This book constitutes the refereed proceedings of the 5th International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2010, held in St. Petersburg, Russia in September 2010. The 16 revised full papers and 6 revised short papers presented together with 5 invited papers were carefully reviewed and selected from a total of 54 submissions. The papers are organized in topical sections on security modeling and covert channels, security policies and formal analysis of security properties, authentication, authorization, access control and public key cryptography, intrusion and malware detection, security of multi-agent systems and software protection, as well as. adaptive security, security analysis and virtualization.
Author(s): Igor Kotenko, Victor Skormin
Edition: 1st Edition.
Year: 2010
Language: English
Pages: 358
Lecture Notes in Computer Science 6258......Page 1
Computer Network Security: 5th International Conference on Mathematical Methods, Models and Architectures for Computer Network Security, MMM-ACNS 2010 / St. Petersburg, Russia, September 8-10, 2010 / Proceedings......Page 2
Preface......Page 4
Organization......Page 5
Table of Contents......Page 9
Introduction......Page 12
Existing Dependency Models......Page 13
Requirements for Dependency Modeling......Page 14
Simple Service Model......Page 15
The Privileges Extension......Page 16
Privilege Sharing: Credential and Trust......Page 17
Introduction to AADL......Page 18
Specification of Dependencies in AADL......Page 19
Dependencies Properties......Page 20
Dependencies Modes......Page 21
Dependencies Impacts......Page 23
Dependency Model Framework and Implementation......Page 24
Modeling Policy Enforcement Points......Page 25
Using Dependencies Models for Attack Impact Propagation......Page 26
Modeling Attacks in the Framework......Page 28
Conclusion......Page 29
References......Page 30
Introduction......Page 32
Software Security......Page 33
Code Injection Attacks......Page 34
Cross-Site Scripting and Cross-Site Request Forgery......Page 35
DNS Rebinding......Page 36
Secure Sessions......Page 37
Man-in-the-Middle Attacks......Page 38
Conclusion......Page 40
References......Page 42
Overview......Page 43
Refinement Types......Page 44
Ynot......Page 45
References......Page 46
Introduction......Page 47
Block Ciphers......Page 48
Stream Ciphers......Page 50
Message Authentication Codes (MACs)......Page 51
Hash Functions......Page 52
Public Key Algorithms......Page 55
RSA......Page 56
Conclusions......Page 58
References......Page 59
Introduction......Page 66
Background......Page 69
Inter-group Relationship Semantics in g-SIS$^c$......Page 71
Configuring LBAC Policies in g-SIS$^c$......Page 72
Configuring Domain and Type Enforcement in g-SIS$^c$......Page 74
Configuring RBAC Policies in g-SIS$^c$......Page 76
References......Page 78
Introduction......Page 81
The Advanced Encryption Standard (AES)......Page 83
Cache-Based Side Channel......Page 84
Model for Side Channel Leakage Prediction......Page 85
Access Detection ($P(D)$)......Page 86
Estimating Critical Accesses Given Detection ($P(C|D)$)......Page 87
Model Formalization......Page 88
Results and Evaluation......Page 90
Related Work......Page 94
References......Page 95
State of the Art......Page 97
Foundations......Page 98
Diverse and Efficient Quantifications: Principles and Use-Case......Page 102
Integrating Defensive Aspects: Detection and Reaction......Page 105
Extending the Theoretical Framework......Page 106
On-Going and Future Work......Page 110
References......Page 111
Introduction......Page 113
QoS Throttling (QoS-T) Model......Page 115
Types of Users......Page 116
QoS-T Model 1: Exponential Back-Off......Page 118
QoS-T Model 2: Game Theoretic Approach......Page 119
Threat Scenario......Page 120
Threat Model: Multiple Untrusted Applications Execution......Page 121
Conclusion and Future Work......Page 123
References......Page 124
Introduction......Page 129
Preliminary Discussion......Page 130
Asymptotical Case......Page 132
Conclusion......Page 134
References......Page 135
Introduction......Page 136
Elements of Policy and Concepts of Operation......Page 137
Syntax......Page 138
Inference Rules......Page 139
Confidentiality and Integrity Policies......Page 140
Expressing Policy Elements in the Logic......Page 142
Scenario Description......Page 143
An Example CONOPS......Page 144
Trust Establishment......Page 147
Related Work......Page 148
References......Page 149
Introduction......Page 150
Related Work......Page 152
Preliminaries......Page 153
Monitoring with Equivalence Relations......Page 154
Corrective Enforcement......Page 156
Factor Equivalence......Page 159
Prefix Equivalence......Page 161
Nonuniform Enforcement......Page 162
Conclusion and Future Work......Page 164
References......Page 165
Introduction......Page 166
Formal Languages and Methods for Specification and Verification of Policies......Page 167
Formal Model for Security Policy......Page 168
Formal Specification of Mobile Processes......Page 169
Formalization of Location and Mobility Related Actions in Authorization Term......Page 170
Model Checking of Security Policy Specifications in Ambient Calculus Model Checker......Page 171
Ambient Topology and Spatial Formula Graphs......Page 172
Checking Spatial Modalities......Page 174
Generation of Kripke Structure......Page 175
Example for Spatial Model Checking Algorithm......Page 176
Space Complexity......Page 177
References......Page 178
Introduction......Page 180
Credentials Registration......Page 181
Partner Key Practice Statement......Page 182
Revocation......Page 183
Syntax......Page 184
Inference Rules......Page 185
Expressing Statements and the PKPS in Logic......Page 186
An Extended Example......Page 188
First Bank......Page 189
Second Bank......Page 190
Analysis......Page 191
Conclusion......Page 192
References......Page 193
New Hard Problem and Its Cryptographic Applications......Page 194
On Selection of the Elements from Commutative Subgroups......Page 196
Non-commutative Finite Rings of Four-Dimension Vectors......Page 197
Homomorphism of the Vector Group......Page 200
Complexity of the Private-Key Computation in a Particular Case......Page 201
Experiments and Numerical Illustrations......Page 202
Finite Matrices Groups......Page 203
Conclusion......Page 204
References......Page 205
Introduction and Related Work......Page 206
The Language RT$^T$......Page 207
The Semantics......Page 208
An Example......Page 209
Credential Graph......Page 211
Soundness and Completeness......Page 212
Credential Chain......Page 215
An Example......Page 217
Conclusions......Page 218
References......Page 219
Introduction......Page 220
Distribution of Information Resources and Users on Network Nodes......Page 221
Formal Statement of the Problem......Page 222
Method of Solving the Problem......Page 224
Evaluation of the Method......Page 225
Conclusion......Page 226
References......Page 227
Introduction......Page 228
Formal Model of Attack Detection......Page 229
Sequences Alignment Algorithms......Page 230
Smith-Waterman Algorithm......Page 231
Needleman-Wunsch Algorithm......Page 232
Detection of Attack Mutations......Page 233
Anomaly Detection......Page 234
Detection of Attack Mutation......Page 235
Detection of Attack Mutations......Page 236
The Related Works......Page 238
References......Page 239
Introduction......Page 240
Related Work......Page 241
Bot Detection Methodology......Page 242
Symptoms of Bot Processes......Page 244
Experiment and Results......Page 246
References......Page 251
Introduction......Page 253
Existing Approaches......Page 256
A New Generic-Feature-Selection Measure......Page 259
Experimental Setting......Page 263
Conclusions......Page 265
References......Page 266
Introduction......Page 267
Related Work......Page 268
Machine Learning (ML)......Page 270
Lexical Parser/Emulator/Disassembler......Page 271
POS/POC Filtering......Page 272
Creation of the Associative/Semantic Network......Page 273
Analysis of Activation Patterns......Page 274
The Real World – Example......Page 275
Metasploit Data......Page 276
Semantic Search......Page 277
Conclusions and Outlook......Page 279
References......Page 280
Introduction......Page 281
Motivation......Page 282
Security Assumptions and Bootstrapping......Page 283
SePP Security Concept......Page 284
Security Levels......Page 285
JADE Messaging......Page 287
Secure Multi-Agent System......Page 288
A Message Sending Sequence......Page 289
Analysis of the SePP-Jade Solution......Page 290
Performance Evaluation......Page 291
Related Work......Page 292
References......Page 293
Introduction......Page 295
State of the Art......Page 296
The Trusted Computing Technology in the Agent Protection......Page 297
Our Final Result: The Secure Migration Library (SecMiLiA)......Page 298
The Set of Minimum Requirements of Our Library......Page 299
Verification of Secure Migration Protocol with AVISPA......Page 300
Design and Deployment of the Library......Page 302
SecureAgentMobility Service......Page 303
SecureInterPlatformMobility Service......Page 305
Application of Secure Agents to Clouds Computing......Page 306
Conclusions and Future Research......Page 307
References......Page 308
Introduction......Page 309
Tamper Resistance Methods and Remote Entrusting Principles......Page 310
Problem of Trade-Off between Security and Performance......Page 311
Problem Statements......Page 312
Empirical Study......Page 314
Conclusion......Page 316
References......Page 317
Introduction......Page 318
Outline......Page 319
Survivable Routing of IP-MPLS Demands in the IP-MPLS/WDM Network......Page 320
Modeling Assumptions......Page 324
Average Path Lengths and Numbers of Links of Connection Paths......Page 326
Service Recovery Actions......Page 328
Ratio of Solution Quality Improvement......Page 329
Conclusions......Page 330
References......Page 331
Introduction......Page 332
Related Work......Page 333
Blueprint of Architecture for Security Event Processing and Predictive Security Monitoring......Page 334
Process Model......Page 336
Operational Model for Security Event Prediction......Page 337
Conclusions and Further Work......Page 338
References......Page 339
Related Works......Page 340
Problem Definition......Page 341
The Computing System Model. Integrated Security Condition......Page 342
Virtual System Properties......Page 343
Security Requirements in the Virtual System......Page 344
References......Page 347
Background and Related Works......Page 348
Information Environment Integrity......Page 349
Conclusion......Page 354
References......Page 355
Author Index......Page 356