Ebook: Proceedings of The Ifip Tc 11 23rd International Information Security Conference: IFIP 20th World Computer Congress, IFIP SEC’08, September 7-10, 2008, Milano, Italy
- Tags: Systems and Data Security, Legal Aspects of Computing, Management of Computing and Information Systems
- Series: IFIP – The International Federation for Information Processing 278
- Year: 2008
- Publisher: Springer US
- Edition: 1
- Language: English
- pdf
International Federation for Information Processing
The IFIP series publishes state-of-the-art results in the sciences and technologies of information and communication. The scope of the series includes: foundations of computer science; software theory and practice; education; computer applications in technology; communication systems; systems modeling and optimization; information systems; computers and society; computer systems technology; security and protection in information processing systems; artificial intelligence; and human-computer interaction. Proceedings and post-proceedings of refereed international conferences in computer science and interdisciplinary fields are featured. These results often precede journal publication and represent the most current research. The principal aim of the IFIP series is to encourage education and the dissemination and exchange of information about all aspects of computing.
For more information about the 300 other books in the IFIP series, please visit www.springer.com.
For more information about IFIP, please visit www.ifip.org.
International Federation for Information Processing
The IFIP series publishes state-of-the-art results in the sciences and technologies of information and communication. The scope of the series includes: foundations of computer science; software theory and practice; education; computer applications in technology; communication systems; systems modeling and optimization; information systems; computers and society; computer systems technology; security and protection in information processing systems; artificial intelligence; and human-computer interaction. Proceedings and post-proceedings of refereed international conferences in computer science and interdisciplinary fields are featured. These results often precede journal publication and represent the most current research. The principal aim of the IFIP series is to encourage education and the dissemination and exchange of information about all aspects of computing.
For more information about the 300 other books in the IFIP series, please visit www.springer.com.
For more information about IFIP, please visit www.ifip.org.
International Federation for Information Processing
The IFIP series publishes state-of-the-art results in the sciences and technologies of information and communication. The scope of the series includes: foundations of computer science; software theory and practice; education; computer applications in technology; communication systems; systems modeling and optimization; information systems; computers and society; computer systems technology; security and protection in information processing systems; artificial intelligence; and human-computer interaction. Proceedings and post-proceedings of refereed international conferences in computer science and interdisciplinary fields are featured. These results often precede journal publication and represent the most current research. The principal aim of the IFIP series is to encourage education and the dissemination and exchange of information about all aspects of computing.
For more information about the 300 other books in the IFIP series, please visit www.springer.com.
For more information about IFIP, please visit www.ifip.org.
Content:
Front Matter....Pages I-XVIII
Hiding in Groups: On the Expressiveness of Privacy Distributions....Pages 1-15
Practical Privacy-Preserving Benchmarking....Pages 17-31
Enhancing Privacy in Remote Data Classification....Pages 33-46
Minimizing SSO Effort in Verifying SSL Anti-phishing Indicators....Pages 47-61
Robbing Banks with Their Own Software—an Exploit Against Norwegian Online Banks....Pages 63-77
Collaborative architecture for malware detection and analysis....Pages 79-93
Realizing Stateful Public Key Encryption in Wireless Sensor Network....Pages 95-107
Establishing secure links in low-rate wireless personal area networks....Pages 109-123
An Asynchronous Node Replication Attack in Wireless Sensor Networks....Pages 125-139
A B Formal Framework for Security Developments in the Domain of Smart Card Applications....Pages 141-155
An Implementation of a Privacy Enforcement Scheme based on the Java Security Framework using XACML Policies....Pages 157-171
Negotiation of Prohibition: An Approach Based on Policy Rewriting....Pages 173-187
An Integrity Lock Architecture for Supporting Distributed Authorizations in Database Federations....Pages 189-203
Role Signatures for Access Control in Open Distributed Systems....Pages 205-220
Policies and Security Aspects For Distributed Scientific Laboratories....Pages 221-235
A Fuzzy Model for the Composition of Intrusion Detectors....Pages 237-251
Investigating the problem of IDS false alarms: An experimental study using Snort....Pages 253-267
User Session Modeling for Effective Application Intrusion Detection....Pages 269-284
A Product Machine Model for Anomaly Detection of Interposition Attacks on Cyber-Physical Systems....Pages 285-300
Anomaly Detection with Diagnosis in Diversified Systems using Information Flow Graphs....Pages 301-315
Behavioral Intrusion Detection Indicators....Pages 317-331
Leveraging Lattices to Improve Role Mining....Pages 333-347
A Parallelization Framework for Exact Knowledge Hiding in Transactional Databases....Pages 349-363
Efficient Coalition Detection in Traitor Tracing....Pages 365-380
SPIT Identification Criteria Implementation: Effectiveness and Lessons Learned....Pages 381-395
Detecting More SIP Attacks on VoIP Services by Combining Rule Matching and State Transition Models....Pages 397-411
A Decentralized Bayesian Attack Detection Algorithm for Network Security....Pages 413-428
An Operation-Based Metric for CPA Resistance....Pages 429-443
YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems....Pages 445-459
Adversary Modeling and Simulation in Cyber Warfare....Pages 461-475
Interactive Selection of ISO 27001 Controls under Multiple Objectives....Pages 477-492
Feasibility of Automated Information Security Compliance Auditing....Pages 493-508
Software Licence Protection and Management for Organisations....Pages 509-523
A Vulnerability Prioritization System Using A Fuzzy Risk Analysis Approach....Pages 525-540
ASTRA : A Security Analysis Method Based on Asset Tracking....Pages 541-555
A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack....Pages 557-571
Portable User-Centric Identity Management....Pages 573-587
Ubiquitous Privacy-Preserving Identity Managment....Pages 589-603
Facilitating Privacy Related Decisions in Different Privacy Contexts on the Internet by Evaluating Trust in Recipients of Private Data....Pages 605-620
Using Virtualization to Create and Deploy Computer Security Lab Exercises....Pages 621-635
DigForNet: Digital Forensic in Networking....Pages 637-651
A Live Digital Forensic system for Windows networks....Pages 653-667
HoneyID : Unveiling Hidden Spywares by Generating Bogus Events....Pages 669-673
A Security Protocol for Self-Organizing Data Storage....Pages 675-679
Protecting Financial Institutions from Brute-Force Attacks....Pages 681-685
Agency Theory: Can it be Used to Strengthen IT Governance?....Pages 687-691
A new Accounting Mechanism for Modern and Future AAA Services....Pages 693-697
A user survey on the sense of security, Anshin....Pages 699-703
Multi-Layer Encryption for Multi-Level Access Control in Wireless Sensor Networks....Pages 705-709
A Comparative Study of Anomaly Detection Techniques in Web Site Defacement Detection....Pages 711-716
Managing the lifecycle of XACML delegation policies in federated environments....Pages 717-721
Assessing the Likelihood of Privacy Policy Compliance....Pages 723-727
Classification features for detecting Server-side and Client-side Web attacks....Pages 729-733
Back Matter....Pages 735-737
International Federation for Information Processing
The IFIP series publishes state-of-the-art results in the sciences and technologies of information and communication. The scope of the series includes: foundations of computer science; software theory and practice; education; computer applications in technology; communication systems; systems modeling and optimization; information systems; computers and society; computer systems technology; security and protection in information processing systems; artificial intelligence; and human-computer interaction. Proceedings and post-proceedings of refereed international conferences in computer science and interdisciplinary fields are featured. These results often precede journal publication and represent the most current research. The principal aim of the IFIP series is to encourage education and the dissemination and exchange of information about all aspects of computing.
For more information about the 300 other books in the IFIP series, please visit www.springer.com.
For more information about IFIP, please visit www.ifip.org.
Content:
Front Matter....Pages I-XVIII
Hiding in Groups: On the Expressiveness of Privacy Distributions....Pages 1-15
Practical Privacy-Preserving Benchmarking....Pages 17-31
Enhancing Privacy in Remote Data Classification....Pages 33-46
Minimizing SSO Effort in Verifying SSL Anti-phishing Indicators....Pages 47-61
Robbing Banks with Their Own Software—an Exploit Against Norwegian Online Banks....Pages 63-77
Collaborative architecture for malware detection and analysis....Pages 79-93
Realizing Stateful Public Key Encryption in Wireless Sensor Network....Pages 95-107
Establishing secure links in low-rate wireless personal area networks....Pages 109-123
An Asynchronous Node Replication Attack in Wireless Sensor Networks....Pages 125-139
A B Formal Framework for Security Developments in the Domain of Smart Card Applications....Pages 141-155
An Implementation of a Privacy Enforcement Scheme based on the Java Security Framework using XACML Policies....Pages 157-171
Negotiation of Prohibition: An Approach Based on Policy Rewriting....Pages 173-187
An Integrity Lock Architecture for Supporting Distributed Authorizations in Database Federations....Pages 189-203
Role Signatures for Access Control in Open Distributed Systems....Pages 205-220
Policies and Security Aspects For Distributed Scientific Laboratories....Pages 221-235
A Fuzzy Model for the Composition of Intrusion Detectors....Pages 237-251
Investigating the problem of IDS false alarms: An experimental study using Snort....Pages 253-267
User Session Modeling for Effective Application Intrusion Detection....Pages 269-284
A Product Machine Model for Anomaly Detection of Interposition Attacks on Cyber-Physical Systems....Pages 285-300
Anomaly Detection with Diagnosis in Diversified Systems using Information Flow Graphs....Pages 301-315
Behavioral Intrusion Detection Indicators....Pages 317-331
Leveraging Lattices to Improve Role Mining....Pages 333-347
A Parallelization Framework for Exact Knowledge Hiding in Transactional Databases....Pages 349-363
Efficient Coalition Detection in Traitor Tracing....Pages 365-380
SPIT Identification Criteria Implementation: Effectiveness and Lessons Learned....Pages 381-395
Detecting More SIP Attacks on VoIP Services by Combining Rule Matching and State Transition Models....Pages 397-411
A Decentralized Bayesian Attack Detection Algorithm for Network Security....Pages 413-428
An Operation-Based Metric for CPA Resistance....Pages 429-443
YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems....Pages 445-459
Adversary Modeling and Simulation in Cyber Warfare....Pages 461-475
Interactive Selection of ISO 27001 Controls under Multiple Objectives....Pages 477-492
Feasibility of Automated Information Security Compliance Auditing....Pages 493-508
Software Licence Protection and Management for Organisations....Pages 509-523
A Vulnerability Prioritization System Using A Fuzzy Risk Analysis Approach....Pages 525-540
ASTRA : A Security Analysis Method Based on Asset Tracking....Pages 541-555
A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack....Pages 557-571
Portable User-Centric Identity Management....Pages 573-587
Ubiquitous Privacy-Preserving Identity Managment....Pages 589-603
Facilitating Privacy Related Decisions in Different Privacy Contexts on the Internet by Evaluating Trust in Recipients of Private Data....Pages 605-620
Using Virtualization to Create and Deploy Computer Security Lab Exercises....Pages 621-635
DigForNet: Digital Forensic in Networking....Pages 637-651
A Live Digital Forensic system for Windows networks....Pages 653-667
HoneyID : Unveiling Hidden Spywares by Generating Bogus Events....Pages 669-673
A Security Protocol for Self-Organizing Data Storage....Pages 675-679
Protecting Financial Institutions from Brute-Force Attacks....Pages 681-685
Agency Theory: Can it be Used to Strengthen IT Governance?....Pages 687-691
A new Accounting Mechanism for Modern and Future AAA Services....Pages 693-697
A user survey on the sense of security, Anshin....Pages 699-703
Multi-Layer Encryption for Multi-Level Access Control in Wireless Sensor Networks....Pages 705-709
A Comparative Study of Anomaly Detection Techniques in Web Site Defacement Detection....Pages 711-716
Managing the lifecycle of XACML delegation policies in federated environments....Pages 717-721
Assessing the Likelihood of Privacy Policy Compliance....Pages 723-727
Classification features for detecting Server-side and Client-side Web attacks....Pages 729-733
Back Matter....Pages 735-737
....