Program Integrity: Why Worry?
|
|
- Angelina Alexander
- 6 years ago
- Views:
Transcription
1 Program Integrity with Steganography and Program Analysis Mike Jochen Lori Pollock Lisa Marvel 28 August 2008 Program Integrity: Why Worry? 8/28/ Mike Jochen 2 1
2 Malicious Code (Malware) What are some things malware does? Installs Spam-bots Reveals personal/private data Platform for other mischief (DDOS attacks, net attacks, etc) What are some ways we get malware? File swapping Web surfing Other vulnerabilities 8/28/ Mike Jochen 3 Brief Chronology of Selected Malware Year Name First well known Internet worm Melissa Worm I Love You Code Red Klez Slammer, Blaster MyDoom, Sasser, Cabir Zotob Cost/Damage $96 million $10 s of millions $10 Billion $2.6 Billion $9 Billion $2.3 Billion $250 Million $97K/company Bottom line: Costs billions of dollars, lost resources (data, worker time, etc.) (source: viruslist.com) 8/28/ Mike Jochen 4 2
3 Outline Background/Motivation Program Tamper Detection Tamper Detection Marking (TDM) Framework Overview Implementation Details Evaluation (Java & SPARC) Future Work Conclusion 8/28/ Mike Jochen 5 Problem Motivation: Program Integrity Mobile Software Trusted/Distrusted Network Remote/Local Hosts & Trust Malicious Code (Malware)/Malicious Hosts Concerns: Loss of data/resources, safety 8/28/ Mike Jochen 6 3
4 Degrees of Current Protection User Do Nothing Pretend To Do Something Some Controls Allow Nothing User SysAdmin Decreased Protection Increased Protection SysAdmin Adversary Increased Flexibility Decreased Flexibility Adversary Restrict functionality to improve protection? What do we want to protect? Code Host Both 8/28/ Mike Jochen 7 Tamper Detection Checksum Perform some calculation over entire message CRC, MD5, SHA, SHA-1, MAC, HMAC Digital Watermark Similar to physical watermark in quality paper Embed information throughout message Classified as either Robust or Fragile Digital Signature Uses Private/Public key-pair MD5 (myimportantfile) = e98997e189b42c94b43d123a7d3776ff ---BEGIN PGP SIGNATURE--- Version: &84dd@10fdjsdjrtt3492iflkQ1FD08nnPOj =K0WJ ---END PGP SIGNATURE--- 8/28/ Mike Jochen 8 4
5 Embedded Program Protection Main Idea: Embed Tamper Detection Mark (TDM) in program Before running program locally, validate TDM Two main phases: Create and Embed Mark (on Trusted Host) Extract and Validate Mark (on Local Host) 8/28/ Mike Jochen 9 TDM Framework Goals Determine tampering with high probability Preserve physical size of program Static method No runtime penalty More appealing than conventional use of digital signatures (no separation, less bandwidth) Optional Computationally fast validation 8/28/ Mike Jochen 10 5
6 How to Tamper Mark a Program What to embed? Hash of file Client and server can generate independently Need good one-way hash function with low probability of collision Encrypt hash value for added protection Encrypted hash = TDM Utilize steganographic technique to embed TDM Where is the noise in the file to hide TDM? Need to hide in a place in code that can be altered without affecting semantics/performance Code may be optimized where is the ambiguity to embed the TDM? 8/28/ Mike Jochen 11 TDM Constraints Presence of TDM must not alter program semantics (computation remains unchanged) TDM is based on some computation over entire program Any change must dictate change in TDM value (good hash function) Must be able to generate TDM independently TDM embedded based on properties of program file Hiding capacity directly related to number of relocatable units in program Let n = # units, b = # TDM bits; n! 2 b 13 units to encode 32 bit value 35 units to encode 128 bit value 8/28/ Mike Jochen 12 6
7 Quick Aside: Stego Example Given an image (matrix of pixels) Given a secret message Replace least significant bits /28/ Mike Jochen 13 TDM Overview: Embed Actions performed on Trusted Host Why canonical form? What is TDM? How TDM embedded? 8/28/ Mike Jochen 14 7
8 TDM Overview: Validate Actions performed on Local Host Difference between TDM E and TDM L? Shared key? 8/28/ Mike Jochen 15 TDM Example: SPARC Object File TDM represented by order of Relocatable Basic Blocks (RBBs) Permute order of RBBs to represent a value Given n blocks, can have n! different orderings Each ordering maps to a number Knuth s Permute Test algorithm does this nicely 8/28/ Mike Jochen 16 8
9 TDM Example: SPARC Control Flow Graph Original Version Canonical Form TDM Version 8/28/ Mike Jochen 17 TDM Example: Java Constant Pool Table Less complex algorithm than SPARC Permute order of Constant Pool Table (CPT) What is Constant Pool Table? Table of strings, objects, data types in program Just a big array Other sections in program refer to CPT, so must update CPT addresses 8/28/ Mike Jochen 18 9
10 Compare the Constant Pools 1) CONSTANT_Methodref[10](class_index=6, name_and_type_index=15) 2) CONSTANT_Fieldref[9](class_index=16), name_and_type_index=17) 3) CONSTANT_String[8](string_index=18) 16) CONSTANT_Class[7](name_index=23) 17) CONSTANT_NameAndType[12](name_index=24, signature_index=25) 18) CONSTANT_Utf8[1]( Hello World! ) 23) CONSTANT_Utf8[1]( java/lang/system ) 24) CONSTANT_Utf8[1]( out ) 25) CONSTANT_Utf8[1]( Ljava/io/PrintStream; ) Original Constant Pool table Constant Pool Table with TDM 8) CONSTANT_Methodref[10](class_index=3, name_and_type_index=1) 9) CONSTANT_Fieldref[9](class_index=14, name_and_type_index=20) 10) CONSTANT_String[8](string_index=21) 11) CONSTANT_Utf8[1]( out ) 13) CONSTANT_Utf8[1]( Ljava/io/PrintStream; ) 14) CONSTANT_CLass[7](name_index=23) 20) CONSTANT_NameAndType[12](name_index=11, signature_index=13) 21) CONSTANT_Utf8[1]( Hello World! ) 22) CONSTANT_Utf8[1]( java/lang/system ) 8/28/ Mike Jochen 19 TDM Example: Java Method Table Original Version TDM Version 8/28/ Mike Jochen 20 10
11 TDM Evaluation 47 units (RBBS) to encode 192-bit authentication tag Smaller files use smaller hashes All attempts to tamper with program were detected by system Even when TDM was mangled, system signals validation error Other areas for embedding exist Analysis: Canonical Form O(nlogn) Permute O(n) Update O(n) Inverse Permute O(hash _ size 3 ) 8/28/ Mike Jochen 21 SPARC Evaluation (optimized/nonoptimized code) Name wave Size (KB) 6.5/7.0 Lines 26 Blocks 4/17 Embed Time 0.102/0.102 Validate Time 0.097/0.098 sort 6.7/ / / /0.099 bmm 8.4/ / / /0.101 wc 8.6/ / / /0.099 parafinns 9.3/ / / /0.109 compress 80.0/ / / / /28/ Mike Jochen 22 11
12 TDM Evaluation: SPARC Total Time Unoptimized Code Total Time Optimized Code 8/28/ Mike Jochen 23 Java Evaluation Name # of Files File Size (KB) Pool Size Embed Time Validate Time Average Total Average Total Average Total Average Total mtrt checkit db jess compress check raytrace RMI /28/ Mike Jochen 24 12
13 TDM Evaluation: Java Average Time Per Class file Total Time Per Benchmark 8/28/ Mike Jochen 25 Future Work Provide integrity for program state & input Investigate ability to detect malicious code with other comparison methods Expand to include a PKI 8/28/ Mike Jochen 26 13
14 Summary Introduced problems with program integrity Presented current techniques to address problem Designed & Evaluated TDM framework Transformation Control Specification for Evolving Programs 8/28/ Mike Jochen 27 Security or Dancing Pigs? "Given a choice between dancing pigs and security, users will pick dancing pigs every time. (McGraw & Felten, 1999) 8/28/ Mike Jochen 28 14
15 Questions? 8/28/ Mike Jochen 29 15
A Framework for Tamper Detection Marking of Mobile Applications
A Framework for Tamper Detection Marking of Mobile Applications Mike Jochen University of Delaware jochen@cis.udel.edu Lisa M. Marvel U.S. Army Research Laboratory marvel@arl.army.mil Lori L. Pollock University
More informationTamper Detection Marking for Object Files
Tamper Detection Marking for Object Files Mike Jochen and Lori L. Pollock University of Delaware Newark, DE 19716, USA Email: {jochen,pollock}@cis.udel.edu Lisa M. Marvel U.S. Army Research Laboratory
More informationCompression-Compatible Fragile and Semi-Fragile Tamper Detection
Compression-Compatible Fragile and Semi-Fragile Tamper Detection Lisa M. Marvel George W. Hartwig, Jr. Charles Boncelet, Jr. Presentation by Peter Macko Motivation Direct Applications Establishing credibility
More informationJeff Hinson CS525, Spring 2010
DIGITAL WATERMARKING Jeff Hinson CS525, Spring 2010 Outline Introduction Challenges Algorithms / Methods Detection Existing Programs Lessons Learned / Conclusion Questions Jeff Hinson CS525 Slide #1 Introduction
More informationSecurity. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
More informationOTP-Steg. One-Time Pad Image Steganography Using OTP-Steg V.1.0 Software October 2015 Dr. Michael J. Pelosi
OTP-Steg One-Time Pad Image Steganography Using OTP-Steg V.1.0 Software October 2015 Dr. Michael J. Pelosi What is Steganography? Steganography literally means covered writing Encompasses methods of transmitting
More informationSecuring Distributed Computation via Trusted Quorums. Yan Michalevsky, Valeria Nikolaenko, Dan Boneh
Securing Distributed Computation via Trusted Quorums Yan Michalevsky, Valeria Nikolaenko, Dan Boneh Setting Distributed computation over data contributed by users Communication through a central party
More informationUnder the Hood: The Java Virtual Machine. Problem: Too Many Platforms! Compiling for Different Platforms. Compiling for Different Platforms
Compiling for Different Platforms Under the Hood: The Java Virtual Machine Program written in some high-level language (C, Fortran, ML, ) Compiled to intermediate form Optimized Code generated for various
More informationMessage Authentication Codes and Cryptographic Hash Functions
Message Authentication Codes and Cryptographic Hash Functions Readings Sections 2.6, 4.3, 5.1, 5.2, 5.4, 5.6, 5.7 1 Secret Key Cryptography: Insecure Channels and Media Confidentiality Using a secret key
More informationSECURE SEMI-FRAGILE WATERMARKING FOR IMAGE AUTHENTICATION
SECURE SEMI-FRAGILE WATERMARKING FOR IMAGE AUTHENTICATION Chuhong Fei a, Raymond Kwong b, and Deepa Kundur c a A.U.G. Signals Ltd., 73 Richmond St. W, Toronto, ON M4H 4E8 Canada b University of Toronto,
More informationSE 4C03 Winter 2004 Steganography. Derek Lunn ( ) Last Revised: April 6th Introduction
SE 4C03 Winter 2004 Steganography Derek Lunn (9943193) Last Revised: April 6th 2004 Introduction Steganography is a means of hiding information in a carrier medium. Although the concept itself is not new,
More informationComputer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10r. Recitation assignment & concept review Paul Krzyzanowski Rutgers University Spring 2018 April 3, 2018 CS 419 2018 Paul Krzyzanowski 1 1. What is a necessary condition for perfect
More informationInformation and Communications Security: Encryption and Information Hiding
Short Course on Information and Communications Security: Encryption and Information Hiding Tuesday, 10 March Friday, 13 March, 2015 Lecture 10: Information Hiding Contents Covert Encryption Principles
More informationChapter 11 Message Integrity and Message Authentication
Chapter 11 Message Integrity and Message Authentication Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 11.1 Chapter 11 Objectives To define message integrity
More informationUnder the Hood: The Java Virtual Machine. Lecture 23 CS2110 Fall 2008
Under the Hood: The Java Virtual Machine Lecture 23 CS2110 Fall 2008 Compiling for Different Platforms Program written in some high-level language (C, Fortran, ML,...) Compiled to intermediate form Optimized
More informationCS408 Cryptography & Internet Security
CS408 Cryptography & Internet Security Lecture 18: Cryptographic hash functions, Message authentication codes Functions Definition Given two sets, X and Y, a function f : X Y (from set X to set Y), is
More informationA Detailed look of Audio Steganography Techniques using LSB and Genetic Algorithm Approach
www.ijcsi.org 402 A Detailed look of Audio Steganography Techniques using LSB and Genetic Algorithm Approach Gunjan Nehru 1, Puja Dhar 2 1 Department of Information Technology, IEC-Group of Institutions
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationBreaking the OutGuess
Breaking the OutGuess Jessica Fridrich, Miroslav Goljan, Dorin Hogea * presented by Deepa Kundur Department of Electrical and Computer Engineering * Department of Computer Science SUNY Binghamton, Binghamton,
More informationPart II Authentication Techniques
Part II Authentication Techniques Authentication Codes Provides means for ensuring integrity of message Independent of secrecy - in fact sometimes secrecy may be undesirable! Techniques for Authentication
More informationBit Adjusting Image Steganography in Blue Channel using AES and Secured Hash Function
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320 088X IMPACT FACTOR: 6.017 IJCSMC,
More informationSteganography. Brent McClain Rob Carey
Steganography Brent McClain Rob Carey What is Steganography Greek Origin Steganos means covered Graph means writing Hiding information in plain sight Cover Image Another image hidden in the picture Created
More informationEncryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message
More informationImage Authentication and Recovery Scheme Based on Watermarking Technique
Image Authentication and Recovery Scheme Based on Watermarking Technique KENJI SUMITOMO 1, MARIKO NAKANO 2, HECTOR PEREZ 2 1 Faculty of Information and Computer Engineering The University of Electro-Communications
More informationA Novel Secure Digital Watermark Generation from Public Share by Using Visual Cryptography and MAC Techniques
Bashar S. Mahdi Alia K. Abdul Hassan Department of Computer Science, University of Technology, Baghdad, Iraq A Novel Secure Digital Watermark Generation from Public Share by Using Visual Cryptography and
More informationIntroduction to Software Security Hash Functions (Chapter 5)
Introduction to Software Security Hash Functions (Chapter 5) Seong-je Cho Spring 2018 Computer Security & Operating Systems Lab, DKU Sources / References Textbook, Chapter 5. An Illustrated Guide to Cryptographic
More informationCHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM
109 CHAPTER 6 EFFICIENT TECHNIQUE TOWARDS THE AVOIDANCE OF REPLAY ATTACK USING LOW DISTORTION TRANSFORM Security is considered to be the most critical factor in many applications. The main issues of such
More informationLecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
More informationInformation Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1
Information Security message M one-way hash fingerprint f = H(M) 4/19/2006 Information Security 1 Outline and Reading Digital signatures Definition RSA signature and verification One-way hash functions
More informationDigital it Signatures. Message Authentication Codes. Message Hash. Security. COMP755 Advanced OS 1
Digital Signatures Digital it Signatures Offer similar protections as handwritten signatures in the real world. 1. Difficult to forge. 2. Easily verifiable. 3. Not deniable. 4. Easy to implement. 5. Differs
More informationIntroduction to Cryptography
Introduction to Cryptography 1 2 Definition process data into unintelligible form, reversibly, without data loss typically digitally usually one-to-one in size $ compression analog cryptography: voice
More informationCryptographic Hash Functions. Rocky K. C. Chang, February 5, 2015
Cryptographic Hash Functions Rocky K. C. Chang, February 5, 2015 1 This set of slides addresses 2 Outline Cryptographic hash functions Unkeyed and keyed hash functions Security of cryptographic hash functions
More informationBasic Concepts and Definitions. CSC/ECE 574 Computer and Network Security. Outline
CSC/ECE 574 Computer and Network Security Topic 2. Introduction to Cryptography 1 Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationLecture 18 Message Integrity. Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides from Miller & Bailey s ECE 422
Lecture 18 Message Integrity Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides from Miller & Bailey s ECE 422 Cryptography is the study/practice of techniques for secure communication,
More informationCRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK
CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK UNIT-1 1. Answer the following: a. What is Non-repudiation b. Distinguish between stream and block ciphers c. List out the problems of one time pad d. Define
More informationIntroduction. Ahmet Burak Can Hacettepe University. Information Security
Introduction Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr Information Security 1 Books Textbook: Network Security: Private Communication in a Public World, 2nd Edition. C. Kaufman, R. Perlman,
More informationMessage Authentication and Hash function
Message Authentication and Hash function Concept and Example 1 Approaches for Message Authentication Encryption protects message against passive attack, while Message Authentication protects against active
More informationarxiv: v1 [cs.cr] 31 Dec 2018
Security analysis of a self-embedding fragile image watermark scheme Xinhui Gong, Feng Yu, Xiaohong Zhao, Shihong Wang School of Science, Beijing University of Posts and Telecommunications, Beijing 100876,
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationComputer Security. 10. Exam 2 Review. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 10. Exam 2 Review Paul Krzyzanowski Rutgers University Spring 2017 March 23, 2018 CS 419 2017 Paul Krzyzanowski 1 Question 1(a) Suppose you come across some old text in the form GEPPQ
More informationConventional Protection Mechanisms in File Systems
Steganographic File Systems 1 Conventional Protection Mechanisms in File Systems User Access Control The operating system is fully trusted to enforce the security policy. Is it good enough? Operating System
More informationS. Erfani, ECE Dept., University of Windsor Network Security
4.11 Data Integrity and Authentication It was mentioned earlier in this chapter that integrity and protection security services are needed to protect against active attacks, such as falsification of data
More informationCryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
More informationZum Einsatz von Hash-Funktionen in der Computer-Forensik: Status Quo und Herausforderungen
Harald Baier Hash Functions in Forensics / Fhg-SIT, 2011-04-12 1/25 Zum Einsatz von Hash-Funktionen in der Computer-Forensik: Status Quo und Herausforderungen Harald Baier Hochschule Darmstadt, CASED Fhg-SIT,
More informationJAVA IEEE Image Processing Projects
1. IEEE 2016: PassBYOP: Bring Your Own Picture for Securing Graphical Passwords Abstract: PassBYOP is a new graphical password scheme for public terminals that replaces the static digital images typically
More informationCSE 127: Computer Security Cryptography. Kirill Levchenko
CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified
More informationENEE 459-C Computer Security. Message authentication
ENEE 459-C Computer Security Message authentication Data Integrity and Source Authentication Encryption does not protect data from modification by another party. Why? Need a way to ensure that data arrives
More informationCSCI 454/554 Computer and Network Security. Topic 2. Introduction to Cryptography
CSCI 454/554 Computer and Network Security Topic 2. Introduction to Cryptography Outline Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues 2 Basic Concepts and Definitions
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationOutline. Cryptography. Encryption/Decryption. Basic Concepts and Definitions. Cryptography vs. Steganography. Cryptography: the art of secret writing
Outline CSCI 454/554 Computer and Network Security Basic Crypto Concepts and Definitions Some Early (Breakable) Cryptosystems Key Issues Topic 2. Introduction to Cryptography 2 Cryptography Basic Concepts
More informationSymmetric Encryption 2: Integrity
http://wwmsite.wpengine.com/wp-content/uploads/2011/12/integrity-lion-300x222.jpg Symmetric Encryption 2: Integrity With material from Dave Levin, Jon Katz, David Brumley 1 Summing up (so far) Computational
More informationCrypto for Hackers. Eijah. v1.00 August 7 th, 2015
Crypto for Hackers Eijah v1.00 August 7 th, 2015 Hello World Shall we play a game? Joshua/WOPR Who am I? Founder Programmer Hacker 4 Last year at Defcon Saving Cyberspace by Reinventing File Sharing We
More informationData Hiding on Text Using Big-5 Code
Data Hiding on Text Using Big-5 Code Jun-Chou Chuang 1 and Yu-Chen Hu 2 1 Department of Computer Science and Communication Engineering Providence University 200 Chung-Chi Rd., Shalu, Taichung 43301, Republic
More informationCSC 5930/9010 Modern Cryptography: Cryptographic Hashing
CSC 5930/9010 Modern Cryptography: Cryptographic Hashing Professor Henry Carter Fall 2018 Recap Message integrity guarantees that a message has not been modified by an adversary Definition requires that
More informationClemens H. Cap Universität Rostock clemens.cap (at) uni-rostock (dot) de STEGANOGRAPHY. BaSoTI 2012, Tartu
Clemens H. Cap Universität Rostock clemens.cap (at) uni-rostock (dot) de STEGANOGRAPHY BaSoTI 2012, Tartu Question Definition Can we send hidden information? Steganography is the art of transmitting information
More informationConcrete cryptographic security in F*
Concrete cryptographic security in F* crypto hash (SHA3) INT-CMA encrypt then-mac Auth. encryption Secure RPC some some some adversary attack attack symmetric encryption (AES). IND-CMA, CCA2 secure channels
More informationSTEGANOGRAPHY Question Definition. Historical Cases of Steganography. Can we send hidden information?
Clemens H. Cap Universität Rostock clemens.cap (at) uni rostock (dot) de STEGANOGRAPHY Question Definition Can we send hidden information? Steganography is the art of transmitting information but hiding
More informationSecure Image Encryption Authentication Compression System
Secure Image Encryption Authentication Compression System Vinolina.R 1,M.S.Vijaykumar 2,A.M Senthil Kumar 3 1 CSE Department,Tejaa Shakthi Institute of Technology For Women,Coimbatore 2 Assistant Professor,
More informationCHAPTER 4 REVERSIBLE IMAGE WATERMARKING USING BIT PLANE CODING AND LIFTING WAVELET TRANSFORM
74 CHAPTER 4 REVERSIBLE IMAGE WATERMARKING USING BIT PLANE CODING AND LIFTING WAVELET TRANSFORM Many data embedding methods use procedures that in which the original image is distorted by quite a small
More informationBCA III Network security and Cryptography Examination-2016 Model Paper 1
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct
More informationAssignment 9 / Cryptography
Assignment 9 / Cryptography Michael Hauser March 2002 Tutor: Mr. Schmidt Course: M.Sc Distributed Systems Engineering Lecturer: Mr. Owens CONTENTS Contents 1 Introduction 3 2 Simple Ciphers 3 2.1 Vignère
More informationCryptographic Checksums
Cryptographic Checksums Mathematical function to generate a set of k bits from a set of n bits (where k n). k is smaller then n except in unusual circumstances Example: ASCII parity bit ASCII has 7 bits;
More informationImplementation of Security in Cloud Systems Based using Encryption and Steganography
Implementation of Security in Cloud Systems Based using Encryption and Steganography 1 A.Mahesh Babu, 2 G.A. Ramachandra, 3 M.Suresh Babu 1,2 Department of Computer Science & Technology, Sri Krishnadevaraya
More informationText Hiding In Multimedia By Huffman Encoding Algorithm Using Steganography
Text Hiding In Multimedia By Huffman Encoding Algorithm Using Steganography Madhavi V.Kale 1, Prof. Swati A.Patil 2 PG Student, Dept. Of CSE., G.H.Raisoni Institute Of Engineering And Management,Jalgaon
More informationBasics of Cryptography, Cryptoprotocols, and Steganography
Basics of Cryptography, Cryptoprotocols, and Steganography 14 August 2017 Clark Thomborson University of Auckland Security Requirements Alice wants to send a message to Bob. Moreover, Alice wants to send
More informationResearch Article Improvements in Geometry-Based Secret Image Sharing Approach with Steganography
Hindawi Publishing Corporation Mathematical Problems in Engineering Volume 2009, Article ID 187874, 11 pages doi:10.1155/2009/187874 Research Article Improvements in Geometry-Based Secret Image Sharing
More informationCS Computer Networks 1: Authentication
CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores
More informationChaos-based Modified EzStego Algorithm for Improving Security of Message Hiding in GIF Image
015 International Conference on Computer, Control, Informatics and Its Applications Chaos-based Modified EzStego Algorithm for Improving Security of Message Hiding in GIF Image Rinaldi Munir Informatics
More informationCS 425 / ECE 428 Distributed Systems Fall 2017
CS 425 / ECE 428 Distributed Systems Fall 2017 Indranil Gupta (Indy) Dec 5, 2017 Lecture 27: Security All slides IG Security Threats Leakage Unauthorized access to service or data E.g., Someone knows your
More information(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography
Code No: RR410504 Set No. 1 1. Write short notes on (a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography 3. (a) Illustrate Diffie-hellman Key Exchange scheme for GF(P) [6M] (b) Consider
More informationSpring 2010: CS419 Computer Security
Spring 2010: CS419 Computer Security MAC, HMAC, Hash functions and DSA Vinod Ganapathy Lecture 6 Message Authentication message authentication is concerned with: protecting the integrity of a message validating
More informationHOST Authentication Overview ECE 525
Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication in real-time
More information1. Out of the 3 types of attacks an adversary can mount on a cryptographic algorithm, which ones does differential cryptanalysis utilize?
Introduction Answer the following questions. When a word count restriction is given for a question, exceeding it will result in marks being deducted. If your answer is more than twice the maximum length,
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationCryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes
CSE 484 / CSE M 584: Computer Security and Privacy Cryptography: Symmetric Encryption (finish), Hash Functions, Message Authentication Codes Spring 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu
More informationCryptography and Network Security
Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 14: Folklore, Course summary, Exam requirements Ion Petre Department of IT, Åbo Akademi University 1 Folklore on
More informationHiding of Random Permutated Encrypted Text using LSB Steganography with Random Pixels Generator
Hiding of Random Permutated Encrypted Text using LSB Steganography with Random Pixels Generator Noor Kareem Jumaa Department of Computer Technology Engineering Al-Mansour University College, Iraq ABSTRACT
More informationCryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
More informationMultimedia Security: So What s the Big Deal?
Multimedia Security: So What s the Big Deal? Edward J. Delp Purdue University School of Electrical and Computer Engineering Video and Image Processing Laboratory (VIPER) West Lafayette, Indiana email:
More informationComparative Analysis of 2-Level and 4-Level DWT for Watermarking and Tampering Detection
International Journal of Latest Engineering and Management Research (IJLEMR) ISSN: 2455-4847 Volume 1 Issue 4 ǁ May 2016 ǁ PP.01-07 Comparative Analysis of 2-Level and 4-Level for Watermarking and Tampering
More informationFighting Spam, Phishing and Malware With Recurrent Pattern Detection
Fighting Spam, Phishing and Malware With Recurrent Pattern Detection White Paper September 2017 www.cyren.com 1 White Paper September 2017 Fighting Spam, Phishing and Malware With Recurrent Pattern Detection
More informationLecture 4: Hashes and Message Digests,
T-79.159 Cryptography and Data Security Lecture 4: Hashes and Message Digests Helsinki University of Technology mjos@tcs.hut.fi 1 Cryptographic hash functions Maps a message M (a bit string of arbitrary
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
More informationCSE484 Final Study Guide
CSE484 Final Study Guide Winter 2013 NOTE: This study guide presents a list of ideas and topics that the TAs find useful to know, and may not represent all the topics that could appear on the final exam.
More informationIs Browsing Safe? Web Browser Security. Subverting the Browser. Browser Security Model. XSS / Script Injection. 1. XSS / Script Injection
Is Browsing Safe? Web Browser Security Charlie Reis Guest Lecture - CSE 490K - 5/24/2007 Send Spam Search Results Change Address? Install Malware Web Mail Movie Rentals 2 Browser Security Model Pages are
More informationTopics. Number Theory Review. Public Key Cryptography
Public Key Cryptography Topics 1. Number Theory Review 2. Public Key Cryptography 3. One-Way Trapdoor Functions 4. Diffie-Helman Key Exchange 5. RSA Cipher 6. Modern Steganography Number Theory Review
More informationA hash function is strongly collision-free if it is computationally infeasible to find different messages M and M such that H(M) = H(M ).
CA4005: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 5 5.1 A hash function is an efficient function mapping binary strings of arbitrary length to binary strings of fixed length (e.g. 128 bits), called the hash-value
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationANET: An Anonymous Networking Protocol
ANET: An Anonymous Networking Protocol Casey Marshall csm@soe.ucsc.edu May 31, 2005 Abstract This paper presents a simple, anonymizing network protocol. Its primary goal is to provide untraceability of
More informationMapping Internet Sensors with Probe Response Attacks
Mapping Internet Sensors with Probe Response Attacks Computer Sciences Department University of Wisconsin, Madison Introduction Outline Background Example Attack Introduction to the Attack Basic Probe
More informationBiometric Data Hiding: A 3 Factor Authentication Approach to Verify Identity with a Single Image Using Steganography, Encryption and Matching
Biometric Data Hiding: A 3 Factor Authentication Approach to Verify Identity with a Single Image Using Steganography, Encryption and Matching Neha Agrawal and Marios Savvides Carnegie Mellon University
More informationProblem: Too Many Platforms!
Compiling for Different Platforms 2 Program written in some high-level language (C, Fortran, ML,...) Compiled to intermediate form Optimized UNDE THE HOOD: THE JAVA VITUAL MACHINE Code generated for various
More informationWinter 2011 Josh Benaloh Brian LaMacchia
Winter 2011 Josh Benaloh Brian LaMacchia Symmetric Cryptography January 20, 2011 Practical Aspects of Modern Cryptography 2 Agenda Symmetric key ciphers Stream ciphers Block ciphers Cryptographic hash
More informationOutline. V Computer Systems Organization II (Honors) (Introductory Operating Systems) Language-based Protection: Solution
Outline V22.0202-001 Computer Systems Organization II (Honors) (Introductory Operating Systems) Lecture 21 Language-Based Protection Security April 29, 2002 Announcements Lab 6 due back on May 6th Final
More informationInformation Security: Principles and Practice Second Edition. Mark Stamp
Information Security: Principles and Practice Second Edition Mark Stamp August 10, 2009 Contents Preface Second Edition Preface About The Author Acknowledgments xvii xix xxiii xxv 1 Introduction 1 1.1
More informationData Integrity. Modified by: Dr. Ramzi Saifan
Data Integrity Modified by: Dr. Ramzi Saifan Encryption/Decryption Provides message confidentiality. Does it provide message authentication? 2 Message Authentication Bob receives a message m from Alice,
More informationLecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall Nitesh Saxena
Lecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall 2009 Nitesh Saxena *Adopted from a previous lecture by Gene Tsudik Course Admin HW3 Problem 3 due Friday midnight
More informationChapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.
Name Date Chapter 10: Security After completion of this chapter, students should be able to: Explain why security is important and describe security threats. Explain social engineering, data wiping, hard
More informationThe Case for Pushing DNS. Mark Handley and Adam Greenhalgh
The Case for Pushing DNS Mark Handley and Adam Greenhalgh UCL 1 In the beginning There was Jon Postel And hosts.txt And all was well. Then came DNS And scale. And all was well. Then came scale. And all
More informationThe OpenSSH Protocol under the Hood
The OpenSSH Protocol under the Hood Girish Venkatachalam Abstract The nitty-gritty details as to what OpenSSH is and why it is ubiquitous. Is there a program more commonly used in day-to-day Linux computing
More information