发布求助
文献互助 智能选刊 最新文献

Proceedings of the 18th International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
Network Covert Channels in Routing Protocols 路由协议中的网络隐蔽通道
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605021
Michael Schneider, Daniel Spiekermann, J. Keller
{"title":"Network Covert Channels in Routing Protocols","authors":"Michael Schneider, Daniel Spiekermann, J. Keller","doi":"10.1145/3600160.3605021","DOIUrl":"https://doi.org/10.1145/3600160.3605021","url":null,"abstract":"Computer networks play a key role in everyday lives. To guarantee fail-safe operation, routing protocols are used that enable dynamic routing via redundant paths. Because of this, routing protocols like RIP or OSPF play an important role in modern network infrastructures. The widespread use together with the mostly missing traffic monitoring of these protocols provide a possible base to exploit these protocols for network steganographic channels. In this paper, we present a novel storage covert channel based on the OSPF routing protocol. We analyzed the protocol in detail with the help of hiding patterns to identify protocol fields that might be suitable for covert communication. We provide a proof-of-concept implementation of our covert channel inside a simulated network, which demonstrates the possibility of covert communication in a routing protocol. Our evaluation covers detectability and countermeasures, steganographic bandwidth and robustness. Furthermore, we sketch an application scenario where such a covert channel can be deployed.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"345 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128923850","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
VeriDevOps Software Methodology: Security Verification and Validation for DevOps Practices VeriDevOps软件方法论:DevOps实践的安全验证和确认
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605054
Eduard Paul Enoiu, D. Truscan, A. Sadovykh, Wissam Mallouli
{"title":"VeriDevOps Software Methodology: Security Verification and Validation for DevOps Practices","authors":"Eduard Paul Enoiu, D. Truscan, A. Sadovykh, Wissam Mallouli","doi":"10.1145/3600160.3605054","DOIUrl":"https://doi.org/10.1145/3600160.3605054","url":null,"abstract":"VeriDevOps offers a methodology and a set of integrated mechanisms that significantly improve automation in DevOps to protect systems at operations time and prevent security issues at development time by (1) specifying security requirements, (2) generating trace monitors, (3) locating root causes of vulnerabilities, and (4) identifying security flaws in code and designs. This paper presents a methodology that enhances productivity and enables the continuous integration/delivery of trustworthy systems. We outline the methodology, its application to relevant scenarios, and offer recommendations for engineers and managers adopting the VeriDevOps approach. Practitioners applying the VeriDevOps methodology should include security modeling in the DevOps process, integrate security verification throughout all stages, utilize automated test generation tools for security requirements, and implement a comprehensive security monitoring system, with regular review and update procedures to maintain relevance and effectiveness.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131059104","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Evaluating Statistical Disclosure Attacks and Countermeasures for Anonymous Voice Calls 评估匿名语音呼叫的统计泄露攻击及对策
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600186
David Schatz, M. Rossberg, Guenter Schaefer
{"title":"Evaluating Statistical Disclosure Attacks and Countermeasures for Anonymous Voice Calls","authors":"David Schatz, M. Rossberg, Guenter Schaefer","doi":"10.1145/3600160.3600186","DOIUrl":"https://doi.org/10.1145/3600160.3600186","url":null,"abstract":"Assuming a threat model of a global observer, statistical disclosure attacks have been proposed to efficiently de-anonymize communication relationships in text-based mix networks over time. It is commonly assumed that such attacks are also able to disclose call relationships in anonymous communication networks (ACNs) that support voice calls. One straightforward countermeasure is to expect users to permanently send and receive packets that mimic a Voice over IP (VoIP) call. However, this is not practical in real world scenarios, like on mobile devices. In this article, we adapt one specific statistical disclosure attack (Z-SDA-MD) to voice calls and quantitatively study less resource-intensive countermeasures. As base countermeasure, we evaluate a round-based communication model, corresponding to a timed mix. A simulation study of this scenario shows that the Z-SDA-MD is not well suited for a general disclosure of call relationships because of too many false positives. Nevertheless, the attack is able to correctly identify the most frequent relationships. Still, the accuracy in that regard may significantly be decreased by increasing the duration of one round, by decoupling actions (call setup and teardown) of caller and callee by a random number of rounds, and by occasional fake calls to a fixed set of “fake friends”. Overall, our study shows that anonymous voice calls may be implemented with an acceptable trade-off between anonymity, call setup time, and bandwidth overhead.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130470063","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Memory Forensics of the OpenDaylight Software-Defined Networking (SDN) Controller OpenDaylight软件定义网络(SDN)控制器内存取证
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600196
Abdullah Alshaya, Adam Kardorff, Christian Facundus, I. Baggili, Golden Richard III
{"title":"Memory Forensics of the OpenDaylight Software-Defined Networking (SDN) Controller","authors":"Abdullah Alshaya, Adam Kardorff, Christian Facundus, I. Baggili, Golden Richard III","doi":"10.1145/3600160.3600196","DOIUrl":"https://doi.org/10.1145/3600160.3600196","url":null,"abstract":"Software-Defined Networking (SDN) abstracts the underlying networking hardware by keeping the control plane and the data separated. SDNs use the control plane to direct network traffic, while OpenFlow switches and routers play a passive role in the system by forwarding packets. The centralization of the control plane on virtualized systems provide Digital Forensics (DF) an opportunity at acquiring and analyzing the memory of a controller. This provides forensically relevant data regarding the SDN’s operation. In our work, we examined the OpenDaylight (ODL) SDN controller to determine what forensically relevant information may be extracted from the controller’s memory. This was accomplished by creating controller memory samples with different networking configurations, and analyzing the memory samples, then constructing an SDN-Controller-Network-Discovery-Tool (SCoNDT). SCoNDT searches a memory dump for the ODL controller’s host tracker service. This service holds information on each host connected to the network, such as its internal IP address, MAC address, and the dates and times of its first and last network connections. It then generates an HTML report. SCoNDT was evaluated on memory samples with various network configurations and showed high efficacy in reconstructing the host IPs, the usernames, and hashed passwords.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131298010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A Generic IoT Quantum-Safe Watchdog Timer Protocol 通用物联网量子安全看门狗定时器协议
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605169
Michael Eckel, Tanja Gutsche, Hagen Lauer, André Rein
{"title":"A Generic IoT Quantum-Safe Watchdog Timer Protocol","authors":"Michael Eckel, Tanja Gutsche, Hagen Lauer, André Rein","doi":"10.1145/3600160.3605169","DOIUrl":"https://doi.org/10.1145/3600160.3605169","url":null,"abstract":"This paper presents a quantum-safe watchdog timer protocol designed and implemented using various quantum-safe digital signature algorithms. The protocol is specifically tailored to be used in the context of the Internet of Things (IoT) to address the security risks posed by quantum computing to classical protocols. Our approach replaces the classical protocol with a quantum-safe watchdog timer protocol, which ensures that an IoT device’s communication channels remain secure from adversarial attacks. To demonstrate the effectiveness of our proposed protocol, we develop a proof-of-concept (PoC) implementation using an actor framework in Python. We evaluate the performance impact of the proposed protocol based on several IoT scenarios. We also compare the performance of different quantum-safe algorithms using measurements of CPU cycles, and quantitatively evaluate the results using statistical methods. Our results indicate that the performance of the tested quantum-safe algorithms is better or similar to that of the tested classical algorithms. Based on these results, we recommend a specific quantum-safe algorithm for use with the watchdog timer protocol in the IoT context. The proposed protocol and recommended quantum-safe algorithm offer an effective way to address the security risks posed by quantum computing to IoT devices, and are a significant contribution to the field of quantum-safe cryptography.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123348945","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Beware the Doppelgänger: Attacks against Adaptive Thresholds in Facial Recognition Systems 注意Doppelgänger:对面部识别系统中自适应阈值的攻击
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600179
Willem Verheyen, Tim Van hamme, Sander Joos, D. Preuveneers, W. Joosen
{"title":"Beware the Doppelgänger: Attacks against Adaptive Thresholds in Facial Recognition Systems","authors":"Willem Verheyen, Tim Van hamme, Sander Joos, D. Preuveneers, W. Joosen","doi":"10.1145/3600160.3600179","DOIUrl":"https://doi.org/10.1145/3600160.3600179","url":null,"abstract":"Biometric recognition systems typically use a fixed threshold to differentiate between legitimate users and imposters. Yet, this method can be problematic due to differences in individual user performance, whereas some users are more easily recognizable than others. Furthermore, fixed thresholds require extensive tuning on a large test set a priori to determine an optimal threshold value. Adaptive thresholds address these shortcomings by adjusting threshold values based on population characteristics. However, our research demonstrates that adaptive thresholds suffer from a significant weakness as they inadvertently increase the attack surface against face recognition systems. We do so by introducing a novel attack, the doppelgänger attack, where a malicious actor inserts adversarial examples that mimic legitimate users and increase the false rejection rate for these legitimate users by 70%. Consequently, we enhance the performance of face recognition systems by introducing identity-level thresholds and developing a defensive mechanism to prevent the enrollment of doppelgängers. Our novel identity-level thresholding approach customizes the threshold for each individual user in the system. We demonstrate that this approach outperforms both static thresholds and the previously proposed adaptive methodologies, even when dealing with a large number of users. These results have significant implications for the design and implementation of face recognition systems, improving their reliability and enhancing their security.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123089163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Long-Term Analysis of the Dependability of Cloud-based NISQ Quantum Computers 基于云的NISQ量子计算机可靠性的长期分析
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600192
Chuan Xu, Jakub Szefer
{"title":"Long-Term Analysis of the Dependability of Cloud-based NISQ Quantum Computers","authors":"Chuan Xu, Jakub Szefer","doi":"10.1145/3600160.3600192","DOIUrl":"https://doi.org/10.1145/3600160.3600192","url":null,"abstract":"Numerous public cloud infrastructure providers today allow for access to Noisy Intermediate-Scale Quantum (NISQ) computers. Changes in the environment or the machine configuration may affect their dependability. Through analysis of real quantum computer calibration data, this work demonstrates that quantum computers available from IBM Quantum experience periods of fluctuation or abrupt qubit frequency changes. This work further analyzes the correlation between the frequency change events, decoherence times, gate errors, and machine maintenance or offline periods. The results highlight that the properties of NISQ computers change over time, affecting their dependability, but not all of the changes can be explained with publicly available data.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127608884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Automatic Test Generation to Improve Scrum for Safety Agile Methodology 自动生成测试以改进Scrum安全敏捷方法
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605061
M. Barbareschi, Salvatore Barone, V. Casola, Salvatore Della Torca, Daniele Lombardi
{"title":"Automatic Test Generation to Improve Scrum for Safety Agile Methodology","authors":"M. Barbareschi, Salvatore Barone, V. Casola, Salvatore Della Torca, Daniele Lombardi","doi":"10.1145/3600160.3605061","DOIUrl":"https://doi.org/10.1145/3600160.3605061","url":null,"abstract":"Continuous compliance and living traceability, i.e., assure the technical quality of the software during the incremental flow of the agile process and trace the requirements’ implementation at any time during the development cycle, are two of the most challenging aspects of adopting agile methodologies in the safety critical domain. This is even more true when either user requirements are unstable, the knowledge of the product to be delivered is not enough, or there is no clear interfaces between various hardware/software subsystems, as it may be in a research and development context. In order to reduce the overall cost of these activities, in this manuscript, we discuss benefits resulting from adopting a semi-automatic method to perform continuous compliance and living traceability. The method aims to finding inconsistency between artifacts produced at the end of each iteration by exploit automatic generation of unit tests and coverage metrics. We validated the applicability of the proposed methodology over a real case study from the railway domain, proving it can find inconsistency between several regulations-required artifacts, including the requirements specification, the architectural specification, test specifications and their implementation, and the software implementation.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127715989","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cheaper than you thought? A dive into the darkweb market of cyber-crime products 比你想象的便宜?潜入网络犯罪产品的暗网市场
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605012
Dimitrios Georgoulias, Ricardo Yaben, Emmanouil Vasilomanolakis
{"title":"Cheaper than you thought? A dive into the darkweb market of cyber-crime products","authors":"Dimitrios Georgoulias, Ricardo Yaben, Emmanouil Vasilomanolakis","doi":"10.1145/3600160.3605012","DOIUrl":"https://doi.org/10.1145/3600160.3605012","url":null,"abstract":"The darkweb is nowadays considered a very popular place to sell and buy illegal cyber-crime related content. From botnet services and malware, to user data such as credit card information and passwords, darkweb marketplaces offer ease of use, product variety, and most importantly effective anonymity to both buyers and vendors. In this paper, we crawl 8 popular darkweb marketplaces and perform a comprehensive quantitative analysis with a focus on cyber-crime related products. Moreover, we report some preliminary findings when examining the same marketplaces through their I2P mirrors. Our results suggest that overall there is a multitude of products that fall into the cyber-crime category, with products under the Fraud category dominating the market, and that the average cyber-crime products’ price is relatively low. Furthermore, we explore how the vendors of this specific product group are distributed across platforms, utilizing harvested information such as usernames and PGP keys, and investigate how their reputation scores affect their operation.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124334094","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Data Loss Prevention Solution for Linux Endpoint Devices Linux终端设备防数据丢失解决方案
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605036
Lukas Daubner, Adam Považanec
{"title":"Data Loss Prevention Solution for Linux Endpoint Devices","authors":"Lukas Daubner, Adam Považanec","doi":"10.1145/3600160.3605036","DOIUrl":"https://doi.org/10.1145/3600160.3605036","url":null,"abstract":"Endpoint data loss prevention (DLP) software monitors and protects data on the endpoint against accidental and malicious leakage. While the risk of such leakage is widely present in current systems, it is more so within the intelligent infrastructures due to potential impact, heterogeneity, and complexity. However, there is a significant gap in open solutions for wide Linux-based endpoints. Therefore, this paper discusses possible approaches towards Linux endpoint DLP solution, which would be widely available on Linux distributions, not relying on fragile assumptions and not undermining security controls. Namely, the focus is on audit and control of file system operations and external USB devices. The viable approaches are discussed, and a prototype solution is implemented using the ftrace framework for file system operations and combining the udev subsystem and the sysfs virtual file system for external USB devices. While the solution is demonstrated in scenarios involving various DLP channels, it also established a platform for further research based on the data from intercepted events.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129109548","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信