Search for: security
0.011 seconds
Total 714 records

    Sharif repository-A threatened-based software security evaluation method

    , Article International ISC Conference on Information Security and Cryptology, ISCISC(11th: 2014:) ; Sept , 2014 , p. 120-125 Razian, M. R ; Sangchi, H. M ; Sharif University of Technology
    Nowadays, security evaluation of software is a substantial matter in software world. Security level of software will be determined by wealth of data and operation which it provides for us. The security level is usually evaluated by a third party, named Software Security Certification Issuance Centers. It is important for software security evaluators to perform a sound and complete evaluation, which is a complicated process considering the increasing number of emerging threats. In this paper we propose a Threatened-based Software Security Evaluation method to improve the security evaluation process of software. In this method, we focus on existing threatened entities of software which in turn... 

    Calculus for composite authorities' policy derivation in shared domains of pervasive computing environments

    , Article 11th International Conference on Computer and Information Technology, ICCIT 2008, Khulna, 25 December 2008 through 27 December 2008 ; March , 2008 , Pages 21-28 ; 9781424421367 (ISBN) Amini, M ; Jalili, R ; Sharif University of Technology
    The decentralized security management in a pervasive computing environment' requires apportioning the environment into several security domains. In each security domain' an administrator (we call it authority) is responsible for specifying the security policies of the domain. Overlapping of security domains results in the requirement of cooperative security management in the shared/ overlapping domains. To satisfy this requirement' we propose an abstract security model' as well as its supplementary calculus of composite authorities. The security model is based on deontic logic and is independent of the domains' heterogeneity. The model's policy language (we call it MASL) enables multiple... 

    Specification and verification of security policies in firewalls

    , Article Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) ; Volume 2510 , 2002 , Pages 154-163 ; 03029743 (ISSN) Jalili, R ; Rezvani, M ; Sharif University of Technology
    Rules are used as a way of managing and configuring firewalls to fulfill security requirements in most cases. Managers have to specify their organizational security policies using low level and order-dependent rules. Furthermore, dependency of firewalls to the network topology, frequent changes in network topology (specially in dynamic networks), and lack of a method for analysis and verification of specified security policy may reduce to inconsistencies and security holes. Existence of a higher level environment for security policy specification can rectify part of the problems. In this paper we present a language for high level and formal specification of security policy in firewalls.... 

    Forsakes: A forward-secure authenticated key exchange protocol based on symmetric key-evolving schemes

    , Article Advances in Mathematics of Communications ; Volume 9, Issue 4 , November , 2015 , Pages 471-514 ; 19305346 (ISSN) Dousti, M. S ; Jalili, R ; Sharif University of Technology
    American Institute of Mathematical Sciences  2015
    This paper suggests a model and a definition for forward-secure authenticated key exchange (AKE) protocols, which can be satisfied without depending on the Diffie–Hellman assumption. The basic idea is to use keyevolving schemes (KES), where the long-term keys of the system get updated regularly and irreversibly. Protocols conforming to our model can be highly efficient, since they do not require the resource-intensive modular exponentiations of the Diffie–Hellman protocol. We also introduce a protocol, called FORSAKES, and prove rigorously that it is a forward-secure AKE protocol in our model. FORSAKES is a very efficient protocol, and can be implemented by merely using hash functions  

    Security and privacy analysis of song-mitchell RFID authentication protocol

    , Article Wireless Personal Communications ; Volume 69, Issue 4 , May , 2013 , Pages 1583-1596 ; 09296212 (ISSN) Habibi, M. H ; Aref, M. R ; Sharif University of Technology
    Many applications, such as e-passport, e-health, credit cards, and personal devices that utilize Radio frequency Identification (RFID) devices for authentication require strict security and privacy. However, RFID tags suffer from some inherent weaknesses due to restricted hardware capabilities and are vulnerable to eavesdropping, interception, or modification. The synchronization and untraceability characteristics are the major determinants of RFID authentication protocols. They are strongly related to privacy of tags and availability, respectively. In this paper, we analyze a new lightweight RFID authentication protocol, Song and Mitchell, in terms of privacy and security. We prove that not... 

    Welcome to Binder: a kernel level attack model for the Binder in Android operating system

    , Article 2016 8th International Symposium on Telecommunications, IST 2016, 27 September 2016 through 29 September 2016 ; 2017 , Pages 156-161 ; 9781509034345 (ISBN) Salehi, M ; Daryabar, F ; Tadayon, M. H ; Sharif University of Technology
    Institute of Electrical and Electronics Engineers Inc  2017
    In this paper, we consider to seek vulnerabilities and we conduct possible attacks on the crucial and essential parts of Android OSs architecture including the framework and the Android kernel layers. As a regard, we explain the Binder component of Android OS from security point of view. Then, we demonstrate how to penetrate into the Binder and control data exchange mechanism in Android OS by proposing a kernel level attack model based on the hooking method. As a result, by implementing the attack model, it is illustrated that the Android processes are detectable and the data can be extracted from any process and system calls. © 2016 IEEE  

    Risk of attack coefficient effect on availability of Ad-hoc networks

    , Article 2011 IEEE Consumer Communications and Networking Conference, CCNC'2011, Las Vegas, NV, 8 January 2011 through 11 January 2011 ; 2011 , Pages 166-168 ; 9781424487905 (ISBN) Tootaghaj, D. Z ; Farhat, F ; Pakravan, M. R ; Aref, M. R ; Sharif University of Technology
    Security techniques have been designed to obtain certain objectives. One of the most important objectives all security mechanisms try to achieve is the availability, which insures that network services are available to various entities in the network when required. But there has not been any certain parameter to measure this objective in network. In this paper we consider availability as a security parameter in ad-hoc networks. However this parameter can be used in other networks as well. We also present the connectivity coefficient of nodes in a network which shows how important is a node in a network and how much damage is caused if a certain node is compromised  

    Topic Web-based Malware Detection

    , M.Sc. Thesis Sharif University of Technology Monshizadeh, Maliheh (Author) ; Kharrazi, Mehdi (Supervisor)
    Web-based malware is recognized as one of the top-ranked threats in Web. It includes harmful codes or scripts embedded in infected websites which spread in victim’s system while an infected website is visited. These malicious scripts will automatically install malicious programs on victim’s system without user’s knowledge and consent. By taking the control of victim’s system, the attacker can steal sensitive data from the system or uses the computational power of the system in malicious activities like spamming and DoS attacks. Malware authors have started using more advanced techniques like obfuscation to circumvent detection of malicious activities by conventional security tools such as... 

    Computer Networks and Distributed Systems: International Symposium, CNDS 2013 Tehran, Iran, December 25–26, 2013 Revised Selected Papers

    , Article Communications in Computer and Information Science ; Vol. 428, issue , December , 2014 ; 18650929 ; 978-3-319-10902-2 Jahangir, A. H ; Movaghar, A ; Asadi, H ; Sharif University of Technology
    [No abstract available]  

    Two novel chaos-based algorithms for image and video watermarking

    , Article Iranian Journal of Electrical and Electronic Engineering ; Volume 8, Issue 2 , 2012 , Pages 97-107 ; 17352827 (ISSN) Mohammadi, S ; Talebi, S ; Hakimi, A ; Sharif University of Technology
    IJEEE  2012
    In this paper we introduce two innovative image and video watermarking algorithms. The paper's main emphasis is on the use of chaotic maps to boost the algorithms' security and resistance against attacks. By encrypting the watermark information in a one dimensional chaotic map, we make the extraction of watermark for potential attackers very hard. In another approach, we select embedding positions by a two dimensional chaotic map which enables us to satisfactorily distribute watermark information throughout the host signal. This prevents concentration of watermark data in a corner of the host signal which effectively saves it from being a target for attacks that include cropping of the... 

    Cooperative security administration in multi-security-domain environments using a variant of deontic logic

    , Article Scientia Iranica ; Volume 19, Issue 3 , June , 2012 , Pages 635-653 ; 10263098 (ISSN) Amini, M ; Jalili, R ; Ehsan, M. A ; Faghih, F ; Sharif University of Technology
    The decentralized approach to security administration in new computing environments (e.g., pervasive computing and mobile environments) is based on apportioning the environment into multiple security domains. The security policies of each security domain are specified by an authority and enforced by a security agent. The requirements of cooperative administration in such Multi-Security-Domain (MSD) environments, for shared or subdomains, induced us to propose an MSD cooperation framework within a logical security policy language (called MASL) in this paper. MASL is a variation of deontic logic that enables multiple authorities to specify their domain policies, including obligations and... 

    Circuit design to improve security of telecommunication devices

    , Article 2015 IEEE Conference on Technologies for Sustainability, SusTech 2015, 30 July 2015 through 1 August 2015 ; Aug , 2015 , Pages 171-175 ; 9781479918010 (ISBN) Bahrami, H ; Hajsadeghi, K ; Sharif University of Technology
    Institute of Electrical and Electronics Engineers Inc  2015
    Security in mobile handsets of telecommunication standards such as GSM, Project 25 and TETRA is very important, especially when governments and military forces use handsets and telecommunication devices. Although telecommunication could be quite secure by using encryption, coding, tunneling and exclusive channel, attackers create new ways to bypass them without the knowledge of the legitimate user. In this paper we introduce a new, simple and economical circuit to warn the user in cases where the message is not encrypted because of manipulation by attackers or accidental damage. This circuit not only consumes very low power but also is created to sustain telecommunication devices in aspect... 

    A rigorous security analysis of a decentralized electronic voting protocol in the universal composability framework

    , Article Journal of Information Security and Applications ; Volume 43 , 2018 , Pages 99-109 ; 22142134 (ISSN) Khazaei, S ; Rezaei Aliabadi, M ; Sharif University of Technology
    Elsevier Ltd  2018
    Designing an efficient and secure electronic voting (e-voting) protocol without the presence of trusted authorities, known as decentralized voting protocols, is one of the most interesting and challenging problems in cryptography. In these protocols the outcome of the protocol is computed by voters collaborating with each other. We provide a rigorous proof of security of a decentralized e-voting protocol proposed by Khader et al. in the Universal Composability (UC) Framework. This protocol is the state-of-the-art decentralized e-voting protocol in terms of efficiency and security, whose security has only been justified against a set of desired properties required in e-voting protocols. For... 

    NATC and RATC calculation in restructured power systems

    , Article International Review of Electrical Engineering ; Volume 4, Issue 4 , 2009 , Pages 592-600 ; 18276660 (ISSN) Rajabi Ghahnavieh, A ; Fotuhi Firuzabad, M ; Shahidehpour, M ; Feuillet, R ; Sharif University of Technology
    The applications of available transfer capability (ATC) have received considerable attention in restructured power systems. System operators calculate and post ATC values for different time intervals considering power system operation issues, including security issues. On the other hand, competitive electricity market has added economic issues to transmission services such that they could have different price, type (recallable/non-recallable) and curtailment cost. The inclusion of economic issues in ATC calculation to obtain NATC and RATC has not been sufficiently addressed yet. This paper presents a method to calculate ATC on a weekly base in restructured power systems which incorporates... 

    Using CSP to model and analyze transmission control protocol vulnerabilities within the broadcast network

    , Article Proceedings - 2004 International Networking and Communication Conference, INCC 2004, Lahore, 11 June 2004 through 13 June 2004 ; 2004 , Pages 42-47 ; 0780383257 (ISBN) Shahriari, H. R ; Jalili, R ; Sharif University of Technology
    Spreading networks and increasing their complexity has complicated the task of security analysis. Accordingly, automatic verification approaches have received more attention recently. In this paper, we modeled a network including a set of hosts (clients and servers) using the process algebra CSP in order to verify the Transmission Control Protocol (TCP) behavior against an active intruder. The model is verified using the FDR tool and as a result, some attack scenarios violating the security are found. The scenarios showes how an intruder can compromise the server trust to its clients. As the model is modular, extendable, and scalable, more complex attack scenarios (combination of simple... 

    TCvisor: A hypervisor level secure storage

    , Article 2010 International Conference for Internet Technology and Secured Transactions, ICITST 2010, 8 November 2010 through 11 November 2010, London ; 2010 ; 9781424488629 (ISBN) Rezaei, M ; Moosavi, N. S ; Nemati, H ; Azmi, R ; Sharif University of Technology
    In this paper, we present design and implementation of TCvisor, a new trusted hypervisor. To this end, TCvisor provides a secure storage with different isolated view per user by using para-passthrough and combined key. In this regard, virtualization technology of processors has been used for complete isolation from operating system. By combining TPM base key, user's password and geo function key, TCvisor provides a secure storage in an environment with split data. We have applied feature wise security analysis TCvisor's secure storage from software system layers point then we have compared performance of TCvisor to selected candidates of existing layers  

    Risk management in CRM security management

    , Article 3rd Australian Information Security Management Conference, AISM, Perth, WA, 30 September 2005 through 30 September 2005 ; 2005 , Pages 95-102 ; 0729806111 (ISBN); 9780729806114 (ISBN) Seify, M ; Sharif University of Technology
    In an increasing competitive world, marketing survival can be depended simply on timely new information on customers and market trend. One of the most important strategies in CRM (Customer Relationship Management) is to capture enough information from customers and using this information carefully [Ryals, Tinsley]. Of course security of this information is very important in CRM data management [Bryan]. Data management is a method for scheduling and controlling data saving, recovering and processing. This activity has been done continually or periodically[Bryan]. Security level of this information depends on the security policy of the organization. CRM security policy is the directives and... 

    A provably secure identity-based proxy ring signature based on RSA

    , Article Security and Communication Networks ; Volume 8, Issue 7 , July , 2015 , Pages 1223-1236 ; 19390114 (ISSN) Rajabzadeh Asaar, M ; Salmasizadeh, M ; Susilo, W ; Sharif University of Technology
    John Wiley and Sons Inc  2015
    Proxy ring (anonymous proxy) signatures allow an entity to delegate its signing capability to a group of entities (proxy group) such that only one of the members in the proxy group can generate a proxy signature on behalf of the delegator, while privacy of the proxy signer is protected. Identity-based versions of proxy ring signatures employ identity strings in place of randomly generated public keys. Our contribution is twofold. First, we formalize a security model for identity-based proxy ring signatures. We note that there exists no formal security model for identity-based proxy ring signatures prior to our work. Second, we present the first provably secure identity-based proxy ring... 

    Making HeNB more secure with improved secure access protocol and analyzing it

    , Article Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST, 16 September 2015 through 18 September 2015 ; Volume 158 , 2015 , Pages 107-120 ; 18678211 (ISSN) ; 9783319269245 (ISBN) Ghasemi Najm, F ; Payandeh, A ; Habibi, H ; Sharif University of Technology
    Springer Verlag  2015
    The 3rd Generation Partnership Project (3GPP) defined a new architecture, called Home eNode B (HeNB). HeNB is able to provide new services with higher data rate in a low cost. Security is a critical aspect of HeNB. In order to have HeNB secure access to core network, 3GPP defines an authentication protocol based on IKEv2. A number of security vulnerabilities such as HeNB masquerading have not been addressed and solved by 3GPP technical specification yet. In this paper an improved HeNB authentication protocol is introduced which does not allow an attacker to connect unauthorized network users using a mask. Finally, we evaluate our protocol performance and verify it by Automated Validation of... 

    A methodology for mobile network security risk management

    , Article ITNG 2009 - 6th International Conference on Information Technology: New Generations, 27 April 2009 through 29 April 2009, Las Vegas, NV ; 2009 , Pages 1572-1573 Seify, M ; Bijani, S ; Sharif University of Technology
    Based on the risk analysis done in the GSM network of Iran a methodology for cellular mobile network risk management is established. Primarily we focus on the importance of risk management in the GSM Network and then introduce very briefly the suggested method for managing risk in Iranian GSM security. GSM Security risk evaluation is a method for increasing the efficiency of security policy in the manner that security threats and vulnerabilities against the mobile network is identified and prioritized. © 2009 IEEE