发布求助
文献互助 智能选刊 最新文献

Proceedings of the Eighth European Workshop on System Security最新文献

筛选
英文 中文
Proceedings of the Eighth European Workshop on System Security 第八届欧洲系统安全研讨会论文集
Proceedings of the Eighth European Workshop on System Security Pub Date : 2015-04-21 DOI: 10.1145/2751323
Juan Caballero, M. Polychronakis
{"title":"Proceedings of the Eighth European Workshop on System Security","authors":"Juan Caballero, M. Polychronakis","doi":"10.1145/2751323","DOIUrl":"https://doi.org/10.1145/2751323","url":null,"abstract":"EuroSec, the European Workshop on Systems Security, aims to foster discussion about all aspects of research in systems security. The outcome of such research ultimately determines whether we can trust the Internet infrastructure, voting machines, medical equipment, bank transactions, smartphones, workstations, and indeed, all aspects of our lives that are controlled by computers.","PeriodicalId":123258,"journal":{"name":"Proceedings of the Eighth European Workshop on System Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122251865","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Exploring reverse engineering symptoms in Android apps 探索Android应用程序中的逆向工程症状
Proceedings of the Eighth European Workshop on System Security Pub Date : 2015-04-21 DOI: 10.1145/2751323.2751330
Hugo Gonzalez, A. A. Kadir, Natalia Stakhanova, Abdullah J. Alzahrani, A. Ghorbani
{"title":"Exploring reverse engineering symptoms in Android apps","authors":"Hugo Gonzalez, A. A. Kadir, Natalia Stakhanova, Abdullah J. Alzahrani, A. Ghorbani","doi":"10.1145/2751323.2751330","DOIUrl":"https://doi.org/10.1145/2751323.2751330","url":null,"abstract":"The appearance of the Android platform and its popularity has resulted in a sharp rise in the number of reported vulnerabilities and consequently in the number of mobile threats. Leveraging openness of Android app markets and the lack of security testing, malware authors commonly plagiarize Android applications (e.g., through code reuse and repackaging) boosting the amount of malware on the markets and consequently the infection rate. In this study, we present AndroidSOO, a lightweight approach for the detection of repackaging symptoms on Android apps. In this work, we introduce and explore novel and easily extractable attribute called String Offset Order. Extractable from string identifiers list in the .dex file, the method is able to pinpoint symptoms of reverse engineered Android apps without the need for complex further analysis. We performed extensive evaluation of String Order metric to assess its capabilities on datasets made available by three recent studies: Android Malware Genome Project, DroidAnalytics and Drebin. We also performed a large-scale study of over 5,000 Android applications extracted from Google Play market and over 80 000 samples from Virus Total service.","PeriodicalId":123258,"journal":{"name":"Proceedings of the Eighth European Workshop on System Security","volume":"326 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122632966","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 36
Fox in the trap: thwarting masqueraders via automated decoy document deployment 陷阱中的狐狸:通过自动的诱饵文件部署挫败伪装者
Proceedings of the Eighth European Workshop on System Security Pub Date : 2015-04-21 DOI: 10.1145/2751323.2751326
Jonathan Voris, Jill Jermyn, Nathaniel Boggs, S. Stolfo
{"title":"Fox in the trap: thwarting masqueraders via automated decoy document deployment","authors":"Jonathan Voris, Jill Jermyn, Nathaniel Boggs, S. Stolfo","doi":"10.1145/2751323.2751326","DOIUrl":"https://doi.org/10.1145/2751323.2751326","url":null,"abstract":"Organizations face a persistent challenge detecting malicious insiders as well as outside attackers who compromise legitimate credentials and then masquerade as insiders. No matter how good an organization's perimeter defenses are, eventually they will be compromised or betrayed from the inside. Monitored decoy documents (honey files with enticing names and content) are a promising approach to aid in the detection of malicious masqueraders and insiders. In this paper, we present a new technique for decoy document distribution that can be used to improve the scalability of insider detection. We develop a placement application that automates the deployment of decoy documents and we report on two user studies to evaluate its effectiveness. The first study indicates that our automated decoy distribution tool is capable of strategically placing decoy files in a way that offers comparable security to optimal manual deployment. In the second user study, we measure the frequency that normal users access decoy documents on their own systems and show that decoy files do not significantly interfere with normal user tasks.","PeriodicalId":123258,"journal":{"name":"Proceedings of the Eighth European Workshop on System Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129388733","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
A study on data de-pseudonymization in the smart grid 智能电网数据去假名化研究
Proceedings of the Eighth European Workshop on System Security Pub Date : 2015-04-21 DOI: 10.1145/2751323.2751325
Valentin Tudor, M. Almgren, M. Papatriantafilou
{"title":"A study on data de-pseudonymization in the smart grid","authors":"Valentin Tudor, M. Almgren, M. Papatriantafilou","doi":"10.1145/2751323.2751325","DOIUrl":"https://doi.org/10.1145/2751323.2751325","url":null,"abstract":"In the transition to the smart grid, the electricity networks are becoming more data intensive with more data producing devices deployed, increasing both the opportunities and challenges in how the collected data are used. For example, in the Advanced Metering Infrastructure (AMI) the devices and their corresponding data give more information about the operational parameters of the environment but also details about the habits of the people living in the houses monitored by smart meters. Different anonymization techniques have been proposed to minimize privacy concerns, among them the use of pseudonyms. In this work we return to the question of the effectiveness of pseudonyms, by investigating how a previously reported methodology for de-pseudonymization performs given a more realistic and larger dataset than was previously used. We also propose and compare the results with our own simpler de-pseudonymization methodology. Our results indicate, not surprisingly, that large realistic datasets are very important to properly understand how an experimental method performs. Results based on small datasets run the risk of not being generalizable. In particular, we show that the number of re-identified households by breaking pseudonyms is dependent on the size of the dataset and the period where the pseudonyms are constant and not changed. In the setting of the smart grid, results will even vary based on the season when the dataset was captured. Knowing that relative simple changes in the data collection procedure may significantly increase the resistance to de-anonymization attacks will help future AMI deployments.","PeriodicalId":123258,"journal":{"name":"Proceedings of the Eighth European Workshop on System Security","volume":"293 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130029487","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Collaborative filtering under a sybil attack: analysis of a privacy threat sybil攻击下的协同过滤:隐私威胁分析
Proceedings of the Eighth European Workshop on System Security Pub Date : 2015-04-21 DOI: 10.1145/2751323.2751328
Davide Frey, R. Guerraoui, Anne-Marie Kermarrec, Antoine Rault
{"title":"Collaborative filtering under a sybil attack: analysis of a privacy threat","authors":"Davide Frey, R. Guerraoui, Anne-Marie Kermarrec, Antoine Rault","doi":"10.1145/2751323.2751328","DOIUrl":"https://doi.org/10.1145/2751323.2751328","url":null,"abstract":"Recommenders have become a fundamental tool to navigate the huge amount of information available on the web. However, their ubiquitous presence comes with the risk of exposing sensitive user information. This paper explores this problem in the context of user-based collaborative filtering. We consider an active attacker equipped with externally available knowledge about the interests of users. The attacker creates fake identities based on this external knowledge and exploits the recommendations it receives to identify the items appreciated by a user. Our experiment on a real data trace shows that while the attack is effective, the inherent similarity between real users may be enough to protect at least part of their interests.","PeriodicalId":123258,"journal":{"name":"Proceedings of the Eighth European Workshop on System Security","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127662271","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Two-factor authentication: is the world ready?: quantifying 2FA adoption 双因素认证:世界准备好了吗?:量化2FA的采用
Proceedings of the Eighth European Workshop on System Security Pub Date : 2015-04-21 DOI: 10.1145/2751323.2751327
Thanasis Petsas, Giorgos Tsirantonakis, E. Athanasopoulos, S. Ioannidis
{"title":"Two-factor authentication: is the world ready?: quantifying 2FA adoption","authors":"Thanasis Petsas, Giorgos Tsirantonakis, E. Athanasopoulos, S. Ioannidis","doi":"10.1145/2751323.2751327","DOIUrl":"https://doi.org/10.1145/2751323.2751327","url":null,"abstract":"As text-based passwords continue to be the dominant form for user identification today, services try to protect their costumers by offering enhanced, and more secure, technologies for authentication. One of the most promising is two-factor authentication (2FA). 2FA raises the bar for the attacker significantly, however, it is still questionable if the technology can be realistically adopted by the majority of Internet users. In this paper, we attempt a first study for quantifying the adoption of 2FA in probably the largest existing provider, namely Google. For achieving this, we leverage the password-reminder process in a novel way for discovering if 2FA is enabled for a particular account, without annoying or affecting the account's owner. Our technique has many challenges to overcome, since it requires issuing massively thousands of password reminders. In order to remain below the radar, and therefore avoid solving CAPTCHAs or having our hosts blocked, we leverage distributed systems, such as TOR and PlanetLab. After examining over 100,000 Google accounts, we conclude that 2FA has not yet been adopted by more than 6.4% of the users. Last but not least, as a side-effect of our technique, we are also able to exfiltrate private information, which can be potentially used for malicious purposes. Thus, in this paper we additionally present important findings for raising concerns about privacy risks in designing password reminders.","PeriodicalId":123258,"journal":{"name":"Proceedings of the Eighth European Workshop on System Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130151442","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 92
Deployment challenges in log-based PKI enhancements 基于日志的PKI增强中的部署挑战
Proceedings of the Eighth European Workshop on System Security Pub Date : 2015-04-21 DOI: 10.1145/2751323.2751324
S. Matsumoto, Pawel Szalachowski, A. Perrig
{"title":"Deployment challenges in log-based PKI enhancements","authors":"S. Matsumoto, Pawel Szalachowski, A. Perrig","doi":"10.1145/2751323.2751324","DOIUrl":"https://doi.org/10.1145/2751323.2751324","url":null,"abstract":"Log-based PKI enhancements propose to improve the current TLS PKI by creating public logs to monitor CA operations, thus providing transparency and accountability. In this paper we take the first steps in studying the deployment process of log-based PKI enhancements in two ways. First, we model the influences that parties in the PKI have to incentivize one another to deploy a PKI enhancement, and determine that potential PKI enhancements should focus their initial efforts on convincing browser vendors to deploy. Second, as a promising vendor-based solution we propose deployment status filters, which use a Bloom filter to monitor deployment status and efficiently defend against downgrade attacks from the enhanced protocol to the current TLS PKI. Our results provide promising deployment strategies for log-based PKI enhancements and raise additional questions for further fruitful research.","PeriodicalId":123258,"journal":{"name":"Proceedings of the Eighth European Workshop on System Security","volume":"PP 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126355421","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Mobile device fingerprinting considered harmful for risk-based authentication 移动设备指纹被认为对基于风险的身份验证有害
Proceedings of the Eighth European Workshop on System Security Pub Date : 2015-04-21 DOI: 10.1145/2751323.2751329
Jan Spooren, D. Preuveneers, W. Joosen
{"title":"Mobile device fingerprinting considered harmful for risk-based authentication","authors":"Jan Spooren, D. Preuveneers, W. Joosen","doi":"10.1145/2751323.2751329","DOIUrl":"https://doi.org/10.1145/2751323.2751329","url":null,"abstract":"In this paper, we present a critical assessment of the use of device fingerprinting for risk-based authentication in a state-of-practice identity and access management system. Risk-based authentication automatically elevates the level of authentication whenever a particular risk threshold is exceeded. Contemporary identity and access management systems frequently leverage browser-based device fingerprints to recognize trusted devices of a certain individual. We analyzed the variability and the predictability of mobile device fingerprints. Our research shows that particularly for mobile devices the fingerprints carry a lot of similarity, even across models and brands, making them less reliable for risk assessment and step-up authentication.","PeriodicalId":123258,"journal":{"name":"Proceedings of the Eighth European Workshop on System Security","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124178511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 47
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信