Endre søk
Begrens søket
123 51 - 100 of 113
RefereraExporteraLink til resultatlisten
Permanent link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Treff pr side
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Forfatter A-Ø
  • Forfatter Ø-A
  • Tittel A-Ø
  • Tittel Ø-A
  • Type publikasjon A-Ø
  • Type publikasjon Ø-A
  • Eldste først
  • Nyeste først
  • Skapad (Eldste først)
  • Skapad (Nyeste først)
  • Senast uppdaterad (Eldste først)
  • Senast uppdaterad (Nyeste først)
  • Disputationsdatum (tidligste først)
  • Disputationsdatum (siste først)
  • Standard (Relevans)
  • Forfatter A-Ø
  • Forfatter Ø-A
  • Tittel A-Ø
  • Tittel Ø-A
  • Type publikasjon A-Ø
  • Type publikasjon Ø-A
  • Eldste først
  • Nyeste først
  • Skapad (Eldste først)
  • Skapad (Nyeste først)
  • Senast uppdaterad (Eldste først)
  • Senast uppdaterad (Nyeste først)
  • Disputationsdatum (tidligste først)
  • Disputationsdatum (siste først)
Merk
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 51.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    An End-to-End Security Solution for SCTP2008Konferansepaper (Fagfellevurdert)
    Abstract [en]

    The stream control transmission protocol (SCTP) is a fairly new transport protocol that was initially designed for carrying signaling traffic in IP networks. SCTP offers a reliable end-to-end (E2E) transport. Compared to TCP, SCTP provides a much richer set of transport features such as message oriented transfer, multistreaming to handle head-of-line blocking, and multihoming for enhanced failover. These are all very attractive features, but at the same time proven hard and complex to secure for E2E transports. All existing security solutions have limitations. In this paper, a survey of existing solutions is first given. Then, an alternative solution is proposed. The proposed solution uses the new authenticated chunks for SCTP for integrity protection, TLS for key exchange and authentication, and symmetric encryption implemented at the socket layer for confidentiality protection. A qualitative comparison of the described E2E security solutions is also given

  • 52.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Design and Implementation of a Tunable Encryption Service for Networked Applications2005Konferansepaper (Fagfellevurdert)
    Abstract [en]

    To achieve the best possible QoS tradeoff between security and performance for networked applications, a tunable and differential treatment of security is required. In this paper, we present the design and implementation of a tunable encryption service. The proposed service is based on a selective encryption paradigm in which the applications can request a desired encryption level. Encryption levels are selected by the applications at the inception of sessions, but can be changed at any time during their lifetime. A prototype implementation is described along with an initial performance evaluation. The experimental results demonstrate that the proposed service offers a high degree of security adaptiveness at a low cost

  • 53.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Secure Socket SCTP: A Multi-layer End-to-End Security Solution2008Konferansepaper (Annet (populærvitenskap, debatt, mm))
  • 54.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    The Design and Implementation of Secure Socket SCTP2009Inngår i: Transactions on Computational Science, Vol. 5730, s. 180-199Artikkel i tidsskrift (Fagfellevurdert)
  • 55.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    The Design and Message Complexity of Secure Socket SCTP2008Konferansepaper (Fagfellevurdert)
    Abstract [en]

    This paper describes the design of secure socket SCTP (SS-SCTP). SS-SCTP is a new end-to-end security solution that uses the AUTH extension for integrity protection of messages and TLS for mutual authentication and key negotiation. Data confidentiality is in SS-SCTP provided through encryption at the socket layer. SS-SCTP aims to offer a high degree of security differentiation based on features in the base SCTP protocol as well as in standardized extensions. The flexible message concept provided in the base protocol plays a central role in the design of SS-SCTP. In the paper, a comparison of the message complexity produced by SS-SCTP, SCTP over IPsec, and TLS over SCTP is also presented. The main conclusion that can be drawn from the comparison is that, depending on the traffic pattern, SS-SCTP produces either less or similar message overhead compared to the standardized solutions when transferring user data

  • 56.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Tunable Security Support for Wireless Applications2005Konferansepaper (Fagfellevurdert)
    Abstract [en]

    A tunable and differential treatment of security is needed to achieve the best possible balance between security and performance for wireless applications. In this paper, we present a tunable encryption service that is based on a selective encryption paradigm in which applications can request a desired encryption level. Encryption levels are selected at the inception of a session, but can be changed at any time during its lifetime. In the paper, a prototype implemented on top of the Stream Control Transmission Protocol (SCTP) is described and an initial performance evaluation is presented. The results demonstrate that the proposed service offers a high degree of security adaptiveness at a low cost

  • 57.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Faigl, Zoltán
    A Measurement Study on IKEv2 Authentication Performance in Wireless Networks2009Konferansepaper (Fagfellevurdert)
    Abstract

    This paper presents an experimental evaluation of the performance costs of a wide variety of authentication methods over IKEv2 in wireless networks. The studied methods are preshared keys (PSK), extensible authentication protocol (EAP) using MD5, SIM, TTLS-MD5, TLS, and PEAP-MSCHAPv2. For the EAP-based methods RADIUS is used as authentication, authorization, and accounting (AAA) server. Two network scenarios, WiFi and UMTS, are considered. The measurement results illustrate the practical costs involved for IKEv2 authentication, and show significant performance differences between the methods

  • 58.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Faigl, Zoltán
    Analyzing Tunable Security Services2006Konferansepaper (Fagfellevurdert)
    Abstract [en]

    This paper analyzes three existing tunable security services based on a conceptual model. The aim of the study is to examine the tunable features provided by the different services in a structured and consistent way. This implies that for each service user preferences as well as environment and application characteristics that influence the choice of a certain security configuration are identified and discussed

  • 59.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Faigl, Zoltán
    Performance Evaluation of IKEv2 Authentication Methods in Next Generation Wireless Networks2010Inngår i: Journal of Security and Communication Networks, ISSN 1939-0122, Vol. 3, nr 1, s. 83-98Artikkel i tidsskrift (Fagfellevurdert)
    Abstract

    Secure communications have a key role in future networks and applications. Information security provisions such as authorization, authentication, and encryption must be added to current communications protocols. To accomplish this, each protocol must be reexamined to determine the impact on performance of adding such security services. This paper presents an experimental evaluation of the performance costs of a wide variety of authentication methods over IKEv2 in real and partly emulated scenarios of next generation wireless networks. The studied methods are pre-shared keys (PSKs), extensible authentication protocol (EAP) using MD5, SIM, TTLS-MD5, TLS, and PEAP-MSCHAPv2. For the EAP-based methods, RADIUS is used as the authentication, authorization, and accounting (AAA) server. Different lengths of certificate chains are studied in case of the TLS-based methods, i.e., TTLS-MD5, TLS, and PEAP-MSCHAPv2. The paper first presents a brief overview of the considered authentication methods. Then, a comparison of the costs for message transfers and computations associated with the authentication methods is provided. The measurement results are verified through a simple analysis, and interpreted by discussing the main contributing factors of the costs. The measurement results illustrate the practical costs involved for IKEv2 authentication, and the implications of the use of different methods are discussed

  • 60.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Faigl, Zoltán
    Tunable Security Services for Wireless Networks2008Inngår i: Adaptation and Cross Layer Design in Wireless Networks / [ed] Mohamed Ibnkahla, Boca Raton, FL, USA: CRC , 2008Kapittel i bok, del av antologi (Fagfellevurdert)
    Abstract [en]

    This chapter introduces the concept of tunable security services for wireless networks. The aim of the chapter is to describe how security can be traded against performance. A survey and analysis of existing tunable services, which have been explicitly designed to offer various security levels during system operation, is provided. In total eight different services are analyzed in detail. The selection of services is made to cover a broad spectrum of services and to illustrate services at different communication layers. Two services from each of the following four layers are described and analyzed: application layer, transport layer, network layer, and, data link layer. Additional tunable security services are also briefly introduced. The analysis illustrates that tunability can be used in many different contexts and achieved through various mechanisms. From the analysis it is also evident that more suitable security and performance metrics are needed

  • 61.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Faigl, Zoltán
    Tóth, Katalin
    Providing Tunable Security Services2006Konferansepaper (Annet (populærvitenskap, debatt, mm))
  • 62.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Faigl, Zoltán
    Tóth, Katalin
    Providing Tunable Security Services: An IEEE 802.11i Example2006Konferansepaper (Fagfellevurdert)
    Abstract [en]

    The basic idea of QoS is to provide mechanisms that can offer different service levels, which are expressed through well-defined parameters that are specified at run-time on the basis of need. Bit rate, throughput, delay, jitter, and packet loss rate are all examples of common QoS parameters suggested for packet networks. These parameters are all aimed to express (and guarantee) a certain service level with respect to reliability and/or performance. In this paper, we investigate how security can be treated as yet another QoS parameter through the use of tunable security services. The main idea with this work is to let users specify a trade-off between security and performance through the choice of available security configuration(s). The performance metric used is latency. The concept is illustrated using the IEEE 802.11i wireless local area networking standard

  • 63.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Jonsson, Erland
    Dynamic Data Protection Services for Network Transfers: Concepts and Taxonomy2004Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Security should be thought of as a tunable system attribute that allows users to request a specific protection level as a service from the system. This approach will be suitable in future networking environments with heterogeneous devices that have varying computing resources. The approach is also appropriate for multimedia applications that require tuning of the protection level to maintain performance at levels that are acceptable to users. In this paper, we investigate data protection services for network transfers that are designed to offer variable protection levels and propose a taxonomy for such services. The taxonomy provides a unified terminology for dynamic data protection services and a framework in which they can systematically be inspected, evaluated, and compared. The taxonomy is also intended to provide a basis for the development and identification of current and future user and/or application needs. It comprises four dimensions: type of protection service, protection level, protection level specification, and adaptiveness. On the basis of the taxonomy, a survey and categorization of existing dynamic data protection services for network transfers are made

  • 64.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Jonsson, Erland
    Survey and Classification of Dynamic Data Protection Services for Network Applications2005Inngår i: Proceedings of the Fifth Conference for the Promotion of Research in IT at New Universities and University Colleges in Sweden (Promote IT 2005) / [ed] Janis Bubenko jr, Owen Eriksson, Hans Fernlund, and Mikael Lind, Lund, Sweden: Studentlitteratur , 2005Kapittel i bok, del av antologi (Fagfellevurdert)
    Abstract [en]

    Security should be thought of as a tunable system attribute that allows users to request a specific protection level as a service from the system. This approach will be suitable in future networking environments with heterogeneous devices that have varying computing resources. The approach is also appropriate for multimedia applications that require tuning the protection level to maintain performance at levels that are acceptable to users. In this paper, we survey a number of existing data protection services for network transfers that are designed to offer variable protection levels. The services are classified according to a taxonomy proposed in the paper

  • 65.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Debbah, Merouane
    Guillaud, Maxime
    NEWCOM++ DRA.2: Advanced algorithms and metrics for wireless secrecy and security2010Rapport (Annet vitenskapelig)
    Abstract

    The report deals with Advanced Algorithms and Metrics for Wireless Secrecy and Security developed within the framework of Newcom++ (contrarily to the first report which was an overview of existing results). As far as wireless secrecy is concerned, the notion of information theoretic secrecy capacity is extended to different types of channels such as the interference channel, the relay channel as well as the wiretap frequency selective channel. Practical algorithms are derived in the case of multi-carrier channels such as the OFDM case through the notion of Vandermonde precoding. In the second part of the report, Wireless security focuses on Wireless Sensor Networks. After an overview of different wireless technologies, a risk analysis approach is proposed together with a taxonomy of wireless security attacks and descriptions of threats and known vulnerabilities in wireless networks in general. Finally, a framework that enables a formal reasoning and description of a WSN system is provided

  • 66.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Debbah, Merouane
    Guillaud, Maxime
    NEWCOM++ DRA.3: Final report about security in wireless networks2010Rapport (Annet vitenskapelig)
    Abstract

    The report deals with advanced schemes for Wireless Secrecy and Security evaluation tools developed within the framework of Newcom++. As far as wireless secrecy is concerned, different cases are treated, namely the multi-antenna fading case, the frequency selective channel case (with OFDM modulation) and the the relay channel case. Besides the major information theoretic consideration related to capacity issues, physical layer coding, Secure Lossy Source Coding as well as classical precoding (through beamforming) schemes are analyzed. The second part of the report is dedicated to security evaluation tools and provides a framework for a formal reasoning and description of wireless sensor networks (WSN). Some input models for the design and evaluation of WSN security are provided, especially for 6LoWPAN Networks. The report finishes with an important contribution related to a Penetration Testing tool developed for 6LoWPAN

  • 67.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Faig, Zoltán
    Brunstrom, Anna
    Security Solution Suitability Analysis using Modified Multiplicative Analytic Hierarchy Process2010Konferansepaper (Fagfellevurdert)
    Abstract

    Tackling security and performance issues in ubiquitous computing has turned out to be a challenging task due to the heterogeneity of both the environment and the applications. Services must satisfy several constraints caused by the security, performance, and other requirements of applications, users and providers. This paper introduces a new formalized decision model for security solution suitability analysis. It supports the design of dynamic security services and can be used by security managers making runtime decisions. Our solution improves previously proposed AHP-based decision models. The MAHP decision engine is applied using a new approach. Furthermore, we extend the MAHP algorithm to handle the non-fulfillment of requirements. This results in more accurate decisions, and better fulfillment of the design criteria. The use of the proposed decision model is illustrated through an IKEv2 authentication method selection problem

  • 68.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Faigl, Zoltán
    Brunström, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    A Conceptual Model for Analysis and Design of Tunable Security Services2008Inngår i: Journal of NetworksArtikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    Security is an increasingly important issue for networked services. However, since networked

    environments may exhibit varying networking behavior and contain heterogeneous devices with

    varying resources tunable security services are needed. A tunable security service is a service that

    provides different security configurations that are selected, and possibly altered, at run-time. In this

    paper, we propose a conceptual model for analysis and design of tunable security services. The

    proposed model can be used to describe and compare existing tunable security services and to

    identify missing requirements. Five previously proposed services are analyzed in detail in the paper.

    The analysis illustrates the powerfulness of the model, and highlights some key aspects in the

    design of tunable security services. Based on the conceptual model, we also present a high-level

    design methodology that can be used to identify the most appropriate security configurations for a

    particular scenario

  • 69.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Fischer Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Martucci, Leonardo
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Abou El Kalam, Anas
    Atzeni, Andrea
    Cappadonia, Alberto
    Cesena, Emanuele
    Pastrone, Claudio
    Toward a Formal Framework to Evaluate Wireless Sensor Network Security2009Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Wireless Sensor Networks (WSNs) are becoming widespread and pervasive, even in context where dependability and security of the deployed network could be crucial to critical and life-saving tasks. Due to the evolution rush experienced in past few years, several security aspects need to be further investigated. In this paper, we present a survey of the main vulnerabilities of WSNs and propose a specific taxonomy. This is a first step towards the definition of a formal security evaluation framework for WSNs, as we introduce in the end of this paper

  • 70.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Grinnemo, Karl-Johan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Brunstrom, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Data Protection based on Physical Separation: Concepts and Application Scenarios2005Inngår i: Computational Science and Its Applications: ICCSA 2005. Part IV / [ed] Gervasi, O.; Gavrilova, M.L.; Kumar, V.; Laganà, A.; Lee, H.P.; Mun, Y.; Taniar, D.; Tan, C.J.K., Berlin: Springer , 2005, s. 1331-1340Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Data protection is an increasingly important issue in today's communication networks. Traditional solutions for protecting data when transferred over a network are almost exclusively based on cryptography. As a complement, we propose the use of multiple physically separate paths to accomplish data protection. A general concept for providing physical separation of data streams together with a threat model is presented. The main target is delay-sensitive applications such as telephony signaling, live TV, and radio broadcasts that require only lightweight security. The threat considered is malicious interception of network transfers through so-called eavesdropping attacks. Application scenarios and techniques to provide physically separate paths are discussed

  • 71.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Grinnemo, Karl-Johan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Brunstrom, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Physical Separation for Data Protection based on SCTP Multihoming2004Inngår i: Proceedings of the Second Swedish National Computer Networking Workshop: SNCNW2004, Karlstad, 2004Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Network security is an increasingly important issue. Traditional solutions for protecting data when transferred over the network are almost exclusively based on cryptography. As a complement, we propose the use of SCTP and its support for physically separate paths to accomplish protection against eavesdropping attacks near the end points.

  • 72.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Gustafson, Ulf
    Jonsson, Erland
    Security Evolution of a Network Operating System1999Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In this paper, we study the security evolution of Novell NetWare from version 3.12 until the most recent version of today. A detailed description of both security features and flaws in Netware 3.12 is presented. The flaws were revealed during an intrusion experiment performed by undergraduate students as project work in a course in computer security. The paper also deals with new security features, as well as newly discovered weaknesses, in versions 4 and 5 of the network operating system. The paper concludes that the weakest points of the Novell NetWare system are the clients themselves and the connections between clients and servers. Surprisingly enough, this fact remains true despite significant security improvements in later versions of the system. It is discussed whether this result can be generalized, leading to the conclusion that virtually no commercial system will ever be secure

  • 73.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Hedbom, Hans
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Jonsson, Erland
    An Analysis of the Security of Windows NT1999Rapport (Fagfellevurdert)
    Abstract [en]

    This paper presents an analysis of the security of Windows NT 4.0. The primary objective of the analysis was to investigate how secure the operating system actually is. A technical overview of the system, and in particular of its security features, is given. The system security was analyzed and practical intrusion attempts were made in order to verify known vulnerabilities and find new ones. The paper concludes that there are ample opportunities to improve the security of Windows NT

  • 74.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Hedbom, Hans
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Martucci, Leonardo
    Fischer Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Experiences from Educating Practitioners in Vulnerability Analysis2007Konferansepaper (Fagfellevurdert)
    Abstract [en]

    This paper presents experiences from a vulnerability analysis course especially developed for practitioners. The described course is a compact three days course initially aimed to educate practitioners

    in the process of ¯nding security weaknesses in their own products. The paper gives an overview of the course and presents results from two different types of course evaluations. One was done on-site at the last day of the course, while the other was made 3{18 months after the participants

    had ¯nished the course. Experiences gained from ¯ve di®erent course in-

    stances are provided in the paper. The conclusion is that the participants

    have either been satis¯ed or very satis¯ed with the course. They are also

    convinced that the course have helped to improve the quality of their

    products

  • 75.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Hedbom, Hans
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Martucci, Leonardo
    Fischer Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Experiences from Educating Practitioners in Vulnerability Analysis2007Inngår i: Proceedings of the 5th IFIP TC11.8 World Information Security in Education Workshop (WISE'5), West Point, NY, USA: Springer , 2007Kapittel i bok, del av antologi (Fagfellevurdert)
    Abstract [en]

    This paper presents a vulnerability analysis course especially developed for practitioners and experiences gained from it. The described course is a compact three days course initially aimed to educate practitioners in the process of finding security weaknesses in their own products. After giving an overview of the course, the paper presents results from two different types of course evaluations. One evaluation was done on-site at the last day of the course, while the other was made 3-18 months after the participants had finished the course. Conclusions drawn from it with regard to recommended content for vulnerability analysis courses for practitioners are also provided

  • 76.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Jonsson, Erland
    Adding Security to QoS Architectures2004Inngår i: Perspectives on Multimedia: Communication, Media and Information Technology / [ed] Robert Burnett, Anna Brunstrom, and Anders G. Nilsson, West Sussex, UK: John Wiley & Sons , 2004Kapittel i bok, del av antologi (Annet vitenskapelig)
    Abstract [en]

    In a Quality of Service (QoS) aware communication system, a user is able to choose between various service classes, each with different degrees of reliability, predictability, and efficiency. However, security has not to this time been recognized as a parameter in QoS architectures and no security-related service classes have been defined. This implies that users have no opportunity to configure their own level of security, which is remarkable. This paper surveys QoS architectures from a security perspective and gives some initial ideas on how QoS architectures can be extended by a security dimension

  • 77.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Jonsson, Erland
    Adding Security to Quality of Service Architectures2002Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In a Quality of Service (QoS) aware communication system, a user is able to choose between various service classes, each with different reliability, predictability, and efficiency degrees. However, until now security has not been recognized as a parameter in QoS architectures and no security-related service classes have been defined. This implies that end-users have no chance of configuring their level of security, which is remarkable. This paper contains a survey of QoS architectures as seen from a security point of view and gives some initial ideas on how QoS architectures can be extended with a security dimension.

  • 78.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Jonsson, Erland
    Different Aspects of Security Problems in Network Operating Systems2002Konferansepaper (Fagfellevurdert)
    Abstract [en]

    This paper presents research on computer security vulnerabilities in general-purpose network operating systems. The objective of this study is to investigate real intrusions in order to find and model the underlying generic weaknesses, i.e., weaknesses that would be applicable to many different systems. The paper is based on empirical data collected from three different systems, UNIX with NFS and NIS, Novell NetWare, and Windows NT. Five common security problems, improper input validation; improper use of cryptography; weak authentication; insecure bootstrapping; improper configuration, are identified, exemplified, and discussed from different perspectives. The work presented represents a further step towards a full understanding of the generic weaknesses that impair commercially available operating systems

  • 79.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Knapskog, Svein J.
    Euro-NF D.IA 7.6.1: Supporting synthesis document for the 2008 plenary meeting2008Rapport (Fagfellevurdert)
  • 80.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Larson, Ulf E
    Jonsson, Erland
    A Structured Approach to Selecting Data Collection Mechanisms for Intrusion Detection2011Inngår i: Privacy, Intrusion Detection, and Response: Technologies for Protecting Networks / [ed] Peyman Kabiri, Hershey, PA, USA: IGI Global , 2011, s. 1-39Kapittel i bok, del av antologi (Fagfellevurdert)
  • 81.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Larson, Ulf E
    Nilsson, Dennis K
    Jonsson, Erland
    A System Architecture for Operator-Centric and Adaptive Intrusion Detection2009Inngår i: Journal of Information Assurance and Security, ISSN 1554-1010, E-ISSN 1554-1029, Vol. 4, nr 3, s. 236-246Artikkel i tidsskrift (Fagfellevurdert)
  • 82.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Larson, Ulf E
    Nilsson, Dennis K
    Jonsson, Erland
    Using System Call Information to Reveal Hidden Attack Manifestations2010Konferansepaper (Fagfellevurdert)
    Abstract

    We investigate how system call-based intrusion detectors can be made more resistant against mimicry attacks. We show that by including extra information such as system call arguments, return values, and identity of the user responsible for the calls, the attackers options of constructing successful attacks are significantly reduced, in particular with respect to the use of no-op system calls. For our investigation, we add extra information to two system call-based detection algorithms one distance-based and one sequence-based that normally operate on system call names only. We then create two mimicry attacks which avoid detection by the original detectors but are revealed when the extra information is used. Our investigation shows that by providing the extra information to the detector the attackers options of constructing successful and undetected attacks decreases drastically

  • 83.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Lindqvis, Ulf
    Jonsson, Erland
    IT Security Research and Education in Synergy1999Konferansepaper (Fagfellevurdert)
    Abstract [en]

    This paper presents experience from laboratory projects performed by students in Applied Computer Security, a course given at Chalmers University of Technology. From this, we conclude that the combination of security research and education results in a synergy that can be very beneficial to both fields. The paper describes in detail three different types of laboratory projects: intrusion experiments, intrusion analysis and remediation, and intrusion detection. Furthermore, we discuss the outcome and impact of the student projects with respect to education, research, and synergy between the two, as well as ethical issues. Among the benefits of the close connection between research and education in the projects, we find that the students were very motivated by this research connection and that they produced unique research data with natural diversity

  • 84.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Lindskog, Stefan
    Web Site Privacy with P3P2003Bok (Fagfellevurdert)
    Abstract [en]

    Privacy on the Internet is a very complicatedand delicatesubject. It is about making sure that sites are honest with the people using their services, and providing the end user with the choice of whether or not to share information with the original server.



    The Platform for Privacy Preferences Project (P3P), an emerging industry standards set developed by the World Wide Web Consortium (W3C), provides a simple way for users to gain more control over the use of personal information on the Web sites they visit. By using P3P to encode privacy policies in XML format, browsers can interpret whether a Web site meets an individuals privacy standards and alert the user when a site does not.



    Written by experts, this is the first book to show systems architects how to embed and design a Web site that is compliant with P3P. The authors provide detailed descriptions of the P3P standard and its parameters, as well as guidelines, explanations, and P3P how-to examples that you can follow. In addition to the detailed example of how to encode a Web sites P3P policy with XML and a complete XML tutorial appendix, youll also learn valuable information such as:



    - Vulnerabilities and threats to Internet security

    - The lowdown on log files, cookies, spam, Web bugs, and tracking

    - P3P policies and policy reference files

    - P3P and the mobile Internet

  • 85.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lundin, Reine
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Brunstrom, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Middleware Support for Tunable Encryption2006Inngår i: Wireless Information Systems: Proceedings of the 5th International Workshop on Wireless Information Systems / [ed] Qusay H. Mahmoud, Hans Weghorn, Setubal , Portugal: INSTICC Press , 2006, s. 36-46Konferansepaper (Fagfellevurdert)
    Abstract [en]

    To achieve an appropriate tradeoff between security and performance for wireless applications, a tunable and differential treatment of security is required.

    In this paper, we present a tunable encryption service designed as a middleware that is based on a selective encryption paradigm. The core component of the middleware provides block-based selective encryption. Although the selection of which data to encrypt is made by the sending application and is typically content-dependent, the representation used by the core component is application and content-independent. This frees the selective decryption module at the receiver from the need for application or content-specific knowledge. The sending application specifies the data to encrypt either directly or through a set of highlevel application interfaces. A prototype implementation of the middleware isdescribed along with an initial performance evaluation. The experimental results demonstrate that the generic middleware service offers a high degree of security adaptiveness at a low cost.

     

  • 86.
    Lindskog, Stefan
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Strandbergh, Johan
    Hackman, Mikael
    Jonsson, Erland
    A Content-Independent Scalable Encryption Model2004Konferansepaper (Fagfellevurdert)
    Abstract [en]

    User surveys have shown that security will be a key business enabler for applications of future communication systems. These systems will vary dramatically in their security requirementsfrom very low to extremely rigid. The aim of this paper is to demonstrate how security can be treated in a more flexible and dynamic way. We propose here a content-independent model for scalable encryption that is based on a selective encryption paradigm. The main advantage of the model is that users are able to make tradeoffs between security and performance. We describe the design and implementation of the proposed model and make an initial performance analysis

  • 87.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    An Investigation of Entropy of Selectively Encrypted Bitmap Images2012Inngår i: Computational Aspects of Social Networks (CASoN), 2012 Fourth International Conference on, IEEE, 2012, s. 238-243Konferansepaper (Fagfellevurdert)
    Abstract [en]

    Selective encryption is a concept in which the main goal is to reduce computational cost while providing confidentiality by encrypting only chosen parts of the information to be protected. Previous work on selective encryption has mainly been aimed towards multimedia applications in order to reduce the overhead induced by encryption while still making the information perceptually secure to a desired protection level. This was accomplished by utilizing the fact that different parts of the information have different impacts on our perception senses, i.e., eyes and ears. How computationally secure the information is when using selective encryption has however only briefly been mentioned or rudimentarily analyzed. In this paper, we therefore investigate the security implications of selective encryption by generalizing the work on entropy of selectively encrypted strings to several dimensions and applying it to bitmap images. The generalization is done by constructing information neighborhoods that capture and model information dependencies in several dimensions.

  • 88.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Changes in Guesswork over Time in Multi-processor Attacks2012Inngår i: Journal of Information Assurance and Security, ISSN 1554-1010, Vol. 7, s. 145-150Artikkel i tidsskrift (Fagfellevurdert)
    Abstract [en]

    More and more effort is being spent on security improvements in today's computer networking environments. However, due to the nature of computer security there is still a lack of good quantitative assessment methods. Inventing and developing new ways of measuring security are therefore needed in order to more exact describe, assess, and improve security of computer environments. One existing quantitative security measure is guesswork. Guesswork gives the average number of guesses in a brute force attack when breaking an encrypted message. In the current definition of guesswork it is assumed that the attacker uses a single processor when breaking an encrypted message. However, an intelligent and motivated attacker will likely use several processors that can work in parallel to break an encrypted message. This paper formally investigates how guesswork changes over time in multi-processor attacks. The result is applied on three probability distributions, the English alphabet, the geometric, and the truncated geometric to illustrate some behaviors.

  • 89.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Entropy of Selectively Encrypted Strings2011Inngår i: Information Security Theory and Practice: Security and Privacy of Mobile Devices in Wireless Communication / [ed] Claudio A. Ardagna, Jianying Zhou, Springer Berlin/Heidelberg, 2011, s. 234-243Konferansepaper (Fagfellevurdert)
    Abstract [en]

    A feature that has become desirable for low-power mobile devices with limited computing and energy resources is the ability to select a security configuration in order to create a trade-off between security and other important parameters such as performance and energy consumption. Selective encryption can be used to create this trade-off by only encrypting chosen units of the information. In this paper, we continue the investigation of the confidentiality implications of selective encryption by applying entropy on a generic selective encryption scheme. By using the concept of run-length vector from run-length encoding theory, an expression is derived for entropy of selectively encrypted strings when the number of encrypted substrings, containing one symbol, and the order of the language change

  • 90.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Extending the Definition of Guesswork2010Inngår i: Sixth International Conference on Information Assurance and Security (IAS), 2010, Atlanta, GA, USA: IEEE , 2010, s. 191-196Konferansepaper (Fagfellevurdert)
    Abstract [en]

    To be able to perform an analytical and more exact description of security, quantitative security measures are desirable. In this paper, we continue our investigation of the quantitative security measure guesswork, which gives the average number of guesses in an optimal brute force attack. The definition of guesswork is extended to joint and conditional guesswork. We show that joint guesswork is always at least equal to the marginal guessworks, and that conditioning reduces guesswork. Hence, guesswork possesses the same two properties as entropy, i.e., joint entropy is always at least equal to the marginal entropies, and conditioning reduces entropy. However, unlike entropy, guesswork does not possess the chain rule property. For entropy, this rule states that joint entropy is equal to marginal entropy plus the corresponding conditional entropy

  • 91.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Guesswork Changes in Multi-processor Attacks2011Inngår i: Proceedings of the 7th International Conference on Information Assurance and Security (IAS 2011), IEEE Press, 2011, s. 145-150Konferansepaper (Fagfellevurdert)
    Abstract [en]

    More and more effort is being spent on security improvements in today's computer networking environments. However, due to the nature of computer security there is still a lack of good quantitative assessment methods. Inventing and developing new ways of measuring security are therefore needed in order to more exact describe, assess, and improve security of computer environments. One existing quantitative security measure is guesswork. Guesswork gives the average number of guesses in a brute force attack when breaking an encrypted message. In the current definition of guesswork it is assumed that the attacker uses a single processor when breaking an encrypted message. However, an intelligent and motivated attacker will likely use several processors that can work in parallel to break an encrypted message. This paper formally investigates how guesswork changes over time in multi-processor attacks. The result is applied on three probability distributions, the English alphabet, the geometric, and the truncated geometric to illustrate some behaviors.

  • 92.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Joint and Conditional Guesswork: Definitions and Implications2011Inngår i: Journal of Information Assurance and Security, ISSN 1554-1010, Vol. 6, nr 2, s. 89-97Artikkel i tidsskrift (Fagfellevurdert)
  • 93.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    On Entropy of Selectively Encrypted Bitmap Images using Information Neighborhoods2013Inngår i: Journal of Information Assurance and Security, ISSN 1554-1010, E-ISSN 1554-1029, Vol. 8, nr 2, s. 86-96Artikkel i tidsskrift (Fagfellevurdert)
  • 94.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Security Implications of Selective Encryption2010Inngår i: MetriSec'10: Proceedings of the 6th International Workshop on Security Measurements and Metrics, New York: ACM , 2010Konferansepaper (Fagfellevurdert)
    Abstract [en]

    To be able to perform an analytical and more exact description of security, quantitative security measures are desirable. Two proposed quantitative security measures are entropy and guesswork. When breaking an encrypted message, entropy measures the average number of guesses in an optimal binary search attack, whereas guesswork measures the average number of guesses in an optimal linear search attack. In this paper, we continue to investigate the security implications of a generic selective encryption procedure. That is, how entropy and guesswork changes with the number of encrypted units, i.e., the encryption level. This is done for languages up to thesecond order by deriving equations for entropy of selectively encrypted messages and then transferring the result to guesswork through an equation relating the two measures. Furthermore, unlike entropy, guesswork does not possess the chain rule, however, through the equation relating entropy and guesswork an equation connecting the different guessworks is derived.

  • 95.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Brunstrom, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    A Model-based Analysis of Tunability in Privacy Services2008Inngår i: The Future of Identity in the Information Society: Proceedings of the Third IFIP WG 9.2, 9.6/ 11.6, 11.7/FIDIS International Summer School on The Future of Identity in the Information Society, Karlstad University, Sweden, August 4-10, 2007, Springer-Verlag New York, 2008, s. 343-356Kapittel i bok, del av antologi (Fagfellevurdert)
    Abstract [en]

    In this paper, we investigate the tunable privacy features provided by Internet Explorer version 6 (IE6), Mix Net and Crowds, by using a conceptual model for tunable security services. A tunable security service is defined as a service that has been explicitly designed to offer various security configurations that can be selected at run-time. Normally, Mix Net and Crowds are considered to be static anonymity services, since they were not explicitly designed to provide tunability. However, as discussed in this paper, they both contain dynamic elements that can be used to utilize the trade-off between anonymity and performance. IE6, on the other hand, was indeed designed to allow end users to tune the level of privacy when browsing the Internet

  • 96.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Brunstrom, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Analysis of Anonymity Services from a Tunable Perspective2007Inngår i: The Future of Identity in the Information Society: Proceedings of the Third IFIP WG 9.2, 9.6/ 11.6, 11.7/FIDIS International Summer School on The Future of Identity in the Information Society, Karlstad University, Sweden / [ed] Simone Fischer-Huebner, Penny Duquenoy, Albin Zuccato, Leonardo Martucci, Boston: IFIP , 2007Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In this paper, we investigate the tunable features provided by Mix-Nets and Crowds using a conceptual model for tunable secu- rity services. A tunable security service is deflned as a service that has been explicitly designed to ofier various security levels that can be se- lected at run-time. Normally, Mix-Nets and Crowds are considered to be static anonymity services, since they were not explicitly designed to provide tunability. However, as discussed in this paper, they both con- tain dynamic elements that can be used to achieve a tradeofi between anonymity and performance

  • 97.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Brunstrom, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Hubner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Using Guesswork as a Measure for Confidentiality of Selectively Encrypted Messages2006Inngår i: Quality of Protection: Security Measurements and Metrics / [ed] Dieter Gollmann, Fabio Massacci and Artsiom Yautsiukhin, Boston: Springer, 2006, s. 173-184Kapittel i bok, del av antologi (Fagfellevurdert)
    Abstract [en]

    n this paper, we start to investigate the security implications of selective encryption. We do this by using the measure guesswork, which gives us the expected number of guesses that an attacker must perform in an optimal brute force attack to reveal an encrypted message. The characteristics of the proposed measure are investigated for zero-order languages. We also introduce the concept of reduction chains to describe how the message (or rather search) space changes for an attacker with different levels of encryption.

  • 98.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Brunstrom, Anna
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Measuring Confidentiality of Selectively Encrypted Messages Using Guesswork2005Inngår i: Proceeding of the Third Swedish National Computer Networking Workshop (SNCNW 2005), Halmstad: Högskolan i Halmstad , 2005, s. 99-102Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In this paper, we start to investigate the security implications of selective encryption. We do this by using the measure guesswork, which gives us the expected number of guesses that an attacker performs in an optimal brute force attack to reveal an encrypted message. The characteristics of the proposed measure are only investigated for zero-order languages, and we give some basic initial results. The work is in progress and later papers will examine higher order of languages.

  • 99.
    Lundin, Reine
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Holleboom, Thijs
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    On the Relationship between Confidentiality Measures: Entropy and Guesswork2007Inngår i: WOSIS / [ed] Mariemma Inmaculada Yagüe del Valle and Eduardo Fernández-Medina, INSTICC Press , 2007, s. 135-144Konferansepaper (Fagfellevurdert)
    Abstract [en]

    In this paper, we investigate in detail the relationship between entropy and guesswork. The aim of the study is to lay the ground for future efficiency comparison of guessing strategies. After a short discussion of the two measures, and the differences between them, the formal definitions are given. Then, a redefinition of guesswork is made, since the measure is not completely accurate. The change is a minor modification in the last term of the sum expressing guesswork. Finally, two theorems are stated. The first states that the redefined guesswork is equal to the concept of cross entropy, and the second states, as a consequence of the first theorem, that the redefined guesswork is equal to the sum of the entropy and the relative entropy.

  • 100. Martucci, Leonardo
    et al.
    Hedbom, Hans
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Lindskog, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Fischer Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Educating System Testers in Vulnerability Analysis: Laboratory Development and Deployment2006Konferansepaper (Fagfellevurdert)
    Abstract [en]

    This paper presents a vulnerability analysis course developed for system testers and the experiences gained from it. The aim of this course is to educate testers in the process of finding security weaknesses in products. It covers the four steps of a vulnerability analysis: reconnaissance, research and planning, mounting attacks, and assessment. The paper describes in detail ten different laboratory assignments conducted within the course. For each experiment, an overview and a description on how to run the assignment together with the expected knowledge obtained are presented. In addition, a course evaluation and lessons learned are also provided

123 51 - 100 of 113
RefereraExporteraLink til resultatlisten
Permanent link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf