Your search keyword '"Kikuchi, Hiroaki"' showing total 31 results

1. Estimation of Behavior of Scanners Based on ISDAS Distributed Sensors.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Meersman, Robert, Tari, Zahir, Kikuchi, Hiroaki, Terada, Masato, and Fukuno, Naoya

Abstract

Given independent multiple access logs, we develop a mathematical model to identify the number of malicious hosts in the current Internet. In our model, the number of malicious hosts is formalized as a function taking two inputs, namely the duration of observation and the number of sensors. Under the assumption that malicious hosts with statically assigned global addresses perform random port scans to independent sensors uniformly distributed over the address space, our model gives the asymptotic number of malicious source addresses in two ways. Firstly, it gives the cumulative number of unique source addresses in terms of the duration of observation. Secondly, it estimates the cumulative number of unique source addresses in terms of the number of sensors. To evaluate the proposed method, we apply the mathematical model to actual data packets observed by ISDAS distributed sensors over a one-year duration from September 2004, and check the accuracy of identification of the number of malicious hosts. [ABSTRACT FROM AUTHOR]

Published

2007

2. Anonymous Authentication Protocols with Credit-Based Chargeability and Fair Privacy for Mobile Communications.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Fan, Chun-I, and Huang, Vincent Shi-Ming

Abstract

Smart and tiny mobile phones are widely popularized and advanced mobile communication services are provided increasingly such that ubiquitous computing environments will come true soon. It is a pleasure for mobile users to work or get recreations in the mobile network environments. However, just as the cases in wireline networks, there are many security threats to mobile network systems and their impact on the security is more serious than that in wireline networks owing to the features of wireless transmissions and the ubiquity property in mobile network systems. The secret personal information, important data, or classified documents which mobile users carry may be stolen by malicious entities. In order to guarantee the quality of the advanced communication services, the security and privacy would be important issues when mobile users roam to the mobile networks. In this paper, an anonymous authentication scheme will be proposed to protect both the security of the mobile network system and the privacy of mobile users. Not only does the proposed scheme provide mutual authentication between each user and the system, but also the identity of each user can be kept secret against anyone else, including the system. Although the system anonymously authenticates the users, it can still make correct bills to charge these anonymous users. Finally, our protocols also achieve the goal of fair privacy which allows the judge to be able to revoke the anonymity and trace the illegal users when they misused the anonymity property such as they committed crimes. [ABSTRACT FROM AUTHOR]

Published

2007

3. How to Find Many Collisions of 3-Pass HAVAL.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Suzuki, Kazuhiro, and Kurosawa, Kaoru

Abstract

The hash function HAVAL is a well known Merkle-Damgård hash function such as MD4 and MD5. It has three variants, 3-, 4- and 5-pass HAVAL. On 3-pass HAVAL, the best known attack finds a collision pair with 27 computations of the compression function. To find k collision pairs, it requires 27k computations. In this paper, we present a better collision attack on 3-pass HAVAL, which can find k collision pairs with only 2k + 33 computations. Further, our message differential is different from the previous ones. It is important to find collisions for different message differentials. [ABSTRACT FROM AUTHOR]

Published

2007

4. A Secure Threshold Anonymous Password-Authenticated Key Exchange Protocol.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Shin, SeongHan, and Kobara, Kazukuni

Abstract

At Indocrypt 2005, Viet et al., [20] have proposed an anonymous password-authenticated key exchange (PAKE) protocol and its threshold construction both of which are designed for client's password-based authentication and anonymity against a passive server, who does not deviate the protocol. In this paper, we first point out that their threshold construction is completely insecure against off-line dictionary attacks. For the threshold t > 1, we propose a secure threshold anonymous PAKE (for short, TAP) protocol with the number of clients n upper-bounded, such that $n \leq 2 \sqrt{N-1} -1$, where N is a dictionary size of passwords. We also show that the TAP protocol provides semantic security of session keys in the random oracle model, with the reduction to the computational Diffie-Hellman problem, as well as anonymity against a passive server. For the threshold t = 1, we propose an efficient anonymous PAKE protocol that significantly improves efficiency in terms of computation costs and communication bandwidth compared to the original (not threshold) anonymous PAKE protocol [20]. [ABSTRACT FROM AUTHOR]

Published

2007

5. A Composite Privacy Protection Model.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Ren, Yi, and Luo, Min

Abstract

The current privacy-preserving researches are based on the relational data model. However, the existing privacy data models based on the relational model exist some shortcomings. First, they are not enough for protection of composite privacy object. The current researches focus on the privacy data of individual and do not consider how to protect the relationship among several privacy objects. The relationship is also a type of privacy data of each individual. Second, the rapid increasing view make it is difficult for the privacy database administrator to manage the privacy database effectively. In this paper, a privacy data model based on deputy mechanism is proposed for solving those problems. The model can depict the generalization relationship among different privacy objects and provide a stronger hiding capability that IS-A relationship. Moreover, compared with object-oriented data model, the model pays more attention to the storage and usage of privacy data objects in the context of database. Finally, this paper illustrates how to implement the privacy model in the object deputy database management system. [ABSTRACT FROM AUTHOR]

Published

2007

6. Practical Security Analysis of E-Voting Systems.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Buldas, Ahto, and Mägi, Triinu

Abstract

We adapt game theoretic methods for studying the security of two e-voting systems: the Estonian E-Voting System (EstEVS) and Secure Electronic Registration and Voting Experiment (SERVE) performed in the United States of America. While these two systems are quite similar from technical side, security experts have made totally different decisions about their security—EstEVS was indeed used in practical elections while SERVE was decided to be insecure. The aim of this work is to clarify if the minor technical differences between these two systems were indeed a sufficient reason to distinguish between their security. Our analysis is oriented to practical security against large-scale attacks. We define a model for the real-life environment in which voting takes place and analyze the behavior of adversaries. We show that in our model EstEVS is secure and SERVE is not. The reliability of the results is still questionable because of our limited knowledge about many of the parameters. It turns out though that our main results are quite robust with respect to the choice of parameters. [ABSTRACT FROM AUTHOR]

Published

2007

7. Nominative Signature from Ring Signature.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Liu, Dennis Y. W., and Chang, Shuang

Abstract

Since the introduction of nominative signature (NS) in 1996, there have been a handful of schemes proposed and almost all of them have been found flawed. The only one which is secure requires multi-round of communications between the nominator and the nominee for signature generation. In this paper, we propose a novel construction which is efficient and requires only one-move communication for signature generation. We also show that the construction is secure under the strongest security model currently available and the reductionist proofs only rely on standard number-theoretic assumptions. As of independent interest, our construction illustrates an interesting use of ring signature. [ABSTRACT FROM AUTHOR]

Published

2007

8. Secure Anonymous Communications with Practical Anonymity Revocation Scheme.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Chida, Koji, and Shionoiri, Osamu

Abstract

We propose an anonymous communication scheme using a multistage cryptographic anonymous proxy to make malicious users traceable. For the purpose of preventing illegal use of an anonymous channel, the proposed scheme can identify an illegal anonymous user or his accomplice who joins a conspiracy if a threshold number of third parties or more agrees on anonymity revocation. Expected applications of the proposed scheme include real-time web services over the Internet in which both user anonymity and preventing illegal use are desired such as anonymous bulletin board services, auctions, and peer-to-peer file exchange. Moreover, we implemented the proposed scheme to verify the degree of practicality. The implementation results include that the case for the received data of 100 KB from an HTTP request and a ten-stage relay for the anonymous proxy on an Intel Pentium 4 3.0 GHz PC took approximately 1 sec to receive, and the received data of 1 MB and a two-stage relay required 2 sec. [ABSTRACT FROM AUTHOR]

Published

2007

9. Processing Multi-parameter Attacktrees with Estimated Parameter Values.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Jürgenson, Aivo, and Willemson, Jan

Abstract

Authors extend the multi-parameter attacktree model to include inaccurate or estimated parameter values, which are modelled as probabilistic interval estimations. The paper develops mathematical tools to extend the computation rules of the attacktree model to work with interval estimations instead of point estimates. We present a sample computation routine and discuss how to interpret the analysis results and how to choose the optimal or an economically justified security level. [ABSTRACT FROM AUTHOR]

Published

2007

10. GAS: Overloading a File Sharing Network as an Anonymizing System.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Athanasopoulos, Elias, and Roussopoulos, Mema

Abstract

Anonymity is considered as a valuable property as far as everyday transactions in the Internet are concerned. Users care about their privacy and they seek for new ways to keep secret as much as of their personal information from third parties. Anonymizing systems exist nowadays that provide users with the technology, which is able to hide their origin when they use applications such as the World Wide Web or Instant Messaging. However, all these systems are vulnerable to a number of attacks and some of them may collapse under a low strength adversary. In this paper we explore anonymity from a different perspective. Instead of building a new anonymizing system, we try to overload an existing file sharing system, Gnutella, and use it for a different purpose. We develop a technique that transforms Gnutella as an Anonymizing System (GAS) for a single download from the World Wide Web. [ABSTRACT FROM AUTHOR]

Published

2007

11. Fine-Grained Sticky Provenance Architecture for Office Documents.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Mishina, Takuya, and Yoshihama, Sachiko

Abstract

Current business situations require improved confidentiality and integrity for office documents. However, existing content management systems for office documents lack required security properties such as the *-property, or have problems such as label creep. In this paper we propose a meta-data format called sticky provenance and a fine-grained information flow control architecture using the sticky provenance. The sticky provenance contains the change history and the labels of an office document in a secure form, and it ensures the verifiability of the change history of the documents in distributed environments. The Provenance Manager, which is a key module of the architecture, reduces the label creep problem of the information flow control models with the sticky provenance. In other words, the sticky provenance and the Provenance Manager can introduce a practical fine-grained information flow control capability to office applications so that we can ensure both the confidentiality and the verifiability of office documents. [ABSTRACT FROM AUTHOR]

Published

2007

12. On Security Models and Compilers for Group Key Exchange Protocols.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Bresson, Emmanuel, and Manulis, Mark

Abstract

Group key exchange (GKE) protocols can be used to guarantee confidentiality and authentication in group applications. The paradigm of provable security subsumes an abstract formalization (security model) that considers the protocol environment and identifies its security goals. The first security model for GKE protocols was proposed by Bresson, Chevassut, Pointcheval, and Quisquater in 2001, and has been subsequently applied in many security proofs. Their definitions of AKE-security (authenticated key exchange; a.k.a. indistinguishability of the key) and MA-security (mutual authentication) became meanwhile standard. In this paper we analyze the BCPQ model and some of its variants and identify several risks resulting from its technical core construction - the notion of partnering. Consequently, we propose a revised model extending AKE- and MA-security in order to capture attacks by malicious participants and strong corruptions. Then, we turn to generic solutions (known as compilers) for AKE- and MA-security in BCPQ-like models. We describe a compiler compauthma which provides AKE- and MA-security for any GKE protocol, under standard cryptographic assumptions, that eliminates some identified limitations in existing compilers. [ABSTRACT FROM AUTHOR]

Published

2007

13. Accredited Symmetrically Private Information Retrieval.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, and Layouni, Mohamed

Abstract

With the digitization of society and the continuous migration of services to the electronic world, individuals have lost significant control over their data. In this paper, we consider the problem of protecting personal information subjects. More specifically, we propose a new primitive allowing a data subject to decide when, how, and by whom his data can be accessed, without the database manager learning anything about his identity, at the time the data is retrieved. The proposed solution, which we call Accredited SPIR, combines symmetrically private information retrieval and privacy-preserving digital credentials. We present three constructions based on the discrete logarithm and RSA problems. Despite the added privacy safeguards, the extra cost incurred by our constructions is negligeable compared to that of the underlying building blocks. [ABSTRACT FROM AUTHOR]

Published

2007

14. Enforcement of Integrated Security Policy in Trusted Operating Systems.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Kim, Hyung Chan, and Ramakrishna, R. S.

Abstract

The main focus of Trusted Operating System (TOS) research these days is on the enhanced access control of reference monitors which, in turn, control the individual operations on a given access instance. However, many real-life runtime attacks involve behavioral semantics. It is desirable, therefore, to enforce an integrated security policy that includes both behavioral security and access control policies. We have proposed an extended reference monitor to support both access and behavior controls. This results in a sequence of operations which is also of concern in security enforcement. This paper presents the design of the extended reference monitor for integrated policy enforcement and describes its implementation in Linux operating systems. [ABSTRACT FROM AUTHOR]

Published

2007

15. Generic Certificateless Encryption in the Standard Model.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Huang, Qiong, and Wong, Duncan S.

Abstract

Despite the large number of certificateless encryption schemes recently proposed, many of them have been found to be insecure under a practical attack called malicious-but-passive KGC attack, since they all follow the same key generation procedure as that of the one proposed by Al-Riyami and Paterson in ASIACRYPT 2003. The only scheme that remains secure against this attack is due to Libert and Quisquater (PKC 2006). However, the security can only be shown in the random oracle model. In this paper, we first show that a scheme which has a different key generation procedure from that of Al-Riyami and Paterson also suffers from the malicious-but-passive KGC attack. Our attacking techniques are different and may cause greater extent of damage than the previous ones. We also propose a generic construction of certificateless encryption which can be proven secure against this attack in the standard model. This generic scheme not only is the first one proven secure in the standard model, but is also very efficient to instantiate. We also describe how to use short signature and hybrid encryption to construct highly efficient instantiations of this generic scheme. [ABSTRACT FROM AUTHOR]

Published

2007

16. InfoCage: A Development and Evaluation of Confidential File Lifetime Monitoring Technology by Analyzing Events from File Systems and GUIs.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Kida, Koji, and Sakamoto, Hisashi

Abstract

Information leakage from client PCs has grown into a serious problem in recent years. To address the problem, we propose file lifetime monitoring technology that enables users to accurately trace modifications of confidential documents by user commands such as copy, rename, and save, as well as copy/paste editing operations. The File Lifetime Monitoring Technology is based on analyzing primitive events from the file system and GUI and anticipates confidentiality risks using prepared knowledge of applications. Using monitoring results effectively, confidential information can be managed on workers'PCs. The prototype system has been successfully operated, and 243 co-workers tried it out. The trial shows that our system is practical in terms of performance degradation. Experiments show that both the quality and quantity of monitoring results are better than conventional monitoring software. In particular, the log size of our system can be reduced eleven times from the size of conventional software. [ABSTRACT FROM AUTHOR]

Published

2007

17. Verifiable Internet Voting Solving Secure Platform Problem.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Kutyłowski, Mirosław, and Zagórski, Filip

Abstract

We present a voter verifiable Internet voting scheme which provides anonymity and eliminates the danger of vote selling even if the computer used by the voter cannot be fully trusted. The ballots cast remain anonymous - even the machine does not know the choice of the voter. It makes no sense to buy votes - the voter can cheat the buyer even if his machine cooperates with the buyer. Nevertheless, the voter can verity that his vote has been counted. [ABSTRACT FROM AUTHOR]

Published

2007

18. Secure and Private Incentive-Based Advertisement Dissemination in Mobile Ad Hoc Networks.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Viejo, Alexandre, and Sebé, Francesc

Abstract

Advertisement dissemination is a promising M-commerce application which exploits the capabilities of mobile ad hoc networks to increase the visibility of the products being offered by merchants. The starting point is a merchant who generates an advertisement that is subsequently disseminated by citizens who carry mobile devices acting as network nodes. In this paper we present a novel system where users collaborating in offer dissemination are incentivized with e-coin rewards. Our system is proven to be secure and to preserve the privacy of nodes. [ABSTRACT FROM AUTHOR]

Published

2007

19. Salvia: A Privacy-Aware Operating System for Prevention of Data Leakage.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Suzuki, Kazuhisa, and Mouri, Koichi

Abstract

We have developed a privacy-aware operating system that focuses on preventing leakage of sensitive data such as personal information. The existing mandatory access control model is too restrictive for processes required to sustain the operations of user programs such as FTP, e-mail client applications, etc. In order to solve this problem, the proposed approach employs two techniques. First, the operating system kernel limits the execution of system calls only if the process could contribute to data leakage. Second, we implemented contexts; contexts are parameter or hints facilitating the evaluation of the risk of data leakage. These contexts also determine whether the kernel allows or disallows the execution of system calls. These techniques make it possible to realize a more adaptive and flexible data protection mechanism than the existing ones. This study describes the proposed approach. [ABSTRACT FROM AUTHOR]

Published

2007

20. Run-Time Randomization to Mitigate Tampering.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Anckaert, Bertrand, and Jakubowski, Mariusz

Abstract

The problem of defending software against tampering by a malicious host is not expected to be solved soon. Rather than trying to defend against the first attack, randomization tries to minimize the impact of a successful attack. Unfortunately, widespread adoption of this technique is hampered by its incompatibility with the current software distribution model, which requires identical physical copies. The ideas presented in this paper are a compromise between distributing identical copies and unique executions by diversifying at run time, based upon additional chaff input and variable program state. This makes it harder to zoom in on a point of interest and may fool an attacker into believing that he has succeeded, while the attack will work only for a short period of time, a small number of computers, or a subset of the input space. [ABSTRACT FROM AUTHOR]

Published

2007

21. Privacy-Preserving Eigentaste-Based Collaborative Filtering.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Yakut, Ibrahim, and Polat, Huseyin

Abstract

With the evolution of e-commerce, privacy is becoming a major concern. Many e-companies employ collaborative filtering (CF) techniques to increase their sales by providing truthful recommendations to customers. Many algorithms have been employed for CF purposes; and Eigentaste-based algorithm is one of them. Customers' preferences about products they purchased previously or showed interest are needed to provide recommendations. However, due to privacy concerns, customers refuse to contribute their ratings at all; or they might decide to give false data. Providing truthful referrals based on such inadequate and false data is impossible. Therefore, providing privacy measures is vital for collecting truthful data and producing recommendations. In this paper, we investigate how to achieve CF tasks (predictions and top-N recommendations) using Eigentaste, which is a constant time CF algorithm, without greatly exposing users' privacy. To accomplish privacy, we employ randomized perturbation techniques (RPT). We modify and/or simplify original Eigentaste algorithm in such a way to provide private referrals efficiently with decent accuracy. We investigate our proposed schemes in terms of privacy. To evaluate the overall performance of our schemes, we conduct experiments using real data sets. We then analyze our outcomes and finally provide some suggestions. [ABSTRACT FROM AUTHOR]

Published

2007

22. Intrusion Detection and Identification System Using Data Mining and Forensic Techniques.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Leu, Fang-Yie, and Hu, Kai-Wei

Abstract

Presently, most computers authenticate a user's ID and password before the user can log in. However, if the two items are known to hackers, there is a risk of security breach. In this paper, we propose a system, named the Intrusion Detection and Identification System (IDIS), which builds a profile for each user in an intranet to keep track of his/her usage habits as forensic features. In this way the IDIS can identify who the underlying user in the intranet is by comparing the user's current inputs with the features collected in the profiles established for all users. User habits are extracted from their usage histories by using data mining techniques. When an attack is discovered, the IDIS switches the user's inputs to a honey pot not only to isolate the user from the underlying system, but also to collect many more attack features by using the honey pot to enrich attack patterns which will improve performance of future detection. Our experimental results show that the recognition accuracy of students in the computer science department of our university is nearly 99.16% since they are sophisticated users. The recognition accuracy of those other than computer science students is 94.43%. [ABSTRACT FROM AUTHOR]

Published

2007

23. An Efficient Pre-authentication Scheme for IEEE 802.11-Based Vehicular Networks.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Hur, Junbeom, and Park, Chanil

Abstract

In vehicular networks, supporting user mobility is one of the most challenging issues. Recently, as the desires for the high mobility and high-quality real-time services increase, fast handoff among base stations comes to a center of quality of connections. Therefore, minimizing re-authentication latency during handoff is crucial for revolutionizing the driving environment on public vehicular networks in terms of safety and convenience. In this study, we propose an efficient pre-authentication scheme for fast and secure handoff in IEEE 802.11-based vehicular networks. The proposed scheme reduces the handoff delay by reducing 4-way handshake to 2-way handshake between an access point and a mobile vehicle station during the re-authentication phase. Furthermore, the proposed scheme gives little burden over the proactive key pre-distribution scheme while satisfying 802.11i security requirements. [ABSTRACT FROM AUTHOR]

Published

2007

24. A Global Authentication Scheme for Mobile Ad-Hoc Networks.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Caballero-Gil, P., and Caballero-Gil, C.

Abstract

This work proposes a new global authentication system for Mobile Ad-hoc Networks. The component algorithms are designed in a self-organizing way so that most needs of this sort of networks are covered. In particular, characteristics such as adaptation to the varying topology of the network, open availability of broadcast transmissions, and strong access control have received special attention when defining the new scheme. The described protocol is based on the cryptographic paradigm of Zero-Knowledge Proofs. In this paper the design is thought for the Hamiltonian Cycle Problem, but it might be easily adapted to other NP-complete graph problems. [ABSTRACT FROM AUTHOR]

Published

2007

25. Botnet Traffic Detection Techniques by C&C Session Classification Using SVM.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Kondo, Satoshi, and Sato, Naoshi

Abstract

Bots, which are new malignant programs are hard to detect by signature based pattern matching techniques. In this research, we focused on a unique function of the bots the remote control channel (C&C session). We clarified that the C&C session has unique characteristics that come from the behavior of bot programs. Accordingly, we propose an alternative technique to identify computers compromised by the bot program for the classification of the C&C session from the traffic data using a machine learning algorithm support vector machine (SVM). Our evaluation resulted in 95% accuracy in the identification of the C&C session by using SVM. We evaluated that the packet histogram vector of the session is better than the other vector definitions for the classification of the bot C&C session. [ABSTRACT FROM AUTHOR]

Published

2007

26. Batch Pairing Delegation.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Tsang, Patrick P., and Chow, Sherman S. M.

Abstract

Pairing-based cryptography (PBC) has enabled the construction of many cryptographic protocols. However, there are scenarios when PBC is too heavyweight to use, such as when the computing devices are resource-constrained. Pairing delegation introduced in [19] provides a solution by offloading the computation to more powerful entities. In this paper, we introduce the concept of, and construct several protocols for, batch pairing delegation, which offers significantly improved efficiency over multiple runs of state-of-the-art (non-batch) delegation protocols. We prove the security of our proposed protocols in the model we formalized for batch pairing delegation. Also, we have implemented our protocols in software for experimentation. Moreover, we argue that the secure delegation of pairing computation, batched or not, requires different protocols depending on the semantic meaning of the pairings. We propose a taxonomy that classifies pairings into seven types to assist in choosing the right delegation protocol. Finally, we propose a novel application of pairing delegation in trusted computing - we show how pairing delegation can be leveraged to build a secure coprocessor for pairing computation more cost-effectively. [ABSTRACT FROM AUTHOR]

Published

2007

27. Experiments on the Linear Algebra Step in the Number Field Sieve.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Aoki, Kazumaro, and Shimoyama, Takeshi

Abstract

This paper shows experimental results of the linear algebra step in the number field sieve on parallel environment with implementation techniques. We developed an efficient algorithm that shares the sum of vectors in each node, and the network structure among the nodes only requires to include a ring. We also investigated the construction of a network for the linear algebra step. The construction can be realized through switches and network interface cards, whose prices are not expensive. Moreover, we investigated the implementation of the linear algebra step using various parameters. The implementation described in this paper was used for the integer factoring of a 176 digit number by GNFS and a 274 digit number by SNFS. [ABSTRACT FROM AUTHOR]

Published

2007

28. Reduction Optimal Trinomials for Efficient Software Implementation of the ηT Pairing.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Nakajima, Toshiya, and Izu, Tetsuya

Abstract

The ηT pairing for supersingular elliptic curve over GF(3m) has been paid attention because of its computational efficiency. Since most parts of computation of the ηT pairing are multiplications over GF(3m), it is important to improve the speed of the multiplication when implementing the ηT pairing. In this paper we consider software implementation of multiplication over GF(3m) and propose to use irreducible trinomials xm + axk + b over GF(3) such that w, bit length of word of targeted CPU, divides k. We call the trinomials "reduction optimal trinomials (ROTs)". ROTs actually exist for several m's and typical values of w = 16 and 32. We list them for extension degrees m = 97, 167, 193 and 239. These m's are derived from security considerations. Using ROT it is possible to implement efficient modulo operation (reduction) in multiplication over GF(3m) comparing with the case using other type of trinomials (e.g., trinomials with minimum k for each m). The reason of this is that for the cases of reduction by ROT the number of shift operations on multiple precision data reduces to less than half comparing with the cases by other trinomials. Implementation results show that reduction algorithm specialized for ROT is 20-30% faster on 32-bit CPU and around 40% faster on 16-bit CPU than algorithm for irreducible trinomials with general k. [ABSTRACT FROM AUTHOR]

Published

2007

29. Collusion-Resistant Fingerprinting Scheme Based on the CDMA-Technique.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Hayashi, Naoki, and Kuribayashi, Minoru

Abstract

Digital fingerprinting is a scheme to insert user's own ID information into digital contents in order to identify illegal users who distribute unauthorized copy. One of the important problems is a collusion attack such that several users combine their copies of a same content to modify/delete the embedded fingerprint. In this paper, we propose a collusion-resilient fingerprinting scheme based on the CDMA technique. By combining spread spectrum sequence with orthogonal transform, we allocate the combination of spectrum components to users as their fingerprints. At a detector side, a threshold for the detection of colluded users is determined considering the false positive probability. We then estimate the parameters in the scheme for both optimal embedding and detection, and improve the accuracy of the detection of colluders. Experimental results show the effectiveness of proposed scheme. [ABSTRACT FROM AUTHOR]

Published

2007

30. Design Issues of an Isolated Sandbox Used to Analyze Malwares.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Miwa, Shinsuke, and Miyachi, Toshiyuki

Abstract

Recent viruses, worms, and bots, called malwares, often have anti-analysis functions such as mechanisms that confirm connectivity to certain Internet hosts and detect virtualized environments. We discuss how malwares can be kept alive in an analyzing environment by disabling their anti-analyzing mechanisms. To avoid any impacts to/from the Internet, we conclude that analyzing environments should be disconnected from the Internet but must be able to make malwares believe that they are connected to the real Internet. We also conclude that, for executing environments to analyze anti-virtualization malwares, they should not be virtualized but must be as easily reconstructable as a virtualized environment. To reconcile these cross-purposes, we propose an approach that consists of a mimetic Internet and a malware incubator with swappable actual nodes. We implemented a prototype system and conducted an experiment to test the adequacy of our approach. [ABSTRACT FROM AUTHOR]

Published

2007

31. A Note on the (Im)possibility of Using Obfuscators to Transform Private-Key Encryption into Public-Key Encryption.

Author

Hutchison, David, Kanade, Takeo, Kittler, Josef, Kleinberg, Jon M., Mattern, Friedemann, Mitchell, John C., Naor, Moni, Nierstrasz, Oscar, Pandu Rangan, C., Steffen, Bernhard, Sudan, Madhu, Terzopoulos, Demetri, Tygar, Doug, Vardi, Moshe Y., Weikum, Gerhard, Miyaji, Atsuko, Kikuchi, Hiroaki, Rannenberg, Kai, Hada, Satoshi, and Sakurai, Kouichi

Abstract

Transforming private-key encryption schemes into public-key encryption schemes is an interesting application of program obfuscation. The idea is that, given a private-key encryption scheme, an obfuscation of an encryption program with a private key embedded is used as a public key and the private key is used for decryption as it is. The security of the resulting public-key encryption scheme would be ensured because obfuscation is unintelligible and the public key is expected to leak no information on the private key. This paper investigates the possibility of general-purpose obfuscators for such a transformation, i.e., obfuscators that can transform an arbitrary private-key encryption scheme into a secure public-key encryption scheme. Barak et al. have shown a negative result, which says that there is a deterministic private-key encryption scheme that is unobfuscatable in the sense that, given any encryption program with a private key embedded, one can efficiently compute the private key. However, it is an open problem whether their result extends to probabilistic encryption schemes, where we should consider a relaxed notion of obfuscators, i.e., sampling obfuscators. Programs obfuscated by sampling obfuscators do not necessarily compute the same function as the original program, but produce the same distribution as the original program. In this paper, we show that there is a probabilistic private-key encryption scheme that can not be transformed into a secure public-key encryption scheme by sampling obfuscators which have a special property regarding input-output dependency of encryption programs. Our intention is not to claim that the required special property is reasonable. Rather, we claim that general-purpose obfuscators for the transformation, if they exist, must be a sampling obfuscator which does NOT have the special property. [ABSTRACT FROM AUTHOR]

Published

2007