Angelos D. Keromytis - Böcker

Software that covertly monitors user actions, also known as spyware, has become a first-level security threat due to its ubiquity and the difficulty of detecting and removing it. This is especially so for video conferencing, thin-client computing and Internet cafes.CryptoGraphics: Exploiting Graphics Cards for Security explores the potential for implementing ciphers within GPUs, and describes the relevance of GPU-based encryption to the security of applications involving remote displays. As the processing power of GPUs increases, research involving the use of GPUs for general purpose computing has arisen. This work extends such research by considering the use of a GPU as a parallel processor for encrypting data. The authors evaluate the operations found in symmetric and asymmetric key ciphers to determine if encryption can be programmed in existing GPUs. A detailed description for a GPU based implementation of AES is provided. The feasibility of GPU-based encryption allows the authors to explore the use of a GPU as a trusted system component. Unencrypted display data can be confined to the GPU to avoid exposing it to any malware running on the operating system.

Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College.This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.

Software that covertly monitors user actions, also known as spyware, has become a first-level security threat due to its ubiquity and the difficulty of detecting and removing it. This is especially so for video conferencing, thin-client computing and Internet cafes.CryptoGraphics: Exploiting Graphics Cards for Security explores the potential for implementing ciphers within GPUs, and describes the relevance of GPU-based encryption to the security of applications involving remote displays. As the processing power of GPUs increases, research involving the use of GPUs for general purpose computing has arisen. This work extends such research by considering the use of a GPU as a parallel processor for encrypting data. The authors evaluate the operations found in symmetric and asymmetric key ciphers to determine if encryption can be programmed in existing GPUs. A detailed description for a GPU based implementation of AES is provided. The feasibility of GPU-based encryption allows the authors to explore the use of a GPU as a trusted system component. Unencrypted display data can be confined to the GPU to avoid exposing it to any malware running on the operating system.

Insider Attack and Cyber Security: Beyond the Hacker defines the nature and scope of insider problems as viewed by the financial industry. This edited volume is based on the first workshop on Insider Attack and Cyber Security, IACS 2007. The workshop was a joint effort from the Information Security Departments of Columbia University and Dartmouth College.This book sets an agenda for an ongoing research initiative to solve one of the most vexing problems encountered in security, and includes the following topics: critical IT infrastructure, insider threats, awareness and dealing with nefarious human activities in a manner that respects individual liberties and privacy policies of organizations while providing the best protection of critical resources and services. In some sense, the insider problem is the ultimate security problem. This volume concludes with technical and legal challenges facing researchers who study and propose solutions to mitigate insider attacks.

Voice over IP (VoIP) and Internet Multimedia Subsystem technologies (IMS) are rapidly being adopted by consumers, enterprises, governments and militaries. In this book, the authors examine the current state of affairs on VoIP security through a survey of 221 known/disclosed security vulnerabilities in bug-tracking databases.

The 3rd International Conference on Applied Cryptography and Network Security (ACNS 2005) was sponsored and organized by ICISA (the International Commu- cations and Information Security Association). It was held at Columbia University in New York, USA, June 7–10, 2005. This conference proceedings volume contains papers presented in the academic/research track. ACNS covers a large number of research areas that have been gaining importance in recent years due to the development of the Internet, wireless communication and the increased global exposure of computing resources. The papers in this volume are representative of the state of the art in security and cryptography research, worldwide. The Program Committee of the conference received a total of 158 submissions from all over the world, of which 35 submissions were selected for presentation at the a- demic track. In addition to this track, the conference also hosted a technical/ industrial/ short papers track whose presentations werealso carefully selected from among the submissions. All submissions were reviewed by experts in the relevant areas.

This book constitutes the refereed proceedings of the 6th International Conference on Applied Cryptography and Network Security, ACNS 2008, held in New York, NY, USA, in June 2008. The 30 revised full papers presented were carefully reviewed and selected from 131 submissions. The papers address all aspects of applied cryptography and network security with special focus on novel paradigms, original directions, and non-traditional perspectives.

This book constitutes the thoroughly refereed post-conference proceedings of the 16th International Conference on Financial Cryptography and Data Security (FC 2012), held in Kralendijk, Bonaire, February 27–March 1, 2012. The 29 revised full papers presented were carefully selected and reviewed from 88 submissions. The papers cover all aspects of securing transactions and systems, including information assurance in the context of finance and commerce.