IIS Open House 2016

Japanese version is here.
Welcome to the Matsuura Laboratory IIS Open House 2016 Web page.
In 2016, IIS Open House will again be held on June 3 (Fri.), and June 4 (Sat.) at Komaba Research Campus, Institute of Industrial Science, the University of Tokyo.
In Matsuura Laboratory, we will present our researches related to information security and cryptography.

Date and Time
2016/6/3(Fri.) 10:00 - 17:00
2016/6/4(Sat.) 10:00 - 17:00
Research Topics
On Rigorous Security of Password Recovery Protocols
Many online services adopt a password-based user authentication system because of its usability and most online services support a mechanism with which a user can recover a password. In this research, we discuss a provable security treatment for a password recovery protocol.
Generic Constructions of Adaptively Secure Attribute-Based Signcryption
Until now, a number of constructions of attribute-based signcryption have been proposed in the literature. We have firstly proposed some generic constructions of the primitive and proved mathematically that they satisfy their strongest security notion, i.e. the adaptive security.
Information Security and Economics
Empirical and Theoretical Analyses on the Security of Japanese Loyalty Programs
In Japan, partnership alliances are now popular in operating a loyalty program (LP), but there are occurring many security incidents. Attackers are trying to thieve legitimate users' point asset. We empirically analyzed the threat on Japanese LPs and suggested the relation between threat and number of partners, or redemption period, or specific partner. We also studied the trade-off between security and profit by constructing a simple model.
Android Security
A Survey of Information Leakage on Android.
Recently, many people use smartphone. It becomes more important to study on security and privacy in Android, which is one of the mobile operating systems for smartphones and tablets. An Android device tends to contain sensitive information, phone numbers, names, contacts and so on. Android applications could easily access these information. So, it is efficient for adversaries to obtain information from Android devices. This is a survey of information leakage on Android.
Web Security
Design and Implementation of Static Analysis for Detection of XSS Attacks Vulnerabilities in Web Application Implemented with Object Oriented Programming
A lot of researches about Cross Site Scripting (XSS) attacks have been researched and this has been diversified. There is a little researches about analysis on scripting analysis implemented with object oriented programming in static analysis. This research suggests and implements a method of static analysis of XSS attacks in web application implemented with object oriented programming.
Extended Evaluation of Fingerprinting Attacks on Tor Anonymity System and Thier Countermeasures
Fingerprinting attack is typical attack which de-anonymize user of Tor anonymity system. But the existing evaluation is insufficient. We extend the evaluation of fingerprinting attacks and show real threat. Then we show their countermeasures.
Digital Forensics
Proposal of the incident response method using the graph structure on the industrial control systems
Incident response techniques on the cyber attacks against the industrial control systems (ICSs) have not yet been established. In this research, we propose the novel method to assign priorities based on the distance between the damaged host and each component of the ICS. Especially, the distance is calculated on the basis of the network structure of the ICS, which contributes to the consideration on the effective incident response techniques.
A Proposal of MusiAuth for Fallback Authentication
Fallback authentication is used to regain access to users accounts when the primary authentication fails. According to the unsolved problems left from the existing fallback authentication methods and the unique properties fallback authentication preserves, a gather of principles that fallback authentication should follow has been discussed, and a new fallback authentication method MusiAuth based on those principles on web services has been proposed and explained in this research.

IIS Open House 2016, Matsuura Lab.