IFIP TC6 Open Digital Library

SEC 2008: Milano, Italy

Proceedings of The IFIP TC-11 23rd International Information Security Conference, IFIP 20th World Computer Congress, IFIP SEC 2008, September 7-10, 2008, Milano, Italy

Sushil Jajodia, Pierangela Samarati, Stelvio Cimato

Springer, IFIP 278, ISBN: 978-0-387-09698-8



Contents

Privacy Protection

Hiding in Groups: On the Expressiveness of Privacy Distributions.

Karsten Nohl, David Evans

 1-15

Practical Privacy-Preserving Benchmarking.

Florian Kerschbaum

 17-31

Enhancing Privacy in Remote Data Classification.

Alessandro Piva, Claudio Orlandi, M. Caini, Tiziano Bianchi, Mauro Barni

 33-46

Web Applications Security and Malware

Minimizing SSO Effort in Verifying SSL Anti-phishing Indicators.

Yongdong Wu, Haixia Yao, Feng Bao

 47-61

Robbing Banks with Their Own Software-an Exploit Against Norwegian Online Banks.

Yngve Espelid, Lars-Helge Netland, André N. Klingsheim, Kjell Jørgen Hole

 63-77

Collaborative architecture for malware detection and analysis.

Michele Colajanni, Daniele Gozzi, Mirco Marchetti

 79-93

Sensor and Wireless Security

Realizing Stateful Public Key Encryption in Wireless Sensor Network.

Joonsang Baek, Han Chiang Tan, Jianying Zhou, Jun Wen Wong

 95-107

Establishing secure links in low-rate wireless personal area networks.

Maurizio Adriano Strangio

 109-123

An Asynchronous Node Replication Attack in Wireless Sensor Networks.

Jianying Zhou, Tanmoy Kanti Das, Javier Lopez

 125-139

Security Policies

A B Formal Framework for Security Developments in the Domain of Smart Card Applications.

Frédéric Dadeau, Marie-Laure Potet, Régis Tissot

 141-155

An Implementation of a Privacy Enforcement Scheme based on the Java Security Framework using XACML Policies.

Thomas Scheffler, Stefan Geiß, Bettina Schnor

 157-171

Negotiation of Prohibition: An Approach Based on Policy Rewriting.

Nora Cuppens-Boulahia, Frédéric Cuppens, Diala Abi Haidar, Hervé Debar

 173-187

Access Control in Distributed Systems

An Integrity Lock Architecture for Supporting Distributed Authorizations in Database Federations.

Wei Li 0021, Lingyu Wang, Bo Zhu, Lei Zhang 0004

 189-203

Role Signatures for Access Control in Open Distributed Systems.

Jason Crampton, Hoon Wei Lim

 205-220

Policies and Security Aspects For Distributed Scientific Laboratories.

Nicoletta Dessì, Maria Grazia Fugini, R. A. Balachandar

 221-235

Intrusion Detection

A Fuzzy Model for the Composition of Intrusion Detectors.

Inez Raguenet, Carlos Maziero

 237-251

Investigating the problem of IDS false alarms: An experimental study using Snort.

Gina C. Tjhai, Maria Papadaki, Steven Furnell, Nathan L. Clarke

 253-267

User Session Modeling for Effective Application Intrusion Detection.

Kapil Kumar Gupta, Baikunth Nath, Kotagiri Ramamohanarao

 269-284

Anomaly Detection

A Product Machine Model for Anomaly Detection of Interposition Attacks on Cyber-Physical Systems.

Carlo Bellettini, Julian L. Rrushi

 285-300

Anomaly Detection with Diagnosis in Diversified Systems using Information Flow Graphs.

Frédéric Majorczyk, Eric Totel, Ludovic Mé, Ayda Saïdane

 301-315

Behavioral Intrusion Detection Indicators.

Jacques Saraydaryan, Luc Paffumi, Véronique Legrand, Stéphane Ubéda

 317-331

Role Mining and Content Protection

Leveraging Lattices to Improve Role Mining.

Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello

 333-347

A Parallelization Framework for Exact Knowledge Hiding in Transactional Databases.

Aris Gkoulalas-Divanis, Vassilios S. Verykios

 349-363

Efficient Coalition Detection in Traitor Tracing.

Hongxia Jin, Jeffery Lotspiech, Nimrod Megiddo

 365-380

VOIP and Network Security

SPIT Identification Criteria Implementation: Effectiveness and Lessons Learned.

Stelios Dritsas, Yannis Soupionis, Marianthi Theoharidou, Yannis Mallios, Dimitris Gritzalis

 381-395

Detecting More SIP Attacks on VoIP Services by Combining Rule Matching and State Transition Models.

Dongwon Seo, Heejo Lee, Ejovi Nuwere

 397-411

A Decentralized Bayesian Attack Detection Algorithm for Network Security.

Kien C. Nguyen, Tansu Alpcan, Tamer Basar

 413-428

Network Devices Security and Cyber Warfare

An Operation-Based Metric for CPA Resistance.

Jing Pan, J. I. den Hartog, Erik P. de Vink

 429-443

YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems.

Patrick P. Tsang, Sean W. Smith

 445-459

Adversary Modeling and Simulation in Cyber Warfare.

Samuel N. Hamilton, Wendy L. Hamilton

 461-475

Security Compliance

Interactive Selection of ISO 27001 Controls under Multiple Objectives.

Thomas Neubauer, Andreas Ekelhart, Stefan Fenz

 477-492

Feasibility of Automated Information Security Compliance Auditing.

Dennis Longley, Mark Branagan, William J. Caelli, Lam-for Kwok

 493-508

Software Licence Protection and Management for Organisations.

Muntaha Alawneh, Imad M. Abbadi

 509-523

Risk and Security Analysis

A Vulnerability Prioritization System Using A Fuzzy Risk Analysis Approach.

Maxwell G. Dondo

 525-540

ASTRA : A Security Analysis Method Based on Asset Tracking.

Daniel Le Métayer, Claire Loiseaux

 541-555

A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack.

Qutaibah Althebyan, Brajendra Panda

 557-571

Identity and Trust Management

Portable User-Centric Identity Management.

Gail-Joon Ahn, Moonam Ko, Mohamed Shehab

 573-587

Ubiquitous Privacy-Preserving Identity Managment.

Kristof Verslype, Bart De Decker

 589-603

Facilitating Privacy Related Decisions in Different Privacy Contexts on the Internet by Evaluating Trust in Recipients of Private Data.

Indrajit Ray, Sudip Chakraborty

 605-620

Virtualization and Digital Forensics

Using Virtualization to Create and Deploy Computer Security Lab Exercises.

Brian Hay, Ronald Dodge, Kara L. Nance

 621-635

DigForNet: Digital Forensic in Networking.

Slim Rekhis, Jihène Krichène, Noureddine Boudriga

 637-651

A Live Digital Forensic system for Windows networks.

Roberto Battistoni, Alessandro Di Biagio, Roberto Di Pietro, Matteo Formica, Luigi V. Mancini

 653-667

Short Papers

HoneyID : Unveiling Hidden Spywares by Generating Bogus Events.

Jeheon Han, Jonghoon Kwon, Heejo Lee

 669-673

A Security Protocol for Self-Organizing Data Storage.

Nouha Oualha, Melek Önen, Yves Roudier

 675-679

Protecting Financial Institutions from Brute-Force Attacks.

Cormac Herley, Dinei A. F. Florêncio

 681-685

Agency Theory: Can it be Used to Strengthen IT Governance?.

Shaun Posthumus, Rossouw von Solms

 687-691

A new Accounting Mechanism for Modern and Future AAA Services.

Alexandros Tsakountakis, Georgios Kambourakis, Stefanos Gritzalis

 693-697

A user survey on the sense of security, Anshin.

Yasuhiro Fujihara, Yuko Murayama, Kentarou Yamaguchi

 699-703

Multi-Layer Encryption for Multi-Level Access Control in Wireless Sensor Networks.

Po-Yuan Teng, Shih-I Huang, Adrian Perrig

 705-709

A Comparative Study of Anomaly Detection Techniques in Web Site Defacement Detection.

Giorgio Davanzo, Eric Medvet, Alberto Bartoli

 711-716

Managing the lifecycle of XACML delegation policies in federated environments.

Manuel Sánchez, Óscar Cánovas Reverte, Gabriel López, Antonio F. Gómez-Skarmeta

 717-721

Assessing the Likelihood of Privacy Policy Compliance.

George O. M. Yee, Larry Korba, Ronggong Song

 723-727

Classification features for detecting Server-side and Client-side Web attacks.

Salem Benferhat, Karim Tabia

 729-733