发布求助
文献互助 智能选刊 最新文献

2021 IEEE International Conference on Cyber Security and Resilience (CSR)最新文献

筛选
英文 中文
Enhancing Medical Data Security on Public Cloud 加强公共云医疗数据安全
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527987
Nelson L. Santos, W. Younis, B. Ghita, G. Masala
{"title":"Enhancing Medical Data Security on Public Cloud","authors":"Nelson L. Santos, W. Younis, B. Ghita, G. Masala","doi":"10.1109/CSR51186.2021.9527987","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527987","url":null,"abstract":"Cloud computing, supported by advancements in virtualisation and distributed computing, became the default options for implementing the IT infrastructure of organisations. Medical data and in particular medical images have increasing storage space and remote access requirements. Cloud computing satisfies these requirements but unclear safeguards on data security can expose sensitive data to possible attacks. Furthermore, recent changes in legislation imposed additional security constraints in technology to ensure the privacy of individuals and the integrity of data when stored in the cloud. In contrast with this trend, current data security methods, based on encryption, create an additional overhead to the performance, and often they are not allowed in public cloud servers. Hence, this paper proposes a mechanism that combines data fragmentation to protect medical images on the public cloud servers, and a NoSQL database to secure an efficient organisation of such data. Results of this paper indicate that the latency of the proposed method is significantly lower if compared with AES, one of the most adopted data encryption mechanisms. Therefore, the proposed method is an optimal trade-off in environments with low latency requirements or limited resources.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115390282","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
The THREAT-ARREST Cyber Range Platform 威胁-逮捕网络靶场平台
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527963
George Hatzivasilis, S. Ioannidis, Michail Smyrlis, G. Spanoudakis, Fulvio Frati, C. Braghin, E. Damiani, Hristo Koshutanski, George Tsakirakis, T. Hildebrandt, Ludger Goeke, Sebastian Pape, Oleg Blinder, M. Vinov, G. Leftheriotis, M. Kunc, Fotis Oikonomou, Giovanni Magilo, Vito Petrarolo, A. Chieti, Robert Bordianu
{"title":"The THREAT-ARREST Cyber Range Platform","authors":"George Hatzivasilis, S. Ioannidis, Michail Smyrlis, G. Spanoudakis, Fulvio Frati, C. Braghin, E. Damiani, Hristo Koshutanski, George Tsakirakis, T. Hildebrandt, Ludger Goeke, Sebastian Pape, Oleg Blinder, M. Vinov, G. Leftheriotis, M. Kunc, Fotis Oikonomou, Giovanni Magilo, Vito Petrarolo, A. Chieti, Robert Bordianu","doi":"10.1109/CSR51186.2021.9527963","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527963","url":null,"abstract":"Emerging technologies are facilitating our daily activities and drive the digital transformation. The Internet of Things (IoT) and 5G communications will provide a wide range of new applications and business opportunities, but with a wide and quite complex attack surface. Several users are not aware of the underlying threats and most of them do not possess the knowledge to set and operate the various digital assets securely. Therefore, cyber security training is becoming mandatory both for simple users and security experts. Cyber ranges constitute an advance training technique where trainees gain hands-on experiences on a safe virtual environment, which can be a realistic digital twin of an actual system. This paper presents the cyber ranges platform THREAT-ARREST. Its design is fully model-driven and offers all modern training features (i.e. emulation, simulation, serious games, and fabricated data). The platform has been evaluated under the smart energy, intelligent transportation, and healthcare domains.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127360348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
TRUSTY: A Solution for Threat Hunting Using Data Analysis in Critical Infrastructures 可信:在关键基础设施中使用数据分析进行威胁搜索的解决方案
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527936
Panagiotis I. Radoglou-Grammatikis, Athanasios Liatifis, Elisavet Grigoriou, Theocharis Saoulidis, Antonios Sarigiannidis, T. Lagkas, P. Sarigiannidis
{"title":"TRUSTY: A Solution for Threat Hunting Using Data Analysis in Critical Infrastructures","authors":"Panagiotis I. Radoglou-Grammatikis, Athanasios Liatifis, Elisavet Grigoriou, Theocharis Saoulidis, Antonios Sarigiannidis, T. Lagkas, P. Sarigiannidis","doi":"10.1109/CSR51186.2021.9527936","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527936","url":null,"abstract":"The rise of the Industrial Internet of Things (IIoT) plays a crucial role in the era of hyper-connected digital economies. Despite the valuable benefits, such as increased resiliency, self-monitoring and pervasive control, IIoT raises severe cybersecurity and privacy risks, allowing cyberattackers to exploit a plethora of vulnerabilities and weaknesses that can lead to disastrous consequences. Although the Intrusion Detection and Prevention Systems (IDPS) constitute valuable solutions, they suffer from several gaps, such as zero-day attacks, unknown anomalies and false positives. Therefore, the presence of supporting mechanisms is necessary. To this end, honeypots can protect the real assets and trap the cyberattackers. In this paper, we provide a web-based platform called TRUSTY , which is capable of aggregating, storing and analysing the detection results of multiple industrial honeypots related to Modbus/Transmission Control Protocol (TCP), IEC 60870-5-104, BACnet, Message Queuing Telemetry Transport (MQTT) and EtherNet/IP. Based on this analysis, we provide a dataset related to honeypot security events. Moreover, this paper provides a Reinforcement Learning (RL) method, which decides about the number of honeypots that can be deployed in an industrial environment in a strategic way. In particular, this decision is converted into a Multi-Armed Bandit (MAB), which is solved with the Thompson Sampling (TS) method. The evaluation analysis demonstrates the efficiency of the proposed method.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126261913","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Program Committees 程序委员会
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/csr51186.2021.9527955
{"title":"Program Committees","authors":"","doi":"10.1109/csr51186.2021.9527955","DOIUrl":"https://doi.org/10.1109/csr51186.2021.9527955","url":null,"abstract":"","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127559802","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Backwards Compatible Approach to Authenticate Automatic Identification System Messages 一种向后兼容的自动识别系统消息认证方法
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527954
M. Struck, Jannis Stoppe
{"title":"A Backwards Compatible Approach to Authenticate Automatic Identification System Messages","authors":"M. Struck, Jannis Stoppe","doi":"10.1109/CSR51186.2021.9527954","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527954","url":null,"abstract":"Since the Automatic Identification System (AIS) has been introduced in 2002, it has become a backbone of maritime navigation to prevent collisions with other vessels. All larger ships are equipped with transponders that send and receive information about nearby vessels, giving bridge crew a situational awareness picture of their immediate vicinity and allowing a broad range of services to receive information about worldwide vessel movements. However, despite its ubiquity, the system itself operates virtually unsecured. Essentially, despite relying on inherently insecure channels and broadcasts, authenticity of messages is not questioned in current systems, making the system vulnerable to spoofing attacks. This paper introduces several backwards compatible signature schemes and compares them concerning their applicability. The proposed solutions all provide means to secure the channels in use against spoofing attacks and at the same time solve current issues concerning the validation of messages, securing AIS as a whole without breaking established implementations.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125617377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Message from the Chairs 来自主席的信息
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/culturecomputing.2013.5
K. Hachimura, T. Ishida, N. Tosa, Donghui Lin, Akira Maeda
{"title":"Message from the Chairs","authors":"K. Hachimura, T. Ishida, N. Tosa, Donghui Lin, Akira Maeda","doi":"10.1109/culturecomputing.2013.5","DOIUrl":"https://doi.org/10.1109/culturecomputing.2013.5","url":null,"abstract":"","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130522104","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Advancing the State of Maritime Cybersecurity Guidelines to Improve the Resilience of the Maritime Transportation System 推进海上网络安全指导方针,提高海上运输系统的弹性
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527922
Logan Drazovich, Liam Brew, S. Wetzel
{"title":"Advancing the State of Maritime Cybersecurity Guidelines to Improve the Resilience of the Maritime Transportation System","authors":"Logan Drazovich, Liam Brew, S. Wetzel","doi":"10.1109/CSR51186.2021.9527922","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527922","url":null,"abstract":"Generally, cybersecurity guidelines are geared to take on an integral role in providing industries with a suitable and comprehensive set of standards to inform and direct the design and implementation of their (critical) information technology infrastructure as well as support and govern their operational decisions in order to enhance their cybersecurity posture and resilience. However, in this paper we show that current maritime cybersecurity guidelines have two main shortcomings in that they neither provide a set of holistic recommendations to the key stakeholders in the maritime transportation system nor are the current guidelines sufficiently grounded in research. Thus, as a second contribution in this paper, we propose a comprehensive outline aimed to allow the stakeholders to develop comprehensive and thus more effective cybersecurity guidelines for the maritime transportation system.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130872721","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Enabling Efficient Common Criteria Security Evaluation for Connected Vehicles 为互联汽车提供高效的通用标准安全评估
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527905
A. Stamou, P. Pantazopoulos, S. Haddad, A. Amditis
{"title":"Enabling Efficient Common Criteria Security Evaluation for Connected Vehicles","authors":"A. Stamou, P. Pantazopoulos, S. Haddad, A. Amditis","doi":"10.1109/CSR51186.2021.9527905","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527905","url":null,"abstract":"Cyber-security assurance evaluation seeks to gain evidence that the relevant requirements of an IT system are met. Towards that end, carefully-designed evaluation processes of the considered systems are needed. The only so-far validated approach, the Common Criteria (CC) standard, relies on exhaustive evaluation tasks to provide (up to) the highest possible assurance at the expense of increased costs. When the evaluation involves the connected vehicles paradigm which integrates a mosaic of third-party modules and interfaces, applying CC becomes problematic; the cost in resources and time further increases while relevant automated tools or document templates, are scarce.This paper introduces the AFT (Assurance Framework Toolkit) which is a platform-independent online software toolkit that enables efficient CC-based cyber-security evaluations on products of the automotive cyber-physical ecosystem. A set of relevant CC-specific security assurance needs are explained and the way that the AFT software-design and functionality covers them, is presented. Subsequently, the development of the toolkit (with publicly available source-code) as well as its capability to meet the evaluation of automotive needs, are detailed. Finally, an empirical study estimates the expected AFT gains against typical CC unassisted evaluations. The proposed toolkit (along with its extendibility feature) practically tackles the cost-limitations of standardized security evaluations filling an important technology gap towards safer connected driving.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131790596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Secure Communication in Smart Meters using Elliptic Curve Cryptography and Digital Signature Algorithm 椭圆曲线加密和数字签名算法在智能电表中的安全通信
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527947
Saurabh Shukla, S. Thakur, J. Breslin
{"title":"Secure Communication in Smart Meters using Elliptic Curve Cryptography and Digital Signature Algorithm","authors":"Saurabh Shukla, S. Thakur, J. Breslin","doi":"10.1109/CSR51186.2021.9527947","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527947","url":null,"abstract":"With the advancement in the growth of Internet-of-Things (IoT), its number of applications has also increased such as in healthcare, smart cities, vehicles, industries, household appliances, and Smart Grids (SG). One of the major applications of IoT is the SG and smart meter which consists of a large number of internet-connected sensors and can communicate bi-directionally in real-time. The SG network involves smart meters, data collectors, generators, and sensors connected with the internet. SG networks involve the generation, distribution, transmission, and consumption of electrical power supplies. It consists of Household Area Network (HAN), and Neighborhood Area Network (NAN) for communication. Smart meters can communicate bidirectionally with consumers and provide real-time information to utility offices. But this communication channel is a wide-open network for data transmission. Therefore, it makes the SG network and smart meter vulnerable to outside hacker and various Cyber-Physical System (CPS) attacks such as False Data Injection (FDI), inserting malicious data, erroneous data, manipulating the sensor reading values. Here cryptography techniques can play a major role along with the private blockchain model for secure data transmission in smart meters. Hence, to overcome these existing issues and challenges in smart meter communication we have proposed a blockchain-based system model for secure communication along with a novel Advanced Elliptic Curve Cryptography Digital Signature (AECCDS) algorithm in Fog Computing (FC) environment. Here FC nodes will work as miners at the edge of smart meters for secure and real-time communication. The algorithm is implemented using iFogSim, Geth version 1.9.25, Ganache, Truffle for compiling smart contracts, Anaconda (Python editor), and ATOM as language editor for the smart contracts.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"74 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134274379","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Social Media Monitoring for IoT Cyber-Threats 物联网网络威胁的社交媒体监测
2021 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2021-07-26 DOI: 10.1109/CSR51186.2021.9527964
Sofia Alevizopoulou, Paris Koloveas, Christos Tryfonopoulos, Paraskevi Raftopoulou
{"title":"Social Media Monitoring for IoT Cyber-Threats","authors":"Sofia Alevizopoulou, Paris Koloveas, Christos Tryfonopoulos, Paraskevi Raftopoulou","doi":"10.1109/CSR51186.2021.9527964","DOIUrl":"https://doi.org/10.1109/CSR51186.2021.9527964","url":null,"abstract":"The rapid development of IoT applications and their use in various fields of everyday life has resulted in an escalated number of different possible cyber-threats, and has consequently raised the need of securing IoT devices. Collecting Cyber-Threat Intelligence (e.g., zero-day vulnerabilities or trending exploits) from various online sources and utilizing it to proactively secure IoT systems or prepare mitigation scenarios has proven to be a promising direction. In this work, we focus on social media monitoring and investigate real-time Cyber-Threat Intelligence detection from the Twitter stream. Initially, we compare and extensively evaluate six different machine-learning based classification alternatives trained with vulnerability descriptions and tested with real-world data from the Twitter stream to identify the best-fitting solution. Subsequently, based on our findings, we propose a novel social media monitoring system tailored to the IoT domain; the system allows users to identify recent/trending vulnerabilities and exploits on IoT devices. Finally, to aid research on the field and support the reproducibility of our results we publicly release all annotated datasets created during this process.","PeriodicalId":253300,"journal":{"name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133955488","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信