We present the first measurement study of JoinMarket, a growing marketplace for more anonymous transfers in the Bitcoin ecosystem. Our study reveals that this market is funded with multiple thousand bitcoins and generated a turnover of almost 29.5 million USD over the course of 13 months. Assessing the resilience of the market against a well-funded attacker, we discover that in a typical scenar...

Side-channel attacks are a serious threat to security-critical software. OpenSSL is a prime security attack target due to the library’s ubiquitous real world applications, therefore, the history of cache-timing attacks against OpenSSL is varied and rich. The presentation includes a brief history of cache-timing attacks in OpenSSL. To mitigate remote timing and cache-timing attacks, many ubiquit...

Security incidents targeting information systems become more complex and sophisticated, and intruders might evade responsibility due to the lack of supporting evidences to convict them. In this paper, we develop a system for Digital Forensic in Networking (DigForNet) which is useful to analyze security incidents and explain the steps taken by the attackers. DigForNet uses intrusion response tea...

Healthcare systems, as one of the key public infrastructures, have arisen more concerns to the society after September 11. This paper presents a preliminary study of healthcare system preparedness within a county level if a bioterrorist attack occurs. Discrete event simulation model was developed to evaluate the staff utilization and resource capability for such hypothetical bioterrorist attack...

Software-defined networking (SDN) is becoming more and popular due to its key features of scalability flexibility, simplifying network management enabling innovations in the architecture protocols. In SDNs, most crucial part controller, tasked with managing entire configuring routes. Given critical role, a failure or problem occurring at controller may degrade even collapse SDN. A typical threa...

There are many different approaches to alert correlation such as using correlation rules and prerequisite-consequences, using machine learning and statistical methods and using similarity measures. In this paper, iCorrelator, a new AIS-inspired architecture, is presented. It uses a three-layer architecture that is inspired by three types of responses in the human immune system: the innate immun...

Robust and partially robust codes are used in cryptographic devices for detecting active side channel attacks on the hardware. The codes are usually designed for uniformly distributed codewords. In practice, however, there are codewords that are much more likely to appear than others. This paper addresses the question of how good are existing robust codes in this context. The worst case scenari...

Service evolution requires sound strategies to appropriately manage versions resulting from changes during service lifecycle. Compatibility addresses the graceful evolution of services by considering the effects of changes on client applications. Traditionally, compatibility assessment is restricted to the worst-case scenario, because the analysis is based on the documents that describe service...

This paper outlines a prototypical work bench which offers semantically enhanced analytical capabilities to the business analyst. The business case for such an environment is outlined and user scenario development used to illustrate system requirements. Based upon ideas from meta-discourse and exploiting advances within the fields of ontology engineering, annotation, natural language processing...

We propose a quantum key distribution protocol based on a quantum retrodiction protocol, known as the Mean King problem. The protocol uses a two way quantum channel. We show security against coherent attacks in a transmission-error free scenario, even if Eve is allowed to attack both transmissions. This establishes a connection between retrodiction and key distribution.