A Static-Dynamic Conjunct Windows Process Integrity Detection Model
|
|
- Dylan Baker
- 5 years ago
- Views:
Transcription
1 A Static-Dynamic Conjunct Windows Process Integrity Detection Model Fei Chen 1, Yi Li 1, Tong Zhang 1, Kehe Wu 1, 1 North China Electric Power University, Department of Control and Computer Engineering, Beinong Rd. 2, Beijing, China chenfei0428@126.com, liyi174748@163.com, zhtzhangtong@163.com, epuwkh@126.com Abstract. In this paper we propose a process integrity detection model. This model combines static detection with dynamic detection method to prevent processes from being tampered maliciously. Static detection is based on integrity detection of process files, it is implemented by calculating hash value of file directly; dynamic detection is based on detecting integrity of process code space when the process is running, this method checks whether process integrity is destroyed through counting the number of memory blocks and size of space used by the process, as well as calculating hash value of code segment during process is running and comparing it with the prospective value. We carry out experiments of this model in Windows operating system, the result shows that this model can effectively prevent processes from being tampered illegally, and it affects little to running of operating system. Keywords: process integrity, static detection, dynamic detection, malicious code, information security 1 Introduction Process integrity is the attribute to maintain a program running correctly [1]. It is a common method for malicious code to break into computers via destroying integrity of process. Attackers achieve this goal by writing a segment of executable binary code in the address space of a process to modify normal execution procedure. The most remarkable example of this is process injection attack. Many famous worms such as Blaster and Code Red II are all through modifying memory space of process and destroy process integrity to spread them. With the rapid development of hacker technology, the harm brings by destruction of process integrity to operating system becomes much heavier. Thus it is very significant to monitor process integrity realtime and prevent process from being tampered maliciously in terms of protecting the security of operating system. Integrity detection can be divided into static integrity detection and dynamic integrity detection. Static integrity detection focuses on integrity of binary file of process, once the process is loaded into memory, any changes occur after that can not be detected. Tripwire is such a static integrity detection system [2]. Dynamic integrity detection aims at integrity of code while the corresponding process is running, it is the 30
2 most frequently-used means of attack for malicious code, and in turn is a hotspot of process integrity detection study. PDMIS[3] implements process integrity detection in page granularity and has a good effect. Patagonix[4] can take integrity detection for common Rootkits, whereas it has no demonstration tests. LKIM implements dynamic integrity detection for Linux kernel, but it does not implement detection for applications[5]. This paper proposes a process integrity detection model combines static integrity with dynamic integrity. It first detects integrity of process file before the process starts running, if it is authenticated, lets the process run, in addition, monitors and detects integrity of code real-time during the process is running; otherwise the model rejects running of the process immediately. Via utilizing double detection to prevent process integrity from being tampered maliciously at utmost and protect security of operating system. 2 Process Integrity Detection Model The process integrity detection model is made up of five components which are static integrity measurement module, communication module, integrity database, monitoring module and dynamic integrity measurement module. Among them static integrity measurement module, communication module and integrity database lie in application layer, while monitoring module and dynamic integrity measurement module are at kernel layer. Figure 1 shows the architecture of this model. Fig. 1. Process integrity detection model. 31
3 2.1 Static Integrity Measurement Module The static integrity measurement module is implemented to calculate integrity of binary files. Static integrity detection occurs in two situations: one is when the system starts-up, it measures integrity of all process files starts-up with the system; the other is when a new process is about to run, it suspends the process and measures integrity of corresponding binary file. If it is the first time for the process to run, the static integrity measurement module deposits the result of measurement into integrity database; otherwise, it compares measurement result with the value stores in integrity database, if they are consistent, the process will resume running, otherwise rejects running this process. 2.2 Monitoring Module Monitoring module is an important part of this model. It has two functions: one is to intercept requests of creating and writing process space, the other is to protect the model itself. When the monitoring module intercepts a request of creating process, it notifies static integrity measurement module to execute static measure; when it intercepts a request of writing process space, it in turn notifies dynamic integrity measurement module to carry out dynamic measure. To prevent the model from being destroyed maliciously, the monitoring module forbids illegal access to its files, and provides access control protection to the process of itself. 2.3 Dynamic Integrity Measurement Module Dynamic integrity measurement calculates integrity of two kinds of information. One is hash value of code segment and the other is hash value of process space usage information. When monitoring module intercepts requests of writing process space, it notifies dynamic integrity measurement module to calculate integrity of process. Taking efficiency into account, this module obtains number of process memory blocks and size of space to calculate integrity, rather than reading the content of process code segment to calculate hash value, eventually achieves the goal of detecting dynamic integrity of process by judging whether there are changes occur in process memory space. If there are no changes in process memory space, goes ahead reading the content of process code segment to calculate integrity, otherwise rejects running this process. 2.4 Communication Module Communication module is responsible for transferring information between modules. The information here can be divided into two kinds: one is integrity value, it is either the current calculating result or from integrity database; the other is control information, mostly it is requests of integrity measurement. When there is a process ready to execute, monitoring module intercepts the request of creating process, and notifies static integrity measurement module via 32
4 communication module to measure integrity of binary file. After the measurement finishes, static integrity measurement module notifies monitoring module result of comparison through communication module, and determines whether to continue executing the process base on the result. When monitoring module intercepts requests of writing process space, it notifies dynamic integrity measurement module to measure dynamic integrity, dynamic integrity measurement module then notifies communication module to take the value out from integrity database for comparison. 2.5 Integrity Database Integrity database stores integrity information of processes, including integrity value of static binary files, dynamic process space code segment as well as process memory information. The corresponding data structure is as follows. typedef struct procintegrityinfo{ char *procname; // process name char *procpath; // process path char *binaryfilehash; // hash value of binary file char *codeseghash; // hash value of process code segment content char *procspacehash;// hash value of process space usage }TProcIntegrityInfo,*PProcIntegrityInfo; Note that the hash value of process memory information is calculated from number of memory blocks and size of memory space occupied by the process. This information in database can be appropriately encrypted in case of being exposed. 2.6 Procedure of Integrity Detection The procedure of process execution is split into two stages which are static detection and dynamic detection. A process will have no chance to execute if it is not authenticated by static detection. Accordingly, if the process is not authenticated by dynamic detection, it will also be terminated. Static integrity detection calculates hash value of binary file, if a process is authenticated by static detection, calculates hash value of process memory information, and stores it into integrity database. Dynamic integrity detection calculates hash value of process memory information first, if it is consistent, calculates hash value of process code segment, and compares it with the value stored in integrity database. The procedure of static and dynamic integrity detection is shown in Fig
5 Fig. 2. Procedure of integrity detection. 3 Experiment and Analysis This experiment is to test response capability against process injection attack and performance effect brings to operating system. The content of experiment including whether it can find out and alert injection attack against protected process, and tests the effect of time and load brings to system when invoking system services in normal circumstances. The result of experiment shows that this method can response to injection attack in time, and brings an inconspicuous delay to system service call, affects little to operating system. 34
6 Table 1. Result of system performance test Injected process CPU Occupy Response Time Notepad.exe 1% 1.3ms Winword.exe 2%-5% 4.4ms Iexplore.exe 3%-5% 4.6ms Apareader.exe 6%-8% 7.5ms 4 Conclusion This paper aims at threats of processes being tampered by malicious code, from perspect of integrity, proposes a model of process integrity detection combines with dynamic integrity and static integrity. This model can effectively detect integrity of binary files and memory space while the process is running to ensure the running process unmodified through double detection, and can achieve expected goals via expected actions[6]. The result of tests shows that this model has an outstanding performance in all-sidedness of detection, universality of defence and stability of performance. As this model interacts frequently with database, it is significant to adopt an effective searching algorithm to improve efficiency. In the future work, we will further our study in this aspect to make improvements. Besides, there is only a prototype for this model under Windows platform, in the future, we should also study prototype systems in other operating systems to extend range of its application. References 1. Zeng, F., Chen, M., Yin, K., Wang, X.: Process Integrity and Its Application in Software Vulnerability Testing. Information Security and Communications Privacy. Vol. 10, (2009) 2. Kim, G., Spafford, E.: Design and Implementation of Tripwire: A File System Integrity Checker. In: 2nd ACM Conference on Computer and communications security, pp ACM, New York (1994) 3. Wei, C., Song, S., Hua, W., Bian, P.: Operating Systems Support for Process Dynamic Integrity Measurement. In: IEEE Youth Conference on Information, Computing, and Telecommunication, pp IEEE Press, New York (2009) 4. Litty, L., Andrés Lagar-Cavilla, H., Lie D.: Hypervisor Support for Identifying Covertly Executing Binaries. In: 17th Conference on Security Symposium, pp USENIX Association Berkeley (2008) 5. Loscocco, P. A., Wilson, P. W., Pendergrass, J. A., McDonell, C. D.: Linux Kernel Integrity Measurement Using Contextual Inspection. In: 2007 ACM workshop on scalable trusted computing, pp ACM, New York (2007) 6. Sheng, C., Zhang, H., Wang, H., Wang, J., Zhao, B., Yan, W., Yu, F., Zhang, L., Xu, M.: Reaserch on Trusted Computing and Its Development. Science China (Information Sciences). Vol.53, (2010) 35
The security solution for Windows XP end of life with trusted computing technology
Joint International Mechanical, Electronic and Information Technology Conference (JIMET 2015) The security solution for Windows XP end of life with trusted computing technology Cui Zhanhua1, a *, Pan Hongyi2
More informationStudy on Computer Network Technology of Digital Library
International Symposium on Computers & Informatics (ISCI 2015) Study on Computer Network Technology of Digital Library Yanming Sui LinYi University, Linyi, China suiyanming@lyu.edu.cn Abstract With the
More informationSecurity versus Energy Tradeoffs in Host-Based Mobile Malware Detection
Security versus Energy Tradeoffs in Host-Based Mobile Malware Detection Jeffrey Bickford *, H. Andrés Lagar-Cavilla #, Alexander Varshavsky #, Vinod Ganapathy *, and Liviu Iftode * * Rutgers University
More informationResearch and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen SUN
2016 International Conference on Wireless Communication and Network Engineering (WCNE 2016) ISBN: 978-1-60595-403-5 Research and Design of Crypto Card Virtualization Framework Lei SUN, Ze-wu WANG and Rui-chen
More informationA New Method Of VPN Based On LSP Technology
2nd Joint International Information Technology, Mechanical and Electronic Engineering Conference (JIMEC 2017) A New Method Of VPN Based On LSP Technology HaiJun Qing 1, 2 1, 2, ChaoXiang Liang, LiPing
More informationA Compatible Public Service Platform for Multi-Electronic Certification Authority
Applied Mechanics and Materials Submitted: 2014-04-26 ISSN: 1662-7482, Vol. 610, pp 579-583 Accepted: 2014-05-26 doi:10.4028/www.scientific.net/amm.610.579 Online: 2014-08-11 2014 Trans Tech Publications,
More informationHypervisor Support for Identifying Covertly Executing Binaries
Hypervisor Support for Identifying Covertly Executing Binaries Lionel Litty H. Andrés Lagar-Cavilla Dept. of Computer Science University of Toronto {llitty,andreslc}@cs.toronto.edu David Lie Dept. of Elec.
More informationStudy on data encryption technology in network information security. Jianliang Meng, Tao Wu a
nd International Workshop on Materials Engineering and Computer Sciences (IWMECS 05) Study on data encryption technology in network information security Jianliang Meng, Tao Wu a School of North China Electric
More informationProblems in Reputation based Methods in P2P Networks
WDS'08 Proceedings of Contributed Papers, Part I, 235 239, 2008. ISBN 978-80-7378-065-4 MATFYZPRESS Problems in Reputation based Methods in P2P Networks M. Novotný Charles University, Faculty of Mathematics
More informationResearch on the Application Security Isolation Model
Research on the Application Security Isolation Model Lei Gong 1,2,3, Yong Zhao 3, and Jianhua Liao 4 1 Institute of Electronic Technology, Information Engineering University, Zhengzhou, China 2 Key Lab
More informationA Method of Identifying the P2P File Sharing
IJCSNS International Journal of Computer Science and Network Security, VOL.10 No.11, November 2010 111 A Method of Identifying the P2P File Sharing Jian-Bo Chen Department of Information & Telecommunications
More informationAn Improved Timestamp-Based Password Authentication Scheme Using Smart Cards
An Improved Timestamp-Based Password Authentication Scheme Using Smart Cards Al-Sakib Khan Pathan and Choong Seon Hong Department of Computer Engineering, Kyung Hee University, Korea spathan@networking.khu.ac.kr
More informationOpen Access The Three-dimensional Coding Based on the Cone for XML Under Weaving Multi-documents
Send Orders for Reprints to reprints@benthamscience.ae 676 The Open Automation and Control Systems Journal, 2014, 6, 676-683 Open Access The Three-dimensional Coding Based on the Cone for XML Under Weaving
More informationStealthy Deployment and Execution of In-Guest Kernel Agents
Stealthy Deployment and Execution of In-Guest Kernel Agents Tzi-cker Chiueh Matthew Conover Maohua Lu Bruce Montague Symantec Research Labs {tzi-cker chiueh, matthew conover, maohua lu, bruce montague}@symantec.com
More informationDesign and Implementation of Page Replacement Algorithms based on an Inverted Page Table
Adv. Eng. Tec. Appl. 5, No. 2, 35-39 (2016) 35 Advanced Engineering Technology and Application An International Journal http://dx.doi.org/10.18576/aeta/050203 Design and Implementation of Page Replacement
More informationModel the P2P Attack in Computer Networks
International Conference on Logistics Engineering, Management and Computer Science (LEMCS 2015) Model the P2P Attack in Computer Networks Wei Wang * Science and Technology on Communication Information
More informationNew Embedded Security Software Approach for ATM
IJSRD - International Journal for Scientific Research & Development Vol. 2, Issue 03, 2014 ISSN (online): 2321-0613 New Embedded Security Software Approach for ATM Nalinkumar Saksena 1 1 M. E. Student
More information@IJMTER-2016, All rights Reserved ,2 Department of Computer Science, G.H. Raisoni College of Engineering Nagpur, India
Secure and Flexible Communication Technique: Implementation Using MAC Filter in WLAN and MANET for IP Spoofing Detection Ashwini R. Vaidya 1, Siddhant Jaiswal 2 1,2 Department of Computer Science, G.H.
More informationResearch Article Research on Dynamic Integrity Measurement Model Based on Memory Paging Mechanism
Discrete Dynamics in Nature and Society, Article ID 478985, 7 pages http://dx.doi.org/10.1155/2014/478985 Research Article Research on Dynamic Measurement Model Based on Memory Paging Mechanism Chaowen
More informationResearch on System Login Security Encryption Method Based on MD5
2016 International Conference on Control and Automation (ICCA 2016) ISBN: 978-1-60595-329-8 Research on System Login Security Encryption Method Based on MD5 Xi-mei ZHANG 1, Ying LI 2,Yi-Zhen CAO 3 and
More informationComputer Life (CPL) ISSN: Research on the Construction of Network and Information Security. Architecture in Campus
Computer Life (CPL) ISSN: 1819-4818 DELIVERING QUALITY SCIENCE TO THE WORLD Research on the Construction of Network and Information Security Architecture in Campus Zhaoyong Zhou 1, a, Xiaoli Zhang 1, Yuan
More informationP2P Botnet Detection Method Based on Data Flow. Wang Jiajia 1, a Chen Yu1,b
2nd International Symposium on Advances in Electrical, Electronics and Computer Engineering (ISAEECE 2017) P2P Botnet Detection Method Based on Data Flow Wang Jiajia 1, a Chen Yu1,b 1 Taizhou Pylotechnic
More informationAn Improved DV-Hop Algorithm for Resisting Wormhole Attack
Send Orders for Reprints to reprints@benthamscience.ae The Open Cybernetics & Systemics Journal, 2015, 9, 1443-1448 1443 Open Access An Improved DV-Hop Algorithm for Resisting Wormhole Attack Xiaoying
More informationExperience with SPM in IPv6
Experience with SPM in IPv6 Mingjiang Ye, Jianping Wu, and Miao Zhang Department of Computer Science, Tsinghua University, Beijing, 100084, P.R. China yemingjiang@csnet1.cs.tsinghua.edu.cn {zm,jianping}@cernet.edu.cn
More informationarxiv: v1 [cs.cr] 31 Dec 2018
Security analysis of a self-embedding fragile image watermark scheme Xinhui Gong, Feng Yu, Xiaohong Zhao, Shihong Wang School of Science, Beijing University of Posts and Telecommunications, Beijing 100876,
More informationGeospatial Information Service Based on Ad Hoc Network
I. J. Communications, Network and System Sciences, 2009, 2, 91-168 Published Online May 2009 in SciRes (http://www.scirp.org/journal/ijcns/). Geospatial Information Service Based on Ad Hoc Network Fuling
More informationBlockchain-based Firmware Update Framework for Internet-of-Things Environment
Int'l Conf. Information and Knowledge Engineering IKE'18 151 Blockchain-based Firmware Update Framework for Internet-of-Things Environment Alexander Yohan 1, Nai-Wei Lo 2, Suttawee Achawapong 3 Department
More informationDawn Song
1 Virtual Machines & Security Dawn Song dawnsong@cs.berkeley.edu Virtual Machines VM: Execution environment that gives the illusion of a real machine VMM/Hypervisor: host software which provides this capability
More informationHigh Capacity Reversible Watermarking Scheme for 2D Vector Maps
Scheme for 2D Vector Maps 1 Information Management Department, China National Petroleum Corporation, Beijing, 100007, China E-mail: jxw@petrochina.com.cn Mei Feng Research Institute of Petroleum Exploration
More informationUnicorn: Two- Factor Attestation for Data Security
ACM CCS - Oct. 18, 2011 Unicorn: Two- Factor Attestation for Data Security M. Mannan Concordia University, Canada B. Kim, A. Ganjali & D. Lie University of Toronto, Canada 1 Unicorn target systems q High
More informationI Don't Want to Sleep Tonight:
I Don't Want to Sleep Tonight: Subverting Intel TXT with S3 Sleep Seunghun Han, Jun-Hyeok Park (hanseunghun parkparkqw)@nsr.re.kr Wook Shin, Junghwan Kang, HyoungChun Kim (wshin ultract khche)@nsr.re.kr
More informationIntelligent Terminal System Based on Trusted Platform Module
American Journal of Mobile Systems, Applications and Services Vol. 4, No. 3, 2018, pp. 13-18 http://www.aiscience.org/journal/ajmsas ISSN: 2471-7282 (Print); ISSN: 2471-7290 (Online) Intelligent Terminal
More informationAvailable online at ScienceDirect. IERI Procedia 4 (2013 ) 2 7
Available online at www.sciencedirect.com ScienceDirect IERI Procedia 4 (2013 ) 2 7 2013 International Conference on Electronic Engineering and Computer Science The Web Security Password Authentication
More informationA Secure Wireless LAN Access Technique for Home Network
A Secure Wireless LAN Access Technique for Home Network *Ju-A Lee, *Jae-Hyun Kim, **Jun-Hee Park, and **Kyung-Duk Moon *School of Electrical and Computer Engineering Ajou University, Suwon, Korea {gaia,
More informationRelational Database Watermarking for Ownership Protection
Available online at www.sciencedirect.com Procedia Technology 6 (2012 ) 988 995 2nd International Conference on Communication, Computing & Security [ICCCS-2012] Relational Database Watermarking for Ownership
More informationSecurity Analysis of PSLP: Privacy-Preserving Single-Layer Perceptron Learning for e-healthcare
Security Analysis of PSLP: Privacy-Preserving Single-Layer Perceptron Learning for e-healthcare Jingjing Wang 1, Xiaoyu Zhang 1, Jingjing Guo 1, and Jianfeng Wang 1 1 State Key Laboratory of Integrated
More informationFeatured Articles II Security Research and Development Research and Development of Advanced Security Technology
364 Hitachi Review Vol. 65 (2016), No. 8 Featured Articles II Security Research and Development Research and Development of Advanced Security Technology Tadashi Kaji, Ph.D. OVERVIEW: The damage done by
More informationThe principle of a fulltext searching instrument and its application research Wen Ju Gao 1, a, Yue Ou Ren 2, b and Qiu Yan Li 3,c
International Conference on Education, Management, Commerce and Society (EMCS 2015) The principle of a fulltext searching instrument and its application research Wen Ju Gao 1, a, Yue Ou Ren 2, b and Qiu
More informationCryptanalysis Of Dynamic ID Based Remote User Authentication Scheme With Key Agreement
1 Cryptanalysis Of Dynamic ID Based Remote User Authentication Scheme With Key Agreement Sonam Devgan Kaul, Amit K. Awasthi School of Applied Sciences, Gautam Buddha University, Greater Noida, India sonamdevgan11@gmail.com,
More informationThe Storage Protection of Block Device in Android
International Symposium on Computers & Informatics (ISCI 2015) The Storage Protection of Block Device in Android Zhao-Wei Wang 1,2, Quan-Xin Zhang 1,2,a,*, Lei Long 1,2, Zi-Jing Cheng 3,b and Yu-An Tan
More informationDesign and Implementation of Inspection System for Lift Based on Android Platform Yan Zhang1, a, Yanping Hu2,b
2nd Workshop on Advanced Research and Technology in Industry Applications (WARTIA 2016) Design and Implementation of Inspection System for Lift Based on Android Platform Yan Zhang1, a, Yanping Hu2,b 1
More informationEXTERNALLY VERIFIABLE CODE EXECUTION
By ARVIND SESHADRI, MARK LUK, ADRIAN PERRIG, LEENDERT VAN DOORN, and PRADEEP KHOSLA EXTERNALLY VERIFIABLE CODE EXECUTION Using hardware- and software-based techniques to realize a primitive Cfor externally
More informationNetwork Security Issues and Cryptography
Network Security Issues and Cryptography PriyaTrivedi 1, Sanya Harneja 2 1 Information Technology, Maharishi Dayanand University Farrukhnagar, Gurgaon, Haryana, India 2 Information Technology, Maharishi
More informationUtilizing Restricted Direction Strategy and Binary Heap Technology to Optimize Dijkstra Algorithm in WebGIS
Key Engineering Materials Online: 2009-10-08 ISSN: 1662-9795, Vols. 419-420, pp 557-560 doi:10.4028/www.scientific.net/kem.419-420.557 2010 Trans Tech Publications, Switzerland Utilizing Restricted Direction
More informationRemote monitoring system based on C/S and B/S mixed mode Kaibing Song1, a, Yinsong Wang2,band Dandan Shang3,c
2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 2016) Remote monitoring system based on C/S and B/S mixed mode Kaibing Song1, a, Yinsong Wang2,band Dandan Shang3,c
More informationTowards High Assurance Networks of Virtual Machines
Towards High Assurance Networks of Virtual Machines Fabrizio Baiardi 1 Daniele Sgandurra 2 1 Polo G. Marconi - La Spezia, University of Pisa, Italy 2 Department of Computer Science, University of Pisa,
More informationProviding Security to the Architecture of Presence Servers
Providing Security to the Architecture of Presence Servers Vimitha R Vidhya Lakshmi PG Scholar TKM Institute of Technology Kollam, Kerala, India Anju J Assistant Professor TKM Institute of Technology Kollam,
More informationInkTag: Secure Applications on an Untrusted Operating System. Owen Hofmann, Sangman Kim, Alan Dunn, Mike Lee, Emmett Witchel UT Austin
InkTag: Secure lications on an Untrusted Operating System Owen Hofmann, Sangman Kim, Alan Dunn, Mike Lee, Emmett Witchel UT Austin You trust your... should you? The is the software root of trust on most
More informationInt. J. Advanced Networking and Applications Volume: 6 Issue: 3 Pages: (2014) ISSN :
2347 OpenFlow Security Threat Detection and Defense Services Wanqing You Department of Computer Science, Southern Polytechnic State University, Georgia Email: wyou@spsu.edu Kai Qian Department of Computer
More informationResearch on adaptive network theft Trojan detection model Ting Wu
International Conference on Advances in Mechanical Engineering and Industrial Informatics (AMEII 215) Research on adaptive network theft Trojan detection model Ting Wu Guangdong Teachers College of Foreign
More informationTUX : Trust Update on Linux Kernel
TUX : Trust Update on Linux Kernel Suhho Lee Mobile OS Lab, Dankook university suhho1993@gmail.com -- Hyunik Kim, and Seehwan Yoo {eternity13, seehwan.yoo}@dankook.ac.kr Index Intro Background Threat Model
More informationMEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY
MEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY FACT: COMPUTERS AND SERVERS ARE STILL AT RISK CONVENTIONAL TOOLS NO LONGER MEASURE UP Despite pouring
More informationA New Enhancement for Security Mechanism in Routers
Journal of Computer Science 4 (7): 565-570, 2008 ISSN 1549-3636 2008 Science Publications A New Enhancement for Security Mechanism in Routers 1 Khalid Khanfar, 2 Riyad Khanfar, 3 Walid Al-Ahmad and 4 Eyas
More informationThe Internet of Things for Petroleum Transportation
2017 2nd International Conference on Applied Mechanics and Mechatronics Engineering (AMME 2017) ISBN: 978-1-60595-521-6 The Internet of Things for Petroleum Transportation Hui-ran WANG 1 and Rui-fang MA
More informationResearch on the Simulation-based Fault Injection Design with Consideration of Board-level Built-In Test
A publication of CHEMICAL ENGINEERING TRANSACTIONS VOL. 33, 2013 Guest Editors: Enrico Zio, Piero Baraldi Copyright 2013, AIDIC Servizi S.r.l., ISBN 978-88-95608-24-2; ISSN 1974-9791 The Italian Association
More informationCloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks
CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks The material in these slides mainly comes from the paper CloudSky: A Controllable Data Self-Destruction System
More informationAdaptive Android Kernel Live Patching
USENIX Security Symposium 2017 Adaptive Android Kernel Live Patching Yue Chen 1, Yulong Zhang 2, Zhi Wang 1, Liangzhao Xia 2, Chenfu Bao 2, Tao Wei 2 Florida State University 1 Baidu X-Lab 2 Android Kernel
More informationResearch on WSN Secure Communication Method Based on Digital Watermark for the Monitoring of Electric Transmission Lines
DOI: 10.23977/acss.2019.31002 EISSN 2371-8838 Advances in Computer, Signals and Systems (2019) 3: 8-14 Clausius Scientific Press, Canada Research on WSN Secure Communication Method Based on Digital Watermark
More informationPoS(CENet2017)008. RELOCATE: A Container Based Moving Target Defense Approach. Speaker. Rui Huang1. Hongqi Zhang. Yi Liu.
RELOCATE: A Container Based Moving Target Defense Approach E-mail: xjhr1009@163.com Hongqi Zhang E-mail: zhq37922@126.com Yi Liu E-mail:liuyi9582@126.com Shie Zhou E-mail:942624127@qq.com In order to cope
More informationSTUDYING OF CLASSIFYING CHINESE SMS MESSAGES
STUDYING OF CLASSIFYING CHINESE SMS MESSAGES BASED ON BAYESIAN CLASSIFICATION 1 LI FENG, 2 LI JIGANG 1,2 Computer Science Department, DongHua University, Shanghai, China E-mail: 1 Lifeng@dhu.edu.cn, 2
More informationThe Research of Trusted Security Architecture of MANET Node Based on OPNET Zhen Zhang
International Conference on Advances in Mechanical Engineering and Industrial Informatics (AMEII 2015) The Research of Security Architecture of MANET Node Based on OPNET Zhen Zhang Department of Electronic
More informationVideo Inter-frame Forgery Identification Based on Optical Flow Consistency
Sensors & Transducers 24 by IFSA Publishing, S. L. http://www.sensorsportal.com Video Inter-frame Forgery Identification Based on Optical Flow Consistency Qi Wang, Zhaohong Li, Zhenzhen Zhang, Qinglong
More informationOn the security of a certificateless signature scheme in the standard model
On the security of a certificateless signature scheme in the standard model Lin Cheng, Qiaoyan Wen, Zhengping Jin, Hua Zhang State Key Laboratory of Networking and Switch Technology, Beijing University
More informationA Network Intrusion Detection System Architecture Based on Snort and. Computational Intelligence
2nd International Conference on Electronics, Network and Computer Engineering (ICENCE 206) A Network Intrusion Detection System Architecture Based on Snort and Computational Intelligence Tao Liu, a, Da
More informationACS / Computer Security And Privacy. Fall 2018 Mid-Term Review
ACS-3921-001/4921-001 Computer Security And Privacy Fall 2018 Mid-Term Review ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been adopted and/or modified
More informationDesign and Implementation of Secure OTP Generation for IoT Devices
, pp.75-80 http://dx.doi.org/10.14257/astl.2017.146.15 Design and Implementation of Secure OTP Generation for IoT Devices Young-Sae Kim 1 and Jeong-Nyeo Kim 1 1 Electronics and Telecommunications Research
More informationApplication of Face Recognition Technology in the Exam Identity Authentication System Li-jun YU 1,a,* and Ke-feng LI 2,b
2017 3rd International Conference on Social Science and Management (ICSSM 2017) ISBN: 978-1-60595-445-5 Application of Face Recognition Technology in the Exam Identity Authentication System Li-jun YU 1,a,*
More informationDesign of a Chinese Input Method on the Remote Controller Based on the Embedded System
Available online at www.sciencedirect.com Procedia Engineering 29 (2012) 3060 3064 2012 International Workshop on Information and Electronics Engineering (IWIEE) Design of a Chinese Input Method on the
More informationSession 3: Lawful Interception
Session 3: Lawful Interception Secure, verifiable and intelligible audit logs to support computer forensics in lawful interception 3 rd ETSI Security Workshop Elena de la Calle Vian Ministry of Industry
More informationSecuring Chord for ShadowWalker. Nandit Tiku Department of Computer Science University of Illinois at Urbana-Champaign
Securing Chord for ShadowWalker Nandit Tiku Department of Computer Science University of Illinois at Urbana-Champaign tiku1@illinois.edu ABSTRACT Peer to Peer anonymous communication promises to eliminate
More informationConstruction Scheme for Cloud Platform of NSFC Information System
, pp.200-204 http://dx.doi.org/10.14257/astl.2016.138.40 Construction Scheme for Cloud Platform of NSFC Information System Jianjun Li 1, Jin Wang 1, Yuhui Zheng 2 1 Information Center, National Natural
More informationresult, it is very important to design a simulation system for dynamic laser scanning
3rd International Conference on Multimedia Technology(ICMT 2013) Accurate and Fast Simulation of Laser Scanning Imaging Luyao Zhou 1 and Huimin Ma Abstract. In order to design a more accurate simulation
More informationAnalysis on computer network viruses and preventive measures
International Symposium on Computers & Informatics (ISCI 2015) Analysis on computer network viruses and preventive measures Yongbin ZHU Engineering College, Honghe University, Mengzi 661100, Yunnan, China
More informationA Secure Data Transmission Scheme in Wireless Sensor Networks
Sensors & Transducers 203 by IFSA http://www.sensorsportal.com A Secure Data Transmission Scheme in Wireless Sensor Networks,2 Mingxin YANG, 3 Jingsha HE, 4 Ruohong LIU College of Computer Science and
More informationTest Cases Generation from UML Activity Diagrams
Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing Test Cases Generation from UML Activity Diagrams Hyungchoul Kim, Sungwon
More informationSystem Approach for Single Keyword Search for Encrypted data files Guarantees in Public Infrastructure Clouds
System Approach for Single Keyword Search for Encrypted data files Guarantees in Public Infrastructure s B.Nandan 1, M.Haripriya 2, N.Tejaswi 3, N. Sai Kishore 4 Associate Professor, Department of CSE,
More informationCode Validation for Modern OS Kernels
Code Validation for Modern OS Kernels Thomas Kittel Technische Universität München Munich, Germany kittel@sec.in.tum.de Jonas Pfoh FireEye, Inc. Wilsdruffer Str. 27 Dresden, Germany jonas.pfoh@fireeye.com
More informationDynamic Data Placement Strategy in MapReduce-styled Data Processing Platform Hua-Ci WANG 1,a,*, Cai CHEN 2,b,*, Yi LIANG 3,c
2016 Joint International Conference on Service Science, Management and Engineering (SSME 2016) and International Conference on Information Science and Technology (IST 2016) ISBN: 978-1-60595-379-3 Dynamic
More informationDetection and Mitigation of Web Application Vulnerabilities Based on Security Testing *
Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing * Taeseung Lee 1, Giyoun Won 2, Seongje Cho 2, Namje Park 3, and Dongho Won 1,** 1 College of Information and Communication
More informationSecurity Policies and Procedures Principles and Practices
Security Policies and Procedures Principles and Practices by Sari Stern Greene Chapter 3: Information Security Framework Objectives Plan the protection of the confidentiality, integrity and availability
More informationTrusted DBMS Architecture. Trusted DBMS Architecture featuring Trusted OS
Trusted DBMS Architecture featuring Trusted OS KIM, Hyung Chan Security Research Group, New Wave Computing Lab. Dept. of Information and Communications, Gwangju Institue of Science and Technology (GIST)
More informationSQL Query Optimization on Cross Nodes for Distributed System
2016 International Conference on Power, Energy Engineering and Management (PEEM 2016) ISBN: 978-1-60595-324-3 SQL Query Optimization on Cross Nodes for Distributed System Feng ZHAO 1, Qiao SUN 1, Yan-bin
More informationMulti-hashing for Protecting Web Applications from SQL Injection Attacks
Multi-hashing for Protecting Web Applications from SQL Injection Attacks Yogesh Bansal, Jin H. Park* Computer Science, California State University, Fresno, CA 93740, U.S.A. * Corresponding author. Email:
More informationResearch on the Establishment and Analysis of Small Business Networks
2018 2nd International Conference on Systems, Computing, and Applications (SYSTCA 2018) Research on the Establishment and Analysis of Small Business Networks Guozhen Sang 1 School of Network Security and
More informationWireless Smart Home Security System Based on Android
2017 2 nd International Conference on Artificial Intelligence and Engineering Applications (AIEA 2017) ISBN: 978-1-60595-485-1 Wireless Smart Home Security System Based on Android LIANGYU CHEN, SEN ZHANG
More informationLog System Based on Software Testing System Design And Implementation
4th International Conference on Mechatronics, Materials, Chemistry and Computer Engineering (ICMMCCE 2015) Log System Based on Software Testing System Design And Implementation Yan Liu1, a, Dahai Jin1,
More informationPRIVACY PRESERVING RANKED MULTI KEYWORD SEARCH FOR MULTIPLE DATA OWNERS. SRM University, Kattankulathur, Chennai, IN.
Volume 115 No. 6 2017, 585-589 ISSN: 1311-8080 (printed version); ISSN: 1314-3395 (on-line version) url: http://www.ijpam.eu ijpam.eu PRIVACY PRESERVING RANKED MULTI KEYWORD SEARCH FOR MULTIPLE DATA OWNERS
More informationCV of Qixiang Ye. University of Chinese Academy of Sciences
2012-12-12 University of Chinese Academy of Sciences Qixiang Ye received B.S. and M.S. degrees in mechanical & electronic engineering from Harbin Institute of Technology (HIT) in 1999 and 2001 respectively,
More informationChongqing, China. *Corresponding author. Keywords: Wireless body area network, Privacy protection, Data aggregation.
2016 International Conference on Computer, Mechatronics and Electronic Engineering (CMEE 2016) ISBN: 978-1-60595-406-6 The Data Aggregation Privacy Protection Algorithm of Body Area Network Based on Data
More informationIdentifying Rootkit Infections Using a New Windows Hidden-driver-based Rootkit
Identifying Rootkit Infections Using a New Windows Hidden-driver-based Rootkit Woei-Jiunn Tsaur 1 and Lo-Yao Yeh 2 1 Department of Information Management, Da-Yeh University, Changhua, Taiwan 2 Network
More informationOn the Expansion of Access Bandwidth of Manufacturing Cloud Core Network
1288 JOURNAL OF SOFTWARE, VOL. 9, NO. 5, MAY 2014 On the Expansion of Access Bandwidth of Manufacturing Cloud Core Network Hongyao Ju Zhejiang Textile & Fashion College, NingBo 315211, P.R.China Email:
More informationS. Indirakumari, A. Thilagavathy
International Journal of Scientific Research in Computer Science, Engineering and Information Technology 2017 IJSRCSEIT Volume 2 Issue 2 ISSN : 2456-3307 A Secure Verifiable Storage Deduplication Scheme
More informationAn Efficient Virtual CPU Scheduling Algorithm for Xen Hypervisor in Virtualized Environment
An Efficient Virtual CPU Scheduling Algorithm for Xen Hypervisor in Virtualized Environment Chia-Ying Tseng 1 and Po-Chun Huang 2 Department of Computer Science and Engineering, Tatung University #40,
More informationStudy on Jabber Be Applied to Video Diagnosis for Plant Diseases and Insect Pests
Study on Jabber Be Applied to Video Diagnosis for Plant Diseases and Insect Pests Wei Zhang *, JunFeng Zhang, Feng Yu, JiChun Zhao, and RuPeng Luan Agriculture and Forestry Academy of Beijing; Beijing
More informationTechnology White Paper of SQL Injection Attacks and Prevention
Technology White Paper of SQL Injection Attacks and Prevention Keywords: SQL injection, SQL statement, feature identification Abstract: SQL injection attacks are common attacks that exploit database vulnerabilities.
More informationResearch on Heterogeneous Communication Network for Power Distribution Automation
3rd International Conference on Material, Mechanical and Manufacturing Engineering (IC3ME 2015) Research on Heterogeneous Communication Network for Power Distribution Automation Qiang YU 1,a*, Hui HUANG
More informationAUTHENTICATION AND LOOKUP FOR NETWORK SERVICES
Vol.5, No.1, pp. 81-90, 2014 doi: 10.7903/ijecs.1040 AUTHENTICATION AND LOOKUP FOR NETWORK SERVICES Daniel J. Buehrer National Chung Cheng University 168 University Rd., Min-Hsiung Township, Chiayi County,
More informationResearch on Safety Mobile Terminal and Judging Credibility Method Based on Call Tracking
Research on Safety Mobile Terminal and Judging Credibility Method Based on Call Tracking 1 Safety Training Department, North China Institute of Science and Technology Langfang, 065201, China E-mail: jtcembx@sina.com
More informationThe Study of APT Attack Stage Model
The Study of APT Attack Stage Model Meicong Li, Wei Huang, Yongbin Wang, Wenqing Fan, Jianfang Li School of Computer Science Communication University of China Beijing, China Leemeicong@163.com Abstract
More informationThe Design of CAN Bus Communication System Based on MCP2515 and S3C2440 Jinmei Liu, Junhong Wang, Donghui Sun
Advanced Materials Research Online: 2014-05-21 ISSN: 1662-8985, Vol. 933, pp 516-520 doi:10.4028/www.scientific.net/amr.933.516 2014 Trans Tech Publications, Switzerland The Design of CAN Bus Communication
More information