发布求助
文献互助 智能选刊 最新文献

2019 7th International Symposium on Digital Forensics and Security (ISDFS)最新文献

筛选
英文 中文
Chaotic Analysis of Radon Gas (222Rn) measurements in Lesvos Island: Detrended Fluctuation Analysis (DFA) Lesvos岛222Rn氡测量的混沌分析:无趋势波动分析(DFA)
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757520
Mirac Karmlslloglu, F. Kulalı
{"title":"Chaotic Analysis of Radon Gas (222Rn) measurements in Lesvos Island: Detrended Fluctuation Analysis (DFA)","authors":"Mirac Karmlslloglu, F. Kulalı","doi":"10.1109/ISDFS.2019.8757520","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757520","url":null,"abstract":"Numerous investigations have been performed to establish a correlation between earthquakes and the geological parameters. Radon is one of the general criterions that is referred for the examination of this correlation. Chaotic signal processing methods has a very important explain of complex dynamical system for example earthquakes. Scale analyses technique, Detrended Fluctuation Analysis (DFA), has similar exponents with RMS (Root Mean Square). Hurst exponent is an enormous method to prediction long-range power law. Multifractal time series have both excessively great and little ripple. Made in this study, Detrended Fluctuation Analysis was performed for 222Rn data that was gathered from Lesvos Island in Greece. The results of Detrended Fluctuation Analysis have a robust correlation for each 222Rn time series.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122942872","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Submitter Info 提交者信息
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/isdfs.2016.7473502
{"title":"Submitter Info","authors":"","doi":"10.1109/isdfs.2016.7473502","DOIUrl":"https://doi.org/10.1109/isdfs.2016.7473502","url":null,"abstract":"","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124479846","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Enhancing security of SDN focusing on control plane and data plane 以控制平面和数据平面为重点加强SDN的安全性
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757542
Barbora Celesova, Jozef Val'ko, Rudolf Grežo, P. Helebrandt
{"title":"Enhancing security of SDN focusing on control plane and data plane","authors":"Barbora Celesova, Jozef Val'ko, Rudolf Grežo, P. Helebrandt","doi":"10.1109/ISDFS.2019.8757542","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757542","url":null,"abstract":"Software-defined networks (SDN) have appeared as effective network technology, which is able to support the dynamic nature of future network functions and intelligent applications. On the other hand, the progress of the SDN is limited by various security threats. Analyzing the centralized nature of SDN, we found multiple potential vulnerabilities, which the attacker may use. Our solution covers a wider area, not just data plane, but also control plane security. The traffic, which is flowing through a data plane, could include various security threats. To detect them, we utilize OpenFlow possibilities and Machine Learning (ML) concept for the proposed Network Intrusion Detection System based on Deep Neural Network (NIDS-DNN). The solution can extract network statistics from OpenFlow switches (OF switches) and process them with DNN. The result is to warn about an attack on the data plane and to prevent malicious users from harming the network. For early detection of DoS/DDoS attacks aimed at controller, we present our solution - Specter, which changes the approach to the flow processing prioritization. Using priority queues ensures a better quality of service for legitimate users. To the best of our knowledge, our work is the first solution, which couple intrusion detection in the data plane with protection against DoS attacks in control plane.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126930262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
User Profiling Based on Application-Level Using Network Metadata 基于应用层的网络元数据用户分析
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757503
Faisal Shaman, B. Ghita, N. Clarke, Abdulrahman Alruban
{"title":"User Profiling Based on Application-Level Using Network Metadata","authors":"Faisal Shaman, B. Ghita, N. Clarke, Abdulrahman Alruban","doi":"10.1109/ISDFS.2019.8757503","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757503","url":null,"abstract":"There is an increasing interest to identify users and behaviour profiling from network traffic metadata for traffic engineering and security monitoring. Network security administrators and internet service providers need to create the user behaviour traffic profile to make an informed decision about policing, traffic management, and investigate the different network security perspectives. Additionally, the analysis of network traffic metadata and extraction of feature sets to understand trends in application usage can be significant in terms of identifying and profiling the user by representing the user's activity. However, user identification and behaviour profiling in real-time network management remains a challenge, as the behaviour and underline interaction of network applications are permanently changing. In parallel, user behaviour is also changing and adapting, as the online interaction environment changes. Also, the challenge is how to adequately describe the user activity among generic network traffic in terms of identifying the user and his changing behaviour over time. In this paper, we propose a novel mechanism for user identification and behaviour profiling and analysing individual usage per application. The research considered the application-level flow sessions identified based on Domain Name System filtering criteria and timing resolution bins (24-hour timing bins) leading to an extended set of features. Validation of the module was conducted by collecting Net Flow records for a 60 days from 23 users. A gradient boosting supervised machine learning algorithm was leveraged for modelling user identification based upon the selected features. The proposed method yields an accuracy for identifying a user based on the proposed features up to 74%","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115895079","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Prototype of a paranoid mobile operating system distribution 偏执狂移动操作系统分发的原型
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757551
N. Coelho, Miguel Peixoto, M. M. Cunha
{"title":"Prototype of a paranoid mobile operating system distribution","authors":"N. Coelho, Miguel Peixoto, M. M. Cunha","doi":"10.1109/ISDFS.2019.8757551","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757551","url":null,"abstract":"Mobile systems abled a way to shorten the distance between Men. With this panorama also came cybercrime, terrorism and other phenomena of a moving society fully globalized, where the land borders are of little importance in the task of limiting the active agents, harmful or not, to these systems. Recently the world discovered by media and scientific projects that the leading powers watch closely their citizens, aimed directly the mobile systems that they use in conversations, e-mail or Web traffic. Recurring to powerful monitoring and surveillance tools, peaceful or in turmoil nations persecute and deny uncontrolled web access without armful repercussions to their citizens. The present work is the result of the application of the Paranoid Operative Systems methodology in a mobile operative system, something that so far is only been showed in a desktop operative system. To support this study, an analysis of platforms that allow for anonymous web browsing, technologies and programs with potential computer intrusion and violation of privacy was conducted. This study analysed the computer monitoring and surveillance technologies identifying the available counter measure.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116897987","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Analysis of Malware Hidden Behind Firewalls with Back Scans 恶意软件隐藏在防火墙背后的分析与反向扫描
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757484
Zhiqing Zhang, H. Esaki, H. Ochiai
{"title":"Analysis of Malware Hidden Behind Firewalls with Back Scans","authors":"Zhiqing Zhang, H. Esaki, H. Ochiai","doi":"10.1109/ISDFS.2019.8757484","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757484","url":null,"abstract":"Malware infection and propagation in Local Area Network(LAN) have became a critical security consideration in IoT systems. Recent cases happen when hosts are observed to be infected even protected by firewall. If we go deep into the analysis on infected hosts, we can measure on the possibility of this situation. When we are aware of status of ports on the source host, we can determine how intrusion happens based on classification on manner of infection. We propose SB-MSS (scan back to malicious source scan source), a network measurement method on malware behaviors in infection on hosts even protected by firewall. This includes passive analysis and active back scan, i.e., port back scanning and vertical back scanning methods towards malicious sources. We conducted 2-week experiment and provide our results in attack distribution on different factors, possible port entrances for malware intrusion and classification result on different infection type. We found in 82.52% cases, malware infection bypasses firewalls.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114773146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
SCADA Testbed for Vulnerability Assessments, Penetration Testing and Incident Forensics 用于漏洞评估、渗透测试和事件取证的SCADA测试平台
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757543
S. Krishnan, Mingkui Wei
{"title":"SCADA Testbed for Vulnerability Assessments, Penetration Testing and Incident Forensics","authors":"S. Krishnan, Mingkui Wei","doi":"10.1109/ISDFS.2019.8757543","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757543","url":null,"abstract":"Industrial control systems are critical assets as they interact with real-life aspects of our daily life. These systems often run 24/7 to control and monitor critical industrial and infrastructure processes. The demand to integrate them with the Internet has opened them up for cyber-attacks. The need for skilled expertise starting at the academic level in defending and investigating these critical assets is ever growing. In this paper, the authors design and deploy a Supervisory Control and Data Acquisition (SCADA) lab at Sam Houston State University (SHSU) with a limited budget. The lab is designed to stimulate a near-world industrial setting specifically for Industrial cyber-security research (penetration testing, vulnerability analysis and incident forensics) as an accompaniment to the digital forensics education curriculum at the University.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114920119","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Overview of machine learning methods for Android malware identification Android恶意软件识别的机器学习方法概述
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757523
João Lopes, C. Serrão, Luís Nunes, Ana de Almeida, João Oliveira
{"title":"Overview of machine learning methods for Android malware identification","authors":"João Lopes, C. Serrão, Luís Nunes, Ana de Almeida, João Oliveira","doi":"10.1109/ISDFS.2019.8757523","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757523","url":null,"abstract":"Mobile malware is growing and affecting more and more mobile users around the world. Malicious developers and organisations are disguising their malware payloads on apparently benign applications and pushing them to large app stores, such as Google Play Store, and from there to final users. App stores are currently losing the battle against malicious applications proliferation and existing malware. Detection methods based on signatures, such as those of an antivirus, are limited, new approaches based on machine learning start to be explored to surpass the limitations of traditional mobile malware detection methods, analysing not only static characteristics of the app but also its behaviour. This paper contains an overview of the existing machine learning mobile malware detection approaches based on static, dynamic and hybrid analysis, presenting the advantages and limitations of each, and a comparison between the reviewed methods.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125905102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Predicting Stealthy Watermarks in Files Using Deep Learning 利用深度学习预测文件中的隐形水印
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757538
M. Sabir, James H. Jones, Hang Liu, Alex V. Mbaziira
{"title":"Predicting Stealthy Watermarks in Files Using Deep Learning","authors":"M. Sabir, James H. Jones, Hang Liu, Alex V. Mbaziira","doi":"10.1109/ISDFS.2019.8757538","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757538","url":null,"abstract":"Digital evidence is a fundamental element in cyber-forensics and judicial processes. However, the work of forensic examiners is becoming more challenging as the volume digital content and files increases. In this paper, we use machine learning especially deep learning to detect stealthy watermarks in various types of files. We use a black box approach which is different from current steganographic and cryptographic methods to find patterns of candidate file locations for hidden data We studied Deep Neural Networks (DNN) to predict stealthy watermarks in files using the deep learning implementation (DL4J) and Multilayer Perceptron (MLP) algorithms as implemented in Weka. We evaluated MLP models by altering the number of neurons and hidden layers while the DL4J models were evaluated by varying the number of dense layers and nodes. For the MLP models, DOCX & PPTX singleton models predicted stealthy watermarks in files with predictive accuracies ranging from 47.5% to 100%; JPEG singleton models registered predictive accuracies ranging from 35% to 65%. Comparatively, HYBRID3 models had predictive accuracies ranging from 42.5% to 95% while HYBRID_OOXML had predictive accuracies of 47.5% to 100%. However, JPEG_DOCX had predictive accuracies 47.5% to 97.5% while JPEG_PPTX had predictive accuracies of 40% to 85%. Furthermore for DL4J models, we only generated HYBRID3 models, which predicted stealthy watermarks in DOCX files with predictive accuracies 100%. The HYBRID3 DL4J model predicted stealthy watermarks in PPTX with predictive accuracies ranging from 55% to 82 % while in JPEG, the predictive accuracies from 50% to 52.5%. The major finding with deep learning also revealed improvements in prediction of stealthy watermarks in PPTX files using DL4J models.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115126997","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Temperature Estimation with Time Series Analysis from Air Quality Data Set 基于空气质量数据集时间序列分析的温度估计
2019 7th International Symposium on Digital Forensics and Security (ISDFS) Pub Date : 2019-06-01 DOI: 10.1109/ISDFS.2019.8757524
Zeynep Ozpolat, M. Karabatak
{"title":"Temperature Estimation with Time Series Analysis from Air Quality Data Set","authors":"Zeynep Ozpolat, M. Karabatak","doi":"10.1109/ISDFS.2019.8757524","DOIUrl":"https://doi.org/10.1109/ISDFS.2019.8757524","url":null,"abstract":"With the expansion of the data size, data mining techniques are gaining more and more importance. Data mining consists of methods such as classification, clustering, time series estimation and association rule. In this study, a time series analysis is carried out in order to make an estimation for the future in accordance with the structure of the data set. Time series are series in which the variables are recorded in chronological order. The data set was created by recording the gas concentrations in the air at a time interval. These data are used to estimate the changes in air quality. Three types of time series analysis training algorithm are used in the study. The results given by the algorithms are close to each other and high performance has been determined. As a result of experimental studies, it is observed that time series analysis is sufficient to estimate air quality.","PeriodicalId":247412,"journal":{"name":"2019 7th International Symposium on Digital Forensics and Security (ISDFS)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116677385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信