发布求助
文献互助 智能选刊 最新文献

EAI Endorsed Trans. Security Safety最新文献

筛选
英文 中文
Characterizing and Leveraging Granger Causality in Cybersecurity: Framework and Case Study 网络安全中格兰杰因果关系的表征与利用:框架与案例研究
EAI Endorsed Trans. Security Safety Pub Date : 2021-06-01 DOI: 10.4108/eai.11-5-2021.169912
Van Trieu-Do, Richard B. Garcia-Lebron, Maochao Xu, Shouhuai Xu, Yusheng Feng
{"title":"Characterizing and Leveraging Granger Causality in Cybersecurity: Framework and Case Study","authors":"Van Trieu-Do, Richard B. Garcia-Lebron, Maochao Xu, Shouhuai Xu, Yusheng Feng","doi":"10.4108/eai.11-5-2021.169912","DOIUrl":"https://doi.org/10.4108/eai.11-5-2021.169912","url":null,"abstract":"Causality is an intriguing concept that once tamed, can have many applications. While having been widely investigated in other domains, its relevance and usefulness in the cybersecurity domain has received little attention. In this paper, we present a systematic investigation of a particular approach to causality, known as Granger causality (G-causality), in cybersecurity. We propose a framework, dubbed Cybersecurity Granger Causality (CGC), for characterizing the presence of G-causality in cyber attack rate time series and for leveraging G-causality to predict (i.e., forecast) cyber attack rates. The framework o ff ers a range of research questions, which can be adopted or adapted to study G-causality in other kinds of cybersecurity time series data. In order to demonstrate the usefulness of CGC, we present a case study by applying it to a particular cyber attack dataset collected at a honeypot. From this case study, we draw a number of insights into the usefulness and limitations of G-causality in the cybersecurity domain.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131090326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Shoal: A Network Level Moving Target Defense Engine with Software Defined Networking 浅滩:一个具有软件定义网络的网络级移动目标防御引擎
EAI Endorsed Trans. Security Safety Pub Date : 2021-06-01 DOI: 10.4108/eai.1-6-2021.170011
Li Wang
{"title":"Shoal: A Network Level Moving Target Defense Engine with Software Defined Networking","authors":"Li Wang","doi":"10.4108/eai.1-6-2021.170011","DOIUrl":"https://doi.org/10.4108/eai.1-6-2021.170011","url":null,"abstract":"Moving Target Defense (MTD) was proposed as a promising defense paradigm to introduce various uncertainties into computer systems, which can greatly raise the bar for the attackers. Currently, there are two classes of MTD research over computer system, system level MTD and network level MTD. System level MTD research introduces uncertainties to various aspects of computer systems; while network level MTD research brings unpredictability of network properties to the target network. A lot of network level MTD research has been proposed, which covers various aspects of computer network. However, the existing MTD approaches usually target on one aspect of computer network, and most of them are designed against a certain network security threat. They can hardly defend against complex attacks or provide complicated protections. In this paper, we propose Shoal, a Moving Target Defense engine with multiple MTD strategies over SDN networks. By applying hybrid and multiple network level MTD methods, Shoal is capable of providing complicated protections and defending advanced attacks. We evaluate Shoal in two advanced protection scenarios, moving target surface and Crossfire attack. The evaluation results, in term of security effectiveness and performance cost, show the protection provided by Shoal’s hybrid MTD methods is effective and the performance cost is relatively low. Received on 25 March 2021; accepted on 09 May 2021; published on 01 June 2021","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"129 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114081076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Evaluating the Impact of Sandbox Applications on Live Digital Forensics Investigation 评估沙箱应用对实时数字取证调查的影响
EAI Endorsed Trans. Security Safety Pub Date : 2021-04-08 DOI: 10.4108/EAI.8-4-2021.169179
Reem Bashir, H. Janicke, W. Zeng
{"title":"Evaluating the Impact of Sandbox Applications on Live Digital Forensics Investigation","authors":"Reem Bashir, H. Janicke, W. Zeng","doi":"10.4108/EAI.8-4-2021.169179","DOIUrl":"https://doi.org/10.4108/EAI.8-4-2021.169179","url":null,"abstract":"Sandbox applications can be used as anti-forensics techniques to hide important evidence in the digital forensics investigation. There is limited research on sandboxing technologies, and the existing researches on sandboxing are focusing on the technology itself. The impact of sandbox applications on live digital forensics investigation has not been systematically analysed and documented. In this study, we proposed a methodology to analyse sandbox applications on Windows systems. The impact of having standalone sandbox applications on Windows operating systems image was evaluated. Experiments were conducted to examine the artefacts of three sandbox applications: Sandboxie, BufferZone and ToolWiz Time Freeze on Windows 7, Windows Server 12 R2 and Windows XP operating systems in 2018. We found that (1) only the installed applications can be found after deleting the ToolWiz Time Freeze content. Unlike Sandboxie, the data can be retrieved from the memory images even after deleting the application’s content if the system was not restated; (2) not all the sandbox applications data will be deleted after restarting the systems, e.g., BufferZone’s content can be retrieved even after restarting the system. Received on 26 January 2021; accepted on 07 April 2021; published on 08 April 2021","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117000998","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Is E-voting Systems based on Blockchain Technology Efficient in Nigeria General Elections? 基于区块链技术的电子投票系统在尼日利亚大选中是否有效?
EAI Endorsed Trans. Security Safety Pub Date : 2021-03-10 DOI: 10.4108/EAI.10-3-2021.168964
F. Ikuero, Vasileios Germanos, L. Brooks, W. Zeng
{"title":"Is E-voting Systems based on Blockchain Technology Efficient in Nigeria General Elections?","authors":"F. Ikuero, Vasileios Germanos, L. Brooks, W. Zeng","doi":"10.4108/EAI.10-3-2021.168964","DOIUrl":"https://doi.org/10.4108/EAI.10-3-2021.168964","url":null,"abstract":"One of the most common problems of election in Nigeria is inefficient data management. All subsequent elections were blighted by inefficient data management that resulted in violence in the country and distrust among political parties. These flaws prompted the government at different times to modify the nation’s electoral systems ranging from party systems to electoral management body reformation and electronics verification technologies. In this paper, we investigated the opinions of 71 Nigeria citizens about the Nigeria General Elections (NGEs) processes and data management in these processes. We found that the majority of the participants rated the existing voting system in Nigeria to be of low effectiveness and reliability. The majority of the participants believe that an e-voting system based on Blockchain technology has the capability to prevent alterations in the voting processes. Received on 26 January 2021; accepted on 3 March 2021; published on 10 March 2021","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126126048","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
SyntIoT: Privacy and security experimentation in consumer-oriented IoT ecosystems SyntIoT:面向消费者的物联网生态系统中的隐私和安全实验
EAI Endorsed Trans. Security Safety Pub Date : 2021-01-12 DOI: 10.4108/eai.25-6-2021.170245
Tomasz Kosinski, R. Scandariato, M. Fjeld
{"title":"SyntIoT: Privacy and security experimentation in consumer-oriented IoT ecosystems","authors":"Tomasz Kosinski, R. Scandariato, M. Fjeld","doi":"10.4108/eai.25-6-2021.170245","DOIUrl":"https://doi.org/10.4108/eai.25-6-2021.170245","url":null,"abstract":"Since the advent of consumer-oriented IoT products, like smart homes, researchers have taken up the challenge of shielding the consumers from the risks this technology entails, including privacy harms. However, security and privacy research is ‘hungry’ for open data (e.g., about the network traffic patterns of the devices) and open platforms to validate IoT-related solutions outside a pure simulation environment. Except for the few cases seen in the related work, datasets are not readily available to the research community and are difficult to produce in-house. Also, the reproducibility of research results and open science is hindered by the lack of an open experimentation platform (to test privacy and security solutions) that also offers a fine-grained control of the experimental setup. We present SyntIoT, a platform that allows researchers to easily deploy a complete IoT ecosystem (including devices, users, vendor clouds) into the physical world and at a low cost, hence lowering the barriers to entry in this research field. SyntIoT can be used to collect field data and to realistically validate security and privacy solutions. Our platform uses synthetic IoT devices that are fully configurable in a declarative way. Interestingly, our platform also allows commercial devices to be deployed alongside the synthetic ones. The platform provides an infrastructure to monitor the ecosystem and to extract rich data, which can be used for empirical research and data mining. This paper presents the platform, explains how it meets established research needs not yet answered in previous works, and highlights its usage in the context of three experimental scenarios.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123190975","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Towards Automating the Assessment of Software Vulnerability Risk 软件漏洞风险的自动化评估
EAI Endorsed Trans. Security Safety Pub Date : 2021-01-12 DOI: 10.4108/eai.25-6-2021.170247
P. Huff, Qinghua Li
{"title":"Towards Automating the Assessment of Software Vulnerability Risk","authors":"P. Huff, Qinghua Li","doi":"10.4108/eai.25-6-2021.170247","DOIUrl":"https://doi.org/10.4108/eai.25-6-2021.170247","url":null,"abstract":"","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132132717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Image encryption algorithm using chaotic maps and cellular automata 使用混沌映射和元胞自动机的图像加密算法
EAI Endorsed Trans. Security Safety Pub Date : 2020-10-30 DOI: 10.4108/eai.21-6-2021.170238
Lanhang Li, Yuling Luo, Shubin Tang, Lvchen Cao, Xue Ouyang
{"title":"Image encryption algorithm using chaotic maps and cellular automata","authors":"Lanhang Li, Yuling Luo, Shubin Tang, Lvchen Cao, Xue Ouyang","doi":"10.4108/eai.21-6-2021.170238","DOIUrl":"https://doi.org/10.4108/eai.21-6-2021.170238","url":null,"abstract":"Nowadays, some encryption schemes are not sensitive enough to plain-image, which leads to poor robustness and the scheme is vulnerability to attacks. By employing chaotic maps and cellular automata (CA), a novel image encryption algorithm is presented in this work to increase the sensitivity to plain-image and improve the security. Firstly, initial values of the two-dimensional Logistic-Sine-coupling map (2D-LSCM) and the Logistic-Sine-Cosine map (LSC) are calculated by the SHA-256 hash value of original image, and the process of diffusion is conducted next. Secondly, the key matrices are produced by iterating chaotic map in the process of permutation. The diffused image is scrambled by the index matrices, which are produced by sorting every row or column of the key matrices. Finally, the previous scrambled image is transformed into cipher-image by using CA. The experimental results and theoretical analysis prove that the proposed scheme owns good security as it can effectively resist a variety of attacks.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"1218 9","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113994794","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
deMSF: a Method for Detecting Malicious Server Flocks for Same Campaign deMSF:一种检测同一活动中恶意服务器群的方法
EAI Endorsed Trans. Security Safety Pub Date : 2020-10-30 DOI: 10.4108/eai.21-6-2021.170236
Yixin Li, Liming Wang, Jing Yang, Zhen Xu, Xi Luo
{"title":"deMSF: a Method for Detecting Malicious Server Flocks for Same Campaign","authors":"Yixin Li, Liming Wang, Jing Yang, Zhen Xu, Xi Luo","doi":"10.4108/eai.21-6-2021.170236","DOIUrl":"https://doi.org/10.4108/eai.21-6-2021.170236","url":null,"abstract":"Nowadays, cybercriminals tend to leverage dynamic malicious infrastructures with multiple servers to conduct attacks, such as malware distribution and control. Compared with a single server, employing multiple servers allows crimes to be more efficient and stealthy. As the necessary role infrastructures play, many approaches have been proposed to detect malicious servers. However, many existing methods typically target only on the individual server and therefore fail to reveal inter-server connections of an attack campaign. In this paper, we propose a complementary system, deMSF, to identify server flocks, which are formed by infrastructures involved in the same malicious campaign. Our solution first acquires server flocks by mining relations of servers from both spatial and temporal dimensions. Further we extract the semantic vectors of servers based on word2vec and build a textCNN-based flocks classifier to recognize malicious flocks. We evaluate deMSF with real-world traffic collected from an ISP network. The result shows that it has a high precision of 99% with 90% recall.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124284104","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Self-Controllable Super-Resolution Deep Learning Framework for Surveillance Drones in Security Applications 用于安全应用的监视无人机的自可控超分辨率深度学习框架
EAI Endorsed Trans. Security Safety Pub Date : 2020-06-30 DOI: 10.4108/eai.30-6-2020.165502
Soohyun Park, Yeongeun Kang, Jeman Park, Joongheon Kim
{"title":"Self-Controllable Super-Resolution Deep Learning Framework for Surveillance Drones in Security Applications","authors":"Soohyun Park, Yeongeun Kang, Jeman Park, Joongheon Kim","doi":"10.4108/eai.30-6-2020.165502","DOIUrl":"https://doi.org/10.4108/eai.30-6-2020.165502","url":null,"abstract":"This paper proposes a self-controllable super-resolution adaptation algorithm in drone platforms. The drone platforms are generally used for surveillance in target network areas. Thus, super-resolution algorithms which are for enhancing surveillance video quality are essential. In surveillance drone platforms, generating video streams obtained by CCTV cameras is not static, because the cameras record the video when abnormal objects are detected. The generation of streams is not predictable, therefore, this unpredictable situation can be harmful to reliable surveillance monitoring. To handle this problem, the proposed algorithm designs superresolution adaptation. With the proposed algorithm, the shallow model which is fast and low-performance will be used if the stream queue is near overflow. On the other hand, the deep model which is highperformance and slow will be used if the queue is idle to improve the performance of super-resolution. Received on 31 May 2020; accepted on 25 June 2020; published on 30 June 2020","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124583536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone vull - mirror:一种发现脆弱代码克隆的几次学习方法
EAI Endorsed Trans. Security Safety Pub Date : 2020-06-10 DOI: 10.4108/eai.13-7-2018.165275
Yuan He, Wenjie Wang, Hongyu Sun, Yuqing Zhang
{"title":"Vul-Mirror: A Few-Shot Learning Method for Discovering Vulnerable Code Clone","authors":"Yuan He, Wenjie Wang, Hongyu Sun, Yuqing Zhang","doi":"10.4108/eai.13-7-2018.165275","DOIUrl":"https://doi.org/10.4108/eai.13-7-2018.165275","url":null,"abstract":"It is quite common for reusing code in soft development, which may lead to the wide spread of the vulnerability, so automatic detection of vulnerable code clone is becoming more and more important. However, the existing solutions either cannot automatically extract the characteristics of the vulnerable codes or cannot select different algorithms according to different codes, which results in low detection accuracy. In this paper, we consider the identification of vulnerable code clone as a code recognition task and propose a method named Vul-Mirror based on a few-shot learning model for discovering clone vulnerable codes. It can not only automatically extract features of vulnerabilities, but also use the network to measure similarity. The results of experiments on open-source projects of five operating systems show that the accuracy of Vul-Mirror is 95.7%, and its performance is better than the state-of-the-art methods.","PeriodicalId":335727,"journal":{"name":"EAI Endorsed Trans. Security Safety","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127535285","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信