Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
Vladimir Gorodetsky Igor Kotenko Victor Skormin (Eds.)
Computer Network Security
Third International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2005 St. Petersburg, Russia, September 25-27, 2005 Proceedings
Sprin ger
Table of Contents
Invited Papers
Self-managed Cells for Ubiquitous Systems Naranker Dulay, Emil Lupu, Morris Sloman, Joe Sventek, Nagwa Badr, Stephen Reeps 1
Critical Information Assurance Challenges for Modern Large-Scale Infrastructures
Ming- Yuh Huang 7
Rule-Based Topological Vulnerability Analysis Vipin Swarup, Sushil Jajodia, Joseph Pamula 23
Models and Analysis of Active Worm Defense David M. Nicol, Michael Liljenstam 38
Prevention of Information Attacks by Run-Time Detection of Self-replication in Computer Codes
Douglas Summerville, Victor Skormin, Alexander Volynkin, James Moronski 54
Mathematical Models, Architectures and Protocols for Computer Network Security
Calibrating Entropy Functions Applied to Computer Networks Duncan A. Buell 76
A Passive External Web Surveillance Technique for Private Networks Constantine Daicos, Scott Knight 88
A Secure Way to Combine IPsec, NAT & DHCP Jacques Demerjian, Ibrahim Hajjeh, Mohamad Badra, Salim Ferraz 104
A Generic Model for Analyzing Security Protocols Yonggen Gu, Yuxi Fu, Farong Zhong, Han Zhu 119
Networks, Markov Lie Monoids, and Generalized Entropy Joseph E. Johnson 129
XII Table of Contents
Trust by Workflow in Autonomie Communication Mikhail I. Smirnov 136
An Ontology-Based Approach to Information Systems Security Management
Bill Tsoumas, Stelios Dritsas, Dimitris Gritzalis 151
Authentication, Authorization and Access Control
Safety Problems in Access Control with Temporal Constraints Philippe Balbiani, Fahima Cheikh 165
A Modal Logic for Role-Based Access Control Thumrongsak Kosiyatrakul, Susan Older, Shiu-Kai Chin 179
Unique User-Generated Digital Pseudonyms Peter Schartner, Martin Schaffer 194
Information Flow Analysis, Covert Channels and Trust Management
A Probabilistic Property-Specific Approach to Information Flow Daniele Beauquier, Marie Duflot, Marius Minea 206
Generalized Abstract Non-interference: Abstract Secure Information-Flow Analysis for Automata
Roberto Giacobazzi, Isabella Mastroeni 221
Detection of Illegal Information Flow Alexander Grusho, Alexander Kniazev, Elena Timonina 235
Towards More Controllable and Practical Delegation Gang Yin, Huaimin Wang, Dianxi Shi, Haiya Gu 245
Security Policy and Operating System Security
Policy-Driven Routing Management Using CIM Felix J. Garcia demente, Jesus D. Jimenez Re, Gregorio Martinez Perez, Antonio F. Gömez Skarmeta 259
Secure Hybrid Operating System "Linux over Fenix" Dmitry P. Zegzhda, Alex M. Vovk 272
Table of Contents XIII
A Formal Description of SECIMOS Operating System Zhouyi Zhou, Bin Liang, Li Jiang, Wenchang Shi, Yeping He 286
Threat Modeling, Vulnerability Assessment and Network Forensics
A Theoretical Model for the Average Impact of Attacks on Billing Infrastructures
Fabrizio Baiardi, Claudio Telmon 298
Analyzing Vulnerabilities and Measuring Security Level at Design and Exploitation Stages of Computer Network Life Cycle
Igor Kotenko, Mihail Stepashkin 311
A Temporal Logic-Based Model for Forensic Investigation in Networked System Security
Slim Rekhis, Noureddine Boudriga 325
Vulnerabilities Detection in the Configurations of MS Windows Operating System
Peter D. Zegzhda, Dmitry P. Zegzhda, Maxim 0. Kalinin 339
Intrusion Detection
Hybrid Intrusion Detection Model Based on Ordered Sequences Abdulrahman Alharby, Hideki Imai 352
Asynchronous Alert Correlation in Multi-agent Intrusion Detection Systems
Vladimir Gorodetsky, Oleg Karsaev, Vladimir Samoilov, Alexander Ulanov 366
Behavior-Based Model of Detection and Prevention of Intrusions in Computer Networks
Victor Serdiouk 380
A Formal Immune Network and Its Implementation for On-line Intrusion Detection
Alexander 0. Tarakanov, Sergei V. Kvachev, Alexander V. Sukhorukov 394
XIV Table of Contents
Short Papers
Foundation for a Time Interval Access Controi Model Francis B. Afinidad, Timothy E. Levin, Cynthia E. Irvine, Thuy D. Nguyen 406
Developing an Insider Threat Model Using Functional Decomposition Jonathan W. Butts, Robert F. Mills, Rusty 0. Baldwin 412
An XML-Seamless Policy Based Management Framework Felix J. Garcia Clemente, Gregorio Martinez Perez, Antonio F. Gömez Skarmeta 418
Statistical Covert Channels Through PROXY Server Alexei Galatenko, Alexander Grusho, Alexander Kniazev, Elena Timonina 424
Encoding Private Key in Fingerprint Ernö Jeges, Zoltän Hornäk, Csaba Körmöczi 430
A New Scheme for the Location Information Protection in Mobile Communication Environments
Soon Seok Kim, Sang Soo Yeo, Bong Jin Park, Sung Kwon Kim 436
Region Protection/Restoration Scheme in Survivable Networks Wojciech Molisz, Jacek Rak 442
Massive Data Mining for Polymorphie Code Detection Udo Payer, Peter Teufl, Stefan Kraxberger, Mario Lamberger 448
Key Escrow with Tree-Based Access Structure Martin Schaffer, Peter Schartner 454
Security Checker Architecture for Policy-Based Security Management Artem Tishkov, Igor Kotenko, Ekaterina Sidelnikova 460
An Efficient Access Controi Model Utilized the Attribute Certificate Structuring
Soomi Yang 466
Secure Protected Password Change Scheme Eun-Jun Yoon, Eun-Kyung Ryu, Kee- Young Yoo 472
Author Index 479