2012 internationalconferencefor internet technology …dascalescu anacristina, boriga radu eugen) 4...

2012 International Conference for

Internet Technology and Secured

Transactions

(ICITST 2012)

London, United Kingdom10 -12 December 2012

IEEE IEEE Catalog Number: CFP1281I-PRT

ISBN: 978-1-4673-5325-0

Contents Page

Welcome Message 3

Executive Committee 15

Technical Programme Committees 16

Keynote Speakers 19

Keynote Speaker 1: Dr Colin Allison 20

Keynote Speaker 2: Professor Keith Martin 21

Keynote Speaker 3: Professor Demetres Kouvatsos 22

Keynote Speaker 4 23RFID Security and Cryptography 2012 (RISC'12) Workshop: Dr Konstantinos Markantonakis

Invited Speaker 5 24

RFID Security and Cryptography 2012 (RISC'12) Workshop: Professor Safwan El Assad

Workshops 25

Workshop 1: International Workshop on Information Security, Theory and Practice (ISTP-2012) 26

(Organisers: Safwan El Assad and Charles Shoniregun)

Part I 26

Assessing the Security of Subsampling Process Using Modified EKF and Nonlinear Least Squares 27

Methods

(Lea D. Cot, Rene Lozi)

Dynamic Routing in Covert Channel Overlays Based on Control Protocols 32

(Peter Backs, Steffen Wendzel, Jorg Keller)

How to guarantee Secured Transactions with QoS and Real-Time constraints 40

(Maryline Chetto, Hassan Noura, Safwan El Assad, Mousa Farajallah)

Part II 45

Improved Blind DCT Watermarking by using Chaotic Sequences 46

(Relu L. Tataru, Safwan El Assad, Olivier Deforges)

Validating the Existence of Watermarks on Digital Images Using a Mobile Phone 51

(Lorenzo Antonio Delgado-Guillen, Jose Juan Garcia-Hernandez, Cesar Torres-Huitzil)

Chaotic Generator Synthesis: Dynamical and Statistical Analysis 56

(Ina Taralova, Rene Lozi, Safwan El Assad)

A New Method to Improve Cryptographic Properties of Chaotic Discrete Dynamical Systems 60

(Dascalescu Ana Cristina, Boriga Radu Eugen)

4

Workshop 2: The 4th International Workshop on RFID Security and Cryptography 2012 (RISC'12) 66

(Organisers: Chan Yeun and Jamal Zemerly)

Part I 66

Chaos Based Information Hiding and Security 67

(Safwan El Assad)

Part II 73

Detecting Counterfeit-Money using RFID-enabled Mobile Devices 74

(Mohamed Hamdy Eldefrawy, Muhammad Khurram Khan)

Vulnerability Analysis of Two Ultra-Lightweight RFID Authentication Protocols: RAPP and Gossamer 80

(Eyad Taqieddin, Jagannathan Sarangapani)

A New Lightweight Hybrid Cryptographic Algorithm for The Internet of Things 87

(Mouza Bani Shemaili, Chan Yeob Yeun, Khalid Mubarak, Mohamed Jamal Zemerly)

Workshop 3: The 3rd International Workshop on Ubiquitous Computing Security Issues {UCSI"12) 93

(Organisers: Fredrick J. Mtenzi and George S. Oreku)

Deploying Computer-Based Learning under Suboptimal Conditions 94

(Leonard J. Mselle, Tabu S. Kondo)

Examining Ubiquitous Security-Capital Issues in Implementing a Campus-System-as-a-Service 99

(CSaaS) Model in the Cloud Computing Age: Case Study sub-Saharan Region(Jameson Mbale, Kauna Mufeti, Victor Hamutenya)

Investigation of Cultural Aspects within Information Systems Security Research 105

(Lena Connolly, Michael Lang)

Enhancing Privacy in Social Applications with the Notion of Group Context 112

(Elke Franz, Thomas Springer, Norbert Harder)

Sessions 119

Session 1: Internet Applications and Technology 120

A User-Intent Custom Adaptive Search Service based on Ontology and Similar-Word Retrieval 121

Algorithm Composition

(Sukyoung Kim, Kihong Ahn)

A Web Tool for Monitoring HTTP Asynchronous Method Invocations 127

(Carlos R. Jaimez-Gonzalez, Wulfrano A. Luna Ramirez, Simon M. Lucas)

A Shared Secret Security Broker Implementation in a Commercial Context 133

(Tom Yuan Gao, David Kearney)

The survey of cache management in the shared storage environment 139

(Junfeng Xu, Bo Sun, Chengxiang Si)

5

Session 2: Ubi/Cloud Computing 143

Evaluation and Brokering of Service Level Agreements for Negotiation of Cloud Infrastructures 144

(Alba Amato, Beniamino Di Martino, Salvatore Venticinque)

Secure Cross-Cloud Single Sign-On (SSO) using elDs 150

(Bernd Zwattendorfer, Arne Tauber)

Risk Based SLA Management in Clouds: A legal perspective 156

(Tom Kirkham, Karim Djemame, Mariam Kiran, Ming Jiang, Django Armstrong, George Kousiouris,George Vafiadis, Athanasia Evangelinou)

MedCloud: Healthcare Cloud Computing System 161

(Dalia Sobhy, Yasser El-Sonbaty, Mohamad Abou Elnasr)

Session 3: Information Security 167

A Scheme for the Generation of Strong Cryptographic Key Pairs based on ICMetrics 168

(Ruhma Tahir, Huosheng Hu, Dongbing Gu, Klaus McDonald-Maier, Gareth Howells)

Implementation of Convolutional Codes on FPGA 175

(Sajjad Ahmed Ghauri, Hasan Humayun, Muhammad Ehsan ul Haq, Farhan Sohail)

QR Decomposition-Based Cryptography: Via Image Generation (QR-CRYPT) 179

(Abdul Qayum, Prakash Kumar)

Trusted Location Based Services 185

(Peter Teufl, Thomas Zefferer, Sandra Kreuzhuber, Christian M. Lesjak)

Session 4: Cloud Security 193

Reliability aware Scheduling in Cloud Computing 194

(Sheheryar Malik, Fabrice Huet, Denis Caromel)

Usage Control in Cloud Systems 202

(Aliaksandr Lazouski, Gaetano Mancini, Fabio Martinelli, Paolo Mori)

Cloud Security: Can the cloud be secured? 208

(Kiran Karnad, Saravanan Nagenthram)

Detecting Anomalies in laaS Environments through Virtual Machine Host System Call Analysis 211

(Suaad S. Alarifi, Stephen D. Wolthusen)


Usability of Profile Based Student Authentication and Traffic Light System in Online Examinations 220

(Abrar Ullah, Hannan Xiao, Mariana Lilley, Trevor Barker)

How effective is social media advertising? A study of Facebook Social Advertisements 226

(Dawn Carmichael, David Cleave)

Application of Semantic Search in Idea Management Systems 230

(Geovanny Poveda, Adam Westerski, Carlos A. Iglesias)

6

Emergency Care in Situations of Natural Disaster: A Multi-Agent Approach(Aline Izida, Thiago da Rocha Tedrus, Maria das Gracas Bruno Marietto, Margarethe Steinberger-Elias,Wagner Tanaka Botelho, Robson dos Santos Franca)

237


Modelsim Simulation for Real-Time Stereo Matching Using DP Algorithm 244

(JeongMok Ha, Hong Jeong)

MANET Secure Key Exchange using Spraying Diffie-Hellman Algorithm 249

(Ariel Stulman, Jonathan Lahav, Avraham Shmueli)

Smart Authentication for Real-time Business Process Monitoring 253

(Abdelrahman AIMahmoud, Maurizio Colombo, Chan Yeob Yeun, Hassan Al-Muhairi)

On the Security and Usability of Dual Credential Authentication in UK Online Banking 259

(Mike Just, David Aspinall)

Forensics Data Acquisition Methods for Mobile Phones 265

(Khawla Abdulla Alghafli, Andrew Jones, Thomas Anthony Martin)

Session 7: Multimedia and Web Services 270

Traditional Musical Virtual Reality on M-Learning 271

(Settachai Chaisanit, Napatwadee Sangboonnum Hongthong, Surachai Suksakulchai, Chuchart Pinpat)

High Volume Web Service Resource Consumption 275

(Aspen Olmsted, Csilla Farkas)

Access control for a Smart Grid SOA 281

(Markus Jung, Thomas Hofer, Susen D'bbelt, Georg Kienesberger, Florian Judex, Wolfgang Kastner)

Ontology based Image Retrieval 288

(Umar Manzoor, Naveed Ejaz, Nadeem Akhtar, Muhammad Umar, M. Shoaib Khan, Hafsa Umar)

Security of audio secret sharing scheme encrypting audio secrets 294

(Kotaro Yoshida, Yodai Watanabe)


The MobiLeak Project: Forensics Methodology for Mobile Application Privacy Assessment 297

(Pasquale Stirparo, loannis Kounelis)

Determinants of Student Performance in Advance Programming Course 304

(Yoke Yie Chen, Shakirah Mohd Taib, Che Sarah Che Nordin)

Ensuring Software Safety in Safety Critical Domains 308

(Ghada Moussa Bahig, Amr El-Kadi)

Data Integration of Electronic Health Records using Artificial Neural Networks 313

(Omniyah Gul, Mahmoud Al-Qutayri, Quang Hieu Vu, Chan Yeob Yeun)

Two Novel Server-Side Attacks against Log File in Shared Web Hosting Servers 318

(Seyed Ali Mirheidari, Sajjad Arshad, Saeidreza Khoshkdahan, Rasool Jaiili)

7


Re-engineering of Web Reverse Proxy with Shibboleth Authentication 325

(Galoh Rashidah Haron, Dharmadharshni Maniam, Vijayakumari Sadasivam, Wong Hon Loon)

Proposal of a Cryptography Method Using Gray Scale Digital Images 331

(M. Y. R. Gadelha, C. F. F. Costa Filho, M. G. F. Costa)

Evaluation of Practical Trust Based Access Control for XML Databases 336

(Norah Farooqi, Siobhan North)

Issues in inter-organisational encryption systems: The problem with FedLink 341

(Greg Miiller)


Assessing the Security of Node.js Platform 348

(Andres Ojamaa, Karl Duuna)

Quantifying the Impact on Distrust of E-commerce Trust Factors: A Non-parametric Study 356

(Ana A. Andrade, Vitor V. Lopes, Augusto Q. Novais)

Uncertainty with STOS: Intelligent Solution for Uncertain Navigation Problems 362

(Hatem F. Halaoui)

Learning from oversight by telecommunications regulatory agencies 368

(Daphne Rixon, Mary Furey)


A Trust Based Model for Federated Identity Architecture to Mitigate Identity Theft 376

(Eghbal Ghazizadeh, Mazdak Zamani, Jamalul-lail Ab Manan, Reza Khaleghparast, AN Taherian)

A light Weight Centralized File Monitoring Approach for Securing Files in Cloud Environment 382

(Sanchika Gupta, Anjali Sardana, Padam Kumar)

Evaluating Security and Privacy in Cloud Computing Services: A Stakeholder's Perspective 388

(Abdullah Abuhussein, Harkeerat Bedi, Sajjan Shiva)

Improvement of Multi-user Searchable Encrypted Data Scheme 396

(Tran Thao Phuong, Kazumasa Omote, Nguyen Gia Luyen, Nguyen Dinh Thuc)


Correlated Node Behavior in Wireless Ad Hoc Networks: An Epidemic Model 403

(A.H. Azni, Rabiah Ahmad, Zul Azri Mohamad Noh)

Forensics Filesystem with Cluster-Level Identifiers for Efficient Data Recovery 411

(Mohammed Alhussein, Avlnash Srinivasan, Duminda Wijesekera)

A Round Level Approach to Fault Detection in PP-2 Symmetric Block Cipher 416

(Ewa Idzikowska)

8

Feedback Manipulation Flooding Attack: Feasibility Evaluation and Impact Quantification on Stream

Control Transmission Protocol

(V Anil Kumar, Debabrata Das)

420

Session 13: Information Security426

ERASE - EntRopy-based SAnitization of SEnsitive Data for Privacy Preservation 427

(Jeffrey Medsger, Avinash Srinivasan)

Bootstrapping Body Sensor Networks Using Human Controlled LED-Camera Channels 433

(Xin Huang, Shangyuan Guo, Bangdao Chen, and A. W. Roscoe)

Secure Mobile Social Networks using USIM in a Closed Environment 439

(Omer Nawaz, Christian Gehrmann, Markus Fiedler)

Content Extraction Signatures Revisited 447

(Hsi-Chung Lin)

Session 14: Infonomics and E-Technology452

Towards a UTAUT-Based Model for Studying the Integrating Physical and Virtual Identity Access 453

Management Systems in E-Government Domain

(Sara Jeza Alotaibi, Mike Wald)

NitroScript: A PHP Template Engine for Customizing of E-Commerce Applications 459

(Jerry Walsh, Donogh Roche, Franclin Foping)

A Cloud Computing Solution for Sharing Healthcare Information 465

(Yan Hu, Fangjie Lu, Israr Khan, Guohua Bai)

Using Bayes Network for Prediction of Type-2 Diabetes 471

(Yang Guo, Guohua Bai, Yan Hu)

Session 15: Information Security476

A Survey of Threats and Security Measures for Data Transmission over GSM/UMTS Networks 477

(D. Fischer, B. Markscheffel, S. Frosch, D. Buettner)

Vulnerability Elimination by Force of New Mobile OS. Comparative Research of Security Techniques 483

on BlackBerry OS (incl. PlayBook)

(Yury Chemerkin)

Black Hat Training of White Hat Resources: The Future of Security is Gaming 488

(Jason Flood, Mark Denihan, Anthony Keane, Fredrick Mtenzi)

An Assessment of Features Related to Phishing Websites using an Automated Technique 492

(Rami M. Mohammad, Fadi Thabtah, Lee McCluskey)

9

Session 16: Internet Applications and Technology

A Multi-Agent System for Information Management and Augmented Reality in Asymmetric Wars

(Sidney de Castro Maria das Gra?as Bruno Marietto, Robson dos Santos Franca, Wagner Tanaka

Botelho)

Securing Elliptic Curve Based El-Gamal Against Pollard Rho Attack Using Elliptic Curve Based Diffie-

Hellman Key Exchange(Tafta Zani, Ari Moesriami Barmawi, Maman Abdurohman)

Community OTOP Web Portal for Eastern Region of Thailand

(Uthairatt Phangphol, Settachai Chaisanit, Tau-tong Puangsuwan, Veena Khongpit, Parichat Kunpluem

Multi Function Control System using GSM modem Based SM5100B Module

(Afif Mghawish, Akram A. AbdelQader, Mahmoud A. Al-Jezawi, Mohammad AbuMahfouz)

Session 17: Information Security

2D Gun's Type Classification using Edge Detection Algorithm and SUSAN Low Level Image

Processing(Veena Khongpit, Uthairatt phangphol, Kulthon Kasemsan, Chonawat Srisa-an)

Hackers and Hollywood 2: Considering Televisual Cyberthreats in Security Risk Analysis(Damian Gordon)

Hidden Markov Model Based Anomaly Intrusion Detection

(Ruchi Jain, Nasser S. Abouzakhar)

Systematic Analysis and Evaluation of Web Privacy Policies and Implementations(Brad Miller, Kaitiyn Buck, J. D. Tygar)

Error correction and detection system based on Hopfield networks

(Authors: L. lonescu, C. Anton, I. Tutanescu, A. Mazare, G. Serban)

Session 18: Internet Applications and Technology

The Edutainment of Virtual Music Instrument for Thai Xylophone (Ranad-ek)(Laddawan Meeanan, Apichai Trangansri, Pornpipat Hongthai, Settachai Chaisanit, Ratchadawan

Nimnual)

Fault-Tolerant Middleware Based on Multistream Pipeline for Private Storage Services

(J. L. Gonzalez, Victor Sosa-Sosa, Borja Bergua, Luis Miguel Sanchez, Jesus Carretero)

e-Ticketing System for Football Events in Malaysia(Abdul Hamid, N., Al A'zhim M.F., Yap M. L.)

Towards Benchmarking Intrusion Detection Systems for Virtualized Cloud Environments

(Aleksandar Milenkoski, Samuel Kounev)

Multi-probes Fusion Framework for Matching Simultaneous Latent Impressions

(Rozita Mohd Yusof, Norrozila Sulaiman)

10

Session 19: Infonomics and e-Technology 568

Are contemporary trade unions utilizing the opportunities for revival presented by internet technology? 569

A comparison of Croatian, UK and USA practice(Maja Vidovic, Josip Kolid)

Security Management Mechanism for Composite Applications Based on Hash Chains 575

(Limin Fan)

E-Government in Developing Countries: Framework of Challenges and Opportunities 578

(Ahmad Mousa Odat)

Investigation of factors affecting growth of e-banking services in Saudi Arabia 583

(Zawlikhah Al Somali, Gheorghita Ghinea)

SecGOD Google Docs: Now I Feel Safer! 589

(Antonis Michalas, Menelaos Bakopoulos)


User Interactive Internet of Things Privacy Preserved Access Control 597

(Xin Huang, Rong Fu, Bangdao Chen, Tingting Zhang, A. W. Roscoe)

Text Fingerprint Key Generation 603

(Mohamed Sameh Hassanein, Gheorghita Ghinea)

Analysis of Access Control Protocols Using Labelled Tableaux 610

(Ji Ma)

A Dynamic Fuzzy Commitment Scheme using ARRSES Forecasting 616

(Somsak Choto, Nol Premasathian)


A Bayesian Belief Network Analysis of the Internet Governance Conflict 621

(Martin A. Negron)

Comparing Distinct Approaches for Panic Behavior Computer Simulations: A Theoretical Analysis 628

(Maria das Gracas Bruno Marietta, Robson dos Santos Franca, Margarethe Steinberger-Elias, WagnerTanaka Botelho, Emerson Aguiar Noronha, Vera Lucia da Silva)

Analysis and Modeling Multi-Breeded Mean-Minded Ant Colony Optimization of Agent Based Road 634

Vehicle Routing Management(Chiranjib Sur, Sanjeev Sharma, Anupam Shukla)

The Process of Building Knowledge and Communication of Social Systems Emulated by Multiagent 642

Systems Capable of Cause and Emerging Learning(Maria Das Gragas Bruno Marietto, Margarethe Born Steinberger-Elias, Marllon Felipe Muniz De Farias

Alves, Rita Vucinic Teles)


On Cloud Storage and the Cloud of Clouds Approach 649

(Daniel Slamanig, Christian Hanser)

11

Autonomous Agent-based Inspection for inter-VM Traffic in a Cloud Environment 656

(Karim Benzidane, Saad Khoudali, Abderrahim Sekkaki)

The Design of Adaptive Intrusion Tolerant System (ITS) based on Historical Data 662

(Yongki Kim, Jungmin Lim, Seokjoo Dooy, Hyunsoo Yoon)

Smart-Frame: a Flexible, Scalable, and Secure Information Management Framework for Smart Grids 668

(Joonsang Baek, Quang Hieu Vu, Andrew Jones, Sameera Al Mulla, Chan Yeob Yeun)

Session 23: Ubi/Cloud Computing 674

Economic Efficiency Control on Data Centre Resources in Heterogeneous Cost Scenarios 675

(Benjamin Heckmann, Marcus Zinn, Ronald C. Moore, Christoph Wentzel, Andrew D. Phippen)

RACS: A Framework for Resource Aware Cloud Computing 680

(Sheheryar Malik, Fabrice Huet, Denis Caromel)

Decision points for adoption Cloud Computing in Small, Medium Enterprises (SMEs) 688

(Ashwini Rath, Sanjay Kumar, Sanjay Mohapatra, Rahul Thakurta)

Context-aware Personal Learning Environment 692

(Mafawez T. Alharbi, Amelia Piatt, Ali H. Al-Bayatti)


Query Paraphrasing using Genetic Approach for Intelligent Information Retrieval 699

(Mourad Ykhlef, Abeer ALDayel)

Evolution Pattern for Service Evolution in Clouds 704

(Zhe Wang, Liu Xiaodong, Kevin Chalmers, Cheng Guojian)

Implementation Methodology of Rely/Guarantee Piug-in for Protege 710

(Said Rabah Azzam, Shikun Zhou)

Forensic Memory Evidence of Windows Application 715

(Funminiyi Olajide, Nick Savage, Galyna Akmayeva, Richard Trafford)


Challenges of Managing Secure Elements within the NFC Ecosystem 720

(Pardis Pourghoimi, Gheorghita Ghinea)

Securing Internet Information Services (IIS) Configuration Files 726

(Saneeha Khalid, Haider Abbas, Maruf Pasha, Asad Raza)

Off-line NFC Tag Authentication 730

(Muhammad Qasim Saeed, Colin D. Walter)

Towards Coupling User and Device Locations Using Biometrical Authentication on Smartphones 736

(Matthias Trojahn, Philipp Marcus)

12

Session 26: Multimedia and Web Services 742

Honeydoop - A system for on-demand virtual high interaction honeypots 743

(Saurabh Kulkarni, Madhumitra Mutalik, Prathamesh Kulkarni, Tarun Gupta)

Semantic Hedgehog for Log Analysis 748

(Jeffrey J. Wiley, Frank P. Coyle)

Exploiting UML and Acceleo for Developing Semantic Web Services 753

(Jabu Mtsweni)

Assessment of Ontology Alignment Methodology 759

(Said Rabah Azzam, Shikun Zhou)


Mobile Banking Contexts and Prospects in Egypt: A Framework 766

(Rehaballah Elbadrawy, Rasha Abdel Aziz)

Managing NFC Payment Applications through Cloud Computing 772

(Pardis Pourghomi, Gheorghita Ghinea)

Innovative Solution for a Telemedicine Application 778

(Arun S. N., Lam W. C, Tan K.K.)

Authorization Model of SSO for a Distributed Environment Based on the Attributes 784

(Gaozheng Zhang, Mengdong Chen, Mou Shen)

Session 28: Mobile Systems 790

Making of DAISY Talking book on Mobile Phone: A Concept and Architecture 791

(Surachai Susakulchai, Wacheerapan Kaewprapan, Settachai Chaisanit)

M-learning for Eco-Packaging using KM 793

(Ratchadawan Nimnual, Wandee Pattanaweroj, Settachai Chaisanit)

An Experimental Study of Three Different Rule Ranking Formulas in Associative Classification 795

(Neda Abdelhamid, Aladdin Ayesh, Fadi Thabtah)

A Novel Architecture for Secure Communications in Mobile Systems 801

(Alok Upadhyay, Jajati Keshari Sahoo, Vibhor Bajpai)

Posters 806

Implementation of tools for brute forcing touch inputted passwords 807

(Bruno Alves Pereira Botelho, Emilio Tissato Nakamura, and Nelson Uto)

Perturbation for Privacy-Preserving Participatory Sensing on Mobile 809

(Shunsuke Aoki, Masayuki Iwai, Kaoru Sezaki)

Innovative Extracting and Integrating the Potential and Subjectively Formed Context-Information 810

(Hiroki Nakayama, Hiroaki Kaminaga, Youzou Miyadera, Shoichi Nakamura)

13

Visual Support System for Semi-automatic Generation of Spadework of Academic Paper from 812Presentation Slides

(Yusuke Morita, Hiroyuki Anzai, Hiroaki Kaminaga, Youzou Miyadera, Shoichi Nakamura)

Visualization of Web Exploration Streams and User's Genuine Intentions 814

(Takuya Matsumoto, Tatuya Yamazaki, Hiroaki Kaminaga, Youzou Miyadera, Shoichi Nakamura)

A System for Management of Research Resources Focusing on Grasping the Polish Processes 816

(Hiroyuki Anzai, Hiroaki Kaminaga, Yasuhiko Morimoto, Setsuo Yokoyama, Youzou Miyadera, Shoichi

Nakamura)

14

2012 internationalconferencefor internet technology …dascalescu anacristina, boriga radu eugen) 4...

Documents