SEC 2008: Milano, Italy

Sushil Jajodia, Pierangela Samarati, Stelvio Cimato (Eds.): Proceedings of The IFIP TC-11 23rd International Information Security Conference, IFIP 20th World Computer Congress, IFIP SEC 2008, September 7-10, 2008, Milano, Italy. IFIP 278 Springer 2008, ISBN 978-0-387-09698-8 BibTeX

Privacy Protection

Karsten Nohl, David Evans:
Hiding in Groups: On the Expressiveness of Privacy Distributions. 1-15
Electronic Edition (link) BibTeX
Florian Kerschbaum:
Practical Privacy-Preserving Benchmarking. 17-31
Electronic Edition (link) BibTeX
Alessandro Piva, Claudio Orlandi, M. Caini, Tiziano Bianchi, Mauro Barni:
Enhancing Privacy in Remote Data Classification. 33-46
Electronic Edition (link) BibTeX

Web Applications Security and Malware

Yongdong Wu, Haixia Yao, Feng Bao:
Minimizing SSO Effort in Verifying SSL Anti-phishing Indicators. 47-61
Electronic Edition (link) BibTeX
Yngve Espelid, Lars-Helge Netland, André N. Klingsheim, Kjell Jørgen Hole:
Robbing Banks with Their Own Software-an Exploit Against Norwegian Online Banks. 63-77
Electronic Edition (link) BibTeX
Michele Colajanni, Daniele Gozzi, Mirco Marchetti:
Collaborative architecture for malware detection and analysis. 79-93
Electronic Edition (link) BibTeX

Sensor and Wireless Security

Joonsang Baek, Han Chiang Tan, Jianying Zhou, Jun Wen Wong:
Realizing Stateful Public Key Encryption in Wireless Sensor Network. 95-107
Electronic Edition (link) BibTeX
Maurizio Adriano Strangio:
Establishing secure links in low-rate wireless personal area networks. 109-123
Electronic Edition (link) BibTeX
Jianying Zhou, Tanmoy Kanti Das, Javier Lopez:
An Asynchronous Node Replication Attack in Wireless Sensor Networks. 125-139
Electronic Edition (link) BibTeX

Security Policies

Frédéric Dadeau, Marie-Laure Potet, Régis Tissot:
A B Formal Framework for Security Developments in the Domain of Smart Card Applications. 141-155
Electronic Edition (link) BibTeX
Thomas Scheffler, Stefan Geiß, Bettina Schnor:
An Implementation of a Privacy Enforcement Scheme based on the Java Security Framework using XACML Policies. 157-171
Electronic Edition (link) BibTeX
Nora Cuppens-Boulahia, Frédéric Cuppens, Diala Abi Haidar, Hervé Debar:
Negotiation of Prohibition: An Approach Based on Policy Rewriting. 173-187
Electronic Edition (link) BibTeX

Access Control in Distributed Systems

Wei Li, Lingyu Wang, Bo Zhu, Lei Zhang:
An Integrity Lock Architecture for Supporting Distributed Authorizations in Database Federations. 189-203
Electronic Edition (link) BibTeX
Jason Crampton, Hoon Wei Lim:
Role Signatures for Access Control in Open Distributed Systems. 205-220
Electronic Edition (link) BibTeX
Nicoletta Dessì, Maria Grazia Fugini, R. A. Balachandar:
Policies and Security Aspects For Distributed Scientific Laboratories. 221-235
Electronic Edition (link) BibTeX

Intrusion Detection

Inez Raguenet, Carlos Maziero:
A Fuzzy Model for the Composition of Intrusion Detectors. 237-251
Electronic Edition (link) BibTeX
Gina C. Tjhai, Maria Papadaki, Steven Furnell, Nathan L. Clarke:
Investigating the problem of IDS false alarms: An experimental study using Snort. 253-267
Electronic Edition (link) BibTeX
Kapil Kumar Gupta, Baikunth Nath, Kotagiri Ramamohanarao:
User Session Modeling for Effective Application Intrusion Detection. 269-284
Electronic Edition (link) BibTeX

Anomaly Detection

Carlo Bellettini, Julian L. Rrushi:
A Product Machine Model for Anomaly Detection of Interposition Attacks on Cyber-Physical Systems. 285-300
Electronic Edition (link) BibTeX
Frédéric Majorczyk, Eric Totel, Ludovic Mé, Ayda Saïdane:
Anomaly Detection with Diagnosis in Diversified Systems using Information Flow Graphs. 301-315
Electronic Edition (link) BibTeX
Jacques Saraydaryan, Luc Paffumi, Véronique Legrand, Stéphane Ubéda:
Behavioral Intrusion Detection Indicators. 317-331
Electronic Edition (link) BibTeX

Role Mining and Content Protection

Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello:
Leveraging Lattices to Improve Role Mining. 333-347
Electronic Edition (link) BibTeX
Aris Gkoulalas-Divanis, Vassilios S. Verykios:
A Parallelization Framework for Exact Knowledge Hiding in Transactional Databases. 349-363
Electronic Edition (link) BibTeX
Hongxia Jin, Jeffery Lotspiech, Nimrod Megiddo:
Efficient Coalition Detection in Traitor Tracing. 365-380
Electronic Edition (link) BibTeX

VOIP and Network Security

Stelios Dritsas, Yannis Soupionis, Marianthi Theoharidou, Yannis Mallios, Dimitris Gritzalis:
SPIT Identification Criteria Implementation: Effectiveness and Lessons Learned. 381-395
Electronic Edition (link) BibTeX
Dongwon Seo, Heejo Lee, Ejovi Nuwere:
Detecting More SIP Attacks on VoIP Services by Combining Rule Matching and State Transition Models. 397-411
Electronic Edition (link) BibTeX
Kien C. Nguyen, Tansu Alpcan, Tamer Basar:
A Decentralized Bayesian Attack Detection Algorithm for Network Security. 413-428
Electronic Edition (link) BibTeX

Network Devices Security and Cyber Warfare

J. Pan, J. I. den Hartog, Erik P. de Vink:
An Operation-Based Metric for CPA Resistance. 429-443
Electronic Edition (link) BibTeX
Patrick P. Tsang, Sean W. Smith:
YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems. 445-459
Electronic Edition (link) BibTeX
Samuel N. Hamilton, Wendy L. Hamilton:
Adversary Modeling and Simulation in Cyber Warfare. 461-475
Electronic Edition (link) BibTeX

Security Compliance

Thomas Neubauer, Andreas Ekelhart, Stefan Fenz:
Interactive Selection of ISO 27001 Controls under Multiple Objectives. 477-492
Electronic Edition (link) BibTeX
Dennis Longley, Mark Branagan, William J. Caelli, Lam-for Kwok:
Feasibility of Automated Information Security Compliance Auditing. 493-508
Electronic Edition (link) BibTeX
Muntaha Alawneh, Imad M. Abbadi:
Software Licence Protection and Management for Organisations. 509-523
Electronic Edition (link) BibTeX

Risk and Security Analysis

Maxwell G. Dondo:
A Vulnerability Prioritization System Using A Fuzzy Risk Analysis Approach. 525-540
Electronic Edition (link) BibTeX
Daniel Le Métayer, Claire Loiseaux:
ASTRA : A Security Analysis Method Based on Asset Tracking. 541-555
Electronic Edition (link) BibTeX
Qutaibah Althebyan, Brajendra Panda:
A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack. 557-571
Electronic Edition (link) BibTeX

Identity and Trust Management

Gail-Joon Ahn, Moonam Ko, Mohamed Shehab:
Portable User-Centric Identity Management. 573-587
Electronic Edition (link) BibTeX
Kristof Verslype, Bart De Decker:
Ubiquitous Privacy-Preserving Identity Managment. 589-603
Electronic Edition (link) BibTeX
Indrajit Ray, Sudip Chakraborty:
Facilitating Privacy Related Decisions in Different Privacy Contexts on the Internet by Evaluating Trust in Recipients of Private Data. 605-620
Electronic Edition (link) BibTeX

Virtualization and Digital Forensics

Brian Hay, Ronald Dodge, Kara L. Nance:
Using Virtualization to Create and Deploy Computer Security Lab Exercises. 621-635
Electronic Edition (link) BibTeX
Slim Rekhis, Jihène Krichène, Noureddine Boudriga:
DigForNet: Digital Forensic in Networking. 637-651
Electronic Edition (link) BibTeX
Roberto Battistoni, Alessandro Di Biagio, Roberto Di Pietro, Matteo Formica, Luigi V. Mancini:
A Live Digital Forensic system for Windows networks. 653-667
Electronic Edition (link) BibTeX

Short Papers

Jeheon Han, Jonghoon Kwon, Heejo Lee:
HoneyID : Unveiling Hidden Spywares by Generating Bogus Events. 669-673
Electronic Edition (link) BibTeX
Nouha Oualha, Melek Önen, Yves Roudier:
A Security Protocol for Self-Organizing Data Storage. 675-679
Electronic Edition (link) BibTeX
Cormac Herley, Dinei A. F. Florêncio:
Protecting Financial Institutions from Brute-Force Attacks. 681-685
Electronic Edition (link) BibTeX
Shaun Posthumus, Rossouw von Solms:
Agency Theory: Can it be Used to Strengthen IT Governance?. 687-691
Electronic Edition (link) BibTeX
Alexandros Tsakountakis, Georgios Kambourakis, Stefanos Gritzalis:
A new Accounting Mechanism for Modern and Future AAA Services. 693-697
Electronic Edition (link) BibTeX
Yasuhiro Fujihara, Yuko Murayama, Kentarou Yamaguchi:
A user survey on the sense of security, Anshin. 699-703
Electronic Edition (link) BibTeX
Po-Yuan Teng, Shih-I Huang, Adrian Perrig:
Multi-Layer Encryption for Multi-Level Access Control in Wireless Sensor Networks. 705-709
Electronic Edition (link) BibTeX
Giorgio Davanzo, Eric Medvet, Alberto Bartoli:
A Comparative Study of Anomaly Detection Techniques in Web Site Defacement Detection. 711-716
Electronic Edition (link) BibTeX
Manuel Sánchez, Óscar Cánovas Reverte, Gabriel López, Antonio F. Gómez-Skarmeta:
Managing the lifecycle of XACML delegation policies in federated environments. 717-721
Electronic Edition (link) BibTeX
George O. M. Yee, Larry Korba, Ronggong Song:
Assessing the Likelihood of Privacy Policy Compliance. 723-727
Electronic Edition (link) BibTeX
Salem Benferhat, Karim Tabia:
Classification features for detecting Server-side and Client-side Web attacks. 729-733
Electronic Edition (link) BibTeX