Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference最新文献

{"title":"Collaboration between parents and children to raise cybersecurity awareness","authors":"Farzana Quayyum","doi":"10.1145/3590777.3590802","DOIUrl":"https://doi.org/10.1145/3590777.3590802","url":null,"abstract":"In the early years of children’s lives, parents and caregivers greatly influence children’s device use and access to online activities. Children’s learning and online behavior typically start to develop based on their experiences within the family environment. In this paper, we highlight the significant role of parents and the importance of parent–child collaboration in cybersecurity education. We also briefly present our ongoing efforts to improve parent–child collaboration in cybersecurity education through a game-based learning approach. When crafting solutions to increase children’s cybersecurity awareness, future researchers and designers should take into account and ensure an active and engaging role for parents that goes beyond merely monitoring and regulating children’s online access and activities.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"80 3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129846009","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Multistep Cyberattacks Detection using a Flexible Multilevel System for Alerts and Events Correlation","authors":"Elvira Castillo-Fernández, J. Díaz-Verdejo, Rafael Estepa Alonso, Antonio Estepa Alonso, Javier Muñoz Calle, Germán Mabinabeitia","doi":"10.1145/3590777.3590778","DOIUrl":"https://doi.org/10.1145/3590777.3590778","url":null,"abstract":"Current network monitoring systems tend to generate several alerts per attack, especially in multistep attacks. However, Cybersecurity Officers (CSO) would rather receive a single alert summarizing the entire incident. Triggering a single alert per attack is a challenge that requires developing and evaluating advanced event correlation techniques and models to determine the relationships between the different observed events/alerts. In this work, we propose a flexible architecture oriented toward the correlation and aggregation of events and alerts in a multilevel iterative approach. In our scheme, sensors generate events and alerts that are stored in a non-relational database queried by modules that create knowledge structured as meta-alerts that are also stored in the database. These meta-alerts (also called hyperalerts) are, in turn, used iteratively to create new knowledge. This iterative approach can be used to aggregate information at multiple levels or steps in complex attack models. Our architecture also allows the incorporation of additional sensors and the evaluation of various correlation techniques and multistage attack models. The capabilities of the system are assessed through three case studies.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121157933","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cybercrime and Video Games: Exploring children's safety in the gaming environment.","authors":"Matteo Curcio","doi":"10.1145/3590777.3590801","DOIUrl":"https://doi.org/10.1145/3590777.3590801","url":null,"abstract":"Globally, millions of people play video games online and interact without limits. In recent years, video games have gained popularity thanks to the recent covid-19 pandemic and have been used as a pastime against lockdowns. This environment is extremely easy to use, suitable for all ages, and without specific filters or barriers preventing access. Gaming online is, therefore, an essential part of video games, where users play with friends and explore the environment in cooperation. Children make up a large portion of the population using these platforms, and this environment has not always proved safe for them. Therefore, this contribution explores the safety of the gaming environment by reviewing the current security measures available in the industry and comparing them with the results of a survey carried out among children under 18.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"102 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122511333","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"New Tricks to Old Codes: Can AI Chatbots Replace Static Code Analysis Tools?","authors":"Omer Said Ozturk, E. Ekmekcioglu, Orçun Çetin, B. Arief, J. Hernandez-Castro","doi":"10.1145/3590777.3590780","DOIUrl":"https://doi.org/10.1145/3590777.3590780","url":null,"abstract":"The prevalence and significance of web services in our daily lives make it imperative to ensure that they are – as much as possible – free from vulnerabilities. However, developing a complex piece of software free from any security vulnerabilities is hard, if not impossible. One way to progress towards achieving this holy grail is by using static code analysis tools to root out any common or known vulnerabilities that may accidentally be introduced during the development process. Static code analysis tools have significantly contributed to addressing the problem above, but are imperfect. It is conceivable that static code analysis can be improved by using AI-powered tools, which have recently increased in popularity. However, there is still very little work in analysing both types of tools’ effectiveness, and this is a research gap that our paper aims to fill. We carried out a study involving 11 static code analysers, and one AI-powered chatbot named ChatGPT, to assess their effectiveness in detecting 92 vulnerabilities representing the top 10 known vulnerability categories in web applications, as classified by OWASP. We particularly focused on PHP vulnerabilities since it is one of the most widely used languages in web applications. However, it has few security mechanisms to help its software developers. We found that the success rate of ChatGPT in terms of finding security vulnerabilities in PHP is around 62-68%. At the same time, the best traditional static code analyser tested has a success rate of 32%. Even combining several traditional static code analysers (with the best features on certain aspects of detection) would only achieve a rate of 53%, which is still significantly lower than ChatGPT’s success rate. Nonetheless, ChatGPT has a very high false positive rate of 91%. In comparison, the worst false positive rate of any traditional static code analyser is 82%. These findings highlight the promising potential of ChatGPT for improving the static code analysis process but reveal certain caveats (especially regarding accuracy) in its current state. Our findings suggest that one interesting possibility to explore in future works would be to pick the best of both worlds by combining traditional static code analysers with ChatGPT to find security vulnerabilities more effectively.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125653540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Crypto-agile Design and Testbed for QKD-Networks","authors":"J. Henrich, A. Heinemann, M. Stiemerling, Fabian Seidl","doi":"10.1145/3590777.3590806","DOIUrl":"https://doi.org/10.1145/3590777.3590806","url":null,"abstract":"","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122363946","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyber-physical Hardening of the Digital Water Infrastructure","authors":"Ü. Cali, Ferhat Ozgur Catak, Z. Balogh, R. Ugarelli, M. Jaatun","doi":"10.1145/3590777.3591408","DOIUrl":"https://doi.org/10.1145/3590777.3591408","url":null,"abstract":"Water supply and drainage systems, which are categorized as critical infrastructure, serve a crucial role in preserving societal health and well-being. Since climate change effects, harsher regulations, population changes, and aging infrastructure pose problems for these systems, the industry is experiencing a digital transition to meet these concerns. This article addresses Cyber-Physical-Social Systems (CPSS) and its application to water distribution networks, combining cyber, physical, and social components for adaptive, responsive, and intelligent management. This paper’s primary contributions include a review of recent security problems in the water industry, which emphasizes the necessity for stronger security measures. The article also examines how water distribution networks, as CPSS, fit into the interrelated realms of physical infrastructure, digital components, and stakeholder involvement, necessitating an all-encompassing system design and management strategy. In addition, the article investigates various cyber-physical attack scenarios, risk management methodologies, and the crucial role of integrated knowledge in mitigating these risks. In the context of increasing digitalization, the paper emphasizes the significance of taking into account both water infrastructure regulations under social space, such as the Water Framework Directive 2000/60/EC (WFD), and cyberspace-related legal and legislative standards, such as the Network and Information Systems (NIS) Directive, the General Data Protection Regulation (GDPR) and Cybersecurity Act. By tackling these difficulties and concentrating on privacy concerns, water utilities may contribute to the overall security and resiliency of vital infrastructure while assuring compliance with applicable legislation.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117038747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy Preserving Data Analysis with the Encode, Shuffle, Analyse Architecture in Vehicular Data Sharing","authors":"Sascha Löbner, Christian Gartner, Frédéric Tronnier","doi":"10.1145/3590777.3590791","DOIUrl":"https://doi.org/10.1145/3590777.3590791","url":null,"abstract":"In recent years, vehicles have become smarter, with more data being collected and analyzed. With further digitalisation, the importance of data within and around vehicles is only going to increase, allowing stakeholders to generate new and more insights from that data. With this, the threat of privacy invasion and the de-identification of vehicles and vehicle users becomes more pressing. In this work, we implement a prototype of a variant of distributed differential privacy (DP), called Encode, Shuffle, and Analyse (ESA) architecture, on a real-world vehicular dataset for vehicle energy consumption analysis. An analysis for energy consumption standard statistics and a basic neural network prediction model are set up to elaborate the utility, privacy trade-off. The results are then compared to the same analysis in a non-private setting. This work contributes to the basis of knowledge by providing a prototype of the ESA architecture in vehicle data analysis for energy demand prediction in urban areas. The results identify important parameters to balance privacy and utility and provides actionable insights for regulators and vehicle manufacturers to preserve vehicle privacy. Future work should further investigate possible attack scenarios to achieve a higher understanding of the privacy guarantees of this architecture.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124405531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyber Informedness: A New Metric using CVSS to Increase Trust in Intrusion Detection Systems","authors":"Robin Duraz, D. Espès, Julien Francq, Sandrine Vaton","doi":"10.1145/3590777.3590786","DOIUrl":"https://doi.org/10.1145/3590777.3590786","url":null,"abstract":"Intrusion Detection Systems (IDSs) are essential cybersecurity components. Previous cyberattack detection methods relied more on signatures and rules to detect cyberattacks, although there has been a change in paradigm in the last decade, with Machine Learning (ML) enabling more efficient and flexible statistical methods. However, ML is currently unable to integrate cybersecurity information into its inner workings. This paper introduces Cyber Informedness, a new metric taking into account cybersecurity information to give a more informed representation of performance, influenced by the severity of the attacks encountered. This metric uses a de facto standard in cybersecurity: the Common Vulnerability Scoring System (CVSS). Results on two public datasets show that this new metric validates results obtained with generic metrics. Furthermore, this new metric highlights ML-based IDSs that prioritize high performance on severe attacks, which is not visible with generic metrics. Consequently, this new metric nicely completes generic metrics by bridging the gap between ML and cybersecurity.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"124 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130669660","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Useful Cyber Threat Intelligence Relation Retrieval Using Transfer Learning","authors":"Chia-Mei Chen, Fang-Hsuan Hsu, Jenq-Neng Hwang","doi":"10.1145/3590777.3590784","DOIUrl":"https://doi.org/10.1145/3590777.3590784","url":null,"abstract":"The emergence of hacker groups extends the complexity and frequency of cyberattacks. To adapt to the rapidly evolving cyberattacks, acquiring valuable information from security incident reports is critical for businesses to gain visibility into the fast-evolving threat landscape and to timely deploy preventive measures. As such threat intelligence is mostly presented in textual reports, such information needs to be extracted manually by security analysts and is highly dependent on personnel experience. This research proposes a novel cyber threat intelligence extraction system called “CARE” (Cyber Attack Relation Extraction) that extracts critical threat entities and presents their relationship in both graphical and textual forms that help cybersecurity staff quickly grasp the key information from security reports. To capture attack-related information, this study adopts BERT to enhance contextualized word representation and applies transfer learning to extract the relations among threat entities. The evaluation results show that the proposed CARE system achieves a 97% F1-score on relation extraction and that it could retrieve useful threat information effectively.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125565159","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Improving Covert Channel Bandwidth by Variable-Length Exponent Re-Coding in Floating-Point Representations","authors":"J. Keller, Carina Heßeling","doi":"10.1145/3590777.3590797","DOIUrl":"https://doi.org/10.1145/3590777.3590797","url":null,"abstract":"In previous work, covert channels in network payload data were introduced that recode floating-point representations, yet introduce errors by modifying mantissa bits. The present research refines those covert channels for the case of fully reversible covert channels, i.e., where the original data is reconstructable by the covert receiver. By using knowledge about the distribution of the data over the number range, a variable length encoding of the exponent is derived that allows to improve covert channel bandwidth to levels comparable with previous work but without introducing errors to original data. The approach is evaluated numerically for two example distributions with respect to bandwidth and detectability.","PeriodicalId":231403,"journal":{"name":"Proceedings of the 2023 European Interdisciplinary Cybersecurity Conference","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129444246","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}