Secure IT Systems 21st Nordic Conference, NordSec 2016, Oulu, Finland, November 2-4, 2016. Proceedings
This book constitutes the proceedings of the 21st Nordic Conference on Secure IT Systems, held in Oulu, Finland, in November 2016. The 16 full papers presented in this volume were carefully reviewed and selected from 43 submissions.The focus of the conference is on following topics: Security, System...
Saved in:
| Main Authors | , |
|---|---|
| Format | eBook |
| Language | English |
| Published |
Cham
Springer Nature
2016
Springer International Publishing AG Springer |
| Edition | 1 |
| Series | LNCS sublibrary. SL 4, Security and cryptology |
| Subjects | |
| Online Access | Get full text |
| ISBN | 9783319475608 3319475606 9783319475592 3319475592 |
Cover
| Abstract | This book constitutes the proceedings of the 21st Nordic Conference on Secure IT Systems, held in Oulu, Finland, in November 2016. The 16 full papers presented in this volume were carefully reviewed and selected from 43 submissions.The focus of the conference is on following topics: Security, System Security, Network Security, Software Security, and Information Security.<data security, mobile="" security, security="" protocols, risk="" management, security="" models,="" and vulnerability=""> |
|---|---|
| AbstractList | This book constitutes the proceedings of the 21st Nordic Conference on Secure IT Systems, held in Oulu, Finland, in November 2016. The 16 full papers presented in this volume were carefully reviewed and selected from 43 submissions.The focus of the conference is on following topics: Security, System Security, Network Security, Software Security, and Information Security.<data security, mobile="" security, security="" protocols, risk="" management, security="" models,="" and vulnerability=""> |
| Author | Brumley, Billy Bob Röning, Juha |
| Author_xml | – sequence: 1 fullname: Brumley, Billy Bob – sequence: 2 fullname: Röning, Juha |
| BookMark | eNqNz0tLw0AUBeARH1hrFv6D4kZcFO68M0sNVQsFFy1uh8n0jq1NMzWT-vj3BuNGV64uBz7O4Z6RozrWeEAyo3POqRFaKsgP_-QTMjCKckZZrk9JltILAFCtqNB8QC7m6PcNjqaL0fwztbhN5-Q4uCph9nOH5OlusigexrPH-2lxMxs7xrX5GJcygAmOLTFnXjoIJXihBDgjvUJgIu82JWfBBaDgKHaTlIsAS19qL5APyXVf7NIG39MqVm2ybxWWMW6S_fVDZ696u2vi6x5Ta7-Zx7ptXGUnt4XioDQT_5BSaqOZ6eRlL71LrlrXa7uNdXxu3G6VrBRUU6r5F1XNYvI |
| ContentType | eBook |
| DBID | I4C |
| DEWEY | 005 |
| DatabaseName | Casalini Torrossa eBooks Institutional Catalogue |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9783319475608 3319475606 |
| Edition | 1 1st Edition 2016 |
| Editor | Brumley, Billy Bob R'ning, Juha |
| Editor_xml | – sequence: 1 fullname: Brumley, Billy Bob – sequence: 2 fullname: R'ning, Juha |
| ExternalDocumentID | 9783319475608 EBC6306724 EBC5579729 5417117 |
| GroupedDBID | 0D6 0DA 38. AABBV AAMCO AAPIT AAQZU ABBVZ ABMNI ABOWU ACLMJ ADCXD ADPGQ AEDXK AEJGN AEKFX AETDV AEZAY ALMA_UNASSIGNED_HOLDINGS AORVH AZZ BBABE CZZ I4C IEZ LDH NUC SAO SBO SWNTM TPJZQ TSXQS Z7R Z7S Z7U Z7W Z7X Z7Y Z7Z Z81 Z83 Z84 Z87 Z88 AEJLV Z85 |
| ID | FETCH-LOGICAL-a2379x-b5f09fa2de82c5a0fb0c4640a95c6e0248321532faf010a1e761134f0dcb7c4e3 |
| ISBN | 9783319475608 3319475606 9783319475592 3319475592 |
| IngestDate | Tue Aug 19 03:56:00 EDT 2025 Fri May 30 22:03:10 EDT 2025 Fri May 30 23:22:14 EDT 2025 Tue Nov 14 22:52:34 EST 2023 |
| IsPeerReviewed | false |
| IsScholarly | false |
| LCCallNum_Ident | Q |
| Language | English |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-a2379x-b5f09fa2de82c5a0fb0c4640a95c6e0248321532faf010a1e761134f0dcb7c4e3 |
| OCLC | 961321287 |
| PQID | EBC5579729 |
| PageCount | 272 |
| ParticipantIDs | askewsholts_vlebooks_9783319475608 proquest_ebookcentral_EBC6306724 proquest_ebookcentral_EBC5579729 casalini_monographs_5417117 |
| PublicationCentury | 2000 |
| PublicationDate | 2016 2016-10-20 |
| PublicationDateYYYYMMDD | 2016-01-01 2016-10-20 |
| PublicationDate_xml | – year: 2016 text: 2016 |
| PublicationDecade | 2010 |
| PublicationPlace | Cham |
| PublicationPlace_xml | – name: Netherlands – name: Cham |
| PublicationSeriesTitle | LNCS sublibrary. SL 4, Security and cryptology |
| PublicationYear | 2016 |
| Publisher | Springer Nature Springer International Publishing AG Springer |
| Publisher_xml | – name: Springer Nature – name: Springer International Publishing AG – name: Springer |
| SSID | ssj0001761473 |
| Score | 1.9942502 |
| Snippet | This book constitutes the proceedings of the 21st Nordic Conference on Secure IT Systems, held in Oulu, Finland, in November 2016. The 16 full papers presented... |
| SourceID | askewsholts proquest casalini |
| SourceType | Aggregation Database Publisher |
| SubjectTerms | Algorithms Biometry Computer programming, programs, data Computer security |
| Subtitle | 21st Nordic Conference, NordSec 2016, Oulu, Finland, November 2-4, 2016. Proceedings |
| TableOfContents | Secure, Usable and Privacy-Friendly User Authentication from Keystroke Dynamics -- 1 Introduction -- 2 Previous Work -- 3 Methods -- 3.1 Threat Model -- 3.2 Measuring Keystrokes -- 3.3 Protecting Privacy -- 3.4 Providing Security -- 3.5 Our Implementation -- 4 Empirical Results -- 4.1 Authentication -- 4.2 Impersonation -- 5 Discussion -- 6 Conclusion -- References -- Author Index Understanding How Components of Organisations Contribute to Attacks -- 1 Introduction -- 2 System and Attack Models -- 2.1 System Models -- 2.2 Attack Models -- 2.3 Running Example -- 3 Visualising Attacks -- 3.1 Evaluating Attack Models -- 3.2 Attack Tree Visualisations -- 3.3 Pareto-Efficient Solutions -- 4 Contribution of Components of Organisations to Attacks -- 4.1 Measuring Impact -- 4.2 Counting Occurrences -- 4.3 Weighted Sum -- 4.4 Visualising Paths -- 4.5 Visualising Pareto-Efficient Solutions -- 4.6 Visualising Different Components -- 5 Conclusion -- References -- A Stochastic Framework for Prediction of Malware Spreading in Heterogeneous Networks -- 1 Introduction -- 2 Related Work -- 3 A Model for Spreading in Heterogeneous Networks -- 3.1 Formal Description of the Network -- 3.2 Predictions for a Bounded Outbreak -- 3.3 Predictions for an Unlimited Outbreak -- 4 Modeling Malware Spreading in Networks -- 4.1 Propagation Using Phishing Emails -- 4.2 Propagation Over Shared Network Drives -- 4.3 Propagation by Exploiting System Vulnerabilities -- 5 Implementation -- 6 Conclusion -- References -- Network Security -- Creating and Detecting IPv6 Transition Mechanism-Based Information Exfiltration Covert Channels -- 1 Introduction -- 2 Background and Related Previous Work -- 3 Covert Channel Implementations -- 3.1 Protocol Tunneling -- 3.2 Proof-of-Concept Nc64 Tool -- 3.3 Proof-of-Concept Tun64 Tool -- 4 Testing Environment and Test Description -- 4.1 Attack Scenario -- 4.2 Testing Environment -- 5 Experiment Execution and Discussion of Results -- 6 Conclusions -- A Appendix -- References -- ML: DDoS Damage Control with MPLS -- 1 Introduction -- 2 Background -- 2.1 Characteristics of a Distributed Reflective DDoS Attack -- 2.2 Definitions -- 2.3 Assumptions -- 3 State of the Art -- 3.1 Traffic Filtering -- 3.2 Congestion Control Intro -- Preface -- Organization -- Contents -- System Security -- Event-Triggered Watermarking Control to Handle Cyber-Physical Integrity Attacks -- 1 Introduction -- 2 Background -- 2.1 Cyber-Physical Attacks -- 2.2 Control Strategies -- 2.3 Watermark-Based Attack Detection -- 3 Watermark-Based Attack Detection Against a New Adversary Model -- 3.1 Numerical Validation -- 4 PIETC Watermark-Based Detection Strategy -- 4.1 Local Controller Design -- 4.2 Remote Controller Design -- 4.3 Periodic Communication Policy -- 4.4 Intermittent Communication Policy -- 4.5 New Parametric Cyber-Physical Adversary -- 4.6 Numerical Validation -- 5 Related Work -- 6 Conclusion -- References -- Detecting Process-Aware Attacks in Sequential Control Systems -- 1 Introduction -- 2 Related Work -- 3 Background -- 3.1 Industrial Control Systems -- 3.2 Runtime Verification -- 3.3 Process Specification Mining -- 4 Attack Detection Approach -- 4.1 General Overview -- 4.2 Mining Process Specifications -- 4.3 Specifications Filtering Rules -- 5 Evaluation -- 5.1 Process Description -- 5.2 Experimental Setup -- 5.3 Results -- 6 Conclusion -- References -- Towards an Automated and Dynamic Risk Management Response System -- 1 Introduction -- 2 Dynamic Return on Response Investment (RORI) -- 2.1 Description of the Dynamic RORI Model -- 2.2 Computation of the Dynamic RORI Parameters -- 3 Dynamic Risk Management Response System -- 3.1 Response Plan Generation Process -- 3.2 Response Selection and Visualization -- 4 System Testing and Experimentation -- 5 Case Study: Automated Response in a Critical Infrastructure System -- 5.1 Threat Scenario -- 5.2 Input Information -- 5.3 Dynamic RORI Evaluation -- 5.4 Response Plan Generation -- 5.5 Response Plan Selection and Visualization -- 6 Related Work -- 7 Conclusions and Future Work -- References 4 Concepts and Architecture -- 4.1 Design Overview -- 4.2 Workflow -- 4.3 Threshold-Based Bloom Filter -- 5 Experimentations -- 5.1 Experimental Approach -- 5.2 Variables and Metrics -- 5.3 Results -- 5.4 Discussion on Experimentation -- 6 Conclusion -- References -- Software Security -- Empirical Analysis on the Use of Dynamic Code Updates in Android and Its Security Implications -- 1 Introduction -- 2 Motivating Examples -- 3 Analysis Tool: Design and Implementation -- 4 Application Analysis -- 4.1 API Selection -- 4.2 Dataset Description -- 5 Analysis Results and Discussion -- 6 Considerations on Analysis Tools for Android -- 7 Limitations -- 8 Related Work -- 9 Conclusion -- References -- Evaluation of Resource-Based App Repackaging Detection in Android -- 1 Introduction -- 2 Resource-Based Repackaging Detection -- 3 Dataset -- 4 Resource Similarity Evaluation -- 5 Fine-Tuning the Basic Approach -- 6 Resource Files Analysis and Improved Classification -- 7 Discussion -- 8 Conclusions -- References -- A Survey on Internal Interfaces Used by Exploits and Implications on Interface Diversification -- 1 Introduction -- 2 Interface Diversification -- 2.1 The General Idea -- 2.2 Internal and External Interfaces -- 3 Study Setup -- 3.1 The Setting of the Study -- 3.2 Variables -- 4 Results -- 4.1 The Types of Payloads -- 4.2 The Found Interfaces -- 4.3 Attack Types and Attack Vectors -- 4.4 Evaluation -- 5 Existing Interface Diversification Research -- 6 Conclusions -- References -- A Tale of the OpenSSL State Machine: A Large-Scale Black-Box Analysis -- 1 Introduction -- 2 TLS -- 3 State Machine Inference -- 4 Setup -- 5 Analysing the OpenSSL State Machines -- 5.1 Server-Side -- 5.2 Client-Side -- 6 Conclusion -- References -- Cryptography -- Speeding up R-LWE Post-quantum Key Exchange -- 1 Introduction -- 2 Preliminaries 3 Considerations in Generating the Public Polynomial -- 4 Our Optimizations -- 4.1 Decreasing the Rejection Rate -- 4.2 Vectorized Rejection Sampling -- 4.3 Fast Generation of Pseudorandom Bytes -- 5 Results -- 6 Conclusion -- A Vectorized Rejection Sampling - Code Snippets -- References -- Efficient Sparse Merkle Trees -- 1 Introduction -- 2 Preliminaries -- 2.1 Merkle Trees -- 2.2 Setting and Cryptographic Assumptions -- 3 Sparse Merkle Trees -- 3.1 Non-Membership Proofs and High-Level Properties -- 3.2 Tractable Representations -- 3.3 Earlier Proposals -- 3.4 Our Approach -- 4 Efficient Representations -- 4.1 Caching Strategies -- 4.2 The Cache Routine -- 4.3 Recurrences -- 5 Security -- 5.1 The Merkle Prefix Tree in CONIKS -- 5.2 A Secure Encoding for Sparse Merkle Trees -- 5.3 Security Aspects of Caching Strategies -- 6 Performance -- 7 Related Work -- 8 Conclusion -- References -- Secure Multiparty Sorting Protocols with Covert Privacy -- 1 Introduction -- 2 Related Work -- 3 Preliminaries -- 3.1 Universal Composability and Secure Multiparty Computation -- 3.2 Privacy vs. Security -- 3.3 Protocols for Oblivious Sorting -- 3.4 Covert Security -- 4 Covertly Private SMC -- 5 Analysis of Oblivious Sorting Methods -- 5.1 Methods Based on Shuffling and Comparison -- 5.2 Counting Sort -- 6 Covertly Private Reordering -- 7 Conclusions -- References -- Authentication -- PASSPHONE: Outsourcing Phone-Based Web Authentication While Protecting User Privacy -- 1 Introduction -- 2 Related Work -- 3 The PASSPHONE: Authentication Scheme -- 3.1 Bootstrapping -- 3.2 Authentication -- 3.3 Key Management -- 4 Formal Security Analysis -- 4.1 Authentication-Attack Resistance -- 4.2 Anonymity -- 4.3 Unlinkability -- 5 Automatic Security Analysis -- 6 Prototype Implementation -- 7 Comparative Evaluation -- 8 Practical Application -- 9 Conclusion -- References |
| Title | Secure IT Systems |
| URI | http://digital.casalini.it/9783319475608 https://ebookcentral.proquest.com/lib/[SITE_ID]/detail.action?docID=5579729 https://ebookcentral.proquest.com/lib/[SITE_ID]/detail.action?docID=6306724 https://www.vlebooks.com/vleweb/product/openreader?id=none&isbn=9783319475608 |
| Volume | 10014 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3NS8MwFI_7uLiL8wvnVIp4k0rbpEl71DHZhnqqY7eSpMlFmWA7Ef96X7as3aYM9BLa0Ka8vOS990vfB0JXEZgUWYZ9F0c8domW1OWeCF1OhSSSM6Lndcgen-jgmYwm4aS2Q1e8lmaFuJFfv8aV_Ier0Ad8NVGyf-BsOSh0wDXwF1rgMLQbxm95a-M3zCm5uh4maxnHLXj3N8H78vDOeCbbBCIltsOwOQgDgySqRHXpQBcSn_k-q6M6Y7Cvm7f90cO4OltioHSZKWFRDkIXyYaqQVuoxfMXEKQgZIvcaGWecxOM-UMpzTVt0kZNZcIv9lFNTQ_Q3rLohGNl0CFqL2h3holjaT9C4_t-0hu4tq6DywPM4k9XhNqLNQ8yFQUy5J4WniSUeDwOJVUmyxoGSwQHmmuAi9xXQI-PifYyKZgkCh-jxvRtqk6Qo0TAtGQqzlRMRJTFmnpYy4wGHGA_8zvocoXM9ON1_g86T9fmooO6S-pTWCKLXOF5aie5g5zlhKTzt63bbNq_64UhiwGebHuEGlAWkNOt3-ii3Wp5nKFG8T5T52DtFOLCMvcbkWH9Mw |
| linkProvider | Library Specific Holdings |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=book&rft.title=Secure+IT+Systems&rft.date=2016-01-01&rft.pub=Springer+Nature&rft.isbn=9783319475608&rft.externalDocID=5417117 |
| thumbnail_m | http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=https%3A%2F%2Fvle.dmmserver.com%2Fmedia%2F640%2F97833194%2F9783319475608.jpg |