Foundations and Practice of Security

NetEntropy is a plugin to the Orchids intrusion detection tool that is originally meant to detect some subtle attacks on implementations of cryptographic protocols such as SSL/TLS. Netentropy compares the sample entropy of a data stream to a known profile, and flags any significant variation. Our point is to stress the mathematics behind Netentropy: the reason of the rather incredible precision of Netentropy is to be found in theorems due to Paninski and Moddemeijer.

[1]  Sergei P. Skorobogatov Optically Enhanced Position-Locked Power Analysis , 2006, CHES.

[2]  Samson W. Tu,et al.  DataMaster – a Plug-in for Importing Schemas and Data from Relational Databases into Protégé , 2007 .

[3]  Vincent Rijmen,et al.  On the Design and Security of RC2 , 1998, FSE.

[4]  Ho-fung Leung,et al.  Ontology Based Hybrid Access Control for Automatic Interoperation , 2007, ATC.

[5]  Giovanni Vigna,et al.  STATL: An Attack Language for State-Based Intrusion Detection , 2002, J. Comput. Secur..

[6]  Ross Anderson,et al.  Serpent: A Proposal for the Advanced Encryption Standard , 1998 .

[7]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[8]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[9]  Roger M. Needham,et al.  TEA, a Tiny Encryption Algorithm , 1994, FSE.

[10]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[11]  Michael Hutter,et al.  Optical and EM Fault-Attacks on CRT-based RSA : Concrete Results , 2007 .

[12]  Michael Hutter,et al.  Optical Fault Attacks on AES: A Threat in Violet , 2009, 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC).

[13]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[14]  Bijan Parsia,et al.  Pellet: An OWL DL Reasoner , 2004, Description Logics.

[15]  Jeffrey M. Bradshaw,et al.  Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KAoS, Rei, and Ponder , 2003, SEMWEB.

[16]  Christophe De Cannière,et al.  KATAN and KTANTAN - A Family of Small and Efficient Hardware-Oriented Block Ciphers , 2009, CHES.

[17]  Nora Kamprath,et al.  Supporting attribute-based access control with ontologies , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[18]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[19]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[20]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[21]  Yee Wei Law,et al.  KLEIN: A New Family of Lightweight Block Ciphers , 2010, RFIDSec.

[22]  H. Li Refractive index of silicon and germanium and its wavelength and temperature derivatives , 1980 .

[23]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[24]  Seokhie Hong,et al.  Related Key Differential Attacks on 27 Rounds of XTEA and Full-Round GOST , 2004, FSE.

[25]  K. Zaraska Prelude IDS : current state and development perspectives , 2003 .

[26]  Neo,et al.  The collateral damage of internet censorship by DNS injection , 2012, Comput. Commun. Rev..

[27]  Ali A. Ghorbani,et al.  Toward developing a systematic approach to generate benchmark datasets for intrusion detection , 2012, Comput. Secur..

[28]  R. Rivest,et al.  The Security of the Rc6 Tm Block Cipher , 1998 .

[29]  Xuejia Lai,et al.  A Proposal for a New Block Encryption Standard , 1991, EUROCRYPT.

[30]  D. K. Branstad,et al.  Data Encryption Standard: past and future , 1988, Proc. IEEE.

[31]  Hervé Debar,et al.  The Intrusion Detection Message Exchange Format (IDMEF) , 2007, RFC.

[32]  Jean-Jacques Quisquater,et al.  SEA: A Scalable Encryption Algorithm for Small Embedded Applications , 2006, CARDIS.

[33]  Chae Hoon Lim,et al.  mCrypton - A Lightweight Block Cipher for Security of Low-Cost RFID Tags and Sensors , 2005, WISA.

[34]  Martin J. O'Connor,et al.  SQWRL: A Query Language for OWL , 2009, OWLED.

[35]  Lukas Malina,et al.  Privacy-preserving framework for geosocial applications , 2014, Secur. Commun. Networks.

[36]  Daniel J. Solove,et al.  A Brief History of Information Privacy Law , 2006 .

[37]  Mohammad Ashiqur Rahaman,et al.  XML secure views using semantic access control , 2010, EDBT '10.

[38]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[39]  Sergei Skorobogatov,et al.  Optical Fault Masking Attacks , 2010, 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography.

[40]  Hyangjin Lee,et al.  The SEED Encryption Algorithm , 2005, RFC.

[41]  Christof Paar,et al.  New Lightweight DES Variants , 2007, FSE.

[42]  M. Amini,et al.  A history based semantic aware access control model using logical time , 2008, 2008 11th International Conference on Computer and Information Technology.

[43]  Nicolas Courtois,et al.  Security Evaluation of GOST 28147-89 in View of International Standardisation , 2012, Cryptologia.

[44]  Nora Cuppens-Boulahia,et al.  Dynamic deployment of context-aware access control policies for constrained security devices , 2011, J. Syst. Softw..

[45]  Jongsung Kim,et al.  HIGHT: A New Block Cipher Suitable for Low-Resource Device , 2006, CHES.

[46]  Eli Biham,et al.  Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials , 1999 .

[47]  Gordon Fyodor Lyon,et al.  Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning , 2009 .

[48]  John J. McCarthy,et al.  The Rule Engine for the Java Platform , 2008 .

[49]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[50]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[51]  Sergei Skorobogatov,et al.  Semi-invasive attacks: a new approach to hardware security analysis , 2005 .