发布求助
文献互助 智能选刊 最新文献

Proceedings of the 18th International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems HoneyICS:用于工业控制系统的高交互物理感知蜜网
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3604984
Marco Lucchese, Francesco Lupia, Massimo Merro, Federica Paci, Nicola Zannone, A. Furfaro
{"title":"HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems","authors":"Marco Lucchese, Francesco Lupia, Massimo Merro, Federica Paci, Nicola Zannone, A. Furfaro","doi":"10.1145/3600160.3604984","DOIUrl":"https://doi.org/10.1145/3600160.3604984","url":null,"abstract":"Industrial control systems (ICSs) are vulnerable to cyber-physical attacks, i.e., security breaches in cyberspace that adversely affect the underlying physical processes. In this context, honeypots are effective countermeasures both to defend against such attacks and discover new attack strategies. In recent years, honeypots for ICSs have made significant progress in faithfully emulating OT networks, including physical process interactions. We propose HoneyICS, a high-interaction, physics-aware, scalable, and extensible honeynet for ICSs, equipped with an advanced monitoring system. We deployed our honeynet on the Internet and conducted experiments to evaluate the effectiveness of HoneyICS.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122680176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Enabling Efficient Threshold Signature Computation via Java Card API 通过Java卡API实现高效阈值签名计算
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600180
Antonín Dufka, P. Švenda
{"title":"Enabling Efficient Threshold Signature Computation via Java Card API","authors":"Antonín Dufka, P. Švenda","doi":"10.1145/3600160.3600180","DOIUrl":"https://doi.org/10.1145/3600160.3600180","url":null,"abstract":"Threshold signatures are becoming an increasingly popular method of signing key protection, primarily due to their ability to produce signatures that require the cooperation of multiple parties yet appear indistinguishable from a regular signature. This unique feature allows for their easy integration with existing systems, making them highly desirable in applications like national identity systems and transaction authorization, where they are being gradually deployed; their growing importance is further attested by NIST’s recently initiated efforts to standardize threshold schemes [19]. An issue often encountered in the deployment of threshold schemes is that their execution is not supported by current secure hardware, which is necessary for the secure handling of secrets, as storing the shares in regular memory puts them at an increased risk of compromise. This raises the question of whether it is possible to run state-of-the-art threshold protocols with current secure hardware that we attempt to answer for cryptographic smartcards. We analyzed algorithms available on smartcards with the Java Card platform and repurposed them to construct operations needed in threshold protocols. We use these derived operations to implement , a state-of-the-art threshold signature scheme currently in a standardization process, making it the first open smartcard implementation of a threshold protocol supporting an arbitrary threshold. We demonstrate the practicality of this approach on the latest smartcards with no requirement for proprietary libraries.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131635991","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Detecting a Complex Attack Scenario in an Airport: The PRAETORIAN Framework 侦测机场复杂攻击场景:禁卫军框架
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605095
S. Schauer, Tamara Hadjina, Melita Damjanovic, Eva Maria Muñoz Navarro, Juan Jose Hernandez Montesinos, Javier Hingant Gómez, Lazaros Papadopoulos
{"title":"Detecting a Complex Attack Scenario in an Airport: The PRAETORIAN Framework","authors":"S. Schauer, Tamara Hadjina, Melita Damjanovic, Eva Maria Muñoz Navarro, Juan Jose Hernandez Montesinos, Javier Hingant Gómez, Lazaros Papadopoulos","doi":"10.1145/3600160.3605095","DOIUrl":"https://doi.org/10.1145/3600160.3605095","url":null,"abstract":"In this paper, we describe the functioning of the PRAETORIAN Framework, an integrated platform to identify complex threats across the physical and cyber domains of Critical Infrastructures (CIs). Therefore, the framework combines a physical and a cyber situation awareness solution into an innovative Hybrid Situation Awareness tool to detect the different stages of a complex threat. Further, the framework supports the decision makers and emergency organizations with a Coordinated Response tool to align and plan the activities for reducing or preventing the effects of an attack. All aspects are described according to a real-life use case that has been tested at the Zagreb airport.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131846393","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
FISMOS – An FPGA Implementation of a Security Module as Open Source FISMOS -安全模块的FPGA实现作为开源
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605168
Philipp Schubaur, Peter Knauer, D. Merli
{"title":"FISMOS – An FPGA Implementation of a Security Module as Open Source","authors":"Philipp Schubaur, Peter Knauer, D. Merli","doi":"10.1145/3600160.3605168","DOIUrl":"https://doi.org/10.1145/3600160.3605168","url":null,"abstract":"Many IoT devices are trusted with critical tasks and therefore require solid device security. As a result, manufacturers search for cost-efficient and easy-to-integrate trust anchors, but common IT solutions, like a Trusted Platform Modules (TPMs) are often not suitable for Internet of Things (IoT) use cases. Simultaneously, the adoption of System on Chip (SoC) devices, integrating a set of ARM® cores and Programmable Logic (PL) within one package are on the rise in several industries. While the ARM® processors facilitate networking and graphical user interfaces, a Field Programmable Gate Array (FPGA) fabric enables real-time control or acceleration of AI applications on the edge. This paper presents a solution to combine these trends for the benefit of device security: an FPGA Implementation of a Security Module as Open Source (FISMOS). The security module focuses on simplicity, providing security capabilities by little expense of logic as well as engineering resources. FISMOS is based on the PicoRV32 soft-core processor and features an AXI memory interface for data exchange with its host. It enables secure symmetric and asymmetric cryptographic functions, key enclosure, and may serve as a trust anchor for the Linux kernel. This configuration allows for customized security functionalities and a robust segmentation between the encapsulated area of the FISMOS and the Linux OS.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121114235","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
IoT Network Attack Detection: Leveraging Graph Learning for Enhanced Security 物联网网络攻击检测:利用图学习增强安全性
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605053
Mohamed-Lamine Messai, H. Seba
{"title":"IoT Network Attack Detection: Leveraging Graph Learning for Enhanced Security","authors":"Mohamed-Lamine Messai, H. Seba","doi":"10.1145/3600160.3605053","DOIUrl":"https://doi.org/10.1145/3600160.3605053","url":null,"abstract":"IoT networks are the favorite target of cybercriminals. With more and more connected IoT devices, IoT networks offer large attack surface. There are many potential entry points for cybercriminals in these networks. Hence, attack detection is an essential part of securing IoT networks and protecting them against the potential harm or damage that can result from successful attacks. In this paper, we propose a graph-based framework for detecting attacks in IoT networks. Our approach involves constructing an activity graph to represent the networking events occurring during a monitoring window. This graph is a rich attributed graph capturing both structure and semantic features from the network traffic. Then, we train a neural network on this graph to distinguish between normal activities and attacks. Our preliminary experiments show that our approach is able to accurately detect a large range of attacks when the size of the monitoring window is correctly set.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131019655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
ScasDK - A Development Kit for Security Assurance test in Multi-Network-Function 5G ScasDK -多网络功能5G安全保障测试开发工具包
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605044
Francesco Mancini, Giuseppe Bianchi
{"title":"ScasDK - A Development Kit for Security Assurance test in Multi-Network-Function 5G","authors":"Francesco Mancini, Giuseppe Bianchi","doi":"10.1145/3600160.3605044","DOIUrl":"https://doi.org/10.1145/3600160.3605044","url":null,"abstract":"To ensure 5G infrastructure security, standardized Security Assurance Specification (SCAS) tests are being developed by 3GPP. However, executing these tests on complex 5G infrastructures with multiple closed-source network functions (NFs) poses a challenge. This paper presents ScasDK, a development framework that enables third-party test labs to design, deploy, and control SCAS tests on virtualized 5G core infrastructures. ScasDK addresses the multi-NF hurdle by inserting proxies (including custom ones) between NFs and using a central controller to program their responses. Preliminary assessments using seven SCAS tests on three open-source 5G core networks revealed significant test failures, emphasizing the need for enhanced security focus in open-source 5G development.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133320578","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Analysis of PhotoDNA PhotoDNA的分析
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605048
M. Steinebach
{"title":"An Analysis of PhotoDNA","authors":"M. Steinebach","doi":"10.1145/3600160.3605048","DOIUrl":"https://doi.org/10.1145/3600160.3605048","url":null,"abstract":"PhotoDNA is a popular hash used to combat CSAM. So far, only limited information has been provided about this hash in terms of its performance. In this paper, we provide an overview of robustness and false positives, as well as some basic observations about its structure. We show that it is robust against typical image processing such as lossy compression. On the other hand, it is only of limited robustness against cropping. We also give some suggestions for improving the algorithm or its use.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128669072","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
ELECTRON: An Architectural Framework for Securing the Smart Electrical Grid with Federated Detection, Dynamic Risk Assessment and Self-Healing 电子:一种具有联邦检测、动态风险评估和自我修复功能的智能电网安全体系结构框架
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605161
Panagiotis I. Radoglou-Grammatikis, Athanasios Liatifis, Christos Dalamagkas, A. Lekidis, Konstantinos Voulgaridis, T. Lagkas, Nikolaos Fotos, S. Menesidou, T. Krousarlis, Pedro Ruzafa Alcazar, Juan Francisco Martinez, A. Skarmeta, Alberto Molinuevo Martín, Iñaki Angulo, Jesus Villalobos Nieto, Hristo Koshutanski, Rodrigo Diaz Rodriguez, Ilias Siniosoglou, Orestis Mavropoulos, Konstantinos Kyranou, Theocharis Saoulidis, Allon Adir, Ramy Masalha, E. Bellini, N. Kolokotronis, S. Shiaeles, J. G. Franquelo, George Lalas, A. Zalonis, A. Voulgaridis, A. Bintoudi, K. Votis, D. Pampliega, P. Sarigiannidis
{"title":"ELECTRON: An Architectural Framework for Securing the Smart Electrical Grid with Federated Detection, Dynamic Risk Assessment and Self-Healing","authors":"Panagiotis I. Radoglou-Grammatikis, Athanasios Liatifis, Christos Dalamagkas, A. Lekidis, Konstantinos Voulgaridis, T. Lagkas, Nikolaos Fotos, S. Menesidou, T. Krousarlis, Pedro Ruzafa Alcazar, Juan Francisco Martinez, A. Skarmeta, Alberto Molinuevo Martín, Iñaki Angulo, Jesus Villalobos Nieto, Hristo Koshutanski, Rodrigo Diaz Rodriguez, Ilias Siniosoglou, Orestis Mavropoulos, Konstantinos Kyranou, Theocharis Saoulidis, Allon Adir, Ramy Masalha, E. Bellini, N. Kolokotronis, S. Shiaeles, J. G. Franquelo, George Lalas, A. Zalonis, A. Voulgaridis, A. Bintoudi, K. Votis, D. Pampliega, P. Sarigiannidis","doi":"10.1145/3600160.3605161","DOIUrl":"https://doi.org/10.1145/3600160.3605161","url":null,"abstract":"The electrical grid has significantly evolved over the years, thus creating a smart paradigm, which is well known as the smart electrical grid. However, this evolution creates critical cybersecurity risks due to the vulnerable nature of the industrial systems and the involvement of new technologies. Therefore, in this paper, the ELECTRON architecture is presented as an integrated platform to detect, mitigate and prevent potential cyberthreats timely. ELECTRON combines both cybersecurity and energy defence mechanisms in a collaborative way. The key aspects of ELECTRON are (a) dynamic risk assessment, (b) asset certification, (c) federated intrusion detection and correlation, (d) Software Defined Networking (SDN) mitigation, (e) proactive islanding and (f) cybersecurity training and certification.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134475224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Automated Side-Channel Attacks using Black-Box Neural Architecture Search 基于黑盒神经结构搜索的自动侧信道攻击
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3600161
Pritha Gupta, J. P. Drees, E. Hüllermeier
{"title":"Automated Side-Channel Attacks using Black-Box Neural Architecture Search","authors":"Pritha Gupta, J. P. Drees, E. Hüllermeier","doi":"10.1145/3600160.3600161","DOIUrl":"https://doi.org/10.1145/3600160.3600161","url":null,"abstract":"The application of convolutional neural networks (CNNs) to break cryptographic systems through hardware side-channels facilitated rapid and adaptable attacks on cryptographic systems like smart cards and Trusted Platform Modules (TPMs). However, current approaches rely on manually designed CNN architectures by domain experts, which are time-consuming and impractical for attacking new systems. To overcome this, recent research has delved into the use of neural architecture search (NAS) to discover appropriate CNN architectures automatically. This approach aims to alleviate the burden on human experts and facilitate more efficient exploration of new attack targets. However, these works only optimize the architecture using the secret key information from the attack dataset and explore limited search strategies with one-dimensional CNNs. In this work, we propose a fully black-box NAS approach that solely utilizes the profiling dataset for optimization. Through an extensive experimental parameter study, we investigate which choices for NAS, such as using 1-D or 2-D CNNs and various search strategies, produce the best results on 10 state-of-the-art datasets for identity leakage model. Our results demonstrate that applying the Random search strategy on 1-D inputs achieves a high success rate, enabling retrieval of the correct secret key using a single attack trace on two datasets. This combination matches the attack efficiency of fixed CNN architectures and outperforms them in 4 out of 10 datasets. Our experiments also emphasize the importance of repeated attack evaluations for ML-based solutions to avoid biased performance estimates.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133154767","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Automatic incident response solutions: a review of proposed solutions’ input and output 自动事件响应解决方案:审查建议的解决方案的输入和输出
Proceedings of the 18th International Conference on Availability, Reliability and Security Pub Date : 2023-08-29 DOI: 10.1145/3600160.3605066
Henrik Karlzén, T. Sommestad
{"title":"Automatic incident response solutions: a review of proposed solutions’ input and output","authors":"Henrik Karlzén, T. Sommestad","doi":"10.1145/3600160.3605066","DOIUrl":"https://doi.org/10.1145/3600160.3605066","url":null,"abstract":"Many organizations are exposed to the risk of cyber attacks that penetrate their computer networks. When such cyber attacks occur, e.g. a ransomware outbreak, it is desirable to quickly respond by containing the threat or limit its consequences. Technologies that support this process have been widely used for decades, including antivirus software and deep-packet inspection firewalls. A large number of researches on cyber security have been initiated to automate the incident handling process further, often motivated by the need to respond to more advanced cyber attacks or the increasing cyber risks at stake. This paper reviews the research on automatic incident response solutions published since the year 2000, in order to identify gaps as well as guide further research. The proposed solutions are categorized in terms of the input they use (e.g. intrusion signals) and the output they perform (e.g. reconfiguring a network) using the D3FEND framework. The solutions presented in 45 papers published in the academic literature are analyzed and compared to four commercially available solutions for automatic response. Many of the 45 papers described input and output in vague terms. The most common inputs were from asset inventories, platform monitoring and network traffic analysis. The most common output was network isolation measures, e.g. to reconfigure firewalls. Commercially available solutions focus more on looking for identifiers in reputation systems and individual analyzing files.","PeriodicalId":107145,"journal":{"name":"Proceedings of the 18th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2023-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133232656","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信