6,503 research outputs found
Game Theory Meets Network Security: A Tutorial at ACM CCS
The increasingly pervasive connectivity of today's information systems brings
up new challenges to security. Traditional security has accomplished a long way
toward protecting well-defined goals such as confidentiality, integrity,
availability, and authenticity. However, with the growing sophistication of the
attacks and the complexity of the system, the protection using traditional
methods could be cost-prohibitive. A new perspective and a new theoretical
foundation are needed to understand security from a strategic and
decision-making perspective. Game theory provides a natural framework to
capture the adversarial and defensive interactions between an attacker and a
defender. It provides a quantitative assessment of security, prediction of
security outcomes, and a mechanism design tool that can enable
security-by-design and reverse the attacker's advantage. This tutorial provides
an overview of diverse methodologies from game theory that includes games of
incomplete information, dynamic games, mechanism design theory to offer a
modern theoretic underpinning of a science of cybersecurity. The tutorial will
also discuss open problems and research challenges that the CCS community can
address and contribute with an objective to build a multidisciplinary bridge
between cybersecurity, economics, game and decision theory
The Value of User-Visible Internet Cryptography
Cryptographic mechanisms are used in a wide range of applications, including
email clients, web browsers, document and asset management systems, where
typical users are not cryptography experts. A number of empirical studies have
demonstrated that explicit, user-visible cryptographic mechanisms are not
widely used by non-expert users, and as a result arguments have been made that
cryptographic mechanisms need to be better hidden or embedded in end-user
processes and tools. Other mechanisms, such as HTTPS, have cryptography
built-in and only become visible to the user when a dialogue appears due to a
(potential) problem. This paper surveys deployed and potential technologies in
use, examines the social and legal context of broad classes of users, and from
there, assesses the value and issues for those users
The Effectiveness of Smart Learning Based on Expert Systems in Cryptography Courses
The development of science and technology requires universities not only to matter but also to have abilities in their respective fields including Security System. The unavailability of network design laboratory and its minimum, network design, cryptography design and flexibility of face-to-face time in the discussion of material compiled not in accordance with the competencies in this course. To overcome these deficiencies in learning activities, development of a project-based blended learning model is carried out. The development carried out in this study uses the Puslitjaknov development model which reduces the Borg and Gall stages to five stages namely product analysis, initial product design, expert validation and revision, field trials and implementation. Data were collected by interview, observation, questionnaire and test. Data were analyzed using quantitative and qualitative methods to produce research products in the form of books, modules, learning plans and manuals for the use of learning applications. Product validation by experts, practicality tests carried out by users and effectiveness tests with student learning outcomes. Based on the results of data analysis, the results of this study are: 1) Research has successfully developed a project-based blended learning model in Cryptography courses. 2) The developed learning model syntax consists of 9 stages / syntax. 3) In supporting learning activities, modules, RPS and manuals are used for learning applications. All products and models developed have been developed and are categorized as valid, practical and effective
Code wars: steganography, signals intelligence, and terrorism
This paper describes and discusses the process of secret communication known as steganography. The argument advanced here is that terrorists are unlikely to be employing digital steganography to facilitate secret intra-group communication as has been claimed. This is because terrorist use of digital steganography is both technically and operationally implausible. The position adopted in this paper is that terrorists are likely to employ low-tech steganography such as semagrams and null ciphers instead
Ensuring patients privacy in a cryptographic-based-electronic health records using bio-cryptography
Several recent works have proposed and implemented cryptography as a means to
preserve privacy and security of patients health data. Nevertheless, the
weakest point of electronic health record (EHR) systems that relied on these
cryptographic schemes is key management. Thus, this paper presents the
development of privacy and security system for cryptography-based-EHR by taking
advantage of the uniqueness of fingerprint and iris characteristic features to
secure cryptographic keys in a bio-cryptography framework. The results of the
system evaluation showed significant improvements in terms of time efficiency
of this approach to cryptographic-based-EHR. Both the fuzzy vault and fuzzy
commitment demonstrated false acceptance rate (FAR) of 0%, which reduces the
likelihood of imposters gaining successful access to the keys protecting
patients protected health information. This result also justifies the
feasibility of implementing fuzzy key binding scheme in real applications,
especially fuzzy vault which demonstrated a better performance during key
reconstruction
SciTech News Volume 71, No. 1 (2017)
Columns and Reports From the Editor 3
Division News Science-Technology Division 5 Chemistry Division 8 Engineering Division Aerospace Section of the Engineering Division 9 Architecture, Building Engineering, Construction and Design Section of the Engineering Division 11
Reviews Sci-Tech Book News Reviews 12
Advertisements IEEE
- …