The sharp increase in the number of smartphones on the market, with the Android platform posed to becoming a market leader makes the need for malware analysis on this platform an urgent issue. In this paper we capital...
详细信息
In order to make people truly benefit from data sharing, we need technical solutions to assuring the trustworthiness of data received from parties one may not have encountered in the past. Assured data provenance is a...
详细信息
ISBN:
(纸本)9781450304665
In order to make people truly benefit from data sharing, we need technical solutions to assuring the trustworthiness of data received from parties one may not have encountered in the past. Assured data provenance is an important means for this purpose because it (i) allows data providers to get credited for their contribution or sharing of data, (ii) is able to hold the data providers accountable for the data they contributed, and (iii) enables the data providers to supply high-quality data in a self-healing fashion. While the above (i) and (ii) have been investigated to some extent, the above (iii) is a new perspective that, to our knowledge, has not been investigated in the literature. In this paper, we introduce a novel cryptographic technique that can simultaneously offer these properties. Our technique is called editable signatures, which allow a user, Bob, to edit (e.g., replace, modify, and insert) some portions of the message that is contributed and signed by Alice such that the resulting edited message is jointly signed by Alice and Bob in some fashion. While it is easy to see that the above (i) and (ii) are achieved, the above (iii) is also achieved because Bob may have a better knowledge of the situation that allows him to provide more accurate/trustworthy information than Alice, who may intentionally or unintentionally enter inaccurate or even misleading data into an information network. This is useful because Alice's inaccurate or even misleading information will never be released into an information network if it can be "cleaned" or "healed" by Bob. Specifically, we propose two novel cryptographic constructions that can be used to realize the above functions in some practical settings. Copyright 2011 acm.
In recent years, organizations ranging from defense and other government institutions to commercial enterprises, research labs, etc., have witnessed an increasing amount of sophisticated insider attacks that manage to...
详细信息
ISBN:
(纸本)9781450304665
In recent years, organizations ranging from defense and other government institutions to commercial enterprises, research labs, etc., have witnessed an increasing amount of sophisticated insider attacks that manage to bypass existing security controls. Insider threats are staged by either disgruntled employees, or employees engaged in malicious activities such as industrial espionage. The objectives of such threats range from sabotage, e.g., in order to disrupt the completion of a project, to exfiltration of sensitive data such as trade secrets, patents, etc. Insiders are often skilled and motivated individuals with good knowledge of internal security measures in the organization. They devise effective and carefully planned attacks, prepared over long periods of time and customized to inflict maximum damage. Such attacks are difficult to detect and protect against, because insiders have the proper credentials to access services and systems within the organization, and possess knowledge that may allow them to deceive network defense controls. As a result, a large number of hosts may be taken over, allowing malicious insiders to maintain control over the network even after leaving the organization. The objective of this study is to identify a high-level architecture and mechanisms for early detection and protection against insider threats. One of the main aspects we focus on is preventing data exfiltration, which is known to cost billions of dollars in losses annually. The goal is to either (i) detect attacks as they occur and prevent insiders from gaining control over the network, or (ii) detect early hosts and services that are compromised such that malware is prevented from spreading/morphing, hence insiders are no longer able to control the network or to exfiltrate sensitive data. We envision a data-intensive approach that leverages large amounts of events collected from a diverse set of sources such as network sensors, intrusion detection systems, service logs, a
Modern smartphone operating systems support the development of third-party applications with open system APIs. In addition to an open API, the Android operating system also provides a rich inter-application message pa...
详细信息
暂无评论