ACM DL

Privacy and Security (TOPS)

Menu

Search Issue
enter search term and/or author name

Archive


ACM Transactions on Information and System Security (TISSEC), Volume 15 Issue 4, April 2013

Role Mining with Probabilistic Models
Mario Frank, Joachim M. Buhman, David Basin
Article No.: 15
DOI: 10.1145/2445566.2445567

Role mining tackles the problem of finding a role-based access control (RBAC) configuration, given an access-control matrix assigning users to access permissions as input. Most role-mining approaches work by constructing a large set of candidate...

Fragmentation Considered Vulnerable
Yossi Gilad, Amir Herzberg
Article No.: 16
DOI: 10.1145/2445566.2445568

We show that fragmented IPv4 and IPv6 traffic is vulnerable to effective interception and denial-of-service (DoS) attacks by an off-path attacker. Specifically, we demonstrate a weak attacker intercepting more than 80% of the data...

Automated Anomaly Detector Adaptation using Adaptive Threshold Tuning
Muhammad Qasim Ali, Ehab Al-Shaer, Hassan Khan, Syed Ali Khayam
Article No.: 17
DOI: 10.1145/2445566.2445569

Real-time network- and host-based Anomaly Detection Systems (ADSs) transform a continuous stream of input data into meaningful and quantifiable anomaly scores. These scores are subsequently compared to a fixed detection threshold and classified as...

Mohawk: Abstraction-Refinement and Bound-Estimation for Verifying Access Control Policies
Karthick Jayaraman, Mahesh Tripunitara, Vijay Ganesh, Martin Rinard, Steve Chapin
Article No.: 18
DOI: 10.1145/2445566.2445570

Verifying that access-control systems maintain desired security properties is recognized as an important problem in security. Enterprise access-control systems have grown to protect tens of thousands of resources, and there is a need for...