发布求助
文献互助 智能选刊 最新文献

2018 International Conference on Software Security and Assurance (ICSSA)最新文献

筛选
英文 中文
Ignore the Noise: Using Autoencoders against Adversarial Attacks in Reinforcement Learning (Lightning Talk) 忽略噪音:在强化学习中使用自编码器对抗对抗性攻击(闪电演讲)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00028
William Aiken, Hyoungshick Kim
{"title":"Ignore the Noise: Using Autoencoders against Adversarial Attacks in Reinforcement Learning (Lightning Talk)","authors":"William Aiken, Hyoungshick Kim","doi":"10.1109/ICSSA45270.2018.00028","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00028","url":null,"abstract":"Reinforcement learning (RL) algorithms learn and explore nearly any state any number of times in their environment, but minute adversarial attacks cripple these agents. In this work, we define our threat model against RL agents as such: Adversarial agents introduce small permutations to the input data via black-box models with the goal of reducing the optimality of the agent. We focus on pre-processing adversarial images before they enter the network to reconstruct the ground-truth images.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"421 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126781617","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Dynamic Internet of Things Malware Detection Using Machine Learning (Work-in-Progress) 使用机器学习的动态物联网恶意软件检测(正在进行中)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00025
Jonathan Myers, T. Oh, William B. Crowe, Ohan Filbach, W. McDonnell, T. Ajmera, Young Ho Kim, J. Kim
{"title":"Dynamic Internet of Things Malware Detection Using Machine Learning (Work-in-Progress)","authors":"Jonathan Myers, T. Oh, William B. Crowe, Ohan Filbach, W. McDonnell, T. Ajmera, Young Ho Kim, J. Kim","doi":"10.1109/ICSSA45270.2018.00025","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00025","url":null,"abstract":"Internet of Things (IoT) is widely used in industry, residential, and commercial sectors, and it is inevitable that IoT will continue to surround and enhance our everyday lives. Recently, IoT botnets became an increasingly destructive weapon against the Internet domain. Malware such as Mirai and Reaper have affected many industries and devices throughout the world. This paper provides a cohesive solution to protect consumer IoT devices using a cloud-based machine learning infrastructure with a dynamic on-site firewall.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123450606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Conference Organizers 会议组织者
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/icssa45270.2018.00007
{"title":"Conference Organizers","authors":"","doi":"10.1109/icssa45270.2018.00007","DOIUrl":"https://doi.org/10.1109/icssa45270.2018.00007","url":null,"abstract":"","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125782880","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Towards Eliciting and Analyzing Security Requirements Using Ontologies through Use Case Scenarios (Work-in-Progress) 通过用例场景使用本体来引出和分析安全需求(正在进行中)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00011
Omar Ochoa, Jessica Steinmann, Yevgeniy Lischuk
{"title":"Towards Eliciting and Analyzing Security Requirements Using Ontologies through Use Case Scenarios (Work-in-Progress)","authors":"Omar Ochoa, Jessica Steinmann, Yevgeniy Lischuk","doi":"10.1109/ICSSA45270.2018.00011","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00011","url":null,"abstract":"As our reliance on large, complex and ubiquitous software system increases, so does the devastating consequences that a cyberattack can have to modern society. Building secure software systems requires a greater need for secure software engineering approaches that can detect and address security vulnerabilities at the earliest stages of the software development life cycle. This paper presents an approach to facilitate the elicitation of cybersecurity requirements based on enhancing the widely adopted technique of use case modeling by incorporating the use of an ontology. The ontology will model the semantic relationship of cybersecurity requirements. Utilizing this ontology, we propose an approach that can be used to reuse and share cybersecurity requirements, providing a potential for the rapid discovery and correction of software vulnerabilities in the development process.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132234422","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A Comparison of Online JavaScript Obfuscators 在线JavaScript混淆器的比较
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00012
Sampsa Rauti, V. Leppänen
{"title":"A Comparison of Online JavaScript Obfuscators","authors":"Sampsa Rauti, V. Leppänen","doi":"10.1109/ICSSA45270.2018.00012","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00012","url":null,"abstract":"Obfuscation, obscuring the meaning of source code, has been proposed as a security measure to protect JavaScript applications running in web browsers on the client-side. This paper presents a comparative study of online JavaScript obfuscators, looking at the obfuscation techniques they employ and assessing their resilience, potency and the costs associated with the obfuscation process. We conclude that while several current obfuscators are theoretically quite resilient and potent, in most cases their output can effortlessly be reversed by automatic deobfuscators. We also suggest several methods for strengthening JavaScript obfuscation.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130803816","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Detecting Cryptography through IR Visualization 通过红外可视化检测密码
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00015
Patrick Kochberger, Florian Seitl
{"title":"Detecting Cryptography through IR Visualization","authors":"Patrick Kochberger, Florian Seitl","doi":"10.1109/ICSSA45270.2018.00015","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00015","url":null,"abstract":"The detection of important functionality in binaries is a complex and time consuming task in reverse engineering and malware analysis. Especially cryptographic routines as part of an executable are of interest to an analyst. There are already several automated techniques for finding cryptography within a binary available, ranging from static signatures detection to dynamic behavioural observation. This paper presents a novel approach for functionality detection through the disassembly of binaries, lifted into an intermediate representation (IR). A visualization of the IR then aids an human analyst to find functionality. We evaluate the approach with a binary containing the libgcrypt cryptographic library. The results suggest this to be another useful method for visual binary analysis.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114507190","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
[Title page iii] [标题页iii]
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/icssa45270.2018.00002
{"title":"[Title page iii]","authors":"","doi":"10.1109/icssa45270.2018.00002","DOIUrl":"https://doi.org/10.1109/icssa45270.2018.00002","url":null,"abstract":"","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128082238","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Integrating Security in Cloud Application Development Cycle 在云应用开发周期中集成安全
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00013
Marwa A. Elsayed, Mohammad Zulkernine
{"title":"Integrating Security in Cloud Application Development Cycle","authors":"Marwa A. Elsayed, Mohammad Zulkernine","doi":"10.1109/ICSSA45270.2018.00013","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00013","url":null,"abstract":"Nowadays, more and more business and individuals tune to Software-as-a-Service (SaaS) applications to rapidly access various software capabilities through the Internet. The more SaaS adoption evolves, the more software service providers compete for fast development to cope with the market pace. This trend pushes security after functionality-needs in the priority list. This, in turn, results in delivering applications with potential security risk. The risk is further elevated due to the lack of visibility, control, and regulatory enforcements over consumers' data associated with such applications. Motivated by the raised necessity to consider security-needs at the same priority as functionality-needs, this paper proposes a comprehensive platform to interweave security activities and services from inception through deployment and beyond. Such activities and services are based on information flow control. The platform specifically envisions these activities to devote security into every phase of the development lifecycle of SaaS applications and offer different style of defenses as security services. It promotes for shared security responsibility to gain twofold benefits: a) it helps service providers to protect their SaaS applications from prevalent security threats; b) it enables SaaS consumers to choose a protected application to process their sensitive data with a trust in its security.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"78 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115762825","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
HNF Implementation Strategy Analysis for Lattice Cryptography (Lightning Talk) 格密码学的HNF实现策略分析(闪电演讲)
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00018
Yoonjeong Kim, Hye-Jung Yun, Seongan Lim
{"title":"HNF Implementation Strategy Analysis for Lattice Cryptography (Lightning Talk)","authors":"Yoonjeong Kim, Hye-Jung Yun, Seongan Lim","doi":"10.1109/ICSSA45270.2018.00018","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00018","url":null,"abstract":"Recent researches on lattice based cryptography have brought a significant improvement on the lattice reduction algorithms. In this paper, we present how to use such advancements on lattice reduction algorithm for the computation of Hermite normal form.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"99 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129318430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Adaptive Dataset for the Evaluation of Android Malware Detection Techniques 一种评估Android恶意软件检测技术的自适应数据集
2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI: 10.1109/ICSSA45270.2018.00024
Omar Hreirati, Shahrear Iqbal, Mohammad Zulkernine
{"title":"An Adaptive Dataset for the Evaluation of Android Malware Detection Techniques","authors":"Omar Hreirati, Shahrear Iqbal, Mohammad Zulkernine","doi":"10.1109/ICSSA45270.2018.00024","DOIUrl":"https://doi.org/10.1109/ICSSA45270.2018.00024","url":null,"abstract":"Android is currently the leading mobile operating system in the world. The huge number of Android devices attracts developers to create applications for it. However, it also attracts attackers that collect sensitive data or make money. This problem has led many researchers to propose malware detection systems and custom versions of Android that can help users against malicious activities. Evaluating these systems is a crucial part of malware prevention research. However, recent datasets that cover different kinds of benign and malicious applications to evaluate the malware detection techniques are often not available. With thousands of newly released applications every day and different new malicious activities discovered, it is difficult to keep malicious application datasets up to date. This paper introduces a recent and adaptive dataset that includes 5,000 applications from different malware categories that can be used by the research community. The applications are selected from more than 5 million applications. To show how the dataset can be used, we deploy a popular malware analysis platform and generate detailed reports on all the applications in an automated way. We also provide the steps to update the dataset and perform the analysis automatically on the updated set of samples. We believe that the adaptiveness of the dataset and the automatic analysis process will help researchers save time in preparing their datasets and focus more on the detection techniques.","PeriodicalId":223442,"journal":{"name":"2018 International Conference on Software Security and Assurance (ICSSA)","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114700426","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信