Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben

2015 | Buch

Digital Waste Sorting: A Goal-Based, Self-Learning Approach to Label Spam Email Campaigns Kapitel lesen Erstes Kapitel lesen

Security and Trust Management

11th International Workshop, STM 2015, Vienna, Austria, September 21-22, 2015, Proceedings

herausgegeben von: Sara Foresti

Verlag: Springer International Publishing

Buchreihe : Lecture Notes in Computer Science

Enthalten in: Springer Professional "Wirtschaft+Technik" , Springer Professional "Technik" , Springer Professional "Wirtschaft"

Einloggen, um Zugang zu erhalten
insite
SUCHEN

Über dieses Buch

This book constitutes the refereed proceedings of the 11th International Workshop on Security and Trust Management, STM 2015, held in Vienna, Austria, in September 2015, in conjunction with the 20th European Symposium Research in Computer Security, ESORICS 2015.

The 15 revised full papers were carefully reviewed and selected from 38 submissions. They are organized in topical sections as security metrics and classification; data protection; intrusion detection and software vulnerabilities; cryptographic protocols; controlling data release; and security analysis, risk management and usability.

Inhaltsverzeichnis

Frontmatter

Security Metrics and Classification

Frontmatter
Digital Waste Sorting: A Goal-Based, Self-Learning Approach to Label Spam Email Campaigns
Abstract
Fast analysis of correlated spam emails may be vital in the effort of finding and prosecuting spammers performing cybercrimes such as phishing and online frauds. This paper presents a self-learning framework to automatically divide and classify large amounts of spam emails in correlated labeled groups. Building on large datasets daily collected through honeypots, the emails are firstly divided into homogeneous groups of similar messages (campaigns), which can be related to a specific spammer. Each campaign is then associated to a class which specifies the goal of the spammer, i.e. phishing, advertisement, etc. The proposed framework exploits a categorical clustering algorithm to group similar emails, and a classifier to subsequently label each email group. The main advantage of the proposed framework is that it can be used on large spam emails datasets, for which no prior knowledge is provided. The approach has been tested on more than 3200 real and recent spam emails, divided in more than 60 campaigns, reporting a classification accuracy of 97 % on the classified data.
Mina Sheikhalishahi, Andrea Saracino, Mohamed Mejri, Nadia Tawbi, Fabio Martinelli
Integrating Privacy and Safety Criteria into Planning Tasks
Abstract
In this paper we describe a new approach that uses multi-criteria decision making and the analytic hierarchy process (AHP) for integrating privacy and safety criteria into planning tasks. We apply the approach to the journey planning using two criteria: (i) a willingness-to-share-data (WSD) metric to control data disclosure, and (ii) the number of unsatisfied safety preferences (USP) metric to mitigate risky journeys.
Anna Lavygina, Alessandra Russo, Naranker Dulay
Security Metrics, Secure Elements, and Operational Measurement Trust in Cloud Environments
Abstract
Operational security assurance evaluation requires building security metrics models to express the expected security status of the system, and collecting data from the operational system to express the current state against these models. Many factors impact the confidence we can have in these metrics and their reported status. One major factor is the trust we can put in the provided measurement data. This paper describes the properties of a trusted measurement base, use of secure element functions and different probe form factors, and their impact on defining confidence levels for the measurement data. A way of quantifying this confidence level and using it as part of security metrics models is defined. Cloud computing is used as a domain to illustrate these concepts and the process of their application. The cloud environment is especially challenging for this type of assurance due to mixed ownership and potentially limited visibility into the infrastructure.
Teemu Kanstrén, Antti Evesti

Data Protection

Frontmatter
A Declarative Framework for Specifying and Enforcing Purpose-Aware Policies
Abstract
Purpose is crucial for privacy protection as it makes users confident that their personal data are processed as intended. Available proposals for the specification and enforcement of purpose-aware policies are unsatisfactory for their ambiguous semantics of purposes and/or lack of support to the run-time enforcement of policies.
In this paper, we propose a declarative framework based on a first-order temporal logic that allows us to give a precise semantics to purpose-aware policies and to reuse algorithms for the design of a run-time monitor enforcing purpose-aware policies. We also show the complexity of the generation and use of the monitor which, to the best of our knowledge, is the first such a result in literature on purpose-aware policies.
Riccardo De Masellis, Chiara Ghidini, Silvio Ranise
How to Trust the Re-use of Data
Abstract
Research in natural sciences and life sciences involve carrying out experiments to collect data as well as carrying out analysis to interpret the data. Increasingly data is being made available to other scientists in big databases. The scientific process builds on the idea that research results can be independently validated by other researchers. However, the concern about the correct re-use of data is also increasing. As illustrated by a currently evolving case of alleged scientific mispractice there is a need to support a reliable re-use of data. To solve this challenge we introduce an enriched coordination language based on Klaim, that can model the coordination of the re-use of data in the research community. We define the formal semantics of our language and develop a static analysis that can be used to check whether we have a trustable re-use of data.
Erisa Karafili, Hanne Riis Nielson, Flemming Nielson
Towards Balancing Privacy and Efficiency: A Principal-Agent Model of Data-Centric Business
Abstract
Personal data has emerged as a crucial asset of the digital economy. However, unregulated markets for personal data severely threaten consumers’ privacy. Based upon a commodity-centric notion of privacy, this paper takes a principal-agent perspective on data-centric business. Specifically, this paper presents an economic model of the privacy problem in data-centric business, in that drawing from contract theory. Building upon a critical analysis of the model, this paper analyzes how regulatory and technological instruments could balance efficiency of markets for personal data and data-subjects’ right to informational self-determination.
Christian Zimmermann, Claus-Georg Nolte

Intrusion Detection and Software Vulnerabilities

Frontmatter
The AC-Index: Fast Online Detection of Correlated Alerts
Abstract
We propose an indexing technique for alert correlation that supports DFA-like patterns with user-defined correlation functions. Our AC-Index supports (i) the retrieval of the top-k (possibly non-contiguous) sub-sequences, ranked on the basis of an arbitrary user-provided severity function, (ii) the concurrent retrieval of sub-sequences that match any pattern in a given set, (iii) the retrieval of partial occurrences of the patterns, and (iv) the online processing of streaming logs. The experimental results confirm that, although the supported model is very expressive, the AC-Index is able to guarantee a very high efficiency of the retrieval process.
Andrea Pugliese, Antonino Rullo, Antonio Piccolo
Intrusion Detection System for Applications Using Linux Containers
Abstract
Linux containers are gaining increasing traction in both individual and industrial use, and as these containers get integrated into mission-critical systems, real-time detection of malicious cyber attacks becomes a critical operational requirement. This paper introduces a real-time host-based intrusion detection system that can be used to passively detect malfeasance against applications within Linux containers running in a standalone or in a cloud multi-tenancy environment. The demonstrated intrusion detection system uses bags of system calls monitored from the host kernel for learning the behavior of an application running within a Linux container and determining anomalous container behavior. Performance of the approach using a database application was measured and results are discussed.
Amr S. Abed, Charles Clancy, David S. Levy
SUDUTA: Script UAF Detection Using Taint Analysis
Abstract
Use-after-free (UAF) vulnerabilities are caused by the use of dangling pointers. Their exploitation inside script engine-hosting applications, e.g. web browsers, can even bypass state-of-the-art countermeasures. This work proposes SUDUTA (Script UAF Detection Using Taint Analysis), which aims at facilitating the diagnosis of UAF bugs during vulnerability analysis and improves an existent promising technique based on dynamic taint tracking. Firstly, precise taint analysis rules are presented in this work to clearly specify how SUDUTA manages the taint state. Moreover, it shifts its analysis to on-line, enabling instrumentation code to gain access to the program state of the application. Lastly, it handles the presence of custom memory allocators that are typically utilised in script-hosting applications. Results obtained using a benchmark dataset and vulnerable applications validate these three improvements.
John Galea, Mark Vella

Cryptographic Protocols

Frontmatter
Two-Factor Authentication for the Bitcoin Protocol
Abstract
We show how to realize two-factor authentication for a Bitcoin wallet. To do so, we explain how to employ an ECDSA adaption of the two-party signature protocol by MacKenzie and Reiter (2004) in the context of Bitcoin and present a prototypic implementation of a Bitcoin wallet that offers both: two-factor authentication and verification over a separate channel. Since we use a smart phone as the second authentication factor, our solution can be used with hardware already available to most users and the user experience is quite similar to the existing online banking authentication methods.
Christopher Mann, Daniel Loebenberger
Private Proximity Testing on Steroids: An NTRU-based Protocol
Abstract
Nowadays, most smartphones come pre-equipped with location (GPS) sensing capabilities, allowing developers to create a wide variety of location-aware applications and services. While location awareness provides novel features and functionality, it opens the door to many privacy nightmares. In many occasions, however, users do not need to share their actual location, but to determine whether they are in proximity to others, which is practically one bit of information. Private proximity protocols allow this functionality without any further information leakage. In this work we introduce a novel protocol which is far more efficient than the current state of the art and bases its security on lattice-based cryptography.
Constantinos Patsakis, Panayiotis Kotzanikolaou, Mélanie Bouroche
Selecting a New Key Derivation Function for Disk Encryption
Abstract
Many full disk encryption applications rely on a strong password-based key derivation function to process a passphrase. This article defines requirements for key derivation functions and analyzes recently presented password hashing functions (second round finalists of the Password Hashing Competition) for their suitability for disk encryption.
Milan Brož, Vashek Matyáš

Controlling Data Release

Frontmatter
It’s My Privilege: Controlling Downgrading in DC-Labels
Abstract
Disjunction Category Labels (DC-labels) are an expressive label format used to classify the sensitivity of data in information-flow control systems. DC-labels use capability-like privileges to downgrade information. Inappropriate use of privileges can compromise security, but DC-labels provide no mechanism to ensure appropriate use. We extend DC-labels with the novel notions of bounded privileges and robust privileges. Bounded privileges specify and enforce upper and lower bounds on the labels of data that may be downgraded. Bounded privileges are simple and intuitive, yet can express a rich set of desirable security policies. Robust privileges can be used only in downgrading operations that are robust, i.e., the code exercising privileges cannot be abused to release or certify more information than intended. Surprisingly, robust downgrades can be expressed in DC-labels as downgrading operations using a weakened privilege. We provide sound and complete run-time security checks to ensure downgrading operations are robust. We illustrate the applicability of bounded and robust privileges in a case study as well as by identifying a vulnerability in an existing DC-label-based application.
Lucas Waye, Pablo Buiras, Dan King, Stephen Chong, Alejandro Russo
Obligations in PTaCL
Abstract
Obligations play an increasingly important role in authorization systems and are supported by languages such as XACML. However, our understanding of how to handle obligations in languages such as XACML, particularly in exceptional circumstances, is hampered by a lack of formality and rigor in the existing literature, including the XACML standard. PTaCL is an attribute-based policy language that makes use of tree-structured policies and targets, like XACML. However, PTaCL is more general than XACML and has rigorous operational semantics for request evaluation, from which a policy decision point can be implemented. In this paper, we enhance PTaCL by extending the policy syntax to include obligations and defining the obligations that should be associated with an authorization decision. Our final contribution is to extend our analysis to cases where policy evaluation may return an indeterminate value. We demonstrate that obligation semantics for PTaCL coincide with those of XACML when there is no indeterminacy. More importantly, we show that our obligation semantics provide a principled method for determining obligations for any policy-combining algorithm and the set of possible obligations in the presence of indeterminacy, thereby providing considerable advantages over existing approaches.
Jason Crampton, Conrad Williams
Content and Key Management to Trace Traitors in Broadcasting Services
Abstract
Traitor tracing encryption schemes are a type of broadcasting encryption and have been developed for broadcasting services. There are multiple distinct decryption keys for each encryption key, and each service subscriber is given a unique decryption key. Any subscriber that redistributes his or her decryption key to a third party or who uses it to make a pirate receiver (\(\mathcal{PR}\)) can be identified using the schemes. However, almost all previous schemes are effective against only those \(\mathcal{PR}\)s with only one decryption key. We first discuss an attack (content comparison attack) against the above encryption schemes. The attack involves multiple distinct decryption keys and content-data comparison mechanism. We have developed a content and key management method (CKM) that makes traitor tracing schemes secure against the content comparison attack. Its use makes it impossible for \(\mathcal{PR}\)s to distinguish ordinary content data from test data and makes traitor tracing schemes effective against all \(\mathcal{PR}\)s. The CKM makes the broadcasting services secure.
Kazuto Ogawa, Goichiro Hanaoka, Hideki Imai

Security Analysis, Risk Management, and Usability

Frontmatter
In Cyber-Space No One Can Hear You S·CREAM
A Root Cause Analysis for Socio-Technical Security
Abstract
Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause analysis in security. We aim at providing a systematic method for the security analyst to identify the socio-technical attack modes that can potentially endanger a system’s security.
Ana Ferreira, Jean-Louis Huynen, Vincent Koenig, Gabriele Lenzini
A Socio-Technical Investigation into Smartphone Security
Abstract
Many people do not deliberately act to protect the data on their Smartphones. The most obvious explanation for a failure to behave securely is that the appropriate mechanisms are unusable. Does this mean usable mechanisms will automatically be adopted? Probably not! Poor usability certainly plays a role, but other factors also contribute to non-adoption of precautionary mechanisms and behaviours. We carried out a series of interviews to determine justifications for non-adoption of security precautions, specifically in the smartphone context, and developed a model of Smartphone precaution non-adoption. We propose that future work should investigate the use of media campaigns in raising awareness of these issues.
Melanie Volkamer, Karen Renaud, Oksana Kulyk, Sinem Emeröz
A Game Theoretic Framework for Modeling Adversarial Cyber Security Game Among Attackers, Defenders, and Users
Abstract
This paper models interactions in the cyber environment as a three-way security game between attacker, defender, and user. The paper focuses on understanding and modeling the roles, motivations and conflicting objectives of the players. Unlike most research in cyber security, this paper studies not only technological but also psychosocial aspects of the interactions. The paper develops recommendations for selecting games that have relevant features for representing cyber security interactions and outlines directions for future research.
Tatyana Ryutov, Michael Orosz, James Blythe, Detlof von Winterfeldt
Design, Demonstration, and Evaluation of an Information Security Contract and Trading Mechanism to Hedge Information Security Risks
Abstract
Cyber-insurance products are the only financial instrument available as a risk-transfer mechanism in the information security domain. Furthermore, cyber-insurance markets are unable or unwilling to facilitate the transfer of risks, particularly those with a high probability and high intensity of loss. Thus, there is a need for a new mechanism to address the variety of information security risks. This article addresses the shortcomings in the existing information security risk hedging market. The article presents a financial instrument and a corresponding trading mechanism to be used for risk hedging in an information security prediction market. Also, the article uses an imaginary case to demonstrate the application of the contract. Furthermore, an evaluation of the contract and trading mechanism in its usefulness in hedging the underlying risks is presented. In our analysis, we found that information security contracts can be a solution (at least to some extent) to the problems in the existing risk hedging mechanisms in the information security domain.
Pankaj Pandey, Steven De Haes
Backmatter
Metadaten
Titel
Security and Trust Management
herausgegeben von
Sara Foresti
Copyright-Jahr
2015
Electronic ISBN
978-3-319-24858-5
Print ISBN
978-3-319-24857-8
DOI
https://doi.org/10.1007/978-3-319-24858-5