发布求助
文献互助 智能选刊 最新文献

Proceedings of the 14th International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
A Systematic Analysis of User Evaluations in Security Research 安全研究中用户评价的系统分析
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3340339
Peter Hamm, David Harborth, Sebastian Pape
{"title":"A Systematic Analysis of User Evaluations in Security Research","authors":"Peter Hamm, David Harborth, Sebastian Pape","doi":"10.1145/3339252.3340339","DOIUrl":"https://doi.org/10.1145/3339252.3340339","url":null,"abstract":"We conducted a literature survey on reproducibility and replicability of user surveys in security research. For that purpose, we examined all papers published over the last five years at three leading security research conferences and recorded the type of study and whether the authors made the underlying responses available as open data, as well as if they published the used questionnaire respectively interview guide. We uncovered how user surveys become more widespread in security research and how authors and conferences are increasingly publishing their methodologies, while we had no examples of data being made available. Based on these findings, we recommend that future researchers publish their data in addition to their results to facilitate replication and ensure a firm basis for user studies in security research.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115133062","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Analyzing Android's File-Based Encryption: Information Leakage through Unencrypted Metadata Android基于文件的加密分析:通过未加密的元数据泄露信息
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3340340
Tobias Groß, Matanat Ahmadova, Tilo Müller
{"title":"Analyzing Android's File-Based Encryption: Information Leakage through Unencrypted Metadata","authors":"Tobias Groß, Matanat Ahmadova, Tilo Müller","doi":"10.1145/3339252.3340340","DOIUrl":"https://doi.org/10.1145/3339252.3340340","url":null,"abstract":"We investigate the amount of information leakage through unencrypted metadata in Android's file-based encryption (FBE) which was introduced as an alternative to the previously dominating full-disk encryption (FDE) in Android 7.0. We propose a generic method, and provide appropriate tooling, to reconstruct forensic events on Android smartphones encrypted with FBE. Based on a dataset of 3903 applications, we show that metadata of files can be used to reconstruct the name, version and installation date of all installed apps. Furthermore, we show that, depending on a specific app, information leakages through metadata can even be used to reconstruct a user's behavior. For the example of WhatsApp, we show that the point of time a user sent or received her last message can be traced back even though the phone was encrypted. Our approach requires access to the raw data of an encrypted disk only but does not require access to a powered-on device or the bootloader, such as known attacks against FDE including cold boot and evil maid. We conclude that FBE is significantly more insecure than FDE and was presumably elected for usability reasons like direct boot.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115370162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
NERD 书呆子
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3340512
Václav Bartos
{"title":"NERD","authors":"Václav Bartos","doi":"10.1145/3339252.3340512","DOIUrl":"https://doi.org/10.1145/3339252.3340512","url":null,"abstract":"We present an open database of known malicious entities on the internet called Network Entity Reputation Database. It gathers alerts from a large number of diverse security monitoring tools and other sources and keeps detailed information about all network entities (IP addresses, ASNs, domain names, etc.) which have been reported as malicious. It also adds other related data from a multitude of sources, like whois registries, blacklists or geolocation databases. Due to the large amount, diversity and volatility of such data, creation of such a database system is not trivial. In the paper we describe the data model, system architecture and technologies used, as well as some statistics from the pilot deployment of the system. We operate the database as a free service for the cyber security community to help with prevention, defense, investigation of incidents as well as research and believe it will become a valuable contribution to the family of existing open cyber threat intelligence platforms.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"26 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126077795","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Applying Security Testing Techniques to Automotive Engineering 安全测试技术在汽车工程中的应用
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3340329
Irdin Pekaric, Clemens Sauerwein, M. Felderer
{"title":"Applying Security Testing Techniques to Automotive Engineering","authors":"Irdin Pekaric, Clemens Sauerwein, M. Felderer","doi":"10.1145/3339252.3340329","DOIUrl":"https://doi.org/10.1145/3339252.3340329","url":null,"abstract":"Over the past few decades, the automotive industry was mostly focused on testing the safety aspects of a vehicle. However, this was not the case with security testing as it only began to be addressed recently. As a result, multiple approaches applying various security testing techniques on different software-based vehicle IT components emerged. With that said, the research and practice lack an overview about these techniques. In this paper, we conduct a systematic mapping study. This involved the investigation on the following five dimensions: (1) security testing techniques, (2) AUTOSAR layers, (3) functional interfaces of AUTOSAR, (4) vehicle lifecycle phases and (5) attacks. In total, 39 papers presenting approaches for security testing in automotive engineering were systematically selected and classified. The results identify multiple security testing techniques focusing on early phases of vehicle life cycle through the application and services layer of the AUTOSAR architecture. Finally, there is a need for security regression testing approaches, as well as combined security and safety testing approaches.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125125277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Building Taxonomies based on Human-Machine Teaming: Cyber Security as an Example 基于人机协作构建分类法:以网络安全为例
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3339282
Mohamad Imad Mahaini, Shujun Li, Rahime Belen Sağlam
{"title":"Building Taxonomies based on Human-Machine Teaming: Cyber Security as an Example","authors":"Mohamad Imad Mahaini, Shujun Li, Rahime Belen Sağlam","doi":"10.1145/3339252.3339282","DOIUrl":"https://doi.org/10.1145/3339252.3339282","url":null,"abstract":"Taxonomies and ontologies are handy tools in many application domains such as knowledge systematization and automatic reasoning. In the cyber security field, many researchers have proposed such taxonomies and ontologies, most of which were built based on manual work. Some researchers proposed the use of computing tools to automate the building process, but mainly on very narrow sub-areas of cyber security. Thus, there is a lack of general cyber security taxonomies and ontologies, possibly due to the difficulties of manually curating keywords and concepts for such a diverse, inter-disciplinary and dynamically evolving field. This paper presents a new human-machine teaming based process to build taxonomies, which allows human experts to work with automated natural language processing (NLP) and information retrieval (IR) tools to co-develop a taxonomy from a set of relevant textual documents. The proposed process could be generalized to support non-textual documents and to build (more complicated) ontologies as well. Using the cyber security as an example, we demonstrate how the proposed taxonomy building process has allowed us to build a general cyber security taxonomy covering a wide range of data-driven keywords (topics) with a reasonable amount of human effort.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114696874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Towards a framework for detecting advanced Web bots 一个用于检测高级网络机器人的框架
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3339267
Christos Iliou, Theodoros Kostoulas, T. Tsikrika, Vasilis Katos, S. Vrochidis, Y. Kompatsiaris
{"title":"Towards a framework for detecting advanced Web bots","authors":"Christos Iliou, Theodoros Kostoulas, T. Tsikrika, Vasilis Katos, S. Vrochidis, Y. Kompatsiaris","doi":"10.1145/3339252.3339267","DOIUrl":"https://doi.org/10.1145/3339252.3339267","url":null,"abstract":"Automated programs (bots) are responsible for a large percentage of website traffic. These bots can either be used for benign purposes, such as Web indexing, Website monitoring (validation of hyperlinks and HTML code), feed fetching Web content and data extraction for commercial use or for malicious ones, including, but not limited to, content scraping, vulnerability scanning, account takeover, distributed denial of service attacks, marketing fraud, carding and spam. To ensure their security, Web servers try to identify bot sessions and apply special rules to them, such as throttling their requests or delivering different content. The methods currently used for the identification of bots are based either purely on rule-based bot detection techniques or a combination of rule-based and machine learning techniques. While current research has developed highly adequate methods for Web bot detection, these methods' adequacy when faced with Web bots that try to remain undetected hasn't been studied. For this reason, we created and evaluated a Web bot detection framework on its ability to detect conspicuous bots separately from its ability to detect advanced Web bots. We assessed the proposed framework performance using real HTTP traffic from a public Web server. Our experimental results show that the proposed framework has significant ability to detect Web bots that do not try to hide their bot identity using HTTP Web logs (balanced accuracy in a false-positive intolerant server > 95%). However, detecting advanced Web bots that present a browser fingerprint and may present a humanlike behaviour as well is considerably more difficult.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133696256","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Securing the Device Drivers of Your Embedded Systems: Framework and Prototype 保护您的嵌入式系统的设备驱动程序:框架和原型
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3340506
Zhuo Li, Jincheng Wang, Mingshen Sun, John C.S. Lui
{"title":"Securing the Device Drivers of Your Embedded Systems: Framework and Prototype","authors":"Zhuo Li, Jincheng Wang, Mingshen Sun, John C.S. Lui","doi":"10.1145/3339252.3340506","DOIUrl":"https://doi.org/10.1145/3339252.3340506","url":null,"abstract":"Device drivers on Linux-powered embedded or IoT systems execute in kernel space thus must be fully trusted. Any fault in drivers may significantly impact the whole system. However, third-party embedded hardware manufacturers usually ship their proprietary device drivers with their embedded devices. These out-of-tree device drivers are generally of poor quality because of a lack of code audit. In this paper, we propose a new approach that helps third-party developers to improve the reliability and safety of device drivers without modifying the kernel: Rewriting device drivers in a memory-safe programming language called Rust. Rust's rigorous language model assists the device driver developers to detect many security issues at compile time. We designed a framework to help developers to quickly build device drivers in Rust. We also utilized Rust's security features to provide several useful infrastructures for developers so that they can easily handle kernel memory allocation and concurrency management, at the same time, some common bugs (e.g. use-after-free) can be alleviated. We demonstrate the generality of our framework by implementing a real-world device driver on Raspberry Pi 3, and our evaluation shows that device drivers generated by our framework have acceptable binary size for canonical embedded systems and the runtime overhead is negligible.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"270 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133250698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Learning Software Security in Context: An Evaluation in Open Source Software Development Environment 背景下的软件安全学习:开源软件开发环境下的评估
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3340336
Shao-Fang Wen, Basel Katt
{"title":"Learning Software Security in Context: An Evaluation in Open Source Software Development Environment","authors":"Shao-Fang Wen, Basel Katt","doi":"10.1145/3339252.3340336","DOIUrl":"https://doi.org/10.1145/3339252.3340336","url":null,"abstract":"Learning software security has become a complex and difficult task today than it was even a decade ago. With the increased complexity of computer systems and a variety of applications, it is hard for software developers to master the expertise required to deal with the variety of security concepts, methods, and technologies that are required in software projects. Although a large number of security learning materials are widely available in books, open literature or on the Internet, they are difficult for learners to understand the rationale of security topics and correlate the concepts with real software scenarios. We argue that the traditional approach, which usually organizes knowledge content topically, with security-centric, is not suitable to motivate learners and stimulate learners' interest. To tackle this learning issue, our research is focused on forging a contextualized learning environment for software security where learners can explore security knowledge and relate it to the context that they are familiar with. This learning system is developed base on our proposed context-based learning approach and based on ontological technologies. In this paper, we present our evaluation study in the open source software (OSS) development environment. Our results demonstrate that contextualized learning can help OSS developers identify their necessary security information, improve learning efficiency and make security knowledge more meaningful for their software development tasks","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115726694","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Practical Group-Signatures with Privacy-Friendly Openings 具有隐私友好开口的实用组签名
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3339256
S. Krenn, Kai Samelin, Christoph Striecks
{"title":"Practical Group-Signatures with Privacy-Friendly Openings","authors":"S. Krenn, Kai Samelin, Christoph Striecks","doi":"10.1145/3339252.3339256","DOIUrl":"https://doi.org/10.1145/3339252.3339256","url":null,"abstract":"Group signatures allow creating signatures on behalf of a group, while remaining anonymous. To prevent misuse, there exists a designated entity, named the opener, which can revoke anonymity by generating a proof which links a signature to its creator. Still, many intermediate cases have been discussed in the literature, where not the full power of the opener is required, or the users themselves require the power to claim (or deny) authorship of a signature and (un-)link signatures in a controlled way. However, these concepts were only considered in isolation. We unify these approaches, supporting all these possibilities simultaneously, providing fine-granular openings, even by members. Namely, a member can prove itself whether it has created a given signature (or not), and can create a proof which makes two created signatures linkable (or unlinkable resp.) in a controlled way. Likewise, the opener can show that a signature was not created by a specific member and can prove whether two signatures stem from the same signer (or not) without revealing anything else. Combined, these possibilities can make full openings irrelevant in many use-cases. This has the additional benefit that the requirements on the reachability of the opener are lessened. Moreover, even in the case of an involved opener, our framework is less privacy-invasive, as the opener no longer requires access to the signed message. Our provably secure black-box CCA-anonymous construction with dynamic joins requires only standard building blocks. We prove its practicality by providing a performance evaluation of a concrete instantiation, and show that our non-optimized implementation is competitive compared to other, less feature-rich, notions.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"143 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115999186","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A Study of Network Forensic Investigation in Docker Environments Docker环境下的网络取证调查研究
Proceedings of the 14th International Conference on Availability, Reliability and Security Pub Date : 2019-08-26 DOI: 10.1145/3339252.3340505
Daniel Spiekermann, Tobias Eggendorfer, J. Keller
{"title":"A Study of Network Forensic Investigation in Docker Environments","authors":"Daniel Spiekermann, Tobias Eggendorfer, J. Keller","doi":"10.1145/3339252.3340505","DOIUrl":"https://doi.org/10.1145/3339252.3340505","url":null,"abstract":"Cyber-criminals harness more and more techniques like virtual machines or container-based infrastructures for their malicious activities. The inherent dynamic of these virtual environments simplifies the fast creation of vicious services and hide the involved systems like no other technology before. The primary use of virtualisation and especially containers facilitates software developers and administrators to create new applications, perform tests, debug their code and install pre-defined services based on provided container images. Docker as the most notable container technique provides a great variety of existing container templates, which pave the way for implementing highly dynamic environments. As virtual machines, container-based environments are mostly a short-living on-demand infrastructure, which might be used by cyber-criminals to perform their malicious activities. Especially the virtual layer and the ephemeral nature of the container impede any kind of digital investigation or forensic analysis. In this paper we analyze different methods for network forensic investigation in Docker environments. The virtualisation demands for adapted techniques of packet capture like iptables-manipulation, accessing the internal network bridges or vNICs and the use of software-based techniques. We propose the use of further monitoring processes in Docker swarms to implement a valid packet capture and to collect all relevant network packets. As a result, we define appropriate techniques of packet captures based on parameters of the related container.","PeriodicalId":116983,"journal":{"name":"Proceedings of the 14th International Conference on Availability, Reliability and Security","volume":"42 40","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120877453","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信