ebook img

Risks and Security of Internet and Systems: 10th International Conference, CRiSIS 2015, Mytilene, Lesbos Island, Greece, July 20-22, 2015, Revised Selected Papers PDF

308 Pages·2016·20.187 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Risks and Security of Internet and Systems: 10th International Conference, CRiSIS 2015, Mytilene, Lesbos Island, Greece, July 20-22, 2015, Revised Selected Papers

Costas Lambrinoudakis Alban Gabillon (Eds.) 2 7 Risks and Security 5 9 S C of Internet and Systems N L 10th International Conference, CRiSIS 2015 Mytilene, Lesbos Island, Greece, July 20–22, 2015 Revised Selected Papers 123 Lecture Notes in Computer Science 9572 Commenced Publication in 1973 Founding and Former Series Editors: Gerhard Goos, Juris Hartmanis, and Jan van Leeuwen Editorial Board David Hutchison Lancaster University, Lancaster, UK Takeo Kanade Carnegie Mellon University, Pittsburgh, PA, USA Josef Kittler University of Surrey, Guildford, UK Jon M. Kleinberg Cornell University, Ithaca, NY, USA Friedemann Mattern ETH Zurich, Zürich, Switzerland John C. Mitchell Stanford University, Stanford, CA, USA Moni Naor Weizmann Institute of Science, Rehovot, Israel C. Pandu Rangan Indian Institute of Technology, Madras, India Bernhard Steffen TU Dortmund University, Dortmund, Germany Demetri Terzopoulos University of California, Los Angeles, CA, USA Doug Tygar University of California, Berkeley, CA, USA Gerhard Weikum Max Planck Institute for Informatics, Saarbrücken, Germany More information about this series at http://www.springer.com/series/7409 Costas Lambrinoudakis Alban Gabillon (Eds.) (cid:129) Risks and Security of Internet and Systems 10th International Conference, CRiSIS 2015 – Mytilene, Lesbos Island, Greece, July 20 22, 2015 Revised Selected Papers 123 Editors Costas Lambrinoudakis AlbanGabillon University of Piraeus Universitédela PolynésieFrançaise Piraeus Faa’a Greece French Polynesia ISSN 0302-9743 ISSN 1611-3349 (electronic) Lecture Notesin Computer Science ISBN 978-3-319-31810-3 ISBN978-3-319-31811-0 (eBook) DOI 10.1007/978-3-319-31811-0 LibraryofCongressControlNumber:2016934430 LNCSSublibrary:SL3–InformationSystemsandApplications,incl.Internet/Web,andHCI ©SpringerInternationalPublishingSwitzerland2016 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartofthe material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodologynow knownorhereafterdeveloped. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthorsandtheeditorsaresafetoassumethattheadviceandinformationinthisbookare believedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsortheeditors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissionsthatmayhavebeenmade. Printedonacid-freepaper ThisSpringerimprintispublishedbySpringerNature TheregisteredcompanyisSpringerInternationalPublishingAGSwitzerland Preface Thesearetheproceedingsofthe10thInternationalConferenceonRisksandSecurityof Internet and Systems (CRiSIS 2015). The conference brought together academic researchersandindustrydevelopers,whodiscussedthestateoftheartintechnologyfor exploring risks and security issues in Internet applications, networks, and systems. Each year papers are presented covering topics including trust, security risks and threats, intrusion detection and prevention, access control, and security modeling. The conference program included seven technical papers sessions that covered a broad range of topics from trust and privacy issues and risk management to cloud systems and cryptography. The conference program also included an invited talk by Dr. George Leventakis (Senior Security Expert, Center for Security Studies, Hellenic Ministry of Public Order and Citizen Protection) entitled “European Program for CriticalInfrastructureProtection.LinkingPolicy,ResearchandImplementation”anda tutorial session given by David Espes (Lecturer and Researcher, UMR CNRS lab- STIIC and University of Western Brittany) on “Software-Defined Networking Secu- rity.” The conference attracted many high-quality submissions, each of which was assignedtofourProgramCommitteemembersforreviewandthefinalacceptancerate was 35 %. We would like to express our thanks to the various people who assisted us in organizingtheeventandformulatingtheprogram.WeareverygratefultotheProgram Committeemembersfortheirtimelyandrigorousreviewsofthepapers.Ourgratitude also goes to the University of the Aegean and especially to Prof. Christos Kalloniatis, for supporting the organization of the conference. Finally we would like to thank all oftheauthorswhosubmitted papersfortheeventandcontributedtoaninterestingset of conference proceedings. January 2016 Costas Lambrinoudakis Alban Gabillon Organization General Chairs Sokratis Katsikas University of Piraeus, Greece Frédéric Cuppens TELECOM Bretagne, France Program Committee Co-chairs Costas Lambrinoudakis University of Piraeus, Greece Alban Gabillon Université de la Polynésie Française, Tahiti Tutorial Chair Nora Cuppens-Boulahia Telecom Bretagne, France Local Organizing Chair Christos Kalloniatis University of the Aegean, Greece Program Committee Ayed Samiha TELECOM Bretagne, France Bonnecaze Alexis I2M, Aix Marseille Université, France Chaouchi Hakima Telecom & Management SudParis, France Chen Yu State University of New York - Binghamton, USA Cuellar Jorge Siemens AG, Germany Damiani Ernesto University of Milan, Italy De Capitani Di Università degli Studi di Milano, Italy Vimercati Sabrina Dewri Rinku University of Denver, USA Di Pietro Roberto Bell Labs, USA Dubus Samuel Alcatel-Lucent Bell Labs, Greece Fernandez José M. Ecole Polytechnique de Montreal, Canada Gamble Rose Tandy School of Computer Science, USA Gritzalis Dimitris Athens University of Economics and Business, Greece Gritzalis Stefanos University of the Aegean, Greece Guirguis Mina Texas State University - San Marcos, USA Jean-Louis Lanet Inria-RBA, France Kalloniatis Christos University of the Aegean, Greece Kotenko Igor St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, Russia VIII Organization Lopez Javier University of Malaga, Spain Martinelli Fabio IIT-CNR, Italy Mouratidis Haris University of Brighton, UK Mylonas Alexios Athens University of Economics and Business, Greece Panaousis Emmanouil University of Brighton, UK Panda Brajendra University of Arkansas, USA Pernul Günther Universität Regensburg, Germany Posegga Joachim University of Passau, Germany Rannenberg Kai Goethe University Frankfurt, Germany Ravindran Kaliappa City University of New York, USA Rieger Craig Idaho National Laboratory, USA Rizomiliotis Panagiotis University of the Aegean, Greece Rusinowitch Michael LORIA – Inria Nancy, France Samarati Pierangela Università degli Studi di Milano, Italy Shetty Sachin Tennessee State University, USA Soriano Miguel Universitat Politècnica de Catalunya, Spain Spanoudakis George City University, UK Stoelen Ketil SINTEF, Norway Tapiador Juan Universidad Carlos III de Madrid, Spain Xenakis Christos University of Piraeus, Greece Zhou Jianying Institute for Infocomm Research, Singapore Contents Trust and Privacy Issues Addressing Privacy and Trust Issues in Cultural Heritage Modelling. . . . . . . 3 Michalis Pavlidis, Haralambos Mouratidis, Cesar Gonzalez-Perez, and Christos Kalloniatis An Ontology Regulating Privacy Oriented Access Controls . . . . . . . . . . . . . 17 Maherzia Belaazi, Hanen Boussi Rahmouni, and Adel Bouhoula A Literature Survey and Classifications on Data Deanonymisation . . . . . . . . 36 Dalal Al-Azizy, David Millard, Iraklis Symeonidis, Kieron O’Hara, and Nigel Shadbolt Privacy Policies and Policy Based Protocols Improving Users’ Trust Through Friendly Privacy Policies: An Empirical Study. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Oluwa Lawani, Esma Aïmeur, and Kimiz Dalkir MPLS Policy Target Recognition Network. . . . . . . . . . . . . . . . . . . . . . . . . 71 Abdulrahman Al-Mutairi and Stephen Wolthusen Risk Management Context Aware Intrusion Response Based on Argumentation Logic. . . . . . . . 91 Tarek Bouyahia, Fabien Autrel, Nora Cuppens-Boulahia, and Frédéric Cuppens Countermeasure Selection Based on the Attack and Service Dependency Graphs for Security Incident Management . . . . . . . . . . . . . . . . . . . . . . . . . 107 Elena Doynikova and Igor Kotenko Risk Analysis and Vulnerability Assessment Quantitative Risk, Statistical Methods and the Four Quadrants for Information Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 Gaute Wangen and Andrii Shalaginov Exploring a Controls-Based Assessment of Infrastructure Vulnerability . . . . . 144 Oliver J. Farnan and Jason R.C. Nurse X Contents Quantifying Security in Web ETL Processes. . . . . . . . . . . . . . . . . . . . . . . . 160 Salma Dammak, Faiza Ghozzi Jedidi, and Faiez Gargouri Cloud Systems and Cryptography A Meta-model for Assisting a Cloud Forensics Process . . . . . . . . . . . . . . . . 177 Stavros Simou, Christos Kalloniatis, Haralambos Mouratidis, and Stefanos Gritzalis POR-2P:NetworkCoding-BasedPORforDataProvision-PaymentSystem ... 188 Kazumasa Omote and Tran Phuong Thao A Single Key Scheduling Based Compression Function. . . . . . . . . . . . . . . . 207 Jiageng Chen, Rashed Mazumder, and Atsuko Miyaji Attacks and Security Measures Security Issue of WirelessHART Based SCADA Systems . . . . . . . . . . . . . . 225 Lyes Bayou, David Espes, Nora Cuppens-Boulahia, and Frédéric Cuppens Attack Volume Model: Geometrical Approach and Application. . . . . . . . . . . 242 Gustavo Gonzalez Granadillo, Grégoire Jacob, and Hervé Debar An Intensive Analysis of Security and Privacy Browser Add-Ons. . . . . . . . . 258 Nikolaos Tsalis, Alexios Mylonas, and Dimitris Gritzalis MBotCS: A Mobile Botnet Detection System Based on Machine Learning. . . 274 Xin Meng and George Spanoudakis Toward Securing MANET Against the Energy Depletion Attack. . . . . . . . . . 292 Aida Ben Chehida Douss, Ryma Abassi, and Sihem Guemara El Fatmi Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.