Secondary use of personal information is of essential importance for the Internet of Things. The main application is resilience. Biometrics is an example for support of resilience in times of a natural disaster. The primary use of biometrics is to identify people; a secondary use is to improve healthcare services for affected people. This requires information sharing with third parties. The challenge faced for reliable support of the Internet of Things is safety. Special cases of security systems achieve safety for information flow, but they don’t scale for secondary use. Their users lose control on their identity. With the aim of improving usability of security, this research-in-progress proposes a multilateral information flow control. This is privacy as understood with informational self-determination. The key is usage control with secure delegation of rights and a secondary use of personal security-related information as Open Data.
The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
VIRTUAL MACHINES DETECTION METHODS USING IP TIMESTAMPS PATTERN CHARACTERISTICijcsit
Virtual machines (VMs) are underlying technologies of IT solutions such as cloud computing. VMs provide
ease of use through their on-demand characteristics and provide huge benefits in terms of lowering costs and
improving scalability. VMs are also being used as malware detection systems, and with the rapidly expanding
usage of mobile devices, besides of their usage as honeypots, VMs are coming to be used as emulators for
detecting malware in apps. This is due to the limited resources, such as processing power, available in mobile
devices. Currently, the security of applications for mobile devices is checked by running them in VM
environments before they are released to the end user. We argue that such a process may cause or overlook
serious security threats to the end user. In particular, if a piece of malware can detect its current running
environment, it may change its behavior such that it doesn’t perform malicious operations in environments it
suspects to be emulators. In this way, when the malware detects that its running environment is on a VM, it
may be able to hide from the security system on the VM. This is a potential security hazard for end users,
especially users of mobile devices. In this paper, we present a VM detection method that we argue could be
used for remotely detecting VM environments. The detection method works by analyzing the pattern of IP
timestamps in replies sent from the target environment. The method does not require any installation of
software on the target machine which further increase its potential harm if it were to be used by malware to
detect VM environments. In this paper, we also present a technique to disguise a real PC machine such that it
shows the similar IP timestamp patterns as the VM. By using this technique, malware may not be able to
differentiate between a real machine and a VM, thus providing protection to PC end users.
NETWORK INTRUSION DATASETS USED IN NETWORK SECURITY EDUCATIONIJITE
There is a gap between the network security graduate and the professional life. In this paper we discussed the different types of network intrusion dataset and then we highlighted the fact that any student can easily create a network intrusion dataset that is representative of the network they are in. Intrusions can be in form of anomaly or network signature; the students cannot grasp all types but they have to have the ability to detect malicious packets within his network.
The document describes a proposed predictive algorithm for critical event detection and management in wireless sensor networks. The algorithm aims to (1) detect critical events using sensor data, (2) calculate the direction and speed of event growth, (3) predict the next affected area, and (4) alert prevention systems in that area. It clusters sensors for efficient energy use and uses a Hidden Markov Model to estimate event probabilities and predict the spread. The goal is to automatically activate prevention systems to reduce losses from natural disasters detected by the sensor network.
Today internet security is a serious problem. For every consumer and business that is on the Internet,
viruses, worms and crackers are a few security threats. There are the obvious tools that aid information security
professionals against these problems such as anti-virus software, firewalls and intrusion detection systems, but
these systems can only react to or prevent attacks-they cannot give us information about the attacker, the tools
used or even the methods employed. Given all of these security questions honeypots are a novel approach to
network security and security research alike. It is a resource, which is intended to be attacked and compromised to
gain more information about the attacker and the used tools. It can also be deployed to attract and divert an
attacker from their real targets. Honeypots is an additional layer of security. Honeypots have the big advantage that
they do not generate false alerts as each observed traffic is suspicious, because no productive components are
running on the system. The levels of interaction determines the amount of functionality a honeypots provides that
is low and high interactions.
This document provides background information on an expert in computational data and offline real world events. It includes the expert's personal information, education history, work experience, research interests, certifications, and an outline of the topics to be covered. The expert's name is Chun-Ming Lai and they are an Assistant Professor in the Department of Information Engineering at Tunghai University.
This document presents a method for detecting spyware using data mining and decision tree algorithms. Binary features are extracted from executable files using n-grams and feature reduction is applied. The reduced features are used to generate ARFF files for training a decision tree classifier. The decision tree is able to classify unknown files as spyware or benign based on their n-gram patterns. The proposed method aims to detect both known and new, unseen spyware files unlike signature-based detection methods. A prototype application is developed with a graphical user interface to scan for and detect spyware files on a system.
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
Ioan Constantin in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
VIRTUAL MACHINES DETECTION METHODS USING IP TIMESTAMPS PATTERN CHARACTERISTICijcsit
Virtual machines (VMs) are underlying technologies of IT solutions such as cloud computing. VMs provide
ease of use through their on-demand characteristics and provide huge benefits in terms of lowering costs and
improving scalability. VMs are also being used as malware detection systems, and with the rapidly expanding
usage of mobile devices, besides of their usage as honeypots, VMs are coming to be used as emulators for
detecting malware in apps. This is due to the limited resources, such as processing power, available in mobile
devices. Currently, the security of applications for mobile devices is checked by running them in VM
environments before they are released to the end user. We argue that such a process may cause or overlook
serious security threats to the end user. In particular, if a piece of malware can detect its current running
environment, it may change its behavior such that it doesn’t perform malicious operations in environments it
suspects to be emulators. In this way, when the malware detects that its running environment is on a VM, it
may be able to hide from the security system on the VM. This is a potential security hazard for end users,
especially users of mobile devices. In this paper, we present a VM detection method that we argue could be
used for remotely detecting VM environments. The detection method works by analyzing the pattern of IP
timestamps in replies sent from the target environment. The method does not require any installation of
software on the target machine which further increase its potential harm if it were to be used by malware to
detect VM environments. In this paper, we also present a technique to disguise a real PC machine such that it
shows the similar IP timestamp patterns as the VM. By using this technique, malware may not be able to
differentiate between a real machine and a VM, thus providing protection to PC end users.
NETWORK INTRUSION DATASETS USED IN NETWORK SECURITY EDUCATIONIJITE
There is a gap between the network security graduate and the professional life. In this paper we discussed the different types of network intrusion dataset and then we highlighted the fact that any student can easily create a network intrusion dataset that is representative of the network they are in. Intrusions can be in form of anomaly or network signature; the students cannot grasp all types but they have to have the ability to detect malicious packets within his network.
The document describes a proposed predictive algorithm for critical event detection and management in wireless sensor networks. The algorithm aims to (1) detect critical events using sensor data, (2) calculate the direction and speed of event growth, (3) predict the next affected area, and (4) alert prevention systems in that area. It clusters sensors for efficient energy use and uses a Hidden Markov Model to estimate event probabilities and predict the spread. The goal is to automatically activate prevention systems to reduce losses from natural disasters detected by the sensor network.
Today internet security is a serious problem. For every consumer and business that is on the Internet,
viruses, worms and crackers are a few security threats. There are the obvious tools that aid information security
professionals against these problems such as anti-virus software, firewalls and intrusion detection systems, but
these systems can only react to or prevent attacks-they cannot give us information about the attacker, the tools
used or even the methods employed. Given all of these security questions honeypots are a novel approach to
network security and security research alike. It is a resource, which is intended to be attacked and compromised to
gain more information about the attacker and the used tools. It can also be deployed to attract and divert an
attacker from their real targets. Honeypots is an additional layer of security. Honeypots have the big advantage that
they do not generate false alerts as each observed traffic is suspicious, because no productive components are
running on the system. The levels of interaction determines the amount of functionality a honeypots provides that
is low and high interactions.
This document provides background information on an expert in computational data and offline real world events. It includes the expert's personal information, education history, work experience, research interests, certifications, and an outline of the topics to be covered. The expert's name is Chun-Ming Lai and they are an Assistant Professor in the Department of Information Engineering at Tunghai University.
This document presents a method for detecting spyware using data mining and decision tree algorithms. Binary features are extracted from executable files using n-grams and feature reduction is applied. The reduced features are used to generate ARFF files for training a decision tree classifier. The decision tree is able to classify unknown files as spyware or benign based on their n-gram patterns. The proposed method aims to detect both known and new, unseen spyware files unlike signature-based detection methods. A prototype application is developed with a graphical user interface to scan for and detect spyware files on a system.
Needles, Haystacks and Algorithms: Using Machine Learning to detect complex t...DefCamp
Ioan Constantin in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The videos and other presentations can be found on https://def.camp/archive
Techniques to Secure Wireless Sensor Networks in Terms of Delay, Process Time...AM Publications
The wireless sensor network system so created and the outcomes so ascertained depend on two standard encryption procedures. In another setting these systems are utilized for security however the exploration paper is assessed on the premise of three distinct parameters in particular delay energy and process time. The most basic piece of this paper is figuring of obligation cycle, which helps in presenting the energy and time delay in both encryption strategies. After broad research and study and computations so done, it has been found that if SAMA strategy is utilized then after effect of delay, energy, and process time all turns out to be better.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the warriors of the internet. They attack and do harmful things to compromised system. This paper will show the methodology use by hackers to gained access to system and the different tools used by them and how they are group based on their skills. It will identify exploits that can be used to attack a system and find mitigation to those exploits. In addition, the paper discusses the actual implementation of the hacking phases with the virtual machines use in the process. The virtual machines specification is also listed. it will also provide means and insights on how to protect one system from being compromised.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the
warriors of the internet. They attack and do harmful things to compromised system. This paper will show
the methodology use by hackers to gained access to system and the different tools used by them and how
they are group based on their skills. It will identify exploits that can be used to attack a system and find
mitigation to those exploits.
2011 modeling and detection of camouflaging wormdeepikareddy123
This document summarizes a research article about detecting a new type of active worm called a Camouflaging Worm (C-Worm). The C-Worm aims to avoid detection by manipulating its scan traffic volume over time to camouflage its propagation. The researchers analyze characteristics of the C-Worm traffic in both time and frequency domains. They observe that while C-Worm traffic shows no noticeable trends over time, it demonstrates a distinct pattern in the frequency domain with a narrow concentration of frequencies. Based on this, they develop a novel spectrum-based detection scheme using power spectral density distribution and spectral flatness measure to distinguish C-Worm traffic from background traffic. Evaluation shows their scheme can effectively detect C
An Investigation into the Effectiveness of Machine Learning Techniques for In...Oyeniyi Samuel
The document investigates the effectiveness of machine learning techniques for intrusion detection. It evaluates six machine learning algorithms (Naive Bayes, Multi-Layer Perceptron Neural Networks, Support Vector Machine, Random Forests, Logistic Model Tree Induction, and Decision Tree) on the NSL-KDDTrain+ dataset. The experimental results show that the Logistic Model Tree Induction method performs best with a classification accuracy of 99.40%, F-measure of 0.991, and lowest false positive rate of 0.32%.
IRJET- FASSBTR : Fingerprint Authentication System Security using Barcode...IRJET Journal
This document summarizes a research paper that proposes improvements to fingerprint authentication security. It introduces a user credentials login layer to authenticate users before fingerprint authentication. It also enhances fingerprint templates through histogram equalization and revamping techniques to reconstruct partial fingerprints. This aims to increase accuracy for partial fingerprint recognition systems commonly used in devices. The paper analyzes prior work on template selection, indirect attacks and countermeasures. It then describes the proposed multi-layer authentication system and evaluates its performance using standard fingerprint databases, showing improved efficiency and accuracy over systems without the added security layers.
Self Evolving Antivirus Based on Neuro-Fuzzy Inference SystemIJRES Journal
With today’s world filled with information and data, it is very important for one to know which information or data is harmless and which is harmful. Right from cellular phones to big MNCs and Server companies require a security system that is as competent and adaptive as its ever-updating and evolving viruses or malware. The paper talks about the development and implementation of a new idea Adaptive anti-virus based on Anfis logic. An adaptive anti-virus system that will catch up to the speed at which the viruses update and evolve.
Artificial Neural Content Techniques for Enhanced Intrusion Detection and Pre...AM Publications
This paper presents a novel approach for detecting network intrusions based on a competitive training neural
network. In the paper, the performance of this approach is compared to that of the self-organizing map (SOM), which is a
popular unsupervised training algorithm used in intrusion detection. While obtaining a similarly accurate detection rate as
the SOM does, the proposed approach uses only one forth of the computation times of the SOM. Furthermore, the
clustering result of this method is independent of the number of the initial neurons. This approach also exhibits the ability
to detect the known and unknown network attacks. The experimental results obtained by applying this approach to the
KDD-99 data set demonstrate that the proposed approach performs exceptionally in terms of both accuracy and
computation time.
IRJET- Implementation of Artificial Intelligence Methods to Curb Cyber Assaul...IRJET Journal
This document discusses how artificial intelligence methods can help curb cyber assaults. It reviews various AI techniques including expert systems, artificial neural networks, and intelligent agents that have been implemented or could potentially be implemented for cyber security purposes. For example, expert systems have been used to analyze risk levels on e-commerce sites and identify system vulnerabilities. Artificial neural networks have been applied for intrusion detection and classification of attacks. Intelligent agents are well-suited for combating cyber crimes due to their mobility, flexibility, and cooperative nature. The document concludes that while AI is already being used in various ways for cyber security, hackers may also start using AI techniques, presenting new challenges going forward.
IRJET - Survey on Malware Detection using Deep Learning MethodsIRJET Journal
This document discusses various machine learning methods for malware detection, including support vector machines (SVM), random forests, and decision trees. It provides an overview of each method and related works that have applied these techniques. Specifically, it examines analyses that used linear SVM, random forests on Android apps, and an improved decision tree algorithm to classify malware families. The document concludes that machine learning methods have become important for malware detection as signatures alone cannot keep up with new malware variants.
International Journal of Computer Science and Security Volume (2) Issue (1)CSCJournals
This document discusses intrusion detection in mobile ad hoc networks (MANETs). It begins with background on intrusion detection systems (IDS) in general and why they are important for MANETs given their vulnerabilities. It then discusses three key aspects of IDS for MANETs: common attacks on MANETs, architectures for IDS in MANETs, and achievements in research on IDS for MANETs. Specifically, it reviews research on IDS architectures, detection techniques, resistance to attack types, and applicability to different routing protocols. The document provides an overview of issues and approaches regarding securing MANETs through intrusion detection.
Cyber security is a Major concern in the world. As a result of frequent and consistent daily cyber attack, this journal was written to enlighten viewers and readers on zero day attack prediction
Int. Workshop on Information Systems for Social Innovation (ISSI) 2013 Session: Systems Resilience
National Institute of Informatics, Tokyo, Japan
February 4, 2014
http://tric.rois.ac.jp/human/ISSI2013/
Resilience is introduced as the new security goal supported with security/safety-related information by data-centric services for predictive risk management in real-time. Secondary use of personal information is of essential importance. The problem is that data-centric services threaten resilience. Although privacy as a state of equilibrium and its enforcement with usable security by identity management aims actually at decreasing users’ own risk, its use by data-centric services for unilateral information flow control threatens privacy and resilience. Users lose control on their identity while at the same time competitiveness of in particular small and medium service providers is endangered due to reliable statements on authentication of derived information. Self-protection, however, depends on opposite security interests. This talk claims that Multilateral Security improves privacy and resilience by a multilateral secondary use of personal security-related information for distributed usage control. This kind of privacy is understood as informational self-determination whereas the key concept is non-linkable delegation of rights on secondary use of personal information.
presented at the workshop "Usable Security and Privacy" an event of "Mittelstand-Digital" of the Federal Ministry for Economic Affairs and Energy (BMWi) and HCI conference "Mensch und Computer 2015" in Stuttgart, Germany http://www.mittelstand-digital.de/DE/Service/suche,did=717526.html
PersoApp - Secure and User-Friendly Internet ApplicationsSven Wohlgemuth
The document discusses secure and user-friendly internet applications. It describes how identity theft and data breaches currently occur through malicious authentication and a lack of privacy controls. The document proposes extending identity infrastructure to enable mobility, identity control, privacy control, and privacy forensics in order to provide transparency and detect any misuse of personal data or identities.
Resilience as a new Enforcement Model for IT Security based on Usage ControlSven Wohlgemuth
Security and privacy are not only general requirements of a society but also indispensable enablers for innovative IT infrastructure applications aiming at increased, sustainable welfare and safety of a society. A critical activity of these IT applications is spontaneous information exchange. This information exchange, however, creates inevitable, unknown dependencies between the participating IT systems, which, in turn threaten security and privacy. With the current approach to IT security, security and privacy follow changes and incidents rather than anticipating them. By sticking to a given threat model, the current approach fails to consider vulnerabilities which arise during a spontaneous information exchange. With the goal of improving security and privacy, this work proposes adapting an IT security model and its enforcement to current and most probable incidents before they result in an unacceptable risk for the participating parties or failure of IT applications. Usage control is the suitable security policy model, since it allows changes during run-time without conceptually raising additional incidents.
Privacy-Enhancing Trust Infrastructure for Process MiningSven Wohlgemuth
Presented at SCIS 2017 Symposium on Cryptography and Information Security, Okinawa, Japan
Threats to a society and its social infrastructure are inevitable and endanger human life and welfare. Resilience is a core concept to cope with such threats in strengthening risk management in spite of incidents of any kind. This paper discusses the secondary use of personal information as a key element in such conditions and the relevant process mining. It realizes a completeness in an acceptable manner to mitigate a usability problem by secondary use of personal information. Even though, acceptable soundness is still realized in our scheme for a fundamental privacy-enhancing trust infrastructure. Our work approaches the Ground Truth for a personal predictive IT risk management by process mining with the block chain technology and privacy-enhancing mechanisms.
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacySven Wohlgemuth
Honored as one of the best papers of IFIP SEC 2010 Security & Privacy - Silver Linings in the Cloud
Privacy in cloud computing is at the moment simply a promise to be kept by the software service providers. Users are neither able to control the disclosure of personal data to third parties nor to check if the software service providers have followed the agreed-upon privacy policy. Therefore, disclosure of the users‘ data to the software service providers of the cloud raises privacy risks. In this article, we show a privacy risk by the example of using electronic health records abroad. As a countermeasure by an ex post enforcement of privacy policies, we propose to observe disclosures of personal data to third parties by using data provenance history and digital watermarking.
The document discusses the Wireless World Research Forum's (WWRF) Working Group 7 on privacy, security, and trust. The working group aims to address major challenges around integrating privacy, security and trust into applications, platforms, mobile devices, and infrastructure for future wireless technologies. It advocates a multilateral security approach and designing privacy, security and trust into systems from the beginning. Key research questions are around specifying, negotiating, enforcing and monitoring privacy and security contexts between partners in ambient environments.
Techniques to Secure Wireless Sensor Networks in Terms of Delay, Process Time...AM Publications
The wireless sensor network system so created and the outcomes so ascertained depend on two standard encryption procedures. In another setting these systems are utilized for security however the exploration paper is assessed on the premise of three distinct parameters in particular delay energy and process time. The most basic piece of this paper is figuring of obligation cycle, which helps in presenting the energy and time delay in both encryption strategies. After broad research and study and computations so done, it has been found that if SAMA strategy is utilized then after effect of delay, energy, and process time all turns out to be better.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the warriors of the internet. They attack and do harmful things to compromised system. This paper will show the methodology use by hackers to gained access to system and the different tools used by them and how they are group based on their skills. It will identify exploits that can be used to attack a system and find mitigation to those exploits. In addition, the paper discusses the actual implementation of the hacking phases with the virtual machines use in the process. The virtual machines specification is also listed. it will also provide means and insights on how to protect one system from being compromised.
In the cyber world more and more cyber-attacks are being perpetrated. Hackers have now become the
warriors of the internet. They attack and do harmful things to compromised system. This paper will show
the methodology use by hackers to gained access to system and the different tools used by them and how
they are group based on their skills. It will identify exploits that can be used to attack a system and find
mitigation to those exploits.
2011 modeling and detection of camouflaging wormdeepikareddy123
This document summarizes a research article about detecting a new type of active worm called a Camouflaging Worm (C-Worm). The C-Worm aims to avoid detection by manipulating its scan traffic volume over time to camouflage its propagation. The researchers analyze characteristics of the C-Worm traffic in both time and frequency domains. They observe that while C-Worm traffic shows no noticeable trends over time, it demonstrates a distinct pattern in the frequency domain with a narrow concentration of frequencies. Based on this, they develop a novel spectrum-based detection scheme using power spectral density distribution and spectral flatness measure to distinguish C-Worm traffic from background traffic. Evaluation shows their scheme can effectively detect C
An Investigation into the Effectiveness of Machine Learning Techniques for In...Oyeniyi Samuel
The document investigates the effectiveness of machine learning techniques for intrusion detection. It evaluates six machine learning algorithms (Naive Bayes, Multi-Layer Perceptron Neural Networks, Support Vector Machine, Random Forests, Logistic Model Tree Induction, and Decision Tree) on the NSL-KDDTrain+ dataset. The experimental results show that the Logistic Model Tree Induction method performs best with a classification accuracy of 99.40%, F-measure of 0.991, and lowest false positive rate of 0.32%.
IRJET- FASSBTR : Fingerprint Authentication System Security using Barcode...IRJET Journal
This document summarizes a research paper that proposes improvements to fingerprint authentication security. It introduces a user credentials login layer to authenticate users before fingerprint authentication. It also enhances fingerprint templates through histogram equalization and revamping techniques to reconstruct partial fingerprints. This aims to increase accuracy for partial fingerprint recognition systems commonly used in devices. The paper analyzes prior work on template selection, indirect attacks and countermeasures. It then describes the proposed multi-layer authentication system and evaluates its performance using standard fingerprint databases, showing improved efficiency and accuracy over systems without the added security layers.
Self Evolving Antivirus Based on Neuro-Fuzzy Inference SystemIJRES Journal
With today’s world filled with information and data, it is very important for one to know which information or data is harmless and which is harmful. Right from cellular phones to big MNCs and Server companies require a security system that is as competent and adaptive as its ever-updating and evolving viruses or malware. The paper talks about the development and implementation of a new idea Adaptive anti-virus based on Anfis logic. An adaptive anti-virus system that will catch up to the speed at which the viruses update and evolve.
Artificial Neural Content Techniques for Enhanced Intrusion Detection and Pre...AM Publications
This paper presents a novel approach for detecting network intrusions based on a competitive training neural
network. In the paper, the performance of this approach is compared to that of the self-organizing map (SOM), which is a
popular unsupervised training algorithm used in intrusion detection. While obtaining a similarly accurate detection rate as
the SOM does, the proposed approach uses only one forth of the computation times of the SOM. Furthermore, the
clustering result of this method is independent of the number of the initial neurons. This approach also exhibits the ability
to detect the known and unknown network attacks. The experimental results obtained by applying this approach to the
KDD-99 data set demonstrate that the proposed approach performs exceptionally in terms of both accuracy and
computation time.
IRJET- Implementation of Artificial Intelligence Methods to Curb Cyber Assaul...IRJET Journal
This document discusses how artificial intelligence methods can help curb cyber assaults. It reviews various AI techniques including expert systems, artificial neural networks, and intelligent agents that have been implemented or could potentially be implemented for cyber security purposes. For example, expert systems have been used to analyze risk levels on e-commerce sites and identify system vulnerabilities. Artificial neural networks have been applied for intrusion detection and classification of attacks. Intelligent agents are well-suited for combating cyber crimes due to their mobility, flexibility, and cooperative nature. The document concludes that while AI is already being used in various ways for cyber security, hackers may also start using AI techniques, presenting new challenges going forward.
IRJET - Survey on Malware Detection using Deep Learning MethodsIRJET Journal
This document discusses various machine learning methods for malware detection, including support vector machines (SVM), random forests, and decision trees. It provides an overview of each method and related works that have applied these techniques. Specifically, it examines analyses that used linear SVM, random forests on Android apps, and an improved decision tree algorithm to classify malware families. The document concludes that machine learning methods have become important for malware detection as signatures alone cannot keep up with new malware variants.
International Journal of Computer Science and Security Volume (2) Issue (1)CSCJournals
This document discusses intrusion detection in mobile ad hoc networks (MANETs). It begins with background on intrusion detection systems (IDS) in general and why they are important for MANETs given their vulnerabilities. It then discusses three key aspects of IDS for MANETs: common attacks on MANETs, architectures for IDS in MANETs, and achievements in research on IDS for MANETs. Specifically, it reviews research on IDS architectures, detection techniques, resistance to attack types, and applicability to different routing protocols. The document provides an overview of issues and approaches regarding securing MANETs through intrusion detection.
Cyber security is a Major concern in the world. As a result of frequent and consistent daily cyber attack, this journal was written to enlighten viewers and readers on zero day attack prediction
Int. Workshop on Information Systems for Social Innovation (ISSI) 2013 Session: Systems Resilience
National Institute of Informatics, Tokyo, Japan
February 4, 2014
http://tric.rois.ac.jp/human/ISSI2013/
Resilience is introduced as the new security goal supported with security/safety-related information by data-centric services for predictive risk management in real-time. Secondary use of personal information is of essential importance. The problem is that data-centric services threaten resilience. Although privacy as a state of equilibrium and its enforcement with usable security by identity management aims actually at decreasing users’ own risk, its use by data-centric services for unilateral information flow control threatens privacy and resilience. Users lose control on their identity while at the same time competitiveness of in particular small and medium service providers is endangered due to reliable statements on authentication of derived information. Self-protection, however, depends on opposite security interests. This talk claims that Multilateral Security improves privacy and resilience by a multilateral secondary use of personal security-related information for distributed usage control. This kind of privacy is understood as informational self-determination whereas the key concept is non-linkable delegation of rights on secondary use of personal information.
presented at the workshop "Usable Security and Privacy" an event of "Mittelstand-Digital" of the Federal Ministry for Economic Affairs and Energy (BMWi) and HCI conference "Mensch und Computer 2015" in Stuttgart, Germany http://www.mittelstand-digital.de/DE/Service/suche,did=717526.html
PersoApp - Secure and User-Friendly Internet ApplicationsSven Wohlgemuth
The document discusses secure and user-friendly internet applications. It describes how identity theft and data breaches currently occur through malicious authentication and a lack of privacy controls. The document proposes extending identity infrastructure to enable mobility, identity control, privacy control, and privacy forensics in order to provide transparency and detect any misuse of personal data or identities.
Resilience as a new Enforcement Model for IT Security based on Usage ControlSven Wohlgemuth
Security and privacy are not only general requirements of a society but also indispensable enablers for innovative IT infrastructure applications aiming at increased, sustainable welfare and safety of a society. A critical activity of these IT applications is spontaneous information exchange. This information exchange, however, creates inevitable, unknown dependencies between the participating IT systems, which, in turn threaten security and privacy. With the current approach to IT security, security and privacy follow changes and incidents rather than anticipating them. By sticking to a given threat model, the current approach fails to consider vulnerabilities which arise during a spontaneous information exchange. With the goal of improving security and privacy, this work proposes adapting an IT security model and its enforcement to current and most probable incidents before they result in an unacceptable risk for the participating parties or failure of IT applications. Usage control is the suitable security policy model, since it allows changes during run-time without conceptually raising additional incidents.
Privacy-Enhancing Trust Infrastructure for Process MiningSven Wohlgemuth
Presented at SCIS 2017 Symposium on Cryptography and Information Security, Okinawa, Japan
Threats to a society and its social infrastructure are inevitable and endanger human life and welfare. Resilience is a core concept to cope with such threats in strengthening risk management in spite of incidents of any kind. This paper discusses the secondary use of personal information as a key element in such conditions and the relevant process mining. It realizes a completeness in an acceptable manner to mitigate a usability problem by secondary use of personal information. Even though, acceptable soundness is still realized in our scheme for a fundamental privacy-enhancing trust infrastructure. Our work approaches the Ground Truth for a personal predictive IT risk management by process mining with the block chain technology and privacy-enhancing mechanisms.
Tagging Disclosure of Personal Data to Third Parties to Preserve PrivacySven Wohlgemuth
Honored as one of the best papers of IFIP SEC 2010 Security & Privacy - Silver Linings in the Cloud
Privacy in cloud computing is at the moment simply a promise to be kept by the software service providers. Users are neither able to control the disclosure of personal data to third parties nor to check if the software service providers have followed the agreed-upon privacy policy. Therefore, disclosure of the users‘ data to the software service providers of the cloud raises privacy risks. In this article, we show a privacy risk by the example of using electronic health records abroad. As a countermeasure by an ex post enforcement of privacy policies, we propose to observe disclosures of personal data to third parties by using data provenance history and digital watermarking.
The document discusses the Wireless World Research Forum's (WWRF) Working Group 7 on privacy, security, and trust. The working group aims to address major challenges around integrating privacy, security and trust into applications, platforms, mobile devices, and infrastructure for future wireless technologies. It advocates a multilateral security approach and designing privacy, security and trust into systems from the beginning. Key research questions are around specifying, negotiating, enforcing and monitoring privacy and security contexts between partners in ambient environments.
Identifying Malicious Data in Social MediaIRJET Journal
This document discusses two approaches for identifying malicious data in social media: Shannon entropy and power law distribution. The Shannon entropy approach calculates the entropy of features like source/destination IP addresses and port numbers to detect anomalous network traffic patterns. The power law distribution approach models malware propagation across networks and finds that malware distribution transitions from exponential to power law over time. Experimental results on social media datasets found the Shannon entropy approach could detect malware based on the number of applications installed, while power law distribution identified good and malicious files shared between users. Both techniques aim to improve detection of malicious content shared over social networks.
The document proposes a security model for wireless sensor networks using zero knowledge protocol. It addresses security threats like cloning attacks, man-in-the-middle attacks, and replay attacks. The model uses a unique fingerprint for each node based on its neighboring nodes to detect cloning. It also uses zero knowledge protocol for sensor nodes to verify authenticity without transmitting cryptographic information, preventing man-in-the-middle and replay attacks. The paper analyzes the performance and security of the proposed model.
Encountering social engineering activities with a novel honeypot mechanismIJECEIAES
Communication and conducting businesses have eventually transformed to be performed through information and communication technology (ICT). While computer network security challenges have become increasingly significant, the world is facing a new era of crimes that can be conducted easily, quickly, and, on top of all, anonymously. Because system penetration is primarily dependent on human psychology and awareness, 80% of network cyberattacks use some form of social engineering tactics to deceive the target, exposing systems at risk, regardless of the security system's robustness. This study highlights the significance of technological solutions in making users more safe and secure. Throughout this paper, a novel approach to detecting and preventing social engineering attacks will be proposed, combining multiple security systems, and utilizing the concept of Honeypots to provide an automated prevention mechanism employing artificial intelligence (AI). This study aims to merge AI and honeypot with intrusion prevention system (IPS) to detect social engineering attacks, threaten the attacker, and restrict his session to keep users away from these manipulation tactics.
Network Intrusion Datasets Used In Network Security EducationIJITE
This document discusses network intrusion datasets used in network security education. It summarizes various existing network intrusion datasets like DARPA 1998-1999, KDD Cup 99, Indian River State College dataset, and Kyoto 2006+ and highlights limitations of each. It then proposes a methodology to create a new educational network intrusion dataset by combining corpus linguistics methodology with network security models. The methodology includes collecting a balanced and representative dataset from real networks, analyzing and labeling the data, and using it to train classifiers for intrusion detection.
IRJET- A Novel Survey to Secure Medical Images in Cloud using Digital Wat...IRJET Journal
This document proposes a novel technique that combines encryption and digital watermarking to securely transmit medical images over public networks like the cloud. The algorithm divides images into regions of interest and non-interest, and embeds cryptographic watermarks and patient data in the non-interest regions before transmission. At the receiver end, the watermarks and data can be extracted to authenticate the image and verify that it has not been tampered with. The algorithm was tested on medical images and provided security, integrity and authenticity of transmitted medical information.
Peripheral Review and Analysis of Internet Network SecurityIJRES Journal
This paper is on the exploration of Internet Network security. With the advent of the internet, security became a major concern for computer users, organizations and the Military. The internet structure itself allow for many security threats to occur. Knowing the attack methods, the architecture of the internet when modified can reduce the possible attacks that can be sent across the network. The internet can be secured by the means of VPN, IPSec, Anti‐Malware Software and scanners, Secure Socket Layer, intrusion‐detection, security management, firewalls and cryptography mechanisms. The essence of this research is to forecast the future of internet network security.
Database Security Is Vital For Any And Every OrganizationApril Dillard
This document discusses database security and the importance of proper security measures for organizations that use databases. It provides examples of Target and Sony, who both suffered database breaches in recent years despite being warned about security flaws. The document argues that looking into these breaches could help design better databases, and that organizations should ensure employees are aware of good security practices. Simple measures like antivirus software, firewalls, and reviewing security across all databases can help create more secure systems.
CYBER ATTACKS ON INTRUSION DETECTION SYSTEMijistjournal
Soft Computing techniques are fast growing technology used for problem solving, Information security is of essence factor in the age of computer world. Protecting information, systems and resources from unauthorized use, duplication, modification ,adjustment or any kind of cause which damage the resources such that it cannot be repaired or no longer exist to the real user is one of the part of soft computing. Researcher proposed several mechanism to fight against cyber attacks. Several existing techniques available intrusion detection systems are responsible to face upcoming cyber attacks. Soft computing is one of the best presently using techniques which is applied in Intrusion Detection System to manage network traffic and use to detect cyber attacks with increased efficiency and accuracy.
Vulnerabilities of Fingerprint Authentication Systems and Their SecuritiesTanjarul Islam Mishu
The security of biometric fingerprint is a big
challenge now-a-days, as it has world-wide acceptance.
Compromised fingerprint templates may raise terrible threats
to its owner. Because of the vulnerabilities of fingerprint
authentication system, security issues about fingerprint have
been a matter of great concern. This study summarizes the
vulnerabilities of fingerprint authentication system and
highlights the type of securities available against those
challenges. It includes much classified knowledge about
security of fingerprint template. This work is an endeavor to
provide a compact knowledge to the research community
about the security issues regarding fingerprint authentication
system.
Robust encryption algorithm based sht in wireless sensor networksijdpsjournal
In bound applications, the locations
of events reportable by a device network have to be compelled to stay
anonymous. That is, unauthorized observers should be unable to notice the origin of such events by
analyzing the network traffic. I analyze 2 forms of downsides: Communication overhead a
nd machine load
problem. During this paper, I gift a brand new framework for modeling, analyzing, and evaluating
obscurity in device networks. The novelty of the proposed framework is twofold: initial, it introduc
es the
notion of “interval indistinguishabi
lity” and provides a quantitative live to model obscurity in wireless
device networks; second, it maps supply obscurity to the applied mathematics downside I showed that
the
present approaches for coming up with statistically anonymous systems introduce co
rrelation in real
intervals whereas faux area unit unrelated. I show however mapping supply obscurity to consecutive
hypothesis testing with nuisance Parameters ends up in changing the matter of exposing non
-
public supply
data into checking out associate d
egree applicable knowledge transformation that removes or minimize the
impact of the nuisance data victimization sturdy cryptography algorithmic rule. By doing therefore,
I
remodel the matter of analyzing real valued sample points to binary codes, that ope
ns the door for
committal to writing theory to be incorporated into the study of anonymous networks. In existing wor
k,
unable to notice unauthorized observer in network traffic. However our work in the main supported
enhances their supply obscurity against
correlation check. the most goal of supply location privacy is to
cover the existence of real events.
The document discusses trends and challenges related to critical infrastructure and cyber security. It summarizes GCSEC's involvement in several national and international initiatives in 2013 related to critical infrastructure protection. These initiatives include projects co-funded by the EU on topics like online fraud information sharing, smart grid security, and energy sector cyber threat information sharing. The document also discusses emerging threats to critical infrastructure from trends like greater internet usage and connectivity of devices. Critical infrastructure is defined as those facilities necessary for essential service delivery. The new trend in critical infrastructure protection is to have proper knowledge of perimeter and critical services, prioritize patch management, and conduct regular risk assessments.
This document provides a detailed syllabus for an Information Security course. It includes 5 units: Introduction, Security Investigation, Security Analysis, Logical Design, and Physical Design. The Introduction unit covers the history of information security and computer security. It defines key concepts like confidentiality, integrity, availability, and the CIA triangle. It also discusses security models and the components of an information system. The other units will cover topics like risk management, access control, security standards, cryptography, and physical security controls.
This document provides a detailed syllabus for an Information Security course. It covers 5 units:
1) Introduction - Provides a history of information security and an overview of key concepts like the CIA triangle of Confidentiality, Integrity and Availability.
2) Security Investigation - Covers the need for security, threats, attacks, and legal/ethical issues.
3) Security Analysis - Focuses on risk management, access controls, and information flow.
4) Logical Design - Addresses security policies, standards, security architecture design and planning continuity.
5) Physical Design - Covers security technologies, intrusion detection systems, cryptography, access controls, physical security and personnel security
DEFENSE MECHANISMS FOR COMPUTER-BASED INFORMATION SYSTEMS IJNSA Journal
Nowadays, corporations and a government agencies relay on computer-based information system to manage their information, this information may be classified, so it will be dangerous if it is disclosed by unauthorized persons. Therefore, there is urgent need for defense. In this research, defense has been categorized into four mechanisms technical defense, operation defense, management defense, and physical defense based on the logic of computer and network security. Also, each mechanism has been investigated and explained in the term of computer based information systems.
Examining a display-peeping prevention method that uses real-time UI part tra...journalBEEI
In recent years, the use of various information terminals such as smartphones and personal computers have become widespread, and situations where information terminals are used have become diverse. With increased opportunities to use information terminals outdoors and during travel, some users have been using peep-prevention filters, or software with an equivalent function, on their displays, in order to protect their privacy. However, such filters have problems with regards their effectiveness, ease of use, and the user being able recognize when they are vulnerable to peeping. Decrease in display visibility, unprotected angles, and the fact that it is difficult for users to notice when others are watching their screen, are some examples of such problems. Also, recently, many information terminals recently distributed have built-in cameras. In this paper, in order to solve the aforementioned problems, we propose to detect motion, video analyze , and transparentize part of the user interface (UI) in real time by using a laptop’s built-in camera. This method is enabled with low-load and can be applied to various terminals. Further, in order to verify the effectiveness of the method, we implemented a prototype, and carried out an evaluation experiment on experimental subjects. Results from the experiment confirmed that real-time UI transparentization is a very effective method for protecting privacy of information terminals.
This document provides an introduction to cryptography and network security. It defines cryptography as the study of secret writing and discusses its use in securing communications and verifying messages. The document outlines basic concepts in cryptography like plaintext, ciphertext, ciphers, keys, encryption, and decryption. It also discusses different types of security, like unconditional security based on information theory versus computational security based on limiting an attacker's resources. The overall document serves as a high-level overview of cryptography and security.
I apologize, upon further reflection I do not feel comfortable providing advice about sniffing network traffic or obtaining passwords without permission.
Future-proofing maritime ports against emerging cyber-physical threatsSteven SIM Kok Leong
First presented at Cybersecurity for Maritime Summit 2017 in Oct 2017. Subsequently presented at Temasek Polytechnic ISACA Day in Nov 2017. Audience comprises of cybersecurity professionals in the maritime sector and also cybersecurity students who are keen to learn more about cybersecurity considerations in a shipping port environment.
Similar to Privacy with Secondary Use of Personal Information (20)
A Secure Decision-Support Scheme for Self-Sovereign Identity ManagementSven Wohlgemuth
This document discusses self-sovereign identity management using zero-knowledge proofs and blockchain technology. It proposes a scheme where individuals own and control their personal data through a decentralized identity system. Intermediaries could verify relationships and attributes about an identity through zero-knowledge proofs without learning the underlying data. Blockchain consensus protocols and smart contracts would enforce accountability and transparency around data access and usage according to individuals' preferences. This framework aims to give individuals sovereignty over their digital identities and personal data.
This document proposes a blockchain-based system called SK4SC (Secure Kernel for Supply Chains) to address security and privacy issues in supply chain management. SK4SC uses anonymous attribute-based credentials, zero-knowledge proofs, and digital signatures to enable the verifiable and auditable sharing of information while preserving privacy. It aims to establish accountability and enforce compliance through the recording of data provenance and rights management on an open distributed ledger. This would help detect supply chain attacks and unauthorized data access in a transparent yet private manner.
Secure Sharing of Design Information with BlockchainsSven Wohlgemuth
To defend against evolving cyberattacks, defenders alone have limitations to prevent attacks from multiple and powerful attackers. We show a new way for defenders to collaborate closely and to make the necessary security by design. Blockchains are used, and accountability occurs in such a way for incentive so that participants will comply with the rules. Intellectual property rights of individual defenders are protected, and unnecessary leakage of trade secrets and personal information can be avoided. In the mutual interaction between humans and computer, information is shared in such a way that humans correctly benefit from AI-supported machines as intelligent amplifiers.
Talks @ 2018 IEICE Society Conference
個人情報の有効活用を可能にする (Enabling effective use of personal information)Sven Wohlgemuth
Talk @ 「The Future of Blockchain」 on May 13th, 2017
25th Academic Forum of WASEDA University, Tokyo, Japan
About this forum:
http://www.waseda.jp/sanken/forum/academic/img/25th_academic_forum.pdf
http://www.waseda.jp/sanken
Lecture on IT Security and Technical Data Protection
Part 4: Cryptography
Summer term 2016
(in German: 4 Kryptographie
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
Lecture on IT Security and Technical Data Protection
Part 3: Security Models
Summer term 2016
(in German: 3 Sicherheitsmodelle
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
This document summarizes a presentation on privacy in business processes through user-centric identity management. It discusses challenges with 1:n and 1:n:m relationships where personal data is disclosed to multiple services. Two approaches are described: single sign-on and anonymous credentials. Neither fully addresses issues like linkability, non-transferability of data, and misuse of credentials. The document then proposes an approach called DREISAM that uses anonymous credentials and proxy credentials to enable delegation of rights over personal data while preserving user privacy. It outlines the work of WP14 in studying privacy requirements for identity management and business processes.
WP14 Workshop "From Data Economy to Secure Logging as a Step towards Transpar...Sven Wohlgemuth
ALU-FR (Freiburg) contribution to FIDIS 2nd Research Event, Athens, Greece, 2007
The objective of WP14 is the identification and description of privacy requirements for identity management relating to the disclosure of identifying personal data and the use of credentials as access rights on services in business processes. Service providers process identifying data of their users for example for individualizing services and to get access to services as a proxy of their users. By the directives 95/46/EC and 2002/58/EC, the European Commission has defined privacy principles in order to regulate the processing of identifying personal data. Identity management empowers users as long as they disclose their identifying personal data and credentials to service providers. For information chains as found in multi-staged business processes, identity management leads to a big-brother phenomenon. Users have to trust service providers to process personal data of their users according to their privacy policy.
Based on privacy as informational self-determination, privacy threats are identified in business processes by the reference scenario “loyalty programme”. The reference scenario is used as an orientation for the partners in WP14. Undesired profiling is in particular investigated by case studies. The investigation of profiling makes a difference between collection of customers’ data by service providers of which customers are not aware and in externally stored customers’ profiles, while delegation access rights to some of these profiles is made possible The starting point of WP14 is the workshop “Privacy in Business Processes” (D14.1).
On Privacy in Medical Services with Electronic Health RecordsSven Wohlgemuth
SiHIS 2009, IMIA WG 4, Hiroshima, Japan
Centralized electronic health records (EHR) accumulate medical data of patients to improve their availability and completeness. This in turn increases the efficiency of business processes for medical services. As EHRs are not tied to a single medical institution they may be offered by enterprises with the capacity and knowledge to maintain this kind of databases. Legislation, e.g. the US American Health Insurance Portability and Accountability Act (HIPAA) and the German Act for the Modernization of the Health Insurance by Law (GMG), usually prohibit any disclosure to third parties without the patient’s explicit consent. Existing systems for EHRs like Microsoft HealthVault and Google Health comply with this by letting the patients decide on the usage and disclosure of their data. But they fail in providing three essential safeguards to privacy. Firstly, they do not offer mechanisms to guarantee the compliance of the EHR system especially regarding the enforcement of patients’ decisions. Secondly, patients cannot express or enforce obligations on further usage and disclosure of their data to third parties. Thirdly, they fail to guarantee confidentiality of the patients’ health data towards the EHR provider organization, which should not be able to access the data since this increases the risk of unauthorized disclosure. Those drawbacks stem from the fact that privacy-enhancing technologies focus on controlling external access to personal data but not on their usage. But even if health data is protected against those threats, EHR providers are able to create profiles about patients by examining the access requests to their data. We propose a privacy-protecting information system for controlled disclosure of personal data to third parties. Firstly, patients should be able to express, enforce, and observe obligations regarding disclosure of health data to third parties. Secondly, an organization providing EHRs should neither be able to gain access to these health data nor establish a profile about patients.
EN 6.3: 2 IT-Compliance und IT-SicherheitsmanagementSven Wohlgemuth
Lecture on IT Security and Technical Data Protection
Part 2: IT Compliance and IT Security Management
Summer term 2016
(in German: 2 IT-Compliance und IT-Sicherheitsmanagement
der Vorlesung IT-Sicherheit und Technischer Datenschutz
im Sommersemester 2016)
EN 6.3: 1 IT-Sicherheit und Technischer DatenschutzSven Wohlgemuth
Lecture on IT Security and Technical Data Protection
Part 1, summer term 2016
(in German: IT-Sicherheit und Technischer Datenschutz (Einführungsveranstaltung)
im Sommersemester 2016)
International Workshop on Information Systems for Social Innovation (ISSI) 2009Sven Wohlgemuth
We need to solve global problems, such as energy, food, education, and economic development in our advanced information and communication technology (ICT) society. These are complicated problems worldwide and only one country, one organization, or one researcher can t solve them all. In this workshop we will pursue issues concerning safety and security to cover difficult ICT society problems, such as compliance privacy, IT risk management, and information security, in cooperation with the MOU organizations NII has partnerships with. For this purpose, we will hold an international workshop on information systems for social innovation.
More @ http://www.nii.ac.jp/issi/en/
Durchsetzung von Privacy Policies in DienstenetzenSven Wohlgemuth
Die Diensteorientierung der zukünftigen Netznutzung erzeugt individualisierte Dienste, die die Privatsphäre und informationelle Selbstbestimmung und damit die Grundlage der gesetzlichen Regelungen aushebeln werden. So sind bei den Kundenkarten europaweit nur wenige Anbieter festzustellen, während aus Nutzersicht scheinbar zahllose, verschiedene Kundenkarten existieren. Trotz aller Vereinbarungen kann die informationelle Selbstbestimmung nicht automatisiert eingefordert werden. Dasselbe gilt in abgewandelter Form für die JobCard und die Gesundheitskarte. Das Projektziel ist die Erweiterung des aktuellen, einseitigen Vertrauensmodells, in dem Nutzer den Diensteanbietern bei einer Erhebung und Weitergabe persönlicher Daten zwingend vertrauen müssen. Es soll ein Identitätsmanagementsystem entwickelt werden, mit dem Nutzer nach der informationellen Selbstbestimmung Profilbildungen bei der Nutzung von Dienstleistungen mit einem Datendienst kontrollieren und Anbieter von Datendiensten das in sie gesetzte Vertrauen rechtfertigen können.
Privacy in Business Processes by User-Centric Identity ManagementSven Wohlgemuth
Privacy is not only a concern of customers. Service providers also fear privacy violations as a main hurdle for the acceptance of personalised services. Furthermore, the protection of privacy is an interest of service providers who take on customer relationship management activities of several service providers. They manage customers’ profiles, e.g. in loyalty programs and e-health scenarios with electronic patient records, and offer the service of aggregation. If it is possible to link profiles of a customer without the need of such service providers, latter would not benefit from their aggregation service. Case studies show privacy threats in business processes with personalised services.
The objective of this FIDIS work package 14 is to identify privacy threats in business processes with personalised services, to suggest process models for modelling privacy-aware business processes and to derive security requirements for user-centric identity management in order to preserve privacy.
The presented scenarios and use cases are recommended for non-technical audicence, whereas the analysis of user-centric identity management protocols and approaches for identity management extensions are recommended for technical audience.
Privacy in Business Processes by Identity ManagementSven Wohlgemuth
Enterprises and governmental agencies process personal data of their clients for, e.g., personalised services and to get access to services as a proxy for them. By the Directives 95/46/EC and 2002/58/EC, the EC has defined data protection and security principles in order to regulate the processing of personal data. User centric identity management empowers clients in controlling the disclosure of their personal data to organisations. For information chains as found in multi-staged processes identity management may lead to a big-brother phenomenon. Clients have to trust organisations that they process personal data according to their privacy and security policies, along the chain of participating parties.
This workshop aims at these challenges and discusses first approaches for privacy enhancing technologies (PET) and their use in current and future business and governmental process models. The workshop itself will be jointly organised by the IST FP6 projects FIDIS and PRIME.
Schlüsselverwaltung - Objektorientierter Entwurf und ImplementierungSven Wohlgemuth
(Abstract of diploma thesis) With the amazingly growing connectivity induced by the internet, the need also rises for an authentication mechanism being general enough to handle the resulting heterogenity and size. Here, cryptographic public-key technology plays a major role. Prominent approaches of practical use for building and verifying trust in networks applying cryptographic keys are PGP and S/MIME. Unfortunately these do have essential weaknesses such that they do not cover all relevant aspects, or at most they do in conjunction. Moreover, the available software solutions and the associated models do not support a cooperation and the user is left with choosing out of a non-optimal set of possibilities.
To cure this defect, we present an integrating design for the management of cryptographic keys which allows a user to manage keys with one software, independent of the actual model context. Besides these and other management tasks resulting from a key’s life cycle, the design emphasizes the integration of modules which support local authenticity decisions employing a policy and public-key infrastructure.
Preceding the design, an analysis of two techniques for determining authenticity of cryptographic keys will be given, being the base for deriving the use-case requirements a system for managing keys must satisfy. The design chapter describes the architecture of the system in terms of modules and their cooperation on processing the use cases. the description is supported by the modelling language UML.
Ein Viertel aller Ausgaben für Forschung und Entwicklung in der Wirtschaft und ein Fünftel aller Patentanmeldungen entfallen auf die Informatik. In Deutschland werden die Informations- und Kommunikationstechnologien im Jahr 2006 ca. 140 Milliarden Euro umsetzen. Die Informatik liegt damit mittlerweile vor dem Fahrzeugbau und Maschinenbau und trägt ein Drittel des erwarteten Wirtschaftswachstums. Arbeitsstellen finden sich für Informatiker vor allem in der Forschung und Entwicklung, in der Unternehmensberatung und in der Entwicklung von Systemen.
Solutions for Coping with Privacy and UsabilitySven Wohlgemuth
After Mainframe and Client-Server computing, Cloud computing is the next computing paradigm. The main difference is that individuals and enterprises make use of services out of the Cloud via a web browser, share computing power and data storage. The data disclosure from users to software service providers of the Cloud raises privacy risks. Users cannot enforce the agreed-upon privacy policy. In this article we propose a privacy system for an ex post enforcement of a privacy policy. Our proposal is to observe disclosures of personal data to third parties by data provenance using digital watermarking.
Location: NII Open House 2010, National Center of Sciences, Tokyo, Japan
Privatsphäre in Geschäftsprozessen mit einer Weitergabe von persönlichen Daten/Information an Dritte ist derzeit nicht möglich. Nutzer müssen personenbezogene Daten an Dritte, bspw. ihre Stellvertreter, weitergeben, wobei dies zur Bildung von mehreren „Big Brother“ führt. Deshalb sind derzeitige Identitätsmanagementsysteme für kritische Anwendungen nicht erfolgreich. Wir schlagen für eine dezentralisierte Vertrauensverwaltung (Decentralized Trust Management) ein allgemeines Protokoll für die zweckgebundene und damit autorisierte Weitergabe personenbezogener Daten in Form eines Ausweises (Credentials) vor, das die Kontrolle eines Nutzers über den Schutz seiner Privatsphäre zu seiner Beobachtbarkeit erweitert. Dieses Delegationsprotokoll erweitert heutige Identitätsmanagementsysteme.
HijackLoader Evolution: Interactive Process HollowingDonato Onofri
CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion techniques to enhance the complexity of the threat. HijackLoader, an increasingly popular tool among adversaries for deploying additional payloads and tooling, continues to evolve as its developers experiment and enhance its capabilities.
In their analysis of a recent HijackLoader sample, CrowdStrike researchers discovered new techniques designed to increase the defense evasion capabilities of the loader. The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe. This new approach, called "Interactive Process Hollowing", has the potential to make defense evasion stealthier.
Ready to Unlock the Power of Blockchain!Toptal Tech
Imagine a world where data flows freely, yet remains secure. A world where trust is built into the fabric of every transaction. This is the promise of blockchain, a revolutionary technology poised to reshape our digital landscape.
Toptal Tech is at the forefront of this innovation, connecting you with the brightest minds in blockchain development. Together, we can unlock the potential of this transformative technology, building a future of transparency, security, and endless possibilities.
Discover the benefits of outsourcing SEO to Indiadavidjhones387
"Discover the benefits of outsourcing SEO to India! From cost-effective services and expert professionals to round-the-clock work advantages, learn how your business can achieve digital success with Indian SEO solutions.
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
2. Helper
The Great East Japan Earthquake
03.08.16 Privacy with Secondary Use of Personal Information 2
Urushidani and Aoki 2011, JAISA 2015
Refugee
National academic ICT infrastructure (SINET) was available
Physical
Cyber
SINET 4: Cloud-type services for > 700 organizations
Telemedicine
Insufficient information in real-time for response and recovery
3. Agenda
I. Resilience and Safety
• Lessons learned
• Safety: A Zero-Knowledge Proof?
II. Towards Provable Safety
• Language-Based Information Flow Control
• Language for ICT Resilience
III. Proof System for ICT Resilience
• Zero-Knowledge Proof with Open Data
• Cryptographic Building Blocks
IV. Looking for Partners!
03.08.16 Privacy with Secondary Use of Personal Information 3
4. I. Resilience and Safety
03.08.16 Privacy with Secondary Use of Personal Information 4
Urushidani et al. 2015, JAISA 2015
Resilience by predictive IT risk management with personal data
HelperRefugee
Physical
Cyber
SINET 5: Cloud Computing with PKI and Marketplace
Telemedicine
Ground Truth 5
Courtesy of Tsukuba Univ.
Kostadinka Bizheva, et al.,
J. of Biomedical Optics,
July/ 2004 Vol.9 No.4
Petra Wilder-Smith, et al.
J. of Biomedical Optics Sep/ 2005 Vol.10 No.5
BrainEye
Tooth
Oral
Skin
Z.P.Chen, et al.,
Opt. Express, Aug/ 2007
Vol. 15 No. 16
Esophagus
Alexander Popp, et al.,
J. of Biomedical Optics, Jan/ 2004
Vol.11 No.1
Lung
Guillermo J. Tearney, et al.
J. of Biomedical Optics
Mar/ 2006 Vol.11 No.2
Cardiovascular
Pancreas
Pier Alberto, et al.
J Pancreas (Online)
2007 Vol.8 No.2 Cervix
Ilya V. Turchin, et al.,
J. of Biomedical Optics,
Nov/ 2005 Vol.10 No.6
Blood flow
Bradley A. Bower., J. of Biomedical Optics,
Jul/ 2007 Vol.12 No.4
Stomach
Yonghong He, et al.
J. of Biomedical Optics
Jan/ 2004 Vol.9 No.1
Trachea
Matthew Brenner, et al.,
J. of Biomedical Optics,
Sep/ 2007 Vol.12 No.5
Cochlea
Fangyi Chen, et al.,
J. of Biomedical Optics,
Mar/ 2007 Vol.12 No.2
Bladder
Ying T. Pan, et al.
J. of Biomedical Optics
Sep/ 2007 Vol.12 No.5
Colon
Alexandre R. Tumlinson, et al.,
J. of Biomedical Optics,
Nov/ 2006 Vol.11 No.6
Kidney
Yu Chen, et al.
J. of Biomedical Optics
Sep/ 2007 Vol.12 No.3
Bone
santec confidential SS-OCT System Inner Vision 16Application to Biometrics:
Non-invasive measurement of iris, retina, fingerprint, vascular image under skin.
OCT(Optical Coherence Tomography)
図:santec株式会社提供資料より
5. Requirements on Safety
03.08.16 Privacy with Secondary Use of Personal Information 5
Compliance
• End-to-end security
• Declassification
• Accountability and penalty
• Adequate risk management with authentic reporting
Personal Risk Management
• Transaction-specific safety
• Just-in-time scalable knowledge creation from data
• Optimizing user’s risk with data minimization
User-centric safety
(Completeness)
Integrity of computation
(Soundness)
User-centric safe
information flow
JAISA 2015
HIPAA, (J-)SOX, KonTraG, EU GDPD, Japan Personal Information Protection Law
10. Threat to Soundness
03.08.16 Privacy with Secondary Use of Personal Information 10
Loss of control on classification (of honest verifier)
• Knowledge creation from personal data by secondary use
• “Faulty” data increases error probability of machine learning
Biggio et al 2012; Huang et al 2011
Supervised machine learning
(e.g. SVM)
0 2 4 6 8
0
0.05
0.1
0.15
0.2
0.25
0.3
0.35
0.4
% of attack points in training data
classification error (7 vs 1)
validation error
testing error
0 2 4 6 8
0
0.05
0.1
0.15
0.2
0.25
0.3
0.35
0.4
% of attack points in training data
classification error (9 vs 8)
validation error
testing error
0.25
0.3
0.35
0.4
classification error (4 vs 0)
validation error
testing error
structure of the optimal solution.
Another direction for research is the simultaneous opti-
mization of multi-point attacks, which we successfully
approached with sequential single-point attacks. The
first question is how to optimally perturb a subset of
the training data; that is, instead of individually opti-
mizing each attack point, one could derive simultane-
ous steps for every attack point to better optimize their
overall e↵ect. The second question is how to choose
the best subset of points to use as a starting point
for the attack. Generally, the latter is a subset selec-
tion problem but heuristics may allow for improved ap-
proximations. Regardless, we demonstrate that even
non-optimal multi-point attack strategies significantly
degrade the SVM’s performance.
An important practical limitation of the proposed
method is the assumption that the attacker controls
the labels of the injected points. Such assumptions
may not hold when the labels are only assigned by
trusted sources such as humans. For instance, a spam
filter uses its users’ labeling of messages as its ground
truth. Thus, although an attacker can send arbitrary
messages, he cannot guarantee that they will have the
labels necessary for his attack. This imposes an ad-
ditional requirement that the attack data must satisfy
certain side constraints to fool the labeling oracle. Fur-
ther work is needed to understand these potential side
constraints and to incorporate them into attacks.
The final extension would be to incorporate the real-
world inverse feature-mapping problem; that is, the
problem of finding real-world attack data that can
Unsupervised machine learning
(e.g. PCA)
0.00.20.40.60.81.0
Single Poisoning Period: Evading PCA
Mean chaff volume
Evasionsuccess(FNR)
0% 10% 20% 30% 40% 50%
Uninformed
Locally−informed
Globally−informed
10
0
0.00.20.40.60.81.0
Bo
Evasionsuccess(averagetestFNR)
Figure 3: Effect of poisoning attacks on the PCA-based detector [36
relative chaff volume under Single-Training Period poisoning attacks
(dotted black line) locally-informed (dashed blue line) and globally-in
success of PCA under Boiling Frog poisoning attacks in terms of the
of locally-informed poisoning for four different poisoning schedules (
size of the poisoning by factors 1.01, 1.02, 1.05, and 1.15 respectively).
11. II. Towards Provable Safety
03.08.16 Privacy with Secondary Use of Personal Information 11
Status Quo: Language-based information flow control
Rigorous
Natural
Language
Policy
High-Level
Policy
Language
Intermediate-Level
Security Policy
Flow Graph
Low-Level
Enforcement
In Practice
Take-grant, type-safety,
lattice-based access control,
obligations
Identity, cryptography,
safe public directory, monitor,
proof-carrying code
Decentralized trust
management
HIPAA, (J-)SOX,
KonTraG, 95/46/EC, JP
PII Protection Law, …
Enforcement classes,
Ponder, ExPDT
Computational complexity,
PKI, virtualization, testing
ISO/IEC 270xx, BSI IT-
Baseline Protection, IETF
AAA, NIST SCAP
Social/knowledge graph,
sticky policies
secure delegation of rights
ZKP-carrying information
cf. Sandhu 1993, Myers and Liskov, 1997; Schneider, Morrisett and Harper, 2001; Sabelfeld and Myers, 2003
12. Access control doesn‘t scale for resilience
Error propagation
Joined by Ground Truth
Role change of secondary use
Ext.: Reliable ”Big Brother”
Int.: Error propagation
Role change of secondary use
(DP, DC, data, DS, time, …)
Data minimization
Special Cases for Safety
03.08.16 Privacy with Secondary Use of Personal Information 12
• Strict order
Natural
Language
Policy
High-Level
Policy
Language
Intermediate-Level
Security Policy
Flow Graph
Low-Level
Enforcement
• Symmetric access tree
• Safety if trees are separate • Availability of data
by declassification
Lattice-based Access Control
Sandhu 1993
Take-grant
Lipton and Snyder 1977
S1: u
S2: u S3: v
O: oS3: w
• Acyclic graph
• x <= 3 parameter
• No revocation
Type-safety
Sandhu 1992
S1: u
S2: u S3: v
O: oS3: w
13. Example: Chinese-Wall
03.08.16 Privacy with Secondary Use of Personal Information 13
Conflict
classes
Personal
datasets
Syshigh
Ground Truth
Registration
office
Medical
treatment
Required information
for enforcement
(central by Syshigh)
14. Example: Chinese-Wall
03.08.16 Privacy with Secondary Use of Personal Information 14
Conflict
classes
Personal
datasets
Syshigh
Ground Truth
Registration
office
Medical
treatment
Required information
for enforcement
(central by Syshigh)
15. Example: Chinese-Wall
03.08.16 Privacy with Secondary Use of Personal Information 15
Conflict
classes
Personal
datasets
Syshigh
Ground Truth
Registration
office
Medical
treatment
Bob David
Explicit/friendship
Implicitly assumed friendship
Required information
for enforcement
(central by Syshigh)
16. Example: Chinese-Wall
03.08.16 Privacy with Secondary Use of Personal Information 16
Conflict
classes
Personal
datasets
Syshigh
Ground Truth
Registration
office
Medical
treatment
Bob David
Explicit/friendship
Implicitly assumed friendship
Required information
for enforcement
(central by Syshigh)
18. III. Proof System for ICT Resilience
03.08.16 Privacy with Secondary Use of Personal Information 18
In practice: Inevitable vulnerability by dependencies
Safe information accountability ⇒ Zero-Knowledge Proof on origin of vulnerability
Natural
Language
Policy
High-Level
Policy
Language
Intermediate-Level
Security Policy
Flow Graph
Low-Level
Enforcement
d, d*d
Prover/
Verifier
Verifier
Verifier/
Prover
Prover
Scheduler
(Open Data)
19. III. Proof System for ICT Resilience
03.08.16 Privacy with Secondary Use of Personal Information 19
In practice: Inevitable vulnerability by dependencies
Safe information accountability ⇒ Zero-Knowledge Proof on origin of vulnerability
Natural
Language
Policy
High-Level
Policy
Language
Intermediate-Level
Security Policy
Flow Graph
Low-Level
Enforcement
d, d*d
Prover/
Verifier
Verifier
Verifier/
Prover
Prover
Scheduler
(Open Data)
sec d, d*
sec d, d*
sec d, d*
Knowledge
extractor
Knowledge
extractor
Knowledge extractor
Ground Truth with sec d, d*
Zero-Knowledge Proof (ZKP)
• Probabilistic proof system between 2 parties on graph isomorphism
• No additional knowledge for the verifier on original graph
• ICT Resilience: obligations + witnesses + compensation ⟼ Open Data
Prover Verifier
1. t random, a:=gt
2. a
3. c random out of {0,1}
4. c
5. r:=t + cm mod q
6. r
7. Check if gr = ahc
pkVerifier := (p, q, g, h) pkVerifier := (p, q, g, h)
ChallengeResponse
Goldwasser et al. 1989, Bellare and Goldreich 1993
20. III. Proof System for ICT Resilience
03.08.16 Privacy with Secondary Use of Personal Information 20
In practice: Inevitable vulnerability by dependencies
Safe information accountability ⇒ Zero-Knowledge Proof on origin of vulnerability
Natural
Language
Policy
High-Level
Policy
Language
Intermediate-Level
Security Policy
Flow Graph
Low-Level
Enforcement
d, d*d
Prover/
Verifier
Verifier
Verifier/
Prover
Prover
Scheduler
(Open Data)
sec d, d*
sec d, d*
sec d, d*
Knowledge
extractor
Knowledge
extractor
Knowledge extractor
Ground Truth with sec d, d*
21. Scheduler: Global AAA(A) Service
03.08.16 Privacy with Secondary Use of Personal Information 21
Open Internet Standard RFC 2904 AAA Authorization Framework
1: Authentication
2: Authorization
3: Accounting
+ Witness for Information Accountability
4: Accountability
Data consumer/
provider
Data consumer/
provider
Data consumer/
providerAAA(A)
service
Scheduler
sec d, d*
sec d, d*
sec d, d*
23. Witness: Authorization
03.08.16 Privacy with Secondary Use of Personal Information 23
• Completeness: Non-linkable delegation of rights
• Soundness: Cryptographic protocols (ISO/IEC JTC 1/SC 27 WG2)
Ground Truth: ISO/IEC 24761 ACBio – Biometrics with PKI
Data provider
Data consumer/
provider
Data consumer/
providerAAA(A)
service
Scheduler
d
Data consumer/
provider
Sonehara, Echizen, and Wohlgemuth 2011
24. Witness: Authorization
03.08.16 Privacy with Secondary Use of Personal Information 24
• Completeness: Non-linkable delegation of rights
• Soundness: Cryptographic protocols (ISO/IEC JTC 1/SC 27 WG2)
Ground Truth: ISO/IEC 24761 ACBio – Biometrics with PKI
Data provider
Data consumer/
provider
Data consumer/
providerAAA(A)
service
Scheduler
d
Data consumer/
provider
Issuer:
Public Key:
Attributes:
Ground Truth
ZKP on Xa23
r,w, own on d
Delegation,
Purpose,
…
Credential of
data subject
Sonehara, Echizen, and Wohlgemuth 2011
25. Sonehara, Echizen, and Wohlgemuth 2011
Witness: Authorization
03.08.16 Privacy with Secondary Use of Personal Information 25
• Completeness: Non-linkable delegation of rights
• Soundness: Cryptographic protocols (ISO/IEC JTC 1/SC 27 WG2)
Ground Truth: ISO/IEC 24761 ACBio – Biometrics with PKI
Data provider
Data consumer/
provider
Data consumer/
providerAAA(A)
service
Scheduler
d
Data consumer/
provider
Issuer:
Public Key:
Attributes:
Ground Truth
ZKP on Xa23
r,w, own on d
Delegation,
Purpose,
…
Credential of
data subject Issuer:
Public Key:
Attributes:
Miner
ZKP on Xa23
r on d
Delegation to
helper,
medical,
Time, Price …
Credential on d
Issuer:
Public Key:
Attributes:
Miner
ZKP on Xa23
r on d*
Delegation to
logistics,
transport,
Time, Price,…
Credential on d*
26. Witness: Accountability
03.08.16 Privacy with Secondary Use of Personal Information 26
• Completeness: User’s data provenance with asymmetric fingerprinting
• Soundness: Users’ cryptographic commitment on data processing
Ground Truth: ISO/IEC 24761 ACBio – Biometrics with PKI
Data provider
Data consumer/
provider
Data consumer/
providerAAA(A)
service
Scheduler
d
Data consumer/
provider
d
Refugee
Ground Truth
Wohlgemuth, Echizen, Sonehara, and Müller 2010
27. Witness: Accountability
03.08.16 Privacy with Secondary Use of Personal Information 27
• Completeness: User’s data provenance with asymmetric fingerprinting
• Soundness: Users’ cryptographic commitment on data processing
Ground Truth: ISO/IEC 24761 ACBio – Biometrics with PKI
d
Data provider
Data consumer/
provider
Data consumer/
providerAAA(A)
service
Scheduler
d
Data consumer/
provider
d
Refugee
Ground Truth
d
Refugee
Ground Truth
Helper
Wohlgemuth, Echizen, Sonehara, and Müller 2010
28. Witness: Accountability
03.08.16 Privacy with Secondary Use of Personal Information 28
• Completeness: User’s data provenance with asymmetric fingerprinting
• Soundness: Users’ cryptographic commitment on data processing
Ground Truth: ISO/IEC 24761 ACBio – Biometrics with PKI
d
d*
Data provider
Data consumer/
provider
Data consumer/
providerAAA(A)
service
Scheduler
d
Data consumer/
provider
d
Refugee
Ground Truth
d
Refugee
Ground Truth
Helper
d*
Refugee
Ground Truth
Logistics
Wohlgemuth, Echizen, Sonehara, and Müller 2010
29. Knowledge Extractor: Accounting
03.08.16 Privacy with Secondary Use of Personal Information 29
• Reduce error probability by different witnesses on users
d, d*d
Prover/
Verifier
Verifier
Verifier/
Prover
Prover
trust rights
cert data provenance
rec delegation of rights
conf benchmarking
comp profit sharing
• Probabilistic logical statement on safety from user‘s view (on a PKI)
AAA(A)
service
Scheduler
AutDC,DPd ?
AutDC,DPd, d* ?AutDP, DCd, d* ?
AutDP, DCd, d*, d** ?
adapted from Maurer 1996, Wohlgemuth 2015
30. Knowledge Extractor: Accounting
03.08.16 Privacy with Secondary Use of Personal Information 30
• Reduce error probability by different witnesses on users
d, d*d
Prover/
Verifier
Verifier
Verifier/
Prover
Prover
trust rights
cert data provenance
rec delegation of rights
conf benchmarking
comp profit sharing
• Probabilistic logical statement on safety from user‘s view (on a PKI)
ICT Resilience = Completeness + Soundness
ICT Resilience = Informational self-determination + Compliance
AAA(A)
service
Scheduler
AutDC,DPd ?
AutDC,DPd, d* ?AutDP, DCd, d* ?
AutDP, DCd, d*, d** ?