| 1 Tales from the Crypt: Fingerprinting Attacks on Encrypted Channels by Way of Retainting |
|
1 | |
|
Michael Valkering, Asia Slowinska, and Herbert Bos |
|
|
|
|
|
1 | |
|
|
|
3 | |
|
|
|
4 | |
|
|
|
6 | |
|
2.2.1 Determining the Tag |
|
|
6 | |
|
2.2.2 Identifying the SSL Conversation |
|
|
8 | |
|
2.3 Interposition Details |
|
|
9 | |
|
|
|
9 | |
|
3.1 Pattern-Based Signatures |
|
|
10 | |
|
3.2 Signatures for Polymorphic Buffer Overflows |
|
|
13 | |
|
|
|
14 | |
|
|
|
15 | |
|
|
|
17 | |
|
|
|
18 | |
|
|
|
18 | |
| 2 Towards High Assurance Networks of Virtual Machines |
|
21 | |
|
Fabrizio Baiardi and Daniele Sgandurra |
|
|
|
|
|
21 | |
|
|
|
23 | |
|
|
|
24 | |
|
|
|
26 | |
|
|
|
27 | |
|
|
|
27 | |
|
3.1 Introspection Functions |
|
|
27 | |
|
3.1.1 Detecting Kernel Modifications |
|
|
27 | |
|
3.1.2 Running Processes Checker |
|
|
28 | |
|
3.1.3 Loaded Modules Authenticator |
|
|
28 | |
|
3.1.4 Promiscuous Mode Checker |
|
|
28 | |
|
|
|
29 | |
|
4 Security and Performance Results |
|
|
29 | |
|
|
|
29 | |
|
|
|
30 | |
|
|
|
31 | |
|
|
|
31 | |
|
6 Conclusions and Future Developments |
|
|
32 | |
|
|
|
32 | |
|
|
|
32 | |
| 3 Intrusion Detection Using Cost-Sensitive Classification |
|
35 | |
|
Aikaterini Mitrokotsa, Christos Dimitrakakis, and Christos Douligeris |
|
|
|
|
|
35 | |
|
2 Cost Sensitive Classification |
|
|
36 | |
|
2.1 Choice of the Cost Matrix |
|
|
37 | |
|
2.2 Algorithmic Comparisons and Alternative Quality Metrics |
|
|
37 | |
|
|
|
38 | |
|
|
|
39 | |
|
|
|
40 | |
|
|
|
41 | |
|
|
|
42 | |
|
|
|
45 | |
|
|
|
46 | |
| 4 A Novel Approach for Anomaly Detection over High-Speed Networks |
|
49 | |
|
Osman Salem, Sandrine Vaton, and Annie Gravey |
|
|
|
|
|
49 | |
|
|
|
52 | |
|
|
|
53 | |
|
|
|
53 | |
|
3.2 Multi-Channel Cumulative Sum Algorithm |
|
|
54 | |
|
|
|
57 | |
|
|
|
61 | |
|
|
|
66 | |
|
|
|
67 | |
|
|
|
67 | |
| 5 Elastic Block Ciphers in Practice: Constructions and Modes of Encryption |
|
69 | |
|
Debra L. Cook, Moti Yung, and Angelos D. Keromytis |
|
|
|
|
|
69 | |
|
2 Elastic Block Cipher Examples |
|
|
70 | |
|
|
|
70 | |
|
|
|
72 | |
|
|
|
73 | |
|
|
|
75 | |
|
|
|
77 | |
|
|
|
78 | |
|
2.7 Randomness Test Results |
|
|
80 | |
|
|
|
81 | |
|
|
|
83 | |
|
|
|
83 | |
|
3.2 Elastic Chaining Mode |
|
|
84 | |
|
|
|
86 | |
|
|
|
88 | |
|
|
|
90 | |
|
|
|
90 | |
| 6 Vulnerability Response Decision Assistance |
|
93 | |
|
Hal Burch, Art Manion, and Yurie Ito |
|
|
|
|
|
93 | |
|
|
|
94 | |
|
|
|
96 | |
|
2.2 Light-Weight Affected Product Tags |
|
|
98 | |
|
|
|
100 | |
|
|
|
101 | |
|
|
|
102 | |
|
|
|
102 | |
|
|
|
103 | |
|
5.1 Common Vulnerability Scoring System (CVSS) |
|
|
103 | |
|
|
|
104 | |
|
|
|
104 | |
|
|
|
104 | |
| 7 Alice, What Did You Do Last Time? Fighting Phishing Using Past Activity Tests |
|
107 | |
|
Nikos Nikiforakis, Andreas Makridakis, Elias Athanasopoulos, and Evangelos P. Markatos |
|
|
|
|
|
107 | |
|
|
|
109 | |
|
|
|
109 | |
|
|
|
109 | |
|
|
|
110 | |
|
|
|
110 | |
|
3.2 PACT Suspension Policy |
|
|
110 | |
|
|
|
111 | |
|
|
|
111 | |
|
4.1 A PACT Enabled E-Mail Service |
|
|
111 | |
|
4.2 A PACT Enabled E-Commerce Service |
|
|
113 | |
|
|
|
114 | |
|
|
|
115 | |
|
|
|
116 | |
|
|
|
116 | |
| 8 QuiGon: The First Tool Against Clone Attack on Internet Relay Chat |
|
119 | |
|
Thibaut Henin and Corinne Huguennet |
|
|
|
|
|
119 | |
|
2 Clone Attack on Internet Relay Chat |
|
|
120 | |
|
|
|
120 | |
|
|
|
120 | |
|
|
|
121 | |
|
2.4 How to Prevent Such Attacks? |
|
|
122 | |
|
|
|
122 | |
|
3.1 Passwords to Enter the Network |
|
|
122 | |
|
|
|
123 | |
|
|
|
123 | |
|
|
|
123 | |
|
|
|
124 | |
|
4.2 The Distinguishing Oracle |
|
|
124 | |
|
5 Tests and Validation of the Distinguishing Oracle |
|
|
125 | |
|
5.1 Test Against Existing Attacks |
|
|
126 | |
|
5.2 Test Against a More Clever Attack |
|
|
127 | |
|
|
|
127 | |
|
|
|
128 | |
| 9 Defending Against Next Generation Through Network/Endpoint Collaboration and Interaction |
|
131 | |
|
Spiros Antonatos, Michael Locasto, Stelios Sidiroglou, Angelos D. Keroniytis, and Evangelos Markatos |
|
|
|
|
|
131 | |
|
1.1 Impact of Failing to Solve the Problem |
|
|
133 | |
|
|
|
133 | |
|
|
|
136 | |
|
4 Application Communities |
|
|
137 | |
|
|
|
139 | |
|
|
|
139 | |
|
|
|
139 | |
| 10 ISi-LANA – A Secure Basic Architecture for Networks Connected to the Internet |
|
143 | |
|
|
|
|
|
|
143 | |
|
|
|
144 | |
|
2.1 Using Internet Services |
|
|
145 | |
|
2.2 Providing Internet Services |
|
|
145 | |
|
2.3 Administration and Monitoring |
|
|
146 | |
|
2.4 Implementation and Operations |
|
|
147 | |
|
|
|
148 | |
|
|
|
148 | |
|
3.2 Structure of the Security Gateway |
|
|
149 | |
|
3.3 Structure of the Management Network |
|
|
149 | |
|
3.4 Structure of the Internal Network |
|
|
150 | |
|
|
|
150 | |
| Author Index |
|
153 | |
| Subject Index |
|
155 | |
Lisainfo e-raamatute kohta