ICT Systems Security and Privacy Protection

This book constitutes the refereed proceedings of the 31st IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection, SEC 2016, held in Ghent, Belgium, in May/June 2016. The 27 revised full papers presented were carefully reviewed and selected from 139 submissions. The papers are organized in topical sections on cryptographic protocols, human aspects of security, cyber infrastructure, social networks, software vulnerabilities, TPM and internet of things, sidechannel analysis, software security, and privacy.

Includes supplementary material: sn.pub/extras

Inhalt
Coercion-Resistant Proxy Voting.- A Posteriori Openable Public Key Encryption.-Multicast Delayed Authentication for Streaming Synchrophasor Data in the Smart Grid.- Developing a Human Activity Model for Insider IS Security Breaches Using Action Design Research.- Evaluating CVSS Base Score Using Vulnerability Rewards Programs.- Defining Objectives For Preventing Cyberstalking.- Using Process Invariants to Detect Cyber Attacks on a Water Treatment System.- Expression and Enforcement of Security Policy for Virtual Resource Allocation in IaaS Cloud.- Software Defined Networking Reactive Stateful Firewall.- Teaching Phishing-Security: Which Way is Best?.- On Gender Specific Perception of Data Sharing in Japan.- TORPEDO: TOoltip-poweRed Phishing Email DetectiOn.- SybilRadar: A Graph-Structure Based Framework for Sybil Detection in Online Social Networks.- Collateral Damage of Facebook Apps: Friends, Providers, and Privacy Interdependence.- Automated Source Code Instrumentation for Verifying Potential Vulnerabilities.- An Information Flow-Based Taxonomy to Understand the Nature of Software Vulnerabilities.- Dissecting the XSS Exploitation Techniques and Fuzzing Mechanisms of Blackbox Scanners.- A Utility-Based Reputation Model for the Internet of Things.- Advanced Remote Firmware Upgrades Using TPM 2.0.- RegRSA: Using Registers as Buffers to Resist Memory Disclosure Attacks.- Uncertain? No, it's Very Certain! Recovering the Key from Guessing Entropy Enhanced CPA.- Advanced or Not? A Comparative Study of the Use of Anti-debugging and Anti-VM Techniques in Generic and Targeted Malware.- NativeProtector: Protecting Android Applications by Isolating and Intercepting Third-Party Native Libraries.- A Progress-Sensitive Flow-Sensitive Inlined Information-Flow Control Monitor.- Deducing User Presence from Inter-Message Intervals in Home Automation Systems.- Privacy by Design Principles in Design of New Generation CognitiveAssistive Technologies.- A Trustless Privacy-Preserving Reputation System.