Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book constitutes the thoroughly refereed post-conference proceedings of the 17th International Conference on Financial Cryptography and Data Security (FC 2013), held at Bankoku Shinryokan Busena Terrace Beach Resort, Okinawa, Japan, April 1-5, 2013. The 14 revised full papers and 17 short papers were carefully selected and reviewed from 125 submissions. The papers are grouped in the following topical sections: electronic payment (Bitcoin), usability aspects, secure computation, passwords, privacy primitives and non-repudiation, anonymity, hardware security, secure computation and secret sharing, authentication attacks and countermeasures, privacy of data and communication, and private data retrieval.

Engineering & Applied Sciences --- Computer Science --- Computer science. --- Computer security. --- Data encryption (Computer science). --- Application software. --- E-commerce. --- Computer Science. --- Data Encryption. --- Systems and Data Security. --- e-Commerce/e-business. --- Computer Appl. in Administrative Data Processing. --- Computer security --- User-centered system design --- Cognitive engineering (System design) --- Participatory design (System design) --- UCD (System design) --- Usability engineering (System design) --- User-centered design (System design) --- System design --- Human-computer interaction --- Information systems. --- Cryptology. --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Protection of computer systems --- Security of computer systems --- Data protection --- Security systems --- Hacking --- Data encoding (Computer science) --- Encryption of data (Computer science) --- Cryptography --- Protection --- Security measures --- Application computer programs --- Application computer software --- Applications software --- Apps (Computer software) --- Computer software --- Cybercommerce --- E-business --- E-commerce --- E-tailing --- eBusiness --- eCommerce --- Electronic business --- Internet commerce --- Internet retailing --- Online commerce --- Web retailing --- Commerce --- Information superhighway

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book provides an in-depth look at return-oriented programming attacks. It explores several conventional return-oriented programming attacks and analyzes the effectiveness of defense techniques including address space layout randomization (ASLR) and the control-flow restrictions implemented in security watchdogs such as Microsoft EMET. Chapters also explain the principle of control-flow integrity (CFI), highlight the benefits of CFI and discuss its current weaknesses. Several improved and sophisticated return-oriented programming attack techniques such as just-in-time return-oriented programming are presented. Building Secure Defenses against Code-Reuse Attacks is an excellent reference tool for researchers, programmers and professionals working in the security field. It provides advanced-level students studying computer science with a comprehensive overview and clear understanding of important runtime attacks.

Computer Science --- Engineering & Applied Sciences --- Computer security. --- Data encryption (Computer science) --- Data encoding (Computer science) --- Encryption of data (Computer science) --- Computer privacy --- Computer system security --- Computer systems --- Computers --- Cyber security --- Cybersecurity --- Electronic digital computers --- Security of computer systems --- Security measures --- Protection of computer systems --- Protection --- Computer science. --- Computer programming. --- Programming languages (Electronic computers). --- Computers. --- Computer Science. --- Systems and Data Security. --- Programming Techniques. --- Programming Languages, Compilers, Interpreters. --- Information Systems and Communication Service. --- Data protection --- Security systems --- Hacking --- Automatic computers --- Automatic data processors --- Computer hardware --- Computing machines (Computers) --- Electronic brains --- Electronic calculating-machines --- Electronic computers --- Hardware, Computer --- Cybernetics --- Machine theory --- Calculators --- Cyberspace --- Computer languages --- Computer program languages --- Computer programming languages --- Machine language --- Electronic data processing --- Languages, Artificial --- Electronic computer programming --- Programming (Electronic computers) --- Coding theory --- Informatics --- Science --- Programming --- Computer security --- Cryptography --- Information systems.

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

This book constitutes the thoroughly refereed post-workshop proceedings of the 11th International Workshop on Information Hiding, IH 2009, held in Darmstadt, Germany, in June 2009. The 19 revised full papers presented were carefully reviewed and selected from 55 submissions. The papers are organized in topical sections on steganography, steganalysis, watermarking, fingerprinting, hiding in unusual content, novel applications and forensics.

Ergodic theory. Information theory --- Computer science --- Computer architecture. Operating systems --- Information systems --- Computer. Automation --- gegevensopslag --- coderen --- DES (data encryption standard) --- cryptologie --- informatica --- programmatielogica --- computerbeveiliging --- computercriminaliteit --- informatietheorie

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

Hardware-intrinsic security is a young field dealing with secure secret key storage. By generating the secret keys from the intrinsic properties of the silicon, e.g., from intrinsic Physical Unclonable Functions (PUFs), no permanent secret key storage is required anymore, and the key is only present in the device for a minimal amount of time. The field is extending to hardware-based security primitives and protocols such as block ciphers and stream ciphers entangled with the hardware, thus improving IC security. While at the application level there is a growing interest in hardware security for RFID systems and the necessary accompanying system architectures. This book brings together contributions from researchers and practitioners in academia and industry, an interdisciplinary group with backgrounds in physics, mathematics, cryptography, coding theory and processor theory. It will serve as important background material for students and practitioners, and will stimulate much further research and development.

Electronics --- Electrical engineering --- Applied physical engineering --- Computer architecture. Operating systems --- Information systems --- Computer. Automation --- informatica --- hardware --- informatietechnologie --- elektronica --- elektrotechniek --- micro-elektronica

Choose an application

• Reference Manager
• EndNote
• RefWorks (Direct export to RefWorks)

As human activities moved to the digital domain, so did all the well-known malicious behaviors including fraud, theft, and other trickery. There is no silver bullet, and each security threat calls for a specific answer. One specific threat is that applications accept malformed inputs, and in many cases it is possible to craft inputs that let an intruder take full control over the target computer system. The nature of systems programming languages lies at the heart of the problem. Rather than rewriting decades of well-tested functionality, this book examines ways to live with the (programming) sins of the past while shoring up security in the most efficient manner possible. We explore a range of different options, each making significant progress towards securing legacy programs from malicious inputs. The solutions explored include enforcement-type defenses, which excludes certain program executions because they never arise during normal operation. Another strand explores the idea of presenting adversaries with a moving target that unpredictably changes its attack surface thanks to randomization. We also cover tandem execution ideas where the compromise of one executing clone causes it to diverge from another thus revealing adversarial activities. The main purpose of this book is to provide readers with some of the most influential works on run-time exploits and defenses. We hope that the material in this book will inspire readers and generate new ideas and paradigms.

Computer security.