E-Book, Englisch, Band 41, 183 Seiten
Weerasinghe Information Security and Digital Forensics
1. Auflage 2010
ISBN: 978-3-642-11530-1
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
First International Conference, ISDF 2009, London, United Kingdom, September 7-9, 2009, Revised Selected Papers
E-Book, Englisch, Band 41, 183 Seiten
ISBN: 978-3-642-11530-1
Verlag: Springer
Format: PDF
Kopierschutz: 1 - PDF Watermark
This book constitutes the thoroughly refereed post-conference proceedings of the First International Conference on Information Security and Digital Forensics, ISDF 2009, which was held in September 2009 in London, United Kingdom. The 19 papers present several security, identity and forensics challenges across the globe to address better the gap in the digital economy market and thus to develop further an appriate security and identity framework and solutions to protect the next generation of IT applications.
Autoren/Hrsg.
Weitere Infos & Material
1;Preface;5
2;Table of Contents;6
3;Analysis of Denial of Service Attacks in IEEE 802.11s Wireless Mesh Networks;8
3.1;Introduction;8
3.1.1;Types of Dos Attacks;9
3.1.2;DoS Attacks in WMNs;11
3.2;Analysis of Existing Security Models;11
3.2.1;Addition of IEs Inside Frame Body Fields;11
3.2.2;Addition of 11 Bit Code by Replacing Bits of Frame Control and Sequence Control;12
3.2.3;Proposed Draft as IEEE 802.11w;12
3.2.4;Other Related Work;13
3.3;Proposed Scheme;15
3.3.1;Advantage over the Proposed Draft;15
3.3.2;Shortfalls of 802.11w;16
3.4;Conclusion;16
3.5;References;17
4;A Semi-fragile Watermarking Algorithm for Authenticating 2D Engineering Graphics Based on Log-Polar Transformation;18
4.1;Introduction;18
4.2;2D Engineering Graphics and Log-Polar Transformation;19
4.2.1;2D Engineering Graphics;19
4.2.2;Log-Polar Transformation;19
4.3;Semi-fragile Watermarking for 2D Engineering Graphics;20
4.3.1;Generation of Watermark;20
4.3.2;Watermark Embedding;21
4.3.3;Watermarks Verification;22
4.4;Experimental Results and Discussion;22
4.4.1;Experimental Results;22
4.4.2;Discussion of the Robustness and Ability of Tamper Location;22
4.4.3;Performance Discussion;23
4.5;Conclusions;24
4.6;References;25
5;On the Repudiability of Device Identification and Image Integrity Verification Using Sensor Pattern Noise;26
5.1;Introduction;26
5.2;Device Identification and Image Integrity Verification Using Sensor Pattern Noise;27
5.3;Potential Attacks;28
5.3.1;Signature Removal;28
5.3.2;Signature Substitution;29
5.4;Conclusions;31
5.5;References;32
6;Virtualization Efficacy for Network Intrusion Detection Systems in High Speed Environment;33
6.1;Introduction;33
6.2;Virtualization;35
6.2.1;Hosted Virtualization;35
6.2.2;Hypervisor Virtualization;35
6.3;Packet Handling;36
6.3.1;System Hardware;36
6.3.2;Operating System;37
6.3.3;NIDS and Packet Capturing Libraries;37
6.4;Performance Test;38
6.4.1;Test-Bench;38
6.4.2;Evaluation Methodology;39
6.5;Results;39
6.5.1;UDP Traffic;40
6.5.2;TCP Traffic;42
6.6;Analysis;43
6.6.1;OS and Application Incompatibility;43
6.6.2;Hardware Incompatibility in Virtualization;45
6.7;Conclusion;46
6.8;References;47
7;Face Recognition Using Balanced Pairwise Classifier Training;49
7.1;Introduction;49
7.2;Gabor Feature Extraction;51
7.3;Classifier Training;51
7.3.1;Empirical Kernel Map;52
7.3.2;Training Strategy for Fisher’s Discriminant Analysis on an Unbalanced Feature Training Set;52
7.4;Experimental Settings;53
7.5;Results;54
7.6;Conclusion;55
7.7;References;55
8;Forensic Investigation of the Soft-Modded PlayStation Portable (PSP);57
8.1;Introduction;57
8.2;PSP Onboard Flash Memory and Custom Firmware;58
8.2.1;Data Storage Areas in the Onboard NAND Flash Memory;58
8.2.2;Custom Firmware (CFW);58
8.3;PSP Forensics Issues and Possible Solutions;58
8.3.1;Checking If the System Has Been Modded;59
8.3.2;Check If a Custom VSH Menu Is Enabled;59
8.3.3;Imaging Issues;61
8.3.4;NAND Flash Dumping;62
8.3.5;Media Analysis;62
8.4;Conclusions;62
8.5;References;63
9;Smart Logic - Preventing Packet Loss in High Speed Network Intrusion Detection Systems;64
9.1;Introduction;64
9.2;Smart Logic;66
9.2.1;Architecture;66
9.2.2;Operation;67
9.3;Test Bench;69
9.4;Results;69
9.4.1;CPU Usage;69
9.4.2;Packet Handling;70
9.5;Conclusion;71
9.6;References;71
10;Parameter Based Access Control Model for Mobile Handsets;73
10.1;Introduction;73
10.2;Related Work;74
10.3;Security Design;75
10.3.1;Registration Process;75
10.3.2;Data Transmission;77
10.3.3;Data Access at the Security Capsule;78
10.4;Parameter Based Access Control;80
10.5;Conclusion;81
10.6;References;82
11;Ethical Dilemmas in Teaching Computer and Internet Security;83
11.1;Introduction;83
11.2;The Issues in Computer Teaching;84
11.3;Teaching Network Programming;85
11.4;Teaching e-Business;85
11.5;Teaching Internet Protocols;85
11.5.1;Datalink Layer;86
11.5.2;Network Layer;86
11.5.3;Transport Layer;86
11.5.4;Application Layer;86
11.6;Teaching Trustworthiness and Security;87
11.7;Conclusions;87
11.8;References;88
12;Overview of SIP Attacks and Countermeasures;89
12.1;Introduction;89
12.2;SIP Security Measures;90
12.2.1;Denial of Service Attack;90
12.2.2;SIP Injection Attack;92
12.2.3;SIP Spoofing Attack;93
12.2.4;SIP Authentication Attack;95
12.2.5;SIP Traffic Capturing;95
12.2.6;SIP Messages Modification Attack;96
12.2.7;VoIP SPAM (SPIT);96
12.3;Conclusions;96
12.4;References;97
13;Security Challenges in Multihop Wireless Mesh Networks–A Survey;99
13.1;Introduction;99
13.2;Potential Attacks on WMN Protocols;100
13.2.1;External Attacks;100
13.2.2;Internal Attacks;100
13.3;Secure Routing Protocols;101
13.3.1;Use of Cryptographic Approaches;101
13.3.2;Internal Attacks in WMN;103
13.4;Intrusion Detection Techniques;104
13.5;Mesh Security;105
13.5.1;Client Access Controls;105
13.5.2;Inter-mesh Access Point Controls;105
13.5.3;Standardization;106
13.6;Conclusion;107
13.7;References;107
14;A Security Architecture to Protect Against Data Loss;109
14.1;System Modelling;109
14.1.1;Data Loss and Its Causes;109
14.1.2;Accidental Data Loss by Her Majesty’s Revenue and Customs;110
14.2;The Searchlight Model;110
14.2.1;Multilevel Security Model;110
14.2.2;An Attack Classification Scheme;111
14.2.3;Data Loss Classification;112
14.2.4;Attack Surface;113
14.2.5;Impact Zone;113
14.3;Protecting against Data Loss;114
14.3.1;Accidental Data Loss by Her Majesty’s Revenue and Customs;114
14.3.2;System Hardening;114
14.3.3;Targeting the Perpetrator;115
14.4;Conclusions;116
14.5;References;116
15;A Simple Method for Improving Intrusion Detections in Corporate Networks;118
15.1;Introduction;118
15.2;Related Work;120
15.3;Network Intrusion Detections;121
15.4;Datasets and Methodology;123
15.5;Results of Experiments;125
15.6;Conclusion and Future Research Work;128
15.7;References;128
16;Detecting Sybils in Peer-to-Peer File Replication Systems;130
16.1;Introduction;130
16.2;Related Work;132
16.3;Sybil Detection;132
16.3.1;Scope;132
16.3.2;Algorithm Overview;134
16.4;Simulation Results;136
16.5;Conclusion;140
16.6;References;140
17;Adaptive Clustering Method for Reclassifying Network Intrusions;142
17.1;Introduction;142
17.2;Related Works;144
17.3;Overview of Datasets;146
17.4;Reclassification of Intrusions;146
17.4.1;Automated Reclassification of Alerts;148
17.5;Experimental Results;149
17.5.1;Summary of Experimental Results;151
17.6;Conclusion and Future Research;151
17.7;References;152
18;Technology Perspective: Is Green IT a Threat to IT Security?;154
18.1;Introduction;154
18.2;Research Challenges;157
18.2.1;Virtual Network Security and Threats;157
18.2.2;Virtual Network Management;158
18.3;Summary;160
18.4;References;160
19;An Adaptive Fusion Framework for Fault-Tolerant Multibiometrics;162
19.1;Introduction;162
19.2;The Adaptive Fusion Framework;163
19.3;Experiments;164
19.3.1;Database and Test Scenarios;164
19.3.2;3D and 2D Face Recognition Algorithms;165
19.3.3;Adaptive and Non-adaptive Fusion;166
19.4;Results;166
19.5;Conclusion;168
19.6;References;168
20;Cross-Enterprise Policy Model for e-Business Web Services Security;170
20.1;Introduction;170
20.2;Related Work;172
20.2.1;e-Business and Its Security Concerns;172
20.2.2;Approaches to Web Services (WS) Security;172
20.3;Web Services Security Model;173
20.3.1;e-Business Case Scenario;174
20.3.2;Security Requirements;176
20.3.3;The Model;176
20.4;Conclusion and Future Work;177
20.5;References;178
21;Challenges of Identity Management – A Context in Rural India;179
21.1;Introduction;179
21.2;The Problem;180
21.3;Related Research;181
21.4;Methodology;181
21.5;The Study;182
21.5.1;Existing Processes for Membership Management at SEWA;182
21.5.2;Analyzing the Existing Membership Data;183
21.5.3;Facts Revealed from the Interviews and Group Discussions;185
21.5.4;Challenges Encountered during De-duplication of Data;186
21.6;Findings of the Study;187
21.7;Conclusion and Further Research;189
21.8;References;190
22;Author Index;191
