Earticle

To prevent the problem of cheating, Chan et al. proposed an efficient and secure event signature (EASES) protocol for peer-to-peer massively multiplayer online games. However, we show that the masquerade attacker not only can successfully collect valuable information about the messages being transmitted but also impersonate any player to replay the message cheating the innocent player. Chan et al.’s proposed EASES protocol fails to defend fair play for everyone in peer-to-peer massively multiplayer online games. Our cryptanalysis results are important for security engineers, who are responsible for the design and development in peer-to-peer massively multiplayer online games.

The Greek School Network (GSN) is a closed educational network that offers advanced telematic and networking services to all primary/secondary education schools and educational administration offices in Greece. The primary objective of GSN is to provide a network infrastructure for the interconnection of school PC laboratories so that modern educational methods and pedagogical models can be used in the school community securely and effectively. GSN has scaled in size, reached maturity, and is currently delivering a wide range of network and telematic services to students and educators. Being the second largest communications network nationwide, GSN is exposed to all kinds of security threats and, due to its educational hypostasis, naive user behaviour. The current paper presents an evaluation of security management solutions for the enforcement of policies, practices, and user protection methodologies proven viable within the GSN environment, as indicated by statistics and metrics on the use of the related services. The paper reaches the conclusion that GSN security services constitute a sound framework that can successfully cover the needs of the school community.

The commercial use of small mobile computer devices by enterprise and government organizations is on the rise as wireless networking is becoming very popular and evolving very fast. Elliptic Curve Cryptography (ECC) seems very useful for providing a high level of security on these devices with small key sizes compared to the traditional public-key cryptographic systems. In this work we implement the National Institute of Standards and Technology (NIST) recommended ECC algorithms on Pocket PCs. The programs are written in Java since a vast array of Internet applications service infrastructure is designed around Java technology. We show that Elliptic Curve Digital Signature Algorithm (ECDSA) can run in a suitable time with sufficient level of security.

In this paper, a lightweight anomaly detection infrastructure named Anomaly Detection by Resource Monitoring is presented for Information Appliances. We call it Ayaka for short. It provides a monitoring function for detecting anomalies, especially attacks which are a symptom of resource abuse, by using the resource patterns of each process. Ayaka takes a completely application black-box approach, based on machine learning methods. It uses the clustering method to quantize the resource usage vector data and then learn the normal patterns with a hidden Markov Model. In the running phase, Ayaka finds anomalies by comparing the application resource usage with the learned model. This reduces the general overhead of the analyzer and makes it possible to monitor the process in real-time. The evaluation experiment indicates that our prototype system is able to detect anomalies such as SQL injection and buffer overrun with a minimum of false positives and small (about 1%) system overhead, without previously defined anomaly models.

A new two-stage indexless search procedure is presented that makes use of the constrained edit distance in IDS misuse detection attack database search. The procedure consists of a pre-selection phase, in which the original dataset is reduced and the exhaustive search phase for the database records selected in the first phase. The maximum number of consecutive deletions represents the constraint. Besides eliminating the need for finer exhaustive search in the attack database records in which the detected subsequence is too distorted, the new search procedure also enables better control over the search process in the case of deliberate distortion of the attack strings. Experimental results obtained on the SNORT signature files show that the proposed method offers average search data set reduction in the typical cases of more than 70% compared to the method that uses the unconstrained edit distance.