to be able to verify physical isolation of their VMs. This paper presents Sift, an efficient and reliable approach for co-residency detection. Through a pre-filtration procedure, the time for co-residency detection could be significantly reduced. We describe the cloud scenarios envisaged for use of Sift and the accompanying threat model. A preliminary validation of Sift has been carried out in a local lab Xen virtualization experimental platform. Then, using the Amazon’s Elastic Compute Cloud (EC2) as the test platform, we evaluate its practicability in production cloud environment. It appears that Sift can confirm co-residency with a target VM instance in less than 5 seconds with an extremely low false rate.

Paper Nr: 72
Title:

A Construction of a Twisted Ate Pairing on a Family of Kawazoe-Takahashi Curves at 192-bit Security Level and Its Cost Estimate

Authors:

Masahiro Ishii, Atsuo Inomata and Kazutoshi Fujikawa

Abstract: Recently, there were major breakthroughs in computing DL in finite fields of small characteristics, as a result the symmetric pairings which is defined by using such finite fields became unsuitable for cryptography. This research aims to reveal a more efficient construction of pairings on hyperelliptic curves of genus 2, in the beginning, we focus on the ordinary genus 2 curves and the optimal pairing algorithms at high (192-bit) security level on such curves. In this paper, we show the method to construct optimal pairings over the family of pairing-friendly curves of genus 2 by Kawazoe and Takahashi and offered a twisted version of Ate pairing. We then provide the cost estimates to compare with the result of the pairings on elliptic curve at same security level.

Paper Nr: 75
Title:

Fault-tolerant Distributed Continuous Double Auctioning on Computationally Constrained Microgrids

Authors:

Anesu M. C. Marufu, Anne V. D. M. Kayem and Stephen Wolthusen

Abstract: In this article we show that a mutual exclusion protocol supporting continuous double auctioning for power trading on computationally constrained microgrid can be fault tolerant. Fault tolerance allows the CDA algorithm to operate reliably and contributes to overall grid stability and robustness. Contrary to fault tolerance approaches proposed in the literature which bypass faulty nodes through a network reconfiguration process, our approach masks crash failures of cluster head nodes through redundancy. Masking failure of the main node ensures the dependent cluster nodes hosting trading agents are not isolated from auctioning. A rendundant component acts as a backup which takes over if the primary components fails, allowing for some fault tolerance and a graceful degradation of the network. Our proposed fault-tolerant CDA algorithm has a complexity of O(N) time and a check-pointing message complexity of O(W). N is the number of messages exchanged per critical section. W is the number of check-pointing messages.

Paper Nr: 81
Title:

Modelling Duqu 2.0 Malware using Attack Trees with Sequential Conjunction

Authors:

Peter Maynard, Kieran McLaughlin and Sakir Sezer

Abstract: In this paper we identify requirements for choosing a threat modelling formalisation for modelling sophisticated malware such as Duqu 2.0. We discuss the gaps in current formalisations and propose the use of Attack Trees with Sequential Conjunction when it comes to analysing complex attacks. The paper models Duqu 2.0 based on the latest information sourced from formal and informal sources. This paper provides a well structured model which can be used for future analysis of Duqu 2.0 and related attacks.

Paper Nr: 82
Title:

Collaborative Information Service - Privacy Algebra for User Defined Security

Authors:

Asim K. Pal, Subrata Bose and Arpita Maitra

Abstract: With the increased activity over the internet and globalization of the market economy collaborative computing becomes an important area of research. Security is an increasing concern because of chances of malicious elements breaching the network of collaborating partners. Further the level of mutual belief among the collaborators would not be identical and may change with experience. Thus the concept of user defined flexible security requirements arose. The idea of user defined privacy template was brought in IRaaS (Information Retrieval as a Service) (Pal and Bose 2013) which is a flexible system of information services to customers who seek information from various sources through a service provider. The idea was further extended to CIS (Collaborative Information Service) (Pal and Bose 2016) which provides a framework for general information exchange activities (not restricted to retrievals only) for a set of collaborating partners. The current work extends CIS by introducing privacy algebra to be applied on templates to get a concise expression of privacy restrictions. CIS is a step towards a privacy aware collaborative computing problem.

Paper Nr: 98
Title:

Internet Streaming and Network Neutrality: Comparing the Performance of Video Hosting Services

Authors:

Alessio Botta, Aniello Avallone, Mauro Garofalo and Giorgio ventre

Abstract: Network neutrality is a hot topic since a few years and involves different aspects of interest (e.g. economic, regulatory and privacy) for a wide range of stakeholders, including policy makers, researchers, economists, and service providers. When referring to video streaming, a killer web service of the Internet, much has been discussed regarding if and how video providers violate or may violate neutrality principles, in order to give users a “better” service compared to other services or to other providers. In this paper we provide a contribution to this discussion analyzing the performance of three main video hosting providers (i.e. YouTube, Vimeo, and Dailymotion) from an user viewpoint. We measure the throughput and RTT experienced by users watching real videos of different popularity, at different day hours and at several locations from around the world. We uncover the performance differences of these providers as a function of the different variables under control and move a step forward to understand what causes such differences. Our results allow to understand what are the real performance users currently get from these providers and if the performance differences observed can be due or to considered as a violation of network neutrality principles, providing a ground for people interested in legal and regulatory issues of web applications and services.

Paper Nr: 103
Title:

Lightweight Trust Model with High Longevity for Wireless Sensor Networks

Authors:

Hela Maddar, Wafa Kammoun, Omar Cheikhrouhou and Habib Youssef

Abstract: Due to their inherent features Wireless Sensor Networks (WSNs) are vulnerable to many security threats. Moreover, traditional security mechanisms cannot be directly used in WSNs as they present constrained resources in terms of communication, computation and energy. Trust management models have recently been suggested as an effective security mechanism for WSNs. The already found solutions are very expensive in terms of energy and memory, which seriously affects the lifetime of such networks. In this paper, we will present a lightweight trust management model, which guarantees the reliability and robustness of the network, seeking to increase its lifetime compared to existing models.

Paper Nr: 104
Title:

Predicting Attack Prone Software Components using Repository Mined Change Metrics

Authors:

Daniel Hein and Hossein Saiedian

Abstract: Identification of attack-prone entities is a crucial step toward improving the state of information security in modern software based systems. Recent work in the fields of empirical software engineering and defect prediction show promise toward identifying and prioritizing attack prone entities using information extracted from software version control repositories. Equipped with knowledge of the most vulnerable entities, organizations can efficiently allocate resources to more effectively leverage secure software development practices, isolating and expunging vulnerabilities before they are released in production products. Such practices include security reviews, automated static analysis, and penetration testing, among others. Efficiently focusing secure development practices on entities of greatest need can help identify and eliminate vulnerabilities in a more cost effective manner when compared to wholesale application for large products.