Availability, Reliability and Security 

About: Availability, Reliability and Security is an academic conference. The conference publishes majorly in the area(s): Information privacy & Computer security model. Over the lifetime, 2146 publications have been published by the conference receiving 28895 citations.

NFC Devices: Security and Privacy

Abstract: The aim of this paper is to show security measures for NFC (Near Field Communication) use cases and devices. We give a brief overview over NFC technology and evaluate the implementation of NFC in devices. Out of this technology review we derive different use cases and applications based on NFC technology. Based on the use cases we show assets and interfaces of an NFC device that could be a possible target of an attacker. In the following we apply different attacks against the operation modes to show how applications and devices could be protected against such attacks. The information collected is consolidated in a set of threats giving guidelines on how to improve security and overcome privacy issues. This allows integrating NFC technology in a secure way for the end consumer.

Dirichlet Reputation Systems

Abstract: Reputation systems can be used in online markets and communities in order to stimulate quality and good behaviour as well as to sanction poor quality and bad behaviour. The basic idea is to have a mechanism for rating services on various aspects, and a way of computing reputation scores based on the ratings from many different parties. By making the reputation scores public, such systems can assist parties in deciding whether or not to use a particular service. Reputation systems represent soft security mechanisms for social control. This article presents a type of reputation system based on the Dirichlet probability distribution which is a multinomial Bayesian probability distribution. Dirichlet reputation systems represent a generalisation of the binomial Beta reputation system. The multinomial aspect of Dirichlet reputation systems means that any set of discrete rating levels can be defined. This provides great flexibility and usability, as well as a sound basis for designing reputation systems

A hybrid network intrusion detection technique using random forests

Abstract: Intrusion detection is important in network security. Most current network intrusion detection systems (NIDSs) employ either misuse detection or anomaly detection. However, misuse detection cannot detect unknown intrusions, and anomaly detection usually has high false positive rate. To overcome the limitations of both techniques, we incorporate both anomaly and misuse detection into the NIDS. In this paper, we present our framework of the hybrid system. The system combines the misuse detection and anomaly detection components in which the random forests algorithm is applied. We discuss the advantages of the framework and also report our experimental results over the KDD'99 dataset. The results show that the proposed approach can improve the detection performance of the NIDSs, where only anomaly or misuse detection technique is used.

The Big Four - What We Did Wrong in Advanced Persistent Threat Detection?

Abstract: As both the number and the complexity of cyber-attacks continuously increase, it is becoming evident that current security mechanisms have limited success in detecting sophisticated threats. Stuxnet, Duqu, Flame and Red October have troubled the security community due to their severe complexity and their ability to evade detection - in some cases for several years. The significant technical and financial resources needed for orchestrating such complex attacks are a clear indication that perpetrators are well organized and, likely, working under a state umbrella. In this paper we perform a technical analysis of these advanced persistent threats, highlighting particular characteristics and identifying common patterns and techniques. We also focus on the issues that enabled the malware authors to evade detection from a wide range of security solutions and propose technical countermeasures for strengthening our defenses against similar threats.

Defense trees for economic evaluation of security investments

Abstract: In this paper we present a mixed qualitative and quantitative approach for evaluation of information technology (IT) security investments. For this purpose, we model security scenarios by using defense trees, an extension of attack trees with attack countermeasures and we use economic quantitative indexes for computing the defender's return on security investment and the attacker's return on attack. We show how our approach can be used to evaluate effectiveness and economic profitability of countermeasures as well as their deterrent effect on attackers, thus providing decision makers with a useful tool for performing better evaluation of IT security investments during the risk management process.