وبلاگ بلیان

Information Security Applications: 20th International Conference, WISA 2019, Jeju Island, South Korea, August 21–24, 2019, Revised Selected Papers (Security and Cryptology Book 11897)

معرفی کتاب «Information Security Applications: 20th International Conference, WISA 2019, Jeju Island, South Korea, August 21–24, 2019, Revised Selected Papers (Security and Cryptology Book 11897)» نوشتهٔ Ilsun You (editor)، منتشرشده توسط نشر Springer International Publishing : Imprint: Springer در سال 1189. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

This book constitutes the thoroughly refereed post-conference proceedings of the 20th International Conference on Information Security Applications, WISA 2019, held on Jeju Island, South Korea, in August 2019. The 29 revised full papers presented in this volume were carefully reviewed and selected from 63 submissions. The primary focus of WISA 2019 was on systems and network security including all other technical and practical aspects of security application in general. The papers are grouped in the following topical sections: Application and Game Security; Network Security and Blockchain; Cryptography; Security with AI and Machine Learning; IoT Security; Hardware Security; and Selected Security Issues. Preface Organization Contents Application and Game Security Show Me Your Account: Detecting MMORPG Game Bot Leveraging Financial Analysis with LSTM 1 Introduction 2 Literature Review 3 Proposed Methodology 3.1 Data Collection 3.2 Feature Engineering 3.3 Modeling 4 Experiment Result 5 Discussion 6 Conclusion References Turn On the Lights: User Behavior in Game Environment Using CPTED Abstract 1 Introduction 2 Background 2.1 Risk Management for the Security Domain 2.2 Factor Analysis of Information Risk (FAIR) Model 2.3 CPTED (Crime Prevention Through Environmental Design) 3 Related Works 3.1 User Behavior in Online Gaming 3.2 Environmental Design for Security 3.3 Shooting Performance and Contagious Fire 4 Proposal Method 5 Result and Discussion 6 Conclusion References QR Code Watermarking for Digital Images 1 Introduction 2 Background and Related Work 2.1 The QR Code 2.2 Discrete Wavelet Transform (DWT) 2.3 Arnold Transform 2.4 Related Work 3 QR Code Watermarking 3.1 Embedding Process 3.2 Extraction Process 4 Results and Discussion 4.1 Imperceptibility and Capacity 4.2 Robustness and Security 5 Conclusion References Network Security and Blockchain FSF: Code Coverage-Driven Fuzzing for Software-Defined Networking 1 Introduction 2 Background and Motivation 3 Threat Model 4 Design 4.1 Overview 4.2 Collecting Seed Messages 4.3 Coverage-Driven SDN Fuzzing 4.4 Bug Oracle 5 Evaluation 5.1 Operation Significance 5.2 Coverage Improvement 5.3 Bugs Found 6 Discussion 7 Related Work References DroPPPP: A P4 Approach to Mitigating DoS Attacks in SDN 1 Introduction 2 Related Work 3 Proposed Approach 3.1 Spoof Detection 3.2 Volumetric Attack Detection 4 Evaluation 4.1 Experiment Setups 4.2 Results 5 Conclusion References A Secure and Self-tallying E-voting System Based on Blockchain 1 Introduction 2 Preliminary 2.1 Zero Knowledge Proof 2.2 Decision Diffie-Hellman Assumption 2.3 Blockchain and Bitcoin Puzzle 3 Our Proposed Scheme 3.1 Main Steps 3.2 Generating Non-interactive Zero Knowledge Proof 4 Analysis 4.1 Analysis of Generating Voting Parameters 4.2 Security Features of Our Voting System 4.3 Multiple Candidates 5 Conclusions and Future Work References Cryptography An Extended CTRT for AES-256 1 Introduction 1.1 Motivation and Our Contributions 2 Preliminaries 2.1 Block Cipher 2.2 Syntax of AONT 2.3 Security Definition for AONT 3 An Extended CTRT (XCTRT) 4 Security Proof for XCTRT 5 Discussion 5.1 An Upper Bound on Input Message Length 5.2 A Comparison of CTRT and XCTRT 6 Implementation and Performance Evaluation References A Blind Ring Signature Based on the Short Integer Solution Problem 1 Introduction 2 Preliminaries 3 Blind Ring Signature Schemes 4 Our Blind Ring Signature Scheme 5 Correctness and Security Analysis of BRS 5.1 Correctness 5.2 Anonymity 5.3 Blindness 5.4 One-More Unforgeability 6 Parameter Setting 7 Conclusions and Future Works References A Note on the Invisibility and Anonymity of Undeniable Signature Schemes 1 Introduction 1.1 Our Contributions 1.2 Organisation of the Paper 2 Preliminaries 2.1 Bilinear Pairings ch9Mappingboneh2001identity 2.2 Undeniable Signature Scheme 2.3 Convertible Undeniable Signature Scheme 2.4 Designated Confirmer Signature Scheme 2.5 The Notions of Invisibility and Anonymity 3 Revisiting the Cryptanalysis on Some Undeniable Signature Schemes 3.1 Identity-Based Convertible Undeniable Signature Scheme of Wu et al. 3.2 Undeniable Signature Scheme of Kurosawa and Takagi 3.3 Convertible Undeniable Signature Scheme of Huang and Wong 3.4 Designated Confirmer Signature Scheme of Huang et al. 3.5 Invisibility of the Above Schemes 4 Discussion 4.1 What Is Lacking in the Above Schemes? 4.2 How to Improve These Schemes? 5 Conclusion References Zero-Knowledge Proof System for Fully Anonymous Attribute Based Group Signatures from Lattices with VLR 1 Introduction 2 Preliminary 2.1 Notation 2.2 Discrete Gaussian Distribution 2.3 Lattices, Hardness of Lattices, and Lattice Related Algorithms 2.4 Attribute Based Group Signature Schemes 2.5 Full-Anonymity 3 Zero-Knowledge Argument of Knowledge Proof System 3.1 Techniques 3.2 Underlying Interactive Protocol 3.3 Analysis of the Protocol 4 Proposed Attribute-Based VLR Group Signature Scheme 5 Security Analysis of the Proposed Scheme 6 Conclusion References Reversible Data Hiding in Homomorphic Encrypted Images Without Preprocessing 1 Introduction 2 A Reversible Data Hiding Method Compatible with Homomorphic Processing 2.1 Value Expansion Algorithm 2.2 Self-blinding Algorithm 2.3 Adopting the Two Algorithms 2.4 Procedure of the Proposed Method 3 Experimental Results 3.1 Data Extraction in Different Scenarios 3.2 Embedding Capacity 3.3 Compatibility with Homomorphic Processing 3.4 Security Analysis 4 Conclusion References Model Selection for Data Analysis in Encrypted Domain: Application to Simple Linear Regression 1 Introduction 2 Background 2.1 Homomorphic Encryption 2.2 TFHE Library 2.3 Model Selection 2.4 Inverse of a Matrix by Gauss-Jordan Elimination 3 Methods 3.1 Matrix Inverse with TFHE 3.2 Model Selection with TFHE 4 Implementation 4.1 Toy Dataset 4.2 Real World Dataset 5 Conclusion References Timed-Release Encryption with Master Time Bound Key 1 Introduction 2 Preliminaries 3 Primitives of Timed-Release Encryption with Master Time Bound Key 4 Construction with Master Time Bound Key 4.1 Security Analysis 4.2 Decryption with Master Time Bound Key 4.3 Discussion 5 Conclusion References Secret Sharing on Evolving Multi-level Access Structure 1 Introduction 1.1 Background and Motivation 1.2 Related Works 1.3 Our Contribution 1.4 Comparison with Existing Results 2 Preliminaries 2.1 Secret Sharing Scheme 2.2 Evolving Secret Sharing ch14Komargodskispsetalsps2016 3 Evolving Compartmental Access Structure 4 Evolving Hierarchical Access Structure 5 Conclusion References Strengthened PAKE Protocols Secure Against Malicious Private Key Generator 1 Introduction 1.1 Motivation and Our Contributions 2 Preliminaries 2.1 Notations 2.2 Computational Assumptions 2.3 An Identity-Based Encryption Scheme 2.4 Boneh-Franklin IBE (BF-IBE) 3 The iPAKE Protocol 3.1 Initialization 3.2 Key Establishment 4 Passive/Active Attacks on iPAKE 4.1 A Passive Attack on iPAKE 4.2 An Active Attack on iPAKE 5 A Strengthened PAKE (SPI) Protocol 5.1 Initialization 5.2 Key Establishment 6 A Strengthened PAKE (SPI-S) Protocol for Simultaneous Message Exchanges 6.1 Initialization 6.2 Key Establishment 7 Security of SPI and SPI-S 7.1 Security of SPI 7.2 Security of SPI-S 8 Comparison References Efficient Decentralized Random Commitment Key Generation for Mixnet Shuffle Proof 1 Introduction 1.1 Motivation 1.2 Our Contribution 2 Preliminaries 2.1 Commitment 2.2 Known Exponents Attacks on Commitment Keys ch16TEA19 3 Proposed Technique 3.1 Overview 3.2 Randomizing a Generator 3.3 Random Generation over Commitment Keys 4 Implementation 5 Related Work 5.1 E-voting Requirements 5.2 Cryptographic Primitives for E-voting 5.3 Examples of e-voting System in Practice 6 Conculsion References Security With AI and Machine Learning Catching the Phish: Detecting Phishing Attacks Using Recurrent Neural Networks (RNNs) 1 Introduction 2 Current Landscape on Mitigation Techniques to Phishing 3 Methodology 3.1 Feature Identification 3.2 Deep Learning 3.3 Precision/Accuracy Trade-Off 4 Design and Implementation 4.1 Preprocessing for the RNN Classifier 4.2 Tokenising the Text 4.3 Recurrent Neural Network Classifier 4.4 Input Sequence Preprocessing 4.5 Cutout Pruning 5 Evaluation 5.1 Training 5.2 Evaluation Metrics 6 Conclusion References CAPTCHA Image Generation Using Style Transfer Learning in Deep Neural Network 1 Introduction 2 Related Works 2.1 A Review of CAPTCHA Based on Text 2.2 A Review of CNN Model 2.3 A Review of Image Style Transfer Method 3 Proposed Method 4 Experiment and Evaluation 4.1 Experimental Method 4.2 Experimental Results 5 Discussion 6 Conclusion References A New Password Cracking Model with Generative Adversarial Networks 1 Introduction 2 Related Studies 3 Proposed Model 4 Experiments 5 Evaluation 6 Conclusions References Is It Possible to Hide My Key into Deep Neural Network? 1 Introduction 1.1 Our Contributions 1.2 Organization of the Paper 2 Related Research 2.1 Preliminary Concepts 3 DNN-Based Key Hiding Scheme 3.1 Proposed Methodology 3.2 Instantiation 4 Analysis 4.1 Correctness 4.2 Robustness 5 Open Issues 6 Conclusion References IoT Security RC PUF: A Low-Cost and an Easy-to-Design PUF for Resource-Constrained IoT Devices Abstract 1 Introduction 2 RC PUF Design 2.1 RC PUF Architecture 2.2 RC PUF Simulation 2.3 RC PUF Implementation 3 Experimental Results 3.1 Uniqueness, Reliability and Uniformity 3.2 Stability Against Voltage and Temperature Variations 4 Conclusion Acknowledgement References On the Automation of Security Testing for IoT Constrained Scenarios 1 Introduction 2 Security Testing 3 Transport and Application Layer Security in IoT 4 EDHOC 5 Testing EDHOC Security 5.1 Identifying the Tests 5.2 Designing the Model and Operations 5.3 Describing the Test Purposes 5.4 Generating and Executing the Tests 6 Conclusions References Cyber Deception in the Internet of Battlefield Things: Techniques, Instances, and Assessments 1 Introduction 2 Preliminaries and Settings 2.1 IoT in the Battlefield 2.2 Threat Towards IoBT 2.3 n-gram Overview 2.4 Cyber Deception: Key Idea and Objectives 3 Methodology 3.1 Efficient Learning with n-gram 3.2 Cyber Deception in IoBT: Instantiations 4 Evaluation 4.1 Dataset 4.2 n-gram with Random Walk Strategy 4.3 The Application of the n-gram Approach 4.4 Cyber Deception 5 Related Work 6 Conclusion References Hardware Security Ring-LWE on 8-Bit AVR Embedded Processor 1 Introduction 2 Background 2.1 Ring-LWE Encryption Scheme 2.2 Number Theoretic Transform 2.3 Previous Implementations of NTT 3 Proposed Methods 4 Performance Evaluation 4.1 Experimental Platform 4.2 Comparison of Modular Multiplication and NTT 4.3 Comparison of Ring-LWE 5 Conclusion References Low-Noise LLC Side-Channel Attack with Perf 1 Introduction 2 Background 2.1 Cache Architecture 2.2 Cache Side-Channel Attacks 2.3 Cause of Noise on Existing Cache Side-Channel Attacks 2.4 Perf in Linux for Performance Counters 3 Cache Side-Channel Attack with Perf 4 Evaluation 4.1 Experiment Setup 4.2 Attack Scenario 4.3 Effectiveness Comparison of Attacks on AES T-Table 4.4 Bypass Timer Defence 4.5 Accuracy of Classifying Cache Hit/Miss 5 Related Work 5.1 Use Performance Counter in Defences and Attacks 5.2 Reduce Noise in Cache Side-Channel Attacks 6 Conclusion References Optimized SIKE Round 2 on 64-bit ARM 1 Introduction 2 Background 2.1 SIDH Key Exchange 2.2 SIKE Mechanism 3 Target Architecture 4 Optimized Field Arithmetic Implementation 4.1 Finite Field Addition and Subtraction 4.2 Multiplication 4.3 Reduction 5 Performance Result 6 Conclusion References Selected Security Issues Shedding Light on Dark Korea: An In-Depth Analysis and Profiling of the Dark Web in Korea 1 Introduction 2 Related Work 3 Dark Web Data Crawling and Validation 3.1 Design of Dark Web Crawling System 3.2 Dark Web Data Crawling 3.3 Performance of Dark Web Crawling System 4 Dark Web Data Analysis 4.1 Structure Analysis of Dark Web Sites 4.2 Classification of Dark Web Sites 5 Profiling of Korean Dark Web Sites 5.1 Chronological Analysis of Criminal Activity 5.2 Personal Information Leakage 5.3 Finding Sybil Identities 6 Conclusion References An SGX-Based Key Management Framework for Data Centric Networking 1 Introduction 2 Intel SGX 3 Networking Models and Design Goals 3.1 Data-Centric Networking Platforms and Its Key Management 3.2 Design Goals 4 The Proposed Key Management Framework 4.1 Public Key Management 4.2 Symmetric Key Generation 4.3 Key Delivery to Key Server 4.4 Key Delivery to Reader 5 Analysis 6 Experiments 7 Related Work 8 Conclusions References Author Index
دانلود کتاب Information Security Applications: 20th International Conference, WISA 2019, Jeju Island, South Korea, August 21–24, 2019, Revised Selected Papers (Security and Cryptology Book 11897)