فهرست مطالب

International Journal of Information Security
Volume:1 Issue: 2, Jul 2009

  • تاریخ انتشار: 1388/11/11
  • تعداد عناوین: 5
|
  • Rasool Jalili Pages 69-70
  • Jovan Dj. GoliĆ Pages 71-90
    A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as techniques for their efficient estimation are proposed. In particular, the method can be used for detecting network traffic anomalies due to network failures and network attacks such as (distributed) denial of service attacks, scanning attacks, SPAM and SPIT attacks, and massive malicious software attacks.
    Keywords: Intrusion detection, Statistical anomaly detection, Dispersion measure, Concentration measure, Variance, Linear regression, EWMA techniques
  • Ian G. Harris, Thoulfekar Alrahem, Alex Chen, Nick Digiussepe, Jefferey Gee, Shang, Pin Hsiao, Sean Mattox, Taejoon Park, Saravanan Selvaraj, Albert Tam, Marcel Carlsson Pages 91-103
    The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Initiation Protocol (SIP) is the widespread standard for establishing and ending VOIP communication sessions. Our tool generates an input sequence for a SIP phone which is designed to reveal security vulnerabilities in the SIP phone application. The input sequence includes SIP messages and external graphical user interface (GUI) events which might contribute to triggering a vulnerability. The input sequence is generated to perform a random walk through the state space of the protocol. The generation of external GUI events is critical to testing a stateful protocol such as SIP because GUI interaction is required to explore a significant portion of the state space. We have used our security testing tool to identify a previously unknown vulnerability in an existing open source SIP phone.
  • M. Tariq Bandaya, Nisar A. Shah Pages 105-123
    The massive and automated access to Web resources through robots has made it essential for Web service providers to make some conclusion about whether “user” is a human or a robot. A Human Interaction Proof (HIP) like Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) offers a way to make such a distinction. CAPTCHA is a reverse Turing test used by Web service providers to secure human interaction assumed services from Web bots. Several Web services that include but are not limited to free e-mail accounts, online polls, chat rooms, search engines, blogs, password systems, etc. use CAPTCHA as a defensive mechanism against automated Web bots. In this paper, we present a new clickable image based CAPTCHA technique. The technique presents user with a CAPTCHA image composed of several sub-images. Properties of the proposed technique offer all of the benefits of image based CAPTCHAs; grant improved security than that of usual OCR-based techniques, consume less Web page area than most of image based techniques and at the same time improve the user-friendliness of the Web page.
    Keywords: CAPTCHA, HIP, Botnet, Image CAPTCHA, Clickable CAPTCHA, CAPTCHA Security, CAPTCHA Usability
  • Morteza Nikooghadam, Ali Zakerolhosseini Pages 125-131
    Elliptic Curve Cryptosystems (ECC) have recently received significant attention by researchers due to their high performances such as low computational cost and small key size. In this paper a novel untraceable blind signature scheme is presented. Since the security of proposed method is based on difficulty of solving discrete logarithm over an elliptic curve, performance of the proposed scheme is quite commendable in comparison with the previous works in terms of security and time complexity.
    Keywords: Blind signature, Elliptic curves cryptosystems, Untraceability, Blindness