index - Information Security and Privacy Research

Table of Contents
Information Security and Privacy Research *Dimitris Gritzalis, Steven Furnell, Marianthi Theoharidou (Eds.)*	Front Matter
Attacks and Malicious Code
Relay Attacks on Secure Element-Enabled Mobile Devices *Michael Roland, Josef Langer, Josef Scharinger*	1-12
Would You Mind Forking This Process? A Denial of Service Attack on Android (and Some Countermeasures) *Alessandro Armando, Alessio Merlo, Mauro Migliardi, Luca Verderame*	13-24
An Approach to Detecting Inter-Session Data Flow Induced by Object Pooling *Bernhard Berger, Karsten Sohr*	25-36
Embedded Eavesdropping on Java Card *Guillaume Barbu, Christophe Giraud, Vincent Guerin*	37-48
Security Architectures
Authenticated Key Exchange (AKE) in Delay Tolerant Networks *Sofia Menesidou, Vasilios Katos*	49-60
OFELIA – A Secure Mobile Attribute Aggregation Infrastructure for User-Centric Identity Management *Alexandre Augusto, Manuel Correia*	61-74
Smart OpenID: A Smart Card Based OpenID Protocol *Andreas Leicher, Andreas Schmidt, Yogendra Shah*	75-86
Peer to Peer Botnet Detection Based on Flow Intervals *David Zhao, Issa Traore, Ali Ghorbani, Bassam Sayed, Sherif Saad, Wei Lu*	87-102
System Security
Towards a Universal Data Provenance Framework Using Dynamic Instrumentation *Eleni Gessiou, Vasilis Pappas, Elias Athanasopoulos, Angelos Keromytis, Sotiris Ioannidis*	103-114
Improving Flask Implementation Using Hardware Assisted In-VM Isolation *Baozeng Ding, Fufeng Yao, Yanjun Wu, Yeping He*	115-125
HyperForce: Hypervisor-enForced Execution of Security-Critical Code *Francesco Gadaleta, Nick Nikiforakis, Jan Mühlberg, Wouter Joosen*	126-137
RandHyp: Preventing Attacks via Xen Hypercall Interface *Feifei Wang, Ping Chen, Bing Mao, Li Xie*	138-149
Access Control
Role Mining under Role-Usage Cardinality Constraint *John John, Shamik Sural, Vijayalakshmi Atluri, Jaideep Vaidya*	150-161
HIDE_DHCP: Covert Communications through Network Configuration Messages *Ruben Rios, Jose Onieva, Javier Lopez*	162-173
Handling Stateful Firewall Anomalies *Frédéric Cuppens, Nora Cuppens-Boulahia, Joaquin Garcia Alfaro, Tarik Moataz, Xavier Rimasson*	174-186
A Framework for Threat Assessment in Access Control Systems *Hemanth Khambhammettu, Sofiene Boulares, Kamel Adi, Luigi Logrippo*	187-198
Database Security
Support for Write Privileges on Outsourced Data *Sabrina Capitani Di Vimercati, Sara Foresti, Sushil Jajodia, Stefano Paraboschi, Pierangela Samarati*	199-210
Malicious Users’ Transactions: Tackling Insider Threat *Weihan Li, Brajendra Panda, Qussai Yaseen*	211-222
Privacy Attitudes and Properties
Privacy-Preserving Television Audience Measurement Using Smart TVs *George Drosatos, Aimilia Tasidou, Pavlos Efraimidis*	223-234
Tracking Users on the Internet with Behavioral Patterns: Evaluation of Its Practical Feasibility *Christian Banse, Dominik Herrmann, Hannes Federrath*	235-248
Smartphone Forensics: A Proactive Investigation Scheme for Evidence Acquisition *Alexios Mylonas, Vasilis Meletiadis, Bill Tsoumas, Lilian Mitrou, Dimitris Gritzalis*	249-260
Social Networks and Social Engineering
Modeling Social Engineering Botnet Dynamics across Multiple Social Networks *Shuhao Li, Xiaochun Yun, Zhiyu Hao, Yongzheng Zhang, Xiang Cui, Yipeng Wang*	261-272
Layered Analysis of Security Ceremonies *Giampaolo Bella, Lizzie Coles-Kemp*	273-286
Applied Cryptography, Anonymity and Trust
A Small Depth-16 Circuit for the AES S-Box *Joan Boyar, René Peralta*	287-298
Formal Verification of the mERA-Based eServices with Trusted Third Party Protocol *Maria Christofi, Aline Gouget*	299-314
Usable Security
My Authentication Album: Adaptive Images-Based Login Mechanism *Amir Herzberg, Ronen Margulies*	315-326
Balancing Security and Usability of Local Security Mechanisms for Mobile Devices *Shuzhe Yang, Gökhan Bal*	327-338
Analyzing Value Conflicts for a Work-Friendly ISS Policy Implementation *Ella Kolkowska, Bart Decker*	339-351
When Convenience Trumps Security: Defining Objectives for Security and Usability of Systems *Gurpreet Dhillon, Tiago Oliveira, Santa Susarapu, Mário Caldeira*	352-363
Security and Trust Models
Security-by-Contract for the OSGi Platform *Olga Gadyatskaya, Fabio Massacci, Anton Philippov*	364-375
Cyber Weather Forecasting: Forecasting Unknown Internet Worms Using Randomness Analysis *Hyundo Park, Sung-Oh Jung, Heejo Lee, Hoh In*	376-387
Incentive Compatible Moving Target Defense against VM-Colocation Attacks in Clouds *Yulong Zhang, Min Li, Kun Bai, Meng Yu, Wanyu Zang*	388-399
Give Rookies A Chance: A Trust-Based Institutional Online Supplier Recommendation Framework *Han Jiao, Jixue Liu, Jiuyong Li, Chengfei Liu*	400-411
Security Economics
A Game-Theoretic Formulation of Security Investment Decisions under Ex-ante Regulation *Giuseppe D’acquisto, Marta Flamini, Maurizio Naldi*	412-423
Optimizing Network Patching Policy Decisions *Yolanta Beres, Jonathan Griffin*	424-442
A Risk Assessment Method for Smartphones *Marianthi Theoharidou, Alexios Mylonas, Dimitris Gritzalis*	443-456
Empirical Benefits of Training to Phishing Susceptibility *Ronald Dodge, Kathryn Coronges, Ericka Rovira*	457-464
Authentication and Delegation
Multi-modal Behavioural Biometric Authentication for Mobile Devices *Hataichanok Saevanee, Nathan Clarke, Steven Furnell*	465-474
Analysis and Modeling of False Synchronizations in 3G-WLAN Integrated Networks *Christoforos Ntantogian, Christos Xenakis, Ioannis Stavrakakis*	475-488
Password Protected Smart Card and Memory Stick Authentication against Off-Line Dictionary Attacks *Yongge Wang*	489-500
Distributed Path Authentication for Dynamic RFID-Enabled Supply Chains *Shaoying Cai, Yingjiu Li, Yunlei Zhao*	501-512
Enhanced Dictionary Based Rainbow Table *Vrizlynn Thing, Hwei-Ming Ying*	513-524
Short Papers
Authorization Policies for Materialized Views *Sarah Nait Bahloul, Emmanuel Coquery, Mohand-Said Hacid*	525-530
Enhancing the Security of On-line Transactions with CAPTCHA Keyboard *Yongdong Wu, Zhigang Zhao*	531-536
Fighting Pollution Attack in Peer-to-Peer Streaming Networks: A Trust Management Approach *Xin Kang, Yongdong Wu*	537-542
A Framework for Anonymizing GSM Calls over a Smartphone VoIP Network *Ioannis Psaroudakis, Vasilios Katos, Pavlos Efraimidis*	543-548
A Browser-Based Distributed System for the Detection of HTTPS Stripping Attacks against Web Pages *Marco Prandini, Marco Ramilli*	549-554
Privacy-Preserving Mechanisms for Organizing Tasks in a Pervasive eHealth System *Milica Milutinovic, Vincent Naessens, Bart Decker*	555-560
Web Services Security Assessment: An Authentication-Focused Approach *Yannis Soupionis, Miltiadis Kandias*	561-566
Open Issues and Proposals in the IT Security Management of Commercial Ports: The S-PORT National Case *Nineta Polemi, Theodoros Ntouskas*	567-572
A Response Strategy Model for Intrusion Response Systems *Nor Anuar, Maria Papadaki, Steven Furnell, Nathan Clarke*	573-578
Intrusion Tolerance of Stealth DoS Attacks to Web Services *Massimo Ficco, Massimiliano Rak*	579-584
Towards Use-Based Usage Control *Christos Grompanopoulos, Ioannis Mavridis*	585-590

Full Text Documents

53

Search

Links

Attacks and Malicious Code

Security Architectures

System Security

Access Control

Database Security

Privacy Attitudes and Properties

Social Networks and Social Engineering

Applied Cryptography, Anonymity and Trust

Usable Security

Security and Trust Models

Security Economics

Authentication and Delegation

Short Papers

Designed by Inria-IES Team : Hosted by HAL :