1.
EB
Kudakwashe Dube, Sushil Jajodia, Fredrick Mtenzi, Charles A. Shoniregun
出版情報:
Springer eBooks Computer Science , Springer US, 2010
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Preface
Introduction
Healthcare Information Security Standards, Legislation and Technologies
Security, Privacy and Confidentiality for Healthcare Information
Security, Privacy and Confidentiality in Healthcare Systems
Security Framework and Model for Healthcare Information Management
Evaluation of Security Models and Frameworks for in Healthcare Information
Discussion and Conclusion
References
Index
Preface
Introduction
Healthcare Information Security Standards, Legislation and Technologies
2.
EB
Ozgur Akan, Paolo Bellavista, Sushil Jajodia, Jianying Zhou
出版情報:
Springer eBooks Computer Science , Springer Berlin Heidelberg, 2010
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Malware and Email Security
SAS: Semantics Aware Signature Generation for Polymorphic Worm Detection / Deguang Kong ; Yoon-Chan Jhi ; Tao Gong ; Sencun Zhu ; Peng Liu ; Hongsheng Xi
Analyzing and Exploiting Network Behaviors of Malware / Jose Andre Morales ; Areej Al-Bataineh ; Shouhuai Xu ; Ravi Sandhu
Inexpensive Email Addresses An Email Spam-Combating System / Aram Yegenian ; Tassos Dimitriou
Anonymity and Privacy
Privacy Administration in Distributed Service Infrastructure / Nabil Ajam ; Nora Cuppens-Boulahia ; Frederic Cuppens
On the Formation of Historically k-Anonymous Anonymity Sets in a Continuous LBS / Rinku Dewri ; Indrakshi Ray ; Indrajit Ray ; Darrell Whitley
Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings / Ming Li ; Shucheng Yu ; Kui Ren ; Wenjing Lou
Wireless Security
A Study on False Channel Condition Reporting Attacks in Wireless Networks / Dongho Kim ; Yih-Chun Hu
Characterizing the Security Implications of Third-Party Emergency Alert Systems over Cellular Text Messaging Services / Patrick Traynor
Saving Energy on WiFi with Required IPsec / Youngsang Shin ; Steven Myers ; Minaxi Gupta
Systems Security - I
Transparent Protection of Commodity OS Kernels Using Hardware Virtualization / Michael Grace ; Zhi Wang ; Deepa Srinivasan ; Jinku Li ; Xuxian Jiang ; Zhenkai Liang ; Siarhei Liakh
A Generic Construction of Dynamic Single Sign-on with Strong Security / Jinguang Han ; Yi Mu ; Willy Susilo ; Jun Yan
DeCore: Detecting Content Repurposing Attacks on Client' Systems / Smitha Sundareswaran ; Anna C. Squicciarini
Network Security - I
Realizing a Source Authentic Internet / Toby Ehrenkranz ; Jun Li ; Patrick McDaniel
Partial Deafness: A Novel Denial-of-Service Attack in 802.11 Networks / Jihyuk Choi ; Jerry T. Chiang
Attacking Beacon-Enabled 802.15.4 Networks / Sang Shin Jung ; Marco Valero ; Anu Bourgeois ; Raheem Beyah
Supporting Publication and Subscription Confidentiality in Pub/Sub Networks / Mihaela Ion ; Giovanni Russello ; Bruno Crispo
Security Protocols - I
Impossibility of Finding Any Third Family of Server Protocols Integrating Byzantine Quorum Systems with Threshold Signature Schemes / Luciana Marconi ; Mauro Conti ; Roberto Di Pietro ; Jingqiang Lin ; Jiwu Jing ; Qiongxiao Wang
Context-Aware Usage Control for Android / Guangdong Bai ; Liang Gu ; Tao Feng ; Yao Guo ; Xiangqun Chen
System Security - II
Efficient Isolation of Trusted Subsystems in Embedded Systems / Raoul Strackx ; Frank Piessens ; Bart Preneel
Enhancing Host Security Using External Environment Sensors / Ee-Chien Chang ; Liming Lu ; Yongzheng Wu ; Roland H.C. Yap ; Jie Yu
FADE: Secure Overlay Cloud Storage with File Assured Deletion / Yang Tang ; Patrick P.C. Lee ; John C.S. Lui ; Radia Perlman
Security Protocols - II
A New Information Leakage Measure for Anonymity Protocols / Sami Zhioua
Hidden Markov Models for Automated Protocol Learning / Sean Whalen ; Matt Bishop ; James P. Crutchfield
Epistemic Model Checking for Knowledge-Based Program Implementation: An Application to Anonymous Broadcast / Omar I. Al-Bataineh ; Ronr van der Meyden
Network Security - II
Surveying DNS Wildcard Usage among the Good, the Bad, and the Ugly / Andrew Kalafut ; Pairoj Rattadilok ; Pragneshkumar Patel
The Hitchhiker's Guide to DNS Cache Poisoning / Sooel Son ; Vitaly Shmatikou
A Formal Definition of Online Abuse-Freeness / Ralf Küsters ; Henning Schnoor ; Tomasz Truderung
Author Index
Malware and Email Security
SAS: Semantics Aware Signature Generation for Polymorphic Worm Detection / Deguang Kong ; Yoon-Chan Jhi ; Tao Gong ; Sencun Zhu ; Peng Liu ; Hongsheng Xi
Analyzing and Exploiting Network Behaviors of Malware / Jose Andre Morales ; Areej Al-Bataineh ; Shouhuai Xu ; Ravi Sandhu
3.
EB
Sushil Jajodia, Anup K. Ghosh, Vipin Swarup, Cliff Wang, X. Sean Wang
出版情報:
Springer eBooks Computer Science , Springer New York, 2011
子書誌情報:
loading…
所蔵情報:
loading…
4.
EB
Henk C. A. van Tilborg, Sushil Jajodia
出版情報:
Springer eBooks Computer Science , Springer US, 2011
子書誌情報:
loading…
所蔵情報:
loading…
5.
EB
Sushil Jajodia, Anup K. Ghosh
出版情報:
Springer eBooks Computer Science , Springer New York, 2013
子書誌情報:
loading…
所蔵情報:
loading…
6.
EB
Stefano Spaccapietra, Elisa Bertino, Sushil Jajodia, Takeo Kanade, Roger King, Dennis McLeod, Maria E. Orlowska, S. Spaccapietra, Leon Strous, Roger B. King
出版情報:
Springer eBooks Computer Science , Springer Berlin / Heidelberg, 2005
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
International Conference on Ontologies, DataBases, and Applications of Semantics for Large Scale Information Systems (ODBase 2003)
Incrementally Maintaining Materializations of Ontologies Stored in Logic Databases / Raphael Volz ; Steffen Staab ; Boris Motik
Ontology Translation on the Semantic Web / Dejing Dou ; Drew McDermott ; Peishen Qi
Compound Term Composition Algebra: The Semantics / Yannis Tzitzikas ; Anastasia Analyti ; Nicolas Spyratos
Dynamic Pattern Mining: An Incremental Data Clustering Approach / Seokkyung Chung ; Dennis McLeod
International Conference on Cooperative Information Systems (CoopIS 2003)
A Knowledge Network Approach for Implementing Active Virtual Marketplaces / Minsoo Lee ; Stanley Y.W. Su ; Herman Lam
Stream Integration Techniques for Grid Monitoring / Andy Cooke ; Alasdair J.G. Gray ; Werner Nutt
6th IFIP TC 11 WG 11.5 Working Conference on Integrity and Internal Control in Information Systems (IICIS 2003)
Information Release Control: A Learning-Based Architecture / Claudio Bettini ; X. Sean Wang ; Sushil Jajodia
Enforcing Semantics-Aware Security in Multimedia Surveillance / Naren Kodali ; Csilla Farkas ; Duminda Wijesekera
Author Index
International Conference on Ontologies, DataBases, and Applications of Semantics for Large Scale Information Systems (ODBase 2003)
Incrementally Maintaining Materializations of Ontologies Stored in Logic Databases / Raphael Volz ; Steffen Staab ; Boris Motik
Ontology Translation on the Semantic Web / Dejing Dou ; Drew McDermott ; Peishen Qi
7.
EB
Sushil Jajodia, Takeo Kanade, Javier Lopez, Javier L?pez
出版情報:
Springer eBooks Computer Science , Springer Berlin Heidelberg, 2008
子書誌情報:
loading…
所蔵情報:
loading…
8.
EB
Claudio Bettini, Sushil Jajodia, Takeo Kanade, Pierangela Samarati, X. Sean Wang
出版情報:
Springer eBooks Computer Science , Springer Berlin Heidelberg, 2009
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Anonymity and Historical-Anonymity in Location-Based Services / Claudio Bettini ; Sergio Mascetti ; X. Sean Wang ; Dario Freni ; Sushil Jajodia
Location Privacy Techniques in Client-Server Architectures / Christian S. Jensen ; Hua Lu ; Man Lung Yiu
Private Information Retrieval Techniques for Enabling Location Privacy in Location-Based Services / Ali Khoshgozaran ; Cyrus Shahabi
Privacy Preservation over Untrusted Mobile Networks / Claudio A. Ardagna ; Pierangela Samarati ; Angelos Stavrou
Access Control in Location-Based Services / Marco Cremonini ; Sabrina De Capitani di Vimercati
Location Privacy in RFID Applications / Ahmad-Reza Sadeghi ; Ivan Visconti ; Christian Wachsmann
Privacy in Georeferenced Context-Aware Services: A Survey / Daniele Riboni ; Linda Pareschi
Safety and Privacy in Vehicular Communications / Josep Domingo-Ferrer ; Qianhong Wu
Privacy Preserving Publication of Moving Object Data / Francesco Bonchi
Author Index
Anonymity and Historical-Anonymity in Location-Based Services / Claudio Bettini ; Sergio Mascetti ; X. Sean Wang ; Dario Freni ; Sushil Jajodia
Location Privacy Techniques in Client-Server Architectures / Christian S. Jensen ; Hua Lu ; Man Lung Yiu
Private Information Retrieval Techniques for Enabling Location Privacy in Location-Based Services / Ali Khoshgozaran ; Cyrus Shahabi
9.
EB
Sara Foresti, Sushil Jajodia
出版情報:
Springer eBooks Computer Science , Springer Berlin Heidelberg, 2010
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Query and Data Privacy
Generalizing PIR for Practical Private Retrieval of Public Data / Shiyuan Wang ; Divyakant Agrawal ; Amr El Abbadi
A Logic of Privacy / Steve Barker ; Valerio Genovese
Understanding Privacy Risk of Publishing Decision Trees / Zutao Zhu ; Wenliang Du
Data Protection
Secure Outsourcing of DNA Searching via Finite Automata / Marina Blanton ; Mehrdad Aliasgari
A Labelling System for Derived Data Control / Enrico Scalavino ; Vaibhav Gowadia ; Emil C. Lupu
On the Identification of Property Based Generalizations in Microdata Anonymization / Rinku Dewri ; Indrajit Ray ; Indrakshi Ray ; Darrell Whitley
Access Control
Role Mining in the Presence of Noise / Jaideep Vaidya ; Vijayalakshmi Atluri ; Qi Guo ; Haibing Lu
Distributed and Secure Access Control in P2P Databases / Angela Bonifati ; Ruilin Liu ; Hui (Wendy) Wang
Constructing Key Assignment Schemes from Chain Partitions / Jason Crampton ; Rosli Daud ; Keith M. Martin
Data Confidentiality and Query Verification
fQuery: SPARQL Query Rewriting to Enforce Data Confidentiality / Said Oulmakhzoune ; Nora Cuppens-Boulahia ; Frédéric Cuppens ; Stephane Morucci
Efficient Inference Control for Open Relational Queries / Joachim Biskup ; Sven Hartmann ; Sebastian Link ; Jan-Hendrik Lochner
Query Racing: Fast Completeness Certification of Query Results / Bernardo Palazzi ; Maurizio Pizzonia ; Stefano Pucacco
Policy Definition and Enforcement
Mining Likely Properties of Access Control Policies via Association Rule Mining / JeeHyun Hwang ; Tao Xie ; Vincent Hu ; Mine Altunay
Scalable and Efficient Reasoning for Enforcing Role-Based Access Control / Tyrone Cadenhead ; Mirat Kantarcioglu ; Bhavani Thuraiaingham
Enforcing Request Integrity in Web Applications / Karthick Jayaraman ; Grzegorz Lewandowski ; Paul G. Talaga ; Steve J. Chapin
Trust and Identity Management
Using Trust-Based Information Aggregation for Predicting Security Level of Systems / Siv Hilde Houmb ; Sudip Chakraborty
Modelling Dynamic Trust with Property Based Attestation in Trusted Platforms / Aarthi Nagarajan ; Vijay Varadharajan
Towards Privacy-Enhancing Identify Management in Mashup-Providing Platforms / Jan Zibuschka ; Matthias Herbert ; Heiko Roßnagel
Short Papers
An Access Control Model for Web Databases / Ahlem Bouchahda-Ben Tekaya ; Nhan Le Thanh ; Adel Bouhoula ; Faten Labbene-Ayachi
Modelling Dynamic Access Control Policies for Web-Based Collaborative Systems / Hasan Qunoo ; Mark Ryan
Evaluating the Risk of Adopting RBAC Roles / Alessandro Colantonio ; Roberto Di Pietro ; Alberto Ocello ; Nino Vincenzo Verde
Preserving Integrity and Confidentiality of a Directed Acyclic Graph Model of Provenance / Amril Syalim ; Takashi Nishide ; Kouichi Sakurai
When ABE Meets RSS / Yu Chen ; Hyun Sung Kim ; Jianbin Hu ; Zhong Chen
PriMan: A Privacy-Preserving Identity Framework / Kristof Verslype ; Pieter Verhaeghe ; Jorn Lapon ; Vincent Naessens ; Bart De Decker
Detecting Spam Bots in Online Social Networking Sites: A Machine Learning Approach / Alex Hai Wang
Authentication Assurance Level Taxonomies for Smart Identity Token Deployments - A New Approach / Ramaswamy Chandramouli
A Secure RFID Ticket System for Public Transport / Kun Peng ; Feng Bao
Performance Evaluation of Non-parallelizable Client Puzzles for Defeating DoS Attacks in Authentication Protocols / Suratose Tritilanunt
Secure Location Verification: A Security Analysis of GPS Signal Authentication / Georg T. Becker ; Sherman C. Lo ; David S. De Lorenzo ; Per K. Enge ; Christof Paar
Author Index
Query and Data Privacy
Generalizing PIR for Practical Private Retrieval of Public Data / Shiyuan Wang ; Divyakant Agrawal ; Amr El Abbadi
A Logic of Privacy / Steve Barker ; Valerio Genovese
10.
EB
Sushil Jajodia (ed), Sushil Jajodia, Krishna Kant
出版情報:
Springer eBooks Computer Science , Springer New York, 2014
子書誌情報:
loading…
所蔵情報:
loading…
11.
EB
Lingyu Wang, Massimiliano Albanese, Sushil Jajodia
出版情報:
Springer eBooks Computer Science , Springer International Publishing, 2014
子書誌情報:
loading…
所蔵情報:
loading…
12.
EB
Sushil Jajodia, Paulo Shakarian, VS Subrahmanian
出版情報:
Springer eBooks Computer Science , Springer International Publishing, 2015
子書誌情報:
loading…
所蔵情報:
loading…
13.
EB
Anoop Singhal, Sushil Jajodia
出版情報:
Springer eBooks Computer Science , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Preface
An Overview of Data Warehouse, OLAP and Data Mining Technology
Network and System Security
Intrusion Detection Systems
Data Mining for Intrusion Detection
Data Modeling and Data Warehousing Techniques to Improve Intrusion Detection
MINDS - Architecture and Design
Discovering Novel Attack Strategies from INFOSEC Alerts
Index
Preface
An Overview of Data Warehouse, OLAP and Data Mining Technology
Network and System Security
14.
EB
Mihai; Jha, Somesh; Maughan, Douglas Christodorescu, Mihai Christodorescu, Sushil Jajodia
出版情報:
Springer eBooks Computer Science , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Overview / Part I:
Malware Evolution: A Snapshot of Threats and Countermeasures in 2005 / Brian Witten ; Carey Nachenberg1:
Software Analysis and Assurance / Part II:
Static Disassembly and Code Analysis / Giovanni Vigna2:
A Next-Generation Platform for Analyzing Executables / Thomas Reps ; Gogul Balakrishnan ; Junghee Lim ; Tim Teitelbaum3:
Behavioral and Structural Properties of Malicious Code / Christopher Kruegel4:
Detection and Prevention of SQL Injection Attacks / William G.J. Halfond ; Alessandro Orso5:
Distributed Threat Detection and Defense / Part III:
Very Fast Containment of Scanning Worms, Revisited / Nicholas Weaver ; Stuart Staniford ; Vern Paxson6:
Sting: An End-to-End Self-Healing System for Defending against Internet Worms / David Brumley ; James Newsome ; Dawn Song7:
An Inside Look at Botnets / Paul Barford ; Vinod Yegneswaran8:
Can Cooperative Intrusion Detectors Challenge the Base-Rate Fallacy? / Mihai Christodorescu ; Shai Rubin9:
Stealthy and Targeted Threat Detection and Defense / Part IV:
Composite Hybrid Techniques For Defending Against Targeted Attacks / Stelios Sidiroglou ; Angelos D. Keromytis10:
Towards Stealthy Malware Detection / Salvatore J. Stolfo ; Ke Wang ; Wei-Jen Li11:
Novel Techniques for Constructing Trustworthy Services / Part V:
Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems / Arvind Seshadri ; Mark Luk ; Adrian Perrig ; Leendert van Doorn ; Pradeep Khosla12:
Principles of Secure Information Flow Analysis / Geoffrey Smith13:
Index
Overview / Part I:
Malware Evolution: A Snapshot of Threats and Countermeasures in 2005 / Brian Witten ; Carey Nachenberg1:
Software Analysis and Assurance / Part II:
15.
EB
Douglas W. Frye, Sushil Jajodia
出版情報:
Springer eBooks Computer Science , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Table of Contents
List of Figures
Preface
Acknowledgments and Dedication
Information Technology and its Role In the Modern Organization / Chapter 1:
The Extent of an Organization's Connectivity / Chapter 2:
Network Physical Components / Chapter 3:
Legitimate Network Access / Chapter 4:
Illegitimate Network Access / Chapter 5:
Encryption / Chapter 6:
Balanced Scorecard / Chapter 7:
Sarbanes-Oxley / Chapter 8:
Physical Security / Chapter 9:
Disaster Recovery / Chapter 10:
Initial Employee Communication / Chapter 11:
The Human Element / Chapter 12:
Email, Instant Messaging and Phishing / Chapter 13:
Network Administration / Chapter 14:
Network Monitoring / Chapter 15:
Executive Communication / Chapter 16:
Information Security Awareness / Chapter 17:
Synthesis and Conclusion / Chapter 18:
Draft Policies / Chapter 19:
Bibliography
Index
Table of Contents
List of Figures
Preface
16.
EB
Lingyu Wang, Sushil Jajodia, Duminda Wijesekera
出版情報:
Springer eBooks Computer Science , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Introduction / 1:
Background / 1.1:
Problem Statement / 1.2:
Overview / 1.3:
Overview of Basic Concepts / 1.3.1:
Adapting Previous Approaches to Data Cubes / 1.3.2:
A Lattice-based Solution / 1.3.3:
OLAP and Data Cubes / 2:
OLAP / 2.1:
Data Cube / 2.2:
Inference Control in Statistical Databases / 3:
Query Set Size Control and Trackers / 3.1:
The Star Query Model / 3.2:
Key-Specified Queries / 3.3:
Linear System Attack and Audit Expert / 3.4:
Intractbility of Inference Control / 3.5:
Inferences in Data Cubes / 4:
Preliminaries / 4.1:
Arbitrary Range Queries / 4.3:
Restricted Range Queries / 4.4:
Even Range Query Attack / 4.4.1:
Indirect Even Range Query Attack / 4.4.2:
Skeleton Query Attack / 4.4.3:
Conclusion / 4.5:
Cardinality-based Inference Control / 5:
Compromisability / 5.1:
Formalization Rationale / 5.2.3:
Cardinality-based Sufficient Conditions / 5.3:
Trivial Compromisability / 5.3.1:
Non-trivial Compromisability / 5.3.2:
A Three-Tier Inference Control Model / 5.4:
Cardinality-based Inference Control for Data Cubes / 5.5:
Inference Control Algorithm / 5.5.1:
Correctness and Time Complexity / 5.5.2:
Implementation Issues / 5.5.3:
Integrating Inference Control into OLAP / 5.5.3.1:
Re-ordering Tuples in Unordered Dimensions / 5.5.3.2:
Update Operations / 5.5.3.3:
Aggregation Operators Other Than Sum / 5.5.3.4:
Conclusions / 5.6:
Parity-based Inference Control for Range Queries / 6:
Motivating Examples / 6.1:
Definitions / 6.2.2:
Applying Existing Methods to MDR Queries / 6.3:
Query Set Size Control, Overlap Size Control and Audit Expert / 6.3.1:
Finding Maximal Safe Subsets of Unsafe MDR Queries / 6.3.2:
Parity-Based Inference Control / 6.4:
Even MDR Queries / 6.4.1:
Characterizing the QDT Graph / 6.4.2:
Beyond Even MDR Queries / 6.4.3:
Unsafe Even MDR Queries / 6.4.4:
Discussion / 6.5:
Lattice-based Inference Control in Data Cubes / 6.6:
The Basic Model / 7.1:
Specifying Authorization Objects in Data Cubes / 7.3:
Controlling Inferences in Data Cubes / 7.4:
Preventing Multi-Dimensional Inferences / 7.4.1:
Assumptions / 7.4.2.1:
A Special Case / 7.4.2.2:
The General Case / 7.4.2.3:
Eliminating One-Dimensional Inferences / 7.4.3:
Implementation Options and Complexity / 7.5:
Summary / 7.6:
Query-driven Inference Control in Data Cubes / 8:
Authorization Objects and Queries in Data Cubes / 8.1:
The Static Approach and Its Impact on Availability / 8.3:
Query-Driven Prevention of Multi-Dimensional Inferences / 8.4:
Authorizing Queries / 8.4.1:
Complexity Analysis / 8.4.4:
Conclusion and Future Direction / 8.5:
References
Index
Introduction / 1:
Background / 1.1:
Problem Statement / 1.2:
17.
EB
Ting; Jajodia, Sushil Yu, Sushil Jajodia, Ting Yu
出版情報:
Springer eBooks Computer Science , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Preface
Foundation / Part I:
Basic Security Concepts / Sushil Jajodia ; Ting Yu
Access Control Policies and Languages in Open Environments / S. De Capitani di Vimercati ; S. Foresti ; S. Jajodia ; P. Samarati
Trusted Recovery / Meng Yu ; Peng Liu ; Wanyu Zang
Access Control for Semi-Structured Data / Part II:
Access Control Policy Models for XML / Michiharu Kudo ; Naizhen Qi
Optimizing Tree Pattern Queries over Secure XML Databases / Hui Wang ; Divesh Srivastava ; Laks V.S. Lakshmanan ; SungRan Cho ; Sihem Amer-Yahia
Distributed Trust Management / Part III:
Rule-based Policy Specification / Grigoris Antoniou ; Matteo Baldoni ; Piero A. Bonatti ; Wolfgang Nejdl ; Daniel Olmedilla
Automated Trust Negotiation in Open Systems / Adam J. Lee ; Kent E. Seamons ; Marianne Winslett
Building Trust and Security in Peer-to-Peer Systems / Terry Bearly ; Vijay Kumar
Privacy in Cross-Domain Information Sharing / Part IV:
Microdata Protection / V. Ciriani
k-Anonymity / S. Foresti, P. Samarati
Preserving Privacy in On-line Analytical Processing Data Cubes / Lingyu Wang ; Duminda Wijesekera
Security in Emerging Data Services / Part V:
Search on Encrypted Data / Hakan Hacigumus ; Bijit Hore ; Bala Iyer ; Sharad Mehrotra
Rights Assessment for Relational Data Radu Sion
Index
Preface
Foundation / Part I:
Basic Security Concepts / Sushil Jajodia ; Ting Yu
18.
EB
Donggang Liu, Sushil Jajodia, Peng Ning
出版情報:
Springer eBooks Computer Science , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Introduction / 1:
Wireless Sensor Network / 1.1:
Design Challenges / 1.2:
Security Issues in Sensor Networks / 1.3:
Broadcast Authentication / 1.3.1:
Pairwise Key Establishment / 1.3.2:
Security in Localization / 1.3.3:
Orgnization of the Book / 1.4:
[mu]TESLA Broadcast Authentication / 2:
Multi-Level [mu]TESLA / 2.2:
Scheme I: Predetermined Key Chain Commitment / 2.2.1:
Scheme II: Naive Two-Level [mu]TESLA / 2.2.2:
Scheme III: Fault Tolerant Two-Level [mu]TESLA / 2.2.3:
Scheme IV: DOS-Tolerant Two-Level [mu]TESLA / 2.2.4:
Scheme V: DOS-Resistant Two-Level [mu]TESLA / 2.2.5:
Scheme VI: Multi-Level [mu]TESLA / 2.2.6:
Experimental Results / 2.2.7:
Tree-Based [mu]TESLA / 2.3:
The Basic Approach / 2.3.1:
A Scheme for Long-Lived Senders / 2.3.2:
Distributing Parameter Certificates / 2.3.3:
Revoking [mu]TESLA Instances / 2.3.4:
Implementation and Evaluation / 2.3.5:
Summary / 2.4:
Key Pre-Distribution Techniques in Sensor Networks / 3:
Polynomial-Based Key Pre-Distribution / 3.1.1:
Probabilistic Key Pre-Distribution / 3.1.2:
Polynomial Pool-Based Key Pre-Distribution / 3.2:
Phase 1: Setup / 3.2.1:
Phase 2: Direct Key Establishment / 3.2.2:
Phase 3: Path Key Establishment / 3.2.3:
Key Pre-Distribution Using Random Subset Assignment / 3.3:
The Random Subset Assignment Scheme / 3.3.1:
Performance / 3.3.2:
Overheads / 3.3.3:
Security Analysis / 3.3.4:
Comparison with Previous Schemes / 3.3.5:
Hypercube-based Key Pre-Distribution / 3.4:
The Hypercube-Based Scheme / 3.4.1:
Dynamic Key Path Discovery / 3.4.2:
Overhead / 3.4.3:
Optimization of Polynomial Evaluation / 3.4.5:
Evaluation / 3.5.2:
Improving Pairwise Key Establishment Using Deployment Knowledge / 3.6:
Improving Key Pre-Distribution with Prior Deployment Knowledge / 4.1:
A Location-Aware Deployment Model / 4.1.1:
Closest Pairwise Keys Scheme / 4.1.2:
Closest Polynomials Pre-Distribution Scheme / 4.1.3:
Improving Key Pre-Distribution with Post Deployment Knowledge / 4.2:
Key Prioritization Using Post Deployment Knowledge / 4.2.1:
Improving Random Subset Assignment Scheme with Deployment Locations / 4.2.2:
Improving Key Pre-Distribution with Group Deployment Knowledge / 4.3:
Group-Based Deployment Model / 4.3.1:
A General Framework / 4.3.2:
Performance Analysis / 4.3.3:
Secure Localization / 4.3.4:
Localization in Sensor Networks / 5.1:
Pitfalls of Current Localization Schemes under Attacks / 5.2:
Attack-Resistant Location Estimation / 5.3:
Assumptions / 5.3.1:
Attack-Resistant Minimum Mean Square Estimation (MMSE) / 5.3.2:
Voting-Based Location Estimation / 5.3.3:
Simulation Evaluation / 5.3.4:
Implementation and Field Experiments / 5.3.6:
A Detector for Malicious Beacon Nodes / 5.4:
Detecting Malicious Beacon Signals / 5.4.1:
Filtering Replayed Beacon Signals / 5.4.2:
Revoking Malicious Beacon Nodes / 5.4.3:
Summary and Future Work / 5.4.4:
Future Work / 6.1:
References
Index
Introduction / 1:
Wireless Sensor Network / 1.1:
Design Challenges / 1.2:
19.
EB
Sushil Jajodia, David Dagon, Wenke Lee, Cliff Wang
出版情報:
Springer eBooks Computer Science , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Botnet Detection Based on Network Behavior / W. Timothy Strayer ; David Lapsely ; Robert Walsh ; Carl Livadas
Honeynet-based Botnet Scan Traffic Analysis / Zhichun Li ; Anup Goyal ; Yan Chen
Characterizing Bots' Remote Control Behavior / Elizabeth Stinson ; John C. Mitchell
Automatically Identifying Trigger-based Behavior in Malware / David Brumley ; Cody Hartwig ; Zhenkai Liang ; James Newsome ; Dawn Song ; Heng Yin
Towards Sound Detection of Virtual Machines / Jason Franklin ; Mark Luk ; Jonathan M. McCune ; Arvind Seshadri ; Adrian Perrig ; Leendert van Doorn
Botnets and Proactive System Defense / John Bambenek ; Agnes Klus
Detecting Botnet Membership with DNSBL Counterintelligence / Anirudh Ramachandran ; Nick Feamster ; David Dagon
A Taxonomy of Botnet Structures / Guofei Gu ; Christopher P. Lee
Botnet Detection Based on Network Behavior / W. Timothy Strayer ; David Lapsely ; Robert Walsh ; Carl Livadas
Honeynet-based Botnet Scan Traffic Analysis / Zhichun Li ; Anup Goyal ; Yan Chen
Characterizing Bots' Remote Control Behavior / Elizabeth Stinson ; John C. Mitchell
20.
EB
Michael; Jajodia, Sushil Gertz, Michael Gertz, Sushil Jajodia
出版情報:
Springer eBooks Computer Science , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Recent Advances in Access Control / Sabrina De Capitani di Vimercati ; Sara Foresti ; Pierangela Samarati1:
Access Control Models for XML / Stefano Paraboschi2:
Access Control Policy Languages in XML / Naizhen Qi ; Michiharu Kudo3:
Database Issues in Trust Management and Trust Negotiation / Dongyi Li ; William Winsborough ; Marianne Winslett ; Ragib Hasan4:
Authenticated Index Structures for Outsourced Databases / Feifei Li ; Marios Hadjileftheriou ; George Kollios ; Leonid Reyzin5:
Towards Secure Data Outsourcing / Radu Sion6:
Managing and Querying Encrypted Data / Bijit Hore ; Sharad Mehrotra ; Hakan Hacigumus7:
Security in Data Warehouses and OLAP Systems / Lingyu Wang ; Sushil Jajodia8:
Security for Workflow Systems / Vijayalakshmi Atluri ; Janice Warner9:
Secure Semantic Web Services / Bhavani Thuraisingham10:
Geospatial Database Security / Soon Ae Chun11:
Security Re-engineering for Databases: Concepts and Techniques / Michael Gertz ; Madhavi Gandhi12:
Database Watermarking for Copyright Protection / 13:
Database Watermarking: A Systematic View / Yingjiu Li14:
Trustworthy Records Retention / Soumyadeb Mitra ; Windsor Hsu15:
Damage Quarantine and Recovery in Data Processing Systems / Peng Liu ; Meng Yu16:
Hippocratic Databases: Current Capabilities and Future Trends / Tyrone Grandison ; Christopher Johnson ; Jerry Kiernan17:
Privacy-Preserving Data Mining: A Survey / Charu C. Aggarwal ; Philip S. Yu18:
Privacy in Database Publishing: A Bayesian Perspective / Alin Deutsch19:
Privacy Preserving Publication: Anonymization Frameworks and Principles / Yufei Tao20:
Privacy Protection through Anonymity in Location-based Services / Claudio Bettini ; Sergio Mascetti ; X. Sean Wang21:
Privacy-enhanced Location-based Access Control / Claudio A. Ardagna ; Marco Cremonini22:
Efficiently Enforcing the Security and Privacy Policies in a Mobile Environment / Heechang Shin23:
Index
Recent Advances in Access Control / Sabrina De Capitani di Vimercati ; Sara Foresti ; Pierangela Samarati1:
Access Control Models for XML / Stefano Paraboschi2:
Access Control Policy Languages in XML / Naizhen Qi ; Michiharu Kudo3:
21.
EB
Workshop on Insider Attack and Cyber Security, Sushil Jajodia, Salvatore J. Stolfo, Salvatore Joseph Stolfo
出版情報:
Springer eBooks Computer Science , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
The Insider Attack Problem Nature and Scope
Introduction / 1:
Types of Attack / 2:
Misuse of Access / 2.1:
Defense Bypass / 2.2:
Access Control Failure / 2.3:
Defend or Detect / 3:
The Role of Process / 4:
Conclusion / 5:
Reflections on the Insider Threat
Who Is an Insider?
Motive
Effect
Defining the Insider Threat
Context / 2.4:
Insider Threat Issues
Data / 3.1:
Psychology / 3.2:
Monitoring and Privacy / 3.3:
Detecting Insider Attacks / 3.4:
Technology / 3.5:
Conclusions
Acknowledgments
The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures
General Observations About Insider IT Sabotage
Model of the Insider IT Sabotage Problem
Insider Expectation Escalation
Escalation of Disgruntlement
Attack Setup and Concealment
The Trust Trap
Possible Leverage Points for Addressing the Problem
Early Mitigation Through Expectation Setting / 4.1:
Handling Disgruntlement Through Positive Intervention / 4.2:
Targeted Monitoring / 4.3:
Eliminating Unknown Access Paths / 4.4:
Measures Upon Demotion or Termination / 4.5:
A Workshop on Insider IT Sabotage
The Instructional Case / 5.1:
Value of Modeling for Insight / 6:
Related CERT Research / 6.2:
System Dynamics Background / Appendix A:
The Insider IT Sabotage Training Case / Appendix B:
Background / 1.1:
The Final Weeks / 1.2:
Insider Sabotage Mitigating Measures / Appendix C:
Data Theft: A Prototypical Insider Threat
Data Theft
Data Leakage
Risk / 1.3:
Recommendations / 1.4:
Status Quo
History
Risks & Controls
Technical Controls
Administrative Controls
Areas for Further Research
A Survey of Insider Attack Detection Research
Insider Attacks
Host-based User Profiling
Network-Based Sensors
Integrated Approaches
Summary
Future Research Directions
Naive Bayes as a Masquerade Detector: Addressing a Chronic Failure
Related Work
Background on Naive Bayes
Objective and Approach
Experiment With Synthetic Data
Variable Selection
Synthetic Data / 5.2:
Experiment Control / 5.3:
Procedure / 5.4:
Results and Analysis / 5.5:
Naive Bayes Mathematical Formulation
Calculating the Anomaly Score
Manipulating the Anomaly Score
Effect of NBSCs / 6.3:
Exploiting NBSCs to Cloak Attacks / 7:
Naive Bayes Fortification / 8:
The Fortified Detector / 8.1:
Evaluation Methodology / 8.2:
Evaluation Results and Analysis / 8.3:
Discussion / 9:
Towards a Virtualization-enabled Framework for Information Traceability (VFIT) / 10:
Threat Model and Requirements
Models of Policy Enforcement
Hardware Virtualization
System Architecture
Platform Architecture
Network Architecture
Implementation
Virtualization-enabled Information Tracing
Analysis
Performance Discussion
Threat Mitigation
Reconfigurable Tamper-resistant Hardware Support Against Insider Threats: The Trusted ILLIAC Approach
Software-based Transparent Runtime Randomization
Tamper-resistant Key-store Support for Threshold Cryptography
Crypto-engine Architecture
Security Analysis
Information Flow Signature Checking for Data Integrity
Threat Model
Approach
System Architecture Including the Trusted Computing Engine
Protecting Against Insider Attack With User-level Privileges: Runtime Guarantees
Protecting Against Insider Attack with Administrative Privileges: Initialization and Runtime Guarantees
Conclusions and Future Directions
Surviving Insider Attacks: A Call for System Experiments
Principles for Survivability
Avoidance of a Single Point of Failure
Independence of Failure Modes and Attack Vulnerabilities
Fast Recovery from Failure and Attack
Attack Deterrence
Least Privilege Authorization / 2.5:
Cost Factors
Conclusion: A Call for Research and Development Experiments
Preventative Directions For Insider Threat Mitigation Via Access Control
Definitions and Threat Model
The Insider
Types of Insiders
Damage of Insider Attacks
Background and Primitives
Authentication and Authorization
Access Control Principles
MAC, DAC, and Intermediate Schemes
Users and Groups
Roles and Role Engineering
Public Key Cryptography / 3.6:
Requirements
Functionality
Usability and Cost
Scale and Complexity
Domain Considerations
Tools
Passwords: Knowledge-Based Authentication
Biometrics: Physiology-Based Authentication
Tokens: Possession-Based Authentication
PKI: Authentication via Digital Certificates
Distributed Authentication and Identity Management
Distributed Authorization / 5.6:
Ongoing Challenges
A Snapshot of a Motion Picture
Privilege Issuance and Review
Auditing and Visualization
Role Drift and Escalation / 6.4:
Expressiveness and Need to Know / 6.5:
Incentives / 6.6:
Taking Stock and Looking Forward - An Outsider's Perspective on the Insider Threat
What Is An "Insider Threat"?
How Does The Research Community Get Better Data?
Changing the Incentives that Organizations Face
Integrating Technical Solutions with Social Science Perspectives
Creating a Response and Recovery System for Insider Threats
Research Challenges for Fighting Insider Threat in the Financial Services Industry
Employee Screening And Selection
Access Controls
Monitoring And Detection
Hard Problems and Research Challenges Concluding Remarks
Index
The Insider Attack Problem Nature and Scope
Introduction / 1:
Types of Attack / 2:
22.
EB
Sushil Jajodia, Stelvio Cimato, Klaus-Peter Hellriegel, Pierangela Samarati, Franz Schmalzl
出版情報:
Springer eBooks Computer Science , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
23.
EB
Charles A. Shoniregun, Sushil Jajodia
出版情報:
Springer eBooks Computer Science , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Dedication
List of contributors and organisations
Preface
Acknowledgements
Research overview and conceptual understanding of internet protocol security (IPSec) / Chapter 1:
Introduction / 1:
Research rationale / 2:
Research hypothesis / 3:
Methods and methodology / 5:
Internet architecture board (IAB)? / 6:
IPSec roadmap / 7:
Analogy of IPSec / 8:
IPSec relationship with other protocols / 9:
Business perception / 10:
Summary of chapter one / 11:
References
Internet communication protocols / Chapter 2:
TCP/IP protocol
Security problems of TCP/IP layers
Benefits and limitations of implementing security at the application, transport, network, and data link layers / 4:
IPSec standards
Why AH
Why ESP
Security association (SA) and key management
IKE: hybrid protocol
Policy
Summary of chapter two
Internet protocol versions 4 (IPv4) and 6 (IPv6) / Chapter 3:
IPv4 standard
IPv4 limitations and possible solution
IPv6 standard
Difference between IPv4 and v6
Transition
Summary of chapter three
Implementations and limitations of the IPSec / Chapter 4:
Classification and taxonomy of the IPSec
Combining the IPSec protocols to create a Virtual Private Network (VPN)
IPSec in Windows
Linux
Solaris
FreeBSD
Cisco IOS IPSec configuration overview
Routers
Limitations of the IPSec
Summary Of Chapter four
Synchronising Internet Protocol Security (SIPsec) model / Chapter 5:
Analysis of questionnaire survey
Case studies
Laboratory experiments
Current IPSec solutions
Public key algorithms
Analysis of findings
Conceptual understanding of SIPSec model
Policy reconciliation
Palmistry
Fingerprint
Face / 12:
Iris / 13:
Result summary of hypothesess / 14:
Summary of chapter five / 15:
Discussion / Chapter 6:
Issues in IPSec
IPSec is an application specific
Current use of biometrics technology
Combining biometrics with IPSec
Underpining assumption of SIPSec
Summary of chapter six
Conclusion / Chapter 7:
Dependence on information technology
Global issues on internet security
Root causes of attacks
Recommendation
Contribution to knowledge
Future work
Index
Dedication
List of contributors and organisations
Preface
24.
EB
Sushil Jajodia, Hirosh Joseph, Abhishek Singh, Baibhav Singh
出版情報:
Springer eBooks Computer Science , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Wireless Security / 1.0:
Introduction / 1.1:
Wired Equivalent Privacy protocol / 1.2:
Analysis of WEP flaws / 1.2.1:
Key Stream Reuse / 1.2.2:
Message Modification / 1.2.3:
Message Injection / 1.2.4:
Authentication Spoofing / 1.2.5:
IP Redirection / 1.2.6:
Wireless Frame Generation / 1.2.7:
AirJack / 1.2.7.1:
Wavesec / 1.2.7.2:
Libwlan / 1.2.7.3:
FakeAP / 1.2.7.4:
Wnet / 1.2.7.5:
Scapy / 1.2.7.7:
Encryption Cracking Tools / 1.2.8:
Wepcrack / 1.2.8.1:
Dweputils / 1.2.8.2:
Wep tools / 1.2.8.3:
Wep Attack / 1.2.8.4:
Retrieving the WEP keys from Client Host / 1.2.9:
Traffic Inection Tools / 1.2.10:
802.1x Cracking Tools / 1.2.11:
Asleap-imp and Leap / 1.2.11.1:
Wireless DoS Attacks / 1.2.12:
Physical Layer Attack or Jamming / 1.2.12.1:
Signal Strength / 1.2.12.1.1:
Carrier Sensing Time / 1.2.12.1.2:
Packet Delivery Ratio / 1.2.12.1.3:
Signal Strength Consistency check / 1.2.12.1.4:
Spoofed Dessociation and Deauthentication Frames / 1.2.12.2:
Spoofed Malformed Authentication Frames / 1.2.12.3:
Flooding the Access Point Association and Authentication Buffer / 1.2.12.4:
Frame Deletion Attack / 1.2.12.5:
DoS attack dependent upon specific Wireless Setting / 1.2.12.6:
Attack against the 802.11i implementations / 1.2.13:
Authentication Mechanism Attacks / 1.2.13.1:
Prevention and Modifications / 1.3:
TKIP: temporal Key Integrity Protocol / 1.3.1:
TKIP Implementation / 1.3.1.1:
Message Integrity / 1.3.1.1.1:
Initialization Vector / 1.3.1.1.2:
Prevention against the FMS Attack / 1.3.1.1.3:
Per Packet key Mixing / 1.3.1.1.4:
Implementation Details of TKIP / 1.3.1.1.5:
Details of Per Packet Key mixing / 1.3.1.1.6:
Attack on TKIP / 1.3.1.2:
AES - CCMP / 1.3.2:
CCMP Header / 1.3.2.1:
Implementation / 1.3.2.2:
Encryption Process in MPDU / 1.3.2.2.1:
Decrypting MPDU / 1.3.2.2.2:
Prevention Method using Detection Devices / 1.4:
Conclusion / 1.5:
Vulnerability Analysis for Mail Protocols / 2.0:
Format String Specifiers / 2.1:
Format String Vulnerability / 2.2.1:
Format String Denial of Service Attack / 2.2.1.1:
Format String Vulnerability Reading Attack / 2.2.1.2:
Format String Vulnerability Writing Attack / 2.2.1.3:
Preventive Measures for Format String vulnerability / 2.2.1.4:
Buffer Overflow Attack / 2.3:
Buffer Overflow Prevention / 2.3.1:
Directory Traversal Attacks / 2.4:
Remote Detection / 2.4.1:
False Positive in Remote Detection for Mail Traffic / 2.5:
False Positive in case of SMTP Traffic / 2.5.1:
False Positive in case of IMAP Traffic / 2.5.2:
Vulnerability Analysis for FTP and TFTP / 2.6:
Buffer Overflow in FTP / 3.1:
Directory Traversal Attack in FTP / 3.1.2:
TFTP Vulnerability Analysis / 3.2:
Vulnerability Analysis / 3.2.1:
Vulnerability Analysis for HTTP / 3.3:
XSS Attack / 4.1:
Prevention against Cross Site Scripting Attacks / 4.2.1:
Vulnerability Protection / 4.2.1.1:
SQL Injection Attacks / 4.3:
SQL Injection Case Study / 4.3.1:
Preventive Measures / 4.3.2:
SQL injection in Oracle Data base / 4.3.2.1:
Stored Procedures / 4.3.2.2.1:
Remote Detection for Oracle Database / 4.3.2.2.2:
Other Preventive Measures / 4.3.3:
Preventive Measures by developers / 4.3.3.1:
MS DoS Device Name Vulnerability / 4.4:
Prevention from DoS Device Name Vulnerability / 4.4.1:
False Positive in HTTP / 4.5:
Evasion of HTTP Signatures / 4.6:
Vulnerability Analysis for DNS and DHCP / 4.7:
Introduction of DNS Protocol / 5.1:
Vulnerabilities in a DNS Protocol / 5.1.1:
DNS Cache Poisoning / 5.1.1.1:
Redirection Attack / 5.1.1.2:
Buffer Overflow Vulnerability / 5.1.1.3:
DNS Man in the Middle Attack or DNS Hijacking / 5.1.1.4:
DNS Amplification Attack / 5.1.1.5:
False Positives in a DNS Protocol / 5.1.2:
Introduction of DHCP / 5.2:
Vulnerabilities in DHCP / 5.2.1:
Client Masquerading / 5.2.1.1:
Flooding / 5.2.1.2:
Client Misconfiguration / 5.2.1.3:
Theft of Service / 5.2.1.4:
Packet Altercation / 5.2.1.5:
Key Exposure / 5.2.1.6:
Key Distribution / 5.2.1.7:
Protocol Agreement Issues / 5.2.1.8:
False Positive in DHCP / 5.2.2:
Vulnerability Analysis for LDAP and SNMP / 5.3:
ASN and BER Encoding / 6.1:
BER implementation for LDAP / 6.3:
Threat Analysis for Directory Services / 6.3.1:
SNMP / 6.4:
Vulnerability Analysis for SNMP / 6.4.1:
Vulnerability Analysis for RPC / 6.5:
RPC Message Protocol / 7.1:
NDR Format / 7.3:
Port Mapper / 7.4:
False Positive for SMB RPC Protocol / 7.5:
Evasion in RPC / 7.6:
Multiple Binding UUID / 7.6.1:
Fragment Data across many Requests / 7.6.2:
Bind to one UUID then alter Context / 7.6.3:
Prepend an ObjectID / 7.6.4:
Bind with an authentication field / 7.6.5:
One packet UDP function call / 7.6.6:
Endianess Selection / 7.6.7:
Chaining SMB commands / 7.6.8:
Out of order chaining / 7.6.9:
Chaining with random data in between commands / 7.6.10:
Unicode and non-Unicode evasion / 7.6.11:
SMB CreateAndX Path Names / 7.6.12:
Malware / 7.7:
Malware Naming Convention / 8.1:
Worms / 8.2.1:
Trojans / 8.2.2:
Spyware & Adware / 8.2.3:
Malware Threat Analysis / 8.3:
Creating controlled Environment / 8.3.1:
Confinement with the Hard Virtual Machines / 8.3.1.1:
Confinement with the Soft Virtual Machines / 8.3.1.2:
Confinement with Jails and Chroot / 8.3.1.3:
Confinement with System call Sensors / 8.3.1.4:
Confinement with System call Spoofing / 8.3.1.5:
Behavioral Analysis / 8.3.2:
Code Analysis / 8.3.3:
Root Kits / 8.4:
User and Kernel Mode Communication / 8.4.1:
I/O Request Packets (IRP) / 8.4.2:
Interrupt Descriptor Table / 8.4.3:
Service Descriptor Table / 8.4.4:
Direct Kernel Object Manipulation / 8.4.5:
Detection of Rootkits / 8.4.6:
Spyware / 8.5:
Methods of Spyware installation and propagation / 8.5.1:
Drive- By- Downloads / 8.5.1.1:
Bundling / 8.5.1.2:
From Other Spyware / 8.5.1.3:
Security Holes / 8.5.1.4:
Iframe Exploit / 8.5.2:
IE .chm File processing Vulnerability / 8.5.2.2:
Internet Code Download Link / 8.5.2.3:
Anti Spyware Signature Development / 8.5.3:
Vulnerability Signature / 8.5.3.1:
CLSID Data base / 8.5.3.2:
Spyware Specific Signature / 8.5.3.3:
Information Stealing / 8.5.3.4:
Preventing Information from being sent as emails / 8.5.3.5:
Reverse Engineering / 8.6:
Anti Reversing Technique / 9.1:
Anti Disassembly / 9.2.1:
Linear Sweep Disassembler / 9.2.1.1:
Recursive Traversal Disassembler / 9.2.1.2:
Evasion Technique for Disasembler / 9.2.1.3:
Self-Modifying Code / 9.2.2:
Virtual Machine Obfuscation / 9.2.3:
Anti Debugging Technique / 9.3:
Break Points / 9.3.1:
Software break point / 9.3.1.1:
Hardware break point / 9.3.1.2:
Detection of Breakpoint / 9.3.1.3:
Virtual Machine Detection / 9.4:
Checking finger print / 9.4.1:
Checking system tables / 9.4.2:
Checking processor instruction set / 9.4.3:
Unpacking / 9.5:
Manual unpacking of malware / 9.5.1:
Finding an original entry point of an executable / 9.5.1.1:
Taking memory Dump / 9.5.1.2:
Import Table Reconstruction / 9.5.1.3:
Import redirection and code emulation / 9.5.1.4:
Index / 9.6:
Wireless Security / 1.0:
Introduction / 1.1:
Wired Equivalent Privacy protocol / 1.2:
25.
EB
Sushil Jajodia, Sushil Jajodia, Peng Liu
出版情報:
Springer eBooks Computer Science , Springer US, 2010
子書誌情報:
loading…
所蔵情報:
loading…
26.
EB
Sushil Jajodia, Association for Computing Machinery-Digital Library.
出版情報:
ACM Digital Library Proceedings , New York NY : ACM, 2014
子書誌情報:
loading…
所蔵情報:
loading…
27.
EB
Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sushil Jajodia, Takeo Kanade, Duminda Wijesekera
出版情報:
Springer eBooks Computer Science , Springer Berlin / Heidelberg, 2005
子書誌情報:
loading…
所蔵情報:
loading…
28.
EB
International Conference on Information Systems Security, Sushil Jajodia, Takeo Kanade, Chandan Mazumdar
出版情報:
Springer eBooks Computer Science , Springer Berlin / Heidelberg, 2005
子書誌情報:
loading…
所蔵情報:
loading…
29.
EB
Sushil Jajodia, Sushil Jajodia, Peng Liu, Vipin Swarup, Cliff Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2010
子書誌情報:
loading…
所蔵情報:
loading…
30.
EB
Sushil Jajodia, Paulo Shakarian, VS Subrahmanian, V. S. Subrahmanian, Vipin Swarup, Cliff Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer International Publishing, 2015
子書誌情報:
loading…
所蔵情報:
loading…
31.
EB
Anoop Singhal, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Preface
An Overview of Data Warehouse, OLAP and Data Mining Technology
Network and System Security
Intrusion Detection Systems
Data Mining for Intrusion Detection
Data Modeling and Data Warehousing Techniques to Improve Intrusion Detection
MINDS - Architecture and Design
Discovering Novel Attack Strategies from INFOSEC Alerts
Index
Preface
An Overview of Data Warehouse, OLAP and Data Mining Technology
Network and System Security
32.
EB
Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Sushil Jajodia, Takeo Kanade, Duminda Wijesekera, Josef Kittler
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin / Heidelberg, 2005
子書誌情報:
loading…
所蔵情報:
loading…
33.
EB
Sara Foresti, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 2010
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Query and Data Privacy
Generalizing PIR for Practical Private Retrieval of Public Data / Shiyuan Wang ; Divyakant Agrawal ; Amr El Abbadi
A Logic of Privacy / Steve Barker ; Valerio Genovese
Understanding Privacy Risk of Publishing Decision Trees / Zutao Zhu ; Wenliang Du
Data Protection
Secure Outsourcing of DNA Searching via Finite Automata / Marina Blanton ; Mehrdad Aliasgari
A Labelling System for Derived Data Control / Enrico Scalavino ; Vaibhav Gowadia ; Emil C. Lupu
On the Identification of Property Based Generalizations in Microdata Anonymization / Rinku Dewri ; Indrajit Ray ; Indrakshi Ray ; Darrell Whitley
Access Control
Role Mining in the Presence of Noise / Jaideep Vaidya ; Vijayalakshmi Atluri ; Qi Guo ; Haibing Lu
Distributed and Secure Access Control in P2P Databases / Angela Bonifati ; Ruilin Liu ; Hui (Wendy) Wang
Constructing Key Assignment Schemes from Chain Partitions / Jason Crampton ; Rosli Daud ; Keith M. Martin
Data Confidentiality and Query Verification
fQuery: SPARQL Query Rewriting to Enforce Data Confidentiality / Said Oulmakhzoune ; Nora Cuppens-Boulahia ; Frédéric Cuppens ; Stephane Morucci
Efficient Inference Control for Open Relational Queries / Joachim Biskup ; Sven Hartmann ; Sebastian Link ; Jan-Hendrik Lochner
Query Racing: Fast Completeness Certification of Query Results / Bernardo Palazzi ; Maurizio Pizzonia ; Stefano Pucacco
Policy Definition and Enforcement
Mining Likely Properties of Access Control Policies via Association Rule Mining / JeeHyun Hwang ; Tao Xie ; Vincent Hu ; Mine Altunay
Scalable and Efficient Reasoning for Enforcing Role-Based Access Control / Tyrone Cadenhead ; Mirat Kantarcioglu ; Bhavani Thuraiaingham
Enforcing Request Integrity in Web Applications / Karthick Jayaraman ; Grzegorz Lewandowski ; Paul G. Talaga ; Steve J. Chapin
Trust and Identity Management
Using Trust-Based Information Aggregation for Predicting Security Level of Systems / Siv Hilde Houmb ; Sudip Chakraborty
Modelling Dynamic Trust with Property Based Attestation in Trusted Platforms / Aarthi Nagarajan ; Vijay Varadharajan
Towards Privacy-Enhancing Identify Management in Mashup-Providing Platforms / Jan Zibuschka ; Matthias Herbert ; Heiko Roßnagel
Short Papers
An Access Control Model for Web Databases / Ahlem Bouchahda-Ben Tekaya ; Nhan Le Thanh ; Adel Bouhoula ; Faten Labbene-Ayachi
Modelling Dynamic Access Control Policies for Web-Based Collaborative Systems / Hasan Qunoo ; Mark Ryan
Evaluating the Risk of Adopting RBAC Roles / Alessandro Colantonio ; Roberto Di Pietro ; Alberto Ocello ; Nino Vincenzo Verde
Preserving Integrity and Confidentiality of a Directed Acyclic Graph Model of Provenance / Amril Syalim ; Takashi Nishide ; Kouichi Sakurai
When ABE Meets RSS / Yu Chen ; Hyun Sung Kim ; Jianbin Hu ; Zhong Chen
PriMan: A Privacy-Preserving Identity Framework / Kristof Verslype ; Pieter Verhaeghe ; Jorn Lapon ; Vincent Naessens ; Bart De Decker
Detecting Spam Bots in Online Social Networking Sites: A Machine Learning Approach / Alex Hai Wang
Authentication Assurance Level Taxonomies for Smart Identity Token Deployments - A New Approach / Ramaswamy Chandramouli
A Secure RFID Ticket System for Public Transport / Kun Peng ; Feng Bao
Performance Evaluation of Non-parallelizable Client Puzzles for Defeating DoS Attacks in Authentication Protocols / Suratose Tritilanunt
Secure Location Verification: A Security Analysis of GPS Signal Authentication / Georg T. Becker ; Sherman C. Lo ; David S. De Lorenzo ; Per K. Enge ; Christof Paar
Author Index
Query and Data Privacy
Generalizing PIR for Practical Private Retrieval of Public Data / Shiyuan Wang ; Divyakant Agrawal ; Amr El Abbadi
A Logic of Privacy / Steve Barker ; Valerio Genovese
34.
EB
Gerhard; Hartmanis, Juris; van Leeuwen, Jan Goos, Asuman Dogac, Sushil Jajodia, M. Tamer Özsu, M. Tamar Özsu
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 1998
子書誌情報:
loading…
所蔵情報:
loading…
35.
EB
International Conference on Conceptual Modeling, Sushil Jajodia, Hideko S. Kunii, Arne Sølvberg
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 2001
子書誌情報:
loading…
所蔵情報:
loading…
36.
EB
Barbara Kordy, Sushil Jajodia Sjouke Mauw, Sushil Jajodia, Barbara Kordy
出版情報:
SpringerLink Books - AutoHoldings , Springer International Publishing, 2016
子書誌情報:
loading…
所蔵情報:
loading…
37.
EB
Michael; Jajodia, Sushil Gertz, Michael Gertz, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Recent Advances in Access Control / Sabrina De Capitani di Vimercati ; Sara Foresti ; Pierangela Samarati1:
Access Control Models for XML / Stefano Paraboschi2:
Access Control Policy Languages in XML / Naizhen Qi ; Michiharu Kudo3:
Database Issues in Trust Management and Trust Negotiation / Dongyi Li ; William Winsborough ; Marianne Winslett ; Ragib Hasan4:
Authenticated Index Structures for Outsourced Databases / Feifei Li ; Marios Hadjileftheriou ; George Kollios ; Leonid Reyzin5:
Towards Secure Data Outsourcing / Radu Sion6:
Managing and Querying Encrypted Data / Bijit Hore ; Sharad Mehrotra ; Hakan Hacigumus7:
Security in Data Warehouses and OLAP Systems / Lingyu Wang ; Sushil Jajodia8:
Security for Workflow Systems / Vijayalakshmi Atluri ; Janice Warner9:
Secure Semantic Web Services / Bhavani Thuraisingham10:
Geospatial Database Security / Soon Ae Chun11:
Security Re-engineering for Databases: Concepts and Techniques / Michael Gertz ; Madhavi Gandhi12:
Database Watermarking for Copyright Protection / 13:
Database Watermarking: A Systematic View / Yingjiu Li14:
Trustworthy Records Retention / Soumyadeb Mitra ; Windsor Hsu15:
Damage Quarantine and Recovery in Data Processing Systems / Peng Liu ; Meng Yu16:
Hippocratic Databases: Current Capabilities and Future Trends / Tyrone Grandison ; Christopher Johnson ; Jerry Kiernan17:
Privacy-Preserving Data Mining: A Survey / Charu C. Aggarwal ; Philip S. Yu18:
Privacy in Database Publishing: A Bayesian Perspective / Alin Deutsch19:
Privacy Preserving Publication: Anonymization Frameworks and Principles / Yufei Tao20:
Privacy Protection through Anonymity in Location-based Services / Claudio Bettini ; Sergio Mascetti ; X. Sean Wang21:
Privacy-enhanced Location-based Access Control / Claudio A. Ardagna ; Marco Cremonini22:
Efficiently Enforcing the Security and Privacy Policies in a Mobile Environment / Heechang Shin23:
Index
Recent Advances in Access Control / Sabrina De Capitani di Vimercati ; Sara Foresti ; Pierangela Samarati1:
Access Control Models for XML / Stefano Paraboschi2:
Access Control Policy Languages in XML / Naizhen Qi ; Michiharu Kudo3:
38.
EB
Kudakwashe Dube, Sushil Jajodia, Fredrick Mtenzi, Charles A. Shoniregun
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2010
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Preface
Introduction
Healthcare Information Security Standards, Legislation and Technologies
Security, Privacy and Confidentiality for Healthcare Information
Security, Privacy and Confidentiality in Healthcare Systems
Security Framework and Model for Healthcare Information Management
Evaluation of Security Models and Frameworks for in Healthcare Information
Discussion and Conclusion
References
Index
Preface
Introduction
Healthcare Information Security Standards, Legislation and Technologies
39.
EB
Sushil Jajodia, Takeo Kanade, Javier Lopez, Javier López
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 2008
子書誌情報:
loading…
所蔵情報:
loading…
40.
EB
Jason; Jajodia, Sushil; Mayes, Keith Crampton, Sushil Jajodia, Keith Mayes
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 2013
子書誌情報:
loading…
所蔵情報:
loading…
41.
EB
Sushil Jajodia, David Dagon, Wenke Lee, Cliff Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Botnet Detection Based on Network Behavior / W. Timothy Strayer ; David Lapsely ; Robert Walsh ; Carl Livadas
Honeynet-based Botnet Scan Traffic Analysis / Zhichun Li ; Anup Goyal ; Yan Chen
Characterizing Bots' Remote Control Behavior / Elizabeth Stinson ; John C. Mitchell
Automatically Identifying Trigger-based Behavior in Malware / David Brumley ; Cody Hartwig ; Zhenkai Liang ; James Newsome ; Dawn Song ; Heng Yin
Towards Sound Detection of Virtual Machines / Jason Franklin ; Mark Luk ; Jonathan M. McCune ; Arvind Seshadri ; Adrian Perrig ; Leendert van Doorn
Botnets and Proactive System Defense / John Bambenek ; Agnes Klus
Detecting Botnet Membership with DNSBL Counterintelligence / Anirudh Ramachandran ; Nick Feamster ; David Dagon
A Taxonomy of Botnet Structures / Guofei Gu ; Christopher P. Lee
Botnet Detection Based on Network Behavior / W. Timothy Strayer ; David Lapsely ; Robert Walsh ; Carl Livadas
Honeynet-based Botnet Scan Traffic Analysis / Zhichun Li ; Anup Goyal ; Yan Chen
Characterizing Bots' Remote Control Behavior / Elizabeth Stinson ; John C. Mitchell
42.
EB
Henk C. A. van Tilborg, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2011
子書誌情報:
loading…
所蔵情報:
loading…
43.
EB
Charles A. Shoniregun, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Dedication
List of contributors and organisations
Preface
Acknowledgements
Research overview and conceptual understanding of internet protocol security (IPSec) / Chapter 1:
Introduction / 1:
Research rationale / 2:
Research hypothesis / 3:
Methods and methodology / 5:
Internet architecture board (IAB)? / 6:
IPSec roadmap / 7:
Analogy of IPSec / 8:
IPSec relationship with other protocols / 9:
Business perception / 10:
Summary of chapter one / 11:
References
Internet communication protocols / Chapter 2:
TCP/IP protocol
Security problems of TCP/IP layers
Benefits and limitations of implementing security at the application, transport, network, and data link layers / 4:
IPSec standards
Why AH
Why ESP
Security association (SA) and key management
IKE: hybrid protocol
Policy
Summary of chapter two
Internet protocol versions 4 (IPv4) and 6 (IPv6) / Chapter 3:
IPv4 standard
IPv4 limitations and possible solution
IPv6 standard
Difference between IPv4 and v6
Transition
Summary of chapter three
Implementations and limitations of the IPSec / Chapter 4:
Classification and taxonomy of the IPSec
Combining the IPSec protocols to create a Virtual Private Network (VPN)
IPSec in Windows
Linux
Solaris
FreeBSD
Cisco IOS IPSec configuration overview
Routers
Limitations of the IPSec
Summary Of Chapter four
Synchronising Internet Protocol Security (SIPsec) model / Chapter 5:
Analysis of questionnaire survey
Case studies
Laboratory experiments
Current IPSec solutions
Public key algorithms
Analysis of findings
Conceptual understanding of SIPSec model
Policy reconciliation
Palmistry
Fingerprint
Face / 12:
Iris / 13:
Result summary of hypothesess / 14:
Summary of chapter five / 15:
Discussion / Chapter 6:
Issues in IPSec
IPSec is an application specific
Current use of biometrics technology
Combining biometrics with IPSec
Underpining assumption of SIPSec
Summary of chapter six
Conclusion / Chapter 7:
Dependence on information technology
Global issues on internet security
Root causes of attacks
Recommendation
Contribution to knowledge
Future work
Index
Dedication
List of contributors and organisations
Preface
44.
EB
Opher Etzion, Opher Etzion, Sushil Jajodia, Suryanarayana Sripada
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 1998
子書誌情報:
loading…
所蔵情報:
loading…
45.
EB
Liu, Sushil Jajodia, Cliff Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer International Publishing, 2017
子書誌情報:
loading…
所蔵情報:
loading…
46.
EB
Sushil Jajodia (ed), Sushil Jajodia, Krishna Kant, Pierangela Samarati, Anoop Singhal, Vipin Swarup, Cliff Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer New York, 2014
子書誌情報:
loading…
所蔵情報:
loading…
47.
EB
Ting; Jajodia, Sushil Yu, Sushil Jajodia, Ting Yu
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Preface
Foundation / Part I:
Basic Security Concepts / Sushil Jajodia ; Ting Yu
Access Control Policies and Languages in Open Environments / S. De Capitani di Vimercati ; S. Foresti ; S. Jajodia ; P. Samarati
Trusted Recovery / Meng Yu ; Peng Liu ; Wanyu Zang
Access Control for Semi-Structured Data / Part II:
Access Control Policy Models for XML / Michiharu Kudo ; Naizhen Qi
Optimizing Tree Pattern Queries over Secure XML Databases / Hui Wang ; Divesh Srivastava ; Laks V.S. Lakshmanan ; SungRan Cho ; Sihem Amer-Yahia
Distributed Trust Management / Part III:
Rule-based Policy Specification / Grigoris Antoniou ; Matteo Baldoni ; Piero A. Bonatti ; Wolfgang Nejdl ; Daniel Olmedilla
Automated Trust Negotiation in Open Systems / Adam J. Lee ; Kent E. Seamons ; Marianne Winslett
Building Trust and Security in Peer-to-Peer Systems / Terry Bearly ; Vijay Kumar
Privacy in Cross-Domain Information Sharing / Part IV:
Microdata Protection / V. Ciriani
k-Anonymity / S. Foresti, P. Samarati
Preserving Privacy in On-line Analytical Processing Data Cubes / Lingyu Wang ; Duminda Wijesekera
Security in Emerging Data Services / Part V:
Search on Encrypted Data / Hakan Hacigumus ; Bijit Hore ; Bala Iyer ; Sharad Mehrotra
Rights Assessment for Relational Data Radu Sion
Index
Preface
Foundation / Part I:
Basic Security Concepts / Sushil Jajodia ; Ting Yu
48.
EB
Ozgur Akan, Paolo Bellavista, Sushil Jajodia, Jianying Zhou, Jiannong Cao
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 2010
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Malware and Email Security
SAS: Semantics Aware Signature Generation for Polymorphic Worm Detection / Deguang Kong ; Yoon-Chan Jhi ; Tao Gong ; Sencun Zhu ; Peng Liu ; Hongsheng Xi
Analyzing and Exploiting Network Behaviors of Malware / Jose Andre Morales ; Areej Al-Bataineh ; Shouhuai Xu ; Ravi Sandhu
Inexpensive Email Addresses An Email Spam-Combating System / Aram Yegenian ; Tassos Dimitriou
Anonymity and Privacy
Privacy Administration in Distributed Service Infrastructure / Nabil Ajam ; Nora Cuppens-Boulahia ; Frederic Cuppens
On the Formation of Historically k-Anonymous Anonymity Sets in a Continuous LBS / Rinku Dewri ; Indrakshi Ray ; Indrajit Ray ; Darrell Whitley
Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings / Ming Li ; Shucheng Yu ; Kui Ren ; Wenjing Lou
Wireless Security
A Study on False Channel Condition Reporting Attacks in Wireless Networks / Dongho Kim ; Yih-Chun Hu
Characterizing the Security Implications of Third-Party Emergency Alert Systems over Cellular Text Messaging Services / Patrick Traynor
Saving Energy on WiFi with Required IPsec / Youngsang Shin ; Steven Myers ; Minaxi Gupta
Systems Security - I
Transparent Protection of Commodity OS Kernels Using Hardware Virtualization / Michael Grace ; Zhi Wang ; Deepa Srinivasan ; Jinku Li ; Xuxian Jiang ; Zhenkai Liang ; Siarhei Liakh
A Generic Construction of Dynamic Single Sign-on with Strong Security / Jinguang Han ; Yi Mu ; Willy Susilo ; Jun Yan
DeCore: Detecting Content Repurposing Attacks on Client' Systems / Smitha Sundareswaran ; Anna C. Squicciarini
Network Security - I
Realizing a Source Authentic Internet / Toby Ehrenkranz ; Jun Li ; Patrick McDaniel
Partial Deafness: A Novel Denial-of-Service Attack in 802.11 Networks / Jihyuk Choi ; Jerry T. Chiang
Attacking Beacon-Enabled 802.15.4 Networks / Sang Shin Jung ; Marco Valero ; Anu Bourgeois ; Raheem Beyah
Supporting Publication and Subscription Confidentiality in Pub/Sub Networks / Mihaela Ion ; Giovanni Russello ; Bruno Crispo
Security Protocols - I
Impossibility of Finding Any Third Family of Server Protocols Integrating Byzantine Quorum Systems with Threshold Signature Schemes / Luciana Marconi ; Mauro Conti ; Roberto Di Pietro ; Jingqiang Lin ; Jiwu Jing ; Qiongxiao Wang
Context-Aware Usage Control for Android / Guangdong Bai ; Liang Gu ; Tao Feng ; Yao Guo ; Xiangqun Chen
System Security - II
Efficient Isolation of Trusted Subsystems in Embedded Systems / Raoul Strackx ; Frank Piessens ; Bart Preneel
Enhancing Host Security Using External Environment Sensors / Ee-Chien Chang ; Liming Lu ; Yongzheng Wu ; Roland H.C. Yap ; Jie Yu
FADE: Secure Overlay Cloud Storage with File Assured Deletion / Yang Tang ; Patrick P.C. Lee ; John C.S. Lui ; Radia Perlman
Security Protocols - II
A New Information Leakage Measure for Anonymity Protocols / Sami Zhioua
Hidden Markov Models for Automated Protocol Learning / Sean Whalen ; Matt Bishop ; James P. Crutchfield
Epistemic Model Checking for Knowledge-Based Program Implementation: An Application to Anonymous Broadcast / Omar I. Al-Bataineh ; Ronr van der Meyden
Network Security - II
Surveying DNS Wildcard Usage among the Good, the Bad, and the Ugly / Andrew Kalafut ; Pairoj Rattadilok ; Pragneshkumar Patel
The Hitchhiker's Guide to DNS Cache Poisoning / Sooel Son ; Vitaly Shmatikou
A Formal Definition of Online Abuse-Freeness / Ralf Küsters ; Henning Schnoor ; Tomasz Truderung
Author Index
Malware and Email Security
SAS: Semantics Aware Signature Generation for Polymorphic Worm Detection / Deguang Kong ; Yoon-Chan Jhi ; Tao Gong ; Sencun Zhu ; Peng Liu ; Hongsheng Xi
Analyzing and Exploiting Network Behaviors of Malware / Jose Andre Morales ; Areej Al-Bataineh ; Shouhuai Xu ; Ravi Sandhu
49.
EB
Donggang Liu, Sushil Jajodia, Peng Ning
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Introduction / 1:
Wireless Sensor Network / 1.1:
Design Challenges / 1.2:
Security Issues in Sensor Networks / 1.3:
Broadcast Authentication / 1.3.1:
Pairwise Key Establishment / 1.3.2:
Security in Localization / 1.3.3:
Orgnization of the Book / 1.4:
[mu]TESLA Broadcast Authentication / 2:
Multi-Level [mu]TESLA / 2.2:
Scheme I: Predetermined Key Chain Commitment / 2.2.1:
Scheme II: Naive Two-Level [mu]TESLA / 2.2.2:
Scheme III: Fault Tolerant Two-Level [mu]TESLA / 2.2.3:
Scheme IV: DOS-Tolerant Two-Level [mu]TESLA / 2.2.4:
Scheme V: DOS-Resistant Two-Level [mu]TESLA / 2.2.5:
Scheme VI: Multi-Level [mu]TESLA / 2.2.6:
Experimental Results / 2.2.7:
Tree-Based [mu]TESLA / 2.3:
The Basic Approach / 2.3.1:
A Scheme for Long-Lived Senders / 2.3.2:
Distributing Parameter Certificates / 2.3.3:
Revoking [mu]TESLA Instances / 2.3.4:
Implementation and Evaluation / 2.3.5:
Summary / 2.4:
Key Pre-Distribution Techniques in Sensor Networks / 3:
Polynomial-Based Key Pre-Distribution / 3.1.1:
Probabilistic Key Pre-Distribution / 3.1.2:
Polynomial Pool-Based Key Pre-Distribution / 3.2:
Phase 1: Setup / 3.2.1:
Phase 2: Direct Key Establishment / 3.2.2:
Phase 3: Path Key Establishment / 3.2.3:
Key Pre-Distribution Using Random Subset Assignment / 3.3:
The Random Subset Assignment Scheme / 3.3.1:
Performance / 3.3.2:
Overheads / 3.3.3:
Security Analysis / 3.3.4:
Comparison with Previous Schemes / 3.3.5:
Hypercube-based Key Pre-Distribution / 3.4:
The Hypercube-Based Scheme / 3.4.1:
Dynamic Key Path Discovery / 3.4.2:
Overhead / 3.4.3:
Optimization of Polynomial Evaluation / 3.4.5:
Evaluation / 3.5.2:
Improving Pairwise Key Establishment Using Deployment Knowledge / 3.6:
Improving Key Pre-Distribution with Prior Deployment Knowledge / 4.1:
A Location-Aware Deployment Model / 4.1.1:
Closest Pairwise Keys Scheme / 4.1.2:
Closest Polynomials Pre-Distribution Scheme / 4.1.3:
Improving Key Pre-Distribution with Post Deployment Knowledge / 4.2:
Key Prioritization Using Post Deployment Knowledge / 4.2.1:
Improving Random Subset Assignment Scheme with Deployment Locations / 4.2.2:
Improving Key Pre-Distribution with Group Deployment Knowledge / 4.3:
Group-Based Deployment Model / 4.3.1:
A General Framework / 4.3.2:
Performance Analysis / 4.3.3:
Secure Localization / 4.3.4:
Localization in Sensor Networks / 5.1:
Pitfalls of Current Localization Schemes under Attacks / 5.2:
Attack-Resistant Location Estimation / 5.3:
Assumptions / 5.3.1:
Attack-Resistant Minimum Mean Square Estimation (MMSE) / 5.3.2:
Voting-Based Location Estimation / 5.3.3:
Simulation Evaluation / 5.3.4:
Implementation and Field Experiments / 5.3.6:
A Detector for Malicious Beacon Nodes / 5.4:
Detecting Malicious Beacon Signals / 5.4.1:
Filtering Replayed Beacon Signals / 5.4.2:
Revoking Malicious Beacon Nodes / 5.4.3:
Summary and Future Work / 5.4.4:
Future Work / 6.1:
References
Index
Introduction / 1:
Wireless Sensor Network / 1.1:
Design Challenges / 1.2:
50.
EB
International Conference on Information Systems Security, Sushil Jajodia, Takeo Kanade, Chandan Mazumdar, Josef Kittler
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin / Heidelberg, 2005
子書誌情報:
loading…
所蔵情報:
loading…
51.
EB
Lingyu Wang, Sushil Jajodia, Duminda Wijesekera
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Introduction / 1:
Background / 1.1:
Problem Statement / 1.2:
Overview / 1.3:
Overview of Basic Concepts / 1.3.1:
Adapting Previous Approaches to Data Cubes / 1.3.2:
A Lattice-based Solution / 1.3.3:
OLAP and Data Cubes / 2:
OLAP / 2.1:
Data Cube / 2.2:
Inference Control in Statistical Databases / 3:
Query Set Size Control and Trackers / 3.1:
The Star Query Model / 3.2:
Key-Specified Queries / 3.3:
Linear System Attack and Audit Expert / 3.4:
Intractbility of Inference Control / 3.5:
Inferences in Data Cubes / 4:
Preliminaries / 4.1:
Arbitrary Range Queries / 4.3:
Restricted Range Queries / 4.4:
Even Range Query Attack / 4.4.1:
Indirect Even Range Query Attack / 4.4.2:
Skeleton Query Attack / 4.4.3:
Conclusion / 4.5:
Cardinality-based Inference Control / 5:
Compromisability / 5.1:
Formalization Rationale / 5.2.3:
Cardinality-based Sufficient Conditions / 5.3:
Trivial Compromisability / 5.3.1:
Non-trivial Compromisability / 5.3.2:
A Three-Tier Inference Control Model / 5.4:
Cardinality-based Inference Control for Data Cubes / 5.5:
Inference Control Algorithm / 5.5.1:
Correctness and Time Complexity / 5.5.2:
Implementation Issues / 5.5.3:
Integrating Inference Control into OLAP / 5.5.3.1:
Re-ordering Tuples in Unordered Dimensions / 5.5.3.2:
Update Operations / 5.5.3.3:
Aggregation Operators Other Than Sum / 5.5.3.4:
Conclusions / 5.6:
Parity-based Inference Control for Range Queries / 6:
Motivating Examples / 6.1:
Definitions / 6.2.2:
Applying Existing Methods to MDR Queries / 6.3:
Query Set Size Control, Overlap Size Control and Audit Expert / 6.3.1:
Finding Maximal Safe Subsets of Unsafe MDR Queries / 6.3.2:
Parity-Based Inference Control / 6.4:
Even MDR Queries / 6.4.1:
Characterizing the QDT Graph / 6.4.2:
Beyond Even MDR Queries / 6.4.3:
Unsafe Even MDR Queries / 6.4.4:
Discussion / 6.5:
Lattice-based Inference Control in Data Cubes / 6.6:
The Basic Model / 7.1:
Specifying Authorization Objects in Data Cubes / 7.3:
Controlling Inferences in Data Cubes / 7.4:
Preventing Multi-Dimensional Inferences / 7.4.1:
Assumptions / 7.4.2.1:
A Special Case / 7.4.2.2:
The General Case / 7.4.2.3:
Eliminating One-Dimensional Inferences / 7.4.3:
Implementation Options and Complexity / 7.5:
Summary / 7.6:
Query-driven Inference Control in Data Cubes / 8:
Authorization Objects and Queries in Data Cubes / 8.1:
The Static Approach and Its Impact on Availability / 8.3:
Query-Driven Prevention of Multi-Dimensional Inferences / 8.4:
Authorizing Queries / 8.4.1:
Complexity Analysis / 8.4.4:
Conclusion and Future Direction / 8.5:
References
Index
Introduction / 1:
Background / 1.1:
Problem Statement / 1.2:
52.
EB
Claudio Bettini, Sushil Jajodia, Takeo Kanade, Pierangela Samarati, X. Sean Wang, Sean X. Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 2009
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Anonymity and Historical-Anonymity in Location-Based Services / Claudio Bettini ; Sergio Mascetti ; X. Sean Wang ; Dario Freni ; Sushil Jajodia
Location Privacy Techniques in Client-Server Architectures / Christian S. Jensen ; Hua Lu ; Man Lung Yiu
Private Information Retrieval Techniques for Enabling Location Privacy in Location-Based Services / Ali Khoshgozaran ; Cyrus Shahabi
Privacy Preservation over Untrusted Mobile Networks / Claudio A. Ardagna ; Pierangela Samarati ; Angelos Stavrou
Access Control in Location-Based Services / Marco Cremonini ; Sabrina De Capitani di Vimercati
Location Privacy in RFID Applications / Ahmad-Reza Sadeghi ; Ivan Visconti ; Christian Wachsmann
Privacy in Georeferenced Context-Aware Services: A Survey / Daniele Riboni ; Linda Pareschi
Safety and Privacy in Vehicular Communications / Josep Domingo-Ferrer ; Qianhong Wu
Privacy Preserving Publication of Moving Object Data / Francesco Bonchi
Author Index
Anonymity and Historical-Anonymity in Location-Based Services / Claudio Bettini ; Sergio Mascetti ; X. Sean Wang ; Dario Freni ; Sushil Jajodia
Location Privacy Techniques in Client-Server Architectures / Christian S. Jensen ; Hua Lu ; Man Lung Yiu
Private Information Retrieval Techniques for Enabling Location Privacy in Location-Based Services / Ali Khoshgozaran ; Cyrus Shahabi
53.
EB
Sushil Jajodia, Stelvio Cimato, Klaus-Peter Hellriegel, Pierangela Samarati, Franz Schmalzl
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
54.
EB
Sushil Jajodia, Hirosh Joseph, Abhishek Singh, Baibhav Singh, H. Joseph, B. Singh
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Wireless Security / 1.0:
Introduction / 1.1:
Wired Equivalent Privacy protocol / 1.2:
Analysis of WEP flaws / 1.2.1:
Key Stream Reuse / 1.2.2:
Message Modification / 1.2.3:
Message Injection / 1.2.4:
Authentication Spoofing / 1.2.5:
IP Redirection / 1.2.6:
Wireless Frame Generation / 1.2.7:
AirJack / 1.2.7.1:
Wavesec / 1.2.7.2:
Libwlan / 1.2.7.3:
FakeAP / 1.2.7.4:
Wnet / 1.2.7.5:
Scapy / 1.2.7.7:
Encryption Cracking Tools / 1.2.8:
Wepcrack / 1.2.8.1:
Dweputils / 1.2.8.2:
Wep tools / 1.2.8.3:
Wep Attack / 1.2.8.4:
Retrieving the WEP keys from Client Host / 1.2.9:
Traffic Inection Tools / 1.2.10:
802.1x Cracking Tools / 1.2.11:
Asleap-imp and Leap / 1.2.11.1:
Wireless DoS Attacks / 1.2.12:
Physical Layer Attack or Jamming / 1.2.12.1:
Signal Strength / 1.2.12.1.1:
Carrier Sensing Time / 1.2.12.1.2:
Packet Delivery Ratio / 1.2.12.1.3:
Signal Strength Consistency check / 1.2.12.1.4:
Spoofed Dessociation and Deauthentication Frames / 1.2.12.2:
Spoofed Malformed Authentication Frames / 1.2.12.3:
Flooding the Access Point Association and Authentication Buffer / 1.2.12.4:
Frame Deletion Attack / 1.2.12.5:
DoS attack dependent upon specific Wireless Setting / 1.2.12.6:
Attack against the 802.11i implementations / 1.2.13:
Authentication Mechanism Attacks / 1.2.13.1:
Prevention and Modifications / 1.3:
TKIP: temporal Key Integrity Protocol / 1.3.1:
TKIP Implementation / 1.3.1.1:
Message Integrity / 1.3.1.1.1:
Initialization Vector / 1.3.1.1.2:
Prevention against the FMS Attack / 1.3.1.1.3:
Per Packet key Mixing / 1.3.1.1.4:
Implementation Details of TKIP / 1.3.1.1.5:
Details of Per Packet Key mixing / 1.3.1.1.6:
Attack on TKIP / 1.3.1.2:
AES - CCMP / 1.3.2:
CCMP Header / 1.3.2.1:
Implementation / 1.3.2.2:
Encryption Process in MPDU / 1.3.2.2.1:
Decrypting MPDU / 1.3.2.2.2:
Prevention Method using Detection Devices / 1.4:
Conclusion / 1.5:
Vulnerability Analysis for Mail Protocols / 2.0:
Format String Specifiers / 2.1:
Format String Vulnerability / 2.2.1:
Format String Denial of Service Attack / 2.2.1.1:
Format String Vulnerability Reading Attack / 2.2.1.2:
Format String Vulnerability Writing Attack / 2.2.1.3:
Preventive Measures for Format String vulnerability / 2.2.1.4:
Buffer Overflow Attack / 2.3:
Buffer Overflow Prevention / 2.3.1:
Directory Traversal Attacks / 2.4:
Remote Detection / 2.4.1:
False Positive in Remote Detection for Mail Traffic / 2.5:
False Positive in case of SMTP Traffic / 2.5.1:
False Positive in case of IMAP Traffic / 2.5.2:
Vulnerability Analysis for FTP and TFTP / 2.6:
Buffer Overflow in FTP / 3.1:
Directory Traversal Attack in FTP / 3.1.2:
TFTP Vulnerability Analysis / 3.2:
Vulnerability Analysis / 3.2.1:
Vulnerability Analysis for HTTP / 3.3:
XSS Attack / 4.1:
Prevention against Cross Site Scripting Attacks / 4.2.1:
Vulnerability Protection / 4.2.1.1:
SQL Injection Attacks / 4.3:
SQL Injection Case Study / 4.3.1:
Preventive Measures / 4.3.2:
SQL injection in Oracle Data base / 4.3.2.1:
Stored Procedures / 4.3.2.2.1:
Remote Detection for Oracle Database / 4.3.2.2.2:
Other Preventive Measures / 4.3.3:
Preventive Measures by developers / 4.3.3.1:
MS DoS Device Name Vulnerability / 4.4:
Prevention from DoS Device Name Vulnerability / 4.4.1:
False Positive in HTTP / 4.5:
Evasion of HTTP Signatures / 4.6:
Vulnerability Analysis for DNS and DHCP / 4.7:
Introduction of DNS Protocol / 5.1:
Vulnerabilities in a DNS Protocol / 5.1.1:
DNS Cache Poisoning / 5.1.1.1:
Redirection Attack / 5.1.1.2:
Buffer Overflow Vulnerability / 5.1.1.3:
DNS Man in the Middle Attack or DNS Hijacking / 5.1.1.4:
DNS Amplification Attack / 5.1.1.5:
False Positives in a DNS Protocol / 5.1.2:
Introduction of DHCP / 5.2:
Vulnerabilities in DHCP / 5.2.1:
Client Masquerading / 5.2.1.1:
Flooding / 5.2.1.2:
Client Misconfiguration / 5.2.1.3:
Theft of Service / 5.2.1.4:
Packet Altercation / 5.2.1.5:
Key Exposure / 5.2.1.6:
Key Distribution / 5.2.1.7:
Protocol Agreement Issues / 5.2.1.8:
False Positive in DHCP / 5.2.2:
Vulnerability Analysis for LDAP and SNMP / 5.3:
ASN and BER Encoding / 6.1:
BER implementation for LDAP / 6.3:
Threat Analysis for Directory Services / 6.3.1:
SNMP / 6.4:
Vulnerability Analysis for SNMP / 6.4.1:
Vulnerability Analysis for RPC / 6.5:
RPC Message Protocol / 7.1:
NDR Format / 7.3:
Port Mapper / 7.4:
False Positive for SMB RPC Protocol / 7.5:
Evasion in RPC / 7.6:
Multiple Binding UUID / 7.6.1:
Fragment Data across many Requests / 7.6.2:
Bind to one UUID then alter Context / 7.6.3:
Prepend an ObjectID / 7.6.4:
Bind with an authentication field / 7.6.5:
One packet UDP function call / 7.6.6:
Endianess Selection / 7.6.7:
Chaining SMB commands / 7.6.8:
Out of order chaining / 7.6.9:
Chaining with random data in between commands / 7.6.10:
Unicode and non-Unicode evasion / 7.6.11:
SMB CreateAndX Path Names / 7.6.12:
Malware / 7.7:
Malware Naming Convention / 8.1:
Worms / 8.2.1:
Trojans / 8.2.2:
Spyware & Adware / 8.2.3:
Malware Threat Analysis / 8.3:
Creating controlled Environment / 8.3.1:
Confinement with the Hard Virtual Machines / 8.3.1.1:
Confinement with the Soft Virtual Machines / 8.3.1.2:
Confinement with Jails and Chroot / 8.3.1.3:
Confinement with System call Sensors / 8.3.1.4:
Confinement with System call Spoofing / 8.3.1.5:
Behavioral Analysis / 8.3.2:
Code Analysis / 8.3.3:
Root Kits / 8.4:
User and Kernel Mode Communication / 8.4.1:
I/O Request Packets (IRP) / 8.4.2:
Interrupt Descriptor Table / 8.4.3:
Service Descriptor Table / 8.4.4:
Direct Kernel Object Manipulation / 8.4.5:
Detection of Rootkits / 8.4.6:
Spyware / 8.5:
Methods of Spyware installation and propagation / 8.5.1:
Drive- By- Downloads / 8.5.1.1:
Bundling / 8.5.1.2:
From Other Spyware / 8.5.1.3:
Security Holes / 8.5.1.4:
Iframe Exploit / 8.5.2:
IE .chm File processing Vulnerability / 8.5.2.2:
Internet Code Download Link / 8.5.2.3:
Anti Spyware Signature Development / 8.5.3:
Vulnerability Signature / 8.5.3.1:
CLSID Data base / 8.5.3.2:
Spyware Specific Signature / 8.5.3.3:
Information Stealing / 8.5.3.4:
Preventing Information from being sent as emails / 8.5.3.5:
Reverse Engineering / 8.6:
Anti Reversing Technique / 9.1:
Anti Disassembly / 9.2.1:
Linear Sweep Disassembler / 9.2.1.1:
Recursive Traversal Disassembler / 9.2.1.2:
Evasion Technique for Disasembler / 9.2.1.3:
Self-Modifying Code / 9.2.2:
Virtual Machine Obfuscation / 9.2.3:
Anti Debugging Technique / 9.3:
Break Points / 9.3.1:
Software break point / 9.3.1.1:
Hardware break point / 9.3.1.2:
Detection of Breakpoint / 9.3.1.3:
Virtual Machine Detection / 9.4:
Checking finger print / 9.4.1:
Checking system tables / 9.4.2:
Checking processor instruction set / 9.4.3:
Unpacking / 9.5:
Manual unpacking of malware / 9.5.1:
Finding an original entry point of an executable / 9.5.1.1:
Taking memory Dump / 9.5.1.2:
Import Table Reconstruction / 9.5.1.3:
Import redirection and code emulation / 9.5.1.4:
Index / 9.6:
Wireless Security / 1.0:
Introduction / 1.1:
Wired Equivalent Privacy protocol / 1.2:
55.
EB
FrÃ〓dÃ〓ric Cuppens, Sushil Jajodia, Anas Abou El Kalam, Thierry Sans Nora Cuppens-Boulahia, Anas Abou El Kalam, Frederic Cuppens, Sushil Jajodia, Thierry Sans
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin Heidelberg, 2014
子書誌情報:
loading…
所蔵情報:
loading…
56.
EB
Andreas Uhl, Andreas Pommer, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Dordrecht : Springer US, 2005
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Introduction
Visual Data Formats
Cryptography Primer
Application Scenarios
Image and Video Encryption
Conclusions
Appendices
References
Index
Introduction
Visual Data Formats
Cryptography Primer
57.
EB
Akram, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Springer International Publishing, 2015
子書誌情報:
loading…
所蔵情報:
loading…
58.
EB
Workshop on Insider Attack and Cyber Security, Sushil Jajodia, Salvatore J. Stolfo, Salvatore Joseph Stolfo, Steven M. Bellovin, Shlomo Hershkop, Angelos D. Keromytis, Sara Sinclair, Sean W. Smith
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2008
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
The Insider Attack Problem Nature and Scope
Introduction / 1:
Types of Attack / 2:
Misuse of Access / 2.1:
Defense Bypass / 2.2:
Access Control Failure / 2.3:
Defend or Detect / 3:
The Role of Process / 4:
Conclusion / 5:
Reflections on the Insider Threat
Who Is an Insider?
Motive
Effect
Defining the Insider Threat
Context / 2.4:
Insider Threat Issues
Data / 3.1:
Psychology / 3.2:
Monitoring and Privacy / 3.3:
Detecting Insider Attacks / 3.4:
Technology / 3.5:
Conclusions
Acknowledgments
The "Big Picture" of Insider IT Sabotage Across U.S. Critical Infrastructures
General Observations About Insider IT Sabotage
Model of the Insider IT Sabotage Problem
Insider Expectation Escalation
Escalation of Disgruntlement
Attack Setup and Concealment
The Trust Trap
Possible Leverage Points for Addressing the Problem
Early Mitigation Through Expectation Setting / 4.1:
Handling Disgruntlement Through Positive Intervention / 4.2:
Targeted Monitoring / 4.3:
Eliminating Unknown Access Paths / 4.4:
Measures Upon Demotion or Termination / 4.5:
A Workshop on Insider IT Sabotage
The Instructional Case / 5.1:
Value of Modeling for Insight / 6:
Related CERT Research / 6.2:
System Dynamics Background / Appendix A:
The Insider IT Sabotage Training Case / Appendix B:
Background / 1.1:
The Final Weeks / 1.2:
Insider Sabotage Mitigating Measures / Appendix C:
Data Theft: A Prototypical Insider Threat
Data Theft
Data Leakage
Risk / 1.3:
Recommendations / 1.4:
Status Quo
History
Risks & Controls
Technical Controls
Administrative Controls
Areas for Further Research
A Survey of Insider Attack Detection Research
Insider Attacks
Host-based User Profiling
Network-Based Sensors
Integrated Approaches
Summary
Future Research Directions
Naive Bayes as a Masquerade Detector: Addressing a Chronic Failure
Related Work
Background on Naive Bayes
Objective and Approach
Experiment With Synthetic Data
Variable Selection
Synthetic Data / 5.2:
Experiment Control / 5.3:
Procedure / 5.4:
Results and Analysis / 5.5:
Naive Bayes Mathematical Formulation
Calculating the Anomaly Score
Manipulating the Anomaly Score
Effect of NBSCs / 6.3:
Exploiting NBSCs to Cloak Attacks / 7:
Naive Bayes Fortification / 8:
The Fortified Detector / 8.1:
Evaluation Methodology / 8.2:
Evaluation Results and Analysis / 8.3:
Discussion / 9:
Towards a Virtualization-enabled Framework for Information Traceability (VFIT) / 10:
Threat Model and Requirements
Models of Policy Enforcement
Hardware Virtualization
System Architecture
Platform Architecture
Network Architecture
Implementation
Virtualization-enabled Information Tracing
Analysis
Performance Discussion
Threat Mitigation
Reconfigurable Tamper-resistant Hardware Support Against Insider Threats: The Trusted ILLIAC Approach
Software-based Transparent Runtime Randomization
Tamper-resistant Key-store Support for Threshold Cryptography
Crypto-engine Architecture
Security Analysis
Information Flow Signature Checking for Data Integrity
Threat Model
Approach
System Architecture Including the Trusted Computing Engine
Protecting Against Insider Attack With User-level Privileges: Runtime Guarantees
Protecting Against Insider Attack with Administrative Privileges: Initialization and Runtime Guarantees
Conclusions and Future Directions
Surviving Insider Attacks: A Call for System Experiments
Principles for Survivability
Avoidance of a Single Point of Failure
Independence of Failure Modes and Attack Vulnerabilities
Fast Recovery from Failure and Attack
Attack Deterrence
Least Privilege Authorization / 2.5:
Cost Factors
Conclusion: A Call for Research and Development Experiments
Preventative Directions For Insider Threat Mitigation Via Access Control
Definitions and Threat Model
The Insider
Types of Insiders
Damage of Insider Attacks
Background and Primitives
Authentication and Authorization
Access Control Principles
MAC, DAC, and Intermediate Schemes
Users and Groups
Roles and Role Engineering
Public Key Cryptography / 3.6:
Requirements
Functionality
Usability and Cost
Scale and Complexity
Domain Considerations
Tools
Passwords: Knowledge-Based Authentication
Biometrics: Physiology-Based Authentication
Tokens: Possession-Based Authentication
PKI: Authentication via Digital Certificates
Distributed Authentication and Identity Management
Distributed Authorization / 5.6:
Ongoing Challenges
A Snapshot of a Motion Picture
Privilege Issuance and Review
Auditing and Visualization
Role Drift and Escalation / 6.4:
Expressiveness and Need to Know / 6.5:
Incentives / 6.6:
Taking Stock and Looking Forward - An Outsider's Perspective on the Insider Threat
What Is An "Insider Threat"?
How Does The Research Community Get Better Data?
Changing the Incentives that Organizations Face
Integrating Technical Solutions with Social Science Perspectives
Creating a Response and Recovery System for Insider Threats
Research Challenges for Fighting Insider Threat in the Financial Services Industry
Employee Screening And Selection
Access Controls
Monitoring And Detection
Hard Problems and Research Challenges Concluding Remarks
Index
The Insider Attack Problem Nature and Scope
Introduction / 1:
Types of Attack / 2:
59.
EB
Stefano Spaccapietra, Elisa Bertino, Sushil Jajodia, Takeo Kanade, Roger King, Dennis McLeod, Maria E. Orlowska, S. Spaccapietra, Leon Strous, Roger B. King
出版情報:
SpringerLink Books - AutoHoldings , Springer Berlin / Heidelberg, 2005
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
International Conference on Ontologies, DataBases, and Applications of Semantics for Large Scale Information Systems (ODBase 2003)
Incrementally Maintaining Materializations of Ontologies Stored in Logic Databases / Raphael Volz ; Steffen Staab ; Boris Motik
Ontology Translation on the Semantic Web / Dejing Dou ; Drew McDermott ; Peishen Qi
Compound Term Composition Algebra: The Semantics / Yannis Tzitzikas ; Anastasia Analyti ; Nicolas Spyratos
Dynamic Pattern Mining: An Incremental Data Clustering Approach / Seokkyung Chung ; Dennis McLeod
International Conference on Cooperative Information Systems (CoopIS 2003)
A Knowledge Network Approach for Implementing Active Virtual Marketplaces / Minsoo Lee ; Stanley Y.W. Su ; Herman Lam
Stream Integration Techniques for Grid Monitoring / Andy Cooke ; Alasdair J.G. Gray ; Werner Nutt
6th IFIP TC 11 WG 11.5 Working Conference on Integrity and Internal Control in Information Systems (IICIS 2003)
Information Release Control: A Learning-Based Architecture / Claudio Bettini ; X. Sean Wang ; Sushil Jajodia
Enforcing Semantics-Aware Security in Multimedia Surveillance / Naren Kodali ; Csilla Farkas ; Duminda Wijesekera
Author Index
International Conference on Ontologies, DataBases, and Applications of Semantics for Large Scale Information Systems (ODBase 2003)
Incrementally Maintaining Materializations of Ontologies Stored in Logic Databases / Raphael Volz ; Steffen Staab ; Boris Motik
Ontology Translation on the Semantic Web / Dejing Dou ; Drew McDermott ; Peishen Qi
60.
EB
Mihai; Jha, Somesh; Maughan, Douglas Christodorescu, Mihai Christodorescu, Sushil Jajodia, Somesh Jha, Douglas Maughan, Dawn Song, Cliff Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Overview / Part I:
Malware Evolution: A Snapshot of Threats and Countermeasures in 2005 / Brian Witten ; Carey Nachenberg1:
Software Analysis and Assurance / Part II:
Static Disassembly and Code Analysis / Giovanni Vigna2:
A Next-Generation Platform for Analyzing Executables / Thomas Reps ; Gogul Balakrishnan ; Junghee Lim ; Tim Teitelbaum3:
Behavioral and Structural Properties of Malicious Code / Christopher Kruegel4:
Detection and Prevention of SQL Injection Attacks / William G.J. Halfond ; Alessandro Orso5:
Distributed Threat Detection and Defense / Part III:
Very Fast Containment of Scanning Worms, Revisited / Nicholas Weaver ; Stuart Staniford ; Vern Paxson6:
Sting: An End-to-End Self-Healing System for Defending against Internet Worms / David Brumley ; James Newsome ; Dawn Song7:
An Inside Look at Botnets / Paul Barford ; Vinod Yegneswaran8:
Can Cooperative Intrusion Detectors Challenge the Base-Rate Fallacy? / Mihai Christodorescu ; Shai Rubin9:
Stealthy and Targeted Threat Detection and Defense / Part IV:
Composite Hybrid Techniques For Defending Against Targeted Attacks / Stelios Sidiroglou ; Angelos D. Keromytis10:
Towards Stealthy Malware Detection / Salvatore J. Stolfo ; Ke Wang ; Wei-Jen Li11:
Novel Techniques for Constructing Trustworthy Services / Part V:
Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems / Arvind Seshadri ; Mark Luk ; Adrian Perrig ; Leendert van Doorn ; Pradeep Khosla12:
Principles of Secure Information Flow Analysis / Geoffrey Smith13:
Index
Overview / Part I:
Malware Evolution: A Snapshot of Threats and Countermeasures in 2005 / Brian Witten ; Carey Nachenberg1:
Software Analysis and Assurance / Part II:
61.
EB
Sushil Jajodia, Anup K. Ghosh, Vipin Swarup, Cliff Wang, X. Sean Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer New York, 2011
子書誌情報:
loading…
所蔵情報:
loading…
62.
EB
Sushil Jajodia, Anup K. Ghosh, V. S. Subrahmanian, Vipin Swarup, Cliff Wang, X. Sean Wang
出版情報:
SpringerLink Books - AutoHoldings , Springer New York, 2013
子書誌情報:
loading…
所蔵情報:
loading…
63.
EB
Lingyu Wang, Massimiliano Albanese, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Springer International Publishing, 2014
子書誌情報:
loading…
所蔵情報:
loading…
64.
EB
Lingyu Wang, Sushil Jajodia, Anoop Singhal
出版情報:
SpringerLink Books - AutoHoldings , Springer International Publishing, 2017
子書誌情報:
loading…
所蔵情報:
loading…
65.
EB
Douglas W. Frye, Sushil Jajodia
出版情報:
SpringerLink Books - AutoHoldings , Springer US, 2007
子書誌情報:
loading…
所蔵情報:
loading…
目次情報:
続きを見る
Table of Contents
List of Figures
Preface
Acknowledgments and Dedication
Information Technology and its Role In the Modern Organization / Chapter 1:
The Extent of an Organization's Connectivity / Chapter 2:
Network Physical Components / Chapter 3:
Legitimate Network Access / Chapter 4:
Illegitimate Network Access / Chapter 5:
Encryption / Chapter 6:
Balanced Scorecard / Chapter 7:
Sarbanes-Oxley / Chapter 8:
Physical Security / Chapter 9:
Disaster Recovery / Chapter 10:
Initial Employee Communication / Chapter 11:
The Human Element / Chapter 12:
Email, Instant Messaging and Phishing / Chapter 13:
Network Administration / Chapter 14:
Network Monitoring / Chapter 15:
Executive Communication / Chapter 16:
Information Security Awareness / Chapter 17:
Synthesis and Conclusion / Chapter 18:
Draft Policies / Chapter 19:
Bibliography
Index
Table of Contents
List of Figures
Preface
66.
EB
Sushil Jajodia, George Cybenko, V. S. Subrahmanian, Vipin Swarup, Cliff Wang, Michael Wellman
出版情報:
SpringerLink Books - AutoHoldings , Springer International Publishing, 2020
子書誌情報:
loading…
所蔵情報:
loading…
EB
