发布求助
文献互助 智能选刊 最新文献

Proceedings of the 15th International Conference on Availability, Reliability and Security最新文献

筛选
英文 中文
Adversarial machine learning for spam filters 垃圾邮件过滤器的对抗性机器学习
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3407079
Bhargav Kuchipudi, Ravi Teja Nannapaneni, Qi Liao
{"title":"Adversarial machine learning for spam filters","authors":"Bhargav Kuchipudi, Ravi Teja Nannapaneni, Qi Liao","doi":"10.1145/3407023.3407079","DOIUrl":"https://doi.org/10.1145/3407023.3407079","url":null,"abstract":"Email spam filters based on machine learning techniques are widely deployed in today's organizations. As our society relies more on artificial intelligence (AI), the security of AI, especially the machine learning algorithms, becomes increasingly important and remains largely untested. Adversarial machine learning, on the other hand, attempts to defeat machine learning models through malicious input. In this paper, we experiment how adversarial scenario may impact the security of machine learning based mechanisms such as email spam filters. Using natural language processing (NLP) and Baysian model as an example, we developed and tested three invasive techniques, i.e., synonym replacement, ham word injection and spam word spacing. Our adversarial examples and results suggest that these techniques are effective in fooling the machine learning models. The study calls for more research on understanding and safeguarding machine learning based security mechanisms in the presence of adversaries.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121326200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
Covert storage caches using the NTP protocol 使用NTP协议隐蔽存储缓存
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409207
Tobias Schmidbauer, S. Wendzel
{"title":"Covert storage caches using the NTP protocol","authors":"Tobias Schmidbauer, S. Wendzel","doi":"10.1145/3407023.3409207","DOIUrl":"https://doi.org/10.1145/3407023.3409207","url":null,"abstract":"Recently, new methods were discovered to secretly store information in network protocol caches by exploiting functionalities of ARP and SNMP. Such a covert storage cache is referred to as a \"Dead Drop\". In our present research, we demonstrate that hidden information can also be stored on systems with an active NTP service. We present one method based upon ephemeral associations and one method based upon the most recently used (MRU) list and measure their storage duration and capacity. Our approach improves over the previous approach with ARP as it allows to transport hidden information across the internet and thus outside of local area networks. The preliminary results for both Dead Drops indicate that more than 100 entries with secret data can persist for several hours. Finally, we discuss the detectability and countermeasures of the proposed methods as well as their limitations.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115840957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Towards detection of software supply chain attacks by forensic artifacts 基于取证工件的软件供应链攻击检测
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409183
Marc Ohm, Arnold Sykosch, M. Meier
{"title":"Towards detection of software supply chain attacks by forensic artifacts","authors":"Marc Ohm, Arnold Sykosch, M. Meier","doi":"10.1145/3407023.3409183","DOIUrl":"https://doi.org/10.1145/3407023.3409183","url":null,"abstract":"Third-party dependencies may introduce security risks to the software supply chain and hence yield harm to their dependent software. There are many known cases of malicious open source packages posing risks to developers and end users. However, while efforts are made to detect vulnerable open source packages, malicious packages are not yet considered explicitly. In order to tackle this problem we perform an exploratory case study on previously occurred attacks on the software supply chain with respect to observable artifacts created. Based on gained insights, we propose Buildwatch, a framework for dynamic analysis of software and its third-party dependencies. We noticed that malicious packages introduce a significant amount of new artifacts during installation when compared to benign versions of the same package. The paper presents a first analysis of observable artifacts of malicious packages as well as a possible mitigation strategy that might lead to more insight in long term.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125487439","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
A privacy-aware digital forensics investigation in enterprises 企业隐私意识数字取证调查
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3407064
Ludwig Englbrecht, G. Pernul
{"title":"A privacy-aware digital forensics investigation in enterprises","authors":"Ludwig Englbrecht, G. Pernul","doi":"10.1145/3407023.3407064","DOIUrl":"https://doi.org/10.1145/3407023.3407064","url":null,"abstract":"Stricter policies, laws and regulations for companies on the handling of private information arise challenges in the handling of data for Digital Forensics investigations. This paper describes an approach that can meet necessary requirements to conduct a privacy-aware Digital Forensics investigation in an enterprise. The core of our approach is an entropy-based identification algorithm to detect specific patterns within files that can indicate non-private information. Files containing sensitive information are excluded systematically. This privacy preserving method can be integrated into a Digital Forensics examination process to prepare an image which is free from private as well as critical information for the investigation. The approach demonstrates that investigations in enterprises can be supported and improved by adapting existing algorithms and processes from related subject areas to implement privacy preserving measures into an investigation process.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124362114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Factors affecting the market adoption of cyber-security products in energy and electrical systems: the case of SPEAR 影响能源和电气系统中网络安全产品市场采用的因素:以SPEAR为例
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409315
Theodoros Rokkas, I. Neokosmidis
{"title":"Factors affecting the market adoption of cyber-security products in energy and electrical systems: the case of SPEAR","authors":"Theodoros Rokkas, I. Neokosmidis","doi":"10.1145/3407023.3409315","DOIUrl":"https://doi.org/10.1145/3407023.3409315","url":null,"abstract":"In this paper the results of a survey that was performed aiming to identify the main factors that can affect the market adoption of a cyber-security product in the Energy and Electrical systems is presented. In more detail the survey was implemented using the Fuzzy Analytic Hierarchy Process method among experts of the H2020 R&D project SPEAR. The survey reveals experts' vision regarding the significance of the critical factors anticipated to influence the introduction and acceptance of SPEAR or similar solutions as a technology for actors of the Energy and Electrical ecosystem.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133956869","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A framework for automated evaluation of security metrics 用于自动评估安全度量的框架
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409197
M. Zaber, S. Nair
{"title":"A framework for automated evaluation of security metrics","authors":"M. Zaber, S. Nair","doi":"10.1145/3407023.3409197","DOIUrl":"https://doi.org/10.1145/3407023.3409197","url":null,"abstract":"Observation is the foundation of scientific experimentation. We consider observations to be measurements when they are quantified with respect to an agreed upon scale, or measurement unit. A number of metrics have been proposed in the literature which attempt to quantify some property of cyber security, but no systematic validation has been conducted to characterize the behaviour of these metrics as measurement instruments, or to understand how the quantity being measured is related to the security of the system under test. In this paper we broadly classify the body of available security metrics against the recently released Cyber Security Body of Knowledge, and identify common attributes across metric classes which may be useful anchors for comparison. We propose a general four stage evaluation pipeline to encapsulate the processing specifics of each metric, encouraging a separation of the actual measurement logic from the model it is often paired with in publication. Decoupling these stages allows us to systematically apply a range of inputs to a set of metrics, and we demonstrate some important results in our proof of concept. First, we determine a metric's suitability for use as a measurement instrument against validation criteria like operational range, sensitivity, and precision by observing performance over controlled variations of a reference input. Then we show how evaluating multiple metrics against common reference sets allows direct comparison of results and identification of patterns in measurement performance. Consequently, development and operations teams can also use this strategy to evaluate security tradeoffs between competing input designs or to measure the effects of incremental changes during production deployments.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131811842","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Concurrent error detection revisited: hardware protection against fault and side-channel attacks 并发错误检测:针对故障和侧信道攻击的硬件保护
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3407046
Jan Richter-Brockmann, Pascal Sasdrich, Florian Bache, T. Güneysu
{"title":"Concurrent error detection revisited: hardware protection against fault and side-channel attacks","authors":"Jan Richter-Brockmann, Pascal Sasdrich, Florian Bache, T. Güneysu","doi":"10.1145/3407023.3407046","DOIUrl":"https://doi.org/10.1145/3407023.3407046","url":null,"abstract":"Fault Injection Analysis (FIA) and Side-Channel Analysis (SCA) are considered among the most serious threats to cryptographic implementations and require dedicated countermeasures to ensure protection through the entire life-cycle of the implementations. In this work, our contribution is twofold. First, we present a novel orthogonal layout of linear Error-Correcting Codes (ECCs) to adjust classical Concurrent Error Detection (CED) to an adversary model that assumes precisely induced single-bit faults which, with a certain non-negligible probability, will affect adjacent bits. Second, we combine our orthogonal error correction technique with a state-of-the-art SCA protection mechanism to demonstrate resistance against both threats. Eventually, using AES as a case study, our approach can correct entirely faulted bytes while it does not exhibit detectable first-order side-channel leakage using 200 million power traces and Test Vector Leakage Assessment (TVLA) as state-of-the-art leakage assessment methodology. Furthermore, our hardware implementations reduce the area and resource consumption by 14.9% -- 18.3% for recent technology nodes (compared to a conventional CED scheme).","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125772366","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Testing the effectiveness of tailored phishing techniques in industry and academia: a field experiment 在工业界和学术界测试量身定制的网络钓鱼技术的有效性:实地实验
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409178
Pavlo Burda, Tzouliano Chotza, Luca Allodi, Nicola Zannone
{"title":"Testing the effectiveness of tailored phishing techniques in industry and academia: a field experiment","authors":"Pavlo Burda, Tzouliano Chotza, Luca Allodi, Nicola Zannone","doi":"10.1145/3407023.3409178","DOIUrl":"https://doi.org/10.1145/3407023.3409178","url":null,"abstract":"Organizations are experiencing more and more sophisticated attacks specifically targeting their employees and customers. These attacks exploit tailored information on the victim or organization to increase their credibility. To date, no study has evaluated the role of 'traditional' phishing cognitive effects in these advanced settings. In this paper, we run a field experiment targeting 747 subjects employed in two organizations (a university and a large international consultancy company) to evaluate the interaction between phishing persuasion techniques and the success rate in a highly-tailored setting. For this purpose, we exploit well-established user notification methods to devise enhanced attack delivery techniques, and evaluate how such techniques affect success rate of our phishing campaigns. We find that the effect of 'traditional' attack techniques is widely mitigated in highly-tailored phishing settings, suggesting that current user training and detection techniques may be off-target for more sophisticated attacks. However, we find that the means by which the attack is delivered to the victim matter, and can greatly (up to three times) boost the effect of the base attack.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124932915","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
4P based forensics investigation framework for smart connected toys 基于4P的智能互联玩具取证调查框架
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409213
Benjamin Yankson, Farkhund Iqbal, P. Hung
{"title":"4P based forensics investigation framework for smart connected toys","authors":"Benjamin Yankson, Farkhund Iqbal, P. Hung","doi":"10.1145/3407023.3409213","DOIUrl":"https://doi.org/10.1145/3407023.3409213","url":null,"abstract":"Smart Connected Toys (SCTs) have the potential to collect terabytes of sensitive personal, contextual, and usage information which may be a subject of cybercrime or used as a conduit for cybercrime resulting in a digital forensic investigation which requires the examination of the digital artifact stored, processed or transmitted by the SCT. SCT forensics is challenging in most cases due to non-availability of specialized forensics tools and standardized evidence acquisition interface port. We explore the various privacy and security challenges plaguing the SCT industry and the possible safety risk SCT poses to children as a result of a lack of serious consideration technical controls surrounding the collection, processing, and storage of children's information and possible exposure to crime which will require digital forensic investigation. As a result of this gap in research and industry, we investigate current digital forensic solutions for SCTs and present an abstract forensics investigation framework with the focus on using non-conventional means which allow Investigators to successfully \"Plan,\" \"Preserve\" \"Process\" and \"Present\" (4P) as a systematic means to conduct digital forensic analysis on an SCT in a situation where SCT is complicit in a criminal investigation or a subject of crime.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130252826","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Mixed-code text analysis for the detection of online hidden propaganda 混合代码文本分析用于在线隐藏宣传的检测
Proceedings of the 15th International Conference on Availability, Reliability and Security Pub Date : 2020-08-25 DOI: 10.1145/3407023.3409211
A. Tundis, G. Mukherjee, M. Mühlhäuser
{"title":"Mixed-code text analysis for the detection of online hidden propaganda","authors":"A. Tundis, G. Mukherjee, M. Mühlhäuser","doi":"10.1145/3407023.3409211","DOIUrl":"https://doi.org/10.1145/3407023.3409211","url":null,"abstract":"Internet-based communication systems have become an increasing tool for spreading misinformation and propaganda. Though mechanisms adept in tracking unwarranted information and messages exist, users have devised different methods to avoid scrutiny and detection. One of such method is the use of mixed-code language. Mixed code is text written in an unconventional form combining different languages, symbols, scripts and shapes, with the aim to make it difficult to detect due to its custom approach and its ever changing aspects. Utilizing special characters to substitute for alphabets, which makes it readable to humans but nonsensical to machine. The intuition is that a substituted alphabet should resemble the shape of the intended alphabet. In this context, the paper explores the possibility of identifying such mixed code texts with special characters by proposing an approach to normalize them and determine if it contains propaganda elements. As a consequence, a tailored algorithm in combination with a deep learning models for character selection is defined and presented. The results gathered from its experimentation are discussed and the achieved performances are compared with the related works1.","PeriodicalId":121225,"journal":{"name":"Proceedings of the 15th International Conference on Availability, Reliability and Security","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117263079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信