发布求助
文献互助 智能选刊 最新文献

Proceedings of the Central European Cybersecurity Conference 2018最新文献

筛选
英文 中文
Structural Limitations of B+-Tree forensics B+树取证的结构限制
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277579
Peter Kieseberg, S. Schrittwieser, E. Weippl
{"title":"Structural Limitations of B+-Tree forensics","authors":"Peter Kieseberg, S. Schrittwieser, E. Weippl","doi":"10.1145/3277570.3277579","DOIUrl":"https://doi.org/10.1145/3277570.3277579","url":null,"abstract":"Despite the importance of databases in virtually all data driven applications, database forensics is still not the thriving topic it ought to be. Many database management systems (DBMSs) structure the data in the form of trees, most notably B+-Trees. Since the tree structure is depending on the characteristics of the INSERT-order, it can be used in order to generate information on later manipulations, as was shown in a previously published approach. In this work we analyse this approach and investigate, whether it is possible to generalize it to detect DELETE-operations within general INSERT-only trees. We subsequently prove that almost all forms of B+-Trees can be constructed solely by using INSERT-operations, i.e. that this approach cannot be used to prove the existence of DELETE-operations in the past.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130531029","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Security Analysis of Key Acquiring Strategies Used by Cryptographic Ransomware 加密勒索软件获取密钥策略的安全性分析
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277577
Ziya Alper Genç, G. Lenzini, P. Ryan
{"title":"Security Analysis of Key Acquiring Strategies Used by Cryptographic Ransomware","authors":"Ziya Alper Genç, G. Lenzini, P. Ryan","doi":"10.1145/3277570.3277577","DOIUrl":"https://doi.org/10.1145/3277570.3277577","url":null,"abstract":"To achieve its goals, ransomware needs to employ strong encryption, which in turn requires access to high-grade encryption keys. Over the evolution of ransomware, various techniques have been observed to accomplish the latter. Understanding the advantages and disadvantages of each method is essential to develop robust defense strategies. In this paper we explain the techniques used by ransomware to derive encryption keys and analyze the security of each approach. We argue that recovery of data might be possible if the ransomware cannot access high entropy randomness sources. As an evidence to support our theoretical results, we provide a decryptor program for a previously undefeated ransomware.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129118617","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Coping with Access Control Requirements in the Context of Mutual Dependencies between Business and IT 在业务和IT相互依赖的环境中处理访问控制需求
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277587
R. Pilipchuk
{"title":"Coping with Access Control Requirements in the Context of Mutual Dependencies between Business and IT","authors":"R. Pilipchuk","doi":"10.1145/3277570.3277587","DOIUrl":"https://doi.org/10.1145/3277570.3277587","url":null,"abstract":"IT security is ever more important due to rising cybercrime incidents, obligatory security laws and the need for organization-wide security strategies. Consequently, the business level of an organization, service design managers and compliance managers according to ITIL, have to focus increasingly on: a) compliance to the rising amount of laws, b) organization-wide IT security and c) the establishment of security strategies to secure critical business data. Therefore, a close cooperation with the IT is needed. This paper proposes an approach to close the gap between the business level and the IT with focus on access control requirements, coming from the business level. The approach eases the role engineering process for role based access control and establishes a traceability between business processes and access control requirements as well as enterprise architectures. Furthermore, it increases the compliance between enterprise architectures and access control requirements from business processes and allows understanding the mutual dependencies of business processes, access control requirements and enterprise architectures in evolution scenarios.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114623239","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
What drives the motivation to self-protect on social networks? The role of privacy concerns and perceived threats 是什么驱使人们在社交网络上进行自我保护?隐私问题和感知威胁的作用
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277581
Damjan Fujs, Simon L. R. Vrhovec, Anže Mihelič
{"title":"What drives the motivation to self-protect on social networks? The role of privacy concerns and perceived threats","authors":"Damjan Fujs, Simon L. R. Vrhovec, Anže Mihelič","doi":"10.1145/3277570.3277581","DOIUrl":"https://doi.org/10.1145/3277570.3277581","url":null,"abstract":"Social networks offer a wide range of services to their users resulting in a high degree of their involvement in social network users' everyday life. Users are however exposed to a variety of evolving cyberthreats that may be just as harmful as those in the material world even though they are sometimes hard to perceive as such in the cyberspace. To better understand the motivation of social network users to engage in self-protective behavior, we conducted an online survey among social network users (N = 227). The survey aimed to measure the role of perceived threat, privacy concerns and descriptive norms (also known as group norms) in user's intentions to adopt self-protective behavior. Analysis showed statistically significant correlations between mentioned constructs confirming most of our hypotheses. In addition to the well-known importance of perceived threat, results show that privacy concerns are also an important factor in explaining the intention of social network users to engage in self-protective behavior on social networks.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131583615","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Virtual honeypots and detection of telnet botnets 虚拟蜜罐和telnet僵尸网络的检测
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277572
Tomáš Bajtoš, Pavol Sokol, Terézia Mézesová
{"title":"Virtual honeypots and detection of telnet botnets","authors":"Tomáš Bajtoš, Pavol Sokol, Terézia Mézesová","doi":"10.1145/3277570.3277572","DOIUrl":"https://doi.org/10.1145/3277570.3277572","url":null,"abstract":"Despite recommendations to not use telnet, there is an increasing number of telnet-based botnets and a need to analyse these attacks. We deployed a network of high interaction honeypots that simulate telnet devices. From the collected data, we created a dataset that we analysed from different perspectives. In this paper, we focus on the infection phase of botnets. Based on the found signatures collected by our samples, we can divide the botnets into 9 families. We show dependencies between commands, and between commands and directories used to propagate botnets.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121786699","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
It's all fun and games, and some legalese: data protection implications for increasing cyber-skills of employees through games 这都是有趣的游戏,还有一些法律术语:通过游戏提高员工网络技能的数据保护含义
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277580
D. Povse
{"title":"It's all fun and games, and some legalese: data protection implications for increasing cyber-skills of employees through games","authors":"D. Povse","doi":"10.1145/3277570.3277580","DOIUrl":"https://doi.org/10.1145/3277570.3277580","url":null,"abstract":"In order to combat cyberattacks, an organisation can decide to train its employees. Improving cyber-skills of employees through educational games means their personal data will be processed and therefore it falls under the scope of the General Data Protection Regulation (GDPR). The goal of this paper is to address challenges that organisations are likely to face in practice, such as invalidity of employees' consent and over-intrusive monitoring. It argues that in order to approach training lawfully, organisations should (1) choose their external trainer with due diligence, (2) carry out a data protection impact assessment, and under certain circumstances (3) appoint a data protection officer.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121932508","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Proceedings of the Central European Cybersecurity Conference 2018 2018中欧网络安全会议论文集
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570
{"title":"Proceedings of the Central European Cybersecurity Conference 2018","authors":"","doi":"10.1145/3277570","DOIUrl":"https://doi.org/10.1145/3277570","url":null,"abstract":"","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"258 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116067534","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A brief look at the security of DeviceNet communication in industrial control systems 简要介绍工业控制系统中DeviceNet通信的安全性
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277575
Pal-Stefan Murvay, B. Groza
{"title":"A brief look at the security of DeviceNet communication in industrial control systems","authors":"Pal-Stefan Murvay, B. Groza","doi":"10.1145/3277570.3277575","DOIUrl":"https://doi.org/10.1145/3277570.3277575","url":null,"abstract":"Security is a vital aspect of industrial control systems since they are used in critical infrastructures and manufacturing processes. As demonstrated by the increasing number of emerging exploits, securing such systems is still a challenge as the employed fieldbus technologies do not offer intrinsic support for basic security objectives. In this work we discuss some security aspects of DeviceNet, a communication protocol widely used for control applications especially in the North American industrial sector. Having the Controller Area Network (CAN) protocol at its base, DeviceNet inherits all the vulnerabilities that were already illustrated on CAN in-vehicle communication. We discuss how the lack of security in DeviceNet can be exploited and point on the fact that these vulnerabilities can be modelled by existing formal verification tools and countermeasures can be put in place.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"135 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115964683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Hack My Company: An Empirical Assessment of Post-exploitation Behavior and Lateral Movement in Cloud Environments 黑客我的公司:云环境中开发后行为和横向移动的实证评估
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277573
Daniel Fraunholz, Daniel Schneider, J. Zemitis, H. Schotten
{"title":"Hack My Company: An Empirical Assessment of Post-exploitation Behavior and Lateral Movement in Cloud Environments","authors":"Daniel Fraunholz, Daniel Schneider, J. Zemitis, H. Schotten","doi":"10.1145/3277570.3277573","DOIUrl":"https://doi.org/10.1145/3277570.3277573","url":null,"abstract":"Cloud infrastructures and services are of essential importance for enterprise operations. They form a central point for data storage, processing and exchange. Their information security properties are strongly associated with the protection of the most confidential and important data of enterprises. In this work a credential leak on different platforms is simulated, revealing authentication information for several accounts on a cloud application service. Each account associated with the leaks provides more authentication information for further infrastructures such as an e-mail server, an industrial control system and an enterprise-related streaming server. Additionally, a homepage was launched with information on the fictitious persons associated with the leaked accounts. Interaction with those servers is closely monitored. It was found that around one third of all trespassers conducted lateral movement and successful authentications frequently result in system enumeration and file operations.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"19 18","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120862084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
OpenSPA - An Open and Extensible Protocol for Single Packet Authorization OpenSPA——一个开放和可扩展的单包授权协议
Proceedings of the Central European Cybersecurity Conference 2018 Pub Date : 2018-11-15 DOI: 10.1145/3277570.3277574
Gregor R. Krmelj, M. Pancur, M. Grohar, M. Ciglarič
{"title":"OpenSPA - An Open and Extensible Protocol for Single Packet Authorization","authors":"Gregor R. Krmelj, M. Pancur, M. Grohar, M. Ciglarič","doi":"10.1145/3277570.3277574","DOIUrl":"https://doi.org/10.1145/3277570.3277574","url":null,"abstract":"Applications are vulnerable. Opening such applications to the Internet creates a big attack surface for potential exploit. The use of common network defenses such as firewalls helps mitigate the risks, however possibility of a secure scalable system that assigns network access to a service purely by identifying a device by a static IP address is a delusion. Firewalls need to improve to support dynamic allocation of device access. Such a technique would allow services to be hidden to the general public, unauthorized to access them, but would at the same time allow authorized users global connectivity. Single Packet Authorization (SPA) is an approach, building on firewall functionality which hides services from unauthorized users and helps mitigate common network attacks such as Distributed Denial of Service (DDoS) attacks by stopping them earlier in the network stack. In this paper we introduce OpenSPA, a SPA protocol suitable for deployment in various complex networking environments and enabling flexibility to support different network policies. With support for IPv6 as well as extensible support for custom user programmable authentication, authorization and firewall logic.","PeriodicalId":164597,"journal":{"name":"Proceedings of the Central European Cybersecurity Conference 2018","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126952550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信