ebook img

Security and Privacy in Communication Networks: 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers PDF

742 Pages·2015·37.856 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Security and Privacy in Communication Networks: 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers

Bhavani Thuraisingham XiaoFeng Wang Vinod Yegneswaran (Eds.) 164 Security and Privacy in Communication Networks 11th International Conference, SecureComm 2015 Dallas, TX, USA, October 26–29, 2015 Revised Selected Papers 123 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 164 Editorial Board Ozgur Akan Middle East Technical University, Ankara, Turkey Paolo Bellavista University of Bologna, Bologna, Italy Jiannong Cao Hong Kong Polytechnic University, Hong Kong, Hong Kong Falko Dressler University of Erlangen, Erlangen, Germany Domenico Ferrari Università Cattolica Piacenza, Piacenza, Italy Mario Gerla UCLA, Los Angels, USA Hisashi Kobayashi Princeton University, Princeton, USA Sergio Palazzo University of Catania, Catania, Italy Sartaj Sahni University of Florida, Florida, USA Xuemin (Sherman) Shen University of Waterloo, Waterloo, Canada Mircea Stan University of Virginia, Charlottesville, USA Jia Xiaohua City University of Hong Kong, Kowloon, Hong Kong Albert Zomaya University of Sydney, Sydney, Australia Geoffrey Coulson Lancaster University, Lancaster, UK More information about this series at http://www.springer.com/series/8197 Bhavani Thuraisingham XiaoFeng Wang (cid:129) Vinod Yegneswaran (Eds.) Security and Privacy in Communication Networks 11th International Conference, SecureComm 2015 – Dallas, TX, USA, October 26 29, 2015 Revised Selected Papers 123 Editors Bhavani Thuraisingham VinodYegneswaran TheUniversity of Texasat Dallas SRIInternational Richardson, TX Menlo Park, CA USA USA XiaoFeng Wang Indiana University at Bloomington Bloomington,IN USA ISSN 1867-8211 ISSN 1867-822X (electronic) Lecture Notesof the Institute for Computer Sciences, Social Informatics andTelecommunications Engineering ISBN 978-3-319-28864-2 ISBN978-3-319-28865-9 (eBook) DOI 10.1007/978-3-319-28865-9 LibraryofCongressControlNumber:2015948705 ©InstituteforComputerSciences,SocialInformaticsandTelecommunicationsEngineering2015 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpartofthe material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilarmethodologynow knownorhereafterdeveloped. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthorsandtheeditorsaresafetoassumethattheadviceandinformationinthisbookare believedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsortheeditors give a warranty, express or implied, with respect to the material contained herein or for any errors or omissionsthatmayhavebeenmade. Printedonacid-freepaper ThisSpringerimprintispublishedbySpringerNature TheregisteredcompanyisSpringerInternationalPublishingAGSwitzerland Preface In the past 11 years, SecureComm has emerged as a leading international forum that coversallaspectsofinformationandcommunicationssecuritywithparticularemphasis onsecurityincommunicationandnetworking.SecureCommalsoservesasavenuefor learningabouttheemergingtrendsinsecurityandprivacyresearch,givingparticipants the opportunity to network with experts in the field. The strategic objectives of SecureComm are to provide a common platform for security and privacy experts in academia,industry,andgovernmentaswellaspractitioners,standardsdevelopers,and policy makers to engage in discussions on the common goals in order to explore important research directions in the field. For SecureComm 2015, 107 high-quality papers were submitted from all over the world. Unfortunately, the acceptance rate set for this conference did not allow us to accept all papers with relevant merits. In this respect, special thanks to the Technical Program Committee members for handling the challenging task and selecting 29 out- standing papers with a significant contribution to the field to be included in the pro- ceedings.The29acceptedpaperscanbebroadlyclassifiedunderthefollowingthemes: – Mobile, System, and Software Security – Cloud Security – Privacy and Side Channels – Web and Network Security – Crypto, Protocol, and Models Based on the submitted papers, we also extended invitations to the authors of 25 promising papers to be presented as posters, of whom 12 accepted. We awarded the BestPaperAwardtothepaperentitled“EnhancingTrafficAnalysisResistanceforTor Hidden Services with Multipath Routing” by Lei Yang and Fengjun Li. In addition to the papers and posters presented at the conference, we also had two exciting keynote speakers: – Engin Kirda, Northeastern University – Joe St. Sauver, Farsight Security, Inc. Finally, we are very grateful to the School of Computing and Informatics at the University of Indiana and the University of Texas at Dallas for their sponsorship, as well as the European Alliance for Innovation (EAI). We also thank the local Orga- nizing Committee and its many members and volunteers for their support. A special thank goes to Anna Horvathova, EAI Conference Manager, and Rhonda Walls, Local Arrangements Coordinator, for their utmost professionalism in managing the admin- istrativeaspectsoftheconference.Lastbutnotleast,ourgratitudegoestotheSteering Committee members, in particular to Prof. Guofei Gu, whose continuous supervision helped make SecureComm a very successful event. November 2015 Bhavani Thuraisingham XiaoFeng Wang Vinod Yegneswaran Organization General Chair Bhavani Thuraisingham The University of Texas at Dallas, USA Technical Program Committee Chairs XiaoFeng Wang Indiana University at Bloomington, USA Vinod Yegneswaran SRI International, USA Publications Chair Yinzhi Cao Lehigh University, USA Local Arrangements Chairs Latifur Khan The University of Texas at Dallas, USA Rhonda Walls The University of Texas at Dallas, USA Workshop Chair Roberto Perdisci University of Georgia, USA Publicity Chairs Damon McCoy George Mason University, USA Fabian Yamaguchi University of Goettingen, Germany Haixin Duan Tsinghua University, China Web Chair Zhiqiang Lin University of Texas at Dallas, USA Program Committee Prithvi Bisht Adobe Research, USA Yinzhi Cao Lehigh University, USA Kai Chen Chinese Academy of Sciences, China Yan Chen Northwestern University, USA Yangyi Chen Google Mihai Christodorescu Qualcomm Research, USA VIII Organization Jun Dai California State University, USA Mohan Dhawan IBM Research, India Haixin Duan Tsinghua University, China Matt Fredrikson University of Wisconsin, USA Vinod Ganapathy Rutgers University, USA Debin Gao Singapore Management University, Singapore Ashish Gehani SRI International, USA Guofei Gu Texas A&M University, USA Jin Han Twitter Inc. Yan Huang Indiana University, USA Kang Li University of Georgia, USA Zhou Li RSA Labs, USA Zhichun Li NEC Laboratories America Inc., USA Zhiqiang Lin The University of Texas at Dallas, USA Long Lu Stony Brook University, USA Roberto Perdisci University of Georgia, USA Atul Prakash University of Michigan, USA Feng Qian Indiana University, USA Moheeb Abu Rajab Google Kui Ren State University of New York at Buffalo, USA Seungwon Shin KAIST, Korea Kapil Singh IBM T.J. Watson Research Center, USA V.N. Venkatakrishnan University of Illinois at Chicago, USA Shobha Venkataraman AT&T, USA Haining Wang University of Delaware, USA Nick Weaver ICSI, USA David Wolinsky Yale University, USA Mengjun Xie University of Arkansas at Little Rock, USA Dongyan Xu Purdue University, USA Min Yang Fudan University, China Heng Yin Syracuse University, USA Kehuan Zhang Chinese University of Hong Kong, SAR China Xiaoyong Zhou Samsung Research America, USA Sencun Zhu Penn State University, USA Cliff Zou University of Central Florida, USA Contents Mobile, System and Software Security FineDroid: Enforcing Permissions with System-Wide Application Execution Context. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Yuan Zhang, Min Yang, Guofei Gu, and Hao Chen Detection, Classification and Characterization of Android Malware Using API Data Dependency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Yongfeng Li, Tong Shen, Xin Sun, Xuerui Pan, and Bing Mao KeyPocket - Improving Security and Usability for Provider Independent Login Architectures with Mobile Devices. . . . . . . . . . . . . . . . . . . . . . . . . . 41 André Ebert, Chadly Marouane, Benno Rott, and Martin Werner Using Provenance Patterns to Vet Sensitive Behaviors in Android Apps . . . . 58 Chao Yang, Guangliang Yang, Ashish Gehani, Vinod Yegneswaran, Dawood Tariq, and Guofei Gu SplitDroid: Isolated Execution of Sensitive Components for Mobile Applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 Lin Yan, Yao Guo, and Xiangqun Chen Intrinsic Code Attestation by Instruction Chaining for Embedded Devices . . . 97 Oliver Stecklina, Peter Langendörfer, Frank Vater, Thorsten Kranz, and Gregor Leander Defeating Kernel Driver Purifier. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 Jidong Xiao, Hai Huang, and Haining Wang Kernel Data Attack Is a Realistic Security Threat . . . . . . . . . . . . . . . . . . . . 135 Jidong Xiao, Hai Huang, and Haining Wang Cloud Security RScam: Cloud-Based Anti-Malware via Reversible Sketch. . . . . . . . . . . . . . 157 Hao Sun, Xiaofeng Wang, Jinshu Su, and Peixin Chen TADOOP: Mining Network Traffic Anomalies with Hadoop . . . . . . . . . . . . 175 Geng Tian, Zhiliang Wang, Xia Yin, Zimu Li, Xingang Shi, Ziyi Lu, Chao Zhou, Yang Yu, and Dan Wu X Contents SuperCall: A Secure Interface for Isolated Execution Environment to Dynamically Use External Services. . . . . . . . . . . . . . . . . . . . . . . . . . . . 193 Yueqiang Cheng, Qing Li, Miao Yu, Xuhua Ding, and Qingni Shen Authenticating Top-k Results of Secure Multi-keyword Search in Cloud Computing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 Xiaojun Xiao, Yaping Lin, Wei Zhang, Xin Yao, and Qi Gu Privacy and Side Channels Resource Efficient Privacy Preservation of Online Social Media Conversations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233 Indrajeet Singh, Masoud Akhoondi, Mustafa Y. Arslan, Harsha V. Madhyastha, and Srikanth V. Krishnamurthy Uranine: Real-time Privacy Leakage Monitoring without System Modification for Android. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256 Vaibhav Rastogi, Zhengyang Qu, Jedidiah McClurg, Yinzhi Cao, and Yan Chen Practicality of Using Side-Channel Analysis for Software Integrity Checking of Embedded Systems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 Hong Liu, Hongmin Li, and Eugene Y. Vasserman RemoteActivationofHardwareTrojansviaaCovertTemperatureChannel .... 294 Priyabrat Dash, Chris Perkins, and Ryan M. Gerdes Web and Network Security Route Leaks Identification by Detecting Routing Loops. . . . . . . . . . . . . . . . 313 Song Li, Haixin Duan, Zhiliang Wang, and Xing Li PULSAR: Stateful Black-Box Fuzzing of Proprietary Network Protocols. . . . . . 330 Hugo Gascon, Christian Wressnegger, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck You Are How You Query: Deriving Behavioral Fingerprints from DNS Traffic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348 Dae Wook Kim and Junjie Zhang Enhancing Traffic Analysis Resistance for Tor Hidden Services with Multipath Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367 Lei Yang and Fengjun Li An Improved Method for Anomaly-Based Network Scan Detection. . . . . . . . 385 Ashton Webster, Margaret Gratian, Ryan Eckenrod, Daven Patel, and Michel Cukier

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.