ICT Systems Security and Privacy Protection 32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29-31, 2017, Proceedings

This book constitutes the refereed proceedings of the 32nd IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection, SEC 2017, held in Rome, Italy, in May 2017.The 38 revised full papers presented were carefully reviewed and selected from 199 submissions.

Saved in:

Bibliographic Details
Published in	ICT Systems Security and Privacy Protection 32nd IFIP TC 11 International Conference, SEC 2017, Rome, Italy, May 29-31, 2017, Proceedings Vol. 502
Main Authors	De Capitani di Vimercati, Sabrina, Martinelli, Fabio
Format	eBook Conference Proceeding Book
Language	English
Published	Cham Springer Nature 2017 Springer International Publishing AG Springer International Publishing Springer
Edition	1
Series	IFIP Advances in Information and Communication Technology
Subjects	Computer Applications Computer networks Computer programming, programs, data Computer Science Computer security Computer security-Congresses Computers and Society Cryptology Information Systems Applications (incl. Internet) Internet Legal Aspects of Computing Systems and Data Security
Online Access	Get full text
ISBN	3319584693 9783319584690 3319584685 9783319584683
ISSN	1868-4238 1868-422X
DOI	10.1007/978-3-319-58469-0

Cover

Table of Contents:

4.3 Initialization Phase -- 4.4 Query Phase -- 4.5 Response Phase -- 5 Security Analysis -- 5.1 Query Confidentiality -- 5.2 Query Privacy -- 6 Experimental Evaluation -- 7 Conclusions -- A Appendix -- A.1 Key Validation Procedure -- References -- Secure and Efficient k-NN Queries -- 1 Introduction -- 2 Problem Statement -- 3 Proposed Approach -- 3.1 DS-kNN Query Protocol -- 3.2 Extensions -- 4 Complexity Analysis -- 5 Security Analysis -- 6 Experimental Evaluation -- 7 Related Work -- 8 Conclusion and Future Work -- References -- Secure and Trustable Distributed Aggregation Based on Kademlia -- 1 Introduction -- 2 Aggregation Protocol -- 3 Basic Aggregation -- 4 Recursive Aggregation over the Kademlia Binary Tree -- 5 Robust Aggregation -- 6 Protocol Properties -- 7 Experimental Confidentiality Analysis -- 8 Conclusion -- References -- Operating System and Firmware Security -- HyBIS: Advanced Introspection for Effective Windows Guest Protection -- 1 Introduction -- 1.1 Motivation -- 1.2 Contribution -- 2 Related Work -- 3 HyBIS - Approach and Functionalities -- 3.1 HyBIS Functionalities -- 4 HyBIS - Design, Architecture and Implementation -- 4.1 Architecture -- 4.2 Technology Info -- 4.3 Implementation Details -- 4.4 Further Details -- 5 Evaluation -- 6 Conclusion and Future Work -- References -- Detection of Side Channel Attacks Based on Data Tainting in Android Systems -- 1 Introduction -- 2 Background -- 2.1 Dynamic Taint Analysis -- 2.2 TaintDroid -- 3 Target Threat Model -- 4 Side Channels Attacks -- 4.1 Timing Attack -- 4.2 Cache Memory Attack -- 4.3 Meta Data Attacks -- 4.4 Graphics Processing Unit Attacks -- 5 Detection of Side Channel Attacks -- 5.1 Timing Side Channel Propagation Rule -- 5.2 Memory Cache Side Channel Propagation Rules -- 5.3 Meta Data Propagation Rule -- 5.4 GPU Propagation Rule -- 6 Implementation
3.3 Characterizing the Mis-CNN-Classified Images
Secure Photo Sharing in Social Networks -- 1 Introduction -- 2 Preliminaries -- 2.1 Access Structure -- 2.2 Linear Secret Sharing Scheme -- 2.3 Multi-authority Attributes -- 2.4 Bilinear Pairings -- 2.5 Security Assumptions -- 2.6 MA-ABE Algorithms -- 3 System Design -- 3.1 Diaspora's Architecture and Assumptions -- 3.2 MA-ABE in Diaspora -- 4 Evaluation -- 5 Related Work -- 6 Conclusions -- References -- Context-Dependent Privacy-Aware Photo Sharing Based on Machine Learning -- 1 Introduction -- 2 Related Work -- 3 A Model for Context-/Privacy-Aware Photo Sharing -- 3.1 Security Assumption and Operating Principle -- 3.2 Feature Definition -- 3.3 Photo Sharing Decisions -- 4 User Study and Data Collection -- 5 Evaluation and Analysis -- 5.1 Methodology -- 5.2 Within-Subject Analysis -- 5.3 One-Size-Fits-All Model -- 5.4 Influences of Features on Decision Making -- 6 Discussions -- 7 Conclusion -- References -- 3LP: Three Layers of Protection for Individual Privacy in Facebook -- 1 Introduction -- 2 The Importance of Friendship Links -- 2.1 Data Sets -- 2.2 Empirical Demonstration -- 3 Our Technique -- 4 Experimental Results and Discussion -- 5 Conclusion -- References -- A Framework for Moving Target Defense Quantification -- 1 Introduction -- 2 Related Work -- 3 Threat Model and Assumptions -- 4 Quantification Framework -- 4.1 Mathematical Model -- 4.2 Computing MTD Effectiveness -- 5 Experimental Evaluation -- 6 Applications -- 6.1 Comparing MTDs -- 6.2 Selecting Optimal Defenses -- 6.3 Extending the Framework -- 7 Conclusions and Future Work -- References -- Private Queries and Aggregations -- Query Privacy in Sensing-as-a-Service Platforms -- 1 Introduction -- 2 Related Work -- 3 Problem Definition -- 3.1 System Model -- 3.2 Adversarial Model -- 4 Query Privacy for Sensing Platforms Protocol -- 4.1 Overview -- 4.2 Preliminaries
User Authentication and Policies -- On the Use of Emojis in Mobile Authentication -- 1 Introduction -- 2 Related Work -- 3 EmojiAuth: Emoji-Based Authentication Scheme -- 4 Lab Study -- 4.1 Methodology and Procedure -- 4.2 Results -- 5 Field Study -- 5.1 Methodology and Procedure -- 5.2 Shoulder-Surfing Experiment -- 5.3 Results -- 6 Discussion and Conclusion -- References -- EmojiTCHA: Using Emotion Recognition to Tell Computers and Humans Apart -- 1 Introduction -- 2 Preliminaries -- 2.1 Microsoft Project Oxford -- 2.2 Emoji Character Set -- 3 Related Work -- 4 Methodology -- 5 CAPTCHA Challenge Generation -- 6 EmojiTCHA Usability Study -- 7 Design Limitations and Security Analysis -- 8 Conclusions and Future Work -- References -- Assisted Authoring, Analysis and Enforcement of Access Control Policies in the Cloud -- 1 Introduction -- 2 A Running Example -- 3 An Abstract Access Control Model for the Cloud -- 4 From Abstract to Enforceable Policies in the Cloud -- 4.1 Reconstruction of the Amazon and OpenStack AC Model -- 4.2 Policy Support in Amazon and OpenStack -- 5 SecurePG -- 5.1 Policy Generator Engine -- 5.2 Abstract Policy Analysis Engine -- 6 Discussion -- References -- Capturing Policies for BYOD -- 1 Introduction -- 1.1 Related Work -- 2 Capturing BYOD Policies -- 3 Instantiating SecPAL -- 4 BYOD Policies -- 5 Authorization Example -- 6 BYOD Idioms -- 7 Conclusions -- References -- Applied Cryptography and Voting Schemes -- Improving Blind Steganalysis in Spatial Domain Using a Criterion to Choose the Appropriate Steganalyzer Between CNN and SRM+EC -- 1 Introduction -- 2 Related Works -- 2.1 Steganography -- 2.2 CNN-Based Steganalysis -- 3 Convolutional Neural Networks for Image Steganalysis -- 3.1 The CNN Architecture Proposed by Xu et al. [23] -- 3.2 Detection Performance Evaluation of the CNN
6.1 Timing Attack Detection -- 6.2 Cache Memory Attack Detection -- 6.3 Meta Data Attacks Detection -- 6.4 Graphics Processing Unit Attacks Detection -- 7 Evaluation -- 7.1 Effectiveness -- 7.2 False Positives -- 7.3 Performance -- 8 Discussion -- 9 Related Work -- 9.1 Software Side Channels Attacks -- 9.2 Side Channels Countermeasures -- 10 Conclusion -- References -- The Fuzzing Awakens: File Format-Aware Mutational Fuzzing on Smartphone Media Server Daemons -- 1 Introduction -- 2 Background -- 2.1 Attack Vectors: Media Server Daemons and Multimedia Files -- 2.2 Seed File Format -- 3 File Format-Aware Mutational Fuzzing -- 3.1 Overview -- 3.2 Challenges -- 3.3 Main Phases -- 4 Evaluation -- 4.1 General Results -- 4.2 Comparisons -- 5 Limitations and Future Work -- 6 Related Work -- 7 Conclusion -- References -- Towards Automated Classification of Firmware Images and Identification of Embedded Devices -- 1 Introduction -- 2 Firmware Classification and Identification -- 2.1 Discussion on ``Naive'' Attempts -- 2.2 Dataset -- 2.3 Features Selection -- 2.4 Evaluation -- 3 Device Fingerprinting and Identification -- 3.1 Discussion on ``Naive'' Attempts -- 3.2 Dataset -- 3.3 Features for Web Interface Fingerprinting -- 3.4 Scoring Systems for Features -- 3.5 Evaluation -- 4 Usage Scenarios -- 4.1 Firmware Classification -- 4.2 Device Fingerprinting and Identification -- 4.3 Automated End-to-End Scenario -- 5 Related Work -- 6 Conclusion -- References -- Runtime Firmware Product Lines Using TPM2.0 -- 1 Introduction -- 2 General Idea -- 3 Related Work -- 3.1 Secure Runtime Product Lines -- 3.2 Overlay Filesystems -- 3.3 TPM 2.0 -- 4 Concept -- 4.1 Device Production -- 4.2 Firmware Creation -- 4.3 Booting a Model-Specific Firmware -- 5 Discussion -- 5.1 Security -- 5.2 Extensions -- 6 Implementation -- 7 Conclusion and Future Work -- References
Intro -- Preface -- Organization -- Contents -- Network Security and Cyber Attacks -- Turning Active TLS Scanning to Eleven -- 1 Introduction -- 2 Background -- 2.1 Related Work -- 3 Methodology -- 3.1 Introducing New Approaches -- 3.2 Implemented Approaches -- 4 Results -- 4.1 Experimental Results -- 4.2 Cipher Suite Results of Top-10k Domains -- 5 Discussion -- 6 Conclusion -- References -- Slow TCAM Exhaustion DDoS Attack -- 1 Introduction -- 1.1 Slow TCAM Exhaustion Attacks -- 2 Slow TCAM Exhaustion Attack (Slow-TCAM) -- 2.1 Attacking SDN -- 2.2 Slow-TCAM -- 3 Slow-TCAM Experimental Analysis -- 4 Mitigating Slow-TCAM -- 4.1 SIFT -- 4.2 Experimental Results with SIFT -- 5 Related and Future Work -- References -- Evasive Malware Detection Using Groups of Processes -- 1 Introduction -- 2 Related Work -- 3 Proposed Solution -- 3.1 The Management of Groups -- 3.2 Heuristics -- 3.3 Remediation -- 4 Technical Results -- 4.1 Detection Tests -- 4.2 Limitations of the Solution -- 5 Conclusions -- References -- A Malware-Tolerant, Self-Healing Industrial Control System Framework -- 1 Introduction -- 2 Overview -- 2.1 Traditional Industrial Control System Architecture -- 2.2 Assumptions -- 2.3 Proposed Architecture -- 3 Security Analysis and Results -- 3.1 ProVerif Proofs -- 3.2 Evaluation of Self-healing FreeRTOS -- 3.3 Performance Analysis of TrustZone -- 4 Discussion -- 4.1 Attacks -- 4.2 Diversity of PLCs -- 4.3 Implications -- 5 Related Work and Comparison -- 6 Conclusion -- References -- Process Discovery for Industrial Control System Cyber Attack Detection -- 1 Introduction -- 2 Background -- 3 ICS Modeling Requirements -- 4 Experiment -- 4.1 Experimental Setup -- 4.2 Experimental Methodology -- 5 Results and Analysis -- 6 Conclusion -- References -- Security and Privacy in Social Applications and Cyber Attacks Defense