Advances in network and system security

Current computer networks and systems are facing serious threats from cyber terrorism and crime, which cause huge financial loss and potential life hazard. Although these attack systems have become more easy-to-use, sophisticated, and powerful, interest has greatly increased in the field of building more effective, intelligent, adaptive, active, and high performance networks and systems. This special issue focuses on issues related to Network and System Security, such as authentication, access control, availability, integrity, privacy, confidentiality, dependability and sustainability of computer networks and systems. We are pleased to present to you eight technical papers dealing with cutting-edge research and technology related to this topic. These papers were selected out of the significantly extended versions of the 131 submissions from 44 countries in the 4th International Conference on Network and System Security (NSS 2010) and a large number of open submissions. The selection has been very rigorous and only the best papers were selected. In the first paper, ‘DHTrust: A robust and distributed reputation system for trusted peer-to-peer Networks’ [1], Xue et al. propose a robust and distributed reputation system, DHTrust, which takes full advantage of the distributed hash table to distribute local reputation to trade off the damage of fake reputation information by genuine reputation information. This system can effectively distinguish and evaluate the fundamental behaviors of peers in peer-to-peer networks and thus to provide service and issue reputation scores. In the second paper, ‘Breaking Tor anonymity with game theory and data mining’ [2], Wagner et al. propose a mechanism to break Tor anonymity with one rogue exit node. The attack is composed of two elements: an active tag injection scheme and an inference attack that leverages a semi-supervised learning algorithm to reconstruct browsing sessions. A prototype is implemented and its performance is evaluated on the Tor network. The article also describes several countermeasures and interesting advanced attacks. In the third paper, ‘Mobile device access control: an improved correlation based face authentication scheme and its Java ME application’ [3], Xi et al. investigate face authentication based access control solutions for camera-equipped mobile devices. They propose a new hierarchical correlation based face authentication scheme by analyzing the relationship between each cross-correlation output peak generated from selected subregions of a face, in conjunction with conventional direct cross-correlation methods. The proposed algorithm is implementable on mobile devices with shortened processing time and reduced resource demand. In the fourth paper, ‘Energy efficient authentication strategies for network coding’ [4], Apavatjrut et al. investigate different strategies based on message authentication codes algorithms to deal with the attacks against network coding schemes. In wireless sensor networks, the node resources are limited in energy and in computational power. The authors develop new strategies to defend against pollution attacks on wireless sensor networks. In the fifth paper, ‘On the identity anonymization of high dimensional rating data’ [5], Sun et al. study the challenges of protecting privacy of individuals in the large public survey rating data, which is prone to attacks that can potentially identify user information. The authors propose a greedy approach to anonymize survey rating data that scales almost linearly with the input size. They apply the method to two real-life data sets to demonstrate their efficiency and practical utility. Intrusion detection systems (IDS) have been widely deployed in practice for detecting malicious behaviors. In the sixth paper, ‘An alert correlation platform for memory-supported techniques’ [6], Roschke et al. present a new way to enhance the detection process of intrusion detection systems by correlation and clustering of alerts. The proposed platform can be distributed over multiple processing units to share memory and processing power. The efficiency and the effectiveness of the platform