E-Book, Englisch, Band 1, 429 Seiten
Gorodetsky / Kotenko / Skormin Computer Network Security
1. Auflage 2007
ISBN: 978-3-540-73986-9
Verlag: Springer Berlin Heidelberg
Format: PDF
Kopierschutz: 1 - PDF Watermark
Fourth International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, MMM-ACNS 2007, St. Petersburg, Russia, September 13-15, 2007, Proceedings
E-Book, Englisch, Band 1, 429 Seiten
Reihe: Communications in Computer and Information Science
ISBN: 978-3-540-73986-9
Verlag: Springer Berlin Heidelberg
Format: PDF
Kopierschutz: 1 - PDF Watermark
This book constitutes the refereed proceedings of the Fourth International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2007, held in St. Petersburg, Russia in September 2007. The First, Second and Third International Workshops ““Mathematical Methods, Models and Architectures for Computer Networks Security”” demonstrated the high interest of the international scientific community to the theoretical aspects of the computer network and information security and the need for conducting of such workshops as on-going series. The proposed MMM-ACNS 2007 conference is intended as a next step in this series and will be focused on theoretical problems in the area under consideration. Its objectives are to bring together leading researchers from academia and governmental organizations as well as practitioners in the area of computer networks and information security, facilitating personal interactions and discussions on various aspects of information technologies in conjunction with computer network and information security problems arising in large-scale computer networks engaged in information storing, transmitting, and processing.
Autoren/Hrsg.
Weitere Infos & Material
1;Preface;5
2;Organization;7
3;Table of Contents;11
4;Surreptitious Software: Models from Biology and History;15
4.1;Introduction;15
4.2;Notation;17
4.3;Attacks;18
4.4;Defenses;19
4.4.1;The Cover Primitive;19
4.4.2;The Copy Primitives;21
4.4.3;The Split and Merge Primitives;23
4.4.4;The Reorder Primitive;25
4.4.5;The Indirect Primitive;26
4.4.6;The Map Primitive;27
4.4.7;The Mimic Primitive;28
4.4.8;The Advertise Primitive;29
4.4.9;The Tamperproof Primitive;30
4.4.10;The Dynamic Primitive;32
4.5;Summary;33
5;Characterizing Software Self-healing Systems;36
5.1;Introduction;36
5.2;Self-healing Systems: What;37
5.3;Self-healing Systems: Why;38
5.4;Self-healing Systems: How;40
5.4.1;Self-healing Techniques;41
5.5;Self-healing Systems: Future Directions;43
5.6;Conclusions;44
6;Assumptions: The Trojan Horses of Secure Protocols;48
6.1;Introduction;48
6.2;Classical Distributed Algorithms Design;49
6.3;Assumptions as Vulnerabilities;50
6.4;On Resource Exhaustion;51
6.5;On the Substance of Assumptions;53
6.6;Conclusion;54
7;Smart Cards and Digital Security;56
7.1;Introduction;56
7.2;Network Authentication;57
7.2.1;Virtual Private Network with PKI;57
7.2.2;WiFi Authentication;57
7.3;Internet Services Authentication;58
7.3.1;Authentication with PKI and Certificates;59
7.3.2;One-Time Passwords;59
7.3.3;Extensible Web Authentication Framework;61
7.3.4;Web Authentication for Identity Frameworks;62
7.4;PC Software Integrity;65
7.4.1;Trusted Platform Module and Smart Cards;66
7.4.2;USB Smart Cards;67
7.5;Conclusion;68
7.6;References;69
8;Virus Throttle as Basis for ProActive Defense;71
8.1;Introduction;71
8.2;Adaptive Networks and ProActive Defense;72
8.2.1;Basis for the Adaptive Network: Intelligence;73
8.2.2;ProCurve ProActive Defense;74
8.3;Virus Throttle: From HP Labs to ProCurve;76
8.3.1;Need for Adaption;76
8.3.2;Resulting Throttle Algorithm;77
8.4;Proving ProCurve Virus Throttle Works;79
8.4.1;Analysis of Hash-Based Approach;79
8.4.2;Analysis with Real Network Traffic;82
8.5;Current Status and Future Work;86
8.6;References;87
9;Technologies for Protection Against Insider Attacks on Computer Systems;89
9.1;Introduction;89
9.2;Common Model of Insider Attack;90
9.3;Technologies for Protection Against Insider Attacks;91
9.3.1;Organizational Security Controls;92
9.3.2;Technical Security Controls;92
9.4;Overview of Existing Security Solutions for Protection Against Insiders;93
9.4.1;Microsoft Rights Management Service;93
9.4.2;InfoWatch Enterprise Solution;94
9.4.3;The Security Policy Management System “Enterprise Guard”;95
9.4.4;Security Control System “DeviceLock”;96
9.5;Conclusion;97
9.6;References;98
10;Access Control and Declassification;99
10.1;Introduction;99
10.2;The language;101
10.2.1;Security (pre-)Lattices;101
10.2.2;Syntax and Operational Semantics;102
10.3;The Type and Effect System;105
10.4;Type Safety;108
10.5;Secure Information Flow;109
10.6;Conclusion;111
11;Reasoning About Delegation and Account Access in Retail Payment Systems;113
11.1;Introduction;113
11.2;A Logic for Reasoning About Access Control;114
11.2.1;Overview of the Logic;114
11.2.2;Semantics;115
11.2.3;Inference Rules;115
11.2.4;Delegation and Its Properties;116
11.3;Checking Using an Electronic Clearing House Network;119
11.4;Conclusions;127
12;Performance Evaluation of Keyless Authentication Based on Noisy Channel;129
12.1;Introduction;129
12.1.1;Model for Key Distribution in Presence of Active Eavesdropper;129
12.1.2;Authentication Based on Noisy Channels;131
12.2;Performance Evaluation of AC's;131
12.3;Asymptotic Code Rate for AC's;135
12.4;Authentication Based on Bit-Wise Method;138
12.5;Conclusion;139
13;Avoiding Key Redistribution in Key Assignment Schemes;141
13.1;Introduction;141
13.2;Preliminaries;142
13.2.1;Key Assignment Schemes;143
13.2.2;Implementation Considerations;144
13.2.3;Remaining Difficulties and Motivation;146
13.3;Avoiding Key Redistribution in KASs;146
13.3.1;User-Based KASs;147
13.3.2;Performance Evaluation;148
13.3.3;Discussion;149
13.4;Is HKE KAS the Best Two-Step Scheme?;150
13.5;Related work;151
13.5.1;Existing KASs;151
13.5.2;Optimised KASs;151
13.6;Conclusion and Future Research;152
14;Fern : An Updatable Authenticated Dictionary Suitable for Distributed Caching;155
14.1;Introduction;155
14.2;Fern;156
14.3;Analysis: Number of Refresh Queries;158
14.4;Conclusion;160
15;Class of Provably Secure Information Authentication Systems;161
15.1;Introduction;161
15.2;Class of Public Key Cryptosystems;162
15.3;Provable Security;164
15.4;Cryptosystem with Minimum Value z;165
15.5;Conclusion;166
15.6;References;166
16;A New Modeling Paradigm for Dynamic Authorization in Multi-domain Systems;167
16.1;Introduction;167
16.2;Characteristics of Multi-domain Interactions;167
16.3;New Modeling Paradigm for Dynamic Authorization;168
16.4;The Extended UCON_$ABC$ Model;169
16.4.1;EUCON Attributes;169
16.4.2;EUCON Authorizations;171
16.4.3;EUCON Obligations and Conditions;171
16.5;Related Work;172
16.6;Conclusion and Future Work;172
17;Synthesis of Non-interferent Distributed Systems;173
17.1;Introduction;173
17.2;Preliminaries;175
17.2.1;Labeled Transition Systems;175
17.2.2;Bisimulation, Restriction and Abstraction;176
17.2.3;The Modal $\mu$ -Calculus and Characteristic Formulæ;176
17.3;Control and Non-interference;177
17.3.1;Control Problems;177
17.3.2;Non-interference Problems;179
17.4;Control of Non-interference;179
17.4.1;SNNI Control Problem;180
17.4.2;BSNNI Control Problem;181
17.5;Conclusion;183
18;Privacy-Preserving Credential Verification for Non-monotonic Trust Management Systems;185
18.1;Introduction;185
18.2;Problem Definition;186
18.3;Credential Verification Scheme;188
18.3.1;Overview of the Scheme;188
18.3.2;Architecture;189
18.3.3;Cryptographic Building Blocks;191
18.3.4;Profile Entry;191
18.3.5;Credential Verification Protocol;192
18.3.6;Zero-Knowledge Proof Protocol;193
18.4;Security Analysis;194
18.5;Related Work;194
18.6;Conclusion and Future Work;195
19;Covert Channel Invisibility Theorem;201
19.1;Introduction;201
19.2;Mathematical Model;203
19.3;The Example;207
19.4;Conclusion;209
20;Policy-Based Proactive Monitoring of Security Policy Performance;211
20.1;Introduction;211
20.2;Related Work and the Approach Suggested;212
20.3;Main Stages and Techniques;213
20.4;Restrictions and Optimization Approaches;215
20.5;System Architecture, Implementation and Experiments;221
20.6;Conclusion;224
20.7;References;225
21;Comparing Electronic Battlefields: Using Mean Time-To- Compromise as a Comparative Security Metric;227
21.1;Introduction;227
21.2;Lessons Learnt from Physical Security;229
21.3;Attack Zones;230
21.4;Predator Model;231
21.5;Attack Path Model;233
21.6;Estimating State Times;233
21.6.1;The State-Time Estimation Algorithm (STEA)^2;234
21.6.2;Estimating Strike State Times Using Attack Trees;236
21.7;Building MTTC Intervals;237
21.8;Case Study;238
21.9;Future Research;239
21.10;Conclusions;240
21.11;References;240
22;Abstraction Based Verification of a Parameterised Policy Controlled System;242
22.1;Introduction;242
22.2;Related Work;243
22.3;Collaboration Scenario;245
22.4;Verification of System Properties;246
22.4.1;Formal Modelling Technique;247
22.4.2;Abstraction Based Verification Concept;249
22.4.3;Verification Tool;250
22.5;Verification of the Collaboration Scenario;251
22.5.1;Proving Security and Liveness of the Collaboration Example;253
22.6;Conclusions and Future Work;254
23;Algebraic Models to Detect and Solve Policy Conflicts;256
23.1;Introduction;256
23.2;Motivation and Related Work;257
23.3;A Model for Conflict Detection;258
23.4;A Model for Conflict Resolution;259
23.5;The Tool;260
23.6;Conclusions and Future Work;261
24;Event Calculus Based Checking of Filtering Policies;262
24.1;Introduction;262
24.2;Filtering Policy Anomalies;263
24.3;Event Calculus and Axiomatization;263
24.4;Software Prototype;265
24.5;Conclusions;267
24.6;References;267
25;A New Approach to Security Evaluation of Operating Systems;268
25.1;Introduction;268
25.2;The Related Works;269
25.3;A Security Fundament in Modern Operating Systems;270
25.4;Calculation of the Effective Permissions;271
25.5;Conclusion;273
25.6;References;273
26;Multi-agent Peer-to-Peer Intrusion Detection;274
26.1;Introduction: Modern Information Technology Trends;274
26.2;Security of P2P Agent-Based Service-Oriented Systems;276
26.3;Related Works;278
26.4;P2P Agent Platform and P2P Provider;278
26.5;Multi-agent P2P Intrusion Detection;279
26.6;P2P IDS Agent Learning of Decision Combining;281
26.7;Conclusions and Future Work;283
26.8;References;284
27;An Interval Temporal Logic-Based Matching Framework for Finding Occurrences of Multi-event Attack Signatures;286
27.1;Introduction;286
27.2;Locating Matches of Attack Signatures;288
27.3;Matching SigITL Signatures;289
27.3.1;$Sig$ITL Model;289
27.3.2;$Sig$ITL* Matching Model;290
27.4;Algorithm $Sig$ITL*-Match;292
27.4.1;Basic Notation;292
27.4.2;Matching Mechanism;293
27.5;$Sig$ITL* Matching Framework;294
27.5.1;All Matches;294
27.5.2;First Match, $k$-Match and Shortest Match;295
27.6;Simulation Experiments;296
27.7;Conclusion and Future Work;297
28;Towards Fully Automatic Defense Mechanism for a Computer Network Emulating Active Immune Response;300
28.1;Introduction;300
28.2;Existing Research;302
28.3;Mathematical Model of the Immune-Type Response of the Network;305
28.4;Principle of System Operation and Major System Components;310
28.4.1;Attack Detection/Identification;311
28.4.2;Generation of the Feedback Signal;312
28.4.3;The Control Station;313
28.4.4;The Control Law;315
28.5;System Implementation;317
29;Mathematical Models of Intrusion Detection by an Intelligent Immunochip;322
29.1;Introduction;322
29.2;Mathematical Models;323
29.2.1;Formal Immune Network;323
29.2.2;Singular Value Decomposition;324
29.2.3;Discrete Tree Transform;324
29.2.4;Entropy and Separability;325
29.3;Computing Scheme;326
29.4;Test Examples;327
29.5;Discussion;330
29.6;Conclusion;331
29.7;References;332
30;A Novel Intrusion Detection System for a Local Computer Network;334
30.1;Background;334
30.2;Dynamic Code Analyzer;335
30.3;Dealing with Computer Worms;338
30.4;Server-Level Analysis of Local Alarms;341
30.5;The Implementation Aspects and Results;344
31;Investigation of the Effectiveness of Alert Correlation Methods in a Policy-Based Security Framework;348
31.1;Introduction;348
31.2;Outline of Alert Correlation Methods;349
31.3;Investigation of Alert Correlation Effectiveness;349
31.3.1;The Architecture of the Testbed;349
31.3.2;Metrics of Alert Correlation Effectiveness Employed;350
31.3.3;Results of the Experiment;350
31.4;Conclusions;352
32;Host-Based Intrusion Detection System: Model and Design Features;354
32.1;Introduction;354
32.2;Development of the Analysis Module;354
32.2.1;System Model Identifying Security Policy Violations;355
32.2.2;Intrusion Detection Model;356
32.2.3;Unified Model;356
32.3;Features of Development of the Data Acquisition Module;357
32.4;Conclusion;359
32.5;References;359
33;Interval Approach to Preserving Privacy in Statistical Databases: Related Challenges and Algorithms of Computational Statistics;360
33.1;Interval Approach to Preserving Privacy in Statistical Databases;360
33.2;Related Challenges and Algorithms of Computational Statistics;362
33.3;New Problem: Hierarchical Statistical Analysis Under Privacy-Related Interval Uncertainty;365
33.4;Formulation of the Problem in Precise Terms and Main Result;366
33.5;Proof;367
33.6;Auxiliary Result: What If the Frequencies Are Also Only Known with Interval Uncertainty?;370
33.7;Conclusion;373
34;Fast Service Restoration Under Shared Protection at Lightpath Level in Survivable WDM Mesh Grooming Networks;376
34.1;Introduction;376
34.2;Sharing the Backup Path Capacities in WDM Grooming Networks Under PAL;379
34.2.1;ILP Model of Sharing the Backup Capacities for Traffic Grooming (FSR-SLL-VCO);382
34.2.2;Heuristic Algorithm of Sharing the Backup Capacities in WDM Grooming Networks (FSR-SLL-VCH);383
34.3;Modeling Assumptions;384
34.4;Modeling Results;386
34.4.1;WDM Layer Link Capacity Utilization Ratio;386
34.4.2;Length of a Backup Lightpath;387
34.4.3;Values of Service Restoration Time at WDM Layer;388
34.4.4;Modeling Results for Varying Network Load;389
34.5;Conclusion;390
34.6;References;390
35;Anycast Communication – A New Approach to Survivability of Connection-Oriented Networks;392
35.1;Introduction;392
35.2;Anycasting in Connection-Oriented Networks;393
35.3;Problem Formulation;394
35.4;Algorithm;396
35.5;Results;398
35.6;Conclusion;402
35.7;References;402
36;Privacy Preserving Context Transfer in All-IP Networks;404
36.1;Introduction;404
36.2;The Problem: Privacy Issues in Context Transfer Protocol;405
36.3;The Proposed Solution;405
36.3.1;Mobile Node Submitted Context;406
36.3.2;Frequent NAI Change;407
36.4;Discussion;408
36.5;Conclusions;409
36.6;References;409
37;Environment-Aware Trusted Data Delivery in Multipath Wireless Protocols;410
37.1;Introduction;410
37.2;Technique;411
37.3;Performance Evaluation and Discussion;413
37.4;References;415
38;A Spatial Watermarking Algorithm for Video Images;416
38.1;Introduction;416
38.2;Watermarking Algorithms;417
38.3;Experiments;419
38.4;Conclusions;421
38.5;References;421
39;Watermarking Software to Signal Copy Protection;422
39.1;Introduction;422
39.2;Background;423
39.3;The Copy Protection Scheme;424
39.4;The Software Watermarking Technique;425
39.5;Results;426
39.6;Conclusions;426
39.7;Summary;427
39.8;References;427
40;Author Index;428
