发布求助
文献互助 智能选刊 最新文献

2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)最新文献

筛选
英文 中文
Statistical analysis of attacking autonomous systems 攻击自治系统的统计分析
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502353
T. Sochor, Matej Zuzcák, P. Bujok
{"title":"Statistical analysis of attacking autonomous systems","authors":"T. Sochor, Matej Zuzcák, P. Bujok","doi":"10.1109/CyberSecPODS.2016.7502353","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502353","url":null,"abstract":"The paper focuses to the analysis of attacks against the honeynet from various autonomous systems (AS) in the Internet. The probes are distributed across various network types - academic, commercial VPS, ISP - in Czech Rep. and Slovakia. Attacker behavior differences per AS as well as activities done in the honeynet on individual probes were analyzed. Advanced statistical methods were applied to extract a closer idea on attackers' activities.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123644447","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Correlating intrusion detection alerts on bot malware infections using neural network 利用神经网络关联bot恶意软件感染的入侵检测警报
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502344
Egon Kidmose, Matija Stevanovic, J. Pedersen
{"title":"Correlating intrusion detection alerts on bot malware infections using neural network","authors":"Egon Kidmose, Matija Stevanovic, J. Pedersen","doi":"10.1109/CyberSecPODS.2016.7502344","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502344","url":null,"abstract":"Millions of computers are infected with bot malware, form botnets and enable botmaster to perform malicious and criminal activities. Intrusion Detection Systems are deployed to detect infections, but they raise many correlated alerts for each infection, requiring a large manual investigation effort. This paper presents a novel method with a goal of determining which alerts are correlated, by applying Neural Networks and clustering, thus reducing the number of alerts to manually process. The main advantage of the method is that no domain knowledge is required for designing feature extraction or any other part, as such knowledge is inferred by Neural Networks. Evaluation has been performed with traffic traces of real bot binaries executed in a lab setup. The method is trained on labelled Intrusion Detection System alerts and is capable of correctly predicting which of seven incidents an alert pertains, 56.15% of the times. Based on the observed performance it is concluded that the task of understanding Intrusion Detection System alerts can be handled by a Neural Network, showing the potential for reducing the need for manual processing of alerts. Finally, it should be noted that, this is achieved without any feature engineering and with no use of domain specific knowledge.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124960343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Proactive biometric-enabled forensic imprinting 主动启用生物识别的法医印记
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CYBERSECPODS.2016.7502342
Abdulrahman Alruban, N. Clarke, Fudong Li, S. Furnell
{"title":"Proactive biometric-enabled forensic imprinting","authors":"Abdulrahman Alruban, N. Clarke, Fudong Li, S. Furnell","doi":"10.1109/CYBERSECPODS.2016.7502342","DOIUrl":"https://doi.org/10.1109/CYBERSECPODS.2016.7502342","url":null,"abstract":"Threats to enterprises have become widespread in the last decade. A major source of such threats originates from insiders who have legitimate access to the organization's internal systems and databases. Therefore, preventing or responding to such incidents has become a challenging task. Digital forensics has grown into a de-facto standard in the examination of electronic evidence; however, a key barrier is often being able to associate an individual to the stolen data. Stolen credentials and the Trojan defense are two commonly cited arguments used. This paper proposes a model that can more inextricably links the use of information (e.g. images, documents and emails) to the individual users who use and access them through the use of steganography and transparent biometrics. The initial experimental results of the proposed approach have shown that it is possible to correlate an individual's biometric feature vector with a digital object (images) and still successfully recover the sample even with significant file modification. In addition, a reconstruction of the feature vector from these unmodified images was possible by using those generated imprints with an accuracy of 100% in some scenarios.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"128 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127394108","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Exploiting pitfalls in software-defined networking implementation 利用软件定义网络实现中的缺陷
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502354
Dylan Smyth, V. Cionca, Seán McSweeney, Donna O’Shea
{"title":"Exploiting pitfalls in software-defined networking implementation","authors":"Dylan Smyth, V. Cionca, Seán McSweeney, Donna O’Shea","doi":"10.1109/CyberSecPODS.2016.7502354","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502354","url":null,"abstract":"The centralised control provided by Software- Defined Networking allows an increase in network security as all traffic can be vetted before leaving the attachment switch. Nevertheless, as in any complex system, there are implementation and policy compromises which lead to security vulnerabilities. This paper exploits such vulnerabilities to implement a suite of attacks, consisting of Address Resolution Protocol (ARP) cache poisoning, Man in the Middle, a firewall and access control bypassing port scan called a Phantom Host Scan, and a Distributed Denial of Service attack called a Phantom Storm which induces the participation of legitimate hosts. These attacks were successfully implemented in a Floodlight controlled network.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124764829","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
The IM system with a cryptographic feature 具有加密特性的IM系统
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502339
Z. Hulicki
{"title":"The IM system with a cryptographic feature","authors":"Z. Hulicki","doi":"10.1109/CyberSecPODS.2016.7502339","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502339","url":null,"abstract":"The paper does concern the IM (Instant Messaging) system with a cryptographic feature designed for the portable subscriber appliances working with the Android operating system. Unlike the existing applications with a text messaging function, the proposed system uses XML (Extensible Markup Language) tool to specify the message structure and in order to ensure appropriate confidentiality of talks it does encrypt messages to be transmitted between the end user and server system. The results of a preliminary performance evaluation of encryption algorithms, used in the proposed system, will be discussed together with possible applications and further modifications of that IM system.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"193 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116901591","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Knowledge management of cyber security expertise: an ontological approach to talent discovery 网络安全专业知识管理:人才发现的本体论方法
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502356
Marcelo Paiva Fontenele, Lily Sun
{"title":"Knowledge management of cyber security expertise: an ontological approach to talent discovery","authors":"Marcelo Paiva Fontenele, Lily Sun","doi":"10.1109/CyberSecPODS.2016.7502356","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502356","url":null,"abstract":"Cyber security is a dynamic knowledge environment, where attracting talented people is paramount. However, current initiatives do not always use mechanisms able to search for suited individuals. Approaching cyber security as an organisation can help to manage capabilities and improve domain-oriented talent discovery. This paper presents an ontological approach to support talent discovery as a means of improving allocation of expertise for cyber security projects. A case study is conducted among experts in a cyber security community. Our method is capable of selecting, ranking and evaluating experts given a set of criteria specified in a project profile. The approach combines values of quantitative and qualitative nature provided by the profile owner and derived from external appraisals. Further, the ontology model delivers a systematic integration of talent practices, which embeds a feedback loop that favours ongoing continuous improvement. The model was successfully experimented and further appraised in terms of acceptance by a board of experts.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"150 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116495748","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Attack simulation based software protection assessment method 基于攻击仿真的软件防护评估方法
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502352
Gaofeng Zhang, P. Falcarin, Elena Gómez-Martínez, Shareeful Islam, Christophe Tartary, B. D. Sutter, Jérôme d'Annoville
{"title":"Attack simulation based software protection assessment method","authors":"Gaofeng Zhang, P. Falcarin, Elena Gómez-Martínez, Shareeful Islam, Christophe Tartary, B. D. Sutter, Jérôme d'Annoville","doi":"10.1109/CyberSecPODS.2016.7502352","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502352","url":null,"abstract":"Software protection is an essential aspect of information security to withstand malicious activities on software, and preserving software assets. However, software developers still lacks a methodology for the assessment of the deployed protections. To solve these issues, we present a novel attack simulation based software protection assessment method to assess and compare various protection solutions. Our solution relies on Petri Nets to specify and visualize attack models, and we developed a Monte Carlo based approach to simulate attacking processes and to deal with uncertainty. Then, based on this simulation and estimation, a novel protection comparison model is proposed to compare different protection solutions. Lastly, our attack simulation based software protection assessment method is presented. We illustrate our method by means of a software protection assessment process to demonstrate that our approach can provide a suitable software protection assessment for developers and software companies.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124973820","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Model based analysis of insider threats 基于模型的内部威胁分析
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502350
Taolue Chen, Tingting Han, F. Kammüller, Ibrahim Nemli, Christian W. Probst
{"title":"Model based analysis of insider threats","authors":"Taolue Chen, Tingting Han, F. Kammüller, Ibrahim Nemli, Christian W. Probst","doi":"10.1109/CyberSecPODS.2016.7502350","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502350","url":null,"abstract":"In order to detect malicious insider attacks it is important to model and analyse infrastructures and policies of organisations and the insiders acting within them. We extend formal approaches that allow modelling such scenarios by quantitative aspects to enable a precise analysis of security designs. Our framework enables evaluating the risks of an insider attack to happen quantitatively. The framework first identifies an insider's intention to perform an inside attack, using Bayesian networks, and in a second phase computes the probability of success for an inside attack by this actor, using probabilistic model checking. We provide prototype tool support using Matlab for Bayesian networks and PRISM for the analysis of Markov decision processes, and validate the framework with case studies.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130705445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
The social engineering attack spiral (SEAS) 社会工程攻击螺旋(sea)
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502347
A. Cullen, Lorna Armitage
{"title":"The social engineering attack spiral (SEAS)","authors":"A. Cullen, Lorna Armitage","doi":"10.1109/CyberSecPODS.2016.7502347","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502347","url":null,"abstract":"Cybercrime is on the increase and attacks are becoming ever more sophisticated. Organisations are investing huge sums of money and vast resources in trying to establish effective and timely countermeasures. This is still a game of catch up, where hackers have the upper hand and potential victims are trying to produce secure systems hardened against what feels like are inevitable future attacks. The focus so far has been on technology and not people and the amount of resource allocated to countermeasures and research into cyber security attacks follows the same trend. This paper adds to the growing body of work looking at social engineering attacks and therefore seeks to redress this imbalance to some extent. The objective is to produce a model for social engineering that provides a better understanding of the attack process such that improved and timely countermeasures can be applied and early interventions implemented.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132797730","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Gauging the effectiveness of computer misuse act in dealing with cybercrimes 评估电脑滥用行为在处理网络犯罪中的有效性
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security) Pub Date : 2016-06-13 DOI: 10.1109/CyberSecPODS.2016.7502346
R. Montasari, Pekka Peltola, Victoria Carpenter
{"title":"Gauging the effectiveness of computer misuse act in dealing with cybercrimes","authors":"R. Montasari, Pekka Peltola, Victoria Carpenter","doi":"10.1109/CyberSecPODS.2016.7502346","DOIUrl":"https://doi.org/10.1109/CyberSecPODS.2016.7502346","url":null,"abstract":"Computer and Internet technology has become a vital part of a daily life for many as it has brought many enhancements to the quality of many individuals' lives. Although advances in computer and Internet technology are utilised by many people for various respectable reasons, at the same time it has become a tool in the hands of cybercriminals for various nefarious reasons. Cybercrime has become a fast-growing type of crime where more and more criminals exploit the speed, convenience and anonymity of the Internet to perpetrate various criminal activities that have no border. This paper examines the phenomenon of cyber crime and the difficulties and challenges that it presents due to the way that it is being regulated in England and Wales. A major focus will be placed on the area of hacking. To this end, the effectiveness of the Computer Misuse Act in dealing with cybercrimes both in the past and in the future will be examined.","PeriodicalId":134449,"journal":{"name":"2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-06-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125113868","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信