Showing papers in "Computers & Security in 2010"

TL;DR: A framework to cultivate an information security culture within an organisation and to illustrate how to use it is proposed and an empirical study is performed to aid in validating the proposed Information Security Culture Framework.

TL;DR: This paper summarizes the current research directions in detecting coordinated attacks using collaborative intrusion detection systems (CIDSs), and highlights two main challenges in CIDS research: CIDS architectures and alert correlation algorithms.

TL;DR: The presented model incorporates the concept of elasticity from the economical sciences in order to show how various variables in an information security culture influence each other and is to facilitate conceptual thinking and argumentation about information securityculture.

TL;DR: It is demonstrated that local employee participation, collective reflection and group processes produce changes in short-term information security awareness and behaviour.

TL;DR: A complete survey of the representative video encryption algorithms proposed so far is given and it is shown that each scheme has its own strengths and weaknesses and no scheme can meet all specific requirements.

TL;DR: This paper proposes a new model, the E-Awareness Model (E-AM), in which home users can be forced to acquaint themselves with the risks involved in venturing into cyber space, and proposes a way to improve information security awareness among home users.

TL;DR: An alternative approach to the development of security policies is proposed to encourage ethical decision making based on consequential ethics, which will have positive effects on the usability and suitability of the acceptable use policy to the organisation.

TL;DR: A post-processing filter is proposed to reduce false positives in network-based intrusion detection systems and can significantly reduce the number and percentage of false positives produced by Snort(C) (Roesch, 1999).

TL;DR: It is shown that there are possible solutions for both payload and flow tampering attacks, and partial solutions for message flooding attacks, as well as giving hints how open flooding attacks issues could be addressed.

TL;DR: Using SEIQV model, the basic reproduction number that governs whether or not a worm is extinct is obtained, which shows the performance of this model is significantly better than other models, in terms of decreasing the number of infected hosts and reducing the worm propagation speed.

TL;DR: A set of abstract classes that can be used to create probabilistic relational models so that they enable inference of security risk from instantiated architecture models are proposed.

TL;DR: A two-stage classification system using a SOM neural network and K-means algorithm to correlate the related alerts and to further classify the alerts into classes of true and false alarms is developed.

TL;DR: This work presents a novel approach to network-based anomaly detection based on the analysis of non-stationary properties and ''hidden'' recurrence patterns occurring in the aggregated IP traffic flows, and adopted recurrence quantification analysis, a nonlinear technique widely used in many science fields to explore the hidden dynamics and time correlations of statistical time series.

TL;DR: This paper proposes a secure routing protocol based on the AODV (Ad hoc On-demand Distance Vector) routing protocol, which is named WARP (Wormhole-Avoidance Routing Protocol), which considers link-disjoint multipaths during path discovery, and provides greater path selections to avoid malicious nodes, but eventually uses only one path to transmit data.

TL;DR: This paper proposes an access control solution based on the definition of different policy spaces, a language, and a composition algebra to regulate access to patient data and to balance the rigorous nature of traditional access control systems with the ''delivery of care comes first'' principle.

TL;DR: A black-box attack against an already deployed CAPTCHA that aims to protect a free service delivered using the Internet, which requires no development in Artificial Intelligence or automatic character recognition, the intended path, thus becoming a side-channel attack, based on the previously mentioned CAPTCHAs flaws.

TL;DR: The proposed methodology aims to integrate existing security plans and risk assessments performed in isolated infrastructures, in order to assess sector-wide or intra-sector security risks, and defines three different layers of security assessments with different requirements and goals.

TL;DR: This paper develops and implements a new audio CAPTCHA, which is suitable for SIP-based VoIP telephony, and is tested against users and bots and demonstrated to be efficient.

TL;DR: To significantly improve the performances of the CGA, this work investigates first replacing RSA with ECC (Elliptic Curve Cryptography and ECDSA), and second using the General-Purpose computing on Graphical Processing Units (GPGPU).

TL;DR: In this article, the authors proposed an anti-spam framework based on the hybrid of content-based filtering and challenge-response, where a message, that has been classified as uncertain through contentbased filtering, is checked further by sending a challenge to the message sender.

TL;DR: It is shown that datasets protected by SDC methods can be used to construct good classifiers for future data, and some specific protection methods that have appeared in the privacy-preserving data mining literature with the clear goal of providing good classification are questioned.

TL;DR: The proofs of the results are rooted in graph theory-that this methodology allows role engineers for the elicitation of stable candidate roles, by contextually simplifying the role selection task.

TL;DR: This paper proposes two three-party identity-based authenticated key agreement protocols applying bilinear pairings and shows that the proposed protocols are secure (i.e. conform to defined security attributes) while being efficient.

TL;DR: This paper analyses some relevant inter-domain scenarios and derives the main requirements in terms of cross-certification from them, and describes the design and lab implementation of a pan-European scenario which is based on a research network composed by a set of organizations that may have their own PKIs running, and that are interested to link with others in Terms of certification services.

TL;DR: This work determines how an insider will interact in the future, and how an IDS will react to protect the system, by proposing the use of a detection mechanism and the application model and a detailed game-based detection algorithm.

TL;DR: This paper proposes an enhanced security support for next generation Java Micro Edition platform that performs a runtime monitoring of the operations performed by the Java applications, and enforces a security policy that defines which operations applications are allowed to perform.

TL;DR: An automated and self-adaptive systems for detecting and classifying botnets based on machine learning techniques and integration of human expertise and the potential of the proposed concept for Levels (i) and (ii).

TL;DR: A type system for the Spi Calculus and a translation function are formally defined, in order to formalize the refinement of a SpiCalculus specification into a Java implementation.

TL;DR: This paper examines the capability of the Lightweight Coordination Calculus (LCC), a process calculus based language, in meeting security challenges in pervasive settings, especially in the healthcare domain.

TL;DR: This paper proposes a fair, traceable, and efficient watermarking scheme with a novel architecture, and the rights of legitimate buyers can be protected and the buyer's anonymity can be well-protected until there is an infringement accusation.