Kwok-Yan Lam Chi-Hung Chi Sihan Qing (Eds.) Information and 7 7 Communications 9 9 S C Security N L 18th International Conference, ICICS 2016 Singapore, Singapore, November 29 – December 2, 2016 Proceedings 123 Lecture Notes in Computer Science 9977 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, Lancaster, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Friedemann Mattern ETH Zurich, Zurich, Switzerland John C. Mitchell Stanford University, Stanford, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Dortmund, Germany Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max Planck Institute for Informatics, Saarbrücken, Germany More information about this series at http://www.springer.com/series/7410 Kwok-Yan Lam Chi-Hung Chi (cid:129) Sihan Qing (Eds.) Information and Communications Security 18th International Conference, ICICS 2016 – Singapore, Singapore, November 29 December 2, 2016 Proceedings 123 Editors Kwok-Yan Lam SihanQing NanyangTechnological University PekingUniversity Singapore Beijing Singapore China Chi-Hung Chi CSIRO Hobart, TAS Australia ISSN 0302-9743 ISSN 1611-3349 (electronic) Lecture Notesin Computer Science ISBN 978-3-319-50010-2 ISBN978-3-319-50011-9 (eBook) DOI 10.1007/978-3-319-50011-9 LibraryofCongressControlNumber:2016959174 LNCSSublibrary:SL4–SecurityandCryptology ©SpringerInternationalPublishingAG2016 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartofthe material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodologynow knownorhereafterdeveloped. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthorsandtheeditorsaresafetoassumethattheadviceandinformationinthisbookare believedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsortheeditors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissionsthatmayhavebeenmade. Printedonacid-freepaper ThisSpringerimprintispublishedbySpringerNature TheregisteredcompanyisSpringerInternationalPublishingAG Theregisteredcompanyaddressis:Gewerbestrasse11,6330Cham,Switzerland Preface This volume contains the proceedings of the 18th International Conference on Infor- mation and Communications Security (ICICS) that took place in Singapore, from November 29 to December 2, 2016. ICICS is a key annual event for researchers and practitioners in information, systems, communication, and cyberspace security. Since 1997, ICICS has brought together leading computer science researchers, IT decision makers, systems architects, solution designers, practitioners, and regulators to discuss securitychallenges,models,andsolutionsfromtheperspectivesofacademia,industry, andgovernment. ICICSfocusesnotonlyonthefrontiersciencechallenges insecurity and privacy research,but also on theapplicability and impacts of security solutionsin real-life environments. This year ICICS received 60 submissions from 15 countries all over the world, including USA, Austria, Germany, UK, Greece, France, Switzerland, Italy, Estonia, South Africa, Russia, China (including Hong Kong), India, Singapore, and Australia. Out of these, 20 high-quality research papers were accepted as full papers after a thoroughreviewprocessbytheProgramCommittee(PC)fororiginality,novelty,rigor, andrelevance.Inaddition,theauthorsof16shortpapersthatwereacceptedpresented their on-going work in information and communications security. The conference program was complemented by an invited talk and two feature keynote speakers (one by Mr. Anthony Bargar, who served in the United States Department of Defense and Intelligence Community, and another by Prof. Dongyan Xu, who is a Professor of Computer Science and Interim Director of CERIAS, Purdue University). WewouldliketoexpressourgratitudetoeveryonewhohelpedmakeICICS2016a success:theconferenceOrganizingCommitteeforprovidinganexcellentenvironment for the conference, and the Program Committee members for their conscientious and diligent work to ensure the high quality of the conference scientific program. Finally, and most importantly, we want to thank all the authors for their high-quality submissions. We hope that you will find the conference and the papers in the proceedings interesting and inspiring. November 2016 Kwok-Yan Lam Chi-Hung Chi Organization Honorary Chair Thambipillai Srikanthan Nanyang Technological University, Singapore General Co-chairs Wee Keong Ng Nanyang Technological University, Singapore Sihan Qing Peking University, China Program Co-chairs Kwok Yan Lam Nanyang Technological University, Singapore Chi-Hung Chi CSIRO, Australia Publicity Chair Alvin Tiu Nanyang Technological University, Singapore Local Chair Adams Kong Nanyang Technological University, Singapore Web Master Ho Thanh Nghia Nanyang Technological University, Singapore Program Committee Man Ho Au Hong Kong Polytechnic University, Hong Kong, SAR China Alex Biryukov University of Luxembourg, Luxembourg Zhenfu Cao East China Normal University, China Chin-Chen Chang Feng Chia University, Taiwan Zhong Chen Peking University, China Sherman S.M. Chow Chinese University of Hong Kong, Hong Kong, SAR China Chen Ding Ryerson University, Canada Dieter Gollmann Hamburg University of Technology, Germany Jian Guo Nanyang Technological University, Singapore Rene Rydhof Hansen Aalborg University, Demark VIII Organization Hsu-Chun Hsiao National Taiwan University, Taiwan Patrick Hung University of Ontario Institute of Technology, Canada Meng Chow Kang CISCO, Singapore Tiffany Hyun-Jin Kim Carnegie Mellon University, USA Kwangjo Kim KAIST, Korea Marina Krotofil Hamburg University of Technology, Germany Tieyan Li Huawei, Singapore Paul Liu Social Mind Analytics (Research and Technology) Limited, Hong Kong, SAR China Di Ma University of Michigan-Dearborn, USA Sjouke Mauw University of Luxembourg, Luxembourg Chris Mitchel Royal Holloway, University of London, UK Wee Keong Ng Nanyang Technological University, Singapore Raphael C.-W. Phan Loughborough University, UK Josef Pieprzyk Queensland University of Technology, Australia Joachim Posegga University of Passau, Germany Christian W. Probst Technical University of Denmark, Demark Sihan Qing Peking University, China Kouichi Sakurai Kyushu University, Japan Pierangela Samarati Università degli Studi di Milano, Italy Sebastian Schinzel University of Applied Sciences, Germany Münster Willy Susilo University of Wollongong, Australia Wen-Guey Tzeng National Chiao Tung University, Taiwan Huaxiong Wang Nanyang Technological University, Singapore Andreas Wespi IBM Zurich Research Laboratory, Switzerland Raymond Wong University of New South Wales, Australia Chan Yeob Yeun University of Science, Technology and Research, Khalifa United Arab Emirates Yu Yu Shanghai Jiao Tong, University China Fangguo Zhang Sun Yat-sen University, China Yunwei Zhao Nanyang Technological University, Singapore Wei Zhao CSIRO, Australia Wen Tao Zhu Institute of Information Engineering, Chinese Academy of Sciences, China Contents IoT Security ECDSA on Things: IoT Integrity Protection in Practise . . . . . . . . . . . . . . . . 3 Johannes Bauer, Ralf C. Staudemeyer, Henrich C. Pöhls, and Alexandros Fragkiadakis Identity in the Internet-of-Things (IoT): New Challenges and Opportunities . . . 18 Kwok-Yan Lam and Chi-Hung Chi A Lightweight Method for Accelerating Discovery of Taint-Style Vulnerabilities in Embedded Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Yaowen Zheng, Kai Cheng, Zhi Li, Shiran Pan, Hongsong Zhu, and Limin Sun Cloud Security A Self-adaptive Hopping Approach of Moving Target Defense to thwart Scanning Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Duohe Ma, Cheng Lei, Liming Wang, Hongqi Zhang, Zhen Xu, and Meng Li Research on Security Algorithm of Virtual Machine Live Migration for KVM Virtualization System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54 Wei Fan, Zhujun Zhang, Tingting Wang, Bo Hu, Sihan Qing, and Degang Sun Towards Efficient Re-encryption for Secure Client-Side Deduplication in Public Clouds. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Lei Lei, Quanwei Cai, Bo Chen, and Jingqiang Lin Applied Cryptography The Security of Individual Bit for XTR. . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Kewei Lv, Si-wei Ren, and Wenjie Qin On the Robustness of Learning Parity with Noise. . . . . . . . . . . . . . . . . . . . 99 Nan Yao, Yu Yu, Xiangxue Li, and Dawu Gu The Linear Complexity and 2-Error Linear Complexity Distribution of 2n-Periodic Binary Sequences with Fixed Hamming Weight. . . . . . . . . . . 107 Wenlun Pan, Zhenzhen Bao, Dongdai Lin, and Feng Liu X Contents The Variant of Remote Set Problem on Lattices . . . . . . . . . . . . . . . . . . . . . 124 Wenwen Wang, Kewei Lv, and Jianing Liu Compression-Based Integral Prior Classification for Improving Steganalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 Viktor Monarev, Ilja Duplischev, and Andrey Pestunov Group Verification Based Multiple-Differential Collision Attack. . . . . . . . . . 145 Changhai Ou, Zhu Wang, Degang Sun, Xinping Zhou, and Juan Ai Attack Behavior Analytics A Transparent Learning Approach for Attack Prediction Based on User Behavior Analysis. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 Peizhi Shao, Jiuming Lu, Raymond K. Wong, and Wenzhuo Yang Application of Stylometry to DarkWeb Forum User Identification. . . . . . . . . 173 Thanh Nghia Ho and Wee Keong Ng SECapacity: A Secure Capacity Scheduler in YARN. . . . . . . . . . . . . . . . . . 184 Chuntao Dong, Qingni Shen, Lijing Cheng, Yahui Yang, and Zhonghai Wu Authentication and Authorization Integrity and Authenticity Protection with Selective Disclosure Control in the Cloud & IoT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 Christoph Frädrich, Henrich C. Pöhls, Wolfgang Popp, Noëlle Rakotondravony, and Kai Samelin MultiPol: Towards a Multi-policy Authorization Framework for RESTful Interfaces in the Cloud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214 Yang Luo, Tian Puyang, Wu Luo, Qingni Shen, Anbang Ruan, and Zhonghai Wu Provably Secure Identity-Based Identification and Signature Schemes with Parallel-PVR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 Bo Song and Yiming Zhao Engineering Issues of Cryptographic and Security Systems Assessment of Efficient Fingerprint Image Protection Principles Using Different Types of AFIS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 Martin Draschl, Jutta Hämmerle-Uhl, and Andreas Uhl Medical Record System Using Blockchain, Big Data and Tokenization . . . . . 254 Paul Tak Shing Liu

