1. |
- Andersson, Christer, et al.
(author)
-
Trust in PRIME
- 2005
-
In: Proceedings of the 5<sup>th </sup>IEEE International Symposium on Signal Processing and IT. - : IEEE conference proceedings. - 0780393139 ; , s. 552-559
-
Conference paper (other academic/artistic)abstract
- The PRIME project develops privacy enhancing identity management systems that allow users in various application areas such as e-commerce to regain control over their personal spheres. This paper introduces the PRIME technical architecture that also includes special trust-enhancing mechanisms, and shows how PRIME technologies can enhance privacy and trust of e-shopping customers. It also discusses the socio-psychological factors and HCI aspects influencing the end user's trust in privacy enhancing identity management, and shows why HCI research, user studies, and socio-psychological research, are necessary efforts to accompany system design.
|
|
2. |
|
|
3. |
|
|
4. |
|
|
5. |
|
|
6. |
|
|
7. |
- Jämthagen, Christopher, et al.
(author)
-
eavesROP: Listening for ROP Payloads in Data Streams
- 2014
-
In: Information Security/Lecture Notes in Computer Science. - Cham : Springer International Publishing. - 0302-9743. - 9783319132563 - 9783319132570 ; 8783, s. 413-424
-
Conference paper (peer-reviewed)abstract
- We consider the problem of detecting exploits based on return-oriented programming. In contrast to previous works we investigate to which extent we can detect ROP payloads by only analysing streaming data, i.e., we do not assume any modifications to the target machine, its kernel or its libraries. Neither do we attempt to execute any potentially malicious code in order to determine if it is an attack. While such a scenario has its limitations, we show that using a layered approach with a filtering mechanism together with the Fast Fourier Transform, it is possible to detect ROP payloads even in the presence of noise and assuming that the target system employs ASLR. Our approach, denoted eavesROP, thus provides a very lightweight and easily deployable mitigation against certain ROP attacks. It also provides the added merit of detecting the presence of a brute-force attack on ASLR since library base addresses are not assumed to be known by eavesROP.
|
|
8. |
-
Privacy and Identity Management for the Future Internet in the Age of Globalisation : 9th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School, Patras, Greece, September 7-12, 2014, Revised Selected Papers
- 2015
-
Editorial proceedings (peer-reviewed)abstract
- This book contains a range of keynote papers and submitted papers presented at the 9th IFIP WG 9.2, 9.5, 9.6/11.7, 11.4, 11.6/SIG 9.2.2 International Summer School, held in Patras, Greece, in September 2014. The 9 revised full papers and 3 workshop papers included in this volume were carefully selected from a total of 29 submissions and were subject to a two-step review process. In addition, the volume contains 5 invited keynote papers. The regular papers are organized in topical sections on legal privacy aspects and technical concepts, privacy by design and privacy patterns and privacy technologies and protocols.
|
|
9. |
|
|