This book constitutes the thoroughly refereed conference proceedings of the 14th International Conference on Information Security and Cryptology, held in Seoul, Korea, in November/December 2011. The 32 revised full papers presented were carefully selected from 126 submissions during two rounds of reviewing. The conference provides a forum for the presentation of new results in research, development, and applications in the field of information security and cryptology. The papers are organized in topical sections on hash function, side channel analysis, public key cryptography, network and mobile security, digital signature, cryptanalysis, efficient implementation, cryptographic application, and cryptographic protocol.

This book constitutes the thoroughly refereed post-conference proceedings of the 15th International Conference on Information Security and Cryptology, ICISC 2012, held in Seoul, Korea, in November 2012. The 32 revised full papers presented together with 3 invited talks were carefully selected from 120 submissions during two rounds of reviewing. The papers provide the latest results in research, development, and applications in the field of information security and cryptology. They are organized in topical sections on attack and defense, software and Web security, cryptanalysis, cryptographic protocol, identity-based encryption, efficient implementation, cloud computing security, side channel analysis, digital signature, and privacy enhancement.

This book constitutes the thoroughly refereed post-conference proceedings of the 17th International Conference on Information Security and Cryptology, ICISC 2014, held in Seoul, South Korea in December 2014. The 27 revised full papers presented were carefully selected from 91 submissions during two rounds of reviewing. The papers provide the latest results in research, development and applications in the field of information security and cryptology. They are organized in topical sections on RSA security, digital signature, public key cryptography, block ciphers, network security, mobile security, hash functions, information hiding and efficiency, cryptographic protocol, and side-channel attacks.

This book constitutes the thoroughly refereed post-conference proceedings of the 11th International Conference on Information Security and Cryptology, Inscrypt 2015, held in Beijing, China in November 2015. The 27 revised full papers presented were carefully reviewed and selected from 79 submissions. The papers are organized in topical sections on hash function; signature schemes; symmetric ciphers; elliptic curve and cryptographic fundamentals; Web and applications security; cloud security; key management and public key encryption; zero knowledge and secure computations; software and mobile security.

This book constitutes the refereed proceedings of the 17th Australasian Conference on Information Security and Privacy, ACISP 2012, held in Wollongong, Australia, in July 2012. The 30 revised full papers presented together with 5 short papers were carefully reviewed and selected from 89 submissions. The papers are organized in topical sections on fundamentals; cryptanalysis; message authentication codes and hash functions; public key cryptography; digital signatures; identity-based and attribute-based cryptography; lattice-based cryptography; lightweight cryptography.

This book presents two practical physical attacks. It shows how attackers can reveal the secret key of symmetric as well as asymmetric cryptographic algorithms based on these attacks, and presents countermeasures on the software and the hardware level that can help to prevent them in the future. Though their theory has been known for several years now, since neither attack has yet been successfully implemented in practice, they have generally not been considered a serious threat. In short, their physical attack complexity has been overestimated and the implied security threat has been underestimated. First, the book introduces the photonic side channel, which offers not only temporal resolution, but also the highest possible spatial resolution. Due to the high cost of its initial implementation, it has not been taken seriously. The work shows both simple and differential photonic side channel analyses. Then, it presents a fault attack against pairing-based cryptography. Due to the need for at least two independent precise faults in a single pairing computation, it has not been taken seriously either. Based on these two attacks, the book demonstrates that the assessment of physical attack complexity is error-prone, and as such cryptography should not rely on it. Cryptographic technologies have to be protected against all physical attacks, whether they have already been successfully implemented or not. The development of countermeasures does not require the successful execution of an attack but can already be carried out as soon as the principle of a side channel or a fault attack is sufficiently understood.

This book constitutes the refereed proceedings of the 9th International Conference on Information Security Practice and Experience, ISPEC 2013, held in Lanzhou, China, in May 2013. The 27 revised full papers presented were carefully reviewed and selected from 71 submissions. The papers are organized in topical sections on network security; identity-based cryptography; cryptographic primitives; security protocols; system security; software security and DRM; and cryptanalysis and side channel attacks.

This book provides a concise yet comprehensive overview of computer and Internet security, suitable for a one-term introductory course for junior/senior undergrad or first-year graduate students. It is also suitable for self-study by anyone seeking a solid footing in security – including software developers and computing professionals, technical managers and government staff. An overriding focus is on brevity, without sacrificing breadth of core topics or technical detail within them. The aim is to enable a broad understanding in roughly 350 pages. Further prioritization is supported by designating as optional selected content within this. Fundamental academic concepts are reinforced by specifics and examples, and related to applied problems and real-world incidents. The first chapter provides a gentle overview and 20 design principles for security. The ten chapters that follow provide a framework for understanding computer and Internet security. They regularly refer back to the principles, with supporting examples. These principles are the conceptual counterparts of security-related error patterns that have been recurring in software and system designs for over 50 years. The book is “elementary” in that it assumes no background in security, but unlike “soft” high-level texts it does not avoid low-level details, instead it selectively dives into fine points for exemplary topics to concretely illustrate concepts and principles. The book is rigorous in the sense of being technically sound, but avoids both mathematical proofs and lengthy source-code examples that typically make books inaccessible to general audiences. Knowledge of elementary operating system and networking concepts is helpful, but review sections summarize the essential background. For graduate students, inline exercises and supplemental references provided in per-chapter endnotes provide a bridge to further topics and a springboard to the research literature; for those in industry and government, pointers are provided to helpful surveys and relevant standards, e.g., documents from the Internet Engineering Task Force (IETF), and the U.S. National Institute of Standards and Technology.

This book explores new and novel applications of machine learning, deep learning, and artificial intelligence that are related to major challenges in the field of cybersecurity. The provided research goes beyond simply applying AI techniques to datasets and instead delves into deeper issues that arise at the interface between deep learning and cybersecurity. This book also provides insight into the difficult "how" and "why" questions that arise in AI within the security domain. For example, this book includes chapters covering "explainable AI", "adversarial learning", "resilient AI", and a wide variety of related topics. It’s not limited to any specific cybersecurity subtopics and the chapters touch upon a wide range of cybersecurity domains, ranging from malware to biometrics and more. Researchers and advanced level students working and studying in the fields of cybersecurity (equivalently, information security) or artificial intelligence (including deep learning, machine learning, big data, and related fields) will want to purchase this book as a reference. Practitioners working within these fields will also be interested in purchasing this book.