Claudiu Duma

An Ontology of Information Security

Advances in technology are causing new privacy concerns as an increasing number of citizens are engaging in online activities.Techniques and Applications for Advanced Information Privacy and Securi ...

A Trust-Aware, P2P-Based Overlay for Intrusion Detection

Collaborative intrusion detection systems (IDSs) have a great potential for addressing the challenges posed by the increasing aggressiveness of current Internet attacks. However, one of the major concerns with the proposed collaborative IDSs is their vulnerability to the insider threat. Malicious intruders, infiltrating such a system, could poison the collaborative detectors with false alarms, disrupting the intrusion detection functionality and placing at risk the whole system. In this paper, we propose a P2P-based overlay for intrusion detection (overlay IDS) that addresses the insider threat by means of a trust-aware engine for correlating alerts and an adaptive scheme for managing trust. We have implemented our system using JXTA framework and we have evaluated its effectiveness for preventing the spread of a real Internet worm over an emulated network. The evaluation results show that our overlay IDS significantly increases the overall survival rate of the network

Modeling Software VulnerabilitiesWith Vulnerability Cause Graphs

When vulnerabilities are discovered in software, which often happens after deployment, they must be addressed as part of ongoing software maintenance. A mature software development organization should analyze vulnerabilities in order to determine how they, and similar vulnerabilities, can be prevented in the future. In this paper we present a structured method for analyzing and documenting the causes of software vulnerabilities. Applied during software maintenance, the method generates the information needed for improving the software development process, to prevent similar vulnerabilities in future releases. Our approach is based on vulnerability cause graphs, a structured representation of causes of software vulnerabilities

Semantic web policies – a discussion of requirements and research issues

Policies are pervasive in web applications. They play crucial roles in enhancing security, privacy and usability of distributed services. There has been extensive research in the area, including the Semantic Web community, but several aspects still exist that prevent policy frameworks from widespread adoption and real world application. This paper discusses important requirements and open research issues in this context, focusing on policies in general and their integration into trust management frameworks, as well as on approaches to increase system cooperation, usability and user-awareness of policy issues.

A hybrid key tree scheme for multicast to balance security and efficiency requirements

Security and efficiency of rekeying are crucial requirements for multicast key management. However, the two requirements pull in different directions and balancing them to meet the application needs is still an open issue. In this paper we introduce a hybrid key tree scheme to balance security, namely the resistance to collusion, and the efficiency. The resistance to collusion is measured by an integer parameter. The communication and the storage requirements for the controller depend on this parameter too, and they decrease as the resistance to collusion is relaxed. We analytically evaluate the efficiency of our scheme and compare with the previous work. The results show that our scheme allows a fine-tuning of security requirements versus efficiency requirements at run-time, which is not possible with the previous key management schemes.

A Flexible Category-Based Collusion-Resistant Key Management Scheme for Multicast

Current key management schemes for multicast provide either no resistance to collusion or perfect resistance to collusion. However, resistance to collusion is achieved at the expense of efficiency in terms of the number of transmissions and the number of keys that are used. We argue that applications may have certain assumptions regarding the users and their access to the multicast channel that may be used to provide a larger choice for balancing efficiency against resistance to collusion.