Privacy and Security (TOPS)


Search Issue
enter search term and/or author name


ACM Transactions on Information and System Security (TISSEC), Volume 15 Issue 4, April 2013

Role Mining with Probabilistic Models
Mario Frank, Joachim M. Buhman, David Basin
Article No.: 15
DOI: 10.1145/2445566.2445567

Role mining tackles the problem of finding a role-based access control (RBAC) configuration, given an access-control matrix assigning users to access permissions as input. Most role-mining approaches work by constructing a large set of candidate...

Fragmentation Considered Vulnerable
Yossi Gilad, Amir Herzberg
Article No.: 16
DOI: 10.1145/2445566.2445568

We show that fragmented IPv4 and IPv6 traffic is vulnerable to effective interception and denial-of-service (DoS) attacks by an off-path attacker. Specifically, we demonstrate a weak attacker intercepting more than 80% of the data...

Automated Anomaly Detector Adaptation using Adaptive Threshold Tuning
Muhammad Qasim Ali, Ehab Al-Shaer, Hassan Khan, Syed Ali Khayam
Article No.: 17
DOI: 10.1145/2445566.2445569

Real-time network- and host-based Anomaly Detection Systems (ADSs) transform a continuous stream of input data into meaningful and quantifiable anomaly scores. These scores are subsequently compared to a fixed detection threshold and classified as...

Mohawk: Abstraction-Refinement and Bound-Estimation for Verifying Access Control Policies
Karthick Jayaraman, Mahesh Tripunitara, Vijay Ganesh, Martin Rinard, Steve Chapin
Article No.: 18
DOI: 10.1145/2445566.2445570

Verifying that access-control systems maintain desired security properties is recognized as an important problem in security. Enterprise access-control systems have grown to protect tens of thousands of resources, and there is a need for...