Advertisement

Information Security and Privacy Research

27th IFIP TC 11 Information Security and Privacy Conference, SEC 2012, Heraklion, Crete, Greece, June 4-6, 2012. Proceedings

  • Dimitris Gritzalis
  • Steven Furnell
  • Marianthi Theoharidou
Conference proceedings SEC 2012

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 376)

Table of contents

  1. Front Matter
    PDF

  2. Attacks and Malicious Code

    1. Relay Attacks on Secure Element-Enabled Mobile Devices
      Michael Roland, Josef Langer, Josef Scharinger
      Pages 1-12
      PDF
    2. Would You Mind Forking This Process? A Denial of Service Attack on Android (and Some Countermeasures)
      Alessandro Armando, Alessio Merlo, Mauro Migliardi, Luca Verderame
      Pages 13-24
      PDF
    3. An Approach to Detecting Inter-Session Data Flow Induced by Object Pooling
      Bernhard J. Berger, Karsten Sohr
      Pages 25-36
      PDF
    4. Embedded Eavesdropping on Java Card
      Guillaume Barbu, Christophe Giraud, Vincent Guerin
      Pages 37-48
      PDF

  3. Security Architectures

    1. Authenticated Key Exchange (AKE) in Delay Tolerant Networks
      Sofia Anna Menesidou, Vasilios Katos
      Pages 49-60
      PDF
    2. OFELIA – A Secure Mobile Attribute Aggregation Infrastructure for User-Centric Identity Management
      Alexandre B. Augusto, Manuel Eduardo Correia
      Pages 61-74
      PDF
    3. Smart OpenID: A Smart Card Based OpenID Protocol
      Andreas Leicher, Andreas U. Schmidt, Yogendra Shah
      Pages 75-86
      PDF
    4. Peer to Peer Botnet Detection Based on Flow Intervals
      David Zhao, Issa Traore, Ali Ghorbani, Bassam Sayed, Sherif Saad, Wei Lu
      Pages 87-102
      PDF

  4. System Security

    1. Towards a Universal Data Provenance Framework Using Dynamic Instrumentation
      Eleni Gessiou, Vasilis Pappas, Elias Athanasopoulos, Angelos D. Keromytis, Sotiris Ioannidis
      Pages 103-114
      PDF
    2. Improving Flask Implementation Using Hardware Assisted In-VM Isolation
      Baozeng Ding, Fufeng Yao, Yanjun Wu, Yeping He
      Pages 115-125
      PDF
    3. HyperForce: Hypervisor-enForced Execution of Security-Critical Code
      Francesco Gadaleta, Nick Nikiforakis, Jan Tobias Mühlberg, Wouter Joosen
      Pages 126-137
      PDF
    4. RandHyp: Preventing Attacks via Xen Hypercall Interface
      Feifei Wang, Ping Chen, Bing Mao, Li Xie
      Pages 138-149
      PDF

  5. Access Control

    1. Role Mining under Role-Usage Cardinality Constraint
      John C. John, Shamik Sural, Vijayalakshmi Atluri, Jaideep S. Vaidya
      Pages 150-161
      PDF
    2. HIDE_DHCP: Covert Communications through Network Configuration Messages
      Ruben Rios, Jose A. Onieva, Javier Lopez
      Pages 162-173
      PDF
    3. Handling Stateful Firewall Anomalies
      Frédéric Cuppens, Nora Cuppens-Boulahia, Joaquin Garcia-Alfaro, Tarik Moataz, Xavier Rimasson
      Pages 174-186
      PDF
    4. A Framework for Threat Assessment in Access Control Systems
      Hemanth Khambhammettu, Sofiene Boulares, Kamel Adi, Luigi Logrippo
      Pages 187-198
      PDF

  6. Database Security

    1. Support for Write Privileges on Outsourced Data
      Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati
      Pages 199-210
      PDF
    2. Malicious Users’ Transactions: Tackling Insider Threat
      Weihan Li, Brajendra Panda, Qussai Yaseen
      Pages 211-222
      PDF

  7. Privacy Attitudes and Properties

    1. Privacy-Preserving Television Audience Measurement Using Smart TVs
      George Drosatos, Aimilia Tasidou, Pavlos S. Efraimidis
      Pages 223-234
      PDF
    2. Tracking Users on the Internet with Behavioral Patterns: Evaluation of Its Practical Feasibility
      Christian Banse, Dominik Herrmann, Hannes Federrath
      Pages 235-248
      PDF
    3. Smartphone Forensics: A Proactive Investigation Scheme for Evidence Acquisition
      Alexios Mylonas, Vasilis Meletiadis, Bill Tsoumas, Lilian Mitrou, Dimitris Gritzalis
      Pages 249-260
      PDF

  8. Social Networks and Social Engineering

    1. Modeling Social Engineering Botnet Dynamics across Multiple Social Networks
      Shuhao Li, Xiaochun Yun, Zhiyu Hao, Yongzheng Zhang, Xiang Cui, Yipeng Wang
      Pages 261-272
      PDF
    2. Layered Analysis of Security Ceremonies
      Giampaolo Bella, Lizzie Coles-Kemp
      Pages 273-286
      PDF

  9. Applied Cryptography, Anonymity and Trust

    1. A Small Depth-16 Circuit for the AES S-Box
      Joan Boyar, René Peralta
      Pages 287-298
      PDF
    2. Formal Verification of the mERA-Based eServices with Trusted Third Party Protocol
      Maria Christofi, Aline Gouget
      Pages 299-314
      PDF

  10. Usable Security

    1. My Authentication Album: Adaptive Images-Based Login Mechanism
      Amir Herzberg, Ronen Margulies
      Pages 315-326
      PDF
    2. Balancing Security and Usability of Local Security Mechanisms for Mobile Devices
      Shuzhe Yang, Gökhan Bal
      Pages 327-338
      PDF
    3. Analyzing Value Conflicts for a Work-Friendly ISS Policy Implementation
      Ella Kolkowska, Bart De Decker
      Pages 339-351
      PDF
    4. When Convenience Trumps Security: Defining Objectives for Security and Usability of Systems
      Gurpreet Dhillon, Tiago Oliveira, Santa Susarapu, Mário Caldeira
      Pages 352-363
      PDF

  11. Security and Trust Models

    1. Security-by-Contract for the OSGi Platform
      Olga Gadyatskaya, Fabio Massacci, Anton Philippov
      Pages 364-375
      PDF
    2. Cyber Weather Forecasting: Forecasting Unknown Internet Worms Using Randomness Analysis
      Hyundo Park, Sung-Oh David Jung, Heejo Lee, Hoh Peter In
      Pages 376-387
      PDF
    3. Incentive Compatible Moving Target Defense against VM-Colocation Attacks in Clouds
      Yulong Zhang, Min Li, Kun Bai, Meng Yu, Wanyu Zang
      Pages 388-399
      PDF
    4. Give Rookies A Chance: A Trust-Based Institutional Online Supplier Recommendation Framework
      Han Jiao, Jixue Liu, Jiuyong Li, Chengfei Liu
      Pages 400-411
      PDF

  12. Security Economics

    1. A Game-Theoretic Formulation of Security Investment Decisions under Ex-ante Regulation
      Giuseppe D’Acquisto, Marta Flamini, Maurizio Naldi
      Pages 412-423
      PDF
    2. Optimizing Network Patching Policy Decisions
      Yolanta Beres, Jonathan Griffin
      Pages 424-442
      PDF
    3. A Risk Assessment Method for Smartphones
      Marianthi Theoharidou, Alexios Mylonas, Dimitris Gritzalis
      Pages 443-456
      PDF
    4. Empirical Benefits of Training to Phishing Susceptibility
      Ronald Dodge, Kathryn Coronges, Ericka Rovira
      Pages 457-464
      PDF

  13. Authentication and Delegation

    1. Multi-modal Behavioural Biometric Authentication for Mobile Devices
      Hataichanok Saevanee, Nathan L. Clarke, Steven M. Furnell
      Pages 465-474
      PDF
    2. Analysis and Modeling of False Synchronizations in 3G-WLAN Integrated Networks
      Christoforos Ntantogian, Christos Xenakis, Ioannis Stavrakakis
      Pages 475-488
      PDF
    3. Password Protected Smart Card and Memory Stick Authentication against Off-Line Dictionary Attacks
      Yongge Wang
      Pages 489-500
      PDF
    4. Distributed Path Authentication for Dynamic RFID-Enabled Supply Chains
      Shaoying Cai, Yingjiu Li, Yunlei Zhao
      Pages 501-512
      PDF
    5. Enhanced Dictionary Based Rainbow Table
      Vrizlynn L. L. Thing, Hwei-Ming Ying
      Pages 513-524
      PDF

  14. Short Papers

    1. Authorization Policies for Materialized Views
      Sarah Nait-Bahloul, Emmanuel Coquery, Mohand-Saïd Hacid
      Pages 525-530
      PDF
    2. Enhancing the Security of On-line Transactions with CAPTCHA Keyboard
      Yongdong Wu, Zhigang Zhao
      Pages 531-536
      PDF
    3. Fighting Pollution Attack in Peer-to-Peer Streaming Networks: A Trust Management Approach
      Xin Kang, Yongdong Wu
      Pages 537-542
      PDF
    4. A Framework for Anonymizing GSM Calls over a Smartphone VoIP Network
      Ioannis Psaroudakis, Vasilios Katos, Pavlos S. Efraimidis
      Pages 543-548
      PDF
    5. A Browser-Based Distributed System for the Detection of HTTPS Stripping Attacks against Web Pages
      Marco Prandini, Marco Ramilli
      Pages 549-554
      PDF
    6. Privacy-Preserving Mechanisms for Organizing Tasks in a Pervasive eHealth System
      Milica Milutinovic, Vincent Naessens, Bart De Decker
      Pages 555-560
      PDF
    7. Web Services Security Assessment: An Authentication-Focused Approach
      Yannis Soupionis, Miltiadis Kandias
      Pages 561-566
      PDF

About these proceedings

Introduction

This book constitutes the refereed proceedings of the 27th IFIP TC 11 International Information Security Conference, SEC 2012, held in Heraklion, Crete, Greece, in June 2012. The 42 revised full papers presented together with 11 short papers were carefully reviewed and selected from 167 submissions. The papers are organized in topical sections on attacks and malicious code, security architectures, system security, access control, database security, privacy attitudes and properties, social networks and social engineering, applied cryptography, anonymity and trust, usable security, security and trust models, security economics, and authentication and delegation.

Keywords

Web authentication botnet cryptanalysis phishing smart cards

Editors and affiliations

  • Dimitris Gritzalis
    • 1
  • Steven Furnell
    • 2
  • Marianthi Theoharidou
    • 1
  1. 1.Department of Informatics, Information Security and Critical Infrastructure Protection Research GroupAthens University of Economics and BusinessAthensGreece
  2. 2.School of Computing Communications and ElectronicsUniversity of PlymouthPlymouthUK

Bibliographic information

  • DOI https://doi.org/10.1007/978-3-642-30436-1
  • Copyright Information IFIP International Federation for Information Processing 2012
  • Publisher Name Springer, Berlin, Heidelberg
  • eBook Packages Computer Science
  • Print ISBN 978-3-642-30435-4
  • Online ISBN 978-3-642-30436-1
  • Series Print ISSN 1868-4238
  • Series Online ISSN 1861-2288
  • Buy this book on publisher's site
Industry Sectors
Pharma
Automotive
Biotechnology
Finance, Business & Banking
Electronics
IT & Software
Telecommunications
Energy, Utilities & Environment
Aerospace
Oil, Gas & Geosciences
Engineering