Showing total 3,664 results

1. Efficient Wet Paper Codes.

Author

Barni, Mauro, Herrera-Joancomartí, Jordi, Katzenbeisser, Stefan, Pérez-González, Fernando, Fridrich, Jessica, Goljan, Miroslav, and Soukal, David

Abstract

Wet paper codes were proposed as a tool for constructing steganographic schemes with an arbitrary selection channel that is not shared between the sender and the recipient. In this paper, we describe new approaches to wet paper codes that enjoy low computational complexity and improved embedding efficiency (number of message bits per embedding change). Some applications of wet paper codes to steganography and data embedding in binary images are discussed. [ABSTRACT FROM AUTHOR]

Published

2005

2. Tools and Technology for Computer Forensics: Research and Development in Hong Kong (Invited Paper).

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Rangan, C. Pandu, Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Dawson, Ed, Wong, Duncan S., Hui, Lucas C. K., Chow, K. P., and Yiu, S. M.

Abstract

With the increased use of Internet and information technology all over the world, there is an increased amount of criminal activities that involve computing and digital data. These digital crimes (e-crimes) impose new challenges on prevention, detection, investigation, and prosecution of the corresponding offences. Computer forensics (also known as cyberforensics) is an emerging research area that applies computer investigation and analysis techniques to help detection of these crimes and gathering of digital evidence suitable for presentation in courts. This new area combines the knowledge of information technology, forensics science, and law and gives rise to a number of interesting and challenging problems related to computer security and cryptography that are yet to be solved. In this paper, we present and discuss some of these problems together with two successful cases of computer forensics technology developed in Hong Kong that enable the law enforcement departments to detect and investigate digital crimes more efficiently and effectively. We believe that computer forensics research is an important area in applying security and computer knowledge to build a better society. [ABSTRACT FROM AUTHOR]

Published

2007

3. Best Paper: Stabilizing Clock Synchronization for Wireless Sensor Networks.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Rangan, C. Pandu, Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Datta, Ajoy K., Gradinariu, Maria, Herman, Ted, and Zhang, Chen

Abstract

One of the simplest protocols for clock synchronization in wireless ad hoc and sensor networks is the converge-to-max protocol, which has the simple logic of adjusting each node's clock to be at least as large as any neighbor's. This paper examines the converge-to-max protocol, showing it to be stabilizing even when node clocks have skew, bounded domains, and dynamic communication links. [ABSTRACT FROM AUTHOR]

Published

2006

4. Practical Security Analysis of Dirty Paper Trellis Watermarking.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Furon, Teddy, Cayre, François, Doërr, Gwenaël, and Bas, Patrick

Abstract

This paper analyses the security of dirty paper trellis (DPT) watermarking schemes which use both informed coding and informed embedding. After recalling the principles of message embedding with DPT watermarking, the secret parameters of the scheme are highlighted. The security weaknesses of DPT watermarking are then presented: in the watermarked contents only attack (WOA) setup, the watermarked data-set exhibits clusters corresponding to the different patterns attached to the arcs of the trellis. The K-means clustering algorithm is used to estimate these patterns and a co-occurrence analysis is performed to retrieve the connectivity of the trellis. Experimental results demonstrate that it is possible to accurately estimate the trellis configuration, which enables to perform attacks much more efficient than simple additive white Gaussian noise (AWGN). [ABSTRACT FROM AUTHOR]

Published

2008

5. What Are the Future Possibilities of eDemocracy? A Discussion Paper.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Wimmer, Maria A., Scholl, Jochen, Grönlund, Åke, and Boyd, Ovid Pacific

Abstract

This paper presents some future possibilities for eDemocracy tools and considers how these new technologies might conflict with our basic assumptions about what democracy should be. I hope this paper will contribute to discussion of under what situations different forms of eDemocracy are appropriate. The possibilities and repercussions of user profiling, voting outside of polling booths, longer decision-making periods, changeable election results and weighted voted are considered. Although none are necessarily advisable, this paper suggests they might be interesting to consider. [ABSTRACT FROM AUTHOR]

Published

2007

6. e-Gov Research Quality Improvements Since 2003: More Rigor, but Research (Perhaps) Redefined.

Author

Wimmer, Maria A., Scholl, Hans J., Andersen, Kim Viborg, Grönlund, Åke, and Andersson, Annika

Abstract

This paper follows up on an earlier study [1] by assessing the nature of 80 papers from EGOV 05 in terms of rigor and relevance criteria. Both studies use the same method and makes comparison between the results. We find that however still focusing overwhelmingly on descriptions and little on theory testing and creation, paper quality appears much better in that references to literature have increased grossly, there are very few dubious claims, philosophical research and theoretical arguments are virtually extinct, and the number of case stories is vastly reduced. However, the number of product descriptions is more than doubled to just over 30 %. The reasons for this are discussed, and as most of these papers are based on EU research funding we propose that an important reason may be the funding mechanism where researchers are employed as helpers in product development rather than critical scrutiny and analysis. [ABSTRACT FROM AUTHOR]

Published

2006

7. On the Use of Different Statistical Tests for Alert Correlation - Short Paper.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Kruegel, Christopher, Lippmann, Richard, Clark, Andrew, Maggi, Federico, and Zanero, Stefano

Abstract

In this paper we analyze the use of different types of statistical tests for the correlation of anomaly detection alerts. We show that the Granger Causality Test, one of the few proposals that can be extended to the anomaly detection domain, strongly depends on good choices of a parameter which proves to be both sensitive and difficult to estimate. We propose a different approach based on a set of simpler statistical tests, and we prove that our criteria work well on a simplified correlation task, without requiring complex configuration parameters. [ABSTRACT FROM AUTHOR]

Published

2007

8. From Simulations to Theorems: A Position Paper on Research in the Field of Computational Trust.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Dimitrakos, Theo, Martinelli, Fabio, Ryan, Peter Y. A., Schneider, Steve, and Krukow, Karl

Abstract

Since the millennium, a quickly increasing number of research papers in the field of "computational trust and reputation" have appeared in the Computer Science literature. However, it remains hard to compare and evaluate the respective merits of proposed systems. We argue that rigorous use of formal probabilistic models enables the clear specification of the assumptions and objectives of systems, which is necessary for comparisons. To exemplify such probabilistic modeling, we present a simple probabilistic trust model in which the system assumptions as well as its objectives are clearly specified. We show how to compute (in this model) the so-called predictive probability: The probability that the next interaction with a specific principal will have a specific outcome. We sketch preliminary ideas and first theorems indicating how the use of probabilistic models could enable us to quantitatively compare proposed systems in various different environments. [ABSTRACT FROM AUTHOR]

Published

2007

9. A Fair Anonymous Submission and Review System.

Author

Leitold, Herbert, Markatos, Evangelos, Naessens, Vincent, Demuynck, Liesje, and Decker, Bart

Abstract

Reputation systems play an important role in many Internet communities. They allow individuals to estimate other individual's behavior during interactions. However, a more privacy-friendly reputation system is desirable while maintaining its trustworthiness. This paper presents a fair anonymous submission and review system. The review process is reputation-based and provides better anonymity properties than existing reputation systems. Moreover, the system allows for accountability measures. Anonymous credentials are used as basic blocks. [ABSTRACT FROM AUTHOR]

Published

2006

10. Trends in Computer Crime and Cybercrime Research During the Period 1974-2006: A Bibliometric Approach.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Rangan, C. Pandu, Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Yang, Christopher C., Zeng, Daniel, Chau, Michael, Kuiyu Chang, and Qing Yang

Abstract

The aim of this study is to explore trends in computer crime and cybercrime research from 1974 to 2006. All publications for this analysis were drawn from the ISI Web of Science, the Science Citation Index (SCI), and the Social Science Citation Index (SSCI). The ISI Web of Science is considered a powerful and relatively accurate tool in bibliometric studies. About 292 papers related to computer crime and cybercrime were published during this period. The greatest number of these papers was written in English, and the annual output increased significantly after 2003. In the period under study, most papers originated in the USA. Approximately 57% of the publications were articles, and 72% of these articles had single authors. More bibliometric analyses are described in this study, which shows a high scientific production of articles on computer crime and cybercrime publications. [ABSTRACT FROM AUTHOR]

Published

2007

11. On the Security of a Popular Web Submission and Review Software (WSaR) for Cryptology Conferences.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Swee-Won Lo, and Phan, Raphael C. -W.

Abstract

Most, if not all, conferences use an online system to handle paper submissions and reviews. Introduction of these systems has significantly facilitated the administration, submission and review process compared to traditional paper-based ones. However, it is crucial that these systems have strong resistance against Web attacks as they involve confidential data and privacy. Some submissions could be leading edge breakthroughs that authors do not wish to leak out and be subtly plagiarized. Also, security of the employed system will attract more submissions to conferences that use it and gives confidence of the quality that the conferences uphold. In this paper, we analyze the security of the Web-Submission-and-Review (WSaR) software - latest version 0.53 beta at the time of writing; developed by Shai Halevi from IBM Research. WSaR is currently in use by top cryptology and security-related conferences including Eurocrypt 2007 & 2008, Crypto 2007, and Asiacrypt 2007, annually sponsored by the International Association for Cryptologic Research (IACR). We present detailed analysis on WSaR's security features. In particular, we first discuss the desirable security features that are designed into WSaR and what attacks these features defend against. Then, we discuss how some untreated security issues may lead to problems, and we show how to enhance WSaR security features to take these issues into consideration. Our results are the first known careful analysis of WSaR, or any type of online submission system for that matter. [ABSTRACT FROM AUTHOR]

Published

2008

12. Using Packet Combination in Multi-query Optimization for Data Collection in Sensor Networks.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Zhang, Hongke, Olariu, Stephan, Cao, Jiannong, Johnson, David B., and Sun, Jun-Zhao

Abstract

In sensor networks, queries need to be jointly designed, in order to minimize the power consumption and maximize the lifetime. Data reduction techniques can be employed to decrease the size of data to be transferred in the network, and therefore save energy of sensor nodes. This paper presents a novel method for optimizing multi-query in sensor networks. Our approach is, by using packet combination techniques, to reduce the data size of multiple simultaneous queries, so that the energy for data transmission can be saved to the best extent. A delay item is specified together with the query by the application. Then an optimal query plan can be obtained by studying the best time of sending local data to sink that can lead to the minimum cost. Algorithm is described in detail. Performance analysis is performed to validate the effectiveness of the proposed method. [ABSTRACT FROM AUTHOR]

Published

2007

13. Action in Action Research - Illustrations of What, Who, Why, Where, and When from an E-Government Project.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Wimmer, Maria A., Scholl, Jochen, Grönlund, Åke, Melin, Ulf, and Axelsson, Karin

Abstract

The core content of action research (AR) is being able to solve organisational problems through intervention and to contribute to scientific knowledge. The main emphasis when discussing AR has been on the "research part". In this paper we focus on "action part" of AR in order to generate rigorous research, to solve local problems and to deal with evident dilemmas in AR. Action elements are addressed by situations in a project on one-stop government e-service development. As a result of the analysis action is illustrated. Action elements: action, actor, motive, space, time are analysed together with roles. The paper also shows a need to understand initiation, problem and situation addressing as an ongoing process in an AR project. A breakdown in the project is also highlighted and situations where problems discovers the action researcher and vice versa. [ABSTRACT FROM AUTHOR]

Published

2007

14. Model-Based Testing of Optimizing Compilers.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Petrenko, Alexandre, Veanes, Margus, Tretmans, Jan, Grieskamp, Wolfgang, and Zelenov, Sergey

Abstract

We describe a test development method, named OTK, that is aimed at optimizing compiler testing. The OTK method is based on constructing a model of optimizer's input data. The method allows developing tests targeted to testing a chosen optimizer. A formal data model is constructed on the basis of an abstract informal description of an algorithm of the optimizer under test. In the paper, we consider in detail the process of analyzing an optimization algorithm and building a formal model. We also consider in outline the other part of the method, test selection and test running. The OTK method has been successfully applied in several case studies, including test development for several different optimizing compilers for modern architectures. [ABSTRACT FROM AUTHOR]

Published

2007

15. Informed Recognition in Software Watermarking.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Rangan, C. Pandu, Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Yang, Christopher C., Zeng, Daniel, Chau, Michael, Kuiyu Chang, and Qing Yang

Abstract

Software watermarking is a technique to protect programs from piracy through embedding secret information into the programs. As software unauthorized use and modification are ubiquitous in the world, progresses in software watermarking will certainly benefit software research and industry. In this paper, we study one of core concepts in this area - informed recognition. To recognize a watermark in a software is to judge the existence of such a watermark in the corresponding software code. [ABSTRACT FROM AUTHOR]

Published

2007

16. Electronic Voting in Belgium: Past and Future.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Alkassar, Ammar, Volkamer, Melanie, De Cock, Danny, and Preneel, Bart

Abstract

This paper provides an overview of the electronic and paper-based voting systems that are used in Belgium. It compares the advantages and disadvantages of these systems, and presents a selection of voting systems that have been recommended to the federal and regional governments for future elections in Belgium: an improved paper-based voting system with voter-verifiable paper trails, a family of optical scanning systems, a remote/Internet voting system, and a kiosk/intranet voting system. [ABSTRACT FROM AUTHOR]

Published

2007

17. The Development of Remote E-Voting Around the World: A Review of Roads and Directions.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Alkassar, Ammar, Krimmer, Robert, Triessnig, Stefan, and Volkamer, Melanie

Abstract

Democracy and elections have more than 2.500 years of tradition. Technology has always influenced and shaped the ways elections are held. Since the emergence of the Internet there has been the idea of conducting remote electronic elections. In this paper we reviewed 104 elections with a remote e-voting possibility based on research articles, working papers and also on press releases. We analyzed the cases with respect to the level where they take place, technology, using multiple channels, the size of the election and the provider of the system. Our findings show that while remote e-voting has arrived on the regional level and in organizations for binding elections, on the national level it is a very rare phenomenon. Further paper based elections are here to stay; most binding elections used remote e-voting in addition to the paper channel. Interestingly, providers of e-voting systems are usually only operating in their own territory, as out-of-country operations are very rare. In the long run, for remote e-voting to become a reality of the masses, a lot has to be done. The high number of excluded cases shows that not only documentation is scarce but also the knowledge of the effects of e-voting is rare as most cases are not following simple experimental designs used elsewhere. [ABSTRACT FROM AUTHOR]

Published

2007

18. Authenticated Key Exchange and Key Encapsulation in the Standard Model.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Kurosawa, Kaoru, and Okamoto, Tatsuaki

Abstract

This paper introduces a new paradigm to realize various types of cryptographic primitives such as authenticated key exchange and key encapsulation in the standard model under three standard assumptions: the decisional Diffie-Hellman (DDH) assumption, target collision resistant (TCR) hash functions and pseudo-random functions (PRFs). We propose the first (PKI-based) two-pass authenticated key exchange (AKE) protocol that is comparably as efficient as the existing most efficient protocols like MQV and that is secure in the standard model (under these standard assumptions), while the existing efficient two-pass AKE protocols such as HMQV, NAXOS and CMQV are secure in the random oracle model. Our protocol is shown to be secure in the (currently) strongest security definition, the extended Canetti-Krawczyk (eCK) security definition introduced by LaMacchia, Lauter and Mityagin. This paper also proposes a CCA-secure key encapsulation mechanism (KEM) under these assumptions, which is almost as efficient as the Kurosawa-Desmedt KEM. This scheme is also secure in a stronger security notion, the chosen public-key and ciphertext attack (CPCA) security. The proposed schemes in this paper are redundancy-free (or validity-check-free) and the implication is that combining them with redundancy-free symmetric encryption (DEM) will yield redundancy-free (e.g., MAC-free) CCA-secure hybrid encryption. [ABSTRACT FROM AUTHOR]

Published

2007

19. Acceptance of Voting Technology: Between Confidence and Trust.

Author

Stølen, Ketil, Winsborough, William H., Martinelli, Fabio, Massacci, Fabio, and Pieters, Wolter

Abstract

Social aspects of security of information systems are often discussed in terms of "actual security" and "perceived security". This may lead to the hypothesis that e-voting is controversial because in paper voting, actual and perceived security coincide, whereas they do not in electronic systems. In this paper, we argue that the distinction between actual and perceived security is problematic from a philosophical perspective, and we develop an alternative approach, based on the notion of trust. We investigate the different meanings of this notion in computer science, and link these to the philosophical work of Luhmann, who distinguishes between familiarity, confidence and trust. This analysis yields several useful distinctions for discussing trust relations with respect to information technology. We apply our framework to electronic voting, and propose some hypotheses that can possibly explain the smooth introduction of electronic voting machines in the Netherlands in the early nineties. [ABSTRACT FROM AUTHOR]

Published

2006

20. A Study of Detection Method of Printed Image Alteration Using Digital Watermark.

Author

Yoshiura, Hiroshi, Sakurai, Kouichi, Rannenberg, Kai, Murayama, Yuko, Kawamura, Shinichi, Onishi, Junji, and Ono, Tsukasa

Abstract

The digital watermark is used for detection of digital image alteration. However, most of digital images are printed on the paper document for submitting. Once digital images are printed on the paper, it is hard to detect alteration of it. In this paper, the detection method of printed image alteration by using digital watermark is proposed. [ABSTRACT FROM AUTHOR]

Published

2006

21. Implementation of BioAPI Conformance Test Suite Using BSP Testing Model.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Jihyeon Jang, and Elliott, Stephen J.

Abstract

The purpose of this paper is to design a Conformance Test Suite(CTS) for BSPs(Biometric Service Provider) based upon the BioAPI (Biometric Application Programming Interface) v2.0, an international standard by ISO/IEC JTC1/SC37. The proposed BioAPI CTS enables users to test BSPs without depending on various frameworks. In this paper, a test scheduling tool has been embodied in order to use Test Assertion with XML. In order to demonstrate the performance of the CTS, the experiment was performed using both commercial fingerprint verification and identification BSPs. The developed CTS will be installed at Korean National Biometrics Test Center and used to test whether commercial biometrics products are compliant to BioAPI. [ABSTRACT FROM AUTHOR]

Published

2008

22. Exploiting Security Holes in Lattice Data Hiding.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Furon, Teddy, Cayre, François, Doërr, Gwenaël, Bas, Patrick, and Pérez-Freire, Luis

Abstract

This paper presents a security analysis for data hiding methods based on nested lattice codes, extending the analysis provided by previous works. The security is quantified in an information-theoretic sense by means of the information leakage between the watermarked signals seen by the attacker and the secret key used in the embedding process. The theoretical analysis accomplished in the first part of the paper addresses important issues such as the possibility of achieving perfect secrecy and the impact of the embedding rate and channel coding in the security level. In the second part, a practical algorithm for estimating the secret key is proposed, and the information extracted is used for implementing a reversibility attack on real images. [ABSTRACT FROM AUTHOR]

Published

2008

23. Robust and High Capacity Image Watermarking Based on Jointly Coding and Embedding Optimization.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Furon, Teddy, Cayre, François, Doërr, Gwenaël, Bas, Patrick, and Chuntao Wang

Abstract

A new informed image watermarking algorithm is presented in this paper, which can achieve the information rate of 1/64 bits/pixel with high robustness. Firstly, the LOT (Locally Optimum Test) detector based on HMM in wavelet domain is developed to tackle the issue that the exact strength for informed embedding is unknown to the receiver. Then based on the LOT detector, the dirty-paper code for informed coding is constructed and the metric for the robustness is defined accordingly. Unlike the previous approaches of informed watermarking which take the informed coding and embedding process separately, the proposed algorithm implements a jointly coding and embedding optimization for high capacity and robust watermarking. The Genetic Algorithm (GA) is employed to optimize the robustness and distortion constraints simultaneously. Extensive simulations are carried out which demonstrates that the proposed algorithm achieves significant improvements in performance against JPEG, gain attack, low-pass filtering and so on. [ABSTRACT FROM AUTHOR]

Published

2008

24. Experimental Testing of TCP/IP/Ethernet Communication for Automatic Control.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Petrenko, Alexandre, Veanes, Margus, Tretmans, Jan, Grieskamp, Wolfgang, and Plesowicz, Przemyslaw

Abstract

The TCP/IP/Ethernet protocol is considered not suitable for use in real-time control systems. It deals with a lack of time determinism, which characterizes fieldbuses. Nevertheless several corporations propose networking based on the TCP/IP/Ethernet even for control purposes with some modifications of the standard however. This paper examines possibility of application of the TCP/IP/Ethernet communication without modifications (introducing also Internet as one of tested cases) for feedback control purposes. Experimental investigations have been performed in four stages. In the beginning tests of network properties, including tests of transmission time and packet loss measurements have been performed. Three following stages show experimental testing of feedback control, when TCP/IP transmission occurs between PI controller and control plant. Three representative platforms have been chosen for testing: LabVIEW, RSLogix and Simatic. The main and original contribution presented in this paper is design and construction of three test stands as well as methodology of testing experiments. Standard control over analog channel has been also presented as comparison. The results of testing show acceptable performance of control via TCP/IP/Ethernet networking. [ABSTRACT FROM AUTHOR]

Published

2007

25. A Study of Developing Virtual Prototyping by Using JavaBean Interface Tool and SystemC Engine.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Obermaisser, Roman, Nah, Yunmook, Puschner, Peter, Rammig, Franz J., and Sukmana, Husni Teja

Abstract

SystemC is a popular open source library in C++ for developing embedded system design, from the abstract System Level Design until the accurate Register Transfer Level Design. SystemC simulation, however, runs in console mode (text-based), thus making it difficult for user to interact with the simulation. To extend the capabilities of SystemC simulation, it is necessary to create Graphical User Interface. In this paper we recommend to use RapidPLUS tool for making the interface for embedded system prototype to reduce time to market. We also propose the connectivity between RapidPLUS and SystemC by using socket communication that attached in JavaBean RapidPLUS object [ABSTRACT FROM AUTHOR]

Published

2007

26. Experimental Analysis on Time-Triggered Power Consumption Measurement with DVS-Enabled Multiple Power Domain Platform.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Obermaisser, Roman, Nah, Yunmook, Puschner, Peter, Rammig, Franz J., and Songah Chae

Abstract

Recently, the battery and low-power H/W technologies for mobile and wearable computing devices have been advanced rapidly. But on the other hand the computation and communication demands of the embedded applications are increasing more rapidly. Therefore, the application developers are still required to develop their codes to utilize the available energy as efficient as possible. The provision of software power measurement with reasonable accuracy, consistency and low overhead is an indispensable factor for software power engineering. In this paper, we present a time-triggered mechanism for providing energy consumption profiles in the level of C functions. The similar mechanisms have already been introduced at the previous researches such as PowerScope and ePRO. Instead, we, in this paper, introduce our efforts to extend these researches to incorporate power domains and DVS(Dynamic Voltage Scaling), then interpret these mechanisms as the view of time-triggered approach for better understanding to the relationships among timer interrupt, context switching, DAQ triggering, multi-channel DAQ delay, and etc. From our experimental results, we could conclude that the time-triggered approach for the function level energy measurement properly worked with low overheads and produced consistent energy consumption profiles on the DVS-applied program codes running upon the platforms supporting multiple power domains. [ABSTRACT FROM AUTHOR]

Published

2007

27. Ontology Based Context Alignment for Heterogeneous Context Aware Services.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Obermaisser, Roman, Nah, Yunmook, Puschner, Peter, Rammig, Franz J., and Seungkeun Lee

Abstract

In a pervasive environment, context aware services are necessary to enable collaborate and communicate with others in order to provide proper service to users. Each service can be designed with individual context information which represents different perspective over the context. This paper proposes an advanced context management model with context alignment among heterogeneous context aware services. This model enable the interaction between context information producer devices and context information consumer devices and as well as their insertion in an open environment. And this paper show how this model can be used in context aware middleware. [ABSTRACT FROM AUTHOR]

Published

2007

28. Offloading IP Flows onto Lambda-Connections.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Clemm, Alexander, Granville, Lisandro Zambenedetti, Stadler, Rolf, Fioreze, Tiago, and Wolbers, Mattijs Oude

Abstract

Optical networks are capable of switching IP traffic via lambda connections. In this way, big IP flows that overload the regular IP routing level may be moved to the optical level, where they get better Quality of Service (QoS). At the same time, the IP routing level is off-loaded and can serve smaller flows better. Within this context, this paper analyses the eligibility of IP flows to be moved to the optical level. In this analysis, we observe the percentage of IP traffic as well as the amount of IP flows moved to the optical level while using various definitions for an IP flow. The main contribution of this paper is to show how the amount of IP traffic transferred over lambda-connections considerably depends on the definition used for a flow. [ABSTRACT FROM AUTHOR]

Published

2007

29. PRESENT: An Ultra-Lightweight Block Cipher.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Paillier, Pascal, Verbauwhede, Ingrid, Bogdanov, A., Knudsen, L. R., and Leander, G.

Abstract

With the establishment of the AES the need for new block ciphers has been greatly diminished; for almost all block cipher applications the AES is an excellent and preferred choice. However, despite recent implementation advances, the AES is not suitable for extremely constrained environments such as RFID tags and sensor networks. In this paper we describe an ultra-lightweight block cipher, present. Both security and hardware efficiency have been equally important during the design of the cipher and at 1570 GE, the hardware requirements for present are competitive with today's leading compact stream ciphers. [ABSTRACT FROM AUTHOR]

Published

2007

30. Highspeed and Flexible Source-End DDoS Protection System Using IXP2400 Network Processor.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Medhi, Deep, Nogueira, José Marcos, Pfeifer, Tom, Wu, S. Felix, and Siradjev, Djakhongir

Abstract

This paper proposes an architecture of source-end DDoS protection system on IXP2400 network processor, which monitors traffic from the source network and polices traffic at the source without affecting the traffic from other network. The proposed architecture includes usual IPv4 forwarder with additional modules for source filtering, packet classification and flow control, and uses modified non-parametric CUSUM algorithm. We analyze the major shortcomings of previous approaches, and present basic performance analysis. The proposed system can handle 65,000 aggregated flows, and can operate at OC-48 line rate. [ABSTRACT FROM AUTHOR]

Published

2007

31. Description of a Naming Architecture Managing Cryptographic Identifiers.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Medhi, Deep, Nogueira, José Marcos, Pfeifer, Tom, Wu, S. Felix, and Migault, Daniel

Abstract

The necessity to split the endpoint identity and locator has been understood since sometime both from routing and security perspective. Today endpoints are identified by IP address that is location dependent and attributed by ISPs, whereas the identity neither depends on location nor on ISP. So splitting the routing and identification space is expected to make network operation such as mobility, multihoming and traffic engineering transparent for the end user. While in the operator side the use of a single space for routing and identification brings scaling issues. The operators will benefit from the split by decreased routing table size. Within IETF/IRTF solutions are being developed to separate the IP layer into Endpoint Identifier (EID) space and routing locator (RLOC) space in the form of Locator/ID Separation Protocol (LISP). In LISP the Identifier (ID) has the format of a IPv4 or IPv6 address. This architecture provides ID to locator resolution so that the packets can be routed through the Internet. This paper proposes a solution that considers an Endpoint Identifier (EID) as the combination of a domain name and a cryptographic Identifier (cryptoID). Such EIDs are hosted in a mixed DNS/Distributed Hash Table (DHT) architecture. Resolution involves a DNS and a DHT resolution. We show how the use of DNSSEC enhances the routing algorithm of the DHT resolution, and present advantages a such an architecture in term of deployment and future use of the Internet. [ABSTRACT FROM AUTHOR]

Published

2007

32. Securing the Wireless LANs Against Internal Attacks.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Zhang, Hongke, Olariu, Stephan, Cao, Jiannong, Johnson, David B., and Kbar, Ghassan

Abstract

Deploying wireless LANs (WLAN) at large scale is mainly affected by reliability, availability, performance, and security. These parameters will be a concern for most of managers who want to deploy WLANs. Most importantly, the security issue became the predominant factor in WLAN design. Different Intrusion detection mechanisms have been addressed in research papers, but with little being focused on internal intrusion and prevention. In this paper an efficient security method has been proposed. It is based on detecting rogue access points as well as rogue bridge access points and denying their access to the WLAN. In addition a new method of mutual authentication between DHCP server at the AP and wireless client has been introduced. This would allow client to detect rogue DHCP server and stop the association with it. It also allows registered DHCP server to detect unauthorized client and deny its request. Moreover the DHCP server would synchronize with the AP or intelligent LAN switch to drop packets from unauthorized client who might use static IP to get access to the network. [ABSTRACT FROM AUTHOR]

Published

2007

33. Anonymous Mutual Authentication Protocol for RFID Tag Without Back-End Database.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Zhang, Hongke, Olariu, Stephan, Cao, Jiannong, Johnson, David B., and Han, Song

Abstract

RFID, as an emerging technology, has very huge potential in today's social and business developments. Security and Privacy are one of the important issues in the design of practical RFID protocols. In this paper, we focus on RFID authentication protocol. RFID mutual authentication is used to ensure that only an authorized RFID reader can access to the data of RFID tag while the RFID tag is confirmed that it releases data to the authenticated RFID reader. This paper will propose an anonymous mutual authentication protocol for RFID tag and reader. RFID tag is anonymous to RFID reader so that privacy can be preserved. In addition, mutual authentication does not need to rely on a back-end database. [ABSTRACT FROM AUTHOR]

Published

2007

34. An Energy Efficient Communication Protocol Based on Data Equilibrium in Mobile Wireless Sensor Network.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Olariu, Stephan, Cao, Jiannong, Johnson, David B., Gao, Shuai, and Niu, Yanchao

Abstract

This paper considers large-scale dense wireless sensor networks with path-constrained mobile sink. From the viewpoints of improving data equilibrium and energy-saving, we propose an enhanced energy efficient communication protocol in which a partition algorithm of overlapping time based on data equilibrium is designed to minimize the data variance and disequilibrium from each node. We present a data equilibrium information diffusion method to control the amount of collected data to avoid the waste of data and energy. Simulations under OMNET++ and MATLAB show that with protocol and algorithms proposed in this paper we can achieve better performance than other conventional methods in terms of data equilibrium rate, network lifetime and energy dissipation equilibrium rate. [ABSTRACT FROM AUTHOR]

Published

2007

35. Modeling the Effect of Forwarding in a Multi-hop Ad Hoc Networks with Weighted Fair Queueing.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Zhang, Hongke, Olariu, Stephan, Cao, Jiannong, Johnson, David B., and El Khoury, Ralph

Abstract

Consider a wireless ad hoc network with random access channel. We present a model that takes into account topology, routing, random access in MAC layer (governed by IEEE 802.11orslotted aloha) and forwarding probability. In this paper , we are focusing to study the effect of cooperation on the stability and throughput of ad-hoc network. Forwarding packets of other nodes is an example of activity that requires such a collaboration. Hence, it may not be in interest of a node to always forward the requesting packet. We propose a new approach (based on cycle of transmissions) to derive throughput of multi-hop routes and stability of forwarding queues. With this cycle approach, we correct the analytical expressions derived in [2] and discover that their results are valid only in particular cases such as symmetric networks. However, in this paper, we get extended results for general network case. Moreover, we confirm that (i) the forwarding queues in a system of weighted fair queues has a special property and (ii) the end to end throughput of a connection does not depend on the load of the intermediate forwarding queues between a source and a destination. We perform extensive simulations and verify that the analytical results exactly match the results obtained from simulations. [ABSTRACT FROM AUTHOR]

Published

2007

36. Research on Hidden Markov Model for System Call Anomaly Detection.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Rangan, C. Pandu, Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Yang, Christopher C., Zeng, Daniel, Chau, Michael, Kuiyu Chang, and Qing Yang

Abstract

Intrusion detection, especially anomaly detection, requires sufficient security background knowledge. It is very significant to recognize system anomaly behavior under the condition of poor domain knowledge. In this paper, the general methods for system calls anomaly detection are summarized and HMM used for anomaly detection is deeply discussed from detection theory, system framework and detection methods. Moreover, combining with experiments, the detection efficiency and real-time performance of HMM with all-states transition and part-states transition are analyzed in detail in the paper. [ABSTRACT FROM AUTHOR]

Published

2007

37. The Situation Dependent Application Areas of EPC Sensor Network in u-Healthcare.

Author

Carbonell, Jaime G., Siekmann, Jörg, Szczuka, Marcin S., Howard, Daniel, Ślȩzak, Dominik, Haeng-kon Kim, Tai-hoon Kim, Il-seok Ko, Lee, Geuk, Sloot, Peter M. A., Yoonmin Hwang, Garam Park, Eunji Ahn, Jaejeung Rho, Jonwoo Sung, and Daeyoung Kim

Abstract

Electronic product code (EPC) sensor network is a collection of objects for sensing data. It is crucial to ubiquitous society. It can provide an application service based on situation dependency with its properties. The situation dependency is an emerging concept which can collect location-based and personalized information. With the situation dependency, many industries can serve ubiquitous service for independent users. u-Healthcare is one of ubiquitous service to provide seamless medical treatment. The concept of situation dependency is applied in u-Healthcare with EPC sensor network technology. Due to specialized four properties of EPC sensor network which are driven from this paper, the situation dependency is well-established in u-Healthcare service. In this paper, we defined value and architecture of u-Healthcare service and we analyzed application areas of u-Healthcare. [ABSTRACT FROM AUTHOR]

Published

2007

38. How to Overcome Main Obstacles to Building a Virtual Telematics Center.

Author

Carbonell, Jaime G., Siekmann, Jörg, Szczuka, Marcin S., Howard, Daniel, Ślȩzak, Dominik, Haeng-kon Kim, Tai-hoon Kim, Il-seok Ko, Lee, Geuk, Sloot, Peter M. A., and Bong Gyou Lee

Abstract

This paper describes the limiting factors for building a virtual Telematics center which integrates ITS (Intelligent Transportation Systems) information collected by the system of each of the three government agencies. It also provides some details into how some of the obstacles and barriers can be solved such as data standardization, system mechanisms and regulations. There are very few papers and case studies regarding real problems and solutions for integrating systems of different organizations in general, and Telematics, in particular. The processes and outcomes of implementing systems in this study can be useful to develop other ITS and Telematics systems. [ABSTRACT FROM AUTHOR]

Published

2007

39. New Results on Impossible Differential Cryptanalysis of Reduced AES.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Kil-Hyun Nam, Gwangsoo Rhee, Wentao Zhang, Wenling Wu, and Dengguo Feng

Abstract

In this paper, we present some new results on impossible differential cryptanalysis of reduced AES, which update the best known impossible differential attacks on reduced AES. First, we present some new attacks on 6-round AES (for all the three key length). Second, we extend to 7-round AES, also for all the three key variants. Especially for 128-bit keys, the best known results can attack up to 7 rounds using square attack and collision attack respectively, but their complexity are both marginal either on data or on time (ie. require nearly the entire codebook, or close to key exhaustive search). In this sense, our attack is the first non-marginal one on 7-round AES with 128-bit keys. Thirdly, we extend to 8 rounds for 256-bit keys, which is also non-marginal compared with the best non-related-key attacks so far. Finally, we give an improvement of the 7-round attack for 192-bit keys in R.C.W.Phan's paper, which makes the time complexity reduced greatly. [ABSTRACT FROM AUTHOR]

Published

2007

40. Reaching Communication Quality in Public E-Forms - A Communicative Perspective on E-Form Design.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Wimmer, Maria A., Scholl, Jochen, Grönlund, Åke, Axelsson, Karin, and Ventura, Stefan

Abstract

This paper adopts a communication perspective on public electronic forms (e-forms). By doing so we define forms as instruments for communication and, thus, also instruments through which citizens perform different communicative actions towards government agencies. As such instruments, the forms might be more or less useful. The purpose of this paper is to explore what features of an e-form that increase the communication quality. We conduct a theoretical synthesis of three existing approaches for designing information systems. The result is a combined theory on key features of an e-form that make the establishment of communication quality more likely. The result consists of four key concepts, each of which give rise to one set of design principles for communication from the issuer of the e-form to the user (citizen), and one set of design principles for communication from the user (citizen) to the recipient of the e-form. [ABSTRACT FROM AUTHOR]

Published

2007

41. The E-Government Melting Pot: Lacking New Public Management and Innovation Flavor?

Author

Wimmer, Maria A., Scholl, Hans J., Grönlund, Åke, Sannarnes, Møyfrid Kårstad, Henriksen, Helle Zinner, and Andersen, Kim Viborg

Abstract

The paper argues that e-government literature has by large not infused New Public Management (NPM) literature or innovation studies on e-government. Rather, e-government literature has used relative simple frameworks and observations from the NPM and innovation studies and applied them in studies of e-government implementation. Based on a literature review of 60 peer and double blind reviewed scientific studies, this paper argues that the domain has only been subject to research for about half a decade and that the domain is still unexplored in many aspects. One major absence is a lack of cross referencing of studies and limited number of cumulative studies on whether e-government can aid NPM or fuel innovation. However, the good news is that the literature review demonstrates that researchers entering the domain mainly base their research on empirical studies. [ABSTRACT FROM AUTHOR]

Published

2006

42. An Efficient Probabilistic Packet Marking Scheme (NOD-PPM).

Author

Katsikas, Sokratis K., Lopez, Javier, Backes, Michael, Gritzalis, Stefanos, Preneel, Bart, Huifang Yin, and Jun Li

Abstract

This paper describes an efficient scheme of probabilistic packet marking. The main idea is to preserve the victims' IP addresses at the routers participating in the packet marking scheme, based on the precondition that a router won't begin to marking until it receives a signal from the victim. Then, the destination address field of IP header can be used to carry edge information without fragmenting, and the identification field can be used to check attack paths' validity under DDoS. We describe the scheme and discuss the number of packets required for reconstructing the attack paths, the number of false positives of attackers and the extra cost at routers in this paper. [ABSTRACT FROM AUTHOR]

Published

2006

43. Path Swapping Method to Improve DPA Resistance of Quasi Delay Insensitive Asynchronous Circuits.

Author

Goubin, Louis, Matsui, Mitsuru, Bouesse, Fraidy, Sicard, Gilles, and Renaudin, Marc

Abstract

This paper presents a Path Swapping (PS) method which enables to enhance the security of Quasi Delay Insensitive Asynchronous Circuits against Power Analysis (PA) attack. This approach exploits the logical symmetries of the QDI asynchronous blocks, particularly its data-path redundancies, to make all electrical curves used when implementing a PA attacks useless. Indeed, the idea is to average the electrical signatures of a block by randomly exchanging its data-paths during processing. To be able to implement this approach, we adopted a formal model of QDI circuits. Firstly, this formal model enables the designer to formally verify the symmetry of all paths in order to apply a path swapping method. Secondly, it offers the possibility to model the electrical signature of QDI asynchronous circuits. Finally, applying DPA on this formal model allows us to evaluate, in an early phase of the design, the circuit's sensitivity to the relevancy of the approach. Electrical simulations performed on a DES crypto-processor confirm the efficiency of the technique. Keywords: QDI Asynchronous circuits, Power analysis, Path Swapping (PS). [ABSTRACT FROM AUTHOR]

Published

2006

44. Security Requirements Model for Grid Data Management Systems.

Author

Lopez, Javier, Naqvi, Syed, Massonet, Philippe, and Arenas, Alvaro

Abstract

In this paper, we present our ongoing work of a policy-driven approach to security requirements of grid data management systems (GDMS). We analyse the security functionalities of existing GDMS to determine their shortcomings that should be addressed in our work. We identify a comprehensive set of security requirements for GDMS followed by the presentation of our proposed Security Requirements Model. Derivation of security policies from security requirements and their consequent refinement is also presented in this paper. Our approach of addressing modelling issues by providing requirements for expressing security related quality of service is the key step to turn storage systems into knowledge representation systems. Keywords:Grid security, requirements analysis, distributed data management. [ABSTRACT FROM AUTHOR]

Published

2006

45. Minimal Threshold Closure.

Author

Gollmann, Dieter, Meier, Jan, Sabelfeld, Andrei, Xi-Bin Zhao, Kwok-Yan Lam, Guimin Luo, Siu-Leung Chung, and Ming Gu

Abstract

Access structure is a flexible mechanism for representing complex access control and authorization policies [1]. Numerous efforts have been devoted to the research of efficient schemes for implementing access structures in a scalable manner. Threshold closure was invented as an efficient way to implement access structures that represent complex authorization policies [4]. In essence, threshold closure is an efficient and scalable implementation of access structure using a reduced collection of threshold schemes [5]. A practical application of threshold closure was presented in [6] where the use of threshold closure for addressing the complex security needs of Grid Computing Systems was explained. One major deficiency of threshold closure is that a threshold closure generated from the corresponding access structure is not minimal in size, thus the collection of threshold schemes is not optimized for efficiency. In this connection, an operation called minimal covering was proposed to minimize the size of a threshold closure once it is formed from its corresponding access structure [4]. Unfortunately, the minimal covering of a threshold closure is no longer a threshold closure, thus is not scalable in terms of addition/deletion of access control rules. This paper presents a way for constructing minimal threshold closure. It defines a new structure called enhanced threshold closure. The paper proves that the enhanced threshold closure of an access structure is a threshold closure and is minimal, hence it is also called a minimal threshold closure. The paper also presents a mechanism for constructing minimal threshold closure from a basis access structure. Keywords: Access Control, Authorization, Threshold Schemes, Threshold Closure. [ABSTRACT FROM AUTHOR]

Published

2006

46. Discriminant Analysis Based on Kernelized Decision Boundary for Face Recognition.

Author

Kanade, Takeo, Jain, Anil, Ratha, Nalini K., Baochang Zhang, Xilin Chen, and Wen Gao

Abstract

A novel nonlinear discriminant analysis method, Kernelized Decision Boundary Analysis (KDBA), is proposed in our paper, whose Decision Boundary feature vectors are the normal vector of the optimal Decision Boundary in terms of the Structure Risk Minimization principle. We also use a simple method to prove a property of Support Vector Machine (SVM) algorithm, which is combined with the optimal Decision Boundary Feature matrix to make our method consistent with the Kernel Fisher method(KFD). Moreover, KDBA is easily used in its applications, and the traditional Decision Boundary Analysis implementations are computationally expensive and sensitive to the size of the problem. Text classification problem is first used to testify the effectiveness of KDBA. Then experiments on the large-scale face database, the CAS-PEAL database, have illustrated its excellent performance compared with some popular face recognition methods such as Eigenface, Fisherface, and KFD. Keywords: Face Recognition, Kernel Fisher, Support Vector Machine [ABSTRACT FROM AUTHOR]

Published

2005

47. Modelling the Time-Variant Covariates for Gait Recognition.

Author

Kanade, Takeo, Jain, Anil, Ratha, Nalini K., Veres, Galina V., Nixon, Mark S., and Carter, John N.

Abstract

This paper deals with a problem of recognition by gait when time-dependent covariates are added, i.e. when 6 months have passed between recording of the gallery and the probe sets. We show how recognition rates fall significantly when data is captured between lengthy time intevals, for static and dynamic gait features. Under the assumption that it is possible to have some subjects from the probe for training and that similar subjects have similar changes in gait over time, a predictive model of changes in gait is suggested in this paper, which can improve the recognition capability. A small number of subjects were used for training and a much large number for classification and the probe contains the covariate data for a smaller number of subjects. Our new predictive model derives high recognition rates for different features which is a considerable improvement on recognition capability without this new approach. [ABSTRACT FROM AUTHOR]

Published

2005

48. Optimizing Quality Levels and Development Costs for Developing an Integrated Information Security System.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Myeonggil Choi, and Sangmun Shin

Abstract

Increased Internet threats make many kinds of information security systems performing various functions, which can often be combined into functions of an integrated information security system. To load various functions to an integration information system, much development resources should be invested to a development life cycles. The constraints of development resources force developers not to achieve a balanced quality of the system. To attain the specified quality of the system within the given development resources, the relative weights among quality factors of the system on a development life cycle should be measured and a balance between the levels of quality and development costs should be optimized, simultaneously. This paper suggests the relative weights of the quality factors influencing operations of the system, and shows an optimal solution for the quality levels and development costs using desirability function (DF). For optimization, this paper employs AHP as multiple criteria decision making (MCDM) technique and DF. [ABSTRACT FROM AUTHOR]

Published

2008

49. Dynamic Access Control Research for Inter-operation in Multi-domain Environment Based on Risk.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Zhuo Tang, and Ruixuan Li

Abstract

For the complexity of the multi-domain environment and the ceaseless evolvement of the information secure sharing, the traditional access control method can not ensure the absolute security for the exchange of data resources. Through introducing the concept of risk, this paper proposes a dynamic access control model for multi-domain environment based on risk of inter-operations. The risk rank of an access policy can be calculated by the history of the inter-operations among domains, the security degree of the objects and the safety factor of the access events. Through adjusting the access policies which be considered the high risk, the risk in the system can be controlled in real time. The security analysis shows that this method can reinforce the facility of the access control and the security of the multi-domain environment. [ABSTRACT FROM AUTHOR]

Published

2008

50. Secret Signatures: How to Achieve Business Privacy Efficiently?

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Sehun Kim, Yung, Moti, Hyung-Woo Lee, Byoungcheon Lee, and Choo, Kim-Kwang Raymond

Abstract

Digital signatures provide authentication and non-repudiation in a public way in the sense that anyone can verify the validity of a digital signature using the corresponding public key. In this paper, we consider the issues of (1) signature privacy and (2) the corresponding public provability of signature. We propose a new digital signature variant, secret signature, which provides authentication and non-repudiation to the designated receiver only. If required, the correctness of the secret signature can be proven to the public either by the signer or the receiver. We conclude with a discussion to demonstrate the usefulness of the proposed cryptographic primitive (e.g., achieving signature privacy in an efficient manner). [ABSTRACT FROM AUTHOR]

Published

2008