Catálogo de publicaciones - libros

Unauthorized accesses to digital contents are serious threats to international security and informatics. We propose an offline oblivious data distribution framework that preserves the sender’s security and the receiver’s privacy using tamper-proof smart cards. This framework provides persistent content protections from digital piracy and promises private content consumption.

In keystroke dynamics based user authentication, an access system utilizes not only a valid user’s password, but also his/her typing patterns. Although high performances in terms of FAR(False Acceptance Rate) and FRR(False Rejection Rate) have been reported, most researches used a large number of valid users’ typing patterns in order to implement complex algorithms in building a classifier[1]. However, collecting sufficient typing patterns to construct a complex classifier is practically impossible. When only a handful of typing patterns are available, the only way to compensate the lack of quantity is to improve quality. To improve the quality of typing patterns, using artificial rhythms and cues were proposed[2]. In this paper, we aim at verifying the effectiveness of artificial rhythms and cues by testing hypotheses.

Risk analysis and damage estimation are inevitable studies to gain essential data for making a better decision in security investment. The most reasonable metrics to measure the damage of a security accident are and [1,2,3,4]. In the case of a worm accident, the costs mean just the direct damage caused by infected systems. However, collaterally cascading damage is also serious damage which can impact on other innocent systems having depended on the infected systems for the purpose of processing their business or demanding some service.

The Smart Card Security Users Group (SCSUG) consortium developed the security specifications using the new international security standard ISO/IEC 15408, which is known as the Common Criteria. ISO 10202 standards have been established for the security of financial transaction systems that use integrated circuit cards (IC cards or smart cards). The smart card originates from the IC memory card which has been in the industry for about 10 years. The main characteristics of a smart card are its small size and low-power consumption. The merits of a smart card regarding password authentication are its simplicity and its efficiency in terms of the log-in and authentication processes. Secure communication between set-top box (STB) and smart card is directly related with the benefit of service providers and the legal rights of users, while key exchange is the essential part of secure communication. In 2004, Jiang et al. [1] proposed a key exchange protocol for STB and smart card based on Schnorr’s digital signature protocol and one-way hash function. The current paper, however, demonstrates that Jiang et al.’s protocol is vulnerable to an impersonation attack and does not provide perfect forward secrecy. Furthermore, we present a new secure key exchange protocol based on one-way hash function and Diffie-Hellman key exchange algorithm in order to isolate such problems.

Due to increasing incidents of cyber attacks and heightened concerns for cyber terrorism, implementing effective intrusion detection systems (IDSs) is an essential task for protecting cyber security. Intrusion detection is the process of monitoring and analyzing the events occurring in a computer system in order to detect signs of security problems [1]. Even though the intrusion detection problem has been studied intensively [2], current techniques for intrusion detection still have limitations considering the following three aspects: (1) It is very common to focus on the data mining step, while the other Knowledge Discovery in Databases (KDD) steps are largely ignored [4]. (2) Many intrusion detection systems assume the existence of sharp boundary between normal and anomalous behavior. This assumption, consequently, causes an abrupt separation between normality and anomaly. (3) The construction of many intrusion detection systems is based on some strong assumptions on input data set that make practical applications impractical. Considering all of these limitations, in this paper, we propose a novel anomaly detection framework that has several desirable features.

Network security is an important issue for Intelligence and Security Informatics (ISI) [1-3]. As a complementary measure for traditional network security tools such as firewalls, the intrusion detection system (IDS) is becoming increasingly important and widely-used [4]. Generally speaking, the IDS works by building a model based on the normal data patterns and treating the operations that deviated significantly from the model as malicious. In its early stage of development, the IDS takes certain statistics (e.g., mean and variance) of the audit data to discriminate between the normal usage and attacks. Such systems are easy to construct; however, they suffer from a poor generalization ability to detect unknown or new attacks. Recently other models such as the finite Markov mode [5] and support vector machines [6] have been introduced into IDS, providing finer-grained characterization of normal users’ behavior. In this report we investigate the potential application of the Hidden Markov Model (HMM) for intrusion detection.

Detecting security-related information is a critical component of ISI research, which involves studying a wide range of technical and systems challenges related to the acquisition, collection, storage, retrieval, synthesis, and analysis of security-related information.

Disasters, either naturally-occurring or man-made, frequently occur. For example, the recent chemical plant explosion on Nov. 13, 2005 at the Jilin Petrochemical Company caused a major environmental catastrophe in the water system of Songhua River. The explosion produced about 100 tonne of toxic chemicals, including benzene, spilled into the Songhua River and created an 80 km slick. The river contamination forced the shutdown of water supply in Harbin, a city located downstream with 3.8 million residents. The water pollution also brought problems to cities in China and Russia further downstream. Shortly afterwards, on Dec. 17, 2005, the City Central Hospital in Liaoyuan, Jilin Province, caught fire and left 39 people dead. In 2005, several serious coal mine disasters happened in China, which caused great losses in both life and economic assets. The lack of work safety and poor management has led to the high frequency of such coal mine accidents in recent years in China. In addition to the above disasters, there are other emergencies such as the Severe Acute Respiratory Syndrome (SARS), mad-cow disease and bird flu that caused world-wide attention and resulted in huge economic losses. Societal security has been a very important topic for civilians, governments, officials, and researchers as well.

Computer networks have evolved from close local networks to open interconnected networks and the operations from data communication to online transaction. As such, identity authentication is indispensable in today’s computing platform. Current identity authentication techniques primarily focus on Public Key Infrastructure (PKI) or Identity Based Encryption (IBE). However, these techniques authenticate users’ identity relying on tokens or keys and one or many trustworthy third-party(s) that require databases running online, with multiple points of vulnerability and low efficiency.

Social network analysis (SNA) is the study of social relations among a set of actors. It is an emerging discipline that maps and measures the relationships between people, groups, organizations, computers or other information processing entities. SNA has been widely applied into many areas [1-3].